
The CyberWire Daily Briefing for 9.18.2013
Bangladeshi hacktivists continue their cyber riot against India.
A new Mac Trojan, "OSX/Leverage.A" (or "Leverage," for short) is installing backdoors and downloading the Syrian Electronic Army (SEA) logo. An app disguised as a picture, the Trojan's mode of transmission remains unclear, but it's appearing in "highly targeted" exploits. Attribution is also unclear—the SEA told Softpedia it's "not associated" with the attacks.
Microsoft, responding to reports of targeted attacks exploiting an IE vulnerability, issues a warning and workarounds.
Symantec reports its identification of a Chinese hacking crew, "Hidden Lynx," which appears to be either an organization of the Chinese government or a contractor that works exclusively for that government. They're associated with both Aurora and the Bit9 certificate hack; their preferred tools are the Moudoor backdoor Trojan (a tailored version of Gh0stRAT) and Naid (used against high-value targets). Hidden Lynx is most active in industrial espionage and there makes substantial use of waterhole attacks. There's some evidence they may be running some fraud operations on the side.
Other Chinese hackers, the patriotic hacktivists of "Honker Union," mark the 82nd anniversary of the Kwantung Army's invasion of Manchuria (September 19, 1931) by preparing a cyber riot against Japanese targets.
In industry news, the long-feared (and not unreasonably feared) post-Snowden international reaction against US IT firms has yet to materialize. Mandiant expands into Europe. Banks are called upon to help businesses by sharing DDoS data.
Brazil's president cancels a US state visit as Brazil seeks to disconnect its Internet from the US.
Notes.
Today's issue includes events affecting Australia, Bangladesh, Belarus, Brazil, Canada, China, France, Germany, Hungary, India, Israel, Italy, Japan, Republic of Korea, Norway, Russia, Singapore, Syria, Taiwan, Ukraine, United Kingdom, United States, and and Uzbekistan..
Cyber Attacks, Threats, and Vulnerabilities
Cyber War Continues as Bangladeshi Hackers Hacks more 200 Indian Websites (HackRead) As I had reported earlier how Bangladesh Black HAT Hackers (BBHH) have started cyber war against Indian cyber space by hacking 90 Indian websites. This time the hackers have hacked and defaced 200 Indian websites as a continuation of ongoing cyber warfare. BBHH claims that all hacks were done against alleged brutality of India Border Security Forces in which targeted sites were left with a message against
"Leverage" Mac Malware Downloads Syrian Electronic Army Logo on Infected Devices (Softpedia) Security researchers from Intego have uncovered a new Trojan that targets OS X machines. Dubbed "OSX/Leverage.A," the malware has been spotted in the wild, but experts say the overall threat level is low because it appears to be used only in targeted attacks
New Mac Trojan Discovered Related to Syria (Intego) A new Mac Trojan has been discovered that creates a backdoor on an affected user's machine. It was found on VirusTotal, sent by a user in Belarus. At the time of writing, the Command and Control (C&C) server is down and no longer sending commands to affected users. This appears to be a targeted attack, though the method of delivery is not yet known. So, while this has been affecting users in the wild, the overall threat level appears to be low. The Trojan is an application that is disguised as a picture — the .app file-extension is not visible by default
Microsoft warns of new IE zero-day, exploit in the wild (Threatpost) Microsoft is looking into reports of targeted attacks against a new vulnerability that exists in all supported versions of Internet Explorer. The attacks are targeting IE 8 and 9 and there's no patch for the vulnerability right now, though Microsoft has developed a FixIt tool for it
Hidden Lynx — Professional Hackers for Hire (Symantec Security Response) The Hidden Lynx group is a professional team of attackers with advanced capabilities. They were responsible for the compromise of security firm Bit9's digital code-signing certificate which was used to sign malware. The Bit9 breach was part of the much larger VOHO campaign and that campaign was just one of many operations undertaken by the group over the last four years. The group likely offers a "hackers for hire" operation and is tasked with retrieving specific information from a wide range of corporate and government targets
Hacker group in China linked to big cyber attacks: Symantec (Reuters) Researchers have discovered a group of highly sophisticated hackers operating for hire out of China, a U.S. computer security company said on Tuesday, and it linked them to some of the best-known espionage attacks in recent years
State–Sponsored Hacker Gang Has a Side Gig in Fraud (Wired) An elite group of nation-state hackers running roughshod through the financial sector and other industries in the U.S. has pioneered techniques that others are following, and has used sophisticated methods to go after hardened targets, including hacking a security firm
Hidden Lynx — the hackers for hire who compromised a security firm (Graham Cluley) Symantec researchers have published a detailed report into the hacking gang that they believe hacked into security firm Bit9 earlier this year, and managed to inject malware into customers' networks
Securo–boffins link HIRED GUN hackers to Aurora, Bit9 megahacks (The Register) Researchers: It was 'resourceful' Hidden Lynx crew wot done it. Security researchers have linked the "Hackers for hire" Hidden Lynx Group with a number of high-profile attacks, including an assault on net security firm Bit9, as well as the notorious Operation Aurora assault against Google and other hi-tech firms back in 2009. Hidden Lynx is a sophisticated hacking group based in China and made of up of between 50 to 100 individuals, according to Symantec. The hackers provide "full service" as well as "customised" cyber-espionage attacks against corporate and government targets, claims the security firm. Its favoured tactics include compromising third-party sites frequented by individuals from targeted organisations with malicious code
'Honker Union' sniffs 270 hacktivism targets (The Register) Chinese group to mark Manchurian Incident with cyber nationalism raids. Infamous Chinese hacktivist group Honker Union has shortlisted a whopping 270 Japanese targets for attack today — the anniversary of the Manchurian Incident, which was the precursor to the Japanese invasion of China
