The CyberWire Daily Briefing for 9.5.2013
Authorization for punitive strikes against the Syrian government proceeds slowly through the US Congress, and France's line, while hard, isn't unilateral. Cyber operations will figure prominently in any punishment of the Assad regime, as they figure prominently in the regime's defense: offensive cyber operations seem increasingly overt.
Widespread hacktivism, patriotic cyber-rioting, and deniable but state-controlled hacking invert the old progressive bumper-sticker: their participants think locally, but act globally. This represents a trend with which businesses must henceforth cope.
Last week's spike in Tor usage now appears (as suspected) to be botnet-driven, but interest in anonymizing products and services remains high, as shown by offerings and R&D. Noteworthy are Toshiba's announcement of a quantum cryptography breakthrough, and the ambitions of Estonian crypto startup Guardtime.
Government interception of Internet communications is a global phenomenon, and one needn't consult Wikileaks to know that industry plays a large role in providing this capability. (Still, if you're interested, Wikileaks has released industry-focused files—FinFisher features prominently.)
Several cybercrime exploits are active, including an aggressive social engineering campaign against French-based multinationals, the Obad.a Trojan (which exploits mobile botnets in novel ways), and Hesperbot (a banking Trojan with Zeus-like functionality, but representing a new malware family).
Banks worry about man-in-the-browser attacks. Banks and brokerages indeed have cause for concern over cybercrime, since it appears that they tend to bear its costs.
BlackBerry beefs up enterprise-security credentials as it prepares to sell itself by November.
The US Justice Department will release many FISC documents by next Tuesday.
Notes.
Today's issue includes events affecting Australia, Azerbaijan, China, Czech Republic, Estonia, France, Germany, Iceland, Portugal, Russia, Syria, Taiwan, Thailand, Turkey, United Kingdom, United States, and and Yemen..
Cyber Attacks, Threats, and Vulnerabilities
The other Syria debate: cyber weapons (FCW) In the Pentagon, at Fort Meade and in D.C. think tanks, a discussion is unfolding over the use of cyber weapons against Syria, including the merits, the likelihood
You've Been Hacked by the Syrian Electronic Army (ABC News) "The most important thing to remember is that we can find that no one has ever died from a cyber attack, ever." Healey added, "I think the American public, when
US likely to wage cyber attacks against Syria (The Hill) The United States is likely to make cyberattacks part of any military action against Syria, experts say. "I think that's a certainty," said Jim Lewis, a senior fellow
ThreatVlog, Episode 3: NYT, Twitter, and HuffPost hacked by Syrian Electronic Army (Webroot Threat Blog) In this episode of ThreatVlog, Grayson Milbourne covers the information behind the Syrian Electronic Army's hacking of New York Times, Twitter, and Huffington Post. Grayson includes a breakdown of the hack as well as information on how to keep your own websites protected form this malicious behavior
World's Trouble Spots Escalating Into Cyberthreats For Businesses (Dark Reading) As regional troubles spill over to the digital world, companies should reinforce their defenses and demand their suppliers do the same, experts say. In the past, companies could avoid the world's trouble spots, pulling out of war-torn countries and unstable regions to avoid conflict. Yet, as the world's citizens become more savvy online, local unrest is quickly transforming into global threats that companies cannot easily evade. The Syrian Electronic Army's recent attacks against media firms' domain-name infrastructure is only the latest example of the escalation of local conflicts to the global digital stage. Over the last year, distributed denial-of-service attacks by the Iranian cyber militia known as the Izz ad-Din al-Qassam Cyber Fighters has cost U.S. and European banks millions of dollars. And, attacks by hackers aligned with North Korea's interests have hit both South Korean and U.S. servers
Beligum — Hacking attack on ManpowerGroup website (Staffing Industry Analysts (registration)) The Belgian site of the temporary employment company ManpowerGroup was temporarily the victim of a cyber-attack according to Nieuwsblad.de. Hackers
Aggressive social engineering campaign uncovered in Europe (CSO) Recent attacks on multiple French-based firms have exposed an aggressive social engineering campaign that has resulted in large amounts of stolen money
French automobile Citroën breached, 500+ user login details leaked by Phenomenal Crew (Hack Read) A hacker going with the handle of 'Keo' from Phenomenal Crew claims to breach into the official website of French based automobile manufacture company 'Citroën', leaking login details of site admins and 500+ users online
Anonymous leaks information on leading Azerbaijan energy company (SC Magazine) A group claiming to be an Armenian branch of hacker collective Anonymous has leaked 7 GB worth of documents relating to Azerenergy, the leading energy producer in the Eurasian country of Azerbaijan
Large botnet cause of recent Tor network overload (FoxIT) Recently, Roger Dingledine described a sudden increase in Tor users on the Tor Talk mailinglist. To date there has been a large amount of speculation as to why this may have happened. A large number of articles seem to suggest this to be the result of the recent global espionage events, the evasion of the Pirate Bay blockades using the PirateBrowser or the Syrian civil war. At the time of writing, the amount of Tor clients actually appears to have more than quintupled already. The graph shows no signs of a decline in growth, as seen below
