The CyberWire Daily Briefing for 12.2.2013
It is, of course, Cyber Monday, and consumers and retailers should be guarded online (especially on auction sites). Retailers ought to resist any temptation to relax security after a weak Black Friday.
Angolan policy arouses Islamist hacktivism. Chronic South Asian tensions sustain low-grade cyber-rioting. Iran alleges Saudi intelligence services are colluding with Israel to produce an upgraded Stuxnet for further attacks on Iran's nuclear program.
A free Wi-Fi proxy (n.b., "free" is usually an ominous qualifier) is implicated in illicit Bitcoin mining. The long-expected Windows XP zero-day is out in the wild. Trend Micro reports finding JPEG files used as vectors in targeted malware campaigns. Trustwave warns that iOS is vulnerable via file-sharing apps.
Banks in India, England, and Russia share their experiences with cyber attack. Dark Reading finds the (qualified) sunny side of botnets.
L'affaire Snowden has brought the insider threat into high relief, but a survey suggests few companies appear to have taken effective steps against it.
In industry news, Akami announces it will buy Prolexic, and Pwnie Express opens a Boston headquarters. Analysts foresee a wave of consolidation among big US defense integrators. Encryption draws growing attention from both start-ups and established firms.
Giving Tuesday follows Cyber Monday, and CyberPoint announces an "Anti-Malwear" offering to cover consumers (and support charities).
HM Government moves closer to promulgating UK cyber security standards. Britain and India also open talks on cyber cooperation.
The EU and the US (standing in for the other Five Eyes countries) remain at loggerheads over surveillance.
Today's issue includes events affecting Angola, Australia, Canada, China, European Union, Iceland, India, Indonesia, Iran, Israel, Japan, Kenya, Morocco, Netherlands, New Zealand, Nigeria, Pakistan, Romania, Russia, Saudi Arabia, Spain, Turkey, United Arab Emirates, United Kingdom, and United States..
Cyber Attacks, Threats, and Vulnerabilities
Prepare for Cyber Monday security concerns (CSO) With the peak of online shopping nearly upon us, users need to protect themselves from social engineering attempts
CADNA Warns Of Dodgy Websites In US Holiday Shopping Season (Domain Pulse) It's the time of the year when Americans go a bit crazy with shopping, online and offline. During last year's Cyber Monday, Americans spent $1.98 billion shopping online, topping Thanksgiving online sales by 17 percent
Criminals will have a field day on Cyber Monday if precautions aren't taken, says Barclays (PCR) As this year's Cyber Monday (December 2nd) approaches, Barclays and Kaspersky are warning shoppers of a rise in online fraud
#OpAngola: Website of Embassy of Angola In Abu Dahbi UAE Hacked by Moroccan Islamic Union–Mail (Hack Read) The online hacktivist group 'Moroccan Islamic Union-Mail' (MIUM) have hacked and defaced the official website of Republic of Angola Embassy in Abu Dhabi - U.A.E against alleged decision from the government of Angola to ban religion of Islam and shutdown all the mosques in the country
#OpAngola: Moroccan Ghosts hacks Embassy of Angola in Spain website against allegedly banning Islam (Hack Read) The online hacktivist group 'Moroccan Ghosts' have hacked and defaced the official website of Republic of Angola Embassy in Spain against alleged decision from the government of Angola to ban religion of Islam and shutdown all the mosques in the country. Moroccan Ghosts left a deface page along with a message on the hacked Angolan Embassy website
#OpNSA: 31 Australian Government domains hacked amid spying row with Indonesia (Hack Read) Newly emerging hackers from Indonesia going with the handle of Gantengers Crew are being the hacking of 31 Australian government owned domains against Canberra's spying activities over Jakarta. SultanHaikal of Gantengers Crew told me that Indonesians are in anger over spying row and that is why 28 sub-domains of New South Wales's government
RedHack hacks Turkish Ruling Party's Mersin City website, take over their twitter account. (Hack Read) The online hacktivist group RedHack has started retaliating against the arrest of Taylan Kulaçoğlu who was sent to prison yesterday for allegedly being a member of RedHack. As we had reported yesterday that RedHack has announced total retaliation against Taylan's arrest and backing him up till the last limit. The group has now taken down official website of Turkish ruling party's Mersin City website
Turkish Hackers Hacks official Vodafone Iceland website, leaks 77,000 accounts and SMS logs (Hack Read) Famous Turkish hacker going with the handle of @AgentCorporatio from Turkish Agent Hacker Group has hacked and defaced the official website of telecom giant Vodafone Iceland. As a result of hack, the hacker has leaked around 77k user accounts with customers SMS logs. The hacker who contacted me on Twitter explained that reason for targeting Vodafone was to mark his protest against USA and Israel
