The CyberWire Daily Briefing for 10.21.2013
We can expect to see a surge in hacktivism over the next three weeks as important anniversaries arrive: October 30 (the day Ottoman Turkey surrendered in the First World War), November 1 (the disestablishment of the Caliphate), and, of course, November 5 (Guy Fawkes Day). We see a preview of this activity in cyber rioting in Azerbaijan, Armenia, Algeria, and Pakistan (this last spilling over into the UK).
RedHack and Anonymous have already promised big things for November 5. While such threats have more often than not fizzled, it would be imprudent to ignore them.
The Syrian Electronic Army is back, with weekend attacks on Qatar.
Malicious email troubles British Internet users. Fake Chrome and Adobe Flash updates are also circulating as convincing malware vectors. PRNewswire recovers from an attack that appears linked to the recent Adobe exploit.
South African banks work to contain the Dexter attacks. A similar campaign—Apollo—is active in Eastern Europe.
Researchers note a melancholy trend: children now regard cyber-bullying as a normal part of life.
Former US Vice President Cheney was concerned enough about medical device hacking to take steps to secure his pacemaker.
In industry news, QinetiQ seems ready to sell its QNA unit. Sino-US cyber tensions have recently receded behind the Snowden affair, but Huawei reopens the question of a modus vivendi by proposing an independent safeguard regime.
More NSA allegations prompt a diplomatic backlash from France and Mexico. Also, NSA reportedly delayed installation of insider-threat detection tools at Snowden's former workplace.
Today's issue includes events affecting Algeria, Armenia, Azerbaijan, Belarus, Brazil, China, Finland, France, Germany, Iran, Israel, Republic of Korea, Mexico, Netherlands, Oman, Pakistan, Poland, Qatar, Russia, South Africa, Syria, Turkey, Ukraine, United Arab Emirates, United Kingdom, United States, and and Vietnam..
Cyber Attacks, Threats, and Vulnerabilities
Azerbaijani Hackers Claim to Have Breached Armenia's National Security Service (Softpedia) Azerbaijani hackers of the Anti-Armenia Team have defaced several commercial Armenian websites. In addition, they've leaked over 1,100 documents allegedly stolen from the systems of Armenia's National Security Service
Qatar Restores Websites Defaced by Syrian Electronic Army (Softpedia) Over the weekend, the Syrian Electronic Army defaced several high-profile websites from Qatar after hacking the country's domain registry. The hacktivists altered the DNS records of Google, Vodafone, Facebook, and various government and military domains
Daily Mail Forum Hacked and Defaced by Pakistani Group (Softpedia) The Pakistani hackers of Team Madleets have breached and defaced the official Daily Mail Forum
Website of Algeria's Ministry of Housing and Urban Development Hacked (Softpedia) Algerian hacker Over-X has breached and defaced the official website of Algeria's Ministry of Housing and Urban Development . The attack took place over the weekend, but at the time of writing, the website is still defaced
RedHack and Anonymous Team Up for November 5 Protests (Softpedia) November 5 is a symbolic date on which hacktivists and activists from all over the world plan on protesting and marching for various causes. RedHack and some members of the Anonymous movement have teamed up for such a protest in Turkey
UAE alert: Beware of fake RTA smart apps (Emirates 24/7) RTA tweets warning; New and updated RTA applications will be launched at Gitex Tech 2013 this week
U.K. users targeted with fake 'Confirming your Sky offer' malware serving emails (Webroot Threat Blog) British users, watch what you execute on your PCs! Over the last week, cybercriminals have launched several consecutive malicious spam campaigns targeting users of Sky, as well as owners of Samsung Galaxy devices, into thinking that they've received a legitimate MMS notification to their email address. In reality though, these campaigns 'phone back' to the same command and control botnet server, indicating that they're related
British Users Targeted By Health–Related ZBOT Spam (TrandLabs Security Intelligence Blog) Spam may be seen by the public as a minor nuisance now, but this couldn't be further from the truth. We recently encountered spam that triggers an infection chain with ZBOT malware as the end result
Fake Chrome, Adobe Flash updates (ZDNet) Be on the lookout for fake updates to Chrome and Adobe Flash using high-quality techniques. This morning I stumbled across what seems to be a new malware–spreading technique: A fake updates for Google Chrome and a fake "media player" update that is designed to look like it's coming from Adobe
A Disclosure of What's Behind the #w00tw00t Attack (Malware Must Die) Not so long ago I received this attack came into our web server: #MalwareMustDie! 1st attack attempt came into our new server is by "Romanian AntiSec" from China IP…October 5, 2013. That was actually the first time of attack series we received as per listed here
Adobe hackers strike again: PR Newswire grovels to clients after latest hack'n'grab (Register) Sticky fingerprints left on server used for Adobe code slurp. PR Newswire has been forced to reset its clients' passwords following a security breach linked to the same hackers who smashed into Adobe earlier this month
Banks on high alert after Dexter attack (ITWeb) The recent POS data breach highlights the need for businesses to institute security measures and become PCI DSS compliant. SA's banks are on high alert after falling prey to a sophisticated cyber attack that cost them tens of millions of rands this year
Regional Banking Threats: The Apollo Campaign (TrendLabs Security Intelligence Blog) While most banking Trojans are indiscriminate in infecting users to gather as many victims/revenues as possible, some have chosen to go the regional route. For example, the Citadel incident in our previous blog post where the target was mainly Japanese users. This time, we are looking at another case that seems to target Eastern Europe