Obad.a Trojan now being distributed via mobile botnets (SecureList) In late May we reported on the details of Backdoor.AndroidOS.Obad.a, the most sophisticated mobile Trojan to date. At the time we had almost no information about how this piece of malware gets onto mobile devices. We have since been examining how the Trojan is distributed and discovered that the malware owners have developed a technique which we have never encountered before. For the first time malware is being distributed using botnets that were created using completely different mobile malware
New advanced banking Trojan in the wild (Help Net Security) ESET malware researchers have uncovered a new and effective banking Trojan which targets online banking users in Europe and Asia. Using very credible-looking spreading campaigns related to trustworthy organizations it lures victims to actually run the malware. Several victims have already been robbed of financial assets because of this newly-revealed threat
NjwØrm: A RAT With Legs and a Thirst for No–IP Credentials (Threatpost) The njwØrm, an offshoot of njRAT, is espionage malware like its forerunner, but also has the ability to spread via removable storage devices, as well as steal No-IP credentials
Public Exploit Available for Patched Safari Bug (Threatpost) Packet Storm made public today a proof-of-concept exploiting a known and patched heap buffer overflow vulnerability in Apple's Safari browser
Man In The Browser attacks scare banking world (Security Affairs) The majority of financial service professionals considers Man In The Browser as the greatest threat to online banking, cybercrime increases its use. Man In The Browser attack, DDoS attacks, phishing are most insidious cyber threats against banking institutions. Last statistics proposed by principal security firms confirm that online banking is considered a lucrative business for cybercrime
Watering hole attacks: Tracking services leave companies vulnerable (SC Magazine) Targeted attacks against the enterprise represent an ongoing threat in today's computing environment, but the methods that attackers are using continue to evolve in terms of sophistication and sheer cleverness. One of the newer methods is how attackers are identifying high probability entry points to get into a targeted organization and deliver a malicious payload that enables command-and-control
Leaked GTA V Torrents Loaded With Sneaky, Costly Malware (PC Magazine) According to Bitdefender, what downloaders are actually getting is a nasty malware scam. During installation, you're asked to fill out a survey in order to receive
Styx-like Cool Exploit Kit: How It Works (TrendLabs Security Intelligence Blog) While the Blackhole Exploit Kit is the most well-known of the exploit kits that affect users, other exploit kits are also well known in the Russian underground. In this post, we will look at how these other kits work, and its differences from other exploit kits. One well-known Blackhole alternative is the Styx Exploit Kit. Websites hosting the Styx Exploit Kit generally use dynamic DNS services together with very long random alphanumeric strings to form their URLs. Here is an example of a typical Styx exploit URL
WikiLeaks Publishes Spy Files #3 (Infosecurity Magazine) WikiLeaks has published its latest tranche of files, which it calls Spy Files #3, on the global covert surveillance industry: 249 documents from 92 intelligence contractors. The purpose is to shine "a light on the secretive mass surveillance industry."
Energy Dept. Breach: Let's Get Back To Basics (InformationWeek) What can lack of internal cooperation and insufficient IT resources add up to create? Unpatched servers. What does the recent Department of Energy data breach teach us? Based on the details InformationWeek has pieced together so far, it appears it's an old lesson: lack of internal cooperation, a lax IT security policy and insufficient resources
Whatever Happened to Facebook Likejacking? (F-Secure) Back in 2010, Facebook likejacking (a social engineering technique of tricking people into posting a Facebook status update) was a trending problem. So, whatever happened to likejacking scams and spam? Well, Facebook beefed-up its security -- and the trend significantly declined, at least when compared to peak 2010 numbers
Security Patches, Mitigations, and Software Updates
Update to Bitcoin Client Fixes DOS Bug, Password Strength (Threatpost) The developers behind Bitcoin-QT, a software wallet used to protect and back up Bitcoin currency, have pushed out a new version of the client, fixing a critical denial-of-service bug, three security issues and fortifying password security
Cyber Trends
Security community not equipped to protect next 2.5bn web users' privacy (V3) The security community needs to create new tools to help smart device users know and control what data they are sharing with companies and governments, according to the new chief executive of AVG, Gary Kovacs
Java's Losing Security Legacy (Threatpost) Why would a software company require developers to sign code, thereby ensuring a modicum of trust--but not security--and then shatter that trust by allowing signed applets to bypass their own application sandbox? Welcome to the world of Oracle and Java, where a once healthy programming language has been reduced to rubble. Not only are security researchers, ferocious cybercriminals and nation-state hackers feasting on vulnerable code and broken patches, but also longtime developers are losing faith
Most Internet users take steps to avoid surveillance (ComputerWorld) Hackers, criminals and advertisers are at the top of the list of groups people wish to avoid, the survey showed