Pakistan Peoples Party Website Hacked and Defaced by Nigerian Cyber Army (Hack Read) A hacker going with the handle of Dr41DeY from Nigerian Cyber Army has hacked and defaced the official website of ex-president Zardari's political Party known as Pakistan Peoples Party. Hacker left a deface page along with a message on the hacked website without explaining the reason for targeting the website
Indian hacker hacks Lashkar–e–Taiba's Jamat ul Dawa website against 2008 Mumbai attacks (Hack Read) An Indian hacker going with the handle of Godzilla has hacked and defaced two official websites of Lashkar-e-Taiba's political wing 'Jamat ul Dawa' organization on the 5th anniversary of 2008's Mumbai attacks
"Saudis, Israelis developing new 'super Stuxnet' against Iran nuclear program" (Russia Today) Saudi Arabia and Israel's Mossad intelligence division are co-conspiring to produce a computer worm "more destructive" than the Stuxnet malware to sabotage Iran's nuclear program, according to a report from the semi-official Iranian Fars news agency
Free WiFi proxy revealed to be sneakily Bitcoin mining on unsuspecting users' computers (Graham Cluley) Always be wary of software which seems to be too good to be true. It may well be trying to make money at your expense
Windows XP users warned of new, in–the–wild, zero–day attack (Graham Cluley) If you're one of the many people still running Windows XP on your computer, be on your guard
JPEG Files Used For Targeted Attack Malware (TrendLabs Security Intelligence Blog) We recently came across some malware of the SOGOMOT and MIRYAGO families that update themselves in an unusual way: they download JPEG files that contain encrypted configuration files/binaries. Not only that, we believe that this activity has been ongoing since at least the middle of 2010. A notable detail of the malware we came across is that these malware hide their configuration files. These JPEGs are located on sites hosted in the Asia-Pacific region, and we believe that these malware families are used in targeted attacks in the region as well
File Sharing Apps Expose iOS To Security Risks (eWeek) Serious flaws in iOS could be opening users of common file-sharing applications to exploitation, according to a Trustwave researcher
CryptoLocker ransomware's professional execution ups the ante (SearchSecurity) Ransomware attacks have been around for seemingly as long as the field of information security itself, but for the most part, they've been labeled as a nuisance more so than as a true threat. A recent ransomware iteration called CryptoLocker may be changing that perception one infection at a time
Forensics Method Quickly Identifies CryptoLocker Encrypted Files (Threatpost) A researcher may have found the quickest route to learning which files are encrypted in CryptoLocker ransomware infections
Rogue antivirus that takes webcam pictures of you (Webroot Threat Blog) Recently we heard of a rogue fake antivirus that takes screenshots and webcam images in an attempt to further scare you into succumbing to it's scam. We gathered a sample and sure enough, given some time it will indeed use the webcam and take a picture of what's in front of the camera at that time. This variant is called "Antivirus Security Pro" and it's as nasty as you can get
Overlays and Red Herrings (Fortinet Blog) The Small Trojan downloader family has recently added new hallmark traits to the latest W32 variants
Android Security: 8 Signs Hackers Own Your Smartphone (InformationWeek) Security experts share tips on how to tell if attackers are in control of your Android smartphone
Second-hand memory cards pose identity theft risk, warn experts (Asian News International) Selling old memory cards on sites like eBay without proper deletion of previous data may lead to identity theft, security experts have warned
Stephen Hume: Several million users threatened by latest password heist (Edmonton Journal) Imagine what cyber criminals will do with their digital trove
Lessons learned from Anonymous and Operation Last Resort (Help Net Security) Activists that have links to Anonymous were able to gain access to U.S. government computers through a software flaw on the outdated Adobe ColdFusion platform. This left many agencies vulnerable to penetration and attackers were left undiscovered for almost 12 months
Punjab National Bank customers targeted in cyber attack (First Post) Cyber criminals tried to steal passwords of corporate and individual customers of Punjab National Bank (PNB) last week, global cyber security firm Websense said
