The CyberWire Daily Briefing for 10.18.2013
Belgacom, having stepped up its network monitoring, announces that a change to router software has prompted it to investigate another possible intrusion. The Belgian telecom is an attractive target because of the large volume of Middle Eastern traffic its cables carry.
Apple iMessage protocols are found vulnerable to man-in-the-middle attacks. A researcher identifies several issues with Bugzilla that could be exploited in cross-site request forgery and cross-site scripting attacks. Tenda's routers are found to contain a backdoor.
FireEye describes how ASLR bypass techniques are becoming a routine feature of sophisticated malware. Naked Security pulls apart the CryptoLocker ransomware.
Last week an unnamed "trading platform" suffered a sustained—150-hour—and determined denial-of-service attack. (The attackers are unidentified but their motives are said to have been "competitive"). Incapsula reports the attack was unusual in using "headless browsers"—versions of Phantom JS.
South African authorities struggle to contain and mitigate the Dexter Trojan, which has been stealing bankcard data from fast-food outlets. (Dexter has been found on the same servers as Alina and Citadel.) Elsewhere in the cyber underworld, a Pinterest scam may herald the return of the RU:8080 gang.
Research suggests that half the US Federal Government breaches are traceable to user noncompliance with security measures. There's a dilemma here: the more thorough security policies become, the more burdensome (and hence self-defeating) they tend to be.
Lenovo may buy part of BlackBerry. Huawei denies receiving government data requests.
Observers see an anti-surveillance bandwagon in the US Congress.
Snowden explains why he leaked.
Notes.
Today's issue includes events affecting Algeria, Australia, Belgium, China, European Union, Finland, France, Germany, India, Russia, South Africa, United Kingdom, and United States..
Cyber Attacks, Threats, and Vulnerabilities
Belgium's Belgacom investigates new hacking attempt (Reuters) Belgian telecoms group Belgacom is investigating another possible hacking attempt at its international wholesale arm BICS, the group said late on Thursday
Apple iMessage Open to Man in the Middle, Spoofing Attacks (Threatpost) The Apple iMessage protocol has been shrouded in secrecy for years now, but a pair of security researchers have reverse-engineered the protocol and found that Apple controls the encryption key infrastructure for the system and therefore has the ability to read users' text messages-or decrypt them and hand them over at the order of a government agency
Apple's iCloud protocols cracked and analyzed (Help Net Security) Smartphones carry a lot of sensitive data that in theory should be accessible only to their owners. In practice, a lot of it can be exfiltrated from the devices and from the backups either stored on the device or in the cloud by employing different forensic methods
Bugzilla Cross Site Request Forgery & Cross Site Scripting (ASCII) (IntelligentExploit) Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issues have been discovered in Bugzilla
From China, With Love (/DEV/TTYS0) Lest anyone think that D-Link is the only vendor who puts backdoors in their products, here's one that can be exploited with a single UDP packet, courtesy of Tenda
ASLR Bypass Apocalypse in Recent Zero–Day Exploits (FireEye Blog) ASLR (Address Space Layout Randomization) is one of the most effective protection mechanisms in modern operation systems. But it's not perfect. Many recent APT attacks have used innovative techniques to bypass ASLR bypass techniques
CrypoLocker ransomware — see how it works, learn about prevention, cleanup and recovery (Naked Security) This article explains how the CryptoLocker ransomware works, including a short video showing you what it does
DDoS Attack Used 'Headless' Browsers In 150–Hour Siege (Dark Reading) Distributed denial-of-service attack employed a browser app toolkit to simulate Web visitors accessing the victim's website. "Headless" browsers pummeled a trading platform's website this past week in a rare form of a distributed denial-of-service (DDoS) attack that lasted for 150 hours. The attack employed some 180,000 IP addresses — and as of today continues to rebound in smaller pockets — according to cloud–based DDoS mitigation service provider Incapsula, which discovered and mitigated the massive attack for its customer
South Africa steps up battle against cybercrime as Dexter trojan hits fast food chains (ZDNet) A new National Cybersecurity Advisory Council has been formed in same week trojan discovered on POS servers
Inside a malware campaign: Alina + Dexter + Citadel (XyliBox) I am going to start this article by mentioning that the server i am about to talk was under strong investigations. But now i can talk, and there are some interesting things i want to mention about Alina and Dexter (both most popular PoS malwares for the moment)
Mac tech support scam reported (ZDNet) Online tech support can be an opportunity to trick unsophisticated users into buying unnecessary software and services. Malwarebytes found a company that offers such disservices to Mac users
Anti–virus provider warns of Android app danger for kids (MobileWorldLive) Bitdefender says an increasing number of Android apps request unnecessary permissions and use them to monitor the location of children without their parents' consent