A peek inside the administration panel of a standardized E–shop for compromised accounts (Webroot Threat Blog) At Webroot's Threat Blog, we often discuss the dynamics of the cybercrime ecosystem. Through the prism of basic business, marketing and economic theories, the idea is to help make them easy to comprehend by most readers. Constructively raising awareness on some of the driving factors behind the epidemic growth of cybercrime. We also often emphasize on concepts such as standardization, vertical integration, for hire, rent or on demand business models, commoditization and economies of scale. This further highlights the legitimate market-like state of the underground marketplace, in terms of the variety of business models, pricing schemes, and current/long term centered
'Android games can track children's locations' (PCR) Bitdefender has reported an increased number of Android apps that request unnecessary permissions and use them to monitor the location of children without their parents' consent
Cyber–bullying now just a part of life, most children believe (The Independent) Four in 10 parents said they are too ignorant to deal with the problem of online abuse
Spammers are dodging Twitter's DM URL bug by sending links to tweets (The Next Web) When sending Twitter direct messages with links stopped working for some users earlier this week, speculation arose that it was a new feature intended to discourage DM spam. Twitter confirmed that it was actually a "technical issue" that the company was responding to by "restructuring back-end elements of (its) direct message system", but that hasn't stopped some spammers from finding a way around the bug
Zombies Gone, Problems Persist With Emergency Alert System (Security Ledger) More than six months after hacked Emergency Alert System (EAS) hardware allowed a phony warning about a zombie uprising to air in several U.S. states, a security consulting company is warning that serious issues persist in software from Monroe Electronics, whose equipment was compromised in the earlier attack
Dick Cheney feared assassination by wireless heart hack (Graham Cluley) Dick Cheney, the former vice president of the United States, was so worried about the possibility of a hacker assassinating him that he had the wireless feature of his implanted heart defibrillator deactivated
Security Patches, Mitigations, and Software Updates
VMware Release Multiple Security Updates (Internet Storm Center) VMware released the following security updates. The first one is VMSA-2013-0012 which address multiple vulnerabilities in vCenter Server, vSphere Update Manager, ESXi and ESX. The second is VMSA-2013-0006.1 which address multiple vulnerabilities in vCenter Server Appliances and vCenter Server running on Windows. The last is VMSA-2013-0009.1 which address multiple vulnerabilities in vCenter Server, ESX and ESXi that updates third party libraries
Yet Another WHMCS SQL Injection Exploit (Update: A patch was released last night.) (Internet Storm Center) WHMCS, a popular billing/support/customer management system, is still suffering from critical SQL injection issues. Today, yet another vulnerability, including exploit was released
Fake BlackBerry BBM apps *still* in Google Play Store, one month after failed official release (Naked Security) It's now one month since BlackBerry's ill-fated non-release of its BlackBerry Messenger (BBM) app for Android and iOS
Israeli Think Tank Acknowledges Iran as Major Cyber Power, Iran Claims its 4th Biggest Cyber Army in World (HackRead) Iran is now the world's fourth biggest cyber army, claims an official of the Islamic Revolution Guards Corps stressing that the IRGC's power is seen as a major counterbalance to the US and Israel in the region. Iranian Revolutionary Guard Corps ("IRGC")'s Brigadier General Mohammad Hossein Sepehr has said that Iran with its cyberwarfare capabilities is "the fourth biggest cyber power among the world's cyber
Cyber Risk and the Board of Directors—Closing the Gap (Bloomberg Law) The responsibility of corporate directors to address cyber security is commanding more attention and is obviously a significant issue. Yet here is how one writer entitled her Forbes article about the 2012 Carnegie Mellon Cylab Report: "Boards Are Still Clueless About Cybersecurity"
United States: The Price Tag For Cyber Crime Continues To Increase (Mondaq) Cyber crime is not new. And despite grappling with it now for years, the cost of cyber crime continues to increase. This has been made plain by the 2013 Cost of Cyber Crime Study by the Ponemon Institute that was sponsored by Hewlett-Packard. What do we learn from this study? Well, for starters, the annual cost of cyber crime is a staggering $11.56 million per U.S. organization. This represents a 26 percent increase from the $8.9 million figure from last year
When Size Matters (Light Reading) It is easy to get lost in the numbers when discussing distributed denial of service (DDoS) attacks and other network breaches but the figures Arbor Networks released this week regarding DDoS attacks are worthy of special note. They are a strong indication of new threats for which network operators need to be prepared
The Trajectories of Government and Corporate Surveillance (Schneier on Security) Historically, surveillance was difficult and expensive. Over the decades, as technology advanced, surveillance became easier and easier. Today, we find ourselves in a world of ubiquitous surveillance, where everything is collected, saved, searched, correlated and analyzed
Forget the NSA, that spy may be your spouse (Sydney Morning Herald) It's not just the US National Security Agency spying on smartphones. Many ordinary people are also using sophisticated software to eavesdrop on the wireless communications of their lovers, children and business rivals
Can Analytics Outperform The Machine Whisperer? (InformationWeek) The Internet of things promises to spot industrial failures before a human expert could. Will you trust that data
NSA Leaks Prompt Need For Broader Security Discussion, Huawei Says (CRN) Huawei, which pledged to not retreat from the U.S. market following concern from lawmakers that its hardware components could contain back-door access for Chinese surveillance, is using the ongoing National Security Agency leaks as a stepping stone for a broader discussion about cybersecurity and transparency at technology providers
Huawei Proposes Independent Cybersecurity Testing Labs (InformationWeek) Independent bodies would be funded by vendors, customers and government agencies, and validate products' performance, security and overall trustworthiness
