The CyberWire Daily Briefing for 2.28.2013
news from RSA
China can protest all it wants, but RSA symposiasts are unconvinced: PLA cyber espionage is, they say, well-established and unlikely to abate.
CounterHack describes three trends in offensive cyber operations: offensive forensics (enabling precise targeting), misdirection (including mimicking national coding styles), and kinetic effects (via attacks on critical infrastructure).
An FBI presentation sharply distinguishes hackers from insider threats, and argues that insider threats are best predicted, recognized, and neutralized using traditional personnel security disciplines.
Some panels suggest ways of balancing risk and reward when choosing security investments. If, as Adi Shamir argued yesterday, all systems eventually get breached, perhaps rapid response and active defense give a better return on investment than traditional perimeter security. And software security, as sensible an approach to development as it seems, may not make economic sense for all companies.
RSA and Detica discuss big data's potential contribution to cyber security. They see, in particular, opportunities for fraud detection through big data analytics.
Sophos draws a gloomy lesson from the Matt Hoban and Cloudflare hacks: you now need to worry not just about your own system, but about everyone else's, too. (Or, as Network World puts it, "Cloud security forecast: murky with an 80% chance of finger pointing.")
Enjoy the booths and new product launches.
New espionage malware surfaces in Europe, Asia, and the Americas: "MiniDuke" appears designed to steal state secrets. It uses a baited pdf (a plausible English-language study of Ukrainian NATO integration plans) to exploit the recently patched Acrobat sandbox bypass vulnerability. It also employs—that bugaboo from the early 2000s—steganography. Kaspersky calls MiniDuke "old school" and notes its "weird backdoor functionality." Some victims quietly blame Chinese intelligence services, but researchers at the Austrian Institute for International Affairs suggest an alternative attribution, noting MiniDuke's similarity to the TinBa Trojan produced by Russian hackers for bank fraud.
China reacts defensively about the ongoing cyber cold war, claiming its own email systems are under continuous US attack. Mandiant has said it expected retaliation for its attribution of the New York Times attack to the PLA, but evidence hints retaliation may take the form of patriotic cyber rioting against US targets as opposed to a state-directed campaign. Meanwhile AlienVault says there are more dangerous cyberwar units in the PLA than APT1, which the Register calls "more prolific than leet." (Still, leet enough to pwn the Times.)
Bank of America acknowledges that Anonymous got some of its data, but says the hacktivists did so by attacking a third-party vendor. Variety notes that hacktivism (in the form of labor unrest among special effects workers) is a rising threat to Hollywood.
The US Intelligence Community expects capability-reducing budget cuts. US Cyber Command faces a labor shortage. MIT and EdX think online courses can close corporate skill gaps.
Notes.
Today's issue includes events affecting Austria, Belgium, Brazil, China, Costa Rica, Czech Republic, Germany, India, Iran, Ireland, Israel, Japan, Kenya, NATO, Oman, Panama, Portugal, Romania, Russia, Spain, Turkey, Ukraine, United Kingdom, United Nations, and United States..
San Francisco: the latest from RSA
[RSA 2013] Conference Resources (RSA Conference) Bookmark this page for easy access to the information and resources you'll need to make the most out of your week. Make sure to check out what's new for 2013!
Scenes from RSA Conference and BSidesSF 2013 (CSO Salted Hash) A look at the sights and sounds of the world's biggest annual information security event
A walk through the expo at RSA Conference 2013, part two (Help Net Security) The RSA Conference 2013 expo continues to draw large crowds each day. Here's another look at the show floor, with more interesting booths
Video: RSA Conference 2013 showcase (Help Net Security) The world's top information security professionals and business leaders gathered in San Francisco for RSA Conference 2013. Here's a closer look at the show. For up-to-date conference news and
Slides from the RSA conference: where the world talks security (welivesecurity) If things seem a little slow on We Live Security this week its because a lot of us are attending the annual RSA Conference in San Francisco, billed as the event Where the World Talks Security. And indeed, this is a major gathering of cyber security companies and security experts, now in its twenty-second year (for the first few years it was known as the Cryptography, Standards & Public Policy forum). Unlike the fake conference to which David Harley referred earlier in the week, RSA is very real, and a really good place to take the pulse of information security
China's Cyberespionage Will Continue Unabated, Say Experts (Dark Reading) The U.S. government will be slow to act against aggressors who attack through the Internet, predict policy and China experts at RSA
Cyber attackers getting smarter, harder to track (Federal Times) Offensive cyber operators, both nation-states and individuals, are catching on to some of the improved cyber defense techniques and are getting better at covering their tracks while targeting the most important data. Speaking as part of a panel Wednesday, "The Five Most Dangerous New Attack Techniques and What's Coming Next," Ed Skoudis, CEO of Counter Hack, described a trio of
