The CyberWire Daily Briefing for 8.23.2013
The Syrian Electronic Army successfully redirects ShareThis.com's GoDaddy account to the SEA's own website. Independent hacktivists commit low-level vandalism in Israel, Malta, and Spain.
ESET reports finding DDoS functionality in popular Windows program Orbit Downloader.
Botnets continue to evolve to resist sinkholing and other legacy defenses.
The Tesla electronic roadster appears vulnerable to cyber attack.
Nasdaq halted trading for about three hours yesterday due to "technical" issues. There's no consensus about the cause of the problem (speculation ranges from a denial-of-service attack to software glitches to squirrels damaging lines—hey, it's happened) but this seems clear: the sheer speed of trading stresses financial systems (compare recent wire fraud exploits), and financial system integrity remains a challenge.
VMware patches a privilege-escalation vulnerability.
In industry news, companies seek to find scarce cyber talent through hack-a-thons. HP seems poised for acquisitions. Steve Ballmer announces plans to retire as Microsoft's CEO.
New Zealand enacts permissive domestic surveillance legislation. In the UK, the Independent scoops alleged GCHQ Middle Eastern surveillance base. It sources Snowden, but Snowden denies leaking and says HM Government is leaking on itself.
US President Obama casts (to mixed reviews) PRISM controversy as a failure to communicate, and sees his IC review panel as a step toward rectifying this. (Panelists include Michael Morrell, Richard Clarke, Cass Sunstein, and Peter Swire.) Government Executive sees a reprise of the 1970s' Church Commission.
Blawgers offer interesting takes on this week's declassified FISC opinions. Security gurus (slightly breathlessly) see leaker intimidation in the US and UK.
Today's issue includes events affecting Australia, European Union, Iran, Israel, Malta, New Zealand, Palestinian Territories, Poland, Russia, Spain, Syria, Turkey, United Kingdom, United States, and and Vietnam..
Cyber Attacks, Threats, and Vulnerabilities
Syrian Electronic Army Hacks ShareThis.com GoDaddy Account, redirects it to their official website (Hack Read) Two days ago on August 21, 2013, online content sharing site ShareThis.com reveals that its website has been facing some sort of "technical difficulties" which will be fixed soon. Today the company shares a follow-up Tweet saying that the problem has been fixed and service is up. What they didn't revealed that they had their GoDaddy domain account hacked by world renowned Syrian Electronic Army and as a
Syrian Electronic Army Cracks ShareThis.com GoDaddy Account (Cisco Blogs) ShareThis provides a mechanism for web surfers to share content online through a customizable widget. According to the information on their website, ShareThis interacts with "more than 94% of U.S. Internet users across more than 2 million publisher sites and 120+ social media channels." On the evening of August 21, 2013, ShareThis reported that their website was experiencing "technical difficulties". They posted a follow-up tweet this morning noting that the service was again functioning properly. What ShareThis did not disclose however, was that they had their GoDaddy domain account compromised by the Syrian Electronic Army
#OpIsrael: 250 Israeli websites hacked by Pakistani hacker H4x0r HuSsY (Hack Read) A Pakistani hacker going with the handle of H4x0r HuSsY from Pakistani Leets hacking group has hacked and defaced total 250 Israeli websites in a cyber attack conducted between 8th August to 14th August 2013. It seems that hacker got access to a server with multiple vulnerabilities, resulting in defaced the server and leaving his deface page along with a simple note of 'Hacked by H4x0r HuSsY'
Turkish Ajan Hacker Group Hits Pizza Hut (eSecurity Planet) Hacker Maxney of the Turkish Ajan Hacker Group recently defaced the official Web sites for Pizza Hut in Spain and Malta, and posted user data online
Popular download management program has hidden DDoS component, researchers say (CSO) Orbit Downloader's DDoS component is used to attack websites and can cause Internet connection problems for users. Recent versions of Orbit Downloader, a popular Windows program for downloading embedded media content and other types of files from websites, turns computers into bots and uses them to launch distributed denial-of-service (DDoS) attacks, according to security researchers
Hacker reported vulnerability in Kaspersky website; Demonstrated malware spreading technique (Hacker News) The cyber security analyst Ebrahim Hegazy, consultant at Q-CERT, has found an "Unvalidated Redirection Vulnerability" in the website of the giant security solutions vendor "Kaspersky"
ZeroAccess developers continue to innovate (Help Net Security) A while ago a group of researchers has analyzed and tested the resilience of P2P botnets, and has discovered that while Zeus and Sality botnets are highly resilient to sinkholing attacks, Kelihos and
