The CyberWire Daily Briefing for 7.9.2013
Dark Seoul, which McAfee Labs now calls "Operation Troy," appears to be a military cyber espionage campaign directed since 2010 against South Korea. It's the work of the "New Romanic [sic] Cyber Army Team," but who exactly that is remains unclear.
Application servers for the US Emergency Alert System shipped with an exposed root SSH key in their firmware, which renders the Emergency Broadcast System vulnerable to hijacking.
A spearphishing campaign against government sites in Australia, Canada, the US, and Russia uses bogus PRISM leaks to distribute a multiplatform Java remote-access Trojan.
Various ransomware and spam campaigns serve the usual criminal purposes. In Japan, Club Nintendo succumbs to a wave of login attempts that succeeded in exposing user information.
Many have speculated that late-model cars can be hacked, and it turns out they can: researchers at the Universities of California and Washington demonstrate remote access hacks of automotive systems.
Twitter kills its auto-follow feature, Google addresses major Android vulnerabilities (with OEMs—users expect patches soon), and later today Microsoft will issue six critical patches.
Mergers and acquisitions highlight industry news today. Schools in the UK plan to teach 5-year-olds how to code.
The US and China begin high-level talks, with cyber conflict topping the agenda. The PRISM affair would seem to put the US at a diplomatic disadvantage, but the Administration appears to have its epaulettes on for this round. New EU information security laws may damp enthusiasm for active cyber defense.
PRISM prompts litigation in Brazil and the UK.
Notes.
Today's issue includes events affecting Australia, Bahrain, Brazil, Canada, China, Egypt, European Union, Finland, Germany, Iran, Israel, Ivory Coast, Japan, Republic of Korea, Malaysia, Pakistan, Russia, Saudi Arabia, Sudan, Syria, Thailand, Turkey, United Arab Emirates, United Kingdom, United States, and and Venezuela..
Cyber Attacks, Threats, and Vulnerabilities
Dissecting operation Troy: Cyberespionage in South Korea (Help Net Security) When reports of the Dark Seoul attack on South Korean financial services and media firms emerged in the wake of the attack on March 20, 2013, most of the focus was on the Master Boot Record (MBR) wiping functionality. PCs infected by the attack had all of the data on their hard drives erased. McAfee Labs, however, has discovered that the Dark Seoul attack includes a broad range of technology and tactics beyond the MBR functionality
South Korea's "Dark Seoul" exposed as a military cyber-attack (iTWire) McAfee's investigations into the March 20th "Dark Seoul" attack strongly suggest it had a military focus. On March 20th 2013, South Korea came under a strong, wide-ranging cyber-attack. Financial services and media were presumed to have been the
Exposed Root SSH Key Shipping with Emergency Alert System Devices (Threatpost) Firmware images for the application servers that distribute messages for the Emergency Alert System in the United States are shipping with a private root SSH key that has been disclosed. Hackers who have this key can access one of these servers and interrupt or manipulate an EAS message
We interrupt this program to warn the Emergency Alert System is hackable (Ars Technica) Publicly available SSH key makes it possible to hijack nation's warning system
Multi-platform Java RAT targeting government agencies (Help Net Security) A new spear-phishing campaign targeting government agencies mostly in the US, Canada, Australia, a few European countries and the Russian Federation has been spotted by Symantec researchers. The attackers have decided to take advantage of the most recent and controversial political topic - the PRISM data harvesting program - to deliver emails that supposedly contain documents on the subject
The magnitude of Android's "master key" bug (Help Net Security) The Android flaw whose existence was revealed last week by Bluebox Security is as bad as they come
Cryptocat Encrypted Chat Vulnerable to Simple Brute Force Decryption (Threatpost) Open source Cryptocat was vulnerable anywhere between seven and 19 months to brute force attacks that put encrypted chats at risk for simple decryption
Anatomy of a pseudorandom number generator - visualising Cryptocat's buggy PRNG (Naked Security) Paul Ducklin digs into one of the cryptographic flaws recently found in Cryptocat, a secure messaging application. Don't worry if you aren't a statistician or a computer scientist…Duck doesn't get very mathematical, and has produced some very groovy images
Obfuscating And Optimizing SQL Injection Attacks (Dark Reading) SQL injection attacks already stand as one of the most effective means hackers use to break into enterprise database infrastructures today. Now the attack could get a boost in effectiveness when a researcher at Black Hat will take the wraps off new techniques that will make it harder for defenses to detect SQL injection attempts and which will speed up the process of extracting data from databases through blind SQL injection attacks