RSA 2013: User habits and behavior can denote a future insider thief (SC Magazine) If IT management seeks to efficiently deter insider threats within their organization, they'll have to complement technical security measures with behavioral-based assessments of their workforce, according to the FBI. In a Tuesday session at RSA Conference 2013, Patrick Reidy, CISO at the FBI, and Kate Randal, insider threat analyst for the agency, said the risk posed by insiders shouldn't necessarily be considered a security problem. Randal said that in insider threat scenarios, the major problem is we trust our threat and, because of this, management fails to take note of red flags that often precede cyber espionage or theft of intellectual property by staff
RSA 2013: Hackers will get in, so spend the money on pushing them out (SC Magazine) As even the most well-resourced enterprises fall to victim to compromise, security that is focused on keeping the hackers off the network is quickly becoming an anachronism. Now, practitioners must instead concentrate their energy on pushing the attackers out once they're already in. A group of security industry veterans, all now representing vendors, joined a panel Tuesday at the RSA Conference in San Francisco to discuss raising the price tag for adversaries to accomplish their mission
Software Security Programs May Not Be Worth the Investment for Many Companies (Threatpost) The discipline of software security has been gaining traction in a lot of organizations both large and small in recent years, thanks in part to the success that vendors such as Microsoft, Adobe and others have had with it. However, for many companies, the time and money spent on software security initiatives could be put to better use simply fixing flaws after products ship or are deployed, an expert said
CPOs Challenged with Meeting Privacy Expectations and Maintaining Full User Experience (Threatpost) People who interact with online services have mounting privacy expectations that run in parallel with their need for a full experience with the functionality central to those services. But can users have their privacy cake and eat it too
Could data science turn the tide in the fight against cybercrime? (Guardian) Hacking, fraud and other clandestine online activities have been making headlines in recent weeks, giving rise to concerns that law enforcement agencies are losing the war against cybercriminals. But just how serious a threat to the public is cyber crime, and could data science hold the key to reversing the trend? RSA, the cyber security arm of US big data firm EMC, specialises in the use of advanced analytics and machine learning to predict and prevent online fraud
Lessons to learn from the UGNazi hacking attacks against Mat Honan and Cloudflare (Naked Security) Technology journalist Mat Honan and Cloudflare CEO Matthew Prince have something in common - they've both been hacked by the UGNazi hacktivist group. And what they told the RSA Conference spells bad news for those of us who love to use the internet and embrace cloud-based technologies in our
RSA 2013: Internet titans clash over do-not-track on an internet that advertising helped build (SC Magazine) Privacy executives from the world's top tech and social media companies on Wednesday addressed industry concern over do-not-track" technology and conveyed a candid message: Data is often the currency paid for free online services. Speaking at the RSA Conference in San Francisco, the chief privacy officers of Mozilla, Microsoft and Facebook, and the senior privacy counsel for Google, gathered for a panel that touched on hot-button issues, such as do-not-track (DNT), mobile privacy, and the transference of user data via third-party applications
Cloud security forecast: Murky with an 80 percent chance of finger pointing (Network World) Despite the best efforts of cloud service providers and industry groups like the Cloud Security Alliance, cloud security remains a troublesome issue for IT execs. At an RSA session devoted to cloud security, IT security pros complained about the lack of transparency among cloud providers and how that makes it extremely difficult to make informed buying decisions
Segmentation Can Increase Risks If Firewalls Aren't Managed Well (Dark Reading) The multiplication of internal firewalls to comply with regulations and minimize risk to critical databases and applications has created a rat's nest of firewall configuration issues
FireEye delivers threat protection platform (Help Net Security) At RSA Conference 2013, FireEye announced its threat protection platform designed to help enterprises deploy new security models to counter modern cyber attacks. Many traditional defenses, such
Helping ISPs defend customers against bot infections (Help Net Security) At RSA Conference 2013 Kindsight announced the Kindsight Botnet Security service to help Internet service providers detect botnet activity in the network and protect subscribers against bot infections
CloudLock unveils Community Trust Rating (Help Net Security) CloudLock unveiled the Community Trust Rating as part of its Cloud Information Security Suite at RSA Conference 2013. The third-party application trust assessment system uses the collective intelligence
Stonesoft updates its free advanced evasion testing tool (Help Net Security) At RSA Conference 2013 in San Francisco, Stonesoft released Evader 2.01, an updated version of their advanced evasion software testing tool. Since its initial release at Black Hat in July, thousa
Cyber Attacks, Threats, and Vulnerabilities
MiniDuke Espionage Malware Hits Governments in Europe Using Adobe Exploits (Threatpost) MinidukeNew espionage malware has been discovered that targets a patched sandbox-bypass vulnerability in Adobe Reader. The attacks have hit a relatively small number of government victims in 23 countries, primarily in Europe, and rely on a string of unusual tactics, including the use of steganography to hide backdoor code, as well as the capability to reach out to Twitter accounts created by the attackers for links to command and control servers