Recent cyber attacks reveal bank vulnerabilities, says Bank of England (ComputerWorld) Several banks have been targeted in cyber attacks in the past six months, disrupting services and highlighting the vulnerabilities of their IT infrastructure
Dutch banks set common rules for online banking. But have they gone far enough? (Naked Security) Dutch banks have agreed on a common framework of rules for their online banking customers, which they will require people to follow if they are to qualify for refunds of money stolen through phishing, carding or other forms of online fraud
How Russia's biggest bank fights off its attackers — with a little help from a VC fund (ZDNet) The head of IT strategy at Russia's biggest bank sees the cloud as a necessary evil and is investing in security startups to deal with hackers that want to get into its systems
Hacker claims to have jailbroken PlayStation 4 to play pirated games, and upset Sony (Graham Cluley) Wherever you stand on the debate of whether people should be able to jailbreak their home entertainment devices, one thing is for sure. Hackers really don't like Sony
China Coal Bank Website Hacked allegedly by Japanese financial companies and their Chinese partners (Hack Read) The official website of China's first Coal Bank has been hacked and defaced by Japanese financial companies and their Chinese partners, claimed by one of the founders of the bank, JinBen Investment Group Co. Hacker(s) left a deface page along with several messages on the homepage of Coal Bank site with abusive and bashing content against JinBen Investment Group
UK's Suffolk County Police & Crime Commissioner Website Hacked by Zone Injector Team (Hack Read) A hacker going with the handle of pyXeL from Zone - Injector Team has hacked and defaced the official website of United Kingdom's Suffolk County Police & Crime Commissioner Tim Passmore's website on 23rd November, 2013. Team left a deface page along with a message on the high profile hacked website with no explanation of why the site was targeted
5 Protocols That Should Be Closely Watched (Dark Reading) Attackers frequently scan for open SSH, FTP, and RDP ports, but companies need to watch out for attacks against less common protocols as well
A Mercenary Approach To Botnets (Dark Reading) When does a botnet become valuable to government intelligence agencies
Security Patches, Mitigations, and Software Updates
Google admits that forcing G+ on YouTube users has increased spam (Naked Security) Google's recent decision to revamp YouTube's comment system by integrating Google+ in order to reduce spam has proven to be extremely unpopular with users. Ironically, however, it has proven to be quite a hit with the spammers themselves
Study: Privilege management policies unaltered after Snowden leaks (SearchSecurity) Edward Snowden's revelations regarding the NSA's spying activities may have forced more IT security professionals to reconsider the issuance of administrator rights at their organizations, but a recent survey suggested those companies aren't necessarily taking action on those concerns
Internet of Things will challenge today's privacy practices (FierceGovIT) The Internet of Things--a state in the not distant future when hundreds of billions of objects now disconnected from computer networks will routinely transmit data across the web—will require a new privacy paradigm, says the Future of Privacy Forum
The true cost of cybercrime (Help Net Security) From a cybercrime perspective, the opportunities are boundless: Seemingly everything has a computer in it, cars and pacemakers included. It's almost certain that the sophistication of exploits and attacks will increase, and that new exploit modes will surface with the ongoing computing and mobility revolution
Can we expect a cyberwar resurgence? (Help Net Security) Neohapsis security experts predict that next year there will be a cyberwar resurgence, the cloud will begin to show its hidden costs, and privacy will continue to lose in the US legislature
Experts predict widespread attacks on online banking users (Help Net Security) Kaspersky Lab has recorded several thousand attempts to infect computers used for online banking with a malicious program that its creators claim can attack "any bank in any country"
'Piracy, lack of cyber security policy drives Kenyan cybercrime' (ITWeb Africa) Insufficient cyber security policies and high levels of pirated software use are key factors holding back Kenya in its fight against cybercrime
Can Biometrics Make a Comeback? (eSecurity Planet) Biometrics promised to bring security to everything from transactions to systems usage. Yet biometrics never saw broad adoption. Can biometrics finally go mainstream
Akamai buys Prolexic to boost cloud computing security (V3) Akamai Technologies has announced its intention to acquire security firm Prolexic Technologies in order to offer customers using its cloud platform protection against cyber attack from the internet
