The CyberWire Daily Briefing for 8.8.2013
Heritage assesses Iranian cyber attack intentions and capabilities.
Former DirNSA Hayden suggests a thought experiment. While hacktivists aren't equivalent to terrorists, consider an analogy: what target would be to hackers as the World Trade Center was to al Qaeda?
Baneki Privacy Labs and Cryptocloud back away from their claim that Tor anonymity was compromised through an NSA-run exploit. They conclude now that there's no solid evidence for attribution. In New Zealand, a professor calls on people to lead government surveillance services on a "merry dance" by flashmob versions of a mass Bayesian poisoning attack.
Netherlands DNS servers experience a fresh wave of hijacking, mostly to direct traffic to Blackhole. An obscure Kansas City subnet appears to be involved in snooping around Indian government and military sites. Other odd exploits include an apparently motiveless attack by Bangladeshi hackers on the Covina, California, police department, and Kosovo hacktivists' defacement of British UNESCO pages with anti-Serb diatribes.
Cisco TelePresence is found vulnerable to remote exploitation. A fresh entry to the black market, the "Hand of Thief" banking Trojan (now only $2000) attacks Linux but not Windows systems. Popular blogging platforms remain under brute force attack (the "Fort Disco" campaign).
Google sticks to its guns over Chrome password storage, and many observers agree—Google is "thinking like a security architect."
Forbes asks about power grid cyber vulnerability; Control coincidentally gives a partial answer.
Huawei pushes into the Western enterprise market. Chinese media high-five Putin for embarrassing the US over Snowden. NSA remains under scrutiny.
Notes.
Today's issue includes events affecting Australia, Bangladesh, Belgium, China, European Union, India, Iran, Kosovo, Netherlands, New Zealand, Russia, Serbia, United Kingdom, United Nations, and United States..
Cyber Attacks, Threats, and Vulnerabilities
Iran's Covert Cyber War (Heritage.org ) Even though Iran lacks the manpower or expertise level of China and Russia, Tehran is credited with a massive cyber attack on Saudi Arabia's ARAMCO
Former NSA chief 'imagines' hackers could retaliate if Snowden extradicted (Daily Caller) The former head of the National Security Agency warned that hackers and activists could retaliate through cyber terrorism "if and when" the U.S. government apprehends former NSA contractor Edward Snowden
Ex–NSA chief compares hacktivists who defend Snowden to terrorists (Russia Today) He didn't elaborate on his ominous implication and didn't describe a cyber-attack scenario, which could be compared to the September 11, 2001, destruction of
Snowden Wikipedia Page edited from a senate computer, calling him a Traitor (Hack Read) Someone inside the senate is not much a pro to NSA's whistleblower Snowden as they are using the platform of Wikipedia to express their view point. The page at Wikipedia which describes all about Edward Snowden who is known to have leaked many classified files of NSA has been revised on many occasions since he first started sharing of confidential files back in June
Gehan Gunasekara: Let's lead the spooks a merry dance (New Zealand Herald) For the Government it is the perfect privacy storm: the Snowden disclosures about massive NSA internet and phone surveillance continue to pour in, a journalist's phone records and swipe card logs have been inappropriately accessed, and earlier revelations through the Dotcom affair showed illegal spying by the GCSB of New Zealand residents - at the very time the Government is attempting to legitimise the illegal spying by pushing through new surveillance legislation against the wishes of the vast majority of citizens
In face of scrutiny, researchers back off NSA "Torsploit" claim (Ars Technica) They admit it was either a misread of data or data somehow changed after assessment. Researchers who claimed they found a link between the Internet addresses used as part of malware that attacked Freedom Hosting's "hidden service" websites last week and the National Security Agency (NSA) have backed off substantially from their original assertions. After the findings were criticized by others who analyzed Domain Name Service and American Registry for Internet Numbers (ARIN) data associated with the addresses in question, Baneki Privacy Labs and Cryptocloud admitted that analysis of the ownership of the IP addresses was flawed. However, they believe the data that they used to make the connection between the address and the NSA may have changed between their first observation
Malicious snoopware targeting India found at tiny Midwest ISP (The Register) 'Official' decoys hide potential espionage campaign. Security researchers have uncovered what appears to be a malware-based attack targeting Indian military or government entities and designed to steal information
UK National Commission for UNESCO Website Hacked by Kosova Warriors Group (Hack Read) A group of hacker going with the handle of Kosova Warriors Group has hacked and defaced the official website of United Kingdom (UK) National Commission for The United Nations Educational, Scientific and Cultural Organization (UNESCO). Hackers left a deface page along with a message on the hacked site bashing Serbs for killing over thousands of people. The deface message was explaine
