The CyberWire Daily Briefing for 10.1.2013

Cyber Attacks, Threats, and Vulnerabilities

US news agency GlobalPost's twitter and website hacked by Syrian Electronic Army (Hacker News) In a series of high profile hacks, 'Syrian Electronic Army (SEA)' just a few minutes before took control twitter account and website of 'GlobalPost', a US based news agency. 'Syrian Electronic Army is an organized hacking group loyal to the Syrian President Bashar al-Assad and known for their high profile cyber attacks

Blood-sucking botnet narrowly escapes extermination, lives to leech again (Ars Technica) A highly resilient botnet conservatively estimated to generate about $700,000 per year in fraudulent advertising revenue narrowly escaped a shutdown engineered by whitehats from security firm Symantec

Grappling with the ZeroAccess Botnet (Symantec) The ZeroAccess botnet is one of the largest known botnets in existence today with a population upwards of 1.9 million computers, on any given day, as observed by Symantec in August 2013. A key feature of the ZeroAccess botnet is its use of a peer-to-peer (P2P) command-and-control (C&C) communications architecture, which gives the botnet a high degree of availability and redundancy. Since no central C&C server exists, you cannot simply disable a set of attacker servers to neuter the botnet. Whenever a computer becomes infected with ZeroAccess, it first reaches out to a number of its peers to exchange details about other peers in its known P2P network. This way, bots become aware of other peers and can propagate instructions and files throughout the network quickly and efficiently. In the ZeroAccess botnet, there is constant communication between peers. Each peer continuously connects with other peers to exchange peer lists and check for updated files, making it highly resistant to any take-down attempts

Proxy.sh VPN Provider Sniffed Server Traffic to Catch Hacker (TorrentFreak) The question of whether or not a VPN provider is able to spy on the traffic of its customers appears to be have been answered this past weekend when one of the favorites in the file-sharing space quite amazingly shot itself in the foot. In a surprise announcement Proxy.sh, a service that has built up a pretty decent reputation, admitted it had chosen to sniff the traffic on one of its United States-based servers in order to catch an alleged hacker

Proxy.sh — Can you trust your VPN provider? Maybe… (Security Affairs) Proxy.sh VPN service with no-logging policy announced to have sniffed the traffic of US based server to Catch Hackers. Can we trust the VPN service

Sslnuke — SSL Without Verification Isn't Secure! (Chokepoint) We have all heard over and over that SSL without verification is not secure. If an SSL connection is not verified with a cached certificate, it can easily be hijacked by any attacker. So in 2013, one would think we had totally done away with this problem. Browsers cache certificates and very loudly warn the user when a site has offered up a self-verified certificate and should not be trusted, browser vendors have pretty much solved this problem. However, HTTPS is not the only protocol that uses SSL. Unfortunately, many clients for these other protocols do not verify by default and even if they did, there is no guarantee of secure certificate transfer. After all, how many people are willing to pay $50 for an SSL certificate for their FTPS server

Twitter DM spam/malware (Internet Storm Center) There has been a recent spat of Twitter accounts sending Direct Messages (DM) to others that are either spam or link to malware through shortened URLs. In some cases the accounts sending the DM may have been compromised through weak passwords, a malware infestation on the user's computer, or a third party application not playing nice. Rumours of Twitter having been hacked are also being passed around, I haven't seen any evidence either way. If you have been a victim of your Twitter account tweeting or sending DM without your approval let us know through our contact us page, or comments below. If you have a DM from someone that appears to be spam or has a suspicious link in it please do pass it along

Fort Disco malware is now targeting email and FTP servers (ComputerWorld) A piece of malware designed to launch brute-force password guessing attacks against websites built with popular content management systems like WordPress and Joomla has started being used to also attack email and FTP servers

Yet another iPhone lockscreen vulnerability. This time in iOS 7.02 [VIDEO] (Graham Cluley) Another day, another privacy vulnerability found in iOS. When will Apple learn that a lockscreen should really, properly, lock the phone

Data Broker Hackers Also Compromised NW3C (Krebs on Security) The same miscreants responsible for breaking into the networks of America's top consumer and business data brokers appear to have also infiltrated and stolen huge amounts of data from the National White Collar Crime Center (NW3C), a congressionally-funded non-profit organization that provides training, investigative support and research to agencies and entities involved in the prevention, investigation and prosecution of cybercrime

Anatomy Of A SQL Injection Attack (Dark Reading) It started with a vulnerability on a password reminder page and ended with a compromise of Nasdaq's computer network. Such is the life of a SQL injection vulnerability, one of the most prevalent and well-known classes of security flaws affecting organizations today

iPhone buzz — Fancy a slice of Apple? (TechDay) Spammers are using the flashy and controversial iPhone 5S and iPhone 5C buzz to launch an aggressive stock scam campaign to convince people to buy "shares of stock of Apple." According to Bitdefender data, in a timeframe of 14 hours, 1.5% of one million spam e-mails sent worldwide rushed people to invest in the Cupertino-based company, investing in Apple shares as soon as possible in anticipation of another technological breakthrough

Attacks multiply as hackers target unpatched IE flaw (CSO) Hackers were moving rapidly toward widespread distribution of an exploit for a previously unknown vulnerability in Internet Explorer that awaits a patch from Microsoft, security experts say