High–Tech Firm Pwnie Express Relocates To Boston (Banker and Tradesman) Pwnie Express, which provides computer security technology, has relocated its headquarters to Boston's Seaport Innovation District
FireEye CFO Michael Sheridan Wins CFO of the Year Award in the Category of Public Company With Revenue Under $500M From the Silicon Valley Business Journal (Wall Street Journal) FireEye, Inc. (Nasdaq:FEYE), the leader in stopping today's advanced cyber attacks, today announced that Michael Sheridan, FireEye CFO, was awarded the Silicon Valley Business Journal's 2013 CFO of the Year award in the category of public company with revenue under $500M
HP Enterprise Services to Take Over As HealthCare.gov Web Host (GovConWire) HP logoHewlett-Packard (NYSE: HPQ) has won a contract to take over as web hosting provider for HealthCare.gov in a move that will transition the federal health insurance marketplace to a new data center, The Wall Street Journal reported Wednesday
GCHQ Announces First Members in Dual–track Cybersecurity Schemes (InfoSecurity Magazine) The information security arm of the UK's GCHQ and the Centre for the Protection of National Infrastructure (CPNI) have announced the first accredited members of the two cybersecurity incident-response initiatives unveiled in late 2012
Goodbye, old guard: Defense mergers may be coming (Yahoo! Finance) Most investors have never heard of Ashton "Ash" Carter. But the man who is the Pentagon's de facto operations chief retires next week, and his departure could have a major impact on the defense industry and Wall Street
Techies Vs. NSA: Encryption Arms Race Escalates (ABC News) Encrypted email, secure instant messaging and other privacy services are booming in the wake of the National Security Agency's recently revealed surveillance programs. But the flood of new computer security services is of variable quality, and much of it, experts say, can bog down computers and isn't likely to keep out spies
Security upgrades show Snowden won (Stuff) Former National Security Agency contractor Edward Snowden succeeded where President Barack Obama couldn't - getting Microsoft, Google and Yahoo to upgrade computer security against hackers
Marine Corps expands eligibility for lucrative cyber security jobs (Marine Corps Times) Marines in 16 additional military occupational specialties are eligible to make lateral moves into the Corps' growing cyber security community, a career change that could come with a meaty cash bonus
How to cope with information security job search challenges (SearchSecurity) Editor's note: This month, contributor Ernie Hayden responds to a reader inquiry regarding the tumultuous information security job market. Below is the reader's letter, edited for brevity, followed by Hayden's response
Defense Department tackles mobile authentication (Washington Post) The Defense Department says it's committed to a future in which service members and civilians can use the latest and greatest mobile technology to get their work done, regardless of the device manufacturer. But it's still struggling mightily with one of the biggest challenges for mobility in the government: identity management
Innovative New Product from CyberPoint Offers Secure and Convenient Coverage for Consumers Operating in Public Spaces (Baltimore Business Journal) CyberPoint International, LLC, a global provider of cyber security services, solutions, and products, announced today the release of its newest consumer protection product. Code named "T," this innovative new product integrates a powerful network of fibers enabling secure and convenient coverage for consumers operating in public spaces. T comes complete with an easy-to-use alerting system designed to proactively protect consumers from the daily threats they encounter. As the latest addition to CyberPoint's Anti-Malwear line, T also ensures that others know you have a sense of humor
Products, Services, and Solutions
CSC Platform Targets Malware With Trend Micro Contextual Analysis (CruxialCIO) IT services company CSC has upgraded its managed security services with a new advanced threat detection platform
Encrypted Social Network Vies for Disgruntled Whatsapp, Facebook Users (CIO) Easy-to-use encryption is the aim of Syme, a service built by three students in Montreal
Analysis: Enterprise password management tools have room to improve (SearchSecurity) While we all have too many passwords to deal with, few of us have the proper tools for promoting better password hygiene in our day-to-day working lives. Despite the variety of consumer-oriented products available, finding an enterprise password management product or tool can be quite difficult
Symantec: Gobal training programme in cyber security to be piloted in New Zealand and Australia (CIO) Symantec project aims to plug continuous skills gap in the area