Cyber Crime: Who Pays? (Traders Magazine) Cyber-fraud experts and clearing industry officials say that when cyber-crime happens, the problem is primarily the responsibility of the financial institution
Lieberman Software Finds When It Comes to State–Sponsored Cyber Attacks, We Ain't Seen Nothing Yet (TechZone360) For anyone looking at recent headlines, it is more than crystal clear that state-sponsored cyber attacks are on the rise. Whether it be China, North Korea or a growing list of others, the use of online tools to compromise companies and government agencies is not just a fact of modern life but something many security experts have stated is the number one threat to national and enterprise security. And, with the Syrian Electronic Army already fingered for attacks on various U.S. media outlets in just the past few days, it is also clear that cyber terrorism is increasingly the choice of those who wish to have profound impact on countries and companies they view as the enemy
Five myths about mobile security and their realities (CSO) Earlier this summer, Aaron Rhodes of Neohapsis talked to CSO about five things to consider when developing mobile security policies. Today, moving that discussion forward, Pankaj Gupta of Amtel talks to us about five myths in mobile security. In business both large and small, mobile devices are being used to access mission-critical data that must be protected. As mentioned in our previous article, mobile is the new endpoint when it comes to security
Marketplace
What Network Can You Trust? (Forbes) You can only trust any network so far, but some are more trustworthy than others. Recent revelations about National Security Agency (NSA) snooping have only served to draw our attention to how that space we used to call private is diminishing. It's not even that we have less privacy than we used to, although that's true as well. More to the point: we now know how little we ever had. It's no longer much of a surprise to learn that the Drug Enforcement Agency (DEA) has been helping itself to all our private little treasures for the past six years. One can assume that all three-letter agencies as well as many state and local authorities have shared tidbits of information about us with each other
The Estonian cryptography startup that wants to be the Qualcomm of data security (ZDNet) Guardtime's tech uses hash function cryptography to protect data integrity, and its products are finding a foothold in the US and China
atsec information security Opens South East Asia Office (Open PR) atsec information security is pleased to announce the opening of its atsec South East Asia (atsec SEA) office in Bangkok, Thailand
L3 to Support US Army Intelligence and Security Command (Signal Magazine) L3 National Security Solutions Inc., Reston, Va., was awarded a $23,934,919 cost-plus-fixed-fee
CMO interview: Selling the story of cyber terrorism, BAE Systems and national security (CMO) We talk to the first chief marketing officer of BAE Systems Detica, Morag Lucey, about how she's repositioning the brand to focus on not just protection, but also opportunity for governments and enterprises
HHS Picks GoodData for Social Network Analysis Contract (Executive Biz) The U.S. Department of Health and Human Services plans to award business intelligence technology provider GoodData a three-month contract to analyze data from the agency's internal social network
Samsung teams with Lookout to beef up Android phone security (FierceMobileIT) Samsung is expected to announce Wednesday that it is beefing up security for its Android phones by teaming with anti-virus software firm Lookout, according to a report by the Wall Street Journal
What does the Microsoft–Nokia deal mean for enterprise mobility? (FierceMobileIT) As most people are aware by now, Microsoft (NASDAQ: MSFT) has agreed to pay around $7 billion to acquire Nokia's (NYSE: NOK) mobile phone business and license its patents and technology. The acquisition is expected to bring a tighter integration between the Windows Phone hardware and operating system, commented Manoj Menon, managing director of Frost & Sullivan. "This should help Microsoft make a more effective strategy to compete in the mobile sphere," he told the BBC in an interview
BlackBerry joins online authentication standards alliance (ZDNet) For BlackBerry, joining the FIDO group confirms its enterprise security chops and could enhance its mobile device management efforts. BlackBerry has joined the FIDO (Fast IDentity Online) Alliance as a board member joining the likes of Google, Lenovo and PayPal. FIDO aims to create open authentication standards so a user can confirm identity on multiple sites at once without entering data repeatedly. BlackBerry is one of the first mobile software and device makers to join the group
BlackBerry reportedly wants to sell itself by November (C/NET) The struggling mobile phone maker is aiming for a quick auction process, says the Wall Street Journal
Products, Services, and Solutions
EMC shows off elastic private cloud platform codenamed Nile (V3) MILAN: EMC has unveiled what it claims to be the world's first "elastic" web-scale storage infrastructure for the data centre. The systems, currently codenamed Nile, were shown for the first time in public at EMC's Speed to Lead event, attended by V3
'Hash Hunters' Web service cracks password hashes for bitcoins (CSO) The service lets people post rewards for converting password hashes into their original form. A search for "Hash Hunters" turns up marijuana-themed t-shirts for sale. It also brings up a password-cracking outsourcing service, payable in bitcoin
