The CyberWire Daily Briefing for 10.23.2013
Ransomware concerns grow as this form of cybercrime becomes more vicious and widespread. F-Secure thinks the Reveton gang alone victimized 5 million people worldwide, with losses running above $800M. Norton declares India Asia-Pacific ransomware central, with an 8% rise in cost per victim over the past year. The figures are high enough to strain credibility, but clearly the problem is large and growing.
July's US Department of Energy data breach appears twice as large as originally reported: over 100,000 people were affected.
NETGEAR ReadyNAS storage is vulnerable to command injection attack. Troublesome Android ad network Vulna makes itself less troublesome (under pressure from FireEye). Malicious spam spoofing Xerox WorkCentre Pro messages has been seen in the wild.
Network Solutions reports more DNS issues and says it's working to overcome service interruptions.
Security researchers find application–layer denial–of–service attacks becoming more common.
Huawei's security evangelism receives scrutiny from the business press. One interesting note—the Chinese firm may use the US–UK special relationship to enter the US market via the UK.
Other industry and policy news centers on the tension between a security-driven desire for IT autarchy and a law-enforcement-driven desire for transnational cooperation. Where you come down seems to depend upon which you fear more: states or gangs. Thus Europe and the US find themselves at loggerheads over surveillance as experts call for closer information sharing, and US DNI Clapper deprecates Le Monde's sensationalism as US Representative Wolf seeks sensational punishment for Chinese cyberespionage.
Notes.
Today's issue includes events affecting Australia, China, European Union, France, India, Democratic People's Republic of Korea, Republic of Korea, Mexico, New Zealand, Philippines, Saudi Arabia, Turkey, United Kingdom, and United States..
Cyber Attacks, Threats, and Vulnerabilities
RedHack Publishes Documents on Turkey's Minister for EU Affairs (Softpedia) Hackers of the RedHack group have published documents related to the candidacy of Egemen Bağış, current minister for EU Affairs and chief negotiator, for the Istanbul Metropolitan Municipality
Ransomware family starts accepting Bitcoin (ITProPortal) One particular ransomware family is now accepting Bitcoin for the first time with the anonymous currency able to remove the encryption and signalling the malicious threat is continuing to grow. Alienvault.com reports that Cryptologic, identified by Microsoft as Crilock.A, also takes payment in MoneyPack, Ukash and cashU, with Bitcoin offered as the "most cheap option"
What is the cost of ransomware? (F-Secure) Here's a question we're often asked: what's the economic cost of malware? We recently assisted in a joint investigation with the Finnish Police and CERT-FI. And in this particular case -- we estimate that just one gang of "police" (themed) ransomware could be responsible for more than 800 million dollars worth of damage and losses
India 'ransomware capital' of APAC, with cyberfraud at $4B in 2013 (ZDNet) The country had 11 percent of cybercrime victims falling to this form of virtual extortion and saw an 8 percent rise in average cost per victim to US$207, according to the 2013 Norton Report
Dept. Of Energy Breach: Bigger Than We Realized (Dark Reading) DOE says July data breach affected more than double the number of people in initial estimates; CIO tasks an independent investigator to probe breach and agency's technology infrastructure
NETGEAR ReadyNAS Storage Vulnerable to Serious Command–Injection Flaw (Threatpost) NETGEAR ReadyNAS' Frontview front end is vulnerable to a serious command injection flaw that puts all data moving through a network at risk
Overzealous Android Vulna Ad Network Put in its Place (Threatpost) An Android ad library containing a maliciously potent cocktail of features and vulnerabilities is less of a danger to Android users today after Google and the ad network itself made a series of change
Spamhaus puts foot down HARD on Chinanet–GD (Security Skeptic) Anti-spam and block listing not-for-profit Spamhaus has added an entire /12 block of IP addresses allocated to Chinanet Guongdong Province Network (Chinanet-GD) for "Spammer, malware and botnet hosting for months. Ignoring multiple notifications sent by Spamhaus and 3rd parties"
Fake 'Scanned Image from a Xerox WorkCentre' themed emails lead to malware (Webroot Threat Blog) We've intercepted a currently circulating malicious spam campaign, tricking users into thinking that they've received a scanned document sent from a Xerox WorkCentre Pro device. In reality, once users execute the malicious attachment, the cybercriminal(s) behind the campaign gain complete control over the now infected host
Network Solutions reports more DNS problems (ComputerWorld) The issue comes two weeks after a successful DNS hijacking attack
Application–layer DDoS attacks are becoming increasingly sophisticated (ComputerWorld) The number of DDoS (distributed denial-of-service) attacks that target weak spots in Web applications in addition to network services has risen during the past year and attackers are using increasingly sophisticated methods to bypass defenses, according to DDoS mitigation experts
Security Patches, Mitigations, and Software Updates
OS X Mountain Lion users: No more security updates? (ZDNet) Have you not yet updated to OS X Mavericks? You better get on the ball because it appears, counter to prior practice, Apple won't be providing security updates to earlier versions anymore