Tabernus Receives CESG Commercial Product Assurance (CPA) Certification for Data Erasure Product (Digital Journal) Data Erasure specialists Tabernus are the first of its kind in the commercial data erasure industry to receive CESG Commercial Product Assurance (CPA) certification for their latest version of Tabernus' data erasure software, Enterprise Erase v7.0
Technologies, Techniques, and Standards
UK Cyber Security Standards (UK Department of Business, Innovation, and Skills) BIS commissioned a research project into the availability and adoption of cyber security standards across the UK private sector. This report combines the responses to an extensive and wide-ranging online survey, the findings of a series of in-depth one-to-one interviews with a broad range of UK business leaders, and an analysis of the current cyber security standards landscape in order to provide an insight into the current levels of both supply and demand in this area
UK Government misses an opportunity to set a direction for tackling cyber security, says IT Governance (IT Governance) The British government's efforts to incentivise UK businesses to do more to tackle cyber security should be applauded, says IT Governance Limited, but must be reinforced with clear leadership and practical next steps
Automation, Exercises Shorten Response Time To Advanced Attacks (Dark Reading) Detecting threats remains a problem, but companies need to improve incident response — automation can help significantly
How PCI 3.0 changes the PCI DSS penetration testing requirement (SearchSecurity) I saw that the PCI DSS 3.0 preview made penetration testing a requirement for everyone, including SMBs. Could you detail what exactly is required out of PCI DSS penetration tests to achieve compliance? What do you think would be the cheapest method for SMBs to meet this requirement
Bitcoin Forensics: A Journey into the Dark Web (Forensic Focus) There has been a lot of buzz around Tor, Bitcoin, and the so-called "dark web" (or "deep web") since the FBI shut down the underground website "Silk Road" on Oct 1st. As many of you already know, Tor is a network of encrypted, virtual tunnels that allows people to use the internet anonymously, hiding their identity and network traffic. Using Tor's hidden service protocol, people can also host websites anonymously that are only accessible by those on the Tor network
OS X Mavericks Metadata (Forensic Focus) Apple recently released the newest version of their desktop operating system, Mac OS X Mavericks. As a free update to all supported Apple desktops and laptops, a wide adoption rate was expected, and in fact it was estimated that within the first 24 hours, 5.5% of all Mac laptops and desktops were already running the new operating system. It becomes necessary for a forensic examiner to understand how changes to the file metadata system can be used as a source of new evidence during an investigation. In this article, I would like to cover two significant changes to the metadata generated by OS X Mavericks that, if properly preserved, can be a useful source of evidence
Understanding Rootkits: Using Memory Dump Analysis for Rootkit Detection (Forensic Focus) Every rootkit employs a wide range of masquerading techniques to prevent its detection. Anti-virus and anti-malware tools must perform what is called, in forensic terms, "live box analysis", performing a real-time scan of a live system. No wonder rootkits can actively resist detection by either hiding themselves or messing with anti-virus software or the system kernel. This constant battle makes rootkit detection not only difficult and unreliable, but disruptive and potentially dangerous to system stability and the integrity of user data
5 steps to survive a Meaningful Use audit (FierceHealthIT) Although the government will hit only a small percent of the nation's providers with a Meaningful Use attestation audit, the stakes are high: Any single attestation misstep could be grounds for loss of the full incentive payment
Handling HIPAA: 4 new provisions providers must know (FierceHealthIT) If knowledge--including patient data--is power, then the U.S. Department of Health & Human Services has sent a message to providers and other organizations charged with handling and protecting that data when it published the HIPAA omnibus final rule: With great power comes great responsibility
10 Defenses Against Smartphone Theft (InformationWeek) Thieves see mobile phones as easy cash. Take these 10 steps to defend yourself
IT security risk training for executives: How to get started (TechTarget) Executives don't have time for formalized security risk training, so the onus is on the security team to become involved with core business processes