"World's most secure smartphone" looks like snake oil, experts say (Ars Technica) Encrypted phone concept a good one, but secrecy and FUD inspire skepticism
Topsy lets you search tweets from 2006, look up old cringeworthy posts (Engadget) Next time you're feeling nostalgic and want to peruse old Twitter posts -- such as in 2006, when Pluto was demoted to dwarf planet status -- you might want to pay Topsy a visit. The social search engine, which could previously look for posts up until 2010, has expanded its archives to include tweets from as far back as Twitter's birth in 2006. Simply input terms in the search box, and you'll find their newest and oldest mentions on the site. Even better than that, you can use the site to read every single tweet a user has ever posted by querying
Barracuda launches Barracuda Firewall X100 and X101 (Help Net Security) Barracuda Networks announced the new Barracuda Firewall X100 and X101, next-generation firewalls designed for small businesses. Barracuda also released new firmware, version 6.1, which includes configuration
ManageEngine enhances Firewall Analyzer and EventLog Analyzer (Help Net Security) ManageEngine announced enhancements to its firewall security and configuration management software, Firewall Analyzer, and to EventLog Analyzer, its log management and IT compliance software for SIEM
Intel releases new technologies for cloud datacenters (Help Net Security) Intel introduced a portfolio of datacenter products and technologies for cloud service providers looking to drive greater efficiency and flexibility into their infrastructure to support a growing demand
NCP engineering enhances Android VPN clients (Help Net Security) New features have been added to NCP engineering's four Android-compatible IPsec VPN clients, available here. Their software features the addition of Full Network Enclosure Mode, which safeguards
Exodus Intelligence Teams Up with Syndis for Zero-Day Service (DigitalJournal.com) Vulnerability and exploit research company Exodus Intelligence and Icelandic information security think-tank Syndis have joined forces for a new zero-day
Secunia Releases—Zero–Day, Android And Complete Patch Management In CSI 7.0 (Dark Reading) Corporate Software Inspector, version 7.0 introduces new features and improvements for vulnerability and patch management
VMC Uses eASIC to Achieve 24.756 TH/s Bitcoin Miner (Herald Online) VMC develops single mask ASIC using 28nm eASIC Nextreme-3 to significantly increase performance while reducing power consumption. eASIC® Corporation, a leading provider of single mask ASIC devices and Virtual Mining Corporation (VMC) today announced that VMC will use eASIC Nextreme-3™ 28nm devices to create a series of scalable Bitcoin mining machines capable of generating up to 24.756 TH/s (tera hashes per second) of cryptographic hashes
FireEye offering APT–detection service to notify customers of stealthy attacks (NetworkWorld) FireEye today announced it has started providing a threat-detection and notification service called Oculus intended to warn the enterprise security manager whenever targeted attacks seek to undermine the network for cyber-espionage purposes. Such attacks are often called "advanced persistent threats," and may be attempts by nation states or their agents to penetrate a company to steal sensitive information, such as intellectual property
Oracle Launches US Federal Cloud Product Suite (Executive Biz) Oracle has launched a new cloud computing service for U.S. federal agencies that is intended to help agencies comply with the White House's "Cloud First" policy
JustDelete.me Cleans Up Your Online Persona (InformationWeek) Justdelete.me helps you tidy up your professional presence on the Internet, but there's a downside to having a blank slate. Everyone has days where the Internet is just too much to handle: Too many social media sites to maintain, too many privacy settings to maneuver, too much time spent aimlessly browsing. But if you've ever tried to delete an account, you know how difficult it can be. Take Facebook, for example
Technologies, Techniques, and Standards
No need for anti–phishing vigilantes (SC Magazine) Many people want to do something positive in relation to security, and some of those individuals probably consider taking up arms against phishers. Compared with handling live malware, it seems considerably less risky. However, hidden depths lie beneath the surface and would-be phish hunters should keep the following advice in mind
The Ghost of Bitcoin (Polygon) In search of Satoshi Nakamoto, the man behind the most famous virtual currency, Polygon finds a harrowing digital economy only a gamer could love. Satoshi Nakamoto doesn't exist. Or, at least, if he does, he's one of the rare modern individuals who is practically impossible to locate
The Future Of IPS (Dark Reading) Will Next-Generation IPS (NGIPS) feature sets maintain the relevance of IPS in security strategies? Lauded long ago as a miracle pill for security operations, intrusion prevention systems (IPS) have been there and back again along the hype cycle curve. Now, as next-generation IPS (NGIPS) products are being put through their paces in real-world IT environments, the question is whether IPS will maintain its relevance in the enterprise or fade away as organizations put less emphasis on perimeter security and look to bundle up similar feature in unified threat management and next-generation firewall deployments
NIST Cyber Security Framework proposal provides no 'measurable cybersecurity assurance' (CSO) Plan's self-regulatory approach toward industrial control systems 'doesn't do us a hell of a lot of good,' another expert said