Statistics Show Why WordPress is a Popular Hacker Target (WP WhiteSecurity) According to statistics From 40,000+ WordPress Websites in Alexa Top 1 Million, more than 70% of WordPress installations are vulnerable to hacker attacks. Ever wondered why WordPress is such a popular target for malicious hackers? Why in 2012 more than 117,000 WordPress installations were hacked? The statistics in this article explain why

Santa Clara Valley Health System Admits Security Breach (eSecurity Planet) Patients' names, medical record numbers, birthdates, ages, genders, dates of services and brainwaves from testing were exposed

Cleveland Institute of Music Hacked (eSecurity Planet) Names, contact information, credit card information and Social Security numbers may have been accessed

A peek inside a Blackhat SEO/cybercrime–friendly doorways management platform (Webroot Threat Blog) The perceived decline in the use of blackhat SEO (search engine optimization) tactics for delivering malicious/fraudulent content over the last couple of years, does not necessarily mean that cybercriminals have somehow abandoned the concept of abusing the world's most popular search engines. The fact is, this tactic remains effective at reaching users who, on the majority of occasions, trust that that the search result links are malware/exploit free. Unfortunately, that's not the case. Cybercriminals continue introducing new tactics helping fraudulent adversaries to quickly build up and aggregate millions of legitimate visitors, to be later on exposed to online scams or directly

Hand Me Downs: Exploit and Infrastructure Reuse Among APT Campaigns (FireEye) Since we first reported on Operation DeputyDog, at least three other Advanced Persistent Threat (APT) campaigns known as Web2Crew, Taidoor, and th3bug have made use of the same exploit to deliver their own payloads to their own targets. It is not uncommon for APT groups to hand–off exploits to others, who are lower on the zero-day food chain — especially after the exploit becomes publicly available. Thus, while the exploit may be the same, the APT groups using them are not otherwise related

Vulnerability To Phishing Scams May Be Linked To Personality, NYU–Poly Study Shows (Dark Reading) Two factors may boost the likelihood that a computer user will fall prey. Phishing scams are some of the most effective online swindles, hooking both savvy and naive computer users. New insights from researchers at the Polytechnic Institute of New York University (NYU-Poly) point to two factors that may boost the likelihood that a computer user will fall prey: being female and having a neurotic personality

Shutdown could test IT security at federal agencies (GovernmentIT) Agencies would have skeletal IT teams in place to manage systems. A government shutdown that lasts more than a few days could test the ability of federal agencies to protect their information systems against security threats

Security Patches, Mitigations, and Software Updates

LinkedIn Shuts Down Four XSS Flaws (InfoSecurity) LinkedIn has closed the door on four cross-site scripting (XSS) vulnerabilities, which could have been used to ultimately steal credentials from users

Cyber Trends

NTT Com Security Survey Reveals Mature Cloud Adopters Consider Cloud More Secure, Cost-Effective And Flexible Than Data Center Deployment (Dark Reading) Different levels at which businesses are embrace cloud computing reflects a disparity between board-level discussions

Average online bank account is accessed by 2.4 unique devices (Help Net Security) Each month, The ThreatMetrix Global Trust Intelligence Network (The Network) screens more than 500 million site visitors, across more than 1,900 customers and 9,000 websites and uses predictive analytics to differentiate between legitimate and fraudulent behavior, personas and devices

Businesses opt for CYOD twice as often as BYOD (PCR) A 'choose your own device' (CYOD) IT/communications strategy is being run by businesses twice as often as 'bring your own device' (BYOD)

National Cyber Security Awareness Month - let's all do our bit to help (Naked Security) Today is the start of National Cyber Security Awareness Month (NCSAM), a US initiative aimed at making sure everyone has the resources they need to stay safer and more secure online

Marketplace

Government Shutdown Begins as Deadlocked Congress Flails (Bloomberg) The U.S. government began its first partial shutdown in 17 years, idling as many as 800,000 federal employees, closing national parks and halting some services after Congress failed to break a partisan deadlock by a midnight deadline

Impact of a government shutdown (Washington Post) A government shutdown this week would interrupt some services and potentially jeopardize the paychecks of more than 800,000 federal workers. The Office of Management and Budget has asked agencies to begin making contingency plans. Their first stop will be their plans from 2011. The federal government does not stop functioning completely, and by law, certain agencies must operate with unsalaried employees. They include those that deal with national security and the safety of people and property, as well as those that manage benefits such as Social Security payments. The U.S. Postal Service will also be unaffected by a shutdown. Here's what some agencies have said about their plans this time around

How the Government Shutdown Hurts National Security (Daily Beast) If we shut down, a lot of people will be furloughed and billions of dollars will go to waste. Even scarier? The gaping holes in the agencies that keep us safe

GCHQ's CESG CCP 4 UK GOV IT BFFs? LOL RTFA INFOSEC VIPs ASAP (The Register) Yet another security certificate fiddled with by Brit spooks. Britain's global eavesdropping nerve-centre GCHQ hopes to turn its certificates of IT security competence into an industry standard - by awarding them to bods in the private as well as public sector

AccelerEyes debates future in Maryland (Baltimore Business Journal) Now that AccelerEyes has graduated from the University of Maryland, Baltimore County's cyber incubator program, company leaders will have to decide whether to continue growing in Maryland or head back to headquarters in Georgia

SAP cashes in on NSA snooping concerns for new Australian business (Australian Financial Review) Global software giant SAP will expand the number of cloud computing services it offers directly to Australian clients in a bid to cash in on a wave of privacy concerns arising from revelations of United States government surveillance practices

