The CyberWire Daily Briefing for 5.16.2013
Syria disconnects from the Internet again, with some evidence that Assad's regime may be responsible for the isolation. Algerian members of "Hannibal Team" attack Qatar's Ministry of Islamic Affairs to show solidarity with the pro-Assad Syrian Electronic Army.
A British study suggests that Stuxnet, by exposing vulnerabilities at Iran's Natanz uranium enrichment facility, may have helped more than hindered that country's nuclear program.
Taiwanese cyber rioters release DNS information on Pastebin that could affect Philippine government websites. Trend Micro finds Islamist traces among poisoned urls used in Anonymous' fizzled OpUSA.
Webroot finds malware in a Chinese calculator Android app. Cisco discloses (and swiftly patches) a denial-of-service vulnerability in its TelePresence Supervisor. Venerable spam botnet malware PushDo reappears with a new domain generation algorithm. Exploits for Linux kernel vulnerabilities spread in the wild.
Bogus FedEx and Deutsche Bahn messages circulate malware. Hacker "Ag3nt47" claims to have exploited an SQL vulnerability on Harvard, Stanford, and MIT networks.
Last week's ATM thefts reveal that pay card transactions have moved beyond the control of merchants, and this realization (along with the attendant vulnerabilities the caper exposed) embarrasses India's IT services sector.
Privacy concerns about lawful (or perhaps less-than-lawful) intercept operations rise on revelations of US Justice Department access to journalistic and Congressional communications. Advocates wonder if Skype traffic is routinely provided to law enforcement, and Eustace Tilley's New Yorker, not generally thought of as an investigative powerhouse, offers informants a Tor-accessible dead-drop box.
The Australian budget apparently contains less cyber money than rumor predicted.
Notes.
Today's issue includes events affecting Algeria, Australia, Belgium, Canada, Croatia, Dominican Republic, Estonia, France, Germany, Iran, Italy, Japan, Latvia, Malaysia, Mexico, Philippines, Qatar, Romania, Singapore, Spain, Syria, Taiwan, Thailand, United Arab Emirates, United Kingdom, and United States..
Cyber Attacks, Threats, and Vulnerabilities
Internet down in Syria (UAE 24/7) Syrian rebels launched a coordinated assault on the main prison in the northern city of Aleppo on Wednesday in an attempt to free hundreds of regime opponents believed to be held in the facility, activists said, while an Internet blackout engulfed the country for the second time in two weeks
Qatar Ministry of Islamic Affairs Website Hacked by Hannibal Team (Hack Read) Group of Algerian hackers going with the handle of Hannibal Team has hacked and defaced the official website of Qatar's Ministry of Awqaf and Islamic Affairs, dedicating the hack to the world renowned hackers of Syrian Electronic Army
Stuxnet worm 'increased' Iran's nuclear potential (Telegraph) Iran's nuclear potential may have been significantly increased by the Stuxnet worm that is believed to have infected the country's uranium enrichment facility at Natanz in 2009 and 2010, new research claims. The report, published in the Royal United Services Institute (RUSI) journal, claims the Stuxnet worm exposed vulnerabilities in Iranian enrichment facilities that would otherwise have gone unnoticed, and that production actually went up in the year after it was allegedly discovered
Taiwanese hackers leak Philippine govt website info (AsiaOne) Taiwanese hackers yesterday revealed Philippine government security information, the latest salvo in a cyber battle that erupted after the shooting of a fisherman.The release of Domain Name System (DNS) information on a website called Pastebin could affect over 2,300 Philippine government websites and that country's May 13 presidential election.Both Taiwanese and Philippine hackers paralysed the websites of both countries' presidents, as well as those of Taiwan's Ministry of National Defence
Researchers reveal OpUSA attackers' MO (Help Net Security) Anonymous' highly publicized Operation USA has not been the resounding success they expected it to be. Sure, the number of sites sporting a page containing messages from the attackers was big, but they mostly belonged to small businesses and individuals, and some of them not even to U.S. citizens and organizations
New versatile and remote-controlled "Android.MouaBot" malware found in the wild (Webroot Threat Blog) Recently, we discovered a new malicious Android application called Android.MouaBot. This malicious software is a bot contained within another basic app; in this case, a Chinese calculator application. Behind the scenes, it automatically sends an SMS message to an auto-reply number which replies back to the phone with a set of commands/keywords. This message is then parsed and the various plugins within the malicious packages are run or enabled
Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability (Internet Storm Center) Cisco TelePresence Supervisor MSE 8050 contains a vulnerability that may allow an unauthenticated, remote attacker to cause high CPU utilization and a reload of the affected system
PushDo Malware Resurfaces with DGA Capabilities (Threatpost) The PushDo malware family is back, this time with a domain generation algorithm that helps it avoid detection and add resiliency to its capabilities
Malware Behind Oldest, Most Active Spam Botnet Gets Refresh (CRN) Researchers at antibotnet vendor Damballa Labs performed malware analysis on the new Pushdo variant and monitored several of the domains generated by the
Analysis of Malicious Document Files Spammed by Cutwail (Spiderlabs) In our Global Security Report, we highlighted a zero day vulnerability in the Windows Common Controls affecting Microsoft Office (CVE-2012-0158). This was reportedly being used for targeted attacked against NGOs and human rights activist.Over the past week, the Cutwail botnet has been sending out spam containing malicious documents of the aforementioned vulnerability, CVE-2012-0158. The use of a loaded RTF attachment is a departure from normal for Cutwail, usually it distributes executable