Stuxnet Expert Proposes New Framework For ICS/SCADA Security (Dark Reading) Critical infrastructure operators that have adopted the security industry's popular risk management mindset are doing it wrong, according to Ralph Langner. Langner, the German security expert who deciphered how Stuxnet targeted the Siemens PLCs in Iran's Natanz nuclear facility, today released a proposed cybersecurity framework for industrial control systems (ICS) that he says is a better fit than the U.S. government's Cyber Security Framework (PDF), which is currently in draft form
The 7 Simple Practices Of Data Governance (Health System CIO) Data is now one of the most valuable assets in any healthcare organization, especially as we transition into a more analytically driven industry. Data is the longest lasting asset in any organization, outliving facilities, devices and people
Geo–tag Forensics (Forensic Focus) A geo-tagged image is an image which holds geographical identification metadata. This data consists of latitude and longitude co-ordinates (sometimes altitude also). Though there are some extremely powerful tools available for extracting geo-tag information from geo-tagged images but the insight knowledge of how a tool actually works and gets the data for us is always a plus
Another 5 tips to help keep you safe on Facebook (Naked Security) Last month we gave you five tips to make your Facebook account safer. Here's five more tips, including how to block a person or app, how to get a one-time password to login securely from a public computer and how to stop search engines from indexing your profile
"Here be Dragons", Keeping Kids Safe Online (CSO) Sitting here this morning sipping my coffee, I watched fascinated as my 5-year-old daughter set up a VPN connection on her iPad while munching on her breakfast out of absent-minded necessity. It dawned on me that, while daughter has managed to puzzle out how to route around geofencing issues that many adults can't grasp, her safety online is never something to take for granted. I have encountered parents that allow their kids to access the Internet without controls beyond "don't do X" -- which we all know is as effective as holding up gauze in front of semi and hoping for the best (hat tip to Robin Williams)
Tip Of The Week: How To Fight Ransomware (Kaspersky Lab) If you use the Internet, then you're sure to have encountered screen lockers. You may be one of the unlucky people who have encountered that embarrassing moment when an explicit picture pops up, covering your entire 24? screen, demanding you pay a tidy sum of money to avoid your coworkers' stares. Or maybe you've dealt with ransomware, and have been asked for a miraculous code that removes the "FBI computer lock?
Design and Innovation
Georgia Tech Launches Own Crowdfunding Site for Science Research (Fast Company) Allison Jo Mercer, a researcher at Georgia Tech, is developing an adhesive based on a brilliantly sticky fish. Her work could some day translate into Band-Aids that don't pull your hair out when you rip them off, safer bandages for serious wounds, or just a better way to stick your GPS unit to your car window. But when she looked for funding for the idea, the reality of decreased government science spending sunk in deep. "Research funding has been cut, cut, cut," Mercer told Fast Company
Stanford University Is Going To Invest In Student Startups Like A VC Firm (TechCrunch) Stanford University is going to start directly investing in students' companies. Stanford is also giving a $3.6 million grant to StartX, a non-profit startup accelerator for Stanford-affiliated entrepreneurs. StartX founder and CEO Cameron Teitelman tells me Stanford will only invest in StartX companies and alumni companies. Stanford's investment fund will have an uncapped size
Research and Development
Developers Scramble to Build NSA–Proof Email (Wired) In the wake Edward Snowden's release of National Security Agency internal documents showing the United States is hijacking e-mail upstream, a slew of developers have jumped on the encryption bandwagon toward the goal building infallible end-to-end encryption
Picture–Based Password Schemes Have Their Weaknesses (Threatpost) A published study on picture-gesture authentication demonstrates weak points hackers could expose in guessing picture-based passwords
Faces, gestures, heartbeats — how will the passwords of the future work? (Naked Security) Researchers regularly come up ideas to replace passwords. Will any of them ever become the new standard for authentication? Are we going to be stuck with passwords forever, or is there a brighter future out there somewhere
Toshiba has invented a quantum cryptography network that even the NSA can't hack (Quartz) If you've got communications that absolutely cannot be intercepted--whether you're a NSA whistleblower, the president of Mexico, or Coca-Cola--quantum cryptography is the way to go…A new research paper from scientists at Toshiba brings quantum cryptography a baby-step closer to the masses. The paper, published today in Nature, explains how to expand a point-to-point quantum network with only two users into a "quantum access network" with up to 64 users
How Advanced Is the NSA's Cryptanalysis — And Can We Resist It? (Wired) The latest Snowden document is the US intelligence "black budget." There's a lot of information in the few pages the Washington Post decided to publish, including an introduction by Director of National Intelligence James Clapper. In it, he drops a tantalizing hint: "Also, we are investing in groundbreaking cryptanalytic capabilities to defeat adversarial cryptography and exploit internet traffic." Honestly, I'm skeptical. Whatever the NSA has up its top-secret sleeves, the mathematics of cryptography will still be the most secure part of any encryption system. I worry a lot more about poorly designed cryptographic products, software bugs, bad passwords, companies that collaborate with the NSA to leak all or part of the keys, and insecure computers and networks. Those are where the real vulnerabilities are, and where the NSA spends the bulk of its efforts