Apple Follows In Microsoft's Windows 8.1 Footsteps, Makes OS X Updates Free (TechCrunch) Apple announced today at its event at San Francisco's Yerba Buena Gardens that its forthcoming update to OS X, Mavericks, will come at no cost to consumers. This is a change for Apple, a company that in the past charged for updates to its desktop operating system. Those fees were low — less than $50 — but they existed. And by dropping the cost of OS X updates to zero, Apple is
Apple releases iOS 7.0.3 — fixes yet more lockscreen holes, including a call–anybody bug (Naked Security) Apple just closed up yet more lockscreen holes in iOS 7. Reading the release notes will give you a sense of déjà vu - one of the bugs is pretty much the same hole that was patched in iOS 7.0.2
Cyber Trends
South Korea Counts Its Cyber War Losses (Strategy Page) South Korea has come up with a number (over $800 million) for the cost of dealing with North Korean cyber attacks over the past four years. The list the government complied is quite detailed. The latest attacks (in March and June) accounted for 93 percent of the cost. South Korea has been subjected to a growing number of Cyber War attacks since 2009 and the high cost of the latest ones shows that the North Koreans are getting better and that South Korea is not keeping up
Hackers in the service of cybercrime, a concerning trend (Security Affairs) Hackers are becoming a precious category of professionals also for organized crime, their effort is creating even more problems for law enforcement
Kroll Global Fraud Report Reveals Significant Surge In Corporate Fraud (Dark Reading) The number of companies falling victim to fraud has increased in the past year, according to the 2013 Kroll Global Fraud Report. Overall, 70 percent of companies were affected by fraud in the past 12 months, up from 61 percent the previous year, with an increase in every category of fraud covered by the study
IBM: CISOs Don't Get BYOD (eSecurity Planet) The 2013 IBM Chief Information Security Officer Assessment identifies a few areas of weakness, including BYOD policy, in modern IT security. IBM is out with its second annual Chief Information Security Officer (CISO) Assessment study this week, providing visibility into how enterprises are dealing with modern IT security challenges. David Jarvis
'Filipinos get a beating from cyber–criminals' (ABS-CBN News) The Philippines is now considered in the "high-risk level" of cyber attack, be it in the form of a Web or a local threat, an antivirus vendor said on Tuesday
Mobile device security woefully lacking among US adults, survey finds (FierceITSecurity) More than two in five of U.S. adults who own a smartphone report they rarely or never use a password to lock their device, according to a survey of 2,041 U.S. adults by Harris Interactive on behalf of identity theft protection firm Experian
Infographic: Insecure state of app security (FierceITSecurity) Only 11 percent of information security managers trust the security of their applications, according to a survey of more than 500 chief information security officers and security managers in the United States and Europe surveyed by Quotium
Sprint and Lookout Survey Reveals Consumers' Mobile Behaviors (Lookout) Our phones are our lifelines and have become an essential tool for everyday life. We are constantly plugged into our phones — during the morning commute, just before bed — even at the dinner table. Gone are the days when we used phones merely as a means of communication. Smartphones have become our most personal computers and in many cases know more about us than our best friends. Lookout and Sprint today released the results of a national survey revealing consumers' mobile behaviors, habits and concerns over privacy
Cyber vulnerabilities becoming more worrisome, experts say (Government Security News) On a list of risk factors that contemporary businesses have to face, cybersecurity vulnerabilities have moved up, from number 12 to number 3, according to Robert Rodriguez, the chairman and founder of SINET, an IT security organization, at a recent cyber security conference in New York
Marketplace
Corporate Recruiters Insist There Really Is a STEM Worker Shortage (IEEE Spectrum) The Wall Street Journal published a story yesterday titled, "More Businesses Want Workers With Math or Science Degrees" that highlights a new STEM skills shortage study. The article states that
How To Attract, Keep Gen Y Software Engineers (InformationWeek) Gen Y software engineer all-stars are easy to find, but hard to retain. Try these steps to keep them happy and productive. Engineering enrollment at universities in the U.S. is on the rise. As these new graduates hit the market, most employers have no clue how to attract them, how to train them, what core skills they bring to the table, and what will make them happy and productive
EC: Europe should become a 'trusted cloud region' in the post–Prism age (ComputerWeekly) European cloud providers must turn the Prism surveillance revelations into a Europe-wide opportunity to build trusted cloud services for customers globally, the European Commission (EC) has said
The commercial reality of Huawei's trust issues (ComputerWeekly) This week, we have been visiting Huawei's headquarters in Shenzhen. The company has been on a mission in the past three years to open its doors to more journalists and try and change its reputation as a closed off firm to one of openness and transparency. Yet, it is still struggling to break into some of the world's biggest and most lucrative markets