Heads-Up - Exploit for local Linux kernel bug in circulation - Update (H-online) ack in April, the Linux kernel developers fixed an incorrectly declared pointer in the Linux kernel. However, it appears that they overlooked the potential security implications of such a bug particularly the fact that it is possible to gain access to almost any memory area using a suitable event_id. The developers only got into gear and declared the bug as an official security hole (CVE-2013-2094) after an exploit was released that proves that normal, logged-in users can gain root access this
Critical Linux vulnerability imperils users, even after "silent" fix (Ars Technica) A month after critical bug was quietly fixed, "root" vulnerability persists.For more than two years, the Linux operating system has contained a high-severity vulnerability that gives untrusted users with restricted accounts nearly unfettered "root" access over machines, including servers running in shared Web hosting facilities and other sensitive environments. Surprisingly, most users remain wide open even now, more than a month after maintainers of the open-source OS quietly released an update
Spam Posing as FedEx E-mail Delivers Gamarue Trojans Instead of Packages (Hot for Security) A new wave of malicious FedEx spam delivers Trojans instead of packages, infecting users with malware when opening the attachments. In the last couple months, the Gamarue Trojan has spread intensely in the US, Australia, Croatia, Romania, Iran, the UK, Germany and Spain.This tracking update has been requested and attached to this email, the malicious message reads. Reference information includes: Invoice number, Reference, Special handling/Services, Residential Delivery
Researchers uncover large cyberfraud operation targeting Australian bank customers (Computer World) Security researchers from Russian cybercrime investigations firm Group-IB have uncovered a cyberfraud operation that uses specialized financial malware to target the customers of several major Australian banks.Over 150,000 computers, most of them belonging to Australian users, have been infected with this malware since 2012 and were added to a botnet that Group-IB researchers have dubbed "Kangaroo" or "Kangoo," after a kangaroo logo used on the command-and-control server's interface
MIT, Stanford University & Harvard University Breached, Personal Details Leaked by Ag3nt47 (Hack Read) A hacker going with the handle of Ag3nt47 has breached the official website Massachusetts Institute of Technology, Stanford University & Harvard University, as a result the personal and login details of staff have been leaked online.Ag3nt47 who announced his hack on Twitter claims to found SQL vulnerability on all three servers, allowing hacker to breach the servers and access the personal details of staff and students.Leaked data contains database, usernames, addresses and emails without passwords
EC-Council hacked by Godzilla for creating cyber security awareness (E Hacking News) Yes, it is Cyberspace, here no one can assure 100% Security but it doesn't mean that you can ignore the security holes. Godzilla the hacker who breached the Pakistani Government websites few months ago has claimed to have identified multiple security flaws in EC-Council website(eccouncil.org).EC Council is best known for its professional certifications for the IT security field, especially 'Certified Ethical Hacker(CEH)'.The hacker claimed to have gained access to admin desk and accessed the
Fake Deutsche Bahn Ticket Reservation Infects Germans with Malware (Hot for Security) A recent wave of malware-laden spam e-mails infects recipients with the Gamarue Trojan. The malware is delivered as an attachment disguised as an on-line train ticket reservation at Deutsche Bahn, the German passenger transportation and logistics company.The dangerous messages inform receivers of a successful on-line ticket reservation at Deutsche Bahn (German Railways) and politely ask them to print the attached ticket on paper and present it to the ticket collector along with their ID card
CUSD suffers cyber attack: District computers fall victim to hacking (Enterprise-Record) Computers belonging to the Chico Unified School District came under what appears to have been a focused cyber attack that put them out of commission between Friday and Tuesday. Friday, Jason Gregg, CUSD director of information technology
Card Processor Hit In A $40 Million Breach. Was It Yours? (Storefront Backtalk) A U.S. payment card processor was attacked in February as part of a $40 million cyberheist, federal prosecutors said last Thursday (May 9)--but they didn't identify who the processor was. That left retailers no way of knowing whether their processor was the one that thieves breached to gain essentially unlimited access to the processor's systems, potentially including merchant card data
ATM theft puts Indian IT in unwelcome spotlight (Times of India) A breach of security at two payment card processing companies in India that led to heists at cash machines around the world has reopened questions on the risks of outsourcing sensitive financial services to the Asian nation.Global banks that ship work to be processed in India, either in-house or to big IT services vendors, were already under pressure to step up oversight of back-office functions after a series of scandals last year.Last week, US prosecutors said a global criminal gang stole
Cars' Internet connectivity poses cyber attack threat (Zee News) According to a report by Stuff.co.nz, a new office within the agency will research upon the vehicle electronic safety and analyze the potential cyber attack risks leading to catastrophic accidents. As cars are increasingly controlled electronically
