The CyberWire Daily Briefing for 12.26.2013
Cyber combat continues in Syria's civil war, as pro–Assad factions grow more capable and aggressive in targeting the opposition.
US retailer Target's recovery from its recent payment card data breach continues. New reports indicate that Canadian as well as US points-of-sale may have been affected. The incident has become common phishbait; consumers are advised to be on their guard when emails arrive purporting to give information or warning about the breach. Target's liability in fines alone may be large, with some analysts quoting figures so high as to be hardly credible.
Israeli researchers report finding vulnerabilities in Samsung's Knox BYOD software. A new, possibly copycat version of CryptoLocker (worm_crilock.a) displays novel propagation routines and detection–evasion techniques that include hardcoding of command–and–control urls as opposed to using more familiar domain-generation algorithms.
As Bitcoin becomes more widely adopted (if still imperfectly understood by its users) a less well–known cryptocurrency, Dogecoin, suffers its first hack.
Snapchat's API has been published, as have two exploits that associate names with phone numbers and enable creation of bogus accounts.
Cyber criminals miss Blackhole, and cast about for something to replace their favorite exploit kit.
Mikko Hypponen and Edward Snowden mark Christmas with requiems for privacy. Other security experts develop arguments for why privacy is indeed worth preserving.
In the US, discussion of the Presidential surveillance panel's report increasingly centers on developing an intelligence version of a principle of publicity: if no public justification of surveillance could in principle be given, then it shouldn't be undertaken.
Today's issue includes events affecting Australia, Canada, China, Iran, Israel, Malaysia, New Zealand, Pakistan, Russia, Slovenia, Turkey, United Arab Emirates, United Kingdom, and United States..
For a complete running list of events, please visit the Event Tracker.
FloCon2014 (Charleston, South Carolina, USA, Jan 13 - 16, 2014) FloCon 2014, a network security conference, takes place at the Francis Marion Hotel in Charleston, South Carolina, on January 13–16, 2014. This open conference provides a forum for operational network analysts, tool developers, researchers, and other parties interested in the analysis of large volumes of traffic to showcase the next generation of flow-based analysis techniques.
NASA Langley Cyber Expo (Hampton, Virginia, USA, Jan 14, 2014) The 2013 NASA Langley Cyber Expo is an annual event dedicated to Cyber Security and Information Technology at this secure facility. As the Cyber Expo hosts, the Office of the Chief Information Officer will be recruiting top federal speakers to provide informational sessions on relevant Cyber issues. Industry exhibitors may sit in on the sessions.This event will be promoted to all NASA Cyber and IT-focused personnel, as well as the entire workforce at this location.
cybergamut Tech Tuesday: Malware Reverse Engineering: An Introduction to the Tools, Workflows, and Tricks of the Trade to Attack Sophisticated Malware (, Jan 1, 1970) Reverse engineering malware can be an integral part of every security team's calculus. This session provides a technical review of the tools, workflows, and advanced analytic insight a senior reverse engineer brings to the fight. It will help demystify the process and illustrate the value-proposition associated with deep analytics of malware. Moreover, understanding the detail available through reverse engineering gives the security professional deeper insight into the tactics and techniques the attackers use to circumvent their defensive solutions. The session empowers cyber security professionals at every level to make better-informed judgments on how to improve their response and remediation protocols.
Cybertech: Cyber Security Conference and Exhibition (, Jan 1, 1970) Cybertech Israel, the first event of its kind, will present world-leading companies in the field of cyber defense alongside young companies that offer unique solutions to advance the discipline of cyber security. The conference will focus on commercial problem-solving strategies and solutions for cyber infrastructure experts across multiple sectors: energy, utilities, finance, defense, R&D, manufacturing, service sectors, health, government, telecommunications, transportation and more.
2014 Cybersecurity Innovation Forum (Baltimore, Maryland, USA, Jan 28 - 30, 2014) The 2014 Cybersecurity Innovation Forum (CIF) is a three-day event, sponsored by the National Cybersecurity Center of Excellence (NCCoE) with DHS, NIST, and NSA as primary participating organizations. The CIF will cover the existing threat landscape and provide presentations and keynotes on current and emerging practices, technologies and standards. The 2014 CIF will provide action-oriented outputs to fuel voluntary principle-driven consensus-based standards efforts, create opportunities for industry growth and drive research activities, and define use cases for subsequent exploration, which in turn will feed back into the subsequent CIF's, continually evolving the state of the art.