Don't trust the NSA? China–based Huawei says, 'Trust us' (ComputerWorld) A year after charges it was a threat to U.S., Huawei touts its approach to global cybersecurity
8 players to watch in the emerging cloud single sign on market (IT World) The cloud identity and access management services market is already crowded, with both startups and old-school vendors getting into the mix. Here are eight emerging players to watch in this fast moving market segment
QinetiQ could sell U.S. business after $385 mln writedown (Reuters) British defence technology company QinetiQ Group could sell its U.S. services division after a 256 million pound ($385 million) writedown prompted it to launch a strategic review of the business. QinetiQ and other defence contractors have been hurt by continuing uncertainty over the impact of mandatory U.S. government spending cuts that have already caused some contracts to be delayed. "We're not ruling out anything at this moment in time, Chief Executive Leo Quinn told Reuters when asked if the QinetiQ was considering selling the division, though he added that it was "far too early"
DHS, SANS Institute join forces to give agencies cyber primer (Federal News Radio) Federal cybersecurity workers have gotten the message: A static defense of their computer networks and systems is no longer acceptable or useful. But chief information security officers and other their staffs continue to struggle to move to a more dynamic approach, commonly known as continuous diagnostics and monitoring
Ogilvy PR New York Adds Two Clients to Roster (MarketWatch) Altec and Bitdefender® Broaden Agency's Expertise in Technology and Consumer Products. Ogilvy Public Relations (Ogilvy PR), an integrated global communications firm, today announced two new client additions to its New York roster: Altec Lansing, audio electronics manufacturer and Bitdefender®, security and anti-virus software creator
SpiderOak Names David Dahl as Crypton Project Director (Hispanic Business) SpiderOak, a privacy cloud technologies provider, has hired David Dahl as the project director of the Crypton project
Products, Services, and Solutions
Webroot Enhances Mobile Threat Protection To Secure Corporate Data And Strengthen BYOD Policies (Dark Reading) Webroot, a leader in cloud-based security intelligence solutions, today announced the release of the new edition of Webroot SecureAnywhere™ Business — Mobile Protection to ensure mobile devices and company data stay secure. As more organizations face the challenges of corporate data on personal devices, otherwise known as bring–your–own device (BYOD), information security becomes a primary concern. In a recent survey of mobile security decision-makers, results showed that 83% of respondents believe that mobile devices create a high security risk within the corporate environment
4 New Ways to Smuggle Messages Across the Internet (IEEE Spectrum) SkyDe, StegTorrent, StegSuggest, and WiPad make hiding messages in plain sight--steganography--untraceable.Their neighbors thought they were just ordinary U.S. residents, but secretly they were spies, sent by Russia's Foreign Intelligence Service to gather information on U.S. policies and programs. For years they thwarted detection partly by hiding secret correspondence in seemingly innocent pictures posted on public websites. They encoded and decoded the dispatches using custom-made software
Obama administration launches "tech surge" to improve Healthcare.gov (Ars Technica) Changes were being made to required feature list less than a month before launch
Lemko Corporation Announces Engineering Alliance Embedding SAIFE Technology (IT Business Net) Lemko Corporation, the leader in re-engineering mobility for Internet economics, today announced an alliance with Cummings Engineering, creator of SAIFE. Under the terms of the agreement, Lemko will include the SAIFE NSA Suite B FIPS 140-2 validated framework with its patented SwarmNet solution. Focused on fulfilling the needs of government, the combination of the two COTS solutions provides an unprecedented level of security across mobile environments
Protect Electronic Devices With Secure Authenticator's Strong Symmetric–Key Cryptography (Dark Reading) Designers can better protect their IP using the DeepCover Secure Authenticator (DS28C22) from Maxim Integrated Products, Inc. (NASDAQ: MXIM). The DS28C22 is a highly secure cryptographic solution for a host controller to authenticate peripherals or embedded designs, and it offers encrypted communication as an added benefit
Panda Security's Solutions Compatible with Microsoft Windows 8.1 (PR.com) Panda Security customers who upgrade to Microsoft's new releases will enjoy maximum protection from the outset. Panda Corporate Solutions also compatible with Windows Server 2012 R2
FireEye launches cloud–based Mobile Threat Prevention for Android (FierceMobileIT) Solution assesses an app's behavior, detecting hidden malicious and unwanted functionality, conducts contextual analysis
IBM releases NFC two–factor authentication tool for Android devices (V3) IBM has unveiled new smartcard security technology designed to let Android smartphone owners authenticate mobile payments by using their contactless cards
Technologies, Techniques, and Standards
Understanding Severity And Criticality In Threat Reporting (Dark Reading) How do you prioritize newly disclosed threats and vulnerabilities? Here are some tips. "Does this vulnerability pose risk to my organization?" Arriving at the answer to this question isn't easy. Indeed, the answer, at least partially, is a measure of your own internal visibility into the technology in use inside and, in some cases, outside your network
New tricks that may bring DNS spoofing back or: "Why you should enable DNSSEC even if it is a pain to do" (Internet Storm Center) Recently, two papers independently outlined new attacks against DNS, undermining some of the security features protecting us from DNS spoofing. As Dan Kaminsky showed, 16 bit query IDs are an insufficient protection against DNS spoofing. As a result, DNS servers started to randomize the source port of DNS queries in order to make DNS spoofing harder. This was never meant to "fix" DNS spoofing, but worked well enough for DNSSEC to be pushed back yet again