NATO, European governments, hit by 'MiniDuke' cyber-attack (NDTV) Hackers targeted dozens of computer systems at government agencies across Europe through a flaw in Adobe Systems Inc's software, security researchers said on Wednesday, while NATO said it too had been attacked. The alliance said its systems had not been compromised, although it was sharing the details of the attack with NATO member states and remained vigilant. Security experts say governments and organizations such as NATO are attacked on a daily basis - although the sophistication varies wildly
MiniDuke: New cyber-attack 'hacks governments' for political secrets (RT) The governments of at least 20 countries may have fallen victim to a sophisticated new cyber-attack. Security experts believe the hackers are attempting to steal political intelligence
MiniDuke miscreants whip out old-school tricks to spy on world+dog (The Register) A new strain of malware designed to spy on multiple government entities and institutions across the world has been discovered by anti-virus firm Kaspersky Lab. MiniDuke has infected government entities in the Ukraine, Belgium, Portugal, Romania, the Czech Republic and Ireland. In addition, a research institute, two think-tanks, and a healthcare provider in the US were also compromised
APT1, that scary cyber-Cold War gang: Not even China's best (The Register) Shanghai hackers APT1 - outed this month in a high-profile report that linked them to the Chinese military - may not be China's top cyber-espionage team despite its moniker. Security experts say the team is more prolific than leet. The gang, believed to carrying out orders from state officials, was accused of siphoning hundreds of terabytes of sensitive data from computers at scores of US corporations. China's government has denied any involvement
China blames US hackers for attacks (Financial Times) China has countered accusations that its military has been conducting hacking campaigns by saying that its own two main official military websites are under constant attack from the US. "Last year, the Chinese Defence Ministry website and Chinamil.com were attacked 144,000 times a month on average," said Colonel Geng Yansheng, defence ministry spokesman. "Attacks originating in the US accounted for 62.9 per cent." The statement comes as Beijing finds itself increasingly on the defensive in the international debate about cyberwarfare and cyber espionage
Will China Retaliate? (To Inform Is To Influence) I received an interesting phone call today, from a well respected authority in the cyber field. Apparently the Intelligence and Cyber Communities are spinning up, thinking that China is about to launch retaliatory cyber attacks in response to the Mandiant report
Security tools reveal cyberintruders' trickery (USA Today) There is a silver lining to the rash of revelations about cyberintruders cracking into the networks of marquee U.S. corporations. Microsoft this week admitted to a major network breach, following in the footsteps of Apple, Facebook, Twitter, The New York Times, The Wall Street Journal and the Federal Reserve, all of which have made similar disclosures in February. However, the mea culpas also show that with persistent network breaches continuing to escalate, some large organizations have begun proactively gathering intelligence about what the bad guys are up to
Anti-Tibetan Attack Stems from Nvidia Abuse, Old RTF Vulnerability (Threatpost) A series of targeted attacks are continuing to bully a signed Nvidia application into dropping a backdoor that lets attackers root their way through the systems of Tibetan sympathizers
Fake Flash Player download pages pushing malware (Help Net Security) As you may already heard, Adobe has pushed out an update for Flash Player that fixes vulnerabilities discovered to be currently exploited in the wild in targeted attacks
Laptop of head of Israel's Atomic Energy Commission stolen (Press TV) The laptop computer of head of Israels Atomic Energy Commission (AEC) Shaul Horev has been stolen from his house, Israeli sources say. Police say the laptop may have contained top-secret information. According to Ynet, Horev is in charge of Israel's nuclear policy
Syria group claims credit for hacking AFP Twitter (Sydney Morning Herald) Online activists backing the regime of Syrian President Bashar al-Assad have claimed responsibility for hacking a Twitter account of French news agency Agence France-Presse. The account, @AFPphoto, was hacked about 3. 45am (AEDT) on Wednesday
Bank of America says leaked data did not come from their systems (Help Net Security) Bank of America has confirmed that some of the data included in the massive leak by Anonymous-affiliated group "Par:AnoIA" does belong to them, but that it didn't come from their owns systems, but those of a third-party contractor
Hacktivist group Anonymous targets Costa Rican websites (Tico Times) The Iberoamerican branch of hacktivist group Anonymous warned in a statement on its website that Costa Rican websites will be targeted as a consequence of a computer and information crimes law that went into effect last November. The group claims the law threatens citizens rights, press freedom, international agreements and the Costa Rican Constitution. Anonymous said their actions against Tico websites were to begin last Monday and would continue until late March
Vfx biz rage raises cyber attack fears (Variety) Growing anger in the struggling visual-effects community is raising concerns that some of its more extreme members could mount a cyber attack against a major vfx facility with the intention of damaging digital assets for one or more upcoming studio