Got a mobile phone? Then you've got a Trojan problem too (Register) This time it's personal. Something wonderful has happened: phones have got smart, but the bad news is they may open the door to those you don't want to let in. Time was when getting software to run properly on your mobile phone was such a challenge that it was nigh on impossible for bad guys to write malware that worked
Pinterest spam, alenikaofsa.ru and the return of the RU:8080 gang? (Dynamoo) This fake Pinterest spam leads to a malicious download
News Corp's Australian newsletter database exposed online, leaking personal information (Sydney Morning Herald) An IT security vulnerability found on all of News Corp's major metropolitan websites in Australia and uncovered by an IT security expert gave the expert the potential to access all of its newsletter subscribers' highly personal information, including their household income
Sacramento State server hack affects nearly 2,000 employees (SC Magazine) An unknown party hacked into a California State University, Sacramento (Sacramento State) computer server, compromising the personal data of nearly 2,000 employees
Datapak Services Acknowledges Security Breach (eSecurity Planet) Customers' names, addresses, credit/debit card numbers, expiration dates and CVV codes may have been accessed
Red Bull Energy Drink Server Hacked, Domains of 09 Countries Defaced by Oxer–X (HackRead) A famous Algerian hacker Over-X has hacked into the server of world renowned Red Bull energy drink, as a result company's blog and domains of 15 domains have been defaced just 3 hours ago. This is not all because other then Red Bull's blog and 9 domain, the hacker has also defaced 6 domains belonging to company's several contests and promotional campaigns. I will put their details in the end
Hackers find weaknesses in car computer systems (Grand Forks Herald) As cars become more like PCs on wheels, what's to stop a hacker from taking over yours
The developer's guide to future car technology (IT World) Forget the Jetsons. Instead, think tech innovations from a developer's point of view: embedded systems, networking challenges, human-machine interaction, and software standards
Security Patches, Mitigations, and Software Updates
VMware Release Multiple Security Updates (Internet Storm Center) VMware released the following security updates. The first one is VMSA-2013-0012 which address multiple vulnerabilities in vCenter Server, vSphere Update Manager, ESXi and ESX. The second is VMSA-2013-0006.1 which address multiple vulnerabilities in vCenter Server Appliances and vCenter Server running on Windows. The last is VMSA-2013-0009.1 which address multiple vulnerabilities in vCenter Server, ESX and ESXi that updates third party libraries
iPhone 5S sensor error fix released (by tiny mobile tech company) (VentureBeat) There's finally a fix for Apple's faulty iPhone 5S sensors -- provided by a tiny company that develops technology for iPhone developers who need accurate spatial orientation and movement data
Samsung planning Knox 2.0 for smartphones, tablets (ComputerWorld) After releasing the first version of Knox security software after a long testing period, Samsung is working on version 2.0
Cyber Trends
The Chilling Implications Of Democratizing Big Data: Facebook Graph Search Is Only The Beginning (Forbes) While privacy advocates have expressed concern about the phenomenon of massive data collection and analytics colloquially known as "big data," most people are more familiar with social media anxiety, like inappropriate Facebook posts leading to embarrassing and reputation ruining incidents. This situation is likely to change, and in the near future society will have to confront a profound question
Facebook CSO says Snowden disclosures brought security to forefront (ComputerWorld) The disclosures made it easier to have a conversation about security, according to Joe Sullivan
Why Christmas is a hacker's favorite season (Baltimore Business Journal) The holiday season is a prime time for hackers in search of big bucks from online shoppers. It may only be October and Halloween has yet to come, but people are already beginning their holiday shopping. Large retailers are already beginning their layaway programs and some have already begun displaying Christmas decorations. But some people — and not the kind that retailers like — have been doing their "shopping" since the beginning of the year
10 Escalating DDoS And Web Hacking Trends (CRN) Threat reports from application hosting firm Akamai and DDoS mitigation appliance maker Arbor Networks highlighted the increasing sophistication of distributed denial-of-service attacks and commonly targeted Internet protocols in the second quarter of 2013. Arbor Networks said DDoS attacks are getting larger, while Akamai said its having trouble filtering out legitimate and malicious traffic. Meanwhile, attack traffic continuously targets both open and secure websites and Web applications. Here are 10 trending hacking techniques identified in the reports
Enterprise mobility security risks stress out most IT pros (FierceMobileIT) Enterprise mobility continues to pose security challenges for IT professionals, with 77 percent of 1,622 IT pros surveyed by Dimension Data citing security as a major headache when it comes to mobility
Report: Feds must make security less burdensome for workers (FierceHealthIT) Though insiders say federal agencies such as the U.S. Department of Health & Human Services and the Department of Veterans Affairs are vulnerable to cybersecurity threats, federal employees report bypassing burdensome security measures when those measures interfere with their work