Delta Airlines fake email ticket confirmation contains ZBot trojan (MX Lab) MX Lab started to intercept a new trojan distribution campaign by email with the subject "Order#62910621 – PROCESSED" (note that number will vary with each email) that confirms a ticket from Delta Airlines
Cyber security iffy for travelers overseas (WDAM) When Edward Snowden dropped his bombshell revelations about the U.S. government's surveillance program, his story took an ironic turn: he fled to China and Russia, nations long known for spying on foreign visitors
San Francisco State University Admits Security Breach (eSecurity Planet) On August 12, 2013, the College of Extended Learning at San Francisco State University, began notifying an undisclosed number of students of a server breach that occurred on March 25, 2013 at 3am. The college had been alerted to the breach by federal law enforcement on June 11, 2013
Newly Discovered Flaw May Open The Tesla Model S To Potential Attack From Hackers (Forbes) There is an interesting post over at the O'Reilly Broadcast website from George Reese, a Senior Distinguished Engineer and Executive Director of Cloud Computing at Dell DELL -0.07%. He outlines some potentially serious flaws found in the Telsa Model S car's API or application programming interface. Essentially the exploit may allow remote users to trigger actions in the car. "Once logged in, you can go to [a Tesla site], for example, and see all cars that the logged in user has registered with Tesla," says Reese
Spear–Phishing E–mail with Missing Children Theme (US-CERT) The FBI is aware of a spear-phishing e-mail appearing as if it were sent from the National Center for Missing and Exploited Children. The subject of the e-mail is "Search for Missing Children," and a zip file containing 3 malicious files is attached. E-mail recipients should always treat links and attachments in unsolicited or unexpected e-mail with caution
Bypassing Premium LinkedIn Restriction with Google (Rootshell) Social networks are wonderful sources of information when you need to collect data about a potential target. That's the way humans work, just like you and me: we like to share, we like to show what we do, where we travel. In short…we exist
Nasdaq suffers another "glitch," trading halted (FierceFinance) Systems integrity is a problem with no real solution in sight. The SEC will not be able to ignore this much longer. Coming on the heels of a surprising---and potentially costly---errant trade incident involving Goldman Sachs' options orders, the Nasdaq has been forced to halt all stock trading, forcing other exchanges to halt trading in Nasdaq stocks as well and even cancel orders. The Nasdaq options operation has been affected as well; it has started recommending that broker-dealers route their orders elsewhere
Nasdaq CEO: 'Deeply disappointed' by trade glitch (MarketWatch) Nasdaq OMX Group Inc. NDAQ -0.46% Chief Executive Robert Greifeld on Friday said the exchange was "deeply disappointed with what happened yesterday" when trading was shut down for more than three hours
NASDAQ stock exchange paralysed today — could it have been the work of hackers? (Naked Security) So, was this a technical glitch, or were hackers somehow responsible for disrupting the world's largest electronic stock market? Because stock exchanges have been targeted by cybercriminals in the past
Were hackers behind NASDAQ chaos? Experts say technical difficulties that shut market resemble 'denial of service attack' (Daily Mail) Officials say the Nasdaq stock exchange outage on Thursday was likely due to a technical difficulty, though some experts say the incident resembles recent cyber attacks against U.S. banks and other financial institutions. 'My first thought is that it is a denial-of-service attack, but I'm not sure,' Gartner banking security analyst Avivah Litan told USA Today. 'It's a very attractive target. It's very visible, and that's what these Iranian state attacks are all about, making a political statement by disrupting a visible website'
We're not saying it's squirrels, just that squirrels have taken down the Nasdaq before (Quartz) At last glance, the iconic electronic stock market known as the Nasdaq remains dead as a doornail. The exchange has attributed the outage to an unexplained "issue." So at this point, we're forced to ask the unthinkable: Is it squirrels again
How to avoid another Nasdaq meltdown: Slow down trading (Quartz) Whatever the exact trigger that brought Nasdaq down today, it is likely that a contributing cause is the huge increase in lightning-fast high-frequency computer trading in recent years. Nathaniel Popper wrote in the New York Times in October 2012 that the profits from high-frequency-trading have started to fall because the volume of stock-trading has fallen in the wake of the Great Recession, but that "Many market experts have argued that the technical glitches that have recently hit the market have been a result of a broader trend of the market splintering into dozens of automated trading services and a lack of human oversight." High-frequency trading has been controversial because of the idea that it takes advantage of slower human investors. Back in 2009, the New York Times's Charles Duhigg detailed an insider account of one case of computers besting humans