Affiliate network for mobile malware impersonates Google Play, tricks users into installing premium-rate SMS sending rogue apps (Webroot Threat Blog) Affiliate networks are an inseparable part of the cybercrime ecosystem. Largely based on their win-win revenue sharing model, throughout the years, they've successfully established themselves as a crucial part of the cybercrime growth model, further ensuring that a cybercriminal will indeed receive a financial incentive for his fraudulent/malicious activities online. From pharmaceutical affiliate networks, iPhone selling affiliate networks, to affiliate networks for pirated music and OEM (Original Equipment Manufacturer) software, cybercriminals continue to professionally monetize each and every aspect of the underground marketplace, on their way to harness the experience, know-how and traffic acquisitions capabilities of fellow cybercriminals
Too long passwords can DoS some servers (Help Net Security) The discovery of a vulnerability in popular open source web application framework Django has recently demonstrated that using a long password is not always the best thing to do. As explained by
Neutrion EK — IE exploit analysis (MalForSec) More Neutrino stuff on the menu. Hopefully you find it better than spam and are not tired of my Neutrino adventures. As I have just come back from a week off-line I spotted a tweet…Just over a week ago I sort of concluded that Neutrion only had Java exploits. But here someone prove me wrong and I must admit I had only checked with the "obvious" stuff that neutrino uses Plugin Detect for. So time to look once again into Neutrino and one of it's mysteries
Citadel's Man–in–the–Firefox: An Implementation Walk–Through (Arbor Networks) While banking malware or "bankers" have a lot of functionality, they are defined by their Man-in-the-Browser (MITB) implementation. This mechanism allows them to not only steal banking usernames and passwords, but to also inject arbitrary content into banking websites in order to social engineer and try and steal additional credentials such as identifying information, pins, and token codes
Connecting the Dots: Fake Apps, Russia, and the Mobile Web (TrendLabs Security Intelligence Blog) The existence of fake mobile apps poses privacy and financial risks to users of the mobile web. As experts figure out the dangers of the consumerization and the lack of security of mobile devices, fake apps continue to grow. Fake apps usually ride on the popularity of legitimate apps—for example, recently fake emails said that users had received voice mail from WhatsApp. These fake messages try to trick users to download them onto their mobile devices, from which they usually perform a combination of these malicious routines
Maryland state security sloppiness exposes personal data (ZDNet) Careless practices by the State of Maryland have exposed the data on thousands of background check forms to even the most casual hacker. Securing data can be hard work. It can be complicated. It can be expensive. And then sometimes you see people putting so little effort into it that there's just no excuse. An example of this was sent to me by a reader. In anticipation of new gun control laws scheduled to take effect October 1, tens of thousands of citizens of Maryland applied for gun permits, which requires a background check
Security Patches, Mitigations, and Software Updates
Microsoft Releases Security Advisory 2887505 (Microsoft Security Response Center) Today we released Security Advisory 2887505 regarding an issue that affects Internet Explorer. There are only reports of a limited number of targeted attacks specifically directed at Internet Explorer 8 and 9, although the issue could potentially affect all supported versions. This issue could allow remote code execution if an affected system browses to a website containing malicious content directed towards the specific browser type. This would typically occur when an attacker compromises the security of trusted websites regularly frequented, or convinces someone to click on a link in an email or instant message. Running modern versions of Internet Explorer ensures that customers receive the benefit of additional security features that can help prevent successful attacks
Mozilla Updates Firefox 24 With 17 Security Advisories (eWeek) The latest open-source Firefox browser release adds new user features and patches critical security vulnerabilities. Mozilla on Sept. 17 released its latest open-source Firefox browser update for both Android as well as desktop versions for Windows, Mac and Linux operating systems. The Firefox 24 release is light on new user-facing features and heavy on security fixes, providing 17 security advisories, seven of which Mozilla has rated "critical"
Cyber Trends
Travelers regularly connect to free, unsecure Wi-Fi networks (Help Net Security) GFI Software announced the findings of an extensive independent research project looking at end user use of mobile devices at work and in their daily commute to and from the workplace, which revealed
James Bamford Discusses Cyber Warfare (SC Magazine) [Video] James Bamford discusses the possibility of Silicon Valley tech companies going on the offensive when it comes to cyber security
"More trouble" brewing as mobile threats multiply "exponentially", ex–ISACA chief warns (WeLiveSecurity) Mobile threats are becoming more complex, and more difficult to deal with as more and more devices become connected, a former vice-president of security trade body ISACA has warned. "Expect more trouble," Rolf von Roessing warned an audience of IT professionals at the 2013 EuroCACS conference. Roessing warned that iPhone users would not be immune — and that even companies which attempted to audit and control mobile devices would still find 30–40% "flying under the radar"
Marketplace
Google, Facebook See No Significant Impact On Business From NSA Revelations (Huffington Post) Edward Snowden's unprecedented exposure of U.S. technology companies' close collaboration with national intelligence agencies, widely expected to damage the industry's financial performance abroad, may actually end up helping
Senior execs debunk the US skills gap myths (FierceBigData) More than a few economists call the aftermath of the last recession a "jobless recovery," perhaps the first such beast to roam the economic landscape after a major downturn. That argument has been countered with the claim that jobs do exist, but too few American workers have the skills needed to fill them. Case in point: the huge demand for data scientists and big data related jobs that remain largely unfilled. But a recent survey of senior executives finds that a lack of technical skills in job applicants isn't the prevailing problem. American workers are missing something far more fundamental and the execs blame the education system for the shortfall