Hacking charge stations for electric cars (Help Net Security) The vision of electric cars call for charge stations to perform smart charging as part of a global smart grid. As a result, a charge station is a sophisticated computer that communicates with the electric grid on one side and the car on the other. To make matters worse, it's installed outside on street corners and in parking lots
Developers Reverse Engineer Wii U GamePad, Conclude it is an 'Unsecure' Device (Game Politics) A group of developers have released a video showing the results of reverse engineering the Nintendo Wii U GamePad. The little experiment shows how the GamePad communicates with the main console system and notes that it isn't a very secure device. Speaking at length with Eurogamer's Digital Foundry one of the developers involved in the project - Pierre Bourdon - says that "The GamePad is actually not a very secure device…The device firmware is stored in an unencrypted Flash, which allowed us to reverse engineer the binary code pretty easily"
Is Microsoft reading your Skype communications? (Help Net Security) The question of whether Skype - a Microsoft subsidiary since May 2011 - allows U.S. intelligence and law enforcement agencies to access the communications exchanged by its users has still not been adequately
Auditors uncover IT vulnerabilities at EPA Office of Research Division facilities (FierceGovernmentIT) Environmental Protection Agency auditors say information technology controls at Office of Research Division research facilities need improvement following an assessment of five facilities that uncovered vulnerabilities such as unsecured workstations
Mobile crimeware and the global criminal marketplace (Help Net Security) The sprawling mobile devices marketplace has spawned an industrialized mobile financial fraud plexus that today drives increasingly sophisticated criminal technical innovation to exploit the mobile device
Security Patches, Mitigations, and Software Updates
Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability (Cisco) Cisco TelePresence Supervisor MSE 8050 contains a vulnerability that may allow an unauthenticated, remote attacker to cause high CPU utilization and a reload of the affected system. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available
Adobe Gets Busy With Fixes For ColdFusion, Reader, Flash (CRN) Adobe issued a security update Tuesday repairing dozens of flaws in Flash and its PDF software as well as a dangerous zero-day vulnerability attackers are actively targeting in its ColdFusion software that may be linked to a spate of recent data breaches
Cyber Trends
Mass Customized Attacks Show Malware Maturity (Dark Reading) The malware universe is typically divided into targeted attacks and mass, opportunistic attack, but a middle category--mass customized malware--poses a more serious threat for business
Malware is dangerous because it is invisible and persistent: Trend Micro (CSO) The problem with sophisticated malware is that it tries to be invisible and persistent for as long as possible, according to Trend Micro global chief technology officer, Raimund Genes.To back up his claim, Genes points to a report from Trustwave that sets the average time from the infiltration and breach of corporate resources until detection at 210 days or longer.Learn how smart CIOs are protecting customers from security breaches"In the case of RSA Security's breach [in 2011], the malware was
Executive order, NIST initiatives may help electric providers get ahead of the threat (SC Magazine) There's no questioning how vulnerable the energy sector and its electric segment are to cyber attacks. Still, it is a valuable discussion to have, as technology is rapidly gaining a larger role in critical infrastructure operations. As security professionals, we all know that quickly advancing technology has a double-edged effect, providing increased computing power and opportunity for the good guys, and an expanded attack surface for the bad guys
Application vulnerabilities remain security's biggest concern (Infosecurity Magazine) It is generally accepted that the adoption of cloud technology is hampered by concerns over cloud security. Now (ISC)² has partnered with the Cloud Security Alliance to develop new training and a new certification in cloud security. (ISC)² tackles
Android malware rise could be 'game changer,' warns F-Secure (FierceMobileIT) IT managers spend many sleepless nights worrying about the security risks being introduced by employees who bring their own devices. And a new report from F-Secure showing a marked rise in Android malware is not going to help them sleep any better. The report found that mobile malware developers are zeroing in on the Android operating system, much like earlier malware authors focused their efforts on Microsoft's (NASDAQ: MSFT) Windows, F-Secure warned
Health care breach victims plummet (CSO) Tougher rules and big settlements are said to be behind the fall in affected clients, but one group calls it the 'calm before the storm'
Marketplace
Despite $1.46b furphy, 2013-14 Budget offers slim pickings for cyber security (CSO) Months on from the government's bold PR initiative in which it said it would spend $1.46 billion on IT security, the release of the 2013-14 federal budget has shown little additional financial support for this and other cyber security initiatives
Army says software wasn't needed (Bryan County News) A request for specific intelligence software that was later rescinded by the requestor, Maj. Gen. Robert "Abe" Abrams, commander of the 3rd Infantry Division and Regional Command-South in Afghanistan, received an official explanation Thursday from an Army spokesman at the Pentagon. Lt. Col. Jerome Pionk, team chief for Weapons, Environment and Technology at Army Public Affairs, referred to the software story that became a national issue due to a heated exchange reported April 30