Shutdown stalled FedRAMP authorizations, GAO IT reports (FCW) Almost a week after it ended, the partial government shutdown continues to affect the federal IT community. Companies seeking authorization under the government's standardized approach to security assessments for cloud services — known as the Federal Risk and Authorization Management Program (FedRAMP) — were delayed by the 16-day shutdown
SRA Chosen to Support SPAWAR Systems Center Atlantic's Cyber Security and C5ISR Operations and Solutions (BWW) SRA International, Inc., a leading provider of IT solutions and professional services to government organizations, today announced that the U.S. Navy's Space and Naval Warfare Systems Center (SSC) Atlantic has selected SRA as a prime contractor to support its Integrated Cyber Security Operations (ICO) indefinite delivery/indefinite quantity (IDIQ) contract. The multi-award, five-year IDIQ carries a ceiling value of $900 million, if all options are exercised
IBM to Build GSA Cloud-Based Order Mgmt System (GovConWire) IBM (NYSE: IBM) has won a five-year, $30 million contract to build a cloud-based platform for the U.S. General Services Administration to use for processing orders from federal, civilian and military clients
IBM Launches Public Sector Cloud Innovation Center in DC (GovConWire) IBM (NYSE: IBM) has opened a cloud computing center in Washington that will work to help federal agency and public sector customers adopt cloud environments
Threat Stack raises $1.2M after move to Cambridge from D.C. (Boston Business Journal) Cambridge startup Threat Stack, a TechStars alum offering security software aimed at the cloud, on Tuesday announced raising $1.2 million in funding from Atlas Venture and .406 Ventures
Bromium Raises $40M For Security Technology That Traps Malware And Limits Attacks (TechCrunch) Bromium has raised $40 million for its micro virtual machine (micro-vm) technology that traps malware and analyzes it for IT administrators to examine once an attack takes place. The oversubscribed Series C funding round was led by new investor Meritech Capital Partners, with participation from existing investors Andreessen Horowitz, Ignition Partners, Highland Capital Partners, and Intel Capital
Procera Networks Joins the Anti-Phishing Working Group (MarketWatch) Real-Time Analytics Reporting and Policy Enforcement Recognized as Key in Efforts to Reign in Cybercrime
NIKSUN Named Best Company to Work For (MarketWatch) Silicon India names NIKSUN one of the Best Companies to Work For in 2013
Cindy Farkus Joins Camber Corporation as new VP and Director of Maryland Operations (Sacramento Bee) Camber Corporation is proud to welcome Ms. Cindy Farkus as the new Vice President and Director of Maryland Operations and Deputy of the National Intelligence and Special Operations Division. Ms. Farkus brings over 35 years of national security experience, specifically in intelligence analysis and homeland security. Ms. Farkus has extensive experience guiding and directing the establishment of new organizations, providing intelligence support to strategic and military operations, and expertly supporting crisis management, information sharing, international relations, and cyber security efforts
Products, Services, and Solutions
Google to release two–factor security token (ComputerWeekly) Google is planning a two-factor authentication token, the firm's principal engineer, Mayank Upadhyay, has confirmed
Websense Enhances TRITON Security Platform (SecurityWeek) Websense released the latest version of its TRITON security platform on Tuesday, which includes new features designed to more effectively thwart targeted attacks
Software Prohibiting Use of Non–Secure USB Flash Drives Now Available for Mac O/S at No Charge (Digital Journal) In an effort to assist healthcare organizations and universities, SDG is providing a free edition of software that will ensure confidential data is not mistakenly saved to a computer running Mac O/S. SDG had previously released a Windows compatible version
Gatekeeper on Mac OS X 10.9 Mavericks (TrendLabs Security Intelligence Blog) One of the Mac OS X platform's security features is Gatekeeper, which was first introduced in 2012 and works with Lion, Mountain Lion, and Mavericks. If a program is downloaded from the Internet and launched, Gatekeeper will first validate its digital signature and choose whether to let it run based on the user's settings. How has this changed in Mavericks
'Bring your own support' an option for BYOD enterprises (FierceMobileIT) BoxTone and BMC Software each unveil BYOD support solutions. As the BYOD movement takes hold in the enterprise, many organizations have stood up mobile device management software and whitelisted apps to get a better handle on the personal smartphones and tablets connecting to the network. These backend security strategies take a minimally invasive and least disruptive path to security. Now it looks like enterprises can take a similarly hands-off approach to device support
Play It Safe: Google Pulls Android Apps Tied To Dangerous Ad Platform (CRN) Some Google (NSDQ:GOOG) Android developers were forced to update their popular applications or face removal following the discovery that they tied their apps to an aggressive mobile advertising platform riddled with vulnerabilities