Microsoft leads growing SaaS content security market, says Infonetics (FierceITSecurity) Microsoft (NASDAQ: MSFT) leads the software-as-a-service content security market, which is forecast by Infonetics to top $1 billion by 2017. Other top contenders in the SaaS content security segment include Symantec, Intel's McAfee, Cisco and Proofpoint
MILITARY $8.31 Million Federal Contract Awarded to Jacob & Sundstrom (Hispanic Business) Jacob & Sundstrom Inc., Baltimore, was awarded an $8,310,388 federal contract by the U.S. Army Contracting Command, Adelphi, Md., for support services for the U.S. Army Research Laboratory Computer Network Defense Services program, ARL Information Assurance Manager's office and the ARL Computational and Information Sciences Directorate gent for the Certification Authority
SAIC to Install Polycom Tool in NATO Video Conference Platform (GovConWire) Science Applications International Corp. (NYSE: SAI) will install Polycom technology into a video collaboration environment intended to help NATO members centralize communications. The Polycom RealPresence platform will be installed in NATO locations across Europe and North America and will be built to hold resources for operations such as classified communications and resource planning, Polycom said Monday
EXCLUSIVE: Ron Police, Former Apple Government Lead, Joins SAP National Security Services (GovConWire) Ron Police, the former vice president of Apple Government, has joined SAPSimplified Acquisition Procedures / Special Application Program National Security Services (NS2), the independent national security and critical infrastructure contracting subsidiary of SAPSimplified Acquisition Procedures / Special Application Program, GovCon Wire has learned
Enlightened Appoints Derek Smith To Director Of Cyber Initiatives (BWW) Enlightened, Inc., a leading Information Technology (IT) consulting firm delivering Cyber Security, Systems Integration, and Management Consulting solutions, announced today the appointment of Derek Smith as Director of Cyber Initiatives. Prior to joining Enlightened, Mr. Smith was the Global Cyber Security Education, Training and Awareness Practice Manager for the Commercial Cyber Security Consulting Group at Computer Sciences Corporation (CSC)
Mandiant® Announces European Expansion to Meet Growing Demand for Products and Services (Fort Mill Times) Mandiant®, the leader in security incident response management, today announced the expansion of its European operations including a new office in the London area, key hires to direct sales in the region and new agreements with channel partners. The announcement was made in London at the opening of the Gartner Security & Risk Management Summit, where Mandiant is exhibiting on 18th-19th October
Cloud Storage Startup Nirvanix Tells Customers, Partners It's Shutting Down (CRN) Nirvanix, a San Diego-based cloud storage startup, is shutting down and telling customers to move their data off its systems by the end of the month, sources told CRN Tuesday
FireEye IPO Gets My Attention (Seeking Alpha) FireEye, Inc (FEYE), a next generation cyber security firm, plans to raise $182 million through its upcoming IPO. The firm will offer 14,000,000 shares at an
F5 acquires cyber security co Versafe (Globes) F5 Networks has acquired the Rishon Lezion company, which provides web anti-fraud, anti-phishing and anti-malware solutions. F5 Networks Inc. (Nasdaq: FFIV) has acquired Rishon Lezion based Versafe Ltd., which provides web anti-fraud, anti-phishing, and anti-malware solutions. Financial details about the acquisition were not disclosed and F5 said that the acquisition was not expected to have a material impact on the company's operating results
SAP Ventures invests $15m in Recommind (Computing) SAP Ventures, the technology investment unit of software vendor SAP, has invested $15m in unstructured data management company Recommind
Products, Services, and Solutions
Review: Avira Free Android Security (eSecurity Planet) Reviewer Matt Sarrel says Avira Free Android Security shows that simple device security does not require an expensive product only enterprises can afford
Mobile Device Management companies get more app control on iOS 7 (CSO) Apple is providing MDM APIs that better allow vendors to 'take advantage of the operating system hooks to provide application-level security'
HP's security portfolio upgrade stems from bigger focus on real-time data (ZDNet) HP is looking toward the fervor surrounding real-time data to support new threat detection and preventative measures. Hewlett-Packard is rolling out a number of upgrades and additions to its enterprise security portfolio while hoping to encourage BYOD strategies at the same time. But aside from HP's new Security Risk and Controls Advisory Services for Mobility (essentially a strategy guide on managing personal devices in the workplace), most of HP's latest updates focus on the infrastructure well in the background rather than any devices directly
Evaluate the skill level of Linux pros (Help Net Security) TrueAbility launched AbilityScreen for Linux Professionals, a new way to evaluate the skill level of those who work within a Linux environment. Individuals now have a way to demonstrate their expertise
Zscaler cloud–based platform makes behavioral analysis mainstream (Help Net Security) Zscaler announced Zscaler for APTs, a cloud-based security solution to address the entire advanced persistent threat (APT) and advanced targeted attack (ATA) defense lifecycle, including protection
Growler Gets Down With The Internet (Strategy Page) Four years after entering squadron service, the U.S. Navy's EA-18G "Growler" electronic warfare aircraft is being upgraded with a communications technology that allows the EA-18G to share data instantly with other EA-18Gs and other types of aircraft (combat and support, like E-2 and E-3 AWACS). The new capability is JTIDS (Joint Tactical Information Data System). Development (by the U.S. Air Force) of this system began 30 years ago and mature examples of the technology only began showing up in the last decade. JTIDS is a datalink that gives the pilot complete and real-time situation report, showing what other pilots (and planes like the E-3) are seeing
BlackBerry Z30 to launch as firm tries to revive smartphone ambitions (ITPro) Can the largest BlackBerry device to-date do enough to attract users? Faltering smartphone firm BlackBerry has announced the successor to its flagship Z10 handset, as the firm continues to try and claw back market share