Novel ransomware tactic locks users' PCs, demands that they participate in a survey to get the unlock code (Webroot Threat Blog) From managed ransomware as a service 'solutions' to DIY ransomware generating tools, this malicious market segment is as hot as ever with cybercriminals continuing to push new variants, and sometimes, literally introducing novel approaches to monetize locked PCs. In this case, by forcing their users to complete a survey before they receive the unlock code
Spamvertised 'Export License/Invoice Copy' themed emails lead to malware (Webroot Threat Blog) We've just intercepted a currently circulating malicious spam campaign consisting of tens of thousands of fake 'Export License/Invoice Copy' themed emails, enticing users into executing the malicious attachment. Once the socially engineered users do so, their PCs automatically become part of the botnet operated by the cybercriminals behind the campaign
Build your own app spam (SPAMFighter) With the influx of ressources and investments into the mobile and app business it was only a matter of time before the bad guys started to wonder how they could make a bit of money. The concepts of fake apps, clone apps and apps holding malware have of cource been around for some time. The different app stores put a lot of ressources into removing such apps and lots of apps are already out there for removing malware on mobile units and tablets. That is not newsworthy and already history. But now we are seeing build-you-own-app spam which we really haven't noticed before. The mail simply consist of a large piece of graphics so it should not be that difficult for a decent spam filter to sort it out
Nintendo cracks after month-long, 15.5 million-strong hacker bombardment (Naked Security) Out of that splatter, 24,000 bogus login tries struck the jackpot, exposing names, addresses, phone numbers and other personal details of corresponding Club Nintendo customers
Club Nintendo Hack Exposed Account Information (SecurityWeek) Users of Nintendo's Club Nintendo website in Japan were warned recently that thousands of user accounts have been illegally accessed
Hacking through a Straw (Pivoting over DNS) (StrategicCyber Blog) Last month, I announced Beacon's ability to control a host over DNS. I see Beacon as a low and slow lifeline to get an active session, when it's needed. Sometimes though, Beacon is all you have. There are times when Meterpreter gets caught too quickly or just can't get past the network egress restrictions
Bitdefender: iOS apps as "curious" as Android titles (Mobile World Live) Security software company Bitdefender said that "applications are equally invasive and curious on iOS as on Android", following a probe into user privacy on the two platforms. According to the company, 45.41 per cent of surveyed iOS apps have location
Comprehensive Experimental Analyses of Automotive Attack Surfaces (Autosec.org) Modern automobiles are pervasively computerized, and hence potentially vulnerable to attack. However, while previous research has shown that the internal networks within some modern cars are insecure, the associated threat model -- requiring prior physical access -- has justifiably been viewed as unrealistic. Thus, it remains an open question if automobiles can also be susceptible to remote compromise. Our work seeks to put this question to rest by systematically analyzing the external attack surface of a modern automobile. We discover that remote exploitation is feasible via a broad range of attack vectors (including mechanics tools, CD players, Bluetooth and cellular radio), and further, that wireless communications channels allow long distance vehicle control, location tracking, in-cabin audio exfiltration and theft. Finally, we discuss the structural characteristics of the automotive ecosystem that give rise to such problems and highlight the practical challenges in mitigating them
Security Patches, Mitigations, and Software Updates
Why Twitter Finally Killed The "Auto Follow" For Good (TechCrunch) Fresh on the heels of a spam report which painted Twitter as the network with the largest underground economy for the buying and selling of fake followers, the social network has finally taken steps to crack down on one of the tools often used by those attempting to game its service: the Auto Follow. In Twitter's parlance, an auto follow refers to an immediate, and programmatic means of following
Google Releases Fix For Major Android Flaw To OEMs, Users Now Waiting On Them To Patch (TechCrunch) Google has released a fix to its Android OEMs for the master security hole unearthed by Bluebox Security, according to ZDNet. The publication gained confirmation from Google's Android Communications Manager, Gina Scigliano, yesterday that "a patch has been provided to our partners". She also told it that "some OEMs, like Samsung, are already shipping the fix to the Android devices"
July's Patch Tuesday to fix six critical Windows, Office, IE security vulnerabilities (ZDNet) Prepare for a bumpy ride for July's roundup of Patch Tuesday updates, Microsoft warns, with critical flaws for almost every version of Windows running every bit of hardware. Microsoft's monthly release of security updates on deck for Tuesday, commonly known simply as Patch Tuesday, will include six "critical" updates that will require every version of Windows being patched by administrators
Cyber Trends