DNS servers hijacked in the Netherlands (Internet Storm Center) Earlier this week reports started to appear that the DNS of several webhosting companies in the Netherlands had been hijacked and those using the services were being redirected to malware sites, notably blackhole
California's Covina City and Police Department Website Hacked by Bangladeshi 3xp1r3 Cyber Army (Hack Read) A hacker going with the handle of RedX from Bangladeshi based 3xp1r3 Cyber Army has hacked and defaced the official website of California's Covina City and Police Department website along with its sub-domain.Hacker left a deface page along with a message on hacked Covina City and Police Department but the reason for targeting site was not mentioned anywhere
Facebook account hacking service could lead you into danger (Graham Cluley) A website which offers an easy way to hack into Facebook accounts could actually lead users into danger, a security researcher has warned
Remotely Exploitable Bug Affects Wide Range of Cisco Telepresence Systems (ThreatPost) There's a serious vulnerability Cisco's popular TelePresence system that could give an attacker complete control of the affected system. The vulnerability affects a broad range of TelePresence models, although there are workarounds available
"Hand of Thief" banking trojan doesn't do Windows—but it does Linux (Ars Technica) Priced at $2,000, bank fraud malware has its own sales and support agents
The Reality of Browser-Based Botnets (TrendLabs Security Intelligence Blog) The research on browser-based botnets presented during the recent Blackhat conference in Las Vegas touches on our previous study on the abuse of HTML5. Most importantly, it shows how a simple fake online ad can lead to formidable threats like a distributed denial of service (DDoS) attack
Timing Attacks On Browsers Leak Sensitive Information (Dark Reading) Variations in the redraw times of graphical elements could allow an attacker to see sites a user has visited, sensitive information. Two attacks discovered by a security consultant exploit the way modern browsers render text and graphics to allow a malicious site to read sensitive information from other websites and expose a user's browsing history to an attacker
Reverse engineering reveals inner workings of Comfoo Trojan (GCN) Researchers at Dell SecureWorks have been able to monitor the command and control system of an advanced Remote Access Trojan being used by Chinese hackers to penetrate government, high-tech companies and educational systems in the United States, Asia and Europe
Blogs with 'weakest of the weak' passwords hijacked for bot army (The Register) Wordpress, Joomla, Datalife Engine - they're all under cyber-crims' control. Cybercroooks are running a wide-ranging password-guessing attack against some of the most widely used blogging and content management systems on the net
Analyzing the Fort Disco bruteforce campaign (Help Net Security) In recent months, several researchers have highlighted an uptick in bruteforce password guessing attacks targeting blogging and content management systems. Arbor ASERT has been tracking a campaign we
Fort Disco Bruteforce Campaign (Arbor Networks) In recent months, several researchers have highlighted an uptick in bruteforce password guessing attacks targeting blogging and content management systems. Arbor ASERT has been tracking a campaign we are calling Fort Disco that began in late May 2013 and is continuing. We've identified six related command-and-control (C&C) sites that control a botnet of over 25,000 infected Windows machines. To date, over 6,000 Joomla, WordPress, and Datalife Engine installations have been the victims of password guessing
On Fake "F–Secure Security Pack" Malicious Browser Extension (F-Secure) We have been following a malicious browser extension that claims to have been developed by various different software companies. The extension installs itself into the browser and makes posts to social media sites such as Twitter, Facebook and Google+ on the user's behalf. One of the variants installs itself as "F-Secure Security Pack" -- and trust us -- it's definitely not coming from us
Cybercriminals spamvertise fake 'O2 U.K MMS' themed emails, serve malware (Webroot Threat Blog) British users, watch what you execute on your PCs! An ongoing malicious spam campaign is impersonating U.K's O2 mobile carrier, in an attempt to trick its customers into executing a fake 'MMS message" attachment found in the emails. Once socially engineered users do so, their PCs automatically join the botnet operated by the cybercriminal/gang of cybercriminals whose activities we continue to monitor
Child abuse ransomware tweaked to tout bogus antivirus saviours (The Register) Crass, fiendish and no doubt a good money-spinner. Cybercrooks have found another application for ransomware, the horrible software that locks up a PC until money is handed over: it's now being used to push fake antivirus onto victims
New Retail Breach Among 2013's Biggest? (BankInfoSecurity.com) A cyber-attack that hit Harbor Freight Tools and likely exposed card data processed at all 400 of its retail tool stores could rank among one of the biggest retail
Hackers Break into RIA Novosti's Twitter Accounts (RIA Novosti) Both tweets were removed within five minutes after the cyber attack. RIA Novosti…This was not the first cyber attack on the news agency this year. In May 2012