Viewpoint: Know your cyber enemy (Federal Times) When analyzing threats, don't forget the human element. When facing a new technology or social change, it can be helpful to draw on the lessons of history. Information security experts attempting to build predictive, effective cyber-intelligence programs may look to the roots of artificial intelligence and data analytics for clues to how earlier analysts solved similar problems
4 Ways to Teach Your Child Cyber Awareness (Better Business Bureau) As a parent, one of your top priorities is the safety of your children. You teach your child not to talk to strangers and to look both ways when crossing the road, but how often do you talk to your child about cyber security
Keeping your endpoint data safe: some simple precautions (The Register) People are out to get you. Your business, your users, your systems and your data all have value to someone. You could be targeted because you have something that someone specifically wants, or because attackers are hoping to find bank account details or email addresses to spam, or because they want your compute power for a botnet
How to define a security incident (ITPro) Asking 'what is a security incident?' may seem like something of a silly question, however when Lancope recently conducted a survey of IT and security professionals the results pointed towards the answer being far from straightforward
Three–day cyber security drill begins tomorrow (Oman Tribune) The Regional Cyber Security Centre hosted by the national CERT is to conduct the first cyber drill for the Arab region from Tuesday. The three-day exercise is expected to let participants from national Computer Emergency Response Teams (CERT) have an opportunity to test their skills and knowledge in the event of a cyber attack
Wall Street banks learn how to survive in staged cyber attack (Reuters) A few months ago, a group of Wall Street banks fashioned a risk-manager's worst nightmare to determine how they would survive. Luckily, it was all pretend
You're Owned and Just Don't Know It. The Malware Obfuscation attack. (404hack) I'm going to ask you a question that I don't want you to answer. Just to take a moment and think about it. Do you think your network is already compromised, and you just haven't found out about it yet? That thought probably keeps you up at night, or it should
Five More Hacker Tools Every CSO Should Understand (Tripwire: The State of Security) As we mentioned in the first article, Top Five Hacker Tools Every CISO Should Understand, the role of the CISO continues to evolve within organizations towards that of an executive level position. Nonetheless, CISOs need to keep on top of the best tools and technologies available that can benefit their organization's security posture
Research and Development
A plan to turn every lightbulb into an ultra–fast alternative to Wi–Fi (Quartz) Current wireless networks have a problem: The more popular they become, the slower they are. Researchers at Fudan University in Shanghai have just become the latest to demonstrate a technology that transmits data as light instead of radio waves, which gets around the congestion issue and could be ten times faster than traditional Wi-Fi
Japanese researchers achieve world record cryptanalysis of next–generation cryptography (Phys.org) Fujitsu Laboratories, National Institute of Information and Communications Technology and Kyushu University jointly broke a world cryptography record with the successful cryptanalysis of a 278-digit (923-bit)-long pairing-based cryptography, which is now becoming the next generation cryptography standard
CyberPoint Wins $5.4M Advanced Cyber Research Contract for DARPA VET Program (Herald Online) CyberPoint announced today that it has been awarded a $5.4M research contract with the Defense Advanced Research Projects Agency (DARPA) for the agency's Vetting Commodity IT Software and Firmware (VET) program. CyberPoint Labs, CyberPoint's dedicated research and development team, will collaborate with program teams to solve hard technical problems and advance the state-of-the-art in cyber-defense testing. The overarching goal is to counter the serious cyber threats to an increasingly globalized technology supply chain. Together, they will be looking for innovative, large-scale approaches to verifying the security and functionality of commodity IT software and hardware devices to help ensure they are free of hidden backdoors and malicious functionality
Promoting cyber security: USAFA IA experts 'find and fix' network issues, misuse (US Air Force Academy) Those in the information assurance office here - part of the A6 office and 10th Communications Squadron - keep their eyes on the Academy's computer network around the clock to ensure top-notch security throughout the installation
Eugene Kaspersky receives honorary doctorate and discusses viruses and cyber threats in Armenia (Panorama) Kaspersky Lab announces that Eugene Kaspersky, Chairman and CEO of Kaspersky Lab, received an honorary doctorate from the State Engineering University of Armenia (SEUA), the country's leading technical university. Eugene Kaspersky and the company's top IT security experts met representatives of the education and the business community, as well as students from local technical universities during the recent visit to Armenia. They spoke about current cyber threats in Armenia and the wider world and discussed ways to combat them
Legislation, Policy, and Regulation
Brazil to host summit on internet governance (The Hindu) With a wave of anger sweeping the South American nations, especially Brazil, the April 2014 meeting could be a game-changer for the management of the world wide web
Cyber Warfare: The Modern Cold War? (Huffington Post) On the day of his assassination, President John F. Kennedy was due to deliver a speech in Dallas on national security. In his speech, Kennedy would reference the need to move beyond the traditional roles of military force, and towards methods that combat those who "threaten freedom in a less direct but equally dangerous manner." He would have continued - "over-whelming nuclear strength cannot stop a guerrilla war. Formal pacts of alliance cannot stop internal subversion." Without explicitly referencing cyber war, and despite living in an era dominated by brute force and nuclear power, it's clear that JFK recognised that not all threats with the capacity to destruct were physical, and that a time was coming when these alternative threats would play an important role in defining national security policies