What PRISM effect? DigitalOcean's cloud passes 500,000 virtual-server mark (VentureBeat) The press has been quick to play up pundits' predictions of PRISM's walloping of the cloud–computing industry. But new evidence suggests the fallout might not be as pervasive as it might seem

Is your data more private on foreign servers? (ZDNet) Companies outside the US are marketing their Internet services as more private, out of reach of the US government. Everyone knows about the scandal of NSA bulk data collection and surveillance of Americans and non-Americans. There are many reasonable ways to respond to it. Or you can be irrational. One irrational suggestion, for Americans anyway, is to move your computing off-shore

Creep Factor Isn't Hurting Palantir With Investors (BusinessWeek) When Forbes profiled the founder of Palantir, the CIA-funded data mining company, last month, it raised the question of whether the company would suffer from the stigma of government spying when trying to raise money or sign new clients

How Secure Can Silent Circle Get? (BusinessWeek) The secure communications provider Silent Circle is pretty upset about the apparent betrayal of the cryptographic community by the National Security Agency, so it's moving away from encryption standards that the intelligence agency helped develop

Want To Avoid NSA–Corrupted Crypto? Get Thee To The Geeks (TechWeek) The NSA may have ruined Internet security, but Silent Circle is leading the way in pushing non-standardised encryption. Tom Brewster says this is the way forward

BAE cashes in on state 'cyber war' (The Independent) Companies House filings show that BAE's Detica cyber security and intelligence arm has been raking in rapidly growing revenues in recent years as it seeks to

Michael Dell, Silver Lake Get The Green Light From Regulators On $24.9B Plan To Take Dell Private (TechCrunch) The government may now be in shutdown mode, but not before it gave the go-ahead to Dell to go private. The embattled PC company today announced that it has received all necessary regulatory clearance for Michael Dell, who founded and led the computer firm as CEO and chairman, and Silver Lake Partners to take the company private in a $24.9 billion transaction. This was the last big hurdle Dell

Serious Yahoo bug discovered. Researchers rewarded with $12.50 voucher to buy corporate T–shirt (Graham Cluley) Yahoo, it seems, just can't do anything right when it comes to winning friends in the security industry. First, they came up with a bonkers scheme for recycling old email addresses — not apparently realising that the danger of identity theft to which it was exposing the original account holders. Next, Yahoo CEO Marissa Mayer showed she didn't even have time to tap four digits, and admitted she doesn't bother to have even a simple security passcode on her iPhone. And now, it's been revealed that it takes its users' security with such disregard that it "rewards" researchers who find vulnerabilities with a paltry $12.50 bounty…which can only be spent in Yahoo's Company Store

Products, Services, and Solutions

Only Ho Hum Security Holes Ahead For In–Memory DB (Dark Reading) Oracle's new performance features shouldn't pose any unique risks, experts say. Coming out of its annual conference last week, Oracle made it clear that it's moving to stave off big data vendors' plays for its core database business. Part of that strategy was a visible launch of an in–memory database processing option that Larry Ellison claimed speeds up "query processing by orders of magnitude" and doubles transaction processing rates. But what of security? Often big performance gains can bring with them equally big headaches, but at this point many database security experts say that in–memory functionality won't add too many unique security threats to the enterprise environment

Splunk rolls out Enterprise 6, focuses on M2M data accessibility (ZDNet) Splunk's Enterprise 6 aims to make machine-to-machine data and analytics accessible to C–level execs and non-technical users

Qualys Adds Automated Daily Scanning and Mac Support to Its Popular Free BrowserCheck Service (MarketWired) Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of cloud security and compliance solutions, today released a new version of Qualys BrowserCheck, the popular, free service that helps people keep their browsers and plug-ins up-to-date to protect against harmful online content and malicious software. The latest version now includes expanded support for Macs and enables users to automatically run daily scans that detect which browsers, plug-ins, system settings, security software, missing patches and applications are on each machine and whether newer versions have been released by the corresponding vendors. Alerts are automatically generated whenever browsers or their plug-ins need updating, allowing users to fix and update missing patches that could expose them to cyber threats

This is the first interesting search engine since Google (Quartz) It's hard to build a really new search engine. Microsoft has spent enormous resources trying to convince people that Bing's search results are just as good as Google's. Bing has won market share, but not at Google's expense. Other Google alternatives like DuckDuckGo are growing rapidly because they pledge to protect people's privacy

Procera Networks Achieves Highest Score Awarded in 2013 Broadband Technology Reports Annual Diamond Technology Reviews (MarketWatch) Procera Networks, Inc. PKT -2.36% , the global Internet Intelligence company, today announced it has received a Broadband Technology Report (BTR) Diamond Technology Review ranking of 4.5 out of 5 "Diamonds" for its PacketLogic(TM) Dynamic LiveView. Dynamic LiveView was announced in Q2 2013 and is the industry's first real-time, dynamic query capability for network analytics that enables network operators, cloud providers, and high-speed enterprises to gain customized real-time insights into network traffic and subscriber behavior

Technologies, Techniques, and Standards

Reaping The Security Rewards Of SDN (Dark Reading) Software-defined network will be a major theme for Interop — here's why some experts believe security pros should be paying attention. When Interop gears up tomorrow in New York, you can bet your trade-show tchotchkes that software defined networking (SDN) will dominate airtime as one of the prevalent themes. Many vendors and pundits will push the performance and operational boosts from SDN as the most obvious benefits of SDN strategies. But as organizations roll up their sleeves and dig into the technology and architecture of SDN, they could find that the biggest opportunity for improving IT through it may actually be in security