The War Machine (Slate) The military's laptop of choice provokes shock and awe. Just as Desert Storm boosted the sales of Hummers and GPS handhelds, Gulf War II will spawn its own crossover hits, pieces of military equipment that become civilian fetish objects. A prediction: One of the war's big winners will be Itronix's GoBook MAX, a sort of Windows laptop on steroids. The GoBook MAX has already been spotted in video from the front, and Air Force firemen deployed in Turkey have them. If Gulf War II is the first Internet war, then a computer should be its first piece of military chic
Kaspersky joins the new AV trend: multi–device edition (ZDNet) The latest thing in the antivirus business is an edition that buys you protection on multiple device types, probably Windows, Mac and Android. Kaspersky has released theirs. It's partly a concession of the market failure of products for Mac and mobile
Dropbox File Brouhaha: Use Case Is The Issue (InformationWeek) Before you pull your files over a perceived security threat, ask yourself: How are you using the cloud file sharing service
Technologies, Techniques, and Standards
Database Misconfigurations: Windows To Vulnerable Data (Dark Reading) Experts recommend developing configuration baselines and regularly comparing database configurations to those standards to prevent configuration drift
Suspect NIST crypto standard long thought to have a back door (GCN.com) While the National Institute of Standards and Technology reopens public review of several of its cryptographic standards, it is "strongly" advising against using
So you think you know all about configuration management (The Register) Last month El Reg published an article by me that introduces the concepts of configuration management. You can read it here. In this article I explore some common misconceptions about the topic and move on to discuss some dos and don'ts. Let me state straight away that configuration management (CM) is not just about program code
ISF Provides Organizations with Advice on How to Implement a BYOD Program (Softpedia) The Information Security Forum (ISF) has published a new report to help organizations address the problems they may face when implementing a bring-your-own-device (BYOD) program. The study, "Managing BYOD Risk: Staying Ahead of Your Mobile Workforce," highlights a few key aspects and makes recommendations on how such programs should be implemented to make sure corporate data is not exposed
When it comes to HIPAA, don't be bossy with business associates (FierceHealthIT) Don't try to be Big Brother to your business associates (BAs) and put stress on your own healthcare organization as the new HIPAA omnibus rule goes into effect, warns Frank Ruelas, compliance officer at Gila River Healthcare in Sacaton, Ariz. BAs know they will be directly liable for compliance under the HIPAA Security Rule and parts of the Privacy Rule, he says in an article at HealthITSecurity
Lawmakers, hospitals press OMB on unique identifier rule (FierceHealthIT) What's taking so long? That's what four members of the U.S. House asked in a recent letter to the Office of Management and Budget about releasing the Unique Device Identifier (UDI) final rule. In response to slow progress, Congress last year set a June 19 deadline for the Food and Drug Administration to develop regulations for a medical device tracking system. The FDA's proposed rule has been under review with the OMB—the final step—for nearly a full year
Banks' Leadership in DDoS Fight (Bank Info Security) As we mark the one-year anniversary this week of the first announcement of DDoS attacks waged by Izz ad-Din al-Qassam Cyber Fighters against U.S. banks, it's time to call attention to the need for banks to take a leadership role in helping other sectors fend off attacks (see Lessons Learned From Bank DDoS Attacks). U.S. banking institutions must take the lead in the defense of our nation's critical infrastructure by sharing cyberthreat intelligence with other industries as well as lessons learned about effective defenses
The semantic web: "metadata on steroids" (FierceBigData) One of the biggest problems in big data use is in finding which data you need to use to answer any given question. As practitioners struggle to resolve this issue daily, an often overlooked potential solution is getting more attention
Biggest challenge to big data projects? Human bias (FierceBigData) When it comes to data analysis, people want to believe that the data and the analytical outcomes are unbiased and reliable. But that simply isn't the case. Far too often the data itself is incorrect, either because it's taken out of context, is wrong by any account, or it hasn't been updated. Such dirty data gives bad results. But beyond data integrity issues, the bigger challenge is by far human bias
OECD revises 33–year–old privacy guidelines (FierceITSecurity) The Organization for Economic Co-operation and Development has updated its privacy guidelines for the first time in 33 years, according to a report by Bloomberg BNA. The guidelines take a new risk-management approach to privacy protections for companies and public organizations and introduce the concept of "privacy risk assessment," explained Olivier Proust, a Brussels-based attorney with Field Fisher Waterhouse
Design and Innovation
Phonebloks — A Customizable Smartphone That Could Revolutionize The Industry (Forbes) I'm quite proud of the fact I predicted the smartphone a good half a decade before the likes of Apple 's iPhone became popular. Even before the likes of Microsoft 's Windows Mobile and Blackberry OS were doing the rounds, it seemed pretty clear to me that we were on the verge of an all-in-one device that could take half-decent pictures, play your MP3s, access the Internet and make calls
Research and Development
A quantum leap for network security (Computing) The word "quantum" often brings to mind the almost impossible; quantum physics, quantum theory, quantum mechanics - all dizzying topics understood by few. For those of us currently without a doctorate in physics, the idea of quantum technology sounds very much like science fiction
Academia
Computer science professor to earn top honors (Purdue Exponent) Spafford will be inducted into the National Cyber Security Hall of Fame in Baltimore on Oct. 9. He will also receive the Harold F. Tipton Lifetime Achievement
Tips for educational organizations on how to defend against online threats (Help Net Security) The kids are back to school and hopefully they're heeding the right advice on how to stay safe in an educational environment, but students aren't the only ones who should be concerned about security