Changes Coming Atop US Intelligence Agencies (Voice of America) Some U.S. intelligence agencies are undergoing changes in leadership. The director of the National Security Agency and his deputy are resigning, and President Barack Obama has nominated a new secretary of Homeland Security
Cyber security: Why military forces should take a back seat (The Interpreter) I'm grateful once again to have the chance to respond to some comments my 27 September cyber piece (Is There Such a Thing as Cyberwar?). Although I enjoyed reading Tony Healy's comments, I disagree with his suggestion that 'Whether cyberwar is real war is not important
Mexico Condemns Alleged NSA Hacking of Calderon E-Mail in 2010 (Bloomberg) Mexico's government condemned the U.S. National Security Agency's alleged hacking of the e-mail account of then-President Felipe Calderon in 2010, saying such actions are unacceptable and violate international law
NSA hacked Mexican President's emails (IT Pro Portal) The government of Mexico has been revealed as the latest victim of the US National Security Agency (NSA) and its widespread spying operations, according to the latest reports. Targets include the private email accounts of former President Felipe Calderon, and that of the current sitting President Enrique Peña Nieto
France in the NSA's crosshairs: phone networks under surveillance (Le Monde) The future will perhaps tell us one day why France has remained so discreet in comparison with Germany or Brazil, for example, after the first revelations about the extent of the American electronic espionage programmes in the world as revealed by Edward Snowden, the ex-employee of an NSA (National Security Agency) sub-contractor. France was also concerned and today has at its disposition tangible proof that its interests are targeted on a daily basis
Snowden leaks: France summons US envoy over spying claims (BBC) Edward Snowden's leaks led to claims of systematic US spying across the world. French Foreign Minister Laurent Fabius has summoned the US ambassador over newspaper claims that the US spied on millions of phone calls in France
You Have Questions About The NSA; We Have Answers (KUHF) The revelations by National Security Agency contractor Edward Snowden has raised many complicated issues. NPR's national security correspondent Tom Gjelten answers questions submitted by NPR listeners and readers. For good reason. The surveillance programs are highly technical, involving the bulk interception of huge volumes of communication data as they traverse multiple links and networks. The laws governing what the NSA can do are complex and open to conflicting interpretations
Sen. Dianne Feinstein: Continue NSA call–records program (USA Today) The NSA call-records program is legal and subject to extensive congressional and judicial oversight. Above all, the program has been effective in helping to prevent terrorist plots against the U.S. and our allies. Congress should adopt reforms to improve transparency and privacy protections, but I believe the program should continue
Obama has chance to reshape the NSA (The Hill) The upcoming retirement of National Security Agency Director Gen. Keith Alexander will give President Obama an opportunity to transform the agency. Currently, he does not need Senate approval to appoint an NSA director, one of the most powerful positions in the intelligence community
If confirmed, DHS nominee to continue with cybersecurity initiatives (CSO) If confirmed, Jeh Johnson, the former high-ranking Pentagon official nominated Friday to head the Department of Homeland Security, is not expected to bring much change to the Obama administration's cybersecurity initiatives
Is TRIA for Cyber Terrorism? (Insurance Journal) The insurance industry will count on the Terrorism Risk Insurance Program (Program) if there is a terrorist strike on the United States, but will the Program respond if the act of terrorism is a cyber event
New Bill Tasks FSB with Protecting Russia Against Cyberattacks (Softpedia) The Russian government has submitted a bill to parliament that gives the country's Federal Security Service (FSB) the role of dealing with cyber threats
Time to display leadership as powerhouse in cyber space (Donga.com) The Seoul Conference on Cyberspace 2013 ended on Friday. It was the third annual conference since the first event in 2011. Unlike the first and second events that were gatherings of primarily advanced countries, this year's event was promoted to a truly global general assembly that bought together 87 countries and 18 international organizations. The event was especially significant because it represented the largest information communications technology-related international conference that took place in Korea, an ICT powerhouse
Litigation, Investigation, and Law Enforcement
Military to open full–fledged probe into cyber command's smear campaign (Yonhap) The defense ministry is likely to start a full-fledged investigation into its special cyber unit as several members admitted to posting negative comments online against the opposition presidential candidate ahead of the 2012 December election, a source said Sunday
Exclusive: NSA delayed anti–leak software at base where Snowden worked —officials (Chicago Tribune) The U.S. National Security Agency failed to install the most up-to-date anti-leak software at a site in Hawaii before contractor Edward Snowden went to work there and downloaded tens of thousands of highly classified documents, current and former U.S. officials told Reuters
Vietnamese Charged in the US for Running Identity Theft Service (Softpedia) A 24-year-old Vietnamese national has been charged in the United States for running a criminal service that has been stealing and selling the personally identifiable information of hundreds of thousands of people
Experian Sold Consumer Data to ID Theft Service (Krebs on Security) An identity theft service that sold Social Security and drivers license numbers — as well as bank account and credit card data on millions of Americans — purchased much of its data from Experian, one of the three major credit bureaus, according to a lengthy investigation by KrebsOnSecurity