NSA Crypto Questions Resemble a 'Hall of Mirrors' (Threatpost) There's been no shortage of discussion and debate in recent week about the possibility that the NSA has intentionally weakened some cryptographic algorithms and cipher suites in order to give it an advantage in its intelligence-gathering operations. If you subscribe to the worst-case scenario line of thinking, then most of the commonly used ciphers are

Do Cyber–Offensive Strategies Make Sense? (eWeek) When it comes to modern enterprise IT security, the best defense isn't necessarily about having a good offense. A panel of experts at the International Information Systems Security Certification Consortium (ISC2) Security Congress' 2013 event debated the issue of cyber-offensive strategies on Sept. 27. The panel concluded that offensive strategies aren't likely the right approach for most, if not all, enterprise IT shops

Shutdown's Impact on Federal IT Security (GovInfoSecurity) NIST Suspends Work on Obama's Cybersecurity Framework

Do these 3 essential security tasks for your family today (Naked Security) You're probably your family's 24/7 IT support desk, switching the printer off and on again, locating the missing internet... Make your life easier and your family safer - kick off National Cyber Security Awareness Month by doing these 3 essential security tasks today

List Of Mandatory Documents Required By ISO 27001 (2013 revision) (Information Security Buzz) With the new revision of ISO/IEC 27001 published only a couple of days ago, many people are wondering what documents are mandatory in this new 2013 revision. Are there more or fewer documents required? So here is the list – below you will see not only mandatory documents, but also the most commonly used documents for ISO 27001 implementation

Reengineering Human Behavior Can Foil Phishing (TechNewsWorld) One of the biggest cybersecurity problems is the tendency for humans to be gulled by clever con artists. There's no surefire technological solution, but people can be taught to recognize phishing attacks through a series of simulations. Just five or six short bursts of instruction over a period of months can drastically improve resistance, said Rohyt Belani, CEO of PhishMe

Enterprises should ditch BlackBerry, recommends Gartner (FierceMobileIT) Enterprises should look for alternatives to BlackBerry smartphones and enterprise mobility management platforms over the next six months, according to a new Gartner report to clients authored by analyst Ken Dulaney. Gartner analyst Bill Menezes confirmed this in an email interview with Computerworld

NIST: Cryptographic key management a challenge in the cloud (FierceGovernmentIT) Generating and interacting with data in the cloud requires security capabilities dependent on the cryptographic keys--but managing these keys is complex in a cloud environment, says the National Institute of Standards and Technology in a recently published interagency report

Experian Data Breach Resolution Reveals Five Common Mistakes Made When Handling A Breach (Dark Reading) In recognition of National Cyber Security Awareness Month, the list identifies missteps that may put organizations at greater risk for reputational, financial, and legal damage

The Hacks are Coming from Inside the Building (Fast Company) Earlier this year, employees at a prominent media company received a strange email asking them to reverify their accounts. These emails didn't come from a web hosting company or a cloud service provider--instead, they came from an attacker trying to find vulnerabilities in their network. But the attacker wasn't the Syrian Electronic Army or Russian criminal gangs. Instead, the employees of Atlantic Media (publishers of, among others, The Atlantic and Quartz) were phished by their CTO, Tom Cochran

Research and Development

Scientists must spearhead ethical use of big data (Politico) The recent revelation that the National Security Agency collects the personal data of United States citizens, allies and enemies alike has broken the traditional erning the bond between science and society. Most breakthrough technologies have dual uses. Think of atomic energy and the nuclear bomb or genetic engineering and biological weapons. This tension never gives way. Our only hope to overcoming it is to stop all research

Academia

Singapore aims to up cybersecurity with youth training, public awareness (ZDNet) Singapore IT Security Authority will open an Advanced Cyber Security Training Facility with Temasek Polytechnic to provide youths with real-world hands-on training, and launch an interactive game to raise public awareness

What I Wish I Knew Before Studying Computer Security in College (Matthew Fuller) In twelve short weeks I am going to be graduating from college with a degree in Computer Networking with a focus in Computer Security. Over the past three and a half years, I have studied security in class, become involved in security-related extra-curriculars and in the industry, interned for a combined full year of full-time work at three different companies, and developed countless personal projects. Now that my time in college is almost over, I want to reflect on some of the things I've learned as a student of Computer Security with the hope that some incoming security students can learn from my experiences. If you are currently in the industry or have any other advice, feel free to leave a comment and start a discussion

Legislation, Policy, and Regulation

Former NSA chief: western intelligence agencies must be more transparent (Guardian) General Michael Hayden, who also headed CIA, admits US and UK agencies have become too secretive for their own good

The NSA Deserves a Permanent Shutdown (Huffington Post) To the people in control of the executive branch, violating our civil liberties is an essential government service. So — to ensure total fulfillment of Big Brother's vast responsibilities — the National Security Agency is insulated from any fiscal disruption. The NSA's surveillance programs are exempt from a government shutdown. With typical understatement, an unnamed official told The Hill that "a shutdown would be unlikely to affect core NSA operations"

Japan to Upgrade Its Cyberdefense Capabilities (Voice of America) So even if the Defense Ministry was hit by a cyber attack, they could do no more than a private sector company. That is to say, they can only sit there and watch