New Study: Half Of Federal Agency Security Breaches Caused By Lack Of User Compliance (Dark Reading) MeriTalk, a public-private partnership focused on improving the outcomes of government IT, today announced the results of its new report, "Cyber Security Experience: Cyber Security Pros from Mars; Users from Mercury." The study, underwritten by Akamai Technologies, Inc. , compares what cyber security professionals report about their agency's security with what end users – Federal workers – actually experience. According to the report, agencies often fail to take the user experience into account when deploying cyber security solutions. As a direct result, end users often circumvent security measures and open their agencies up to data theft, data loss, and denial-of-service attacks
Marketplace
Boeing Delivers Watchstander Integrated Security Solutions to Delaware Refinery Monitoring network delivered three weeks after signing contract (MENAFN) A Boeing [NYSE: BA] security network, delivered just three weeks after it was ordered, is now helping protect a critical refinery complex along the Delaware River
VUPEN expands its global operations with new office in Maryland (MarketWatch) VUPEN, the leading provider of offensive and defensive cybersecurity capabilities, expands its global presence by joining Anne Arundel County's technology business incubator, the Chesapeake Innovation Center (CIC), as an associate member
Dealing with Uncle Sam (SC Magazine) The U.S. presents opportunities for Canadian cyber security firms. So why aren't more of them approaching? Danny Bradbury finds out
RLPC: CACI readies launch of $1.7B credit for Six3 buy (Reuters) U.S. contractor CACI International is launching October 22 a $1.681 billion credit facility that will back the company's acquisition of Six3 Systems Inc and refinance existing debt, sources told Thomson Reuters LPC
China's Lenovo Likely Eyeing Portions Of BlackBerry — Not The Whole Pie (TechCrunch) Chinese phone and PC maker Lenovo has once again been linked with a potential BlackBerry acquisition. Yesterday the Wall Street Journal suggested Lenovo is actively considering a bid for all of BlackBerry. However, according to Reuters, which cites a source familiar with the matter, Lenovo is likely only after parts of BlackBerry pie -- owing to regulatory obstacles that would stand in the way of it acquiring the whole company
Lenovo will face obstacles in any BlackBerry deal, claims source (ITPro) Chinese computer maker Lenovo, which has signed a non-disclosure deal to examine BlackBerry's books, faces regulatory obstacles if it bids for all of the company and will likely pursue just parts, a source familiar with the matter said on Thursday
Huawei denies government influence and calls for cyber security standards (ComputerWeekly) China-based telecoms supplier Huawei has reiterated denials of government influence and called for common international cyber security standards. Huawei has now issued a cyber security white paper, which it says is designed to inform on-going discussions on how the global industry can address cyber security challenges
Dan Allen to take over as CEO at Serco (Washington Business Journal) A shakeup at Serco Inc. in Reston will bring a CEO transition in December, when former CACI International Inc. chief executive Dan Allen will take the helm
How meaningful are AV tests? (Help Net Security) Anti-malware software from vendors big and small is regularly tested by several antivirus test labs, which may result in awards and certification, but also in disappointment
Products, Services, and Solutions
Introducing the Deep Security as a Service AWS Test Drive (TrendMicro Simple Security) The AWS Test Drive program provides people with an opportunity to quickly test and evaluate new technologies within the AWS cloud. The idea is to be able to hit the ground running and allow students to explore the featured technology without worrying about first deploying and configuring a learning environment
Direct Twitter messages with links fall prey to technical issues (ComputerWorld) Twitter's direct messaging feature appears to be experiencing technical difficulties by not allowing certain messages to be sent if they contain links
SecureDrop (Schneier on Security) SecureDrop is an open-source whistleblower support system, originally written by Aaron Swartz and now run by the Freedom of the Press Foundation. The first instance of this system was named StrongBox and is being run by the New Yorker. To further add to the naming confusion, Aaron Swartz called the system DeadDrop when he wrote the code
ThreatTrack Security Delivers Advanced Threat Analysis to Re–Sec Technologies (Broadway World) ThreatTrack Security today announced a partnership with Re–Sec Technologies, an enterprise security firm based in Israel. Re–Sec will integrate ThreatTrack Security's ThreatAnalyzer malware analysis sandbox technology into its MachineSafe security platform
Egress Switch becomes the only UK Government CPA Foundation Grade certified email encryption product (Hispanic Business) Egress Software Technologies today confirms that its flagship email encryption product, Egress Switch, has been successfully verified against Gateway and Desktop Email Encryption Security Characteristics at Foundation Grade by CESG