Finland: Hacker illegally accessed 60,000 servers worldwide and used foreign credit cards for online shopping (Hacker News) A hacker has been arrested from Helsinki (capital and largest city of Finland) for a suspect in Illegal accessing of 60,000 servers worldwide. Along with the servers, hacker is also accused of data security breaches, means-of-payment offences, and interference with data communications
UCLA Health dodges $16 million breach claim (FierceHealthIT) In a ruling that seems to run counter to HIPAA, a California appellate court has ruled that providers aren't necessarily liable to patients when medical records are stolen or misappropriated unless they are accessed by a third party
False Alarm: Silk Road Competitor Black Market Reloaded Staying Online (Forbes) On Thursday, the administrator of online anonymous drug marketplace Black Market Reloaded sent users into a frenzy after announcing the site would be shut down following a leak of its code. Less than 16 hours later, BMR's leader declared it was only a false alarm
AP CEO: Forcing citizens to decide between a free press and security is a 'false choice' (Washington Post) Governments that try to force citizens to decide between a free press and national security create a "false choice" that weakens democracy, and journalists must fight increasing government overreach that has had a chilling effect on efforts to hold leaders accountable, the president and CEO of The Associated Press said Saturday
When Journalists are called traitors (The New Yorker) A military lawyer had identified forty-one highly classified state secrets revealed in a single article. Senior officials were telling everyone who would listen that the journalists' revelations had made the country less safe and put lives at risk—the reporters were simply traitors. The Russians might be behind it, and who knew what secrets the journalists would hand over if they weren't immediately apprehended. Their publisher was already in Cuba, or maybe just headed there on a plane—anyway, he was a fugitive. A call was put in to a military attaché in Spain, to ask him to arrange to have another journalist stopped at the border; a soldier thought to be his source was arrested. The country's leader mocked the media outlet involved: "You've got a publication that prints a half a million copies and systematically engages in treason--to make itself some money." And not just a little treachery: "an abyss of treason." The whole thing was "just plain ugly"
For a complete running list of events, please visit the Event Tracker.
STEM family night returning to Arundel Mills (Arundel Mills Mall, Maryland, USA, Oct 23, 2013) The Fort Meade Alliance is hoping to spark interest in future engineers and doctors at their third annual STEM family night Wednesday at Arundel Mills mall.
CEIC 2014 (Las Vegas, Nevada, USA, May 19 - 22, 2014) It's no exaggeration to say that CEIC is the biggest digital-investigations conference of its kind and the only one to offer hands-on lab sessions and training for practical skills development. From sessions on acquiring evidence from mobile devices to international e-discovery to cyber security intelligence, there's simply no other training or seminar series available that packs so much relevant and practical information from so many expert speakers into a single four-day period.
Securing the Internet of Things Summit (San Francisco, California, USA, Oct 21, 2013) The Internet of Things is still in its infancy and the security community has a chance to build in new approaches to security if we get started now. More secure embedded operating systems and applications, more scalable approaches to continuous monitoring and threat mitigation and new ways of detecting and blocking active threats are evolving and can be tremendously effective. SANS is looking to bring together community talent and ideas to develop new solutions, demonstrate security technology that already works and to provide a force multiplier to making the Internet of Things be more secure than the first phases of Internet evolution.
13th Industrial Control Systems Cyber Security Conference (Atlanta, Georgia, USA, Oct 21 - 22, 2013) Industrial Control Systems (ICS) operate the infrastructures of electric power, water, chemicals, manufacturing, transportation, defense, etc. and link the digital and physical worlds. Their cyber security presents challenges that are distinct from securing traditional IT systems. The conference is attended by control & operations engineers and their IT counterparts from critical infrastructure industries, by ICS and security vendors, and by universities. Run under the Chatham House rules of confidentiality, the conference discusses ICS cyber incident case studies, provides regulatory updates, discusses solutions in the form of policies and procedures, presents demonstrations of hacking ICS and ICS protocols, and provides a status of ICS security solution field demonstrations.
Cloud Connect (Chicago, Illinois, USA, Oct 21 - 23, 2013) Cloud Connect returns to Chicago October 21-23, 2013 with an all new program built around the leading cloud platforms. Cloud Connect provides the independent guidance IT professionals need to successfully build, operate and manage the cloud, and the tools to measure application performance and business metrics.
cybergmut Technical Tuesday: Cyber Security Strategy — Why We're Losing and What's Needed to Win (Columbia, Maryland, USA, Oct 22, 2013) CrowdStrike's Steve Chabinsky of CrowdStrike explains the situation. Everybody seems to be spending more on cybersecurity, but with questionable return on investment. In fact, the problem clearly is getting worse, and current strategies show no indication of reversing that trend. This non-technical presentation explores the typical cyber risk environment, considers the proper balance and likely effectiveness of threat deterrence, vulnerability mitigation, and consequence management to reduce cyber risk, and examines the current and evolving roles of government agencies and the private sector in addressing the problem. Backed by powerful, real-world examples of threat actor tactics, this presentation will help managers develop a better understanding of how their current security approach is most likely to succeed or fail over time, and what strategies are the most likely to shift the advantage to the good guys. cybergamut is co-hosting this event with the Maryland Chapter of InfraGard.