Army Seeks 165k of Space Near Fort Meade (Patch.com) The U.S. Army is seeking to lease between 125,000 and 165,000 square feet of top office space within 10 miles of Fort Meade, according to a recent solicitation notice. The notice calls for "Class A" office space with a Level III security level
Savings from data center consolidation unclear, likely minimal so far (FierceGovernmentIT) Savings so far from federal data center consolidation are difficult to estimate for their lack of reporting, but are "believed to be minimal" as of last November--nearly 3 years after the Office of Management and Budget launched an initiative to reduce the number of federal data centers by 40 percent--says the Government Accountability Office
Analytics, optimisation to drive $5bn DPI market (Rethink Wireless) Deep Packet Inspection (DPI) was initially commercialised following regulatory and security requirements for monitoring network traffic, but the technology is gaining popularity as a means of better managing network traffic whilst maximizing revenue
SAIC Signs Agreement With Department of Homeland Security To Be A Commercial Service Provider (4-Traders) Science Applications International Corporation (SAIC) (NYSE: SAI) signed a Memorandum of Agreement (MOA) with the Department of Homeland Security (DHS) Enhanced Cybersecurity Services (ECS) program to become a Commercial Service Provider (CSP) of approved ECS services that will strengthen protection of U.S. critical infrastructure against imminent cyber attacks. In accordance with the MOA, SAIC is developing the capability and security certifications to utilize threat indicators for securing critical infrastructure customers against cyber threats
V3 Hot Seat: Sophos director of technology strategy James Lyne (V3) For this reason the appearance of Sophos' 26-year-old cyber security whiz-kid James Lyne is all the more astounding. Already a master at numerous cyber
Defense Department Employees Prepare For Furloughs (WJZ-CBS Local) Thousands of civilian Defense Department employees are bracing for furloughs forced on them by the sequestration budget cuts. Derek Valcourt explains those furloughs will hit especially hard at Fort Meade in Anne Arundel County
Spreading the word about cybersecurity (FCW) Outside of DOD, DHS and the National Security Agency, it also is tough to attract the cybersecurity professionals desperately needed to defend government networks against attacks. And even at the agencies that appear most alluring to would-be cyber
IT security jobs: What's in demand and how to meet it (Help Net Security) The information security job market continues to expand. In fact, according to a report by Burning Glass Technologies, over the past five years demand for cybersecurity professionals grew 3.5 times faster
To ensure funds for your hospital's IT security efforts, be proactive (FierceHealthIT) Looking to ensure funding for your healthcare organization's security efforts? You'd be wise to take a proactive approach, hospital IT personnel recently told HealthcareInfoSecurity. Chuck Christian, CIO at Columbus, Ga.-based St. Francis Hospital, compared the task to buying insurance. "Getting and maintaining funding is always a chore; that is, unless you have an 'issue' that you've recently had to deal with," Christian said. "Project-specific funding is an approach, but these may be tied to physical hardware acquisitions; other projects may be related to program or risk analysis"
Korean anti-malware temptress taps up FireEye partners (CRN) Korea's largest IT security vendor has landed in the UK and is looking to take on FireEye with its anti-malware offering. Nine-hundred-strong Ahnlab may be Korea's answer to Symantec but it is largely unheard of in the West, having only launched in the US a year ago
VMware Fights Android BYOD Headaches (InformationWeek) VMware's BYOD ambitions kick into gear through its partnership with Verizon. But is the virtualization heavyweight making its mobile management play too late
Booz Allen, Engility, SAIC Win Navy Shore Net IDIQs (GovConWire) Booz Allen Hamilton (NYSE: BAH), Engility Corp. (NYSE: EGL) and Science Applications International Corp. (NYSE: SAI) have each won three-year contracts to help the U.S. Navy operate shore networks. Awardees will compete for task orders to perform work during the three-year ordering period, the Defense Department said Monday
Dave Tarbell Named EADS North America Compliance Head (GovConWire) Dave Tarbell, a former defense deputy under secretary for technology security policy, has joined EADS North America as chief compliance officer and vice president of trade and security. The 20-year Defense Department veteran will oversee the company's trade and security compliance functions including ethics, EADS North America said Monday. He will report to Sean O'Keefe
Former ManTech VP joins TASC to lead intelligence, cyber (Washington Business Journal) Chantilly-based TASC Inc. has appointed Joseph Pacileo vice president of the Mission Solutions business unit, overseeing operations supporting intelligence and cyber customers at Fort Meade, Md
Products, Services, and Solutions
Tyfone Connected Smart Card Solution Fixes Cyber Security and Biometric Vulnerabilities (MarketWatch) Tyfone combines local- and cloud-based technologies for trusted verification of passwords, biometrics and other digital ID credentials to counter security breaches
Sampan Security, Inc. Announces FireTower Guard Business (EIN) FireTower Guard Business and Business Enhanced offer automatic, real-time protection against zero-day attack malware and Advanced Persistent Threats and provide network management tools for Windows-based business networks
Social Roulette is forced by Facebook to commit its own social suicide (Naked Security) Oh look, Sally Chipper wants you to like her new Page, Joe Smith is doing something with make-believe farm animals, and Misty Dogood wants you to sign three petitions