Hackers Plant False Gorbachev Death Rumor (SecurityWeek) The last Soviet leader Mikhail Gorbachev was forced to deny rumors of his death after hackers planted a false report on Twitter accounts of a state news agency
Stolen laptop compromises patients of California medical group (SC Magazine) The California-based Retinal Consultants Medical Group website says it offers patients "uncompromising care," but a compromise of data is exactly what patients got after a laptop containing sensitive client information was stolen
Information leakage through cloud file storage services (Internet Storm Center) Cloud services are here to stay. This poses a big challenge for information security professionals, because we cannot longer restrict mobility and thus we need to implement controls to ensure that mobility services does not pose a threat to any information security asset of the company
Why Everyone Is Pissed Off About Google Chrome's Sound Security (Wired) There's much gnashing of teeth today over the discovery that Google Chrome lets you -- or anyone using your computer -- see the plaintext web passwords stored by your browser. This isn't a security bug. It's Chrome's documented behavior, and has been all along. But an outraged blog post highlighting the issue yesterday by U.K. software developer Elliot Kember was picked up by Hacker News, thrusting Google's security choices into the limelight
Chrome-saved passwords in plain text not a flaw, according to Google (SC Magazine) Go into the password section in Google Chrome's settings panel and you can see that the popular web browser displays saved passwords in plain text. Many consider this a flaw - but not Google
Google leaves your Chrome passwords unprotected to promote security (The Verge) How would you feel if someone sat in front of your computer and was immediately able to access all of your Chrome passwords? That's a scenario that is dividing opinion after web designer Elliot Kember called Google's security practices
Chrome, Firefox blab your passwords in a just few clicks: Shrug, wary or kill? (The Register) Vote now: Browsers reveal logins on idle PCs, but is it a code flaw or a brain bug? Poll Web browsers Google Chrome and Mozilla Firefox can reveal the logged-in user's saved website passwords in a few clicks. There now rages a debate over whether this is an alarming security flaw or a common feature
How Vulnerable Are Power Companies To Cyberattack? (Forbes) In Washington D.C. this morning, security officials from some of the country's largest utilities met to discuss how to prepare for the possibility of a large-scale cyberattack on the power grid. Most agreed that it is only a matter of time before one comes to pass, and one official said his company is beginning to view the threat as on par with that of a large storm or hurricane
The system is still broken — the failure of a cyber–sensitive substation device affecting a nuclear plant (Control) Unlike other industries, nuclear plants are required to identify all unusual events. Consequently, it is easier to find incidents that are, or could be, cyber. I was recently made aware of a nuclear plant incident with a station auxiliary transformer load tap changer (LTC). LTCs are used in ALL substation transformers and are designed to be remotely accessible. Troubleshooting at the nuclear plant determined that the LTC alarm in the Main Control Room was caused by the failure of the LTC motor (the LTC alarm was the cause of the unusual event). The motor failed due to continuous tap change demands from the transformer Automatic Voltage Control (AVC) system over a SEVENTY MINUTE period. The apparent cause is the AVC firmware failed, which caused the erroneous output signals to continuously run the LTC motor without stopping and as a result failed the motor
Security Patches, Mitigations, and Software Updates
Xerox to patch scanner glitch that can alter numbers (PCWorld) Xerox will disable a scanner setting in some of its WorkCentre products that can sometimes result in figures being altered in scanned documents
Microsoft patches gaping security hole in Yammer (FierceContentManagement) At the end of July Microsoft plugged a gaping hole in its enterprise social networking tool, Yammer. As reported on ZDNet, Yammer (acquired by Microsoft in late 2012) relies on the popular OAuth 2.0 authentication scheme. However, an error in Yammer's implementation of OAuth allowed a security researcher at Vulnerability Laboratory to find critical information with simple Google searches and use that information to log in as another user
Cyber Trends
Businesses Not Doing Enough to Avoid Cyber Attacks (TechBoson) IT Governance, the cyber security services business, has issued the infographic (below) as part of its campaign to encourage leaders of all sizes of business to take appropriate action against the risk of cyber attacks and associated data breaches and business interruption. The infographic attempts to quantify the reality of today's cyber threat with hard-hitting statistics. It then sets out a risk-assessment process that businesses should perform to thwart potential cyber attacker
Compliance no longer main driver of security measures (Help Net Security) The need to ensure compliance with regulations should no longer be the primary consideration of CIOs when planning IT risk and security measures. Gartner said compliance is an outcome of a well-run risk management programme and should not dominate CIOs' decision making