Deep cyberattacks cause millions in losses for U.S. banks (ComputerWorld) Hackers used DDoS attacks prior to attacking wire payment applications
Hackers for hire: Ex-Soviet tech geeks play outsized role in global cyber crime (NBC News) If you want to hack a phone, order a cyber attack on a competitor's website or buy a Trojan program to steal banking information, look no further than the former Soviet Union
Poland Takeover Domain Silver, Inc .pl domains to fight botnets (CyberWarZone) CertPolska published an updated detailed technical report with new statistics were made from 20 different botnets sinkholed by its servers
Security Patches, Mitigations, and Software Updates
Xerox issues security patch to fix faulty scanners (V3) Print giant Xerox has started releasing patches for its machines to fix a fault that meant its scanners would sometimes reproduce incorrect numbers on documents
Google, Mozilla, considering limiting certificate validity to 60 months (Threatpost) In the wake of a parade of problems with certificate authorities and attackers using stolen digital certificates, both Google and Mozilla are poised to enforce new rules in their browsers for how long end-entity certificates should be trusted
VMware Patches Root Privilege-Escalation Flaw (Threatpost) VMware has fixed a privilege-escalation flaw in two of its major products that could allow a local attacker to gain root privileges on a vulnerable machine. The bug affects VMware Workstation and Player on certain Linux platforms. The vulnerability, which VMware patched on Thursday, does not enable an attacker to jump from the host operating
Go free chat! Disruptive services outrun Big Brother (InfoWorld) When autocrats try to control a new communications medium, you know that medium is good for society
Protecting one's data in the cloud, post Snowden (SC Magazine) A recent Cloud Security Alliance survey gives an early indication to this. About half of the survey's non-U.S. respondents say they are going to move away from
Business booms for cloud encryption provider after PRISM revelations (Australian Techworld) A survey conducted by the Cloud Security Alliance (CSA) found that 10 per cent of 207 officials at non-US companies cancelled contracts with US-based cloud
NZ segment of Cloud Security Alliance calls for transparency, securty (Computerworld Australia) Based on the Cloud Security Alliance survey, the Information Technology and Innovation Foundation estimates the short-term costs to US cloud providers of the
A bridge too far: Assessing the current state of application security (TechRepublic) A recent report finds that applying security procedures to application development is severely lacking in many organizations. There are some things in life that come as no surprise-New York Yankee Alex Rodriguez being a cheater, Katy Perry breakups, and application security remaining in a dismal state. Recently, Ed Adams, CEO of Security Innovation, and renowned researcher, Larry Ponemon, teamed up to produce "The State of Application Security" report, which identifies the largest areas of concern within the application security realm. This report is fairly representative of application security throughout all industries (not just tech companies) so it very useful for those in varying verticals
Talent Shortage In Security Tackled With Hackathons (Forbes) Wireless networks, remote controlled flying drones, revolutionary educational cheap PCs and 25 hackers. This is the story of a weekend hackathon, but first let me tell you why you should care. Technology has become a supporting pillar of the economy and our every day lives
HP Is Back In The Acquisition Game For Targets Between $100M And $1.5B After Cutting Net Debt (TechCrunch) Yesterday HP reported mildly disappointing earnings, and after an earnings call that was more a request for patience than a rallying call, investors sent the company's shares down heavily. HP is trading more than 12 percent down today
Software AG acquires intelligence firm JackBe, launches real-time analytics platform (ZDNet) With the purchase, the enterprise software company continues its push into big-data analytics
CounterTack Partners With South Korean Providers For APT Defense (Dark Reading) CounterTack's endpoint protection platform, Sentinel, will play a critical role in countering the ongoing cyberattacks that threaten organizations in South Korea
The Pentagon As Silicon Valley's Incubator (New York Times) For years, the Pentagon has knocked on Silicon Valleys door in search of programmers to work on its spying technologies. But these days, its the Pentagon that is being scouted for expertise. Entrepreneurs and venture capitalists are finding it valuable to have an insiders perspective on the national security apparatus when trying to find or prevent computer vulnerabilities or mine large troves of data