Social media and cyber attack (New Europe) The Commons Lab today published a report on social media analyzing the potential threat they pose to society as far as cyber security, crowdsourcing and cyber attacks are concerned. According to Rebecca Goolsby, Ph.D, responsible forthe report: "Social media is responsible for much positive change in the world. But these new tools can be used by bad actors to foment strife and undermine stability, as seen during violent incidents in the Assam state of northeast India in July 2012. Cyber security efforts must take into account the growing potential for cyber-attack using social media, where hoax messages are incorporated into a stream of otherwise legitimate messages, and understand how quickly mobile apps and text services can disseminate false information"
Security Patches, Mitigations, and Software Updates
Facebook to fix bug leaking users' phone numbers (Computer World) Facebook is rolling out a patch to fix a rare bug in its API that had apparently been leaking users' phone numbers to app developers. The glitch, which was first reported back in June 2012, was affecting the email field in some mobile apps accessing Facebook's API (application programming interface). During the registration process users would give the developer permission to access their email address on file with Facebook
Cyber Trends
Overseas hackers nab more than 1TB of data daily (CNet) A new report shows that the recent wave of cyberattacks on the U.S. are coming from a highly sophisticated group of hackers that are most likely state-sponsored. The idea of governments waging futuristic cyberbattles and online espionage campaigns actually isn't too farfetched. A new study released today by Team Cymru basically says as much
Critical infrastructure now the target of most attacks (Federal Times) Overall cyber attacks are up, but most dramatically in the last year, the type of attack has shifted away from hacking and financially motivated crime toward cyber espionage focused on critical infrastructure, such as utilities, according to research from communications provider Verizon. These arent about stealing data and fraud, theyre about deny, disrupt and destroy, said Bryan Sartin, director of investigative response for Verizon. In its upcoming Data Breach Investigation Report, a yearly document that is one of the more noteworthy surveys of attacks released to the public, the company found that cyber espionage, once a far lesser component of the attack volume, is now dominating Overseas hackers nab more than 1TB of data daily
Europol boss warns of risks of the cloud (Cyberwarzone) Director of the European Cybercrime Centre of police organization Europol sees danger in the rapid development of cloud computing. "If I was Coca Cola, I would not save my recipe in the cloud," he said this week in Elsevier. Cloud providers have generally security is in order, but there are potential major risks associated with external storage of data
Corporate data loss hits highest levels since 2008 (Help Net Security) Recent incidents of corporate data loss hit the highest levels since 2008 as companies work to improve data security strategies against a greater variety of more sophisticated IT attacks that can pose severe enterprise and reputational risks
IT spending on smartphones beats spending on PCs for first time (FierceMobileIT) Last year, IT spending on smartphones exceeded spending on PCs for the first time, according to the latest stats from IDC
Marketplace
Pentagon Says Cuts May Hurt Intelligence-Gathering (Star Tribune) The Pentagon's top intelligence officials say looming automatic budget cuts and the downturn in defense spending put the development of essential intelligence-gathering tools in jeopardy
As Budget Cuts Loom, Is Government Shutdown Next? (Yahoo.com) With big, automatic budget cuts about to kick in, House Republicans are turning to mapping strategy for the next showdown just a month away, when a government shutdown instead of just a slowdown will be at stake
What Can Employees Expect If Unpaid Furloughs Kick In? (Washington Post) More than 1 million federal employees face unpaid furloughs because of automatic budget cuts that are set to kick in Friday unless lawmakers reach an agreement on reducing the deficit. Not all agencies expect to furlough employees, but few exceptions will apply where they do occur. The number of days and the scheduling will vary by agency and most likely will be spread out over weeks or even months
Budget Cuts May Spur Involuntary Separations (Army Times) While the Pentagon's military personnel budget accounts are exempt from sequestration, the automatic cuts could force the acceleration of already planned personnel reductions and increase the likelihood that the services have to make some of those cuts involuntary, the services personnel chiefs said Wednesday
Obama, Lawmakers Will Meet Friday (Washington Post) In a meeting planned for Friday, President Obama will push Republican congressional leaders to accept higher tax revenue in order to avoid deep spending cuts set to take effect on the same day
Parties Focus On The Positive As Cuts Near (New York Times) With time running short and little real effort under way to avert automatic budget cuts that take effect Friday, substantial and growing wings of both parties are learning to live with if not love the so-called sequester
House Bill Could Bring Some Defense Programs Forward (ExecutiveGov) The House is considering a defense appropriations bill that would let the Defense Department bring forward new programs before sequestration cuts would start affecting those programs, the Washington Business Journal reports. Some projects that could be moved forward include a multi-year contract for the V-22 Osprey tiltrotor aircraft, built by Boeing and Bell Helicopter, according to the Business Journal
Pentagon Unveils Secure Mobile Device Plan (InformationWeek) Military releases a new plan to accelerate the adoption of mobile devices and apps for both classified and unclassified use