Experienced employees more important than a rising security budget (Help Net Security) Tripwire announced the results of a survey of 167 attendees at Black Hat USA 2013. Many of those surveyed - 44 percent - said that if they could change one thing in their organization to improve
'Belgium poorly defended against hackers' (Le Soir) Belgium has occasonally request assistance from the "American big brother" to counter cyber-attacks. This is the key point of an interview given by deputy chief of staff General Eddy Testelmans to the magazine MO, which has been reported by Le Soir
Cyberwar: nerds to the front! (Deutsche Welle) All the same, it wouldn't be legitimate to respond to every cyber attack as if it were an armed attack which would justify responding under the law of self-defense
Most companies don't have data breach cyber insurance (Help Net Security) Companies now rank cyber security risks as greater than natural disasters and other major business risks, according to a new Ponemon Institute study. While only 31 percent of companies are insured today, there are a growing number of companies exploring policies. This indicates a larger appetite for financial protection in the wake of a breach
The hidden costs of BYOD (FierceMobileIT) Despite the promise of reduced hardware costs, BYOD is actually costing enterprises more money in terms of wireless infrastructure upgrades, support costs, mobile device management spending, and increased security costs
Is malware lurking in your employee's smartphone? (FierceMobileIT) IT professionals are increasingly concerned about the security risks posed by personal mobile devices in the workplace, particularly the introduction of malware into the corporate network
The Android strain (FierceMobileIT) As in Michael Crichton's best-selling novel the Andromeda Strain, an epidemic is raging on planet Earth. This time, it's not a microorganism attacking the blood stream that is the problem, but malicious software attacking corporate network
Marketplace
Analytics helping 'smart' Sydney Airport get off the ground (ZDNet ) It may only have access to 5% of the information it needs, but Australia's largest and busiest airport has already seen early successes using big-data analytics to better model passenger flow and plan new services. Sydney Airport - the main international gateway to Australia and the country's busiest airport - is already claiming progress on its efforts to become a 'smart airport' after using IBM statistical and business tools to create new analytical models that combine data from a bevy of siloed information systems
Huawei seeks growth in enterprise network business (ZDNet) The U.S. market may be a "disappointment" to the Asian firm, but it hasn't stopped Huawei from trying to tap into the lucrative enterprise sphere. Huawei is attempting to gain a firmer grip in the enterprise market by diversifying and developing communications gear used by the corporate world to build personalized campus networks
China has a massive Windows XP problem (NetworkWorld) By the time of XP's retirement in April, around 10% of all U.S. computers will be running the OS; in China, 65% of companies will do so
US firms worry Edward Snowden is wrecking their business, but the Patriot Act was already doing that (Quartz) Shortly after a meeting of an EU-sponsored program to push European cloud-computing capabilities in Estonia last month, a high-ranking EC official noted that the biggest losers from Edward Snowden's revelation about US surveillance would be US businesses
Security testing deadlines slip for CMS's Data Services Hub, says OIG (FierceGovIT) The Centers for Medicare and Medicaid Service is in the process of standing up a Data Services Hub to serve state health insurance and federally-facilitated exchanges as part of the Affordable Care Act. The agency is testing the security of the platform, but auditors are concerned that some tests have been pushed back dangerously close to the launch date
CGI Federal Enlists 18 Partners for $1B Interior Dept Cloud IDIQ Team (ExecutiveBiz) CGI Federal will work with 18 partners to develop and test cloud computing hosting platforms for the Interior Department under a potential 10-year, $1 billion contract
Products, Services, and Solutions
Free tool for auditing Google Apps (Help Net Security) BeyondTrust released PowerBroker Auditor for Google Apps, available for free, to the BeyondTrust user community. The tool was developed to ease the burdens associated with auditing these commonly used web applications for proper usage and compliance
IOActive launches security intelligence service (Help Net Security) IOActive launched its new Security Intelligence Service, to help arm organizations with prioritized critical security insights based on their business. World-renowned research capabilities
Latest BlackBerry Devices Get Okay to Run on Department of Defense Networks (SecurityWeek) Smartphone maker BlackBerry announced on Thursday that the U.S. Defense Information System Agency (DISA) has given its BlackBerry Z10 and BlackBerry Q10 smartphones with BlackBerry Enterprise Service 10, the "Authority to Operate" (ATO) on Department of Defense (DoD) networks
Dropbox: Safe for business use? (FierceContentManagement) Cloud storage and file sync service Dropbox broke the 100-million user mark late last year. So it might be a little late to ask the question, but ITPro does raise a set of concerns about the suitableness of Dropbox for enterprise business