Singapore Personal Data Protection Commission Issues Guidelines (Privacy and Information Security Law Blog) On September 24, 2013, the Singapore Personal Data Protection Commission (the "Commission") published guidelines to facilitate implementation of the Singapore Personal Data Protection Act (the "PDPA"). The Advisory Guidelines on Key Concepts in the Personal Data Protection Act and the Advisory Guidelines on the Personal Data Protection Act for Selected Topics provide explanations of concepts underlying the data protection principles in the PDPA, and offer guidance on how the Commission may interpret and apply the PDPA with respect to certain issues (e.g., anonymization, employment, national identification numbers). The guidelines are advisory only; they are not legally binding

MOD cybersecurity plans do not scale (Information Security Buzz) In the last few days The Ministry of Defence revealed it is set to recruit hundreds of reservists as computer experts to work alongside regular forces in the creation of the new Joint Cyber Reserve Unit. But is that enough

Telecom department prepares new draft norms for checking cyber attacks (Economic Times) The ministry of communications has proposed that mobile phone companies should beef up their networks to protect against any kind of cyber attack and cyber terrorism, according to internal documents seen by ET

Litigation, Investigation, and Law Enforcement

NSA stores all collectable browsing data for 365 days, new leak reveals (The Verge) A new leak published by The Guardian reveals more details about the NSA's Marina metadata program, including the program's ability to look back at a full year of metadata for millions of web users, regardless of whether the users are the target of an investigation. The metadata can include anything from browsing history to more detailed account activity in the case of web-based email, including contact lists and potentially even account passwords

NSA = National Stalker Agency? (Naked Security) NSA employees have ignored rules meant to protect people's privacy in a dozen substantiated cases since 2003, the spy agency's inspector general has told the Senate's Judiciary Committee. In plain English, that means that agents have been running queries on email addresses and have eavesdropped on

NSA's Actual Reach Exceeds Its Constitutional Grasp (Huffington Post) The blockbuster story by James Risen and freelance journalist Laura Poitras in the New York Times of September 29--"N.S.A. Gathers Data on Social Connections of U.S. Citizens"--should be enough to either a) lead to resignations from high office; or b) spark the appointment of a special Federal prosecutor; or c) cause the House Judiciary Committee to hold a preliminary hearing on possible impeachment charges. For the bald fact is that the White House under President Barack Obama (of whom I have been a strong supporter) has run off the constitutional tracks of government in its intelligence practices and policies

A CEO who resisted NSA spying is out of prison. And he feels 'vindicated' by Snowden leaks. (Washington Post) Just one major telecommunications company refused to participate in a legally dubious NSA surveillance program in 2001. A few months later, its CEO was indicted by federal prosecutors. He was convicted, served four and a half years of his sentence and was released this month

Investigation into Prism Scandal by European Parliament (Infosecurity Magazine) The European Parliament's LIBE Committee (Civil Liberties, Justice and Home Affairs) is holding an inquiry into the 'Prism scandal' comprising a series of special hearings looking at specific aspects. Yesterday it heard evidence from the whistleblowers

Snowden says his "sole intention" was to prompt national security debate (Ars Technica) Former National Security Agency contractor Edward Snowden spoke publicly for the first time in many weeks, sort of. The famed leaker didn't speak for himself

Hopkins professor rejects invitation to review NSA documents leaked by Snowden (Baltimore Sun) A Johns Hopkins University cryptography professor — who gained media attention when university officials told him to take down a blog post he wrote about National Security Agency documents leaked by Edward Snowden — says he declined an invitation this week to join journalists and others reviewing the classified NSA documents

More Tech Firms Sign On To Effort to Publicize NSA requests (Wall Street Journal) Tech companies are stepping up their campaign to get permission from Washington to tell the public more about how they share customer information with the U.S. National Security Agency. On Monday, a coalition of 28 Silicon Valley firms, including Google, Apple Inc., Microsoft, and Facebook, signed a letter backing proposed Congressional legislation that would allow

Two Ukrainians Arrested for Selling Access to 21,000 Hacked Servers (Softpedia) The Spanish National Police, backed by Europol's European Cybercrime Center (EC3), have arrested two Ukrainian nationals on suspicion of selling access to 21,000 hacked computer servers to other cybercriminals

German Cybercops Arrest Student for DDOS Attack on State Website (Softpedia) Officers of Germany's Cyber Crime Competence Center (4C), a unit of the State Criminal Police Office (LKA), have arrested an 18-year-old student suspected of disrupting the official website of the state of Saxony-Anhalt with a distributed denial-of-service (DDOS) attack

For a complete running list of events, please visit the Event Tracker.

Upcoming Events

Hack.lu 2013 (Luxembourg, Oct 22 - 24, 2013) Hack.lu is an open convention/conference where people can discuss about computer security, privacy, information technology and its cultural/technical implication on society.

BREAKPOINT 2013 (Melbourne, Australia, Oct 24 - 25, 2013) Over two days, 14 world-renowned speakers front Breakpoint to share their knowledge on a full range of security issues, from unpublished research to the latest trends in information security.

Ruxcon (Melbourne, Australia, Oct 26 - 27, 2013) Ruxcon is a computer security conference that aims to bring together the best and the brightest security talent within the Aus-Pacific region. The conference is a mixture of live presentations, activities and demonstrations presented by security experts from the Aus-Pacific region and invited guests from around the world. Ruxcon is widely regarded as a leading computer security conference within Australia attracting all facets of the security landscape from industry, academics, to enthusiasts.