Legislation, Policy, and Regulation
Proportionality key to cyber surveillance, says former MI5 head (ComputerWeekly) Proportionality is critical in cyber surveillance by intelligence services, says former MI5 head Eliza Manningham-Buller. "The more intrusive the tool, the higher the level of authorisation," she told attendees of Trend Micro's 25th anniversary customer conference in London
Brazilian President Dilma Rousseff calls off US trip (BBC News) Brazilian President Dilma Rousseff has called off a state visit to Washington next month over allegations of US espionage. The US National Security Agency (NSA) has been accused of intercepting emails and messages from Ms Rousseff, her aides and state
Brazil's Wild Plan to Purge America From Its Internet (Gizmodo) Brazil is not very happy about all these NSA revelations. As home to Latin America's biggest economy, the country understandably hates the idea that the United States is listening to its phone calls and reading its emails. In fact, Brazil hates it so much that it wants to disconnect itself from the U.S. internet altogether
New Intel Bill Would Force More FISA Court Reporting (Breaking Defense) A bipartisan group of House lawmakers have presented a new bill designed to increase congressional oversight of the Foreign Intelligence Surveillance Court and its main client, the National Security Agency. Obviously, the bill was sparked by the flood of classified information released by the international fugitive and former intelliegnce contractor Edward Snowden
Senators Decry NSA 'Ineptitude,' Call for End to Dragnet Phone Surveillance (Wired) Sens. Ron Wyden (D-Oregon) and Mark Udall (D-Colorado) are blasting the NSA's admission that — because of its own internal bungling — it carried out thousands of inquiries on phone numbers without any of the court–ordered screening designed to protect
Is cyber–offense the answer? (FCW) Private-sector companies spend billions of dollars each year on cybersecurity to keep the bad guys out of their systems, but their efforts are often exercises in futility as the tools and capabilities of cyber threats continue to increase
Relax and learn to love big data? Ummm, no. Regulation is a must! (FierceBigData) Adam Thierer, a senior research fellow at the Mercatus Center at George Mason University, penned an opinion post in U.S. News wherein he suggests we all "relax and learn to love big data." Despite being the big data lover that I am, I wholeheartedly disagree with that advice and his assertions that "the critics often overstate these dangers while also glossing over the overwhelming benefits. They also ignore the extent to which people adapt to new information technologies over time." While humans are incredibly adaptable, even to horrid circumstances, adapting does not in any way sanction any given circumstances as acceptable
Congress takes aim at NSA on surveillance (FierceITSecurity) Lawmakers are having second thoughts about the authority that Congress granted the National Security Agency (NSA) to conduct a broad surveillance program against U.S. citizens. For example, two powerful Democratic senators are calling for an end to the bulk collection of phone record data from U.S. carriers
Litigation, Investigation, and Law Enforcement
Beijing calls fears over internet crackdown "paranoia," briefly detains corruption–fighting blogger (Quartz) In China, "people enjoy full freedom on the Internet," an official from the Ministry of Information told Indian reporters during a visit to Mumbai this week, according to DNA, a news outlet in India. "The perception that the government has placed any restrictions on the Internet is untrue," he said, adding that China's media had the same freedom as any others, except they must "avoid fabrication of stories" and "be socially responsible by not aggravating any issue"
Government requests to LinkedIn on the rise (ZDNet) While requests for LinkedIn user data from governments remains relatively low, there were close to double the number of requests between the last half of 2012 and the first half of 2013
U.S. Telcos Have Never Challenged NSA Demands for Your Metadata (Wired) Since at least 2006 a secret spy court has continuously compelled the nation's carriers to hand over records of every telephone call made to, from or within the United States. But none of the phone companies have ever challenged
FBI a 'secret domestic intelligence agency,'ACLU says (Anchorage Daily News) In the wake of the National Security Agency spying scandal, the American Civil Liberties Union shifted attention Tuesday to the FBI with a
Extended Ruling By Secret Court Backs Collection Of Phone Data (New York Times) The Foreign Intelligence Surveillance Court on Tuesday offered its most extensive public explanation for why it has allowed the government to keep records of all Americans' phone calls, releasing a previously classified opinion in which it said the program was constitutional and did not violate Americans' privacy rights
FISA court defends NSA surveillance decisions (McClatchy) The secretive federal court that oversees government surveillance released a recent opinion Tuesday that explains and defends its decisions giving the National Security Agency broad power to collect the phone records of all Americans. At issue were decisions going back to 2006 that permitted the agency to order phone companies to turn over the dialing records of calls made in this country. This "metadata" did not include the names of the callers, nor did it include the content of the calls
Alleged Anonymous Hacktivist Arrested for Hacking Texas County Website (HackRead) Last week the FBI had arrested an alleged hacker who they claim is a member of online hacktivist Anonymous group and took part in hacking the official website of Texas County Website. His name is Fidel Salinas Jr, now in federal custody awaiting a detention hearing where Salinas is facing charges for breaching and hacking computers of Texas County Website without permission. Texas County website was hacked
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
Information Security Conference (Charleston, West Virginia, USA, Oct 2, 2013) On October 2, the WVOT Office of Information Security and Controls, will be sponsoring a no-charge information and cyber security awareness event at the Charleston Civic Center. The agenda will offer an energizing morning of highly informative sessions. Free posters, calendars, bookmarks, and other security-themed items will be available. The event is open to the public, however registration priority will be given to public sector officials and employees.