How to Choose the Right Eyes and Ears for Cyber Security (Forbes) The modern practice of cyber-security is now powered by data analysis. As a result, the quality of security will be determined by the volume and quality of the data collected about your environment, and the ability to uncover threats. One fascinating implication is that a raft of technology that can collect and analyze data about a computing environment is now relevant to the practice of security. There are now a huge number of choices of technology that can be the eyes and ears of your cyber security portfolio
Technologies, Techniques, and Standards
The government wants industry input on protecting infrastructure from cyberterrorists (The Verge) If you have opinions on how to protect America's critical infrastructure from hackers, the government wants to hear 'em. The 45-day public comment period is about to open for the preliminary guidelines on how to safeguard power plants, mass transportation, and other large utilities from cyberattacks. The guidelines are set to be released in February 2014 by executive order of the President
Banks to Utilities Given U.S. Standards to Fight Hackers (Bloomberg) President Barack Obama's administration proposed standards for banks, utilities and other companies to voluntarily follow to prevent hackers from infiltrating their computer networks. The measures are intended to help companies that provide critical services inside the U.S. — such as electricity, financial transactions and health care — improve their digital defenses, according to the National Institute of Standards and Technology
How to stop intruders without knocking out the workers (The Register) For a sysadmin, fighting malware feels like an uphill battle that you are never going to win. Security software vendors are in a constant catch-up game, trying to create definitions to protect their customers from the latest round of malware. Sysadmins have the tough job of using their various security software and devices, while trying to allow users to still be productive and do their job
Top three indicators of compromised web servers (TechRepublic) Web servers are a popular target for attackers, and the number of servers, frameworks, and web apps can make it difficult to recognize where the threats are. Here are some common indicators
Finding the goodness in threat reports (ComputerWorld) Are you drawing the right conclusions from your favorite security vendor's 2013 threat report? Some do, but I talk with a lot of security executives that miss the opportunity to use these reports as stimulus to re-examine their security strategies. The importance of threat reports are what the trends of user activity mean to your security practices and not-so-much the details of individual threats
Incident Response Teams: Handling and Managing Data and Materials (ThreatTrack Security) You suspect that a nasty file has infiltrated your system. The Incident Response Team (IRT) has been called and has collected data and categorized the event as a serious incident. Now it's time to handle and manage the incident data and materials in a secure manner so that further analysis and remediation can begin. Welcome to the world of cybersecurity incident response
Using Risk Assessment To Prioritize Security Tasks And Processes (Dark Reading) Prioritizing security tasks based on real risk measurements can be tough. Here's some advice to get you started
Design and Innovation
DARPA–funded TechShop location to open in Arlington, VA next year (Engadget) Just ahead of its Menlo Park location's crowdfunded move, TechShop has announced a second (or third, if you want to get technical) space to let your inner maker flag fly. Later this year Arlington, VA's Crystal City neighborhood will see construction begin on the new idea-friendly space near our nation's capitol, with a projected opening of early 2014. It's the latest effort from a partnership between TechShop, DARPA and the Department of Veterans Affairs Center for Innovation, and could help the state's 837,000 veterans develop usable skills through free job-training programs. We thought TechShop might consider a region with lower rent for its next space, but since Virginia has one of the highest veteran populations in the area, who are we to judge
Visualizing Security Analytics That Don't Stink (Dark Reading) When it comes to sifting through an inordinate amount of security data in order to make informed decisions, success depends not just on how one slices and dices that data via algorithms and analysis. Equally important is how that data is eventually presented, whether it be to IT operations making daily decisions, IT leaders developing strategic initiatives or to higher level executives who hold the purse strings
Research and Development
Cyber Grand Challenge for automated network security-correcting systems (Homeland Security) What if computers had a "check engine" light that could indicate new, novel security problems? What if computers could go one step further and heal security problems before they happen? To find out, the Defense Advanced Research Projects Agency (DARPA) intends to hold the Cyber Grand Challenge (CGC) — the first-ever tournament for fully automatic network defense systems. The Challenge will see teams creating automated systems that would compete against each other to evaluate software, test for vulnerabilities, generate security patches, and apply them to protected computers on a network. The winning team in the CGC finals would receive a cash prize of $2 million, with second place earning $1 million and third place taking home $750,000
Academia