SME cloud — blanket security or security blanket? (ComputerWeekly) Small and medium-sized enterprises (SMEs) are as vulnerable to security threats as their larger counterparts. Everyone uses the same internet, much of the same software and has the same vulnerabilities from employee mishap or attacks on valuable data. Yet the SMEs does not normally have the luxury of a full-time IT security specialist, let alone the budget for bullet-proof specialist security systems
Verify your software for security bugs (Help Net Security) Verification is an important phase of developing secure software that is not always addressed in depth that includes dynamic analysis and fuzzing testing. This step allows checking that security has been built in the implementation phase: secure coding and using compilers mitigation correctly
Will a password–strength meter lead to stronger passwords? (SearchSecurity) What are your thoughts on introducing password-strength meters into enterprise settings? I've read mixed conclusions concerning their effectiveness. How could a company go about introducing them
Design and Innovation
Bitcoin Mania: How To Create Your Very Own Crypto–Currency, For Free (Forbes) With Bitcoin now worth potentially more than an ounce of gold, I'm capping off my series of Bitcoin posts with an attempt to answer a recurring question. How to go about creating your very own crypto-currency
Research and Development
How your Facebook posts can reveal you're a psychopath (Graham Cluley) Swedish researchers claim that your Facebook posts can reveal your personality traits, including whether or not you have psychopathic tendencies
Manipulation of hard drive firmware to conceal entire partitions (Elsevier) Tools created by the computer hacking community to circumvent security protection on hard drives can have unintentional consequences for digital forensics
A New Record for Terahertz Transmission (IEEE Spectrum) Engineers achieve amazing data rates in a once-inaccessible band
Cyber Defense Competitions a major hit on campus (SearchSecurity) At Iowa State University we have one of the oldest security education programs in the country. This has given us insight into the needs of both the students we educate, and the companies that hire them
Brown University holding conference on National Security Agency surveillance, privacy issues (The Republic) Brown University is holding a conference on the National Security Agency, government spying and privacy issues
Studying the art of white hat hacking (Saturday Gazette-Mail) It took a bit of convincing with the powers-that-be. They wanted to train students to think and act like hackers to better understand their methods, said Marshall University assistant professor Bill Gardner
University of Waikato to open a Cyber Security Lab (geekzone) New Zealand's first cyber security lab will be opened at the University of Waikato on Tuesday, coinciding with the launch of a new qualification, the Master of Cyber Security degree
Legislation, Policy, and Regulation
It's Time to Write the Rules of Cyberwar (IEEE Spectrum) The world needs a Geneva Convention for cybercombat
India, UK talks on cyber security on December 3 (The Economic Times) India and the UK will discuss ways to implement their cyber security partnership at a high-level meeting in the Capital on December 3, according to an internal foreign ministry note seen by ET
Euro computer emergency teams need better support — ENISA (The Register) ENISA, the EU network and information security agency - is setting its shoulder to the Sisyphean task of trying to align its various national Computer Emergency Response Teams (CERTs)
EU Tells US: End Mass Spying (InformationWeek) Responding to surveillance revelations, EU officials seek changes in commercial and law enforcement data sharing arrangements with the US
National interest served by PM's no–apology stance (The Australian) FEW prime ministers have faced a more challenging start, particularly in the area of foreign policy, than Tony Abbott. Voters judge prime ministers not only on how effectively they implement their policies, but also how they respond to unexpected events
Canada allowed widespread NSA surveillance at 2010 G20 summit — report (Reuters) Canada allowed the U.S. National Security Agency (NSA) to conduct widespread surveillance during the 2010 Group of 20 summit in Toronto, according to a media report that cited documents from former NSA contractor Edward Snowden
NSA, Cyber Command leadership split mulled (Washington Post via the Tribune-Review) Key senior Obama administration officials have advocated splitting the leadership of the nation's largest spy agency from that of the military's cyberwarfare command as a final White House decision nears, according to individuals briefed on the discussions