The New Yorker launches anonymous dead-drop tool (Help Net Security) Popular U.S. magazine The New Yorker has made available for its potential sources an anonymous dead-drop tool that allows them to send and receive messages and files to the publication's journalists without revealing their actual identity
Belkin releases secure switch for government agencies (Help Net Security) Belkin released its Advanced Secure KM Switch and its Advanced 8 & 16-port Secure DVI-I KVM Switches. Both product sets are designed for government agencies and financial markets that need to safely
New 2-factor authentication for the finance industry (Help Net Security) OneID released OneID Confirm, a customizable two-factor authentication solution. It is based on the same architecture as the OneID Suite, a set of integrated digital identity solutions that eliminate
Google's Software-Defined Network: Take A Look (InformationWeek) Few examples of a live SDN implementation exist. Google shared details on its production use of OpenFlow in its SDN network at this spring's Open Networking Summit
Google I/O Features Sensor Network (InformationWeek) Hundreds of sensors will measure environmental conditions at Google I/O, and the hardware designs will be available as open source
ServiceNow Revamp Stars Cloud Provisioning (InformationWeek) Cloud Provisioning acts as a virtual machine orchestrator for VMware and Amazon Web Services cloud environments
Salesforce Improves Mobile Access To Chatter Files (InformationWeek) Salesforce.com's new Chatter mobile app makes browsing and searching files easier on phones and tablets
Qualcomm and Kaspersky sign mobile protection deal for Android devices (CSO) Snapdragon-enabled mobile devices will come preloaded with Kaspersky Security
Technologies, Techniques, and Standards
Internet Crime Cost Consumers More Than A Half-Billion Dollars Last Year (Dark Reading) Number of cases reported by consumers to FBI-partnered Internet Crime Complaint Center increased by nearly 10 percent last year, with scams in auto fraud, FBI impersonation via email, extortion at the top of the list. Consumers lost an average of $1,800 last year in Internet crimes and a total of $535 million overall, according to the Internet Crime Complaint Center's (IC3) annual report on consumer complaints it received in 2012
Secure Software Standard In The Spotlight (Dark Reading) Microsoft, among others, sees ISO application security standard as a way to spark widespread adoption of secure development programs. A little-known ISO standard for application security is gathering steam with the help of Microsoft. The ISO/IEC 27034-1, "Information technology -- Security techniques -- Application security" standard released in the fall of 2011 until this week mostly had remained in the obscurity of the standards community, when Microsoft announced that its Secure Development Lifecycle (SDL) framework and strategy for secure coding conforms with the ISO standard. SDL was already referenced in the standard as an example of a secure development process that can help software developers conform to ISO/IEC 27034-1
Honeynet Project Researchers Build Publicly Available ICS Honeypot (Threatpost) Two industrial control system researchers have built an ICS honeypot they hope others will deploy on critical infrastructure networks
Is It Wrong to Use Data From the World's First 'Nice' Botnet? (Wired) When Morgan Marquis-Boire heard about the Internet Census 2012, he was excited. Marquis-Boire, a Google engineer by day, spends his spare time looking for state-sponsored spyware, and here was something new that he could use. The Internet Census was the result of a massive and unprecedented internet scan that compiled data on about 1.3 billion Internet Protocol addresses
Cyber Security Continuous Improvement: Do Something (Automation World) Industrial cyber security concerns and tactics were woven throughout The Automation Conference 2013. A keynote session focused on the myth of air-gap protection, while members of the Ask the Experts Panel on Ethernet on the Plant Floor ended by answering questions about where to start with cyber security
How to measure the biggest and most dangerous threats (Naked Security) Just about every security company publishes some sort of prevalence data - those little bar charts and top tens showing the most important and widespread threats. The raw data behind these easy-to-consume representations can be very useful to security experts and testers
Bank Using Voice Biometrics To Authenticate Customers. Could It Work In Retail Call Centers? (Storefront Backtalk) Retail security experts have long argued that shoppers in-store provide more security identification potential than those online and that shoppers phoning into a call center offer the least. But a major U.K. bank is using biometrics to authenticate telephone customers by using the customers' pre-recorded vocal patterns. Could the same approach help reduce fraud pushed through retail call centers
Phishing Scams Continue To Plague Consumers (Hearld) Today, Consumer Federation of America (CFA), with the support of Visa Inc., is releasing new consumer education materials about "phishing," a serious fraud problem. Phishing is when crooks, pretending to be from well-known companies, organizations, or government agencies, contact individuals and trick them into revealing their Social Security numbers, financial account information, passwords, or other personal information. That information is then used to make unauthorized purchases, take over victims' accounts, open new accounts, get tax refunds and other government benefits, and even apply for jobs
Cloud Security Alliance Successfully Completes Open Certification Framework (OCF) Pilot Implementations with Alibaba and New Taipei City Government (San Francisco Gate) The Cloud Security Alliance (CSA) today announced the successful completion of the Open Certification Framework's (OCF) STAR Certification pilot assessments with Alibaba and the New Taipei City Government (NTPC) Government Cloud (G-Cloud)