Cyber Security Seminar and IT Expo at Peterson AFB (Colorado Springs, Colorado, USA, Oct 22, 2013) The Cyber Security Seminar and IT Expo is a one-day event held on-site where industry vendors will have the opportunity to display their products to personnel attending briefings concerning the latest updates in Cyber Security Awareness. This is an excellent and unique opportunity to meet IT personnel from USNORTHCOM, NORAD, Army Space Command, USSPACECOM, and the 21st Space Wing all in one day.
Hack.lu 2013 (Luxembourg, Oct 22 - 24, 2013) Hack.lu is an open convention/conference where people can discuss about computer security, privacy, information technology and its cultural/technical implication on society.
Joint Federal Cyber Summit 2013 (Washington, DC, USA, Oct 23 - 24, 2013) This collaborative government wide event is truly one of a kind, with speakers and attendees anticipated to represent more than 10 federal government agencies. Information sharing will be accomplished through keynote speakers on both days, along with numerous targeted breakout sessions (including a session with a federal CISSO panel), hands on live demonstrations, and industry exhibits.
NSU's 12 Simple Cybersecurity Rules For Your Small Business (Fort Lauderdale, Florida, USA, Oct 24, 2013) In this presentation twelve simple and inexpensive techniques for protecting small businesses from cyber threats will be discussed. While complex and expensive solutions exist to improve the security of information technology most of these products are not designed for the specific needs of small businesses. The techniques that will be discussed in the presentation are designed to address the most common threats encountered by small businesses without requiring significant expertise and expense. RSVP at the link.
BREAKPOINT 2013 (Melbourne, Australia, Oct 24 - 25, 2013) Over two days, 14 world-renowned speakers front Breakpoint to share their knowledge on a full range of security issues, from unpublished research to the latest trends in information security.
Ruxcon (Melbourne, Australia, Oct 26 - 27, 2013) Ruxcon is a computer security conference that aims to bring together the best and the brightest security talent within the Aus-Pacific region. The conference is a mixture of live presentations, activities and demonstrations presented by security experts from the Aus-Pacific region and invited guests from around the world. Ruxcon is widely regarded as a leading computer security conference within Australia attracting all facets of the security landscape from industry, academics, to enthusiasts.
2013 ACT–IAC Executive Leadership Conference (Williamsburg, Virginia, USA, Oct 27 - 29, 2013) Advances in technology and massive increases in data available can both challenge and transform Government mission performance. ELC-2013 focuses on how to make this transformation a reality, in and for agencies. We will hear from nationally prominent speakers and work across government and industry to learn new ideas and techniques. Four mission-oriented tracks will focus on initiatives for driving results using data and the "Innovate, Deliver, Protect and Analyze" paradigm that is at the heart of the Government's strategic vision.
FIRST Energy Symposium (Leesburg, Virginia, USA, Oct 28 - 29, 2013) Recent reports have shown that the Energy Sector has seen a large increase in the reported number of cyber attacks. The need to protect against threats and improve upon incident management has never been greater. Many control systems are already networked and are target of sophisticated attacks. Organizations will benefit from having a specialized team to work on detection and handling of cyber attacks, analyzing incidents and sharing information with other security organizations. The FIRST Symposium will focus on lessons learned from attacks and technology and sector specific security aspects. Strong emphasis will be given to organizational issues like creation and operation of incident response teams.
SAP NS2: National Security Solutions Summit (Falls Church, Virginia, USA, Oct 29, 2013) Join us for a day of learning and networking focused on how to advance U.S. national security and homeland security through I.T. innovation. Top-notch speakers will address the new challenges facing U.S. national security and critical infrastructure -- as well as powerful, affordable technologies that are available today to tackle those challenges while saving money and simplifying operations. Learn how your organization can run faster, smarter, leaner in the most secure environments -- with world-class, breakthrough solutions that are bold alternatives to business as usual.
RSA Conference Europe (Amsterdam, the Netherlands, Oct 29 - 31, 2013) Information security today isn't optional. It's business-critical. Over three days, RSA® Conference Europe 2013 imparts the must-know actions to manage growing cyber threats. With over 60 sessions spanning 10 hours, attend the educational and networking event that builds your knowledge and furthers your career.
Regional Cyber Security Forum & IT Day (CSFI) — Hawaii (Honolulu, Hawai'i, USA, Oct 30, 2013) 2013 marks the 10th anniversary of National Cyber Security Awareness Month and FBC will host the 1st Annual Cyber Security Forum & IT Day (CSFI) at Fort Shafter - Club Hale Ikena to coinside with the anniversary, and activities surrounding this month. The goal of CSFI is to raise cyber security awareness, and to promote best practices in cyber while allowing DoD personnel and industry partners the opportunity to share the most up to date remediation strategies. The event will feature four educational cyber sessions to go along with an exhibit hall..