ASPG Furthers Insight into ICSF and Cryptography with Latest CryptoMon Release (Digital Journal) Enterprise and Big Data software provider Advanced Software Products Group (ASPG) has released the latest version of its popular CryptoMon software, providing greater flexibility to end users and greater insights into the way that cryptography and ICSF are implemented on user mainframes
avast! 2014 released (Help Net Security) AVAST Software launched avast! 2014 - the latest version of the antivirus solution used by a quarter of all protected PCs worldwide. The new version improves performance, download and install times
Webroot enhances mobile threat protection (Help Net Security) Webroot released a new edition of Webroot SecureAnywhere Business - Mobile Protection to ensure mobile devices and company data stay secure. As more organizations face the challenges of corporate data
USPS offers a peek at cloud credential exchange (FierceGovIT) The Federal Cloud Credential Exchange will reduce the complexity of credentialing, speed up integration with identity providers, improve consumer privacy and ease of use, and cut agency authentication costs, said Douglas Glair, manager of digital partnerships and alliances at the Postal Service, during a recent presentation
Technologies, Techniques, and Standards
10 Pitfalls Of IT Risk Assessment (Dark Reading) As IT organizations seek to make better risk-based decisions about security practices, perhaps the number one component for success is the IT risk assessment. However, even when organizations actually conduct a risk assessment, they frequently fall prey to mistakes that can greatly devalue the exercise. Here are some of the most common blunders to avoid
How to Bake Better Security into Applications (eSecurity Planet) Mobile and cloud-based apps create new vulnerabilities, which makes it more important than ever for developers to make their code more secure
With Shared Power Comes Shared Responsibility (Dark Reading) It's National Cyber Security Awareness Month, and the official theme for the month is "Our Shared Responsibility." A bit trite, perhaps, but it's a message that is all too often lacking when security professionals communicate with users in their organizations. If you've ever felt that IT or the security group is public enemy number one in your workplace, it may be time to rework your trainings, presentations, and emails to integrate the shared responsibility message
Essential considerations when making changes to security (CSO) When it comes to security policies and practices, there are rules (both written and unwritten) that need to be adhered to. An organization simply cannot implement changes to security on the fly as it could lead to disaster. Yet, there are times when changes are necessary, or mandated due to an incident response plan. In that instance, what should business leaders be focusing on
How to Fight Insider Fraud: Strategies for Mitigating Corporate Risk (GovInoSecurity) The average insider scheme lasts 32 months before it's detected, says threat researcher Jason Clark, who suggests using a combination of the right technologies and the right processes is the key to improving detection
How to sniff local network traffic on an unrooted Android device (Help Net Security) Google Play hosts a number of applications that focus on local network traffic sniffing for Android devices, but for the majority of them you would first need to root the device. I worked on a project where I needed a quick glance on what networking requests an Android application does in the background, so the easiest way was to setup a local sniffer on the device itself
Overcoming Data Residency Issues (InformationSecurityBuzz) Dave Anderson, Senior Director, Voltage Security, explains how organisations can overcome a common barrier to cloud computing adoption. The benefits of adopting cloud technologies have been widely reported, and are commonly understood. However, the decision to adopt a cloud strategy brings with it many questions and concerns about jurisdictional and regulatory control over the privacy and protection of sensitive data
NSA E-Spying: Bad Governance (BankInfoSecurity) In addition to raising concerns about violating Americans' civil liberties, revelations about how the National Security Agency collects and uses e-mail and instant messaging contact lists demonstrate bad data governance practices, a leading privacy attorney says. Fundamental rules of good data governance call for only collecting what is needed for a purpose, giving access to only those who need to know and then scrubbing the information when it's no longer needed. "Putting aside the Fourth Amendment issues, NSA is not even following these basic principles," attorney Ron Raether says. "NSA is collecting everything about everyone and keeping all of it in the event it might become relevant"
How CISOs get executive buy-in for security budgets (Help Net Security) Wisegate released a new report that shares how CISOs successfully gain executive buy-in on security budgets and strategically manage them. Most CISOs face significant challenges communicating the
Customizing defense models to reduce the window of exposure (Help Net Security) Most organizations already have a defense model in place that is meant to protect them from attacks, but the problem is that many use an outdated one. But the threat landscape has changed
Plan to fail for better security (Help Net Security) We've all heard the old saying: "If you fail to plan, you're planning to fail." Of course, it's true: and from a security viewpoint, it's also interesting to turn the cliché on its head