Commentary: Let CYBERCOM Stand Alone (DefenseNews) Over the past few months, numerous commentators have weighed in about the future of the National Security Agency-US Cyber Command (CYBERCOM) relationship. The impending retirement of Army Gen. Keith Alexander, who heads both organizations, and his top deputy, creates a logical opportunity to review the government's cyber-related organizational chart
Boehner fighting NSA bill (American Thinker) How much power does the Speaker of the House have? He can stop a bill from coming to the floor despite the fact that it has the support of a clear majority of members on both sides
Obama to issue a new statement of U.S. national security strategy (Washington Post) President Obama will formally present a new national security strategy early next year, identifying his foreign policy priorities for the remainder of his time in office, the White House said Friday
Spam fighters call for "parking tickets" on unsafe servers (PC Pro) Anti-spam outfit, Spamhaus, has called on the UK government to fine those who are running internet infrastructure that could be exploited by criminals
HPSCI Seeks "Continuous Evaluation" of Security–Cleared Employees (Secrecy News) Recent unauthorized disclosures of classified information might have been prevented if U.S. intelligence agencies "continuously evaluated the backgrounds of employees and contractors," according to the House Permanent Select Committee on Intelligence
Viewpoint: Automated record checks won't catch all security clearance flaws (Federal Times) When it comes to fixing the nation's security clearance review process, one problem -- the National Security Agency's reported mining of public and nonpublic data to graph the social connections of certain Americans -- can serve as a solution. Of course, using one problem to solve another creates a problematic solution, and the same is true for a solution derived from the non-troublesome aspects of a problem
Latest NSA charge under fire by ACLU (USA Today via the Durango Herald) The National Security Agency collected evidence of online sexual activity and visits to pornographic websites as part of a proposed plan to harm the reputations of six people the agency considered "radicalizers," the Huffington Post reported, citing documents released by former NSA contractor Edward Snowden
Why the NSA has landed us all in another nice mess (The Guardian) The Snowden revelations may not end internet surveillance, but they will certainly cause radical changes
State cyber security operation battles hackers (The Oklahoman) Oklahoma has created a centralized computer security system to engage in real time battles against hackers
Oklahoma workers' heavy use of social media a concern (Tulsa World) State employees' heavy use of sites like Facebook irks state lawmakers
Dilbert, November 28, 2013 (Dilbert (h/t Team Cymru)) "We'd like to weaponize you"
Litigation, Investigation, and Law Enforcement
Former NSA director: Snowden cache would be 'catastrophic' (The Hill) Former National Security Agency and Central Intelligence Agency Director Michael Hayden on Sunday said that reports that former NSA contractor Edward Snowden is keeping a "Doomsday Cache" of highly classified material are within reason
Britain targets Guardian newspaper over intelligence leaks related to Edward Snowden (Washington Post) Living in self-imposed exile in Russia, former National Security Agency contractor Edward Snowden may be safely beyond the reach of Western powers. But dismayed by the continued airing of trans–atlantic intelligence, British authorities are taking full aim at a messenger shedding light on his secret files here — the small but mighty Guardian newspaper
DOT vulnerable to serious security threats, says OIG (FierceGovIT) The Transportation Department's information systems are vulnerable to serious security threats due to deficiencies with its enterprise architecture, controls and vulnerability remediation
Police hunt Romanian ATM thieves who are behind 90% of UK cashpoint fraud (Daily Mail) British police are to hunt for the 'Mr Bigs' running Romanian gangs that are now behind more than 90 per cent of cashpoint thefts in this country, the Mail can reveal
Alleged member of RedHack 'Taylan' sent to prison, RedHack denies affiliation, vows to take revenge (Hack Read) Taylan Kulaçoğlu who was taken in custody earlier for allegedly being member of online hacktivist group RedHack has been sent to prison for further processing after his second detention this afternoon
US Army settles unlicensed software claim for $50 million (ITWorld) The U.S. Army will pay Apptricity, a supply chain and financial software developer, US$50 million to settle a copyright infringement claim that it used but didn't pay for thousands of copies of logistics management software
For a complete running list of events, please visit the Event Tracker.