Academia
NSA Announces Four New Schools For Cyber Initiative (Dark Reading) Four new schools have been selected for the National Security Agency's National Centers of Academic Excellence in Cyber Operations Program, which was designed to cultivate more U.S. cyber professionals in an ever-changing global environment. After a rigorous application and screening process, NSA selected the following schools to receive the CAE-Cyber Operations designation for the 2013-2014 academic year: Air Force Institute of Technology in Ohio; Auburn University, Alabama; Carnegie Mellon University, Pennsylvania; and Mississippi State University
Legislation, Policy, and Regulation
Internet Privacy: Are Lawmakers Thinking About It All Wrong? (TechPresident) How do we get back to the world where nobody knows if you're a dog? According to Disconnect, a privacy protection browser extension that I installed earlier this week, anywhere between 72 and 90 different trackers are watching me every time I visit techPresident. Those elements include basic site analytics functions from Chartbeat and Google Analytics, code that enables people to share our stories through social media, and code that enables readers to comment on the stories themselves
High–Tech Snooping Goes Global (Washington Post) With the global furor over the National Security Agency's surveillance activities, you might think that other governments are refraining from such intrusive monitoring. But recent reports by U.S. technology companies make clear that foreign governments are aggressively compelling the "lawful" disclosure of information, just as the NSA does
NSA review panel reportedly meeting with privacy groups and tech companies next week (The Verge) A White House-appointed panel will meet with privacy groups and technology company officials next week as it prepares to review American intelligence policy, says The Hill. Though the names of the companies and advocacy organizations haven't been released, they will apparently speak with the panel in two separate meetings on Monday, though the events are reportedly not official White House meetings. The White House did not immediately respond to a request for comment
When will President Obama get serious about NSA reform? (Politico) Last week, President Obama met with the five-member review board that he recently appointed to review the National Security Agency's (NSA) controversial electronic surveillance program. The review board is part of the president's effort to build confidence in the surveillance program and its respect for privacy rights. But when Obama speaks about the program, he leaves the impression that its existing privacy protections are sufficient, if only we knew enough to appreciate them. That hardly instills confidence. If the president is serious about fixing the enormous overreach of U.S. surveillance that Edward Snowden helped to highlight, he should take these steps
Cyber Security Solutions for the DoD and Intelligence Community (Tripwire) At first glance, it appears that the Department of Defense (DoD) and the Intelligence Community (IC) have the same cyber security needs as other large organizations in the commercial world. While this is true to a certain extent, the business rules and requirements are significantly different. The Federal Government, in general, and the DoD/IC are heavily scrutinized and regulated in terms of acquisition policy. The Federal Acquisition Regulations (FAR) and the applicable DoD regulations (DFAR) are comprehensive, administrative and largely bureaucratic in an attempt to protect the interests of the American taxpayer - Cyber Security Solutions have been affected by this process. This administrative approach has had an initial negative impact on cyber security effectiveness with state sponsored and agile criminal groups enjoying repeated success. As a result, many DoD/IC agencies are reevaluating their cyber security requirements with a more solutions-oriented strategy
Agencies plan to use FICAM authentication standards for counterterrorism sharing (FierceGovIT) A large majority of agencies involved in sharing counterterrorism information say they plan on adopting Federal Identity, Credential, and Access Management standards as part of information sharing systems
DHS has become the epicenter for government cybersecurity (GSN) The Department of Homeland Security (DHS) has become the lead agency in the federal government for cyber security. DHS's responsibility to protect against cyber threats has evolved significantly from early days of the Department and its creation under the Homeland Security Act of 2002
Australia's anti–smut internet filter blueprint lasts LESS THAN A DAY (The Register) Version control problems strike Oz baby-kissers. Australia goes to the polls on Saturday to elect a new national government - but the likely winners of the election have just suffered an embarrassing reversal after a day during which they proposed, then withdrew, a plan for a national anti-smut internet filter
Litigation, Investigation, and Law Enforcement
Google Argues for Right to Continue Scanning Gmail (AP) Google's attorneys say their long-running practice of electronically scanning the contents of people's Gmail accounts to help sell ads is legal, and are asking a federal judge to dismiss a lawsuit that seeks to stop the practice