Is it time to move from data protection to information management? (ComputerWeekly) The data held in every business is valuable, and in the current economic climate all organisations are looking to exploit the information it holds as much as possible
VMware and Hyper–V virtual machine disaster recovery (ComputerWeekly) Ensuring business continuity - or, in more simple terms, disaster recovery planning - is a key part of any IT infrastructure deployment
Research and Development
TrueCrypt Audit Could Answer Troubling Questions (Threatpost) Open source encryption software TrueCrypt is now under the microscope for odd behavior from its Windows version and a wonky license governing its use
Internet wide DNS scanning (Internet Storm Center) We have received a request from a research group to let everyone know that they will be conducting Internet wide scanning of DNS servers. This is their request: "Our team at the Network Architectures and Services Dept. (I8) of TU München, Germany, has started a DNS scan. This has similar goals as the scans that we have conducted for SSL and SSH in the past months. Once again, the purpose is purely scientific. The scanning machine is 131.159.14.42. We are querying DNS servers to resolve host names. We do not in any way try to compromise the servers. Additionally, the load caused by our activities should be very low on a single server. The idea of our queries is to get a better understanding of the inner workings of DNS, one of the most ubiquitous protocols of the Internet. We would it appreciate it very much if you added a comment in your database. Please note that we respond to every complaint and are happy to blacklist systems with annoyed admins"
Using NFC, IBM brings dual-factor authentication to mobile (CNET) Dual-factor authentication works with PCs but not phones or tablets. IBM has developed an approach using near-field communications for mobile devices, too
Real-time analytics troubles (FierceBigData) Last month, Vitria Technology decided to poll attendees at two leading big data analytics conferences to assess where real-time analytics stood in practice. The resulting State of Big Data Analytics Survey found that while 41 percent of respondents reported the need to take action on streaming data across diverse sources within mere seconds or minutes, 67 percent "admitted to having little to no technology support for analyzing and immediately acting on streaming big data"
Academia
Universities Schooled By Malware: Higher Ed Networks 300 Percent More Infected (Dark Reading) That universities suffer more malware infections than enterprises and government agencies should come as no surprise, but new data shows they are a whopping 300 percent more likely to house malware in their networks than networks in the commercial or public sector
Creating a Science of Security (GovInfoSecurity) Frederick Chang, the new head of the cybersecurity program at Southern Methodist University, says the time has come to create a "science of security." "The field of cybersecurity today is very reactive and after the fact," Chang says in an interview with Information Security Media Group (transcript below). "Something bad has to happen, and then actions are taken. The field needs to get to a point where it can become proactive, where we can get ahead of the problem. In science, we talk about prediction, models and repeatability. The idea of taking the longer-term approach and creating a foundational science and engineering of cybersecurity is a key part of our mission"
Find Data Scientists At Local Universities (InformationWeek) Looking for new IT talent? Establishing a relationship with local colleges and universities can be a win-win. Here's how
Legislation, Policy, and Regulation
NSA revelations bolstering demands for congressional action (CSO) Latest report about contact list collection raises more ire. Jaw-dropping revelations on the extent of Internet spying by the National Security Agency is having a huge political impact in the U.S., as Americans demand that lawmakers curb the agency's craving for personal data, experts say
NSA shakeup: Spy chief, deputies eye the doors (Washington Post) As if the National Security Agency and the U.S. Cyber Command weren't already in enough turmoil (perhaps you've heard of that Edward Snowden guy?), things are expected to get even more unstable around Snoop Central
New NSA deputy expected to be leaks task force head: sources (Reuters) Richard Ledgett, who heads a new task force at the National Security Agency to handle information leaks, is expected to take over as the deputy director of the spy agency after the current No. 2 retires in January, sources told Reuters
Nominee picked to replace Napolitano at DHS (FCW) The White House is set to nominate a former Pentagon lawyer to replace Janet Napolitano as secretary of Homeland Security, according to multiple reports
Honeywell CEO calls for stricter cyber crime punishments (SC Magazine) Honeywell CEO and Chairman David M. Cote says the world is looking at cyber security backward because "nobody's getting physically hurt." He says nations need to form treaties to deal with the what he calls "a new kind of warfare"
EC: Europe should become a 'trusted cloud region' in the post–Prism age (ComputerWeekly) European cloud providers must turn the Prism surveillance revelations into a Europe-wide opportunity to build trusted cloud services for customers globally, the European Commission (EC) has said. According to the EC, Prism revelations could slow down the adoption of cloud computing services and Europe should build on its "relatively high standards" of data protection, security, interoperability and transparency of cloud services to become the world's trusted cloud region