ACG® New York Cyber Security Investor Conference (New York, New York, Dec 11, 2013) The ACG New York Cyber Security conference will feature experts in Cyber Security that will enable you to understand the opportunities for investment in a number of areas that constitutes Cyber Security. IT security spending will be $639 billion by 2023 — a tenfold increase.
Operationalize Threat Intelligence (Webinar, Dec 4, 2013) Security teams are overloaded with threat feeds. It doesn't end with third party providers. It includes alerts, logs, and tips from their own security and IT solutions. We need help transforming this data into knowledge so we can act. Attendees will learn concepts and best practices that enable organizations to reduce, prioritize and operationalize threat intelligence.
Cloud Security Alliance Congress 2013 (Orlando, Florida, USA, Dec 4 - 5, 2013) The CSA Congress is the industry's premier gathering for IT security professionals and executives who must further educate themselves on the rapidly evolving subject of cloud security. In addition to offering best practices and practical solutions for remaining secure in the cloud, CSA Congress will focus on emerging areas of growth and concern in cloud security, including standardization, transparency of controls, mobile computing, Big Data in the cloud and innovation.
SINET Showcase: THE SINET 16 (Washington, DC, USA, Dec 4 - 5, 2013) The SINET Showcase is supported by the Department of Homeland Security, Science & Technology Directorate and provides a significant opportunity for industry's most innovative global entrepreneurs to present in front of 350 sophisticated investors, buyers and researchers from the commercial and government markets. If a company is selected as one of the SINET 16, it will not only be recognized at the event, but receive access to prospective investors and customers as well. Please note that the deadline to apply for the SINET 16 is August 15th.
The 8th International Conference for Internet Technology and Secured Transactions (London, England, UK, Dec 9 - 12, 2013) The 8th International Conference for Internet Technology and Secured Transactions (ICITST-2013) is an international refereed conference dedicated to the advancement of the theory and practical implementation of secured Internet transactions and to fostering discussions on information technology evolution.
World Congress on Internet Security (London, England, UK, Dec 9 - 12, 2013) The WorldCIS-2013 is an international forum dedicated to the advancement of the theory and practical implementation of security on the Internet and Computer Networks. The inability to properly secure the Internet, computer networks, protecting the Internet against emerging threats and vulnerabilities, and sustaining privacy and trust has been a key focus of research. The WorldCIS aims to provide a highly professional and comparative academic research forum that promotes collaborative excellence between academia and industry.
ACSAC 2013 (New Orleans, Louisiana, USA, Dec 9 - 13, 2013) The Annual Computer Security Applications Conference (ACSAC) is an internationally recognized forum where practitioners, researchers, and developers in information and system security meet to learn and to exchange practical ideas and experiences.
cybergamut Tech Tuesday: Dumping in the Dark: Gaining Insight into your Memory Acquisition Tools and Techniques (Columbia, Maryland, USA, Dec 10, 2013) Digital forensic and incident response professionals unanimously agree on the vital importance of physical memory acquisition and analysis in investigations, whether they center around the reconstruction of user activity or the isolation of malicious code. Most computer incident response teams have preferred tools for such acquisition that are part of their standard operating procedures invoked during live response or evidence acquisition. We all use these tools, but how many of us can describe how they work? This talk takes a deeper look at the differences found in those memory image files tied directly to the specific tools and techniques used in the acquisition process.
2013 ASE International Conference on Cyber Security (Orlando, Florida, USA, Dec 10 - 15, 2013) The annual ASE Cyber Security Conference is a leading international forum for cyber security researchers, practitioners, developers, and users to explore cutting-edge ideas and results, and to exchange techniques, tools, and experiences. The conference seeks submissions from academia, government, and industry presenting novel research on all practical and theoretical aspects of cyber security. The First ASE International Conference on Cyber Security provides a key forum for researchers and industry practitioners to exchange information regarding advancements in the state of art and practice of cyber security.
Cyber Defense Initiative 2013 (Washington, DC, USA, Dec 12 - 19, 2013) NetWars Tournament runs over an intense two- to three-day period, at a conference or hosted onsite. Many enterprises, government agencies, and military bases are using NetWars OnSites to help identify skilled personnel and as part of extensive hands-on training.