Penn State to lead cyber–security Collaborative Research Alliance (Phys.org) Creating a science to detect and model cyberattacks and the risk and motivations behind them, and creating a response that can counter the attack and neutralize the cyberattackers in real time, is the aim of a cooperative agreement between the Army Research Laboratory and Penn State
Legislation, Policy, and Regulation
DNI Statement on Inaccurate and Misleading Information in Recent Le Monde Article (IC On the Record) Recent articles published in the French newspaper Le Monde contain inaccurate and misleading information regarding U.S. foreign intelligence activities. The allegation that the National Security Agency collected more than 70 million "recordings of French citizens' telephone data" is false
The U.S. needs to adjust its policy toward spying on allies (Washington Post) In response to the serial revelations of National Security Agency (NSA) spying against allied countries, the Obama administration offers two standard explanations. One is pragmatic: sweeping up phone records and other data in places such as France and Germany is an important counterterrorism operation that protects citizens of those nations as well as Americans. The other is tinged with cynicism: Many governments spy on one another, including on their friends, so no one should be shocked to learn that the United States does it as well
US rift with allies grows as Saudi Arabia, France voice concerns (Fox News) While the White House battles Congress over everything from the budget to ObamaCare, a potentially seismic shake-up is happening in America's relationship with some of its most-longstanding allies. For weeks now, a damaging trickle of once-secret information about the National Security Agency's spying abroad has outraged U.S. partners. France is the latest to formally protest over its citizens' alleged treatment at the hands of NSA analysts
New Leaks, New Repercussions (New York Times) Stunning new details continue to emerge from Edward Snowden's leaks about the vast electronic data mining carried out by the National Security Agency, setting off one diplomatic aftershock after another
European Parliament Joins List Of Those Upset With The NSA (WSHU) The fallout from revelations about the National Security Agency's spying activities continues: A key European Parliament committee approved new rules strengthening online privacy and outlawing the kind of surveillance the U.S. has been conducting. NPR's Soraya Sarhaddi Nelson says the legislation could also have significant implications for U.S. Internet companies. Here's what she told our Newscast unit
European Parliament Votes to Permit Pseudonymous Data Profiling (CIO) But digital rights groups warn that the proposal lacks sufficient safeguards for citizens' data. The European Parliament's civil liberties committee voted Monday night to allow profiling of "pseudonymous" data, but digital rights groups say that safeguards to protect data are not sufficient
Time to review cyber trust, says ICSPA (ComputerWeekly) The world needs to reset the clock on trust after whistleblower Edward Snowden revealed the US Prism internet surveillance programme, according to the International Cyber Security Protection Alliance (ICSPA). "Governments need to do a better job to help citizens to understand the reasons for conducting internet surveillance, John Lyons, ICSPA chief executive told the ISSE 2013 security conference in Brussels
The Real Privacy Problem (MIT Technology Review) s Web companies and government agencies analyze ever more information about our lives, it's tempting to respond by passing new privacy laws or creating mechanisms that pay us for our data. Instead, we need a civic solution, because democracy is at risk.Most proposals for enhancing our privacy treat it as an end in itself. Instead we need to be talking about how to best stimulate democracy--a balancing act that laws or market mechanisms can't achieve alone. In 1967, The Public Interest, then a leading venue for highbrow policy debate, published a provocative essay by Paul Baran, one of the fathers of the data transmission method known as packet switching. Titled "The Future Computer Utility," the essay speculated that someday a few big, centralized computers would provide "information processing…the same way one now buys electricity"
Silicon Valley, spy agencies and software sovereignty (Al Jazeera) Countries need homegrown technology as an economic incentive and to have some measure of independence and security
Cyber criminals have no borders, so neither should we (Naked Security) Rob Forsyth takes a look at the efforts of the Australian and New Zealand governments in tackling cyber security awareness, and highlights the work needed by global providers of security products to create a united front, unhindered by national barriers
It is Time for the TCG to Repudiate the NSA (Security Current) Trust is fragile and the decade long effort on the part of the NSA to compromise all security models has destroyed trust. From its inception the coalition of industry giants who have backed the concept of hardware-based security, the Trusted Computing Group (TCG), have been at odds with the "information should be free" crowd. The problem these giants (Microsoft, Intel, AMD, IBM, HP) faced a decade ago was software and media piracy. As the biggest backer, Microsoft, was the most suspect. In recent weeks that suspicion of Microsoft has exploded into bald-face claims from the German BSI that the Trusted Platform Module, the hardware component of Trusted Computing is an NSA backdoor. And who knows what further releases of the Snowden files will unveil about the NSA's involvement with the Trusted Computing Group?