European Parliament committee set to vote for data sharing restrictions (FierceGovIT) A European Parliament committee is set to vote Monday on a data protection measure that will include restrictions on the transfer of individuals' data for law enforcement or intelligence purposes outside of the European Union
MPs to review laws on UK spy–snoopery after GCHQ Tempora leaks (Register) Intelligence and Security Committee chairman says 'balance to be found'. Parliament's intelligence services watchdog is to hold an inquiry into whether or not UK surveillance laws need updating in light of Edward Snowden's revelations into GCHQ's activities
Government overhauls security classification to fit digital age (ComputerWeekly) In its first overhaul since World War II, the government is consolidating six security bands to three with a system deemed more appropriate in the digital age
Cyber security and governance (Deccan Chronicle) What emerges from various statements made by key members of the government in the last few days is India's incipient policy on cyberspace. If India is genuinely opposed to any control on the Internet in the name of cyber security, we need to see those words put into action. Great difficulties may lie in the fact that the Internet is so new, relatively speaking, and expanding so rapidly, that it throws up issues not thought of before
Litigation, Investigation, and Law Enforcement
Edward Snowden: US would have buried NSA warnings forever (Guardian) Whistleblower says he shared information with media because he could not trust internal reporting mechanisms
Snowden: 'I have data on EVERY NSA operation against China' (Register) New York Times interview sure to interest Beijing. NSA whistleblower Edward Snowden has claimed he taught a course in "cyber-counterintelligence" against China and has access to data on every active operation mounted against the People's Republic by the US spy agency
Edward Snowden reveals office politics sparked PRISM leaks (V3) NSA whistleblower Edward Snowden has revealed his decision to leak countless top secret documents to journalists was taken after his efforts to improve the NSA's security practices were ignored
Scandal–ridden cyber command members admit to posting political comments online (Yonhap) Members of the defense ministry's special cyber unit admitted to posting negative comments online against the opposition presidential candidate ahead of the December election, a senior military official said Thursday
Does This $17 Million Bitcoin Wallet Belong To Alleged Silk Road Creator Ross Ulbricht? (Forbes) When the FBI took down online drug bazaar Silk Road and seized its assets, the government became the proud new owner of over 26,000 Bitcoins, or almost $4 million that Silk Road customers had sitting in their accounts. The FBI plans to liquidate those when judicial proceedings are over, but it also hopes to seize many more Bitcoins. The FBI suspects that alleged Silk Road mastermind Ross Ulbricht, 29, who was arrested in San Francisco earlier this month, is sitting on 600,000 Bitcoins, or $80 million. I suspect that number's overblown
Feds Sued for Hiding NSA Spying From Terror Defendants (Wired) Five years after Congress authorized warrantless electronic spying, the Obama administration has never divulged to a single defendant that they were the target of this type of phone or email surveillance — despite lawmakers' claims the snooping has stopped terrorist plots and resulted in arrests
It's not just the US: Russian email service fined for refusing to release user data (VentureBeat) The Bank of Russia has fined the Mail.ru Group 500,000 rubles (approximately $15,000) for refusing to provide data on users' personal messages. A leading, LSE-listed Russian Internet company, the Mail.ru Group controls the country's leading webmail service with one of every two inboxes in Russia
Finnish Police Arrest Man Allegedly Involved with International Hacker Group (Softpedia) Helsinki police have arrested a Finnish man believed to be part of an international hacker group. Authorities say the young man has had access to over 60,000 web servers located all over the world
China holds two bloggers as it expands crackdown on rumours (Reuters) Police in China have arrested an influential blogger and are holding a cartoonist in a widening crackdown on online "rumour-mongering", friends and a lawyer for one of them said on Thursday
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
Ahead of the Threat: Driving Innovation for Cyber Security (Bethesda, Maryland, USA, Oct 30, 2013) Sponsored by the Tech Council of Maryland, this conference will feature a presentation by Sondra L. Barbour, Lockheed Martin Information Systems & Global Solutions (IS&GS) Executive Vice President, will discuss the importance of understanding the adversary and staying ahead of the threat. Moving beyond the government, the need for intelligence-driven defense is becoming more critical across commercial industries such as oil and gas, finance and healthcare. The escalating landscape of cyber-attacks is forcing companies to take a closer look at their security posture to protect their assets, intellectual property and their customers' personal information.