Tips for validating DDoS defenses (Help Net Security) Prolexic has issued a number of recommendations that organizations can use to validate their DDoS defenses, as well as protection services they receive from mitigation providers
Guess what? Your cloud vendor's data center is more secure than yours (FierceContentManagement) When I was at the Gartner Portals, Content and Collaboration Summit a couple of weeks ago, one thing that surprised me was the persistent notion that somehow the cloud was inherently less safe than a company data center--whether stated explicitly or implied
Online gaming company recounts fighting for survival vs. DDoS attacks (CSO) Fighting denial-of-service attacks has become a matter of survival for some businesses that find their websites getting smashed and network flooded by attackers. Online gaming company SG Interactive says it's under constant attack and the only way to keep going is to set up an anti-DDoS defense
Design and Innovation
Larry Page Wants Earth To Have A Mad Scientist Island (TechCrunch) Larry Page thinks we are, as a population, too negative. Especially the tech community. The solution? Amongst other things, Larry wishes the world had some sort of Burning Man-esque place for crazy builders to just be crazy. A place with less societal pressure, and without antiquated laws makin' things sticky
Innovation Vouchers for Cyber Security (InnovateUK) Do you have an early stage business idea that needs protecting? Do you need access to particular skills, expertise or technology to secure your ideas and business? Would demonstrating that you are cyber secure add value for your customers and partners? Would being more cyber secure help grow your business? This Innovation Voucher is available to support SMEs, entrepreneurs and early stage start-ups who see value in protecting and growing their online business by having effective cyber security
Research and Development
Using science to reform toxic player behavior in League of Legends (Ars Technica) Riot Games decided that just banning players wasn't good enough
Academia
Cybersecurity Starts in High School with Tomorrow's Hires (Bloomberg) To prepare the next generation of specialists, the federal government's National Security Agency is working to strengthen college-level education through its National Centers of Academic Excellence in Cyber Operations program, which gives a designation
Sebastian Thrun: Announcing Online Masters Degree in Computer Science in Collaboration with Georgia Tech and AT&T (UDACITY) There are a few moments in my life I will never forget. Like the moment I proposed to my wife, Petra. Or the moment Stanley crossed the finish line in the DARPA Grand Challenge. Today is one of those moments. I grew up in Germany, a country that offers excellent education. Yet when I started my Master's degree in computer science, I found myself among 1,200 other Master's students with just five professors. Needless to say, I ended up mostly educating myself through books that were available at a nearby research institute
Legislation, Policy, and Regulation
Delivering a cybersecurity strategy to protect an interconnected Europe (Europa) Cyberspace, and the internet in particular, have become an integral part of our lives. It is difficult to imagine how we ever existed without it, and the value of an open and free Internet is enormous. However, the anonymity that cyberspace provides, the possibility to connect with almost anyone, anywhere, also brings with it a certain risk. Criminals can easily abuse these structures for their gain
Update on US Cybersecurity Hearing Today (Chemical Facility Security News) Since I wrote about this hearing last weekend the House Homeland Security Committee has updated its web site with a list of DHS witnesses that will be testifying at tomorrows hearing on cybersecurity information sharing and DHS capabilities. They are: Mr. Charles K. Edwards, Acting [emphasis added] Inspector General, U.S. Department of Homeland Security; Ms. Roberta Stempfley, Acting [emphasis added] Assistant Secretary, Office of Cybersecurity and Communications, National Protection and Program
U.S. Seeks to Combat Cyber-Theft With Sanctions, Talks (EWeek) The Pentagon spotlights China for sanctioning cyber-espionage, and Congress proposes a bill to block the import of products using stolen technology.The U.S. government dialed up its war of words with China over cyber-espionage this week, with a Pentagon report clearly placing blame on the Chinese government for sanctioning information theft and legislators proposing a bill that would block imports of products using stolen technology.The legislation, introduced May 7 by a bipartisan group of U.S
DISA/NSA move to address insider threats to enterprise networks (Defense Systems) DISA and the National Security Agency want to develop an information assurance (IA) audit management system that has the capability of enterprise service for logging, collecting data, and analysis of data for enterprise services (e.g., DoD enterprise
Government to Share Cyber Security Information with Private Sector (Insurance Journal) The National Security Agency and other intelligence agencies develop and acquire knowledge about software flaws in order to penetrate overseas networks. Until now, there has been no straightforward way for these agencies to share that classified data
Litigation, Investigation, and Law Enforcement
Cops Should Get Warrants to Read Your E-Mail, Attorney General Says (Wired Threat Level) Attorney General Eric Holder became the White House's highest ranking official Tuesday to support sweeping privacy protections requiring the government, for the first time, to get a probable-cause warrant to obtain e-mail and other content stored in the cloud
Obama Administration Spying on Journalists (Kansas City infoZine) Thomas Drake was a senior executive of the U.S. National Security Agency. Last year he successfully concluded a legal ordeal with the federal government, including an Espionage Act centered indictment over the past several years. He blew the whistle on