Head of INTERPOL on the key to protecting cyberspace (Help Net Security) With the physical and virtual worlds becoming increasingly interconnected, INTERPOL Secretary General Ronald K. Noble told the Underground Economy 2013 conference at the world police body's headquarters
NRA joins spy lawsuit, says NSA creating gun registry (Mansfield News Journal) In supporting the American Civil Liberties Union's lawsuit, the NRA on Wednesday filed a supporting brief arguing the National Security Agency's datamining
Government to Release Hundreds of Documents Related to NSA Surveillance (Threatpost) In response to a lawsuit by the Electronic Frontier Foundation, the Department of Justice is preparing to release a trove of documents related to the government's secret interpretation of Section 215 of the PATRIOT Act. The declassified documents will include previously secret opinions of the Foreign Intelligence Surveillance Court
Barret Brown Gagged by Order of the Court (Infosecurity Magazine) The arrest and trial of Barret Brown, activist and one time self-styled voice of Anonymous, concerns activists and media alike: in theory he faces 100 years in jail for hiding his computer, threatening an FBI agent, and publishing an internet link
Marketer of Internet–Connected Home Security Video Cameras Settles FTC Charges It Failed to Protect Consumers' Privacy (Federal Trade Commission) A company that markets video cameras designed to allow consumers to monitor their homes remotely has settled Federal Trade Commission charges that its lax security practices exposed the private lives of hundreds of consumers to public viewing on the Internet. This is the agency's first action against a marketer of an everyday product with interconnectivity to the Internet and other mobile devices - commonly referred to as the "Internet of Things"
Military employee "dealt with" for emailing personnel data home (SC Magazine) An unidentified Hill Air Force Base employee was looking to work from home, but instead had to be "dealt with" after he emailed personal information on hundreds of colleagues to an unprotected personal email address
Vaz Tells SOCA to Publish the Blue Chip Hacking List (Infosecurity Magazine) Eighteen months after Operation Millipede closed with the successful prosecution of four rogue private investigators for illegally obtaining personal information, the UK's Serious Organized Crime Agency (SOCA) finally delivered a list of almost one hundred clients that had used the service of the PIs to the country's Information Commissioner's Office (ICO)
Cybercrime — Al Assam Alaikum directly linked to Russian Business Network (Security Affairs) Security researcher Ian Malloy has identified a new group of hackers dubbed The Al Assam AlaikumCyber Unit linked to recent discoveries on RBN
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
TechCrunch Disrupt San Francisco (San Francisco, California, Sep 7 - 11, 2013) For the fourth year in a row, TechCrunch Disrupt will take over the San Francisco Design Center Concourse, and we're bringing the hottest startups and best minds in the industry with us. Block off September 7-11 on your calendar, because you're not going to want to miss Disrupt SF 2013. The Hackathon kicks everything off, followed by our main event, which starts every morning with panels of special speakers and guests, one-on-one chats featuring TechCrunch writers and editors, special guest speakers and judges, leading venture capitalists and fascinating entrepreneurs addressing the most important topics facing today's tech landscape. In the afternoons, the Startup Battlefield presentations begin, with the final presentations held on the last day of Disrupt.
SANS CyberCon Fall 2013 (Online, Sep 9 - 14, 2013) With sequestration still in place, organizations are finding themselves with training budgets, but drastically reduced travel budgets. This one-of-a-kind online training event brings SANS' top instructors teaching SANS' top courses to those who can't travel.
15th Annual AT&T Cyber Security Conference (New York, New York, USA, Sep 10, 2013) The AT&T Cyber Security Conference is an annual day-long conference offered by the AT&T Chief Security Office. Combining the expertise of its security experts, the scale and reliability of its global IP network and the innovation of AT&T Labs, AT&T is giving businesses some of the most powerful weapons available today in their battle against cyber security attacks. The conference showcases AT&T's leadership in helping businesses, large and small, manage the increasingly complex and critically important security of their IT networks and assets.
First Regional Southeast Conference on Cyber Security for National Security (Charleston, South Carolina, USA, Sep 10, 2013) The First Southeast Regional CS4NS Conference focuses on the immediate need of strengthening the critical cyber infrastructure of our nation. The conference will address the current cyber security state and rank vulnerabilities of our Critical Infrastructure/Key Resources (CI/KR), Internet Infrastructure, and available security resources. Discussions will highlight future development needs and solutions, especially for underserved businesses and government. Overall, CS4NS will answer the question "Are we secure?"
International Common Criteria Conference (Orlando, Florida, USA, Sep 10 - 11, 2013) FBC invites you to participate in the International Common Criteria Conference (ICCC) taking place in Orlando, Florida. This is the first time since 2000 that the ICCC is taking place in the U.S. The ICCC has become the main marketing and meeting opportunity for all those involved in the specification, development, evaluation, and validation or certification of IT security.