Threats on the Horizon: The Rise of the Advanced Persistent Threat (Fortinet Resources) Advanced Persistent Threat (APT) technology, also known as an Advanced Targeted Attack (ATA), has evolved at a Moore's Law clip since magician Nevil Maskelyne hacked a public demonstration of apparently secure wireless telegraphy technology in 1903, sending insulting Morse code messages through an auditorium's projector.(2) Since the dawn of the computer age, people have used advanced software to target specific companies or individuals in an attack designed to either damage or steal data. What makes today's APTs unique and frightening are the sophistication of the malware, the vectors they're choosing for attack and the perseverance with which they're going after their targets
The cloud privacy wars are coming (InfoWorld) With the recent NSA blowback in Europe, we will likely see the privacy battles heat up in the United States as well
If Israel Can't Protect Its Private Sector From Hackers, Who Can? (Cyberwarzone) Israeli computers are already among the most targeted and best protected -- in the world, with thousands of cyber-attacks on government sites fended off daily
The Critical Infrastructure Gap: U.S. Port Facilities and Cyber Vulnerabilities (Brookings) Today, U.S. port facilities rely as much upon networked computer and control systems as they do upon stevedores to ensure the flow of maritime commerce that the economy, homeland, and national security depend upon. Yet, unlike other sectors of critical infrastructure, little attention has been paid to the networked systems that undergird port operations. No cybersecurity standards have been promulgated for U.S. ports, nor has the U.S. Coast Guard, the lead federal agency for maritime security, been granted cybersecurity authorities to regulate ports or other areas of maritime critical infrastructure. In the midst of this lacuna of authority is a sobering fact: according to the most recent National Intelligence Estimate (NIE) the next terrorist attack on U.S. Critical Infrastructure and Key Resources (CIKR) is just as likely to be a cyber attack as a kinetic attack
Survey: BYOD workers fear and mistrust their IT departments (Infosecurity Magazine) Workers using their own mobile devices for work are often fearful of their employer accessing their personal information - driving them to avoid IT department security and opt out of reporting breaches
Marketplace
Thin- or zero-client computing central to Army IT modernization (FierceGovIT) Thin- or zero-client computing allows the Army to centralize the SIPRNet and NIPRNet environment in the continental United States through a centrally-managed installation processing node, enhancing security while improving remote access, according to a March 14 document recently made public by the Army's chief information officer/G6
Pentagon Begins Furlough of Civilian Workers (Executive Gov) The first of 11 furlough days for up to 652,000 civilian workers across the Defense Department began Monday despite lobbying by a coalition of labor organizations representing federal employees
Snowden Not The First Embarrassment For Booz Allen (Washington Post) Government contractor has faced a number of leak and security issues in the past
Regimes' Web Tools Made In The U.S.A. (Washington Post) American-made devices used for Internet monitoring have been detected on government and commercial computer networks in Iran and Sudan, in apparent violation of U.S. sanctions that ban the sale of goods, services or technology to the autocratic states, according to new research
Guidance Software Expands In Germany (Socaltech.com) Pasadena-based digital forensics software developer Guidance Software said today that it has expanded in Europe, opening up a brand new office in Munich, Germany
Stonesoft Becomes McAfee Group Company (Softpedia) McAfee says Stonesoft's next-generation firewall is immediately available to customers. Intel-owned McAfee has announced that it has completed the tender offer for Finland-based cyber security company Stonesoft. Stonesoft has now become a McAfee group company
RSA Acquires Aveksa (RSA Blog) EMC Corporation (NYSE: EMC) today announced it has acquired privately held Aveksa Inc., a leader in business-driven Identity and Access Management. Effective immediately, Aveksa will operate within the RSA security division as part of RSA's Identity Trust Management product group, bringing leading technology and expertise that will help RSA bring innovative new solutions to identity and access management challenges across enterprise, cloud and mobile access use cases. Terms of the deal were not disclosed. The acquisition is not expected to have a material impact to EMC GAAP or non-GAAP EPS for the full 2013 fiscal year
FCC okays Softbank-Sprint-Clearwire deals, rejects Dish's bid for new review (FierceMobileIT) The Federal Communications Commission on Friday cleared both Softbank's acquisition of a 78 percent stake in Sprint (NYSE: S) for $21.6 billion and Sprint's purchase of the remaining shares of Clearwire (NASDAQ: CLWR) for $5 per share, which would value the firm at $14 billion
Dell Deadline Looms to Win Over Investors on Buyout Deal (Bloomberg) Michael Dell's planned buyout of the personal-computer maker he founded isn't in the bag yet. A fifth of Dell's shares are held by investors including Southeastern Asset Management Inc. and activist Carl Icahn, who oppose the deal, even after the $24.4 billion buyout proposal from Chief Executive Officer Dell and partner Silver Lake Management LLC got a surprise endorsement yesterday from Institutional Shareholder Services Inc. Two other shareholder-advisory firms followed suit