RSA Conference Europe (Amsterdam, the Netherlands, Oct 29 - 31, 2013) Information security today isn't optional. It's business-critical. Over three days, RSA® Conference Europe 2013 imparts the must-know actions to manage growing cyber threats. With over 60 sessions spanning 10 hours, attend the educational and networking event that builds your knowledge and furthers your career.

RSA Conference USA (San Francisco, California, USA, Feb 24 - 28, 2014) Hundreds of game-changing interactions will give you an unparalleled diversity of industry insight and information based on best practices, real implementation stories, and detailed case studies. Each year, educational sessions feature new and returning educational tracks you won't find anywhere else.

Information Security Conference (Charleston, West Virginia, USA, Oct 2, 2013) On October 2, the WVOT Office of Information Security and Controls, will be sponsoring a no-charge information and cyber security awareness event at the Charleston Civic Center. The agenda will offer an energizing morning of highly informative sessions. Free posters, calendars, bookmarks, and other security-themed items will be available. The event is open to the public, however registration priority will be given to public sector officials and employees.

NSU Hosts FBI Presentation on National Cyber Security Awareness (Fort Lauderdale, Florida, USA, Oct 3, 2013) GSCIS Hosts the Federal Bureau of Investigation (FBI) Special Agents special presentation on "National Cyber Security Awareness." RSVP at the link.

The Monktoberfest (Portland, Maine, USA, Oct 4, 2013) Our speakers will explore how social trends can change the way we build and use technology, and how technology in turn can change the way we socialize.

Suits and Spooks NYC 2013 (New York, New York, Oct 5, 2013) Since the landscape is foggy, the threat actors numerous and hard to identify, and the attacks proliferating on a daily basis, the focus of the next Suits and Spooks conference will be to identify non-state aggressors in cyberspace. About twenty speakers will present briefings over two days on hackers, citizen militias, and other non-state entities operating in the Middle East, China, Russia, Pakistan, India, Iran, Africa, South America, the United States (yes - we have non-gov threat actors domestically), and other parts of the world. One of our panel moderators will be Joel Brenner (former National Counterintelligence Executive at the Office of the Director of National Intelligence and former Senior Counsel at the NSA).

Forensics and Incident Response Summit EU (Prague, Czech Republic, Oct 6 - 13, 2013) The Summit will focus on high quality and extremely relevant content as well as panel discussions in Digital Forensics and Incident Response. In addition, we encourage you to take every opportunity to make the most of this event from attending the Summit to registering for one or more of the post-summit training classes taught by SANS' top-rated instructors and course authors. Additional events such as DFIR Netwars, evening talks and the SANS Community Night will be taking place during that week too. This event promises to bring together the leading minds in digital forensics and incident response in the EU, as well as many other practitioners from a wide cross section of industries and company sizes. You will be able to share with all of them your challenges and find out new solutions that work, techniques and approaches you didn't even know existed.

CyberMaryland 2013 (Baltimore, Maryland, USA, Oct 8 - 9, 2013) Join cybersecurity leaders, luminaries and rising stars at CyberMaryland 2013. This two-day event at the epicenter of the nation's cybersecurity innovation and education, will create opportunities for networking and idea sharing amongst the many cyber leaders and professionals across the country, including: federal, state and local government agencies, academic institutions, cybersecurity entrepreneurs, and industry leaders of research and development. CyberMaryland 2013 will address the biggest challenges facing America, including future innovation to meet the security challenges facing our country; collaboration across industry, government and educational institutions; and the development of a generation of cyber-warriors. Surrounding all of these issues is a constantly evolving business framework to provide efficient and effective solutions in a time frame that anticipates and mitigates current and future threats.

2013 Maryland Cyber Challenge (Baltimore, Maryland, USA, Oct 8 - 9, 2013) Held in conjunction with Cyber Maryland and intended to let students and young professionals showcase their cybersecurity skills, Maryland Cyber Challenge offers competition in three divisions: high school, college, and professional. Orientation sessions for teams in each of three divisions -- high school, collegiate and industry and government professionals -- will be held at UMBC in July and August. Two qualifying rounds will be conducted online using SAIC's Cyber Network Exercise System.

AFCEA Hill AFB Technology & Cyber Security Expo (Ogden, Utah, USA, Oct 9, 2013) The purpose of this first-time event is to allow base personnel the opportunity to learn about the latest computer security trends, network with peers, share remediation strategies and to view and demo some of the latest cyber security and information technology products/services available today..

NSU's Raising Savvy Cyber Kids with Ben Halpert (Fort Lauderdale, Florida, USA, Oct 10, 2013) Ben Halpert is an award-winning author of several books for diverse audiences. The Savvy Cyber Kids At Home: The Family Gets A Computer (October, 2010) is a picture book that teaches the concepts of online safety and privacy to preschool children. The Savvy Cyber Kids At Home: The Defeat of the Cyber Bully (October, 2011) teaches children how to appropriately respond to a cyber bully before playing in the virtual world. All Savvy Cyber Kids books are available in English, Spanish, German, and French. For those in the business field, Ben has published Auditing Cloud Computing: A Security and Privacy Guide (July 2011) through John Wiley & Sons. RSVP at the link.