Say No to Digital Rights Management and Intellectual Property Rights? (Infosecurity Magazine) Steve Mathews explores DRM options in a world where completely preventing the copying and distribution files is nearly impossible. The French have a saying that there are always two possibilities. So we all despise digital rights management (DRM) - the great evil of modern times. But at the same time industry tells us that something must be done to stop the theft of intellectual property (IP) that is causing enormous economic harm
Steve Ballmer To Retire As Microsoft CEO Within 12 Months (TechCrunch) In a surprising move today, Microsoft just announced that long-time CEO Steve Ballmer will retire in the coming 12 months. He will stay at the helm of the company until the board finds a new CEO. "There is never a perfect time for this type of transition, but now is the right time," Ballmer said in the company's press release. "We have embarked on a new strategy with a new
Canada to BlackBerry: Drop dead (but please, don't) (ZDNet) Despite the mobile technology company's ongoing struggles, the Canadian government won't step in to lend a hand
PRISM And Cyber Spying: The Harsh Reality Of Being A European Company (Business Computing World) Over recent years, cyber attacks, cyber terrorism and cyber espionage have become more prevalent in the public consciousness. The British Government's focus on cyber security has helped drive the issue up the corporate agenda and has brought attention to a phenomenon which is costing the UK an estimated £27 billion a year. As if to make certain that consumers and businesses alike paid attention to online security, Edward Snowden then leaked details of PRISM in early June
Products, Services, and Solutions
NCP engineering adds elliptic curve cryptography to products (Help Net Security) NCP engineering released new versions of its Windows-compatible IPsec VPN client suite and hybrid IPsec / SSL VPN gateway. NCP's VPN client suite and gateway now come equipped with support for
SwiftKey Cloud: Backup and sync your writing style (Help Net Security) SwiftKey launched SwiftKey Cloud services as a free update to existing users. It gives users of the app the ability to seamlessly backup and sync their personal writing style across multiple devices
Secure enterprise file sharing from SolarWinds (Help Net Security) SolarWinds announced new secure file sharing capabilities to its managed file transfer solution, SolarWinds Serv-U Managed File Transfer (MFT) Server. Serv-U MFT Server provides secure file transfer
Disaster recovery for public, private and hybrid clouds (Help Net Security) Zerto announced Zerto Virtual Replication (ZVR) 3.0, a disaster recovery solution built for public, private and hybrid clouds. It includes new functionality for effective disaster recovery
TalkTalk offers child filter on Android mobiles (ITProPortal) TalkTalk is now offering child safety filters to its mobile customers. The ISP's MobileSafe app is free for TalkTalk mobile customers, but only works on Android devices, reports PC Pro
Technologies, Techniques, and Standards
NSA Offers Tips for Hardening Macs — But There's a Catch (Intego) There is a document floating around with tips written by the NSA for making Macs more secure, which is being met with equal amounts of head-scratching and approval. First of all, and here's the catch, it only contains tips for hardening Mac OS X 10.5 (Leopard), which begs the question: How concerned about security are people running a 6 year old version of the OS? If for some reason you are compelled to run an antiquated operating system, it certainly couldn't hurt to use these tips to tighten your system up a bit. Beyond that, it brings up some salient points that can be summed up with general rules
From Unpacking to Communication Analysis (InfoSec Institute) Malwares are usually packed with custom packers, which make static and dynamic analysis difficult. Some of the static analysis tools do not work on packed samples because packed is not in its real form, also its defeats anti-virus programs which work based on the kind of static signature detection. Packers usually compress or encrypt and when in runtime they are decrypted to the control flow that is being transferred to the original entry point
How to Get Ahead in Risk Management (SecurityWeek) Risk management is easy enough to say, but pretty tricky to get right in practice. Some organizations are asked to do it by concerned board members looking for reassurance in an increasingly scary online world. Other organizations are forced to do it – notably Federal agencies responsible to build Continuous Monitoring programs according to the Risk Management Framework laid out by NIST. Others do it because they see it as the right thing to do – in a world where the security budget is never more than a few percent of what it would take to build out everything we could do, there's an ever-present need to spend the few chips we get as wisely as we can, and Risk Management is as good a name as any for "I can't do it all, so what is most important?