Ron Wyden: The Quiet Hero of the Battle Against the Surveillance State (The Atlantic) The Oregon senator isn't as famous as Edward Snowden or Julian Assange, but his push for limits on the NSA could result in much-needed reforms
The Law of Attack in Cyberspace: Considering the Tallinn Manual's Definition of 'Attack' in the Digital Battlespace (Student Pulse) 'Attack' is a term of central importance in the Law of Armed Conflict, the body of international rules and standards that regulate conduct in armed conflict (jus in bello). A 1977 amendment to the Geneva Conventions of 1949, 'Protocol I,' defines an attack as an '[act] of violence against the adversary, whether in offence or defence.'1 The term's importance lies in its centrality to other prohibitions in the Law of Armed Conflict, for example the principle that individual civilians and civilian populations 'shall not be the object of attack'
Wolf: Change Needed In Addressing Cyber Threat (TMC.Net) Rep. Frank R. Wolf, R-Va. (10th CD), issued the following news release: Speaking at a cybersecurity summit in Tysons, Rep. Frank Wolf (R-VA) today said there needs to be stiffer penalties for countries like China who threaten our national security with cyber attacks and cyber espionage
Protect the Edward Snowdens of this world, says web's founder (The National) Society needs to protect whistleblowers like the American Edward Snowden to prevent the "abuse" of power online, says the founder of the internet. In an interview streamed live from New York for the keynote speech of the Abu Dhabi Media Summit yesterday, Sir Tim Berners-Lee highlighted the need for an agency to hold governments to account for their online activities
UK Cyber Reserve Force May Include Convicted Hackers (The State of Security) The U.K.'s Joint Cyber Reserve Unit that was announced in September by Defense Secretary Philip Hammond is recruiting, and they have not ruled out the possibility that convicted hackers may be considered eligible for the cyber warrior unit, officials said
The TSA is now searching your personal records before you get to the airport (The Verge) The Transportation Security Administration is gearing up for stronger and broader pre-screenings, according to newly released documents. The TSA already checks travelers against a terrorist watch list, but the The New York Times reports that the agency will now begin profiling travelers based on their past travel itineraries, property records, car registrations and employment information. The result is a full background check, directing some towards lighter screenings and others towards more invasive bag checks and pat-downs
Litigation, Investigation, and Law Enforcement
Aaron's computer rental chain settles FTC spying charges (C/NET) The rent-to-own computer company settles a complaint that accused it of secretly taking Webcam photos of users in their homes and recording keystrokes of Web site login credentials
South Korean cyber command raided in growing scandal (The Age) Military investigators raided South Korea's Cyberwarfare Command on Tuesday after four of its officials were found to have posted political messages online last year, in what opposition lawmakers have called a smear campaign against President Park Geun-hye's opponents before her election in December
Second Australian telco in regulator's cross hairs over privacy breach (FierceITSecurity) Just a week after AAPT was warned by the Privacy Commissioner for failing to protect customer information, Australia's largest carrier, Telstra, is being dinged by the Australian Communications and Media Authority for a similar lapse
Experian Got Scammed (FITSNEWS) Experian - the credit bureau which received a controversial no-bid contract from S.C. Gov. Nikki Haley during last year's #SCHacked scandal - has acknowledged being duped into selling its confidential customer data to a Vietnamese scammer. News of the heist was first reported this week by KrebsOnSecurity. According to the site, scammer Hieu Minh Ngo "gained access to Experian's databases by posing as a U.S.-based private investigator"
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
Cloud Connect (Chicago, Illinois, USA, Oct 21 - 23, 2013) Cloud Connect returns to Chicago October 21-23, 2013 with an all new program built around the leading cloud platforms. Cloud Connect provides the independent guidance IT professionals need to successfully build, operate and manage the cloud, and the tools to measure application performance and business metrics.
cybergmut Technical Tuesday: Cyber Security Strategy — Why We're Losing and What's Needed to Win (Columbia, Maryland, USA, Oct 22, 2013) CrowdStrike's Steve Chabinsky of CrowdStrike explains the situation. Everybody seems to be spending more on cybersecurity, but with questionable return on investment. In fact, the problem clearly is getting worse, and current strategies show no indication of reversing that trend. This non-technical presentation explores the typical cyber risk environment, considers the proper balance and likely effectiveness of threat deterrence, vulnerability mitigation, and consequence management to reduce cyber risk, and examines the current and evolving roles of government agencies and the private sector in addressing the problem. Backed by powerful, real-world examples of threat actor tactics, this presentation will help managers develop a better understanding of how their current security approach is most likely to succeed or fail over time, and what strategies are the most likely to shift the advantage to the good guys. cybergamut is co-hosting this event with the Maryland Chapter of InfraGard.
Cyber Security Seminar and IT Expo at Peterson AFB (Colorado Springs, Colorado, USA, Oct 22, 2013) The Cyber Security Seminar and IT Expo is a one-day event held on-site where industry vendors will have the opportunity to display their products to personnel attending briefings concerning the latest updates in Cyber Security Awareness. This is an excellent and unique opportunity to meet IT personnel from USNORTHCOM, NORAD, Army Space Command, USSPACECOM, and the 21st Space Wing all in one day.
Hack.lu 2013 (Luxembourg, Oct 22 - 24, 2013) Hack.lu is an open convention/conference where people can discuss about computer security, privacy, information technology and its cultural/technical implication on society.