iPhone 5S's rumored fingerprint sensor could spur biometrics for mobile payment security, says Frost (FierceMobileIT) The rumored inclusion of a fingerprint sensor in the next iPhone should accelerate the use of biometrics to secure mobile payments, concludes Jean-Noel Georges, global program director for ICT in financial services at Frost & Sullivan
Technologies, Techniques, and Standards
FBI 5 Best Practices For Combatting The Insider Threat In Your Business (Forbes) I attended a good brief by Patrick Reidy, CISO for the FBI at Black Hat last week on combatting the insider threat. The insider threat is someone on the inside of your business who is stealing or releasing information and/or physical goods to the detriment of your business. The FBI, of course, has an even greater responsibility since they are protecting not only their own information, but that of the nation as well. As such, there is an expectation that they will take the insider threat seriously and develop effective countermeasure for it. In any business, the insider threat is generally far more likely to result in losses than an outsider breaking into your systems
NIST updates guidance to reflect malware, patch mangement evolution (SC Magazine) The National Institute of Standards and Technology (NIST), responsible for setting industry and government measurements and standards, has released revisions to two of their security-related guidance - an undertaking that took longer than a year
Browser Password Storage: An Overview (ThreatTrack Security Labs) It seems a lot of people are surprised that some browsers store passwords and let whoever is sitting at the PC view those stored passwords. Well, surprise! Some browsers store passwords and let whoever is sitting at the PC view those stored passwords. Here is a fast and not very furious shakedown on browser password storage
I Conned One This Big Say Cyber Phishers (TechBoson) Back in 2005 Rohyt Belani was running a mobile services company called Intrepidus when he noticed the growing amount of phishing* and a complete lack of protection within the client companies. "What can we do, they asked me. I said that they should check their technical controls and how they managed employee behaviour and they were puzzled"
Design and Innovation
These Silicon Valley Titans Think You Probably Shouldn't Start a Company (Wired) Acutely aware of his own role in setting expectations of startup glory, Facebook co-founder Dustin Moskovitz wants to sober up anyone too dazzled by such dreams
The New Innovation Battlegrounds Are City Hall And The State House (Forbes) Colorado is currently considering proposals to outlaw Uber and other services that enable passengers to book a car service from their smartphones. Uber and its competitors face similar challenges from Los Angeles to Las Vegas to Washington, DC
Research and Development
Moore's Law could stay on track with extreme UV progress (Ars Technica) After years of delays, new technology could come online by 2015
IBM unveils computing architecture based on the brain (C/NET) Company says its breakthrough could allow for a next generation of applications that mirror the brain's efficiency in perception, cognition, and action
Researcher urges industry to not forget old tasks in the face of modern trends (SC Magazine) Speaking to SC Magazine, James Lyne, global head of security research at Sophos, said that older research is often left and not completed in favour of new and exciting research, meaning that old problems do not get fixed
Public Key Cryptography Set To Fail In Five Years (iProgrammer) At the moment, our public key cryptographic systems are based on one of two related mathematical problems - integer factorization or the discrete logarithm
Academia
US cyber challenge puts UD student on fast track to outwitting hackers (UDaily) Last week, Bednar participated in Delaware's annual U.S. Cyber Challenge ... all taught by college faculty, SANS Institute senior instructors and other cyber
Legislation, Policy, and Regulation
Opposition May Bring Change to NSA (Enterprise Security Today) Momentum is building toward upending once-secret surveillance programs such as the NSA's operations disclosed by Edward Snowden. Lawmakers of all political stripes are now part of a growing coalition that is challenging the scope and effectiveness of the formerly secret operations for the same reasons that drove Snowden to disclose them
N.S.A. Searches Said to Include Broader Sifting of Data Abroad (New York Times) The National Security Agency is searching the contents of vast amounts of Americans' e-mail and text communications into and out of the country, hunting for people who mention information about foreigners under surveillance, according to intelligence officials
New Report Lays Out Principles for Sound Cybersecurity Policy (Digital Forensic Investigator) Cyber crime and cyber attacks are genuine threats, with reports of data breaches, hacks, or thefts appearing regularly in the news. But as law enforcement, industry, academic, and government experts prepare to gather in New York City on August 5-8, 2013, for the fourth International Conference on Cybersecurity (ICCS 13), it's worth asking whether the threat has been overstated and the government's approach to it, overreaching