FEMA aims to bring geospatial data into cloud environment (FierceGovernmentIT) To quickly share vast amounts of geospatial data on a natural disaster, the Federal Emergency Management Agency is seeking to develop a cloud environment to merge its data and processes
Civilian, contractor and uniformed staff percentages not yet determined (Nextgov) Each military service has distinct cyber support needs, officials said, and Cyber Command, like many information technology outfits, is suffering from a talent shortage. There also is the wild factor of looming budget cuts that begin on Friday unless
Demand in Cyber Security 'Secures' New Profits - Research Report on Sourcefire, Inc., Fortinet, Inc., Palo Alto Networks Inc, Symantec Corporation and AVG Technologies NV (MarketWatch) Today, Investors Alliance announced new research reports highlighting Sourcefire, Inc. FIRE +7.25% , Fortinet, Inc. FTNT +0.41% , Palo Alto Networks Inc PANW +1.63% , Symantec Corporation SYMC +3.43% and AVG Technologies NV AVG +3.33% . Today's readers may access these reports free of charge - including full price targets, industry analysis and analyst ratings - via the links below
Hackers inspire investors: a boon for Israeli cyber security companies (Haaretz) Other factors are the significant changes the field of cyber security is ... Martin and General Dynamics to make significant purchases in the field
BAE Systems Detica to play key role in MENA Cyber Defence Summit (AME Info) BAE Systems Detica, the cyber-security and information intelligence arm of BAE Systems, is supporting the upcoming Cyber Defence Summit Middle East and
STG Wins $88M to Provide Customs and Border Protection with Network Support (ExecutiveBiz) STG Inc. has won a task order under an $88 million General Services Administration single award blanket purchase agreement to provide network support to the Department of Homeland Security's Customs and Border Protection
BYOD security startup Armor5 raises $2 million from Citrix-led group (FierceMobileIT) Armor5, a cloud-based BYOD security startup, has raised $2 million in seed financing from Citrix Startup Accelerator, Nexus Venture Partners and Trinity Ventures. Armor5 said it offers a "zero touch" security service to safeguard intranet, cloud data and applications by ensuring that content from these systems does not reside on the end-user devices
Yahoo takes two steps back (FierceMobileIT) As I'm sure you are aware by now, Yahoo (NASDAQ: YHOO) CEO Marissa Mayer has decided to ban employees from working at home starting this June
Products, Services, and Solutions
Azure outage births free cert monitoring software (CSO) Cloud crash made Stackify mad as hell, so it did something about it
Comodo Introduces Endpoint Security Solution (Dark Reading) Panoramic display technology lets IT managers see endpoints' 12 critical metrics in one view
Swisscom chooses Huawei as supplier for its FTTS expansion (Lightwave Online) Swisscom has outlined plans to provide 80% of all the households in Switzerland with ultra-high-speed Internet access by no later than 2020 (see Swisscom plans fiber to the street expansion). Its plan includes a mix of technologies. While fiber-optic cables are being rolled out directly to homes and businesses in many towns and larger municipalities, Swisscom is focusing on fiber-to-the-street (FTTS) in areas away from major urban centers
Facebook expands custom audiences tool to help with ad targeting (Computer World) Facebook is allowing its advertisers to work with third-party marketing firms to help better target their ads on its social network. The change affects Facebook's custom audiences tool, which the company rolled out last year as a way for marketers to target people they've done business with in the past by using their phone number or email address. Some businesses work with partners for their marketing efforts, so Facebook is expanding the audiences tool to let them work with Datalogix, Epsilon, Acxiom and BlueKai to better target their ads, Facebook announced Wednesday
Brit firm PinPlus flogs another password 'n' PIN killer (The Register) The inventor who co-founded visual PIN company GrIDsure has become involved with another pattern-based authentication start-up in the hopes that the shoulder-surfer proof technology could replace two-factor authentication. His new company, Brit firm's PinPlus, does away with passwords and PINs by combining a method for securely delivering one-time codes to users, with an architecture for storing users' login "secrets" on servers. Instead of having to remember vulnerable passwords, users simply need to remember a pattern on a small (6 X 6) matrix of squares
Anticipatory cyber threat intelligence service (Help Net Security) Booz Allen Hamilton launched Cyber4Sight Threat Intelligence Services, which uses multiple data sources to identify and monitor an organization's unique cyber security profile, determine its "attack surface," and deploy military grade predictive intelligence to anticipate, prioritize and mitigate cyber threats 24/7
Qualys and Verizon join forces for new IT security and compliance solutions (Help Net Security) Qualys and Verizon announced an agreement to expand their relationship to deliver new advanced cloud-based IT security and compliance management services to organizations around the world
EchoStar licences Cryptography Research (Broadband TV News) Cryptography Research, a division of Rambus, has announced a license agreement with EchoStar Technologies, to adopt the Cryptography Research CryptoFirewall security core for use with EchoStar set-top box technologies to protect against TV signal
LG To Write Next Chapter For HP WebOS (InformationWeek) LG says it will use its newly acquired mobile operating system in smart TVs, not mobile devices. But what else does LG have in its smartphone arsenal?