Shaping the Future of Cybersecurity Education Workshop (Gaithersburg, Maryland, USA, Sep 17 - 19, 2013) The third annual Shaping the Future of Cybersecurity Education Workshop will be held at the National Institute of Standards and Technology (NIST) in Gaithersburg, MD and focus on "Navigating the National Cybersecurity Education Interstate Highway".
NovaSec! (McLean, Virginia, USA, Jun 13, 2013) NovaSec! is Northern Virginia's largest Cybersecurity and physical security networking event of the year. We are bringing together security professionals from commercial and government organizations with members of local Northern Virginia businesses and associations to allow participants to meet, interact on key issues and provide a unified forum to network with likeminded individual.
Strange Loop (, Jan 1, 1970) Meet us in St. Louis, Sept 18-20th, 2013, to make connections with the creators and users of the languages, libraries, tools, and techniques at the forefront of the industry. Find out where we're going…and where we're not. Topics include emerging languages, concurrent and distributed systems, new database technologies, front-end web, and mobile.
ISSA Cyber Security Forum at Ft Belvoir (Fort Belvoir, Virginia, USA, Sep 19, 2013) This event will allow personnel from Fort Belvoir the chance to learn about the latest cyber security trends, network with peers, discuss Army best practices and to view and demo some of the latest cyber security and information technology products/services available today. This is an excellent opportunity for exhibitors to network with key decision makers, cyber, technology, communications and contracting personnel from various commands and tenant units at Fort Belvoir.
CISO Executive Summit (Atlanta, Georgia, USA, Sep 19 - 20, 2013) Be on the forefront of a new global initiative where today's world-class leaders in information security will gather to navigate through international waters. Join these leaders as they follow the wind of change that is sweeping through the IS community motivating today's information guardians to develop a new way of thinking to ensure success in protecting their respective organizations. (At Hacker Halted USA.)
CCBC Leadership Seminar Luncheon: Cyber Awareness: What Employers Need To Know (Owings Mills, Maryland, USA, Sep 20, 2013) , no later than September 13, 2013.
cybergamut Technical Tuesday: Malware Analysis for the Masses (Columbia, Maryland, USA, Sep 17, 2013) With malware becoming more prevalent, and the pool of capable reversers falling short of overall need, there is a greater need to provide quick and efficient malware analysis for network defense. With modern technology and tools, it's now possible for junior security analysts to gather detailed malware indicators to craft defense and alert signatures. More enticing, all of this can be done with free tools and applications, some written by this presenter.
2013 Cyber Security Summit (New York, New York, USA, Sep 25, 2013) The 2013 Cyber Security Summit connects executives responsible for protecting their company's critical infrastructure with innovative product, service and solution providers. The one day event, to be held September 25th at the Hilton in New York City, will showcase the latest tools and resources available to defend against cyber crime on both corporate and government levels. Keynote addresses and interactive panel discussions lead by notable security experts will highlight strategic priorities, risk factors, threats and provide inspirational guidance to prepare and protect from attacks.
4th Annual Cybersecurity Summit (Washington, DC, USA, Sep 25, 2013) GEN Keith Alexander, Commander of U.S. Cyber Command, Director of the NSA/Chief, Central Security Service and Dr. Pat Gallagher, Director, NIST are among the distinguished speakers confirmed to keynote at the 4th Annual Cybersecurity Summit on September 25, 2013 at the National Press Club in Washington, D.C.Michael Daniel, White House Cybersecurity Advisor, and Gen. Keith Alexander, Commander U.S. Cyber Command, and Director, NSA, are confirmed to keynote. Cybersecurity topics to be addressed include: the White House Cybersecurity Executive Order, the Cybersecurity Framework and New Emerging Standards for Critical Infrastructure, information sharing, mobile security and BYOD, legislative developments in cybersecurity, big data and cloud cybersecurity, continuous monitoring, cyber situational awareness, and the JIE rollout active defense and cyber warfare. Organized by Billington CyberSecurity™.
The Monktoberfest (Portland, Maine, USA, Oct 4, 2013) Our speakers will explore how social trends can change the way we build and use technology, and how technology in turn can change the way we socialize.
Suits and Spooks NYC 2013 (New York, New York, Oct 5, 2013) Since the landscape is foggy, the threat actors numerous and hard to identify, and the attacks proliferating on a daily basis, the focus of the next Suits and Spooks conference will be to identify non-state aggressors in cyberspace. About twenty speakers will present briefings over two days on hackers, citizen militias, and other non-state entities operating in the Middle East, China, Russia, Pakistan, India, Iran, Africa, South America, the United States (yes - we have non-gov threat actors domestically), and other parts of the world. One of our panel moderators will be Joel Brenner (former National Counterintelligence Executive at the Office of the Director of National Intelligence and former Senior Counsel at the NSA).
Forensics and Incident Response Summit EU (Prague, Czech Republic, Oct 6 - 13, 2013) The Summit will focus on high quality and extremely relevant content as well as panel discussions in Digital Forensics and Incident Response. In addition, we encourage you to take every opportunity to make the most of this event from attending the Summit to registering for one or more of the post-summit training classes taught by SANS' top-rated instructors and course authors. Additional events such as DFIR Netwars, evening talks and the SANS Community Night will be taking place during that week too. This event promises to bring together the leading minds in digital forensics and incident response in the EU, as well as many other practitioners from a wide cross section of industries and company sizes. You will be able to share with all of them your challenges and find out new solutions that work, techniques and approaches you didn't even know existed.