U.S. officials say NSA leaks may hamper cyber policy debate (Chicago Tribune) Weeks of revelations about secret U.S. surveillance programs could stymie progress on negotiations over new laws and regulations meant to beef up the country's defenses against the growing threat of cyber attacks, cyber security experts say
The Data–Mining Of Social Media: Get Used To It (Washington Post) The June disclosure that the National Security Agency is collecting everyone's telephone records and storing them for five years as part of anti-terrorism efforts has caused an uproar. Get used to it
Broader Sifting Of Message Data By N.S.A. Is Seen (New York Times) The National Security Agency is searching the contents of vast amounts of Americans' e-mail and text communications into and out of the country, hunting for people who mention information about foreigners under surveillance, according to intelligence officials
Ties Fraying, Obama Drops Putin Meeting (New York Times) President Obama on Wednesday canceled next month's Moscow summit meeting, ending for now his signature effort to transform Russian-American relations and potentially dooming his aspirations for further nuclear arms cuts before leaving office
A Welcome Rebuke To Putin (Wall Street Journal) President Obama's decision to cancel his one-on-one meeting with Vladimir Putin in Moscow next month is the right decision -- politically, the only one he could make and not look like a patsy. The question is whether this is merely a symbolic rebuke or the beginning of a policy shift that recognizes the Putin regime's hostility to American interests
China applauds Russia for making the US "eat dirt" in the Snowden showdown (Quartz) US President Barack Obama's cancelled meeting with Russian President Vladimir Putin provided a great opportunity for China's state-run media to high-five Russia, showcasing growing ties between the two neighbors. "Russia has impressed the world, which views the Kremlin as the 'winner' and the White House as the 'loser,'" proclaimed an unsigned editorial in the Global Times on Thursday about the decision to give immunity to NSA leaker Edward Snowden. "Moscow displayed its national characteristics of decisiveness and boldness." China's decision to let Snowden decamp from Hong Kong and avoid confronting America head-on "serves the long-term interests of China's diplomacy," the paper added, concluding that Washington, "ate dirt this time"
Slight shift seen in official Chinese attitude on cybersecurity (FierceGovIT) The government of China has slightly shifted its stance on cybersecurity issues from "outright denials, counter-accusations, conflating various cyber activities, rejection of laws of warfare in cyberspace, promotion of sovereign control over cyberspace, and expressions of victimization" to a new one of some willingness to talk directly with the United States about cybersecurity, says a Congressional Research Service report
Mueller: There is no digital Cold War (FierceGovIT) There is no digital Cold War even though there is conflict over Internet governance between those who favor sovereign control and those who favor transnational civil society organizations, says Milton Mueller, an Internet governance academic at Syracuse University
Commerce Dept. critical of liability protection as cybersecurity framework incentive (FierceGovIT) Liability protection as an incentive for private sector adoption of the cybersecurity framework under development by the National Institute of Standards and Technology requires further study, says the Commerce Department in a discussion paper that takes a skeptical view of the need for protection against tort claims and other possible private sector incentives
Litigation, Investigation, and Law Enforcement
DOJ probing claims U.S. drug agency 'collaborated' with NSA on intelligence (ZDNet) The U.S. Justice Dept. said it was "looking into the issues" raised by an Reuters story, that one of its law enforcement agencies collaborated with the NSA to crack down on alleged drug criminals
IRS agents were told to hide cooperation with DEA intelligence gathering (The Verge) Yesterday, the US Drug Enforcement Agency (DEA) was thrust into the spotlight when Reuters published a story about its practice of recreating the investigative trail to conceal leads it receives from the NSA. Now we're learning that the practice isn't limited to the DEA; Reuters reports that between 2005 and 2006, the Internal Revenue Service instructed its agents to scrub affidavits, investigative files, and court proceedings for references to tips provided by the DEA's Special Operations Division. The directive formed part of the agency's Internal Revenue Manual, but Reuters reports that it was removed as early as 2007. The IRS declined to comment on either the entry or its removal
Speculation Trumps Academic Freedom: UK Court Censors Security Researchers for Reverse Engineering Publicly Available Software (EFF) Next week, one of the most respected security research conferences in the world, the USENIX Security Symposium, will be held in Washington D.C. Thanks to a gag order from a British court, however, it won't go quite as planned. The order forbids the authors of a paper describing fundamental flaws in car lock systems from discussing key aspects of the work, based on nothing more than speculation about a third party's alleged "misuse of confidential information."