Good advice: Bad code happens, so be prepared (InfoWorld) Developer of Storm computation system offers words of wisdom and experience on dealing with imperfections in code
Read of the Week: A Fuzzy Future in Malware Research (Internet Storm Center) The August 2013 ISSA Journal includes an excellent read from Ken Dunham: A Fuzzy Future in Malware Research. Ken is a SANS veteran (GCFA Gold, GREM Gold, GCIH Gold, GSEC, GCIA) who spends a good bit of his time researching, writing and presenting on malware-related topics
SSL/TLS: What's Under the Hood (SANS Institute Infosec Reading Room) uses SSL/TLS for encryption. Did you ever wonder what that authentication exchange looks like in plaintext? What if you are troubleshooting your HTTPS enabled web application and need to dig deeper down in the OSI model than Firebug or other web developer tools will allow? This paper demonstrates how to easily decrypt and dissect a captured web session without either a proxy middleman or possession of the server
How Can Social Engineering Training Work Effectively? (TrendLabs Security Intelligence Blog) One particular aspect of DEF CON that always gets some media coverage is the Social Engineering Capture the Flag (SECTF) contest, where participants use nothing more than a phone call to get victims at various Fortune 500 to give up bits of information. These are the sort of social engineering attacks that give security professionals at large enterprises nightmares
Laptop breach helped Beth Israel's security during Boston Marathon bombing (FierceHealthIT) In one sense, a stolen laptop that cost Beth Israel Deaconess Medical Center more than $500,000 in lawyers and crisis experts paid off in helping the hospital deal with security issues in the aftermath of the Boston Marathon bombing in April. Following the breach, which occurred in May 2012, the hospital brought in consulting firm Deloitte to help evaluate its privacy practices, an audit that CIO John Halamka described as a "public colonoscopy"--evaluating every aspect of how hospital employees use computers, according to an article published this week in Fast Company
Design and Innovation
Bunkr Is The PowerPoint Killer We've All Been Waiting For (TechCrunch) French startup Bunkr is focused on one simple task: killing PowerPoint. To achieve this goal, the company's well-designed web app will help you collect visual content and organize it into slides. The result is a very visual HTML5 presentation that works on your computer, phone or tablet. You can export your work in PDF or PPT as well. "We realized that we spent a lot of time putting
Zuckerberg wants everyone's data (FierceBigData) Facebook founder Mark Zuckerberg and six of his friends--Ericsson, MediaTek, Nokia, Opera, Qualcomm and Samsung--are off on a venture to connect the remaining five billion people on the planet to the Internet. Zuck thinks of this as a do-gooder mission and has dubbed the campaign Internet.org. While making the Internet accessible to the nearly two-thirds of the human population currently unconnected is a worthy cause, many suspect there is another agenda at play as well
Research and Development
Boffins use HOT maths MODELS to predict spam of the future (The Register) Experts build spam filters using game theory. Australian computer boffins reckon game theory can be applied to build better spam filters. The new spam classifier, developed by Professor Sanjay Chawla, Fei Wang and Wei Liu of the University of Sydney, outsmarts would-be spammers by predicting the likely pattern of future spam runs by learning from past attacks
New technology protects against password theft and phishing attacks (ECN) New technology launched today by Royal Holloway University, will help protect people from the cyber attack known as "phishing," believed to have affected 37.3 million of us last year, and from online password theft, which rose by 300% during 2012-13
Researchers remind us that blocking notorious sites doesn't really work (Ars Technica) Banning the Pirate Bay in the Netherlands has accomplished little. For four years now, most Dutch Internet users have had zero legal access to The Pirate Bay. (Other countries have since followed the Dutch example.) According to a new "working paper," researchers have confirmed what most ISPs and Internet users figured out a long time ago: such bans are pretty pointless
Big data predictions 'fooled by randomness and subject to TMI (FierceBigData) Most big data predictions should come with the same warning label that is applied to an investment prospectus: past returns are not indicative of future results. Andre Mouton has written an excellent post in Minyanville, building on the theories put forth in Nassim Nicholas Taleb's book "Fooled by Randomness," on the follies of predicting the future based on past events and without regard for randomness and outright falsehoods in user-entered data