New rule implements presumption of loss over small business misrepresentation (FiercGovernment) A new rule that goes into effect Aug. 27 implementing a "presumption of loss" of the entire dollar value of any contract given to small businesses that misrepresent their status
Seculert connects to botnets in order to see if you're infected, gets $10M (VentureBeat) While some companies still fear the cloud's murky standards on handling its data, Seculert believes using the cloud will give companies the most well-rounded infection detection possible. The security software company received $10 million second round of funding today
Protecting personal online data (The Star Online) In line with the national agenda to promote cyber security and safe online practices, Trend Micro is working with Cyber Security Malaysia (CSM) and International Multilateral Partnership Against Cyber Threats (Impact) to reach out to all Malaysians
Rick Gordon named to lead Mach37, CIT's cyber accelerator (Washington Business Journal) Virginia's Center for Innovative Technology on Monday named Rick Gordon managing partner of its new cybersecurity accelerator, Mach37
Apple just made a huge mistake by signing with TSMC (IT World) Apple is taking its manufacturing to a company already overloaded and chronically unable to deliver needed product. That's not a smart move
Congressman Dutch Ruppersberger Visits Greater Baltimore Cyber and Health IT Companies on Tech Trek (EAGB) On Monday, Congressman Dutch Ruppersberger led a Tech Trek throughout Greater Baltimore to showcase the innovative companies formed in the region. The Cyber Security-focused tour included stops at
Products, Services, and Solutions
Eid Passport, Inc., Achieves Cross-Certification with the CertiPath PKI Bridge (Wall Street Journal) Eid Passport, Inc., one of the leading high-assurance identity management solution providers, has achieved cross-certification with the CertiPath PKI Bridge. The CertiPath PKI Bridge serves as the central hub that enables participating organizations, from federal government to private entities, to collaborate and share information on a global basis with high confidence that their high-value information and physical assets are properly protected
Lunarline Delivers International Cyber Security Laws and Regulations Training (Wall Street Journal) Responding to a unique industry need, Lunarline developed and continues to deliver training relative to international cyber security and privacy regulations. Global markets, in conjunction with the ever changing cyber security landscape, lead companies to ask questions about how to not only ensure compliance with national laws, but how to protect their customers' critical data and information both domestically and overseas. The complexity of global privacy laws and restrictions on transfers of data across country borders raise significant concerns for companies doing business in the worldwide. Cloud computing and new technologies add increasing risks to organizations eager to keep pace with emerging trends. Whether it is guidance related to new privacy regulations, global privacy or cyber security program development, compliance with the European Union (EU) Directive or certifications like Safe Harbor, Lunarline can provide answers to global cyber security and privacy questions
Secure Your Branch Offices Using Sophos RED - Video (Softpedia) In case you're looking for a cyber security solution that could help you protect your company's branch offices - such as home offices, service stations, public libraries and retails stores - maybe you should take a look at Sophos' Remote Ethernet Device (RED)
9 Android Apps To Improve Security, Privacy (InformationWeek) Secure your Android smartphones and tablets using antivirus, encrypted communications, child locks, password managers and other tools featured in our roundup
Technologies, Techniques, and Standards
Experiment Simulated Attacks On Natural Gas Plant (Dark Reading) ICS/SCADA experts test continuous monitoring approach as a way to spot denial-of-service, malware, and other attacks. An experiment conducted by ICS/SCADA security experts reveals how utilities could spot malware and cyberattacks on their automation environments on the fly merely by continuously monitoring the customarily predictable behaviors of those networks and systems
Play With An MIT Tool That Visualizes How The NSA Can Map Your Relationships (TechCrunch) The brainiacs at MIT created a cool visualization program to map how the National Security Agency can understand your relationships based on who you contact via email and how often. While we still don't know whether the NSA is collecting the content of phone calls and Internet activity, we know from court documents and Senate testimony that the government broadly mines so-called "meta-data" about
US agency baffled by modern technology, destroys mice to get rid of viruses (Ars Technica) $170,000 of PCs, printers, keyboards, cameras, and mice destroyed in gross overreaction