STEM family night returning to Arundel Mills (Arundel Mills Mall, Maryland, USA, Oct 23, 2013) The Fort Meade Alliance is hoping to spark interest in future engineers and doctors at their third annual STEM family night Wednesday at Arundel Mills mall.
Joint Federal Cyber Summit 2013 (Washington, DC, USA, Oct 23 - 24, 2013) This collaborative government wide event is truly one of a kind, with speakers and attendees anticipated to represent more than 10 federal government agencies. Information sharing will be accomplished through keynote speakers on both days, along with numerous targeted breakout sessions (including a session with a federal CISSO panel), hands on live demonstrations, and industry exhibits.
NSU's 12 Simple Cybersecurity Rules For Your Small Business (Fort Lauderdale, Florida, USA, Oct 24, 2013) In this presentation twelve simple and inexpensive techniques for protecting small businesses from cyber threats will be discussed. While complex and expensive solutions exist to improve the security of information technology most of these products are not designed for the specific needs of small businesses. The techniques that will be discussed in the presentation are designed to address the most common threats encountered by small businesses without requiring significant expertise and expense. RSVP at the link.
BREAKPOINT 2013 (Melbourne, Australia, Oct 24 - 25, 2013) Over two days, 14 world-renowned speakers front Breakpoint to share their knowledge on a full range of security issues, from unpublished research to the latest trends in information security.
Ruxcon (Melbourne, Australia, Oct 26 - 27, 2013) Ruxcon is a computer security conference that aims to bring together the best and the brightest security talent within the Aus-Pacific region. The conference is a mixture of live presentations, activities and demonstrations presented by security experts from the Aus-Pacific region and invited guests from around the world. Ruxcon is widely regarded as a leading computer security conference within Australia attracting all facets of the security landscape from industry, academics, to enthusiasts.
2013 ACT–IAC Executive Leadership Conference (Williamsburg, Virginia, USA, Oct 27 - 29, 2013) Advances in technology and massive increases in data available can both challenge and transform Government mission performance. ELC-2013 focuses on how to make this transformation a reality, in and for agencies. We will hear from nationally prominent speakers and work across government and industry to learn new ideas and techniques. Four mission-oriented tracks will focus on initiatives for driving results using data and the "Innovate, Deliver, Protect and Analyze" paradigm that is at the heart of the Government's strategic vision.
FIRST Energy Symposium (Leesburg, Virginia, USA, Oct 28 - 29, 2013) Recent reports have shown that the Energy Sector has seen a large increase in the reported number of cyber attacks. The need to protect against threats and improve upon incident management has never been greater. Many control systems are already networked and are target of sophisticated attacks. Organizations will benefit from having a specialized team to work on detection and handling of cyber attacks, analyzing incidents and sharing information with other security organizations. The FIRST Symposium will focus on lessons learned from attacks and technology and sector specific security aspects. Strong emphasis will be given to organizational issues like creation and operation of incident response teams.
SAP NS2: National Security Solutions Summit (Falls Church, Virginia, USA, Oct 29, 2013) Join us for a day of learning and networking focused on how to advance U.S. national security and homeland security through I.T. innovation. Top-notch speakers will address the new challenges facing U.S. national security and critical infrastructure -- as well as powerful, affordable technologies that are available today to tackle those challenges while saving money and simplifying operations. Learn how your organization can run faster, smarter, leaner in the most secure environments -- with world-class, breakthrough solutions that are bold alternatives to business as usual.
RSA Conference Europe (Amsterdam, the Netherlands, Oct 29 - 31, 2013) Information security today isn't optional. It's business-critical. Over three days, RSA® Conference Europe 2013 imparts the must-know actions to manage growing cyber threats. With over 60 sessions spanning 10 hours, attend the educational and networking event that builds your knowledge and furthers your career.
Regional Cyber Security Forum & IT Day (CSFI) — Hawaii (Honolulu, Hawai'i, USA, Oct 30, 2013) 2013 marks the 10th anniversary of National Cyber Security Awareness Month and FBC will host the 1st Annual Cyber Security Forum & IT Day (CSFI) at Fort Shafter - Club Hale Ikena to coinside with the anniversary, and activities surrounding this month. The goal of CSFI is to raise cyber security awareness, and to promote best practices in cyber while allowing DoD personnel and industry partners the opportunity to share the most up to date remediation strategies. The event will feature four educational cyber sessions to go along with an exhibit hall..
NSA Hawaii — Cyber Security, Intelligence & IT Day (Honolulu, Hawai'i, USA, Oct 30, 2013) Be a part of the 1st Annual Cyber Security, Intelligence and IT Day set to take place at the new National Security Agency (NSA) Hawaii Rochefort facility. The event will be hosted by NS/CCS Hawaii Technology Directorate and will focus on Cyber Security, Big Data and Cloud Computing. There are other areas of interest listed below as well. This is an extremely unique opportunity to network with NSA personnel in Hawaii at their location. Educational sessions will be provided to attendees to coincide with government and industry exhibits.