CyberMaryland 2013 (Baltimore, Maryland, USA, Oct 8 - 9, 2013) Join cybersecurity leaders, luminaries and rising stars at CyberMaryland 2013. This two-day event at the epicenter of the nation's cybersecurity innovation and education, will create opportunities for networking and idea sharing amongst the many cyber leaders and professionals across the country, including: federal, state and local government agencies, academic institutions, cybersecurity entrepreneurs, and industry leaders of research and development. CyberMaryland 2013 will address the biggest challenges facing America, including future innovation to meet the security challenges facing our country; collaboration across industry, government and educational institutions; and the development of a generation of cyber-warriors. Surrounding all of these issues is a constantly evolving business framework to provide efficient and effective solutions in a time frame that anticipates and mitigates current and future threats.
2013 Maryland Cyber Challenge (Baltimore, Maryland, USA, Oct 8 - 9, 2013) Held in conjunction with Cyber Maryland and intended to let students and young professionals showcase their cybersecurity skills, Maryland Cyber Challenge offers competition in three divisions: high school, college, and professional. Orientation sessions for teams in each of three divisions -- high school, collegiate and industry and government professionals -- will be held at UMBC in July and August. Two qualifying rounds will be conducted online using SAIC's Cyber Network Exercise System.
AFCEA Hill AFB Technology & Cyber Security Expo (Ogden, Utah, USA, Oct 9, 2013) The purpose of this first-time event is to allow base personnel the opportunity to learn about the latest computer security trends, network with peers, share remediation strategies and to view and demo some of the latest cyber security and information technology products/services available today..
International Conference on Cyber–Enabled Distributed Computing and Knowledge Discovery (Shanghai, China, Oct 10 - 12, 2013) International Conference on Cyber-enabled distributed computing and knowledge discovery -promotes research and development of the cyber-related technology. It is unique and significant that spans through cyber-enabled data mining and knowledge discovery, distributed and parallel computing, cyber security, cloud computing, pervasive computing, mobile computing, Internet, wireless networks, cognitive systems, cyber information process, information discovery, e-health via cyber network, e-science, web technology, and network performance and tools. The research and development in these areas have received extensive attention in both the academia and industry to provide ubiquitous services for users. Various hardware and software designs, algorithms, protocols, simulations, and test-bed, and implementations are developed for distributed computing in an interconnected and distributed network environment. The purpose of CyberC is to provide a forum for presentation and discussion of innovative ideas, research results, applications and experience from around the world as well as highlight activities in the related areas.
VizSec 2013 (Atlanta, Georgia, USA, Oct 14, 2013) VizSec brings together researchers and practitioners in information visualization and security to address the specific needs of the cyber security community through new and insightful visualization techniques.
Hack-in-the-Box Security Conference 2013 (Kuala Lumpur, Malaysia, Oct 14 - 17, 2013) The 11th annual HITB Security Conference (16th/17th October) will be a triple track offering featuring keynotes by Andy Ellis, Chief Security Officer at Akamai and Joe Sullivan, Chief Security Officer at Facebook. This year's event also features all new 2-day training courses (14th/15th October) on a wide variety of topics including Android exploitation, extreme web hacking, infrastructure security, exploiting injection flaws and a special iOS security course by the world famous Evad3rs team. The full speaker list and conference agenda will be released after the Call for Papers closes on the 25th of July.
USDA Cyber Security Symposium and Expo 2013 (Washington, DC, USA, Oct 15, 2013) The Cybersecurity Expo, running in conjunction with the Summit, will allow exhibitors the opportunity to provide live demos and share information with government personnel and industry partners. Summit topics will focus on today's vulnerabilities, incidents, security lifecycle, risks and mitigations; it will also identify ways to work together and build a solid security foundation program to meet future challenges and trends in cyber security..
SNW Fall 2013 (Long Beach, California, USA, Oct 15 - 17, 2013) SNW is the world's largest independently produced conference series focused on the evolution of architecture for a new world of mobility, Big Data and business agility. Produced by Computerworld -- and co-owned by Computerworld and the Storage Networking Industry Association (SNIA) -- SNW remains unbiased and vendor agnostic. Unlike events focused on a specific vendor agenda and product portfolio, SNW provides a forum of open thought leadership and practical education that defines the spectrum of storage, data and infrastructure solutions available to a highly qualified audience of enterprise technology decision-makers.
Hexis Exchange (Athens, Greece, Oct 16 - 17, 2013) Attendees will have the opportunity to participate in a knowledge exchange of the latest enterprise security topics through expert led business and technology forums, hands-on sessions, and training. Such topics will include: emerging cybersecurity threats, big data management, advanced analytics, government regulation & compliance, and data retention challenges & solutions.
Cybersecurity Symposium: "Protect. Defend. Educate." (Linthicum, Maryland, USA, Oct 16 - 17, 2013) The Cybersecurity Symposium being held October 16-17, 2013, will deliver first-class training for government and industry security professionals while simultaneously offering high-level keynote speakers, essential networking opportunities, and an informative technology exposition. The Symposium sessions will have a special emphasis on security challenges facing today's security professionals and cyber awareness training for security professionals responsible for protecting sensitive and classified information from the ever increasing threats of mobile devices, espionage, terrorism, and cyber-attacks to ensure our national security. Register by August 31 to ensure the reduced early bird registration fee. This event is free for government employees and active-duty military personnel. Exhibit space and sponsorship opportunities are also available.