Why do we click? (Internet Storm Center) SANSFIRE 2013 I did a talk about understanding online news and decided to follow up on a question. In this discussion there were many talking points but the question of "Why do we click" came up. There is no real complete "Technical" answer but I will cover some factors. First, it is pretty much well known and accepted that when you are tired you can make mistakes. There was a meta-analysis done studying self-control and they discuss other factors that might be contributors to "the click factor." Things like, diet, stress, and difficulty of current task could be contributors to reduced self-control (Hagger, Wood, Stiff, Chatzisarantis, 2010)
Knowing adversary key to good cyberdefense, say experts (CSO) Best protection depends on walking a mile in hacker's shoes. Knowing thy enemy can be as important in defending an organization against cyber intruders as studying their tools and tactics, say security experts interviewed by CSOonline
Video: Linking security awareness training to corporate culture (SC Magazine) There has always been a big debate when it comes to security awareness training and its value to organizations. Is it useful and effective? While there's no clear-cut answer, it certainly doesn't hurt for it to be a part of a CISO's security strategy (so long as they don't solely rely on it). With mobility in the workplace continuing to be a hot topic and major challenge for all industries, Mathieu Gorge, founder and CEO at VigiTrust, believes that a multi-faceted security strategy that includes awareness training would enable any organization to mitigate risks and combat threats
Fixing the CAPTCHA: turning jumbled words into a game (VentureBeat) CAPTCHAs, or those jumbled words you have to enter to prove you're a human on websites, suck. They detract from a website's flow, and as security researchers at Imperva have found, they're actually easily overcome by spammers. But some CAPTCHA creators are coming up with ways to make it harder for spammers, and more fun for the regular humans out there
Ask the Expert: Roel Schouwenberg Explains the State of Malware Threats (Kaspersky Labs) The cyber threat landscape is constantly evolving and keeping up with those changes is an intense project. Kaspersky Lab has a team of research experts who are relentless in sniffing out the threats before they get to you. Roel Schouwenberg, senior anti-virus researcher, Kaspersky Lab, Americas, is part of Kaspersky's Global Research and Analysis Team, where on a daily basis he is monitoring the state of malware and the threats that exist. We sent along your malware and cyberthreat questions to Roel to have him answer
BYOD security and the importance of covering your backend (Gigaom) So you've accepted BYOD and a host of new apps to support. Congrats! The next step is making sure that your crucial mobile data is adequately secured before all hell breaks loose
Case study: Get smart (SC Magazine) An organizing solution was found to manage mobile devices being used in Florida's Hillsborough School District, reports Greg Masters. While the number of students passing through Hillsborough School District in Florida may be on par with what it was a decade ago, the number of mobile devices used to access textbooks, homework assignments and the like has more than doubled in that time
Design and Innovation
Canada's Growing Tech Startup Hub In Kitchener-Waterloo To Be Profiled In New Documentary (TechCrunch) Canada has a strong and growing startup community, and one of the emerging hubs where a lot of that energy is concentrated is the Kitchener-Waterloo region, which plays host to the esteemed University of Waterloo. That area's startup community is being profiled in an upcoming documentary called - aptly - Startup Community
Academia
UK government prioritizes coding skills and 3D printers in new school curriculum proposals (TNW) School pupils in England are set to get a boost to their digital skills following proposed reforms to the education curriculum from September 2014. The document, published today, reveals that more of a focus on technology-related skills will be among the priorities for primary and secondary school children
Legislation, Policy, and Regulation
Obama's case for the benefits of Big Brother government (Quartz) It was only seconds before US president Barack Obama mentioned Google when talking about how technology could transform government this morning
What's really at stake in the National Security Agency data sweeps (Oxford University Press) As controversy continues over the efforts of the National Security Agency to collect the telephone records of millions of innocent Americans, officials have sought to reassure the public that these programs are permitted by the Constitution, approved by Congress, and overseen by the courts. Yet the reality is that these programs fully deserve the discomfort they have aroused
An Opportunity To Strengthen U.S.-China Ties (Wall Street Journal) The fifth round of the China-U.S. Strategic and Economic Dialogue will be held in Washington, D.C., on July 10 and 11. It is another important step forward taken by the two governments in their efforts to build a new model of major-country relationship after President Xi Jinping and President Barack Obama met at the Annenberg Estate in California last month