NSA Hawaii — Cyber Security, Intelligence & IT Day (Honolulu, Hawai'i, USA, Oct 30, 2013) Be a part of the 1st Annual Cyber Security, Intelligence and IT Day set to take place at the new National Security Agency (NSA) Hawaii Rochefort facility. The event will be hosted by NS/CCS Hawaii Technology Directorate and will focus on Cyber Security, Big Data and Cloud Computing. There are other areas of interest listed below as well. This is an extremely unique opportunity to network with NSA personnel in Hawaii at their location. Educational sessions will be provided to attendees to coincide with government and industry exhibits.
Ahead of the Threat: Driving Innovation for Cyber Security (Bethesda, Maryland, USA, Oct 30, 2013) Sponsored by the Tech Council of Maryland, this conference will feature a presentation by Sondra L. Barbour, Lockheed Martin Information Systems & Global Solutions (IS&GS) Executive Vice President, will discuss the importance of understanding the adversary and staying ahead of the threat. Moving beyond the government, the need for intelligence-driven defense is becoming more critical across commercial industries such as oil and gas, finance and healthcare. The escalating landscape of cyber-attacks is forcing companies to take a closer look at their security posture to protect their assets, intellectual property and their customers' personal information.
TrustED 2013 (Berlin, Germany, Nov 4, 2013) In this workshop we consider selected aspects of cyber physical systems and their environments. We aim at bringing together experts from academia, research institutes, industry and government for discussing and investigating problems, challenges and some recent scientific and technological developments in this field. In this context we particularly are interested in the participation of industry representatives.
OKTANE 1 (San Francisco, California, USA, Nov 3 - 5, 2013) OKTANE13 is an identity, security and mobility event. Whether you're just getting started with cloud applications, evaluating a mobile strategy, building a hybrid enterprise IT, or looking to make your employees more productive and secure, OKTANE13 will keep you up to date with the latest enterprise technology.
MIRcon 2013 (Washington, DC, USA, Nov 5 - 6, 2013) With targeted attacks becoming more prevalent, today's incident responders are faced with the tremendous challenge of accelerating their response times while capturing relevant data from attacks in progress. From analysts and innovators to managers and executives the Mandiant Incident Response Annual Conference® (MIRcon®) is an excellent investment in your business and your professional development where you will learn about new technologies, incident response best practices, and key strategies for managing network security.
KMWorld 2013 (, Jan 1, 1970) KMWorld 2013 is a must-attend event for those concerned with improving their organizations' bottom line, business processes, and productivity, as well as streamlining operations, and accelerating development and innovation in their evolving enterprises. It offers a wideranging program especially focused to meet the needs of executives, and strategic business and technology decision-makers. Attendees learn how to maximize their technology investments through practical information and case studies; build relationships with speakers and thought leaders from around the world; and create flexible, competitive enterprises.
cybergamut Technical Tuesday: Location Based, Context Aware Services for Mobile — Today and Tomorrow by Guy Levy–Yurista, Ph.D. (available at various nodes, Nov 12, 2013) As we continue to grow our dependence on mobile devices in our daily routine from taking pictures to delivering corporate documents, the contexts in which these devices are acting becomes increasingly important. Mobility today does not only take into account who the user is but where they are, when they are there, why they go there, what they're interested in, and what they're going to do. As our smart phones evolve, they are growing into a contextual engine that will not be just our personal assistant, but also our best friend providing us with all our information needs at the right time and in the right place.
Cyber Education Symposium (Arlington, Virginia, USA, Nov 19 - 20, 2013) Both the public and the private sectors suffer from a lack of highly trained and effective cyber security leaders. In response, the government, businesses, and academic institutions are all exploring ways to retrain the existing workforce and develop a new pool of cybersecurity professionals capable of meeting the needs of tomorrow. The Cyber Education Symposium offers a rare opportunity for the brightest minds in government (.gov), the private sector (.com), and the educational community (.edu) to convene and discuss trends and challenges in cybersecurity education. The Symposium will provide a forum to identify new ways of thinking about the problem, exchange best practices, and forge a pathway forward that leverages the full resources of our nation's leadership.
APPSEC USA (New York, New York, USA, Nov 18 - 21, 2013) Welcome to Appsec USA 2013, New York - a world class software security conference for developers, auditors, risk managers, and entrepreneurs, bringing you the world's top speakers, the most relevant security topics and an unbeatable atmosphere. Hosted by OWASP.
IT Forum Expo/Black Hat Regional Summit (, Jan 1, 1970) Black Hat Regional Summit will introduce a mix of local in-region experts and researchers from around the globe, discussing the latest trends in information security with an audience of peers. The sessions will provide candid insight and education for IT security professionals.
2nd Annual East Africa IT and Cyber Security Convention 2013 (Nairobi, Kenya, Nov 28 - 29, 2013) The 2nd Annual East Africa IT and Cyber Security Convention 2013 will bring together leading Cyber and IT Security experts who will provide key insights into critical cybersecurity issues surrounding cyber networks, mobile, and IT infrastructures. Enhancing the security, resiliency, and reliability of the nation's cyber and communications infrastructure is a challenge that must be met, attend the East Africa Cyber Security and IT Security Convention 2013 that will equip you with a comprehensive range of clarifications and solutions.