US DOJ secretly swiped Associated Press phone records (Naked Security) The AP reports that records for two months of calls to 20 lines were seized, including a phone line straight into the heart of the House of Representatives. Congress, to its credit, is not amused
The LulzSec hackers who boasted they were "Gods" await their sentence (Naked Security) Four members of the notorious LulzSec hacking gang, who attacked websites belonging to the likes of the CIA, the NHS and the Serious Organised Crime Agency (SOCA), are due to be sentenced by the UK authorities
Google's New Privacy Policy Display Violates California Privacy Protection Law, Is "Deceptive," Consumer Watchdog Tells Attorney General (Dark Reading) Google has inserted another page between the home page and the privacy policy. A recent change in the way Google presents its privacy policy violates the California Online Privacy Protection Act (CalOPPA) and the policy is "fundamentally deceptive," Consumer Watchdog told Attorney General Kamala Harris
The Security—And Legal—Headaches With Retail Twitter Accounts Just Got Worse, Thanks To The SEC (Storefront Backtalk) The United States Securities and Exchange Commission (SEC) has approved a final rule allowing publicly traded companies to disclose "material nonpublic information" to the public through social media. In other words, if you have something you want to say to the public, instead of releasing a press release or putting it on your webpage, now you can comply with SEC rules by simply sending a tweet. But, as the Associated Press learned when its Twitter feed was hijacked, it's not entirely clear when you send a tweet that it's actually you who sent that tweet
FTC Eyes Data Brokers, And That Could Raise Retailers' CRM Costs (Storefront Backtalk) Data brokers are now in the sights of the U.S. Federal Trade Commission (FTC), and that could affect some retailers' customer-information systems. The FTC sent out letters last week warning that some brokers might be violating federal law by collecting and selling information on individuals, even if the information is publicly available
LulzSec Hacker 'Pirates' Face Sentencing (InformationWeek) Four members of Anonymous spinoff faced sentencing Wednesday for leaking data and launching distributed denial of service attacks against Sony, the Pentagon and other major sites
First California lawsuit over mobile privacy issues crashes (CSO) Court rules that federal airline laws preempt state statutes in suit seeking to force Delta Air Lines to notify mobile app users about data collection plans
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
2013 St. Louis CISO Summit (, Jan 1, 1970) Be on the forefront of a new global initiative where today's world-class leaders in information security will gather to navigate through international waters. Join these leaders as they follow the wind of change that is sweeping through the IS community motivating today's information guardians to develop a new way of thinking to ensure success in protecting their respective organizations.
NovaSec! (McLean, Virginia, USA, Jun 13, 2013) NovaSec! is Northern Virginia's largest Cybersecurity and physical security networking event of the year. We are bringing together security professionals from commercial and government organizations with members of local Northern Virginia businesses and associations to allow participants to meet, interact on key issues and provide a unified forum to network with likeminded individual.
National SCADA Conference (Melbourne, Victoria, Australia, Aug 15 - 16, 2013) The 12th Annual National SCADA Conference, Australia's largest and longest running SCADA conference, will bring together many of the luminaries of the Australian and International SCADA community to evaluate and find solutions for the increasing demands of the SCADA environment. The theme for 2013 will be delivering intelligence and improved performance to SCADA networks. The SCADA conference program will deliver fantastic first-hand knowledge from leading international and local SCADA experts with a great mix of burning SCADA issues, case studies, security and real world implementations together with practical advice. The networking opportunities provided coupled with the largest SCADA exhibition in the Southern Hemisphere ensure the National SCADA Conference is a must attend event for Australia's and New Zealand's SCADA Communit.
CISO Executive Summit (Atlanta, Georgia, USA, Sep 19 - 20, 2013) Be on the forefront of a new global initiative where today's world-class leaders in information security will gather to navigate through international waters. Join these leaders as they follow the wind of change that is sweeping through the IS community motivating today's information guardians to develop a new way of thinking to ensure success in protecting their respective organizations. (At Hacker Halted USA.)
Forensics and Incident Response Summit EU (Prague, Czech Republic, Oct 6 - 13, 2013) The Summit will focus on high quality and extremely relevant content as well as panel discussions in Digital Forensics and Incident Response. In addition, we encourage you to take every opportunity to make the most of this event from attending the Summit to registering for one or more of the post-summit training classes taught by SANS' top-rated instructors and course authors. Additional events such as DFIR Netwars, evening talks and the SANS Community Night will be taking place during that week too. This event promises to bring together the leading minds in digital forensics and incident response in the EU, as well as many other practitioners from a wide cross section of industries and company sizes. You will be able to share with all of them your challenges and find out new solutions that work, techniques and approaches you didn't even know existed.