Win-Win Cooperation (Washington Post) Chinese-U.S. cooperation has promoted peace, stability and development in the Asia-Pacific region and beyond. Our two countries have carried out effective coordination and cooperation on a wide range of topics, including regional hot spots such as the Korean nuclear issue and the Iranian nuclear issue
The Laws You Can't See (New York Times) In the month since a national security contractor leaked classified documents revealing a vast sweep of Americans phone records by the federal government, people across the country have disagreed about the extent to which our expectation of personal privacy must yield to the demands of national security
Leaks Muddy U.S. Position In Chinese Talks (Wall Street Journal) When the U.S. and China hold high-level meetings in Washington this week, the most important figure may be someone who isn't present. The U.S. intends to press China over allegations that it routinely hacks into the computers of American companies to steal trade secrets. But disclosures by Edward Snowden, the fugitive National Security Agency consultant, have greatly complicated that task, U.S. and Chinese policy experts said
NSA surveillance shakes EU data-sharing relationship (FierceGovIT) European confidence in U.S. data privacy protections, never particularly great, has been shaken further by revelations that the National Security Administration bugged the European Union diplomatic building in Washington, D.C., and infiltrated its computer network, as well as spied on EU institutions in Brussels
Germany defends 'strictly legal' cooperation with NSA (Cyberwarzone) Angela Merkel's government said on Monday that its cooperation with American intelligence was fully regulated by strict legal guidelines after a magazine reported that the U.S. National Security Agency was in close cahoots with German spies
US, China Talk Hacking Before Key Meeting (Agence France-Presse) The United States and China on Monday aired out concerns on hacking, which has emerged as a major irritant between the world's two largest economies in the buildup to annual talks this week
Hack biz rivals or hire cyber-warriors and we'll shut you down, warns EU (The Register) Behave on the interwebs, or we'll, er, wind you up. Businesses could be wound up if they engage in cyber attacks or fail to prevent staff from engaging in computer hacking or other cyber crimes under new draft laws backed by the European Parliament
EU businesses can be shut down by new cyber law (Cyberwarzone) New laws on cyberattacks voted in by the European parliament will allow any business found to be engaging in hacking or any other cyber crime to be closed down
Combatting China's cyber espionage: ''Hit 'em high, hit 'em low,' says Mulvenon (FierceGovIT) Attribution is no longer the single biggest question in federal cybersecurity--the United States government has publicly acknowledged that the Defense Department and private industry have been the target of cyber espionage from Chinal; the question now up for debate is how to respond, said cybersecurity experts who spoke during a June 24 Atlantic Council event in Washington, D.C
5 Reasons Search Marketers Should Watch the Regulatory Landscape (ClickZ) You may wonder what a recent hack of a U.S. government website, purportedly by the group "Anonymous," has to do with search engine marketing and online marketing, but bear with me as we use this as a segue into the regulatory environment, both in the U.S. and globally
Some US states strengthen data breach notification laws, others ignore them (Naked Security) Vermont and North Dakota have recently bolstered their data breach notification laws to cover more organizations and additional types of personal information. Meanwhile Michigan lost 49,000 people's names, birth dates and cancer screening records and claims they aren't protected information
FTC enacts revised children's online privacy rule (Infosecurity Magazine) After two years of working on it, the US Federal Trade Commission has implemented the revised Children's Online Privacy Protection Act Rule, giving parents greater control over the online collection of their children's personal information
Mushahid's seven-point plan for cyber security (The International News) Chairman Senate's defence committee, Senator Mushahid Hussain Sayed, has proposed a 7-point plan for cyber-secured Pakistan, suggesting that under the office of the chairman joint chiefs of staff committee, an Inter-Services Cyber Command should be established to coordinate cyber security and cyber defence for the Pakistan armed forces
Litigation, Investigation, and Law Enforcement
Ireland denies US arrest warrant for Edward Snowden, citing incomplete request (Ars Technica) But the US could try again with new information, Irish justice minister says
Questions for Snowden (Washington Post) Did Edward Snowden decide on his own to seek out journalists and then a job at Booz Allen Hamilton's Hawaii facility as an IT systems administrator to gather classified documents about the National Security Agency's worldwide surveillance activities? Snowden told the South China Post in June that he took the Booz Allen job in late March or early April because it "granted me access to lists of machines all over the world the NSA hacked."