Technologies, Techniques, and Standards
Parsing Windows Eventlogs in Powershell (Internet Storm Center) Recently, while chasing a malware, I wanted to review the local security log of a third party server to which I didn't have direct access. The administrator was willing to provide "a limited export" for my offline analysis. Newer Windows versions nicely enough provide more than one option to accomplish this
Cybersecurity framework will include controls and metrics (FierceGovernmentIT) The cybersecurity framework for private sector critical infrastructure called for by President Obama's executive order on Feb. 12 will specify "information security measures and controls" but not "particular technological solutions or specifications," says the National Institute of Standards and Technology
Design and Innovation
New Zealand Accelerator Lightning Lab Launches Its First Intake Of Nine Startups (TechCrunch) Wellington-based Lightning Lab, which bills itself as "the southern-most digital accelerator program on the globe," just announced its first intake of nine startups from across New Zealand and Australia, who will work with over 100 mentors
Academia
Could A MOOC Ease Your Talent Problems? (InformationWeek) Boston's EdX partnership with MIT should spur CIOs to consider creating their own massive open online courses to fill skills gaps
Legislation, Policy, and Regulation
Law Would Force Patent Trolls To Pay For Failed Lawsuits Against Innovators (TechCrunch) America's esteemed lawmakers want heavy penalties for those who abuse the patent system. A bipartisan bill has been proposed to force so-called patent trolls, those who hoard patents for the sole purpose of suing innovators, to pay the legal costs if their frivolous patent lawsuits fail in court. The Saving High-Tech Innovators from Egregious Legal Disputes (SHIELD) Act has been widely
Troll hunter: meet the Oregon lawmaker who may fix the patent mess (Ars Technica) Rep. Peter DeFazio took on the issue after a local software company got held up
UN chief warns 'new cold war' looms over the internet (EurActiv) A new cold war is brewing between Europe and other northern countries and the rest of the world over internet access, threatening to block talks on cyber security and data protection, the chief of the United Nations' telecommunications authority said. EurActiv reports from the GSMA conference in Barcelona. By creating a new cold war, we are making everyone a loser, it is a no-win situation
Tackling Online Hate Speech In Kenya (Eurasia Review) As the Kenyan government steps up efforts to curb hate speech in the run-up to the March 4 elections, observers say it remains extremely difficult to control what people say online. Internet use in Kenya has doubled every year since 2010. A major problem in combating hate speech on the web is the anonymity that users can exploit
GAO: rules for human services data sharing, privacy need clarification (FierceGovernmentIT) States and localities effectively exchange data to improve administrative efficiency and client services for federal human services programs, while protecting the beneficiaries' privacy and personal information, according to a Government Accountability Office report
Litigation, Investigation, and Law Enforcement
AT&T 'Hacker' Andrew Auernheimer's Sentencing Scheduled For March 18 (TechCrunch) Andrew Auernheimer and Internet activist (and Crunchies winner) Andrew Auernheimer's sentencing trial will take place on March 11, 2013 at 10:30am. Auernheimer aka Weev revealed a security flaw in AT&T's iPad user database, allowing him to scrape the data from 114,000 iPad users. He later published the data. The FBI investigated and filed a criminal complaint in January 2011. A full recounting
Here's what an actual 'Six Strikes' copyright alert looks like (Ars Technica) Ars asks and Comcast obliges, giving us copies of Alerts 1, 2, 4 and 5
One fake MIT shooter and the troubling trend of SWATting (Ars Technica) MIT may have been hoaxed in Aaron Swartz's name, but it's happened to Biebs and Miley
Japanese Police Arrest 27 File-Sharers in Nationwide Show of Force (TorrentFreak) Last year Japan introduced one of the toughest laws in the world for dealing with online piracy but with little visible action against file-sharers it was questioned whether the legislation would have teeth. That position has now dramatically switched, with police nationwide carrying out searches on 124 locations and arresting 27 people for online infringement. Those arrested face up to 10 years in jail
Bradley Manning's pre-trial court documents online via the Freedom of Information Act (Cyberwarzone) Bradley Manning's pre-trial documents are online because of the Freedom of Information Act. So far, Bradley Manning has been on trial for an excess of 1000 days, and his trial continues even to this day. It is obvious since day one that this trial has been biased against Mr. Manning
WikiLeaks Soldier To Take Witness Stand In Own Defense (Reuters) The U.S. Army intelligence officer accused of slipping military and diplomatic secrets to WikiLeaks is expected to take the witness stand on Thursday, when he will read aloud from a 35-page statement defending himself in the espionage case
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
RSA USA 2013 (San Francisco, California, USA, Feb 25 - Mar 1, 2013) RSA Conference continually evolves program offerings to meet the ever-changing needs of our delegates in the dynamic infosec industry.
Nullcon Goa 2013 (Bogmallo Beach Resort, Goa, India, Feb 26 - Mar 2, 2013) An international information security conference that will feature speakers and training. Topics include security and politics, vulnerability elimination, Android hacking, SCADA and smart grid penetration testing, and more.
NRO Winter Way Forward Conference (Chantilly, Virginia, USA, Feb 28, 2013) This annual event will provide an increased awareness, understanding and support among the IT workforce by focusing on the NRO IT Way-Forward in terms of the NRO IT Sub-Portfolio Roadmaps. Exhibitors will gain valuable networking time with conference attendees and all NRO personnel.
TechMentor Orlando 2013 (Orland, Florida, USA, Mar 4 - 8, 2013) Celebrating 15 years of educational events for the IT community, TechMentor is returning to Orlando, Florida, March 4-8, for 5 days of information-packed sessions and workshops. Surrounded by your fellow IT professionals, you will receive immediately usable education that will keep you relevant in the workforce. TechMentor track topics include:Windows PowerShell and AutomationCisco and Networking Infrastructure Windows Server Management Windows Client Management Cloud and Virtualization Identity, Access Management and Security Performance Tuning and Troubleshooting Mobility and BYOD Messaging and Collaboration.
IHS CERAWeek 2013 (Houston, Texas, USA, Mar 4 - 8, 2013) IHS CERAWeek 2013 will offer new insight on the energy future -- and on the strategic and investment responses by producers, consumers and policy-makers. What are the changes ahead in the competitive landscape for oil, natural gas, coal, renewables, and nuclear power? How will the global unconventional oil and gas revolution change the game for all energy participants? What will be the fuel and technology choices of the future. Michael Hayden will deliver the keynote. While primarily concerned with the energy sector, the conference may also be of interest to the cyber security industry.