FOSE (Washington, DC, May 14 - 16, 2013) FOSE is the premier event for government technology professionals interested in innovative, effective tools and solutions allowing you and your agency or organization to advance your mission. From IT managers and buyers to CIOs and other technology management professionals, FOSE has the right products, people and solutions for you in one very accessible location.
Hack Miami (Miami, Florida, USA, May 17 - 19, 2013) The HackMiami 2013 Hackers Conference seeks to bring together the brightest minds within the information security industry and the digital underground. This conference will showcase cutting edge tools, techniques, and methodologies that are at the forefront of the global threatscape.
CEIC 2013 (Orlando, Florida, USA, May 19 - 22, 2013) The largest digital-investigations conference of its kind and the only one to offer hands-on lab sessions for practical skills development. CEIC offers relevant and practical information from expert speakers. It will be of interest to anyone interested in cyber forensics and e-discovery. Former Director of Central Intelligence Michael Hayden will deliver the keynote.
IEEE Symposium on Security and Privacy (San Francisco, California, USA, May 19 - 22, 2013) Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for the presentation of developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field. Papers offer novel research contributions in any aspect of computer security or electronic privacy. Papers may represent advances in the theory, design, implementation, analysis, or empirical evaluation of secure systems, either for general use or for specific application domains. (Co-located with the IWCC and Web 2.0 Security and Privacy.)
U.S. Department of State Mobile Computing Forum (Washington, DC, USA, May 23, 2013) The U.S. Department of State's Bureau of Information Resource Management will host an educational forum and IT Expo, themed "Mobile Computing," reflecting their mission to empower diplomacy, consular services and development, by providing access to information and technology solutions anytime and anywhere. The U.S. Department of State has over 69,000 users worldwide at 285 posts with approximately 40,000 remote access users! Small businesses and prime contractors with products and services in Mobile Computing are invited to share information about their companies.
International Workshop on Cyber Crime (IWCC) (San Francisco, California, USA, May 24, 2013) The aim of this workshop is to bring together the research accomplishments provided by the researchers from academia and the industry. The other goal is to show the latest research results in the field of digital forensics and to present the development of tools and techniques which assist the investigation process of potentially illegal cyber activity. We encourage prospective authors to submit related distinguished research papers on the subject of both: theoretical approaches and practical case reviews. (Co-located with the IEEE Symposium on Security and Privacy.)
Web 2.0 Security and Privacy (San Francisco, California, USA, May 24, 2013) The goal of this one-day workshop is to bring together researchers and practitioners from academia and industry to focus on understanding Web 2.0 security and privacy issues, and to establish new collaborations in these areas. (Co-located with the IEEE Symposium on Security and Privacy.)
Maryland/DC Celebration of International Trade (Linthicum, Maryland, USA, May 21, 2013) Join Maryland exporters and international business experts as they celebrate International Trade Week. Hosted by the Maryland/DC District Export Council this event is a content rich celebration of international trade. Participate in expert discussions lead by manufacturers, legal, financial, transportation and industry experts as well as government leaders in eight vertical tracks for a total of 24 highly interactive 90 minute sessions.
IEEE-Cyber 2013 (Nanjing, China, May 26 - 29, 2013) This conference will cover cyber physical systems, cyber control and automation, cyber robotics, and the Internet of things.
Cyber Security @ CeBIT (Sydney, New South Wales, Australia, May 28 - 30, 2013) The Cyber Security Conference will serve as a platform where all those involved in securing and governing ICT within an organisation can discuss the newest challenges and strategies. The event is a must-attend for CIOs, CSOs, CISOs, Chief Risk Officers, Heads of Governance and Compliance and IT Directors. It is predicted that security service spending in Asia-Pacific will reach $7 billion in 2015, so ensure that you are investing in the best technologies for your business by joining us at the Cyber Security Conference on 28 May 2013 and hearing from leading financial institutions, retailers, airlines, telecoms companies and government.
Private Sector Crossovers: Protecting People, Property and Information (, Jan 1, 1970) With its annual cyber conference on May 29, the Howard County Chamber of Commerce and its GovConnects initiative will offer expert speakers on cyber security and efforts to protect government agencies and private industry. There will be opportunities for informal networking and formal, targeted match-ups for businesses interested in making connections with government contractors and agencies.
Cyber Security for the Chemical Industry (Franfurt, Hessen, Germany, May 29 - 30, 2013) It is becoming increasingly more important than ever to be aware of the latest cyber threats, and equipped to protect your company from them. In addition to physical security, these industries are faced with the ever-increasing risk of cyber attacks to their DCS and SCADA infrastructure networks as well as their R&D networks. These attacks can have a costly affect not only on profits, but also corporate reputation.
DGI Cyber Security Conference & Expo (Washington, DC, 2013, May 30, 2013) Data security threats continue to increase in number and sophistication. The growing use of collaborative technologies - from mobile devices and social media to virtualization and cloud computing - will continue to be one of the most significant factors impacting the security landscape. For these reasons, the federal government has increased efforts to minimize and prevent cyber security attacks, and will continue to place significant focus on securing the nation's cyber infrastructure.