Snowden and Venezuela: My bizarre experience in the surveillance state (BoingBoing) In 2009, a private call placed from the US by Isabel Lara to her mother was broadcast on Venezuelan state TV. Secretly taped calls are routinely used there to disgrace political enemies--or worse. To locals, the South American surveillance state is an odd place for government transparency advocate and NSA whistleblower Edward Snowden to end up
Talk About Strange Bedfellows (Foreign Policy) When Hollywood finally decides to make a film about the National Security Agency (NSA) leaker Edward Snowden's secret life in a Moscow airport, they'll need to be sure to include Russian politicians discussing his fate. From the very first day Snowden's plane landed in Sheremetyevo airport from Hong Kong, both pro- and anti-Putin political figures have agreed on one thing: he shouldn't be turned over to the Americans. Politicians and oppositionists alike have argued that Snowden should be allowed to stay and work in Russia rather than ending up behind bars in his home country. (The photo above shows a Russian Snowden supporter outside the airport holding a sign that reads "Resist the new world order.")
'Stellar Wind' collected Internet metadata through 2011 (FierceGovIT) Fallout from revelations of American Internet spying made by former intelligence community contractor Edward Snowden continues to pile up amid new disclosures made from the trove of documents Snowden made available to select publications
Newly active civil liberties oversight board hears testimony on NSA surveillance (Washington Post) The federal oversight board directed by President Barack Obama to scrutinize the government's secret surveillance system is hearing from civil liberties activists, a retired federal judge and a former Bush administration lawyer in the board's first public event since the spying operations were revealed in news reports
Judge rejects state secrets defense in wiretapping lawsuit (Reuters) The U.S. government cannot quickly terminate a civil privacy lawsuit over warrantless wiretapping by arguing that such litigation would expose state secrets and harm national security, a U.S. judge has ruled
Brazil to probe local telecom operators over alleged US spying (Chicago Tribune) The decision came as U.S. officials, including the American ambassador in Brasilia, sought to reassure Brazil following reports in the O Globo newspaper that the American Central Intelligence Agency and National Security Agency had gathered telephone
Iran to Sue U.S. Over 'Stuxnet' Sabotage (WND) Iran's Foreign Ministry is preparing to take legal action against the United States over the Stuxnet computer virus, charging that Washington was behind the sabotage of its nuclear program
Privacy International files legal challenge against UK government over mass surveillance programmes (The Next Web) In the wake of revelations that the UK Government is accessing wide-ranging intelligence information from the US and is conducting mass surveillance on citizens across the UK, Privacy International today commenced legal action against the Government, charging that the expansive spying regime is seemingly operated outside of the rule of law, lacks any accountability, and is neither necessary nor proportionate
Lawyers ask appeals court to toss conviction of researcher who exposed AT&T iPad customer data (SC Magazine) A team of venerable computer crime defense lawyers has filed an appeal in New Jersey asking a court to overturn the conviction and sentence of a 27-year-old "gray-hat" hacker who discovered a vulnerability in AT&T's public website
Soldier's Lawyers Ask Judge To Acquit On Aid To Enemy (New York Times) Defense lawyers for Pfc. Bradley Manning asked a military judge on Monday to acquit him of the most serious charge he faces aiding the enemy by providing classified information to WikiLeaks as they began to present their witnesses at his court-martial
Female scammer who taunted US authorities online finally caught in Mexico (Ars Technica) Fugitives beware: the Internet can easily betray your location
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
2013 Maryland Cyber Challenge (Baltimore, Maryland, USA, Oct 8 - 9, 2013) Held in conjunction with Cyber Maryland and intended to let students and young professionals showcase their cybersecurity skills, Maryland Cyber Challenge offers competition in three divisions: high school, college, and professional. Orientation sessions for teams in each of three divisions -- high school, collegiate and industry and government professionals -- will be held at UMBC in July and August. Two qualifying rounds will be conducted online using SAIC's Cyber Network Exercise System.