Business Insurance Risk Management Summit (New York City, New York, USA, Mar 5 - 6, 2013) The annual Risk Management Summit, now in it its fourth year, provides attendees with focused insight via specific, timely general sessions and strategic, thought-provoking discussions with peers and industry leaders.
CanSecWest 2013 (Vancouver, British Columbia, Canada, Mar 6 - 8, 2013) CanSecWest, the world's most advanced conference focusing on applied digital security, is about bringing the industry luminaries together in a relaxed environment which promotes collaboration and social networking. The conference lasts for three days and features a single track of thought provoking presentations, each prepared by an experienced professional and talented educator who is at the cutting edge of his or her field. We give preference to new and innovative material, highlighting important, emergent technologies, techniques, or best industry practices. It will feature a bigger, enhanced Pwn2own.
e-Crime Congress 2013 (London, England, Mar 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding digital assets and sensitive information, protecting customers, defending against internal or external threats and responding to incidents.
CTIN Digital Forensics Conference (Seattle, Washington, USA, Mar 13 - 15, 2013) Speakers include experts and published authors in the field of digital forensics and cybersecurity. Topics include; Mobile Device Forensics, Internet Forensics, Physical Memory Analysis, Open Source Tools, Data Carving, Registry Forensics, Placing the Suspect Behind the Keyboard, Triage and Live Forensics CDs, and more.
Google and University of Maryland Cybersecurity Seminar (College Park, Maryland, USA, Mar 14, 2013) Dr. Ari Juels, Chief Scientist of RSA, The Security Division of EMC, and Director of RSA Laboratories, will discuss "Aggregation and Distribution in Cloud Security." His talk will feature information on cloud computing and virtualization, a key supporting technology. Cloud computing offers flexibility and agility in the placement of resources. Certain risks, however, arise from cloud services' tendency to aggregate sensitive data and workloads. He will discuss side-channel attacks resulting from the co-location of disparate tenants' virtual machines (VMs) on hosts and the vulnerabilities posed by databases aggregating the authentication secrets, e.g., password hashes, of numerous users. Conversely, cloud computing offers new opportunities to distribute data. Dr. Juels will also describe a new, research-driven RSA product that splits sensitive data across systems or organizations, removing the single points of compromise that otherwise naturally arise in cloud services.
Department of Homeland Security 6th Annual Industry Day (Washington, DC, USA, Mar 18, 2013) The Department of Homeland Security (DHS) will be hosting its 6th Annual Industry Day to provide advanced acquisition planning information to industry. DHS Industry Day will consist of two sessions, the morning session will be procurement-centric with an emphasis on procurement issues, policies and programs. The afternoon session will be Chief Information Officer (CIO) IT-centric. Both sessions will provide acquisition information concerning specific program areas.
IT Security Entrepreneurs' Forum (ITSEF 2013) (Palo Alto, California, USA, Mar 19 - 20, 2013) Supported by the U.S. Department of Homeland Security, Office of Science and Technology, ITSEF 2013 aims to connect the ecosystem of the entrepreneur: industry, government, and academia. The conference will advance innovation, lead change and build trusted global collaboration models between the public and private sectors to defeat Cybersecurity threats.
The Future of Cyber Security 2013 (London, England, UK, Mar 21, 2013) Cyber Security and the Citizen 2013 is a one-day conference and exhibition for senior decision-makers of central and local government organisations, NGOs and major private sector enterprises.
SANS Cyber Threat Intelligence Summit (Washington, DC, USA, Mar 22, 2013) Conventional network defense tools such as intrusion detection systems and anti-virus focus on the vulnerability component of risk, and traditional incident response methodology presupposes a successful intrusio…Network defense techniques which leverage knowledge about these adversaries - known as cyber threat intelligence - can enable defenders to establish a state of information superiority which decreases the adversary's likelihood of success with each subsequent intrusion attempt…The goal of this summit will be to equip attendees with knowledge on the tools, methodologies and processes they need to move forward with cyber threat intelligence. The SANS What Works in Cyber Threat Intelligence Summit will bring attendees who are eager to hear this information and learn about tools, techniques, and solutions that can help address these needs.
AFCEA Belvoir Industry Days 2013 (National Harbor, Maryland, USA, Apr 2 - 3, 2013) The purpose of this event is to inform the IT community about the recent successes and the forward-thinking opportunities that the Department of Defense and the Department of the Army have developed.
CSO40 (Braselton, Georgia, USA, Apr 2 - 3, 2013) The CSO40 Security Confab + Awards will honor and share the critical viewpoints of today's leading CSOs, CISOs and security executives at the nation's leading CSO thought leadership conference.
Cloud Connect Silicon Valley (Santa Clara, California, USA, Apr 2 - 5, 2013) Cloud Connect returns to Silicon Valley, April 2-5, 2013, for four days of lectures, panels, tutorials and roundtable discussions on a comprehensive selection of cloud topics taught by leading industry experts.