Securing the Internet of Things Summit (San Francisco, California, USA, Oct 21, 2013) The Internet of Things is still in its infancy and the security community has a chance to build in new approaches to security if we get started now. More secure embedded operating systems and applications, more scalable approaches to continuous monitoring and threat mitigation and new ways of detecting and blocking active threats are evolving and can be tremendously effective. SANS is looking to bring together community talent and ideas to develop new solutions, demonstrate security technology that already works and to provide a force multiplier to making the Internet of Things be more secure than the first phases of Internet evolution.
13th Industrial Control Systems Cyber Security Conference (Atlanta, Georgia, USA, Oct 21 - 22, 2013) Industrial Control Systems (ICS) operate the infrastructures of electric power, water, chemicals, manufacturing, transportation, defense, etc. and link the digital and physical worlds. Their cyber security presents challenges that are distinct from securing traditional IT systems. The conference is attended by control & operations engineers and their IT counterparts from critical infrastructure industries, by ICS and security vendors, and by universities. Run under the Chatham House rules of confidentiality, the conference discusses ICS cyber incident case studies, provides regulatory updates, discusses solutions in the form of policies and procedures, presents demonstrations of hacking ICS and ICS protocols, and provides a status of ICS security solution field demonstrations.
Cloud Connect (Chicago, Illinois, USA, Oct 21 - 23, 2013) Cloud Connect returns to Chicago October 21-23, 2013 with an all new program built around the leading cloud platforms. Cloud Connect provides the independent guidance IT professionals need to successfully build, operate and manage the cloud, and the tools to measure application performance and business metrics.
cybergmut Technical Tuesday: Cyber Security Strategy — Why We're Losing and What's Needed to Win (Columbia, Maryland, USA, Oct 22, 2013) CrowdStrike's Steve Chabinsky of CrowdStrike explains the situation. Everybody seems to be spending more on cybersecurity, but with questionable return on investment. In fact, the problem clearly is getting worse, and current strategies show no indication of reversing that trend. This non-technical presentation explores the typical cyber risk environment, considers the proper balance and likely effectiveness of threat deterrence, vulnerability mitigation, and consequence management to reduce cyber risk, and examines the current and evolving roles of government agencies and the private sector in addressing the problem. Backed by powerful, real-world examples of threat actor tactics, this presentation will help managers develop a better understanding of how their current security approach is most likely to succeed or fail over time, and what strategies are the most likely to shift the advantage to the good guys. cybergamut is co-hosting this event with the Maryland Chapter of InfraGard.
Cyber Security Seminar and IT Expo at Peterson AFB (Colorado Springs, Colorado, USA, Oct 22, 2013) The Cyber Security Seminar and IT Expo is a one-day event held on-site where industry vendors will have the opportunity to display their products to personnel attending briefings concerning the latest updates in Cyber Security Awareness. This is an excellent and unique opportunity to meet IT personnel from USNORTHCOM, NORAD, Army Space Command, USSPACECOM, and the 21st Space Wing all in one day.
Hack.lu 2013 (Luxembourg, Oct 22 - 24, 2013) Hack.lu is an open convention/conference where people can discuss about computer security, privacy, information technology and its cultural/technical implication on society.
Joint Federal Cyber Summit 2013 (Washington, DC, USA, Oct 23 - 24, 2013) This collaborative government wide event is truly one of a kind, with speakers and attendees anticipated to represent more than 10 federal government agencies. Information sharing will be accomplished through keynote speakers on both days, along with numerous targeted breakout sessions (including a session with a federal CISSO panel), hands on live demonstrations, and industry exhibits.