Ahead of the Threat: Driving Innovation for Cyber Security (Bethesda, Maryland, USA, Oct 30, 2013) Sponsored by the Tech Council of Maryland, this conference will feature a presentation by Sondra L. Barbour, Lockheed Martin Information Systems & Global Solutions (IS&GS) Executive Vice President, will discuss the importance of understanding the adversary and staying ahead of the threat. Moving beyond the government, the need for intelligence-driven defense is becoming more critical across commercial industries such as oil and gas, finance and healthcare. The escalating landscape of cyber-attacks is forcing companies to take a closer look at their security posture to protect their assets, intellectual property and their customers' personal information.
TrustED 2013 (Berlin, Germany, Nov 4, 2013) In this workshop we consider selected aspects of cyber physical systems and their environments. We aim at bringing together experts from academia, research institutes, industry and government for discussing and investigating problems, challenges and some recent scientific and technological developments in this field. In this context we particularly are interested in the participation of industry representatives.
OKTANE 1 (San Francisco, California, USA, Nov 3 - 5, 2013) OKTANE13 is an identity, security and mobility event. Whether you're just getting started with cloud applications, evaluating a mobile strategy, building a hybrid enterprise IT, or looking to make your employees more productive and secure, OKTANE13 will keep you up to date with the latest enterprise technology.
MIRcon 2013 (Washington, DC, USA, Nov 5 - 6, 2013) With targeted attacks becoming more prevalent, today's incident responders are faced with the tremendous challenge of accelerating their response times while capturing relevant data from attacks in progress. From analysts and innovators to managers and executives the Mandiant Incident Response Annual Conference® (MIRcon®) is an excellent investment in your business and your professional development where you will learn about new technologies, incident response best practices, and key strategies for managing network security.
KMWorld 2013 (, Jan 1, 1970) KMWorld 2013 is a must-attend event for those concerned with improving their organizations' bottom line, business processes, and productivity, as well as streamlining operations, and accelerating development and innovation in their evolving enterprises. It offers a wideranging program especially focused to meet the needs of executives, and strategic business and technology decision-makers. Attendees learn how to maximize their technology investments through practical information and case studies; build relationships with speakers and thought leaders from around the world; and create flexible, competitive enterprises.
cybergamut Technical Tuesday: Location Based, Context Aware Services for Mobile -- Today and Tomorrow by Guy Levy-Yurista, Ph.D. (available at various nodes, Nov 12, 2013) As we continue to grow our dependence on mobile devices in our daily routine from taking pictures to delivering corporate documents, the contexts in which these devices are acting becomes increasingly important. Mobility today does not only take into account who the user is but where they are, when they are there, why they go there, what they're interested in, and what they're going to do. As our smart phones evolve, they are growing into a contextual engine that will not be just our personal assistant, but also our best friend providing us with all our information needs at the right time and in the right place.
Cyber Education Symposium (Arlington, Virginia, USA, Nov 19 - 20, 2013) Both the public and the private sectors suffer from a lack of highly trained and effective cyber security leaders. In response, the government, businesses, and academic institutions are all exploring ways to retrain the existing workforce and develop a new pool of cybersecurity professionals capable of meeting the needs of tomorrow. The Cyber Education Symposium offers a rare opportunity for the brightest minds in government (.gov), the private sector (.com), and the educational community (.edu) to convene and discuss trends and challenges in cybersecurity education. The Symposium will provide a forum to identify new ways of thinking about the problem, exchange best practices, and forge a pathway forward that leverages the full resources of our nation's leadership.
APPSEC USA (New York, New York, USA, Nov 18 - 21, 2013) Welcome to Appsec USA 2013, New York - a world class software security conference for developers, auditors, risk managers, and entrepreneurs, bringing you the world's top speakers, the most relevant security topics and an unbeatable atmosphere. Hosted by OWASP.
IT Forum Expo/Black Hat Regional Summit (, Jan 1, 1970) Black Hat Regional Summit will introduce a mix of local in-region experts and researchers from around the globe, discussing the latest trends in information security with an audience of peers. The sessions will provide candid insight and education for IT security professionals.
2nd Annual East Africa IT and Cyber Security Convention 2013 (Nairobi, Kenya, Nov 28 - 29, 2013) The 2nd Annual East Africa IT and Cyber Security Convention 2013 will bring together leading Cyber and IT Security experts who will provide key insights into critical cybersecurity issues surrounding cyber networks, mobile, and IT infrastructures. Enhancing the security, resiliency, and reliability of the nation's cyber and communications infrastructure is a challenge that must be met, attend the East Africa Cyber Security and IT Security Convention 2013 that will equip you with a comprehensive range of clarifications and solutions.