An Evening in Cyberspace: Supporting Tomorrow's Cybersecurity Leaders (National Harbor, Maryland, USA, Apr 6, 2013) UMUC is pleased to present An Evening in Cyberspace: Supporting Tomorrow's Cybersecurity Leaders. Join us for this special black-tie event to support the next generation of cybersecurity students. The evening will feature a reception, dinner, keynote and entertainment.
Cyber 1.3 (, Jan 1, 1970) Maj. Gen. Suzanne Vautrinot, USAF, commander, 24th Air Force, and commander, Air Force Network Operations, will discuss the global strategic implications that relate to the cyber domain at the Space Foundation national conference Cyber 1.3, to be held Monday, April 8th, at The Broadmoor Hotel in Colorado Springs, Colorado. Cyber 1.3 is a full-day conference that takes place immediately before the official opening of the 29th National Space Symposium. The conference includes a networking breakfast, a luncheon and concludes with a networking reception, co-sponsored by General Dynamics Advanced Information Systems. Government Executive Media Group is a Cyber 1.3 media co-sponsor.
HITBSecConf2013 (Amsterdam, the Netherlands, Apr 8 - 11, 2013) HITB2013AMS will feature cutting edge attack and defense research including the a presentation on the inner workings of the iOS 6.1 Evasi0n jailbreak presented by members of the world famous Evad3rs Team, a brand new kernel level exploit affecting _all versions_ of Microsoft Windows up till Windows 8 and even a presentation on remotely hacking airplanes.
INFILTRATE 2013 (Miami, Florida, USA, Apr 11 - 12, 2013) INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Researchers focused on the latest technical issues will demonstrate techniques that you cannot find elsewhere.
Information Tech Expo Series - Hawaii (Oahu, Hawaii, USA, Apr 12 - 19, 2013) This 6-series showcase will feature stops at 5 DoD locations and 1 Intel Center on the island of Oahu. Celebrating 20 years of these expos is a true testament to the government and military's readiness to learn from and work with industry partners. .
InfoSec World Conference & Expo 2013 (Orlando, Florida, USA, Apr 15 - 17, 2013) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen your security without restricting your business.
Infosec Southwest 2013 (Austin, Texas, USA, Apr 19 - 21, 2013) InfoSec Southwest is intended to be a general security and hacking conference with no specific industry or topical focus. As such, nearly all topics (other than vendor pitches) are fair game and the attending audience is expected to span all demographics.
23rd Annual Government Procurement Conference (Washington, DC, USA, Apr 25, 2013) This unique one-day event attracts more than 3,000 participants representing government agencies, prime contractors and small businesses from around the country. Participating companies are able to network with procurement officials from federal, state and local government agencies under one roof.
Interop Las Vegas (Las Vegas, Nevada, USA, May 6 - 10, 2013) Attend Interop Las Vegas, May 6-10, and attend the most thorough training on Apple deployment at the NEW Mac & iOS IT Conference. Join us in Las Vegas for access to 125+ workshops and conference classes, 350+ exhibiting companies and the latest technology.
Maryland/DC Celebration of International Trade (Linthicum, Maryland, USA, May 21, 2013) Join Maryland exporters and international business experts as they celebrate International Trade Week. Hosted by the Maryland/DC District Export Council this event is a content rich celebration of international trade. Participate in expert discussions lead by manufacturers, legal, financial, transportation and industry experts as well as government leaders in eight vertical tracks for a total of 24 highly interactive 90 minute sessions.
Consumerization of IT in the Enterprise Conference and Expo (San Francisco, California, USA, Jun 2 - 4, 2013) From smartphones to mobile apps, social software and 4G networks, the wave of innovation in the consumer space is transforming the way companies do business, both inside and outside of the enterprise. Over two and a half action packed days, CITE 2013 will bring together IT and business executives, venture capitalists and other practitioners to showcase leading efforts and teach others how to make the most of this transformation.
25th Annual FIRST Conference (Bangkok, Thailand, Jun 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.
SECRYPT 2013 (Reykjavik, Iceland, Jul 29 - 31, 2013) The 10th International Conference on Security and Cryptography (SECRYPT 2013) will take place from 29 to 31 July 2013 in Reykjavik, Iceland…The conference will focus on information systems and network security, including applications within the scope of knowledge society in general and information systems development in particular, especially in the context of e-business, internet and global enterprises. It will bring together researchers, mathematicians, engineers and practitioners interested in security aspects related to information and communication.
TechCrunch Disrupt San Francisco (San Francisco, California, Sep 7 - 11, 2013) For the fourth year in a row, TechCrunch Disrupt will take over the San Francisco Design Center Concourse, and we're bringing the hottest startups and best minds in the industry with us. Block off September 7-11 on your calendar, because you're not going to want to miss Disrupt SF 2013. The Hackathon kicks everything off, followed by our main event, which starts every morning with panels of special speakers and guests, one-on-one chats featuring TechCrunch writers and editors, special guest speakers and judges, leading venture capitalists and fascinating entrepreneurs addressing the most important topics facing today's tech landscape. In the afternoons, the Startup Battlefield presentations begin, with the final presentations held on the last day of Disrupt.