Nuclear Regulatory Commission Cyber Security Conference & Expo (Rockville, Maryland, USA, Oct 17, 2013) This one-day conference will consist of cyber sessions in the NRC Auditorium given by government and industry speakers. Exhibit tables will be set-up just outside the Auditorium and companies will have the opportunity to demo their latest technologies to NRC's IT personnel.
13th Industrial Control Systems Cyber Security Conference (Atlanta, Georgia, USA, Oct 21 - 22, 2013) Industrial Control Systems (ICS) operate the infrastructures of electric power, water, chemicals, manufacturing, transportation, defense, etc. and link the digital and physical worlds. Their cyber security presents challenges that are distinct from securing traditional IT systems. The conference is attended by control & operations engineers and their IT counterparts from critical infrastructure industries, by ICS and security vendors, and by universities. Run under the Chatham House rules of confidentiality, the conference discusses ICS cyber incident case studies, provides regulatory updates, discusses solutions in the form of policies and procedures, presents demonstrations of hacking ICS and ICS protocols, and provides a status of ICS security solution field demonstrations.
Cloud Connect (Chicago, Illinois, USA, Oct 21 - 23, 2013) Cloud Connect returns to Chicago October 21-23, 2013 with an all new program built around the leading cloud platforms. Cloud Connect provides the independent guidance IT professionals need to successfully build, operate and manage the cloud, and the tools to measure application performance and business metrics.
cybergmut Technical Tuesday: Cyber Security Strategy — Why We're Losing and What's Needed to Win (Columbia, Maryland, USA, Oct 22, 2013) CrowdStrike's Steve Chabinsky of CrowdStrike explains the situation. Everybody seems to be spending more on cybersecurity, but with questionable return on investment. In fact, the problem clearly is getting worse, and current strategies show no indication of reversing that trend. This non-technical presentation explores the typical cyber risk environment, considers the proper balance and likely effectiveness of threat deterrence, vulnerability mitigation, and consequence management to reduce cyber risk, and examines the current and evolving roles of government agencies and the private sector in addressing the problem. Backed by powerful, real-world examples of threat actor tactics, this presentation will help managers develop a better understanding of how their current security approach is most likely to succeed or fail over time, and what strategies are the most likely to shift the advantage to the good guys. cybergamut is co-hosting this event with the Maryland Chapter of InfraGard.
Cyber Security Seminar and IT Expo at Peterson AFB (Colorado Springs, Colorado, USA, Oct 22, 2013) The Cyber Security Seminar and IT Expo is a one-day event held on-site where industry vendors will have the opportunity to display their products to personnel attending briefings concerning the latest updates in Cyber Security Awareness. This is an excellent and unique opportunity to meet IT personnel from USNORTHCOM, NORAD, Army Space Command, USSPACECOM, and the 21st Space Wing all in one day.
Joint Federal Cyber Summit 2013 (Washington, DC, USA, Oct 23 - 24, 2013) This collaborative government wide event is truly one of a kind, with speakers and attendees anticipated to represent more than 10 federal government agencies. Information sharing will be accomplished through keynote speakers on both days, along with numerous targeted breakout sessions (including a session with a federal CISSO panel), hands on live demonstrations, and industry exhibits.
2013 ACT–IAC Executive Leadership Conference (Williamsburg, Virginia, USA, Oct 27 - 29, 2013) Advances in technology and massive increases in data available can both challenge and transform Government mission performance. ELC-2013 focuses on how to make this transformation a reality, in and for agencies. We will hear from nationally prominent speakers and work across government and industry to learn new ideas and techniques. Four mission-oriented tracks will focus on initiatives for driving results using data and the "Innovate, Deliver, Protect and Analyze" paradigm that is at the heart of the Government's strategic vision.
SAP NS2: National Security Solutions Summit (Falls Church, Virginia, USA, Oct 29, 2013) Join us for a day of learning and networking focused on how to advance U.S. national security and homeland security through I.T. innovation. Top-notch speakers will address the new challenges facing U.S. national security and critical infrastructure -- as well as powerful, affordable technologies that are available today to tackle those challenges while saving money and simplifying operations. Learn how your organization can run faster, smarter, leaner in the most secure environments -- with world-class, breakthrough solutions that are bold alternatives to business as usual.
Regional Cyber Security Forum & IT Day (CSFI) — Hawaii (Honolulu, Hawai'i, USA, Oct 30, 2013) 2013 marks the 10th anniversary of National Cyber Security Awareness Month and FBC will host the 1st Annual Cyber Security Forum & IT Day (CSFI) at Fort Shafter - Club Hale Ikena to coinside with the anniversary, and activities surrounding this month. The goal of CSFI is to raise cyber security awareness, and to promote best practices in cyber while allowing DoD personnel and industry partners the opportunity to share the most up to date remediation strategies. The event will feature four educational cyber sessions to go along with an exhibit hall..
NSA Hawaii — Cyber Security, Intelligence & IT Day (Honolulu, Hawai'i, USA, Oct 30, 2013) Be a part of the 1st Annual Cyber Security, Intelligence and IT Day set to take place at the new National Security Agency (NSA) Hawaii Rochefort facility. The event will be hosted by NS/CCS Hawaii Technology Directorate and will focus on Cyber Security, Big Data and Cloud Computing. There are other areas of interest listed below as well. This is an extremely unique opportunity to network with NSA personnel in Hawaii at their location. Educational sessions will be provided to attendees to coincide with government and industry exhibits.