One Leader at a Time: The Failure to Educate Future Leaders for an Age of Persistent Cyber Threat (Pel Center for International Relations and Public Policy) …The threat is widely recognized by experts and acknowledged by non-experts as well. The needs of government and the private sector have driven academic and technical institutions to introduce new majors and courses in computer science, programming, and information assurance. Most of the cybersecurity related courses and certification programs offered, however, were created for professionals in the information technology (IT) field who want to develop a cybersecurity expertise. Many of these programs are therefore not introductory, and an existing IT skill set is usually required to be admitted
Norwich University gets contract for cyber war game (WCAX) Vermont's Norwich University is getting $9.9 million from the U.S. Department of Homeland Security to continue working on a cyber-warfare gaming system
Legislation, Policy, and Regulation
New Zealand narrowly passes domestic spying legislation (Naked Security) New Zealand has passed new spying laws which allow its main intelligence agency to snoop on domestic citizens and residents
Exclusive: UK's secret Mid-East internet surveillance base is revealed in Edward Snowden leaks (The Independent) Britain runs a secret internet-monitoring station in the Middle East to intercept and process vast quantities of emails, telephone calls and web traffic on behalf of Western intelligence agencies, The Independent has learnt
Snowden: UK government now leaking documents about itself (The Guardian) The NSA whistleblower says: 'I have never spoken with, worked with, or provided any journalistic materials to the Independent'
Uncanny Echoes of the NSA Debate From the 1970s (Governemnt Executive) In June of 1975, the investigations into the CIA that would eventually be summarized in the Church Committee reports were already underway, spurred in large part by the shocking claims made in Seymour Hersh's journalism. But the public did not yet know the extent of CIA misdeeds. Many Americans were curious and suspicious. But confirmed facts were hard to come by, and some people thought that they shouldn't come out at all, as the New York Times reported
Obama 'Confident' Spying Programs Not Being Abused (SecurityWeek) US President Barack Obama said Friday he is "confident" that vast surveillance programs are not being abused but admitted that Americans have "legitimate" concerns. "We do have to do a better job of giving people confidence in how these programs work," Obama told CNN in an interview
Former U.S. Officials To Assess Surveillance Policy (Washington Post) The board members will include former CIA deputy director Michael Morell, onetime economic policy adviser Peter Swire, Obamas former regulatory czar Cass Sunstein, and Richard A. Clarke, a National Security Council staff member in previous Republican and Democratic administrations, according to a U.S. official familiar with the selections
Obama Keeps Promise By Appointing A Privacy Hawk To NSA Review Panel (TechCrunch) So far, Obama is keeping his promise to create a truly independent review board over national surveillance policy. Today, ABC reports that privacy hawk and Center for American Progress fellow, Peter Swire, will join a small group of government insiders to draft a public report on the National Security Agency's civil liberties record. The review panel was announced along with several proposed
Not Exactly an "Outside" Committee to Review NSA Surveillance Programs (VOlokh Conspiracy) According to ABC News, the panel of "outside experts" picked by the Obama Administration to review the NSA surveillance programs consists of the following: Michael Morrell, Richard Clarke, Cass Sunstein, Peter Swire. Assuming that's the whole group, it's not exactly a list of "outside" experts. Morrell retired just two weeks ago from the CIA, where he was Deputy Director and Acting Director. Sunstein served in the Obama Administration as head of OIRA, leaving the Administration one year ago. Swire served as a Special Assistant to President Obama for the first two years of the first Obama Term. To be fair, Richard Clarke's government experience predates the Obama Administration; he endorsed Obama for his excellent judgment on national security issues, but Clarke did not actually work for him. But in my experience working on some similar issues as he did in the government, Clarke had a reputation for seeing everything as an extraordinarily grave national security threat. I would think Clarke is likely to bring in a pro-government perspective on the issues here
Obama's "outside experts" surveillance review panel has deep ties to gov't (Ars Technica) PEarlier this month, the Obama Administration said it was convening a "high level group of outside experts" to review intelligence operations and conduct a meaningful review on the American surveillance infrastructure…According to ABC News, the group consists of four names: Michael Morrell, Richard Clarke, Peter Swire, and Cass Sunstein