International Conference on Cyber–Enabled Distributed Computing and Knowledge Discovery (Shanghai, China, Oct 10 - 12, 2013) International Conference on Cyber-enabled distributed computing and knowledge discovery -promotes research and development of the cyber-related technology. It is unique and significant that spans through cyber-enabled data mining and knowledge discovery, distributed and parallel computing, cyber security, cloud computing, pervasive computing, mobile computing, Internet, wireless networks, cognitive systems, cyber information process, information discovery, e-health via cyber network, e-science, web technology, and network performance and tools. The research and development in these areas have received extensive attention in both the academia and industry to provide ubiquitous services for users. Various hardware and software designs, algorithms, protocols, simulations, and test-bed, and implementations are developed for distributed computing in an interconnected and distributed network environment. The purpose of CyberC is to provide a forum for presentation and discussion of innovative ideas, research results, applications and experience from around the world as well as highlight activities in the related areas.

VizSec 2013 (Atlanta, Georgia, USA, Oct 14, 2013) VizSec brings together researchers and practitioners in information visualization and security to address the specific needs of the cyber security community through new and insightful visualization techniques.

Hack-in-the-Box Security Conference 2013 (Kuala Lumpur, Malaysia, Oct 14 - 17, 2013) The 11th annual HITB Security Conference (16th/17th October) will be a triple track offering featuring keynotes by Andy Ellis, Chief Security Officer at Akamai and Joe Sullivan, Chief Security Officer at Facebook. This year's event also features all new 2-day training courses (14th/15th October) on a wide variety of topics including Android exploitation, extreme web hacking, infrastructure security, exploiting injection flaws and a special iOS security course by the world famous Evad3rs team. The full speaker list and conference agenda will be released after the Call for Papers closes on the 25th of July.

USDA Cyber Security Symposium and Expo 2013 (Washington, DC, USA, Oct 15, 2013) The Cybersecurity Expo, running in conjunction with the Summit, will allow exhibitors the opportunity to provide live demos and share information with government personnel and industry partners. Summit topics will focus on today's vulnerabilities, incidents, security lifecycle, risks and mitigations; it will also identify ways to work together and build a solid security foundation program to meet future challenges and trends in cyber security..

SNW Fall 2013 (Long Beach, California, USA, Oct 15 - 17, 2013) SNW is the world's largest independently produced conference series focused on the evolution of architecture for a new world of mobility, Big Data and business agility. Produced by Computerworld -- and co-owned by Computerworld and the Storage Networking Industry Association (SNIA) -- SNW remains unbiased and vendor agnostic. Unlike events focused on a specific vendor agenda and product portfolio, SNW provides a forum of open thought leadership and practical education that defines the spectrum of storage, data and infrastructure solutions available to a highly qualified audience of enterprise technology decision-makers.

Hexis Exchange (Athens, Greece, Oct 16 - 17, 2013) Attendees will have the opportunity to participate in a knowledge exchange of the latest enterprise security topics through expert led business and technology forums, hands-on sessions, and training. Such topics will include: emerging cybersecurity threats, big data management, advanced analytics, government regulation & compliance, and data retention challenges & solutions.

Cybersecurity Symposium: "Protect. Defend. Educate." (Linthicum, Maryland, USA, Oct 16 - 17, 2013) The Cybersecurity Symposium being held October 16-17, 2013, will deliver first-class training for government and industry security professionals while simultaneously offering high-level keynote speakers, essential networking opportunities, and an informative technology exposition. The Symposium sessions will have a special emphasis on security challenges facing today's security professionals and cyber awareness training for security professionals responsible for protecting sensitive and classified information from the ever increasing threats of mobile devices, espionage, terrorism, and cyber-attacks to ensure our national security. Register by August 31 to ensure the reduced early bird registration fee. This event is free for government employees and active-duty military personnel. Exhibit space and sponsorship opportunities are also available.

NSU Healthcare Cyber Security Summit (Fort Lauderdale, Florida, USA, Oct 17, 2013) In today's modern healthcare systems, data is everywhere, including sensitive patient data that needs to be secured and monitored. Join top healthcare security professionals from Nova Southeastern University, AccessData, and RSA to hear about current regulations that affect healthcare companies of all sizes, ways to protect sensitive data, and learn techniques to monitor access for suspicious activity. If you are responsible for the privacy or security of your company's healthcare data, you will benefit from presentations from these leading experts in the field. NSU's Chief Information Security and HIPAA Security Officer, John Christly, will examine the threats to the privacy and security of todays' modern healthcare operations. You will also hear from experts from AccessData and RSA on how to detect and prevent data breaches. RSVP at the link.

Nuclear Regulatory Commission Cyber Security Conference & Expo (Rockville, Maryland, USA, Oct 17, 2013) This one-day conference will consist of cyber sessions in the NRC Auditorium given by government and industry speakers. Exhibit tables will be set-up just outside the Auditorium and companies will have the opportunity to demo their latest technologies to NRC's IT personnel.

Securing the Internet of Things Summit (San Francisco, California, USA, Oct 21, 2013) The Internet of Things is still in its infancy and the security community has a chance to build in new approaches to security if we get started now. More secure embedded operating systems and applications, more scalable approaches to continuous monitoring and threat mitigation and new ways of detecting and blocking active threats are evolving and can be tremendously effective. SANS is looking to bring together community talent and ideas to develop new solutions, demonstrate security technology that already works and to provide a force multiplier to making the Internet of Things be more secure than the first phases of Internet evolution.