Digital Forensics and Incident Response Summit (Austin, Texas, USA, Jul 9 - 10, 2013) The 6th annual Forensics and Incident Response Summit will again be held in the live musical capital of the world, Austin, Texas. The Summit will focus on high quality and extremely relevant content as well as panel discussions in Digital Forensics and Incident Response. The 2013 theme is currently in development as the digital forensics and incident response community is constantly evolving and our content promises to be cutting-edge and relevant to ensure you will be able to utilize the ideas presented when you return to your organization.
London Summer 2013 (London, England, UK, Jul 9 - 16, 2013) SANS London Summer takes place at the London Marriott Hotel Kensington and gives security professionals the opportunity to take one of four of SANS most popular 6-day courses and the 2-day "Securing The Human" course.
GovConnects Business Breakfast: "Secured Space." What It Is - Who Has It - Who Needs It (UMUC, Dorsey Station, Elkridge, Jul 10, 2013) With today's Cyber threats, all businesses, institutions and the general public are at risk as never before. Learn about the lastest technologies, measures and solutions being used today and into tomorrow to protect your intellectual property.
3rd Cybersecurity Framework for Critical Infrastructure Workshop (San Diego, California, USA, Jul 10 - 12, 2013) NIST is inviting cybersecurity experts, industry and academia from across the nation to attend one of its regional workshops at UC San Diego to identify, refine and guide the many interrelated considerations, challenges and efforts needed to build this framework.
cybergamut Technical Tuesday: Remote Digital Forensics (Columbia, Maryland, USA, Jul 16, 2013) 'The remote control changed our lives. The remote control took over the timing of the world. Within three seconds, click, click, click. So can we do remote forensics?' Ken Zatyko of Assured Information Security will present results of a study into this question, including a look at related research and a trade study of the current state of the digital forensics industry. If you are interested in triage, validation, high speed networks, forward analysis, agents, and cloud computing this presentation is for you.
Mobility Solutions for the Federal Market (Falls Church, Virginia, USA, Jul 16, 2013) With the improvements in mobile technology, smart phones and tablets, DOD, DHS and Civilian agencies have an opportunity to improve their service delivery models and the programs that serve their constituents. In order to accomplish this, Agencies across all branches of government must understand how and where mobile technology can be leveraged, where it's already being successfully leveraged to improve service delivery, and identify the areas of improvement necessary within their agency or program to ensure today's workforce is leveraging mobile technology to help their agency accomplish their goals. Join us at this highly interactive July 16th Potomac Officers Club Mobility Summit where our speakers will be addressing strategic issues.
2013 World Comp (Las Vegas, Nevada, USA, Jul 22 - 23, 2013) 2200 leading researchers, academics, and executives from government, academia and industry will come together at this annual event which facilitates communication among researchers in different fields of computer science, computer engineering, and applied computing.
Black Hat 2013 (Las Vegas, Nevada, USA, Jul 27 - Aug 1, 2013) Black Hat USA is a major international security conference, featuring learning, networking, and skill-building. Sessions include training, briefings, technical presentations, and more.
SECRYPT 2013 (Reykjavik, Iceland, Jul 29 - 31, 2013) The 10th International Conference on Security and Cryptography (SECRYPT 2013) will take place from 29 to 31 July 2013 in Reykjavik, Iceland…The conference will focus on information systems and network security, including applications within the scope of knowledge society in general and information systems development in particular, especially in the context of e-business, internet and global enterprises. It will bring together researchers, mathematicians, engineers and practitioners interested in security aspects related to information and communication.