Corker Asks Obama for NSA Briefings (Roll Call) Sen. Bob Corker, R-Tenn., sent a letter to President Barack Obama on Wednesday demanding a briefing from administration officials on the National Security Agency's domestic surveillance programs. Corker, the top Republican on the Senate Foreign Relations Committee, set a Sept. 13 deadline for the briefing, in the wake of reports that the scope of the NSA's surveillance of American citizens has been much wider than previously believed
NSA fear raises concerns over DHS facial recognition technology (CSO) Without civil rights protection built in, DHS may not be able to avoid the privacy violations of the NSA, advocates say
Litigation, Investigation, and Law Enforcement
Don't let paranoia over the NSA and TPM weaken your security (ZDNet) Conspiracy theorists are screaming that the NSA and Microsoft are in cahoots to insert a backdoor into all your hardware. The conspiracy is so vast, in fact, that they've even managed to snag Microsoft's most bitter rival. The unintended by-product of Edward Snowden's NSA document dump is a bull market in paranoid conspiracy theories
NSA Responds To Criticism Over Surveillance Programs (Dark Reading) NSA says it only touches about one percent of online communications in the U.S. The NSA has hit back after mounting criticism about its ability to intercept Web communications domestically, claiming that reports of its capabilities are "inaccurate and misleading"
NSA 'technology glitch' violated US Constitution, nabbed 56,000 emails per year from non–terrorists (Naked Security) Court opinions declassified and released yesterday by James Clapper, the US Director of National Intelligence, have revealed how the National Security Agency (NSA) collected tens of thousand of emails from American citizens who had no known terrorism links
The Overcollection Problem Identified in the 2011 FISC Opinion (Volokh Conspiracy) The FISC's newly-declassified 2011 Opinion on the NSA's implementation of Section 702 surveillance is both dense and fascinating. In this post, I thought I would just bring readers up to speed on the basic factual problem identified in the opinion (at least to the extent I can understand it). In later posts, I'll consider the legal implications of those facts, both as Judge Bates interpreted them and as I see them
A by–the–numbers glimpse into the national–security crapstorm (Las Vegas Review) At last week's Black Hat security conference in Las Vegas, NSA chief Keith Alexander defended the agency's information-harvesting practices (while enduring mild heckling). Meanwhile, on sidewalks in Henderson, neon chalk warnings insisted that the NSA is watching us. A sweep of related news provided some spicy number soup
Why the British government forced the Guardian to destroy its hard drives (Quartz) One Saturday in July, British intelligence officers watched as two Guardian employees used grinders to destroy hard drives and memory chips that held documents from the US and UK spying programs revealed by Edward Snowden. It was their only choice, the Guardian later wrote, other than to surrender the equipment to officials
The Real, Terrifying Reason Why British Authorities Detained David Miranda (The Atlantic) The scariest explanation of all? That the NSA and GCHQ are just showing they don't want to be messed with
New tactics emerge in fight for Manning's freedom (Anchorage Daily News) Army Pfc. Bradley Manning wears handcuffs as he is escorted into a courthouse in Fort Meade, Md., Wednesday, Aug. 21, 2013, before a sentencing hearing in
For a complete running list of events, please visit the Event Tracker.
SANS Thailand 201 (Bangkok, Thailand, Aug 19 - 31, 2013) SANS hands-on advanced Information Security training is coming to Thailand this August! SANS is bringing our Web App Penetration Testing course to the Crowne Plaza Bangkok Lumpini Park in Bangkok, Thailand.
TechCrunch Disrupt San Francisco (San Francisco, California, Sep 7 - 11, 2013) For the fourth year in a row, TechCrunch Disrupt will take over the San Francisco Design Center Concourse, and we're bringing the hottest startups and best minds in the industry with us. Block off September 7-11 on your calendar, because you're not going to want to miss Disrupt SF 2013. The Hackathon kicks everything off, followed by our main event, which starts every morning with panels of special speakers and guests, one-on-one chats featuring TechCrunch writers and editors, special guest speakers and judges, leading venture capitalists and fascinating entrepreneurs addressing the most important topics facing today's tech landscape. In the afternoons, the Startup Battlefield presentations begin, with the final presentations held on the last day of Disrupt.