Manning judge limits scope of 'damage' testimony (The State) The judge at Army Pfc. Bradley Manning's court-martial is rejecting some government evidence that the classified information he disclosed
Nintendo Sues Console Hacking Website (Security Week) Nintendo said Wednesday that it has filed a lawsuit against a US website with a business model built on hacking into the company's videogame hardware
Texas federal judge declares Bitcoin a currency, says Bitcoin investments fall under US securities law (Engadget) Bitcoin's been in the news a fair bit lately due to the uncertainties surrounding the Mt. Gox exchange, where one can trade in the digital money for the official currencies of countries around the world. However, for many, Bitcoin remains an ephemeral idea, neither received nor recognized as a valid way to, you know, pay for stuff. Today, however, a federal judge in the Eastern District of Texas has officially recognized Bitcoin as a currency and declared that Bitcoin investment funds and transactions fall under the jurisdiction of US securities law, and therefore, the federal justice system as well
Raley's officials continue cyber-crime probe (Tahoe Daily Tribune) In early June, the company informed customers that a portion of its network may have been the target of a complex cyber attack. An internal investigation
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
International Conference on Cyber Security (New York, New York, USA, Aug 5 - 8, 2013) The Federal Bureau of Investigation and Fordham University will host the fourth International Conference on Cyber Security (ICCS 2013) on August 5 - 8, 2013 in New York City. ICCS, the White Hat Summit, is an unparalleled opportunity for global leaders in cyber threat analysis, operations and law enforcement to coordinate their efforts to create a more secure world. With the number of cyber threats escalating worldwide, the need for comprehensive security analysis, assessment, and actions has never been greater. Join those working on the front-lines of secure cyber networks at ICCS for the opportunity to learn useful knowledge and share critical intelligence on issues shaping the future of cyber security.
AFCEA Tinker AFB Information Technology & Cyber Security Expo (Oklahoma City, Oklahoma, USA, Aug 8, 2013) Commercial vendors are invited to Tinker Air Force Base on Thursday, August 8th to exchange information and provide products demonstrations to the military and civilian personnel on base. IT and Information Assurance professionals from Tinker AFB are looking forward learning about the latest cyber security trends and best practices, networking with peers, and sharing remediation strategies.
AIAA Aviation 2013 (Los Angeles, California, USA, Aug 12 - 14, 2013) Leading cybersecurity experts will speak at AIAA AVIATION 2013, being held August 12-14 at the Hyatt Regency Century Plaza, Los Angeles, Calif. Hosted by the American Institute of Aeronautics and Astronautics, the conference will address the risk of the evolving cyber threats to the world's $2.2 trillion commercial aviation enterprise.
Security in Government (SIG) (Canberra, Australia, Aug 12 - 14, 2013) The 25th annual Security in Government (SIG) conference is to be held from 12-14 August 2013 at the National Convention Centre in Canberra. Assistant Director for the National Security Resilience Policy Division in the Attorney General's Department, Robyn Devin said the SIG conference attracted protective security professionals from both the public and private sector.