Angel Venture Forum: Cyber Security & Healthcare Investment Conference (Washington, DC, USA, Sep 11, 2013) With the increasing adoption of cloud computing, mobile devices and web-based applications, hackers have more opportunities than ever to infiltrate and crash network systems, especially in healthcare, which is increasingly becoming more vulnerable. The two greatest areas of opportunity for investment capital and the start-up community is in healthcare and cyber security. The nexus of these two sectors provides an even greater and more focused set of opportunities for investment. The Angel Venture Forum brings together all star roundtables of experts to opine and discuss the topics and the opportunities herein.
GrrCon (Grand Rapids, Michigan, USA, Sep 12 - 13, 2013) Says IT World, "Another hacker conference, this time in Michigan. The schedule looks to be bawdy, brash and anything but dull, with hackers promising to "pwn" you before you leave town. There are also sessions on penetration testing tools and mobile hacking methods."
cybergamut Technical Tuesday: Malware Analysis for the Masses (Columbia, Maryland, USA, Sep 17, 2013) With malware becoming more prevalent, and the pool of capable reversers falling short of overall need, there is a greater need to provide quick and efficient malware analysis for network defense. With modern technology and tools, it's now possible for junior security analysts to gather detailed malware indicators to craft defense and alert signatures. More enticing, all of this can be done with free tools and applications, some written by this presenter.
Shaping the Future of Cybersecurity Education Workshop (Gaithersburg, Maryland, USA, Sep 17 - 19, 2013) The third annual Shaping the Future of Cybersecurity Education Workshop will be held at the National Institute of Standards and Technology (NIST) in Gaithersburg, MD and focus on "Navigating the National Cybersecurity Education Interstate Highway".
NovaSec! (McLean, Virginia, USA, Jun 13, 2013) NovaSec! is Northern Virginia's largest Cybersecurity and physical security networking event of the year. We are bringing together security professionals from commercial and government organizations with members of local Northern Virginia businesses and associations to allow participants to meet, interact on key issues and provide a unified forum to network with likeminded individual.
Strange Loop (, Jan 1, 1970) Meet us in St. Louis, Sept 18-20th, 2013, to make connections with the creators and users of the languages, libraries, tools, and techniques at the forefront of the industry. Find out where we're going…and where we're not. Topics include emerging languages, concurrent and distributed systems, new database technologies, front-end web, and mobile.
ISSA Cyber Security Forum at Ft Belvoir (Fort Belvoir, Virginia, USA, Sep 19, 2013) This event will allow personnel from Fort Belvoir the chance to learn about the latest cyber security trends, network with peers, discuss Army best practices and to view and demo some of the latest cyber security and information technology products/services available today. This is an excellent opportunity for exhibitors to network with key decision makers, cyber, technology, communications and contracting personnel from various commands and tenant units at Fort Belvoir.
CISO Executive Summit (Atlanta, Georgia, USA, Sep 19 - 20, 2013) Be on the forefront of a new global initiative where today's world-class leaders in information security will gather to navigate through international waters. Join these leaders as they follow the wind of change that is sweeping through the IS community motivating today's information guardians to develop a new way of thinking to ensure success in protecting their respective organizations. (At Hacker Halted USA.)
2013 Cyber Security Summit (New York, New York, USA, Sep 25, 2013) The 2013 Cyber Security Summit connects executives responsible for protecting their company's critical infrastructure with innovative product, service and solution providers. The one day event, to be held September 25th at the Hilton in New York City, will showcase the latest tools and resources available to defend against cyber crime on both corporate and government levels. Keynote addresses and interactive panel discussions lead by notable security experts will highlight strategic priorities, risk factors, threats and provide inspirational guidance to prepare and protect from attacks.
4th Annual Cybersecurity Summit (Washington, DC, USA, Sep 25, 2013) GEN Keith Alexander, Commander of U.S. Cyber Command, Director of the NSA/Chief, Central Security Service and Dr. Pat Gallagher, Director, NIST are among the distinguished speakers confirmed to keynote at the 4th Annual Cybersecurity Summit on September 25, 2013 at the National Press Club in Washington, D.C.Michael Daniel, White House Cybersecurity Advisor, and Gen. Keith Alexander, Commander U.S. Cyber Command, and Director, NSA, are confirmed to keynote. Cybersecurity topics to be addressed include: the White House Cybersecurity Executive Order, the Cybersecurity Framework and New Emerging Standards for Critical Infrastructure, information sharing, mobile security and BYOD, legislative developments in cybersecurity, big data and cloud cybersecurity, continuous monitoring, cyber situational awareness, and the JIE rollout active defense and cyber warfare. Organized by Billington CyberSecurity™.