SANS CyberCon Fall 2013 (Online, Sep 9 - 14, 2013) With sequestration still in place, organizations are finding themselves with training budgets, but drastically reduced travel budgets. This one-of-a-kind online training event brings SANS' top instructors teaching SANS' top courses to those who can't travel.
15th Annual AT&T Cyber Security Conference (New York, New York, USA, Sep 10, 2013) The AT&T Cyber Security Conference is an annual day-long conference offered by the AT&T Chief Security Office. Combining the expertise of its security experts, the scale and reliability of its global IP network and the innovation of AT&T Labs, AT&T is giving businesses some of the most powerful weapons available today in their battle against cyber security attacks. The conference showcases AT&T's leadership in helping businesses, large and small, manage the increasingly complex and critically important security of their IT networks and assets.
International Common Criteria Conference (Orlando, Florida, USA, Sep 10 - 11, 2013) FBC invites you to participate in the International Common Criteria Conference (ICCC) taking place in Orlando, Florida. This is the first time since 2000 that the ICCC is taking place in the U.S. The ICCC has become the main marketing and meeting opportunity for all those involved in the specification, development, evaluation, and validation or certification of IT security.
GrrCon (Grand Rapids, Michigan, USA, Sep 12 - 13, 2013) Says IT World, "Another hacker conference, this time in Michigan. The schedule looks to be bawdy, brash and anything but dull, with hackers promising to "pwn" you before you leave town. There are also sessions on penetration testing tools and mobile hacking methods."
cybergamut Technical Tuesday: Malware Analysis for the Masses (Columbia, Maryland, USA, Sep 17, 2013) With malware becoming more prevalent, and the pool of capable reversers falling short of overall need, there is a greater need to provide quick and efficient malware analysis for network defense. With modern technology and tools, it's now possible for junior security analysts to gather detailed malware indicators to craft defense and alert signatures. More enticing, all of this can be done with free tools and applications, some written by this presenter.
Shaping the Future of Cybersecurity Education Workshop (Gaithersburg, Maryland, USA, Sep 17 - 19, 2013) The third annual Shaping the Future of Cybersecurity Education Workshop will be held at the National Institute of Standards and Technology (NIST) in Gaithersburg, MD and focus on "Navigating the National Cybersecurity Education Interstate Highway".
NovaSec! (McLean, Virginia, USA, Jun 13, 2013) NovaSec! is Northern Virginia's largest Cybersecurity and physical security networking event of the year. We are bringing together security professionals from commercial and government organizations with members of local Northern Virginia businesses and associations to allow participants to meet, interact on key issues and provide a unified forum to network with likeminded individual.
Strange Loop (, Jan 1, 1970) Meet us in St. Louis, Sept 18-20th, 2013, to make connections with the creators and users of the languages, libraries, tools, and techniques at the forefront of the industry. Find out where we're going…and where we're not. Topics include emerging languages, concurrent and distributed systems, new database technologies, front-end web, and mobile.
ISSA Cyber Security Forum at Ft Belvoir (Fort Belvoir, Virginia, USA, Sep 19, 2013) This event will allow personnel from Fort Belvoir the chance to learn about the latest cyber security trends, network with peers, discuss Army best practices and to view and demo some of the latest cyber security and information technology products/services available today. This is an excellent opportunity for exhibitors to network with key decision makers, cyber, technology, communications and contracting personnel from various commands and tenant units at Fort Belvoir.
CISO Executive Summit (Atlanta, Georgia, USA, Sep 19 - 20, 2013) Be on the forefront of a new global initiative where today's world-class leaders in information security will gather to navigate through international waters. Join these leaders as they follow the wind of change that is sweeping through the IS community motivating today's information guardians to develop a new way of thinking to ensure success in protecting their respective organizations. (At Hacker Halted USA.)
2013 Cyber Security Summit (New York, New York, USA, Sep 25, 2013) The 2013 Cyber Security Summit connects executives responsible for protecting their company's critical infrastructure with innovative product, service and solution providers. The one day event, to be held September 25th at the Hilton in New York City, will showcase the latest tools and resources available to defend against cyber crime on both corporate and government levels. Keynote addresses and interactive panel discussions lead by notable security experts will highlight strategic priorities, risk factors, threats and provide inspirational guidance to prepare and protect from attacks.