A Cloud Computing Introduction for Manager (Columbia, Maryland, Sioux Falls, Aug 13, 2013) Cloud computing is becoming popular. More and more Technical Managers and Project Managers will be interacting with cloud computing, either developing clouds, using clouds, or selecting among cloud and non-cloud alternatives to accomplish their projects. This talk provides a brief and basic introduction to cloud computing, what managers need to know about cloud computing, what are some of the myths, and what they need to ask about cloud computing from service providers. The presentation will include selected questions specific to managers associated with government projects and security risks of cloud computing. This non-technical presentation will help managers understand cloud basics and how to ask better questions when a cloud becomes part of your project. Dr. Patrick Allen of Johns Hopkins University Applied Physics Lab will be the presenter.
Resilience Week 201 (San Francisco, California, USA, Aug 13 - 15, 2013) 2013 Resilience Week brings together colleagues across government, academia and industry to facilitate an exchange of ideas dedicated to promising research in resilient systems that will protect cyber-physical infrastructures from unexpected and malicious threats - securing our way of life. Four different symposia will be offered: Resilient Control Systems, Resilient Cyber Systems, Resilient Cognitive Systems, and Resilient Communication Systems. Keynotes will be provided by numerous leading subject matter experts - from agencies including: NSA, DARPA, Sandia National Laboratory, and Office of the Assistant Secretary of Defense for Research and Engineering.
Kirtland AFB/Sandia/DOE Cyber Security Seminar & IT Expo (Albuquerque, New Mexico, USA, Aug 15, 2013) This expo is designed to stimulate exchanges of information between industry partners and Kirtland AFB Information Management Officers', Information Technology personnel, Contracting Officers' as well as end-users, developers, scientists, researchers and project managers in the areas of cyber security and information technology.
National SCADA Conference (Melbourne, Victoria, Australia, Aug 15 - 16, 2013) The 12th Annual National SCADA Conference, Australia's largest and longest running SCADA conference, will bring together many of the luminaries of the Australian and International SCADA community to evaluate and find solutions for the increasing demands of the SCADA environment. The theme for 2013 will be delivering intelligence and improved performance to SCADA networks. The SCADA conference program will deliver fantastic first-hand knowledge from leading international and local SCADA experts with a great mix of burning SCADA issues, case studies, security and real world implementations together with practical advice. The networking opportunities provided coupled with the largest SCADA exhibition in the Southern Hemisphere ensure the National SCADA Conference is a must attend event for Australia's and New Zealand's SCADA Communit.
First International Conference on Cyber-Physical Systems, Networks, and Application (Taipei, Taiwan, Aug 19 - 20, 2013) CPSNA 2013 will focus on core challenges of cyber-physical systems. Given a tight integration of computation and the physical world, cyber-physical systems must compose robust systems, networks, and applications built upon predictable, analyzable, and certifiable models and abstractions. CPSNA 2013 will serve as a forum to discuss new ideas for such core challenges of cyber-physical systems.
SANS Thailand 201 (Bangkok, Thailand, Aug 19 - 31, 2013) SANS hands-on advanced Information Security training is coming to Thailand this August! SANS is bringing our Web App Penetration Testing course to the Crowne Plaza Bangkok Lumpini Park in Bangkok, Thailand.
2013 Cyber Security Division Transition to Practice (TTP) Technology Demonstration for Investors, Integrators, and IT Companies (I3) — West (San Jose, California, USA, Aug 22, 2013) This event will feature eight innovative cybersecurity technologies that have been developed at the Department of Energy National Laboratories and have the potential to strengthen and organization's cybersecurity posture. During this event cybersecurity professionals and technology investors from private industry will learn about these new technologies through presentations, demonstrations, and discussions with the research teams that produced these technologies. In addition, attendees will have an opportunity to schedule a private one-on-one discussion with the Researcher to discuss opportunities for commercializing the technologies and areas of interest to drive further cybersecurity research. Registration closes August 12.
Defense Logistics Agency Tech Expo (Fort Belvoir, Virginia, USA, Aug 20, 2013) Industry exhibitors are invited to showcase and discuss the latest information services and technology to the personnel at the McNamara HQ Complex.
Human Cyber Forensics Forum (Washington, DC, USA, Aug 21, 2013) This forum brings together subject matter experts to discover and share new means of recognizing the human indicators related to cyber intrusions, and the evolution of these human indicators in the coming decades.