13th Industrial Control Systems Cyber Security Conference (Atlanta, Georgia, USA, Oct 21 - 22, 2013) Industrial Control Systems (ICS) operate the infrastructures of electric power, water, chemicals, manufacturing, transportation, defense, etc. and link the digital and physical worlds. Their cyber security presents challenges that are distinct from securing traditional IT systems. The conference is attended by control & operations engineers and their IT counterparts from critical infrastructure industries, by ICS and security vendors, and by universities. Run under the Chatham House rules of confidentiality, the conference discusses ICS cyber incident case studies, provides regulatory updates, discusses solutions in the form of policies and procedures, presents demonstrations of hacking ICS and ICS protocols, and provides a status of ICS security solution field demonstrations.

Cloud Connect (Chicago, Illinois, USA, Oct 21 - 23, 2013) Cloud Connect returns to Chicago October 21-23, 2013 with an all new program built around the leading cloud platforms. Cloud Connect provides the independent guidance IT professionals need to successfully build, operate and manage the cloud, and the tools to measure application performance and business metrics.

cybergmut Technical Tuesday: Cyber Security Strategy — Why We're Losing and What's Needed to Win (Columbia, Maryland, USA, Oct 22, 2013) CrowdStrike's Steve Chabinsky of CrowdStrike explains the situation. Everybody seems to be spending more on cybersecurity, but with questionable return on investment. In fact, the problem clearly is getting worse, and current strategies show no indication of reversing that trend. This non-technical presentation explores the typical cyber risk environment, considers the proper balance and likely effectiveness of threat deterrence, vulnerability mitigation, and consequence management to reduce cyber risk, and examines the current and evolving roles of government agencies and the private sector in addressing the problem. Backed by powerful, real-world examples of threat actor tactics, this presentation will help managers develop a better understanding of how their current security approach is most likely to succeed or fail over time, and what strategies are the most likely to shift the advantage to the good guys. cybergamut is co-hosting this event with the Maryland Chapter of InfraGard.

Cyber Security Seminar and IT Expo at Peterson AFB (Colorado Springs, Colorado, USA, Oct 22, 2013) The Cyber Security Seminar and IT Expo is a one-day event held on-site where industry vendors will have the opportunity to display their products to personnel attending briefings concerning the latest updates in Cyber Security Awareness. This is an excellent and unique opportunity to meet IT personnel from USNORTHCOM, NORAD, Army Space Command, USSPACECOM, and the 21st Space Wing all in one day.

Joint Federal Cyber Summit 2013 (Washington, DC, USA, Oct 23 - 24, 2013) This collaborative government wide event is truly one of a kind, with speakers and attendees anticipated to represent more than 10 federal government agencies. Information sharing will be accomplished through keynote speakers on both days, along with numerous targeted breakout sessions (including a session with a federal CISSO panel), hands on live demonstrations, and industry exhibits.

NSU's 12 Simple Cybersecurity Rules For Your Small Business (Fort Lauderdale, Florida, USA, Oct 24, 2013) In this presentation twelve simple and inexpensive techniques for protecting small businesses from cyber threats will be discussed. While complex and expensive solutions exist to improve the security of information technology most of these products are not designed for the specific needs of small businesses. The techniques that will be discussed in the presentation are designed to address the most common threats encountered by small businesses without requiring significant expertise and expense. RSVP at the link.

2013 ACT–IAC Executive Leadership Conference (Williamsburg, Virginia, USA, Oct 27 - 29, 2013) Advances in technology and massive increases in data available can both challenge and transform Government mission performance. ELC-2013 focuses on how to make this transformation a reality, in and for agencies. We will hear from nationally prominent speakers and work across government and industry to learn new ideas and techniques. Four mission-oriented tracks will focus on initiatives for driving results using data and the "Innovate, Deliver, Protect and Analyze" paradigm that is at the heart of the Government's strategic vision.

SAP NS2: National Security Solutions Summit (Falls Church, Virginia, USA, Oct 29, 2013) Join us for a day of learning and networking focused on how to advance U.S. national security and homeland security through I.T. innovation. Top-notch speakers will address the new challenges facing U.S. national security and critical infrastructure -- as well as powerful, affordable technologies that are available today to tackle those challenges while saving money and simplifying operations. Learn how your organization can run faster, smarter, leaner in the most secure environments -- with world-class, breakthrough solutions that are bold alternatives to business as usual.

Regional Cyber Security Forum & IT Day (CSFI) — Hawaii (Honolulu, Hawai'i, USA, Oct 30, 2013) 2013 marks the 10th anniversary of National Cyber Security Awareness Month and FBC will host the 1st Annual Cyber Security Forum & IT Day (CSFI) at Fort Shafter - Club Hale Ikena to coinside with the anniversary, and activities surrounding this month. The goal of CSFI is to raise cyber security awareness, and to promote best practices in cyber while allowing DoD personnel and industry partners the opportunity to share the most up to date remediation strategies. The event will feature four educational cyber sessions to go along with an exhibit hall..

NSA Hawaii — Cyber Security, Intelligence & IT Day (Honolulu, Hawai'i, USA, Oct 30, 2013) Be a part of the 1st Annual Cyber Security, Intelligence and IT Day set to take place at the new National Security Agency (NSA) Hawaii Rochefort facility. The event will be hosted by NS/CCS Hawaii Technology Directorate and will focus on Cyber Security, Big Data and Cloud Computing. There are other areas of interest listed below as well. This is an extremely unique opportunity to network with NSA personnel in Hawaii at their location. Educational sessions will be provided to attendees to coincide with government and industry exhibits.