NSU's 12 Simple Cybersecurity Rules For Your Small Business (Fort Lauderdale, Florida, USA, Oct 24, 2013) In this presentation twelve simple and inexpensive techniques for protecting small businesses from cyber threats will be discussed. While complex and expensive solutions exist to improve the security of information technology most of these products are not designed for the specific needs of small businesses. The techniques that will be discussed in the presentation are designed to address the most common threats encountered by small businesses without requiring significant expertise and expense. RSVP at the link.
BREAKPOINT 2013 (Melbourne, Australia, Oct 24 - 25, 2013) Over two days, 14 world-renowned speakers front Breakpoint to share their knowledge on a full range of security issues, from unpublished research to the latest trends in information security.
Ruxcon (Melbourne, Australia, Oct 26 - 27, 2013) Ruxcon is a computer security conference that aims to bring together the best and the brightest security talent within the Aus-Pacific region. The conference is a mixture of live presentations, activities and demonstrations presented by security experts from the Aus-Pacific region and invited guests from around the world. Ruxcon is widely regarded as a leading computer security conference within Australia attracting all facets of the security landscape from industry, academics, to enthusiasts.
2013 ACT–IAC Executive Leadership Conference (Williamsburg, Virginia, USA, Oct 27 - 29, 2013) Advances in technology and massive increases in data available can both challenge and transform Government mission performance. ELC-2013 focuses on how to make this transformation a reality, in and for agencies. We will hear from nationally prominent speakers and work across government and industry to learn new ideas and techniques. Four mission-oriented tracks will focus on initiatives for driving results using data and the "Innovate, Deliver, Protect and Analyze" paradigm that is at the heart of the Government's strategic vision.
FIRST Energy Symposium (Leesburg, Virginia, USA, Oct 28 - 29, 2013) Recent reports have shown that the Energy Sector has seen a large increase in the reported number of cyber attacks. The need to protect against threats and improve upon incident management has never been greater. Many control systems are already networked and are target of sophisticated attacks. Organizations will benefit from having a specialized team to work on detection and handling of cyber attacks, analyzing incidents and sharing information with other security organizations. The FIRST Symposium will focus on lessons learned from attacks and technology and sector specific security aspects. Strong emphasis will be given to organizational issues like creation and operation of incident response teams.
SAP NS2: National Security Solutions Summit (Falls Church, Virginia, USA, Oct 29, 2013) Join us for a day of learning and networking focused on how to advance U.S. national security and homeland security through I.T. innovation. Top-notch speakers will address the new challenges facing U.S. national security and critical infrastructure -- as well as powerful, affordable technologies that are available today to tackle those challenges while saving money and simplifying operations. Learn how your organization can run faster, smarter, leaner in the most secure environments -- with world-class, breakthrough solutions that are bold alternatives to business as usual.
RSA Conference Europe (Amsterdam, the Netherlands, Oct 29 - 31, 2013) Information security today isn't optional. It's business-critical. Over three days, RSA® Conference Europe 2013 imparts the must-know actions to manage growing cyber threats. With over 60 sessions spanning 10 hours, attend the educational and networking event that builds your knowledge and furthers your career.
Regional Cyber Security Forum & IT Day (CSFI) — Hawaii (Honolulu, Hawai'i, USA, Oct 30, 2013) 2013 marks the 10th anniversary of National Cyber Security Awareness Month and FBC will host the 1st Annual Cyber Security Forum & IT Day (CSFI) at Fort Shafter - Club Hale Ikena to coinside with the anniversary, and activities surrounding this month. The goal of CSFI is to raise cyber security awareness, and to promote best practices in cyber while allowing DoD personnel and industry partners the opportunity to share the most up to date remediation strategies. The event will feature four educational cyber sessions to go along with an exhibit hall..
NSA Hawaii — Cyber Security, Intelligence & IT Day (Honolulu, Hawai'i, USA, Oct 30, 2013) Be a part of the 1st Annual Cyber Security, Intelligence and IT Day set to take place at the new National Security Agency (NSA) Hawaii Rochefort facility. The event will be hosted by NS/CCS Hawaii Technology Directorate and will focus on Cyber Security, Big Data and Cloud Computing. There are other areas of interest listed below as well. This is an extremely unique opportunity to network with NSA personnel in Hawaii at their location. Educational sessions will be provided to attendees to coincide with government and industry exhibits.