The CyberWire Daily Briefing 05.17.13

Summary

By The CyberWire Staff

Anonymous returns to the news (at its customary nuisance level) bragging of having hacked 17,000 Israeli Facebook accounts. The hacktivist collective also boasts successful denial-of-service attacks against Saudi ministries. Both claims are unconfirmed.

Turkey's Ajan Hacker Group has defaced the municipal government website for Akron, Ohio, apparently under the impression that this strikes a crippling blow against Zionism and American power. The attack demonstrates that hacktivists' reach can be as long as their target choice can be bizarrely delusional. This week's conviction of British LulzSec hackers offers further insight into hacktivist motivation and self-image.

More Android malicious code—"Android.RoidSec"—is found circulating in the wild. Instagram, Skype, and Tumblr are currently being exploited as malware vectors. A campaign against Pakistani targets seems to originate in India, but attribution remains unclear, and the apparent Indian connections may be the result of hijacking or false-flag operations. Aheadlib is exploited to distribute Winnti malware.

Viruses properly so-called—malicious infections that self-replicate and impair device performance—make a comeback despite their old-school obviousness.

The Distributed Common Ground System versus Palantir sectarian conflict resumes in the US Army. The US House Appropriations Committee proposes 2014 budget elements, many of which affect cyber spending. US Intelligence Community workers will not be furloughed during budget sequestration.

Risk-based defenses are the current trend, but compliance-based approaches aren't going away either: Dark Reading suggests a rapprochement. "Virtual padlocks" attract cloud users worried about vendors' ability to resist government data calls. Universities consider ways of avoiding exploitation in amplification attacks.

Notes.

Today's issue includes events affecting Australia, China, Hong Kong, India, Indonesia, Iran, Ireland, Israel, Japan, Malaysia, Mauretania, Mexico, Pakistan, Philippines, Russia, Saudi Arabia, Taiwan, Thailand, Turkey, United Arab Emirates, United Kingdom, United States.

Selected Reading

Cyber Trends

Thoughts on the need for anonymity (Help Net Security) The other day I was reading a post on BoingBoing about Anonymous getting involved in publicizing the Steubenville and Halifax rape cases, and about a protest rally they organized in Steubenville during

Cyber crime: the new battleground (Irish Examiner) The battle for power and control is as old as time, but preferred methods of attack have changed with the ages. Battlegrounds, too, have changed. No longer confined by geography or brute force, they now encompass the vast territory of cyberspace, where few rules apply and where faceless aggressors swoop undetected to spy, steal, disrupt or destroy

Malaysia sixth most vulnerable to cyber crime (The Star) Malaysia is the sixth most vulnerable country in the world to cyber crime, in the form of malware attacks through the computer or smartphone. CyberSecurity Malaysia Research vice president Lt Col (R) Sazali Sukardi said the Sophos Security Threat Report 2013 found, in a period of three months this year, that besides Malaysia, nine others - Hong Kong, Taiwan, United Arab Emirates, Mexico, India, the Philippines, Thailand, China and Indonesia - were also highly at risk

CISO: Chief Infosec Scapegoat Officer (Infosecurity Magazine) CISOs are often the first victim following a major security breach. Given the prevalence of such breaches, the average tenure of a CISO is now just 18 months; and this is likely to worsen if corporate security doesn't improve

Legislation, Policy and Regulation

Government accused of sneaking in web filter (Sydney Morning Herald) The federal government has been accused of sneaking mandatory web filtering through the back door after one of its agencies inadvertently blocked 1200 websites using a little-known law.Technology news website Delimiter this week revealed the Australian Securities and Investments Commission (ASIC) last month used a telco law to ask major internet service providers (ISPs) to block a website it believed was defrauding Australians

Congress sends Google a list of questions about privacy and Glass (Ars Technica) Google has eight questions about Project Glass it needs to answer by June 14

Russia signs international privacy pact (CSO) Convention 108 was established to safeguard private data

Experts ding DHS vulnerability sharing plan as too limited (CSO) Without universally availability, plan could miss smaller businesses hackers could use as an entry point to critical infrastructure companies

DHS Eyes Sharing Zero-Day Intelligence With Businesses (InformationWeek) The Department of Homeland Security (DHS) Wednesday offered to help private businesses zero in on the zero-day vulnerabilities being used to compromise their networks. The DHS pitch: We'll share intelligence gleaned from the U.S. government's vast

UK Government Fears Destructive Cyber Sabotage (TechWeekEurope UK) James Quinault, speaking during a Westminster eForum event, said sabotage is "coming on the scene", warning of "deliberate attacks to degrade or destroy critical infrastructure and people's assets", alongside all the other kinds of cyber attack

Increase cooperation to prevent cyber-attacks (The Nation) In March this year, several financial institutions and TV stations in South Korea came under a cyber-attack that caused massive disruptions to users of automated teller machines and personal computers. The South Korean government later concluded the

Data security isn't just for the intel community, says Commerce CIO (FierceGovernmentIT) Big data is a constant and expanding phenomena at data-rich agencies like the National Oceanic and Atmospheric Administration, whose weather satellites alone produce 6 terabytes of data a day. Agencies across government are dealing with big data challenges such as storage, processing and curation, but just as important is the issue of security, says Simon Szykman, chief information officer at the Commerce Department

Public says critical infrastructure cybersecurity framework should be risk-based, says NIST (FierceGovernmentIT) An analysis of comments received so far by the National Institute of Standards and Technology to the cybersecurity framework called for by President Obama's February cybersecurity executive order shows respondents so far show risk management approaches to be a matter of nearly universal concern

DHS Eyes Sharing Zero-Day Intelligence With Businesses (InformationWeek) DHS proposal would give private businesses access to the government's stockpile of zero-day secrets for a fee

Lawmakers Introduce Bill Requiring Court Order to Seize Phone Records (Wired Threat Level) In the wake of the AP scandal, in which federal investigators obtained the phone records of journalists using only a subpoena, four lawmakers have introduced legislation in the House that would prevent federal agencies from seizing any phone records without

CISPA-Like Bill Moving Quickly Through Texas Legislature (Burnt Orange Report) The Cyber Intelligence Sharing and Protection Act (CISPA) was a U.S. Congress bill that would, as the ACLU described it, "create a loophole in all existing privacy laws, allowing companies to share Internet users' data with the National Security Agency

Products, Services, and Solutions

EarthLink Launches PCI Compliance Solutions For Retailers (Dark Reading) Solution features Approved Scan Vendor (ASV) vulnerability scans. EarthLink, Inc. (NASDAQ: ELNK) a leading IT and communications provider, today announced the launch of a new PCI Compliance Solutions service, complete with the validation tools needed to assist retailers in meeting their Payment Card Industry Data Security Standard (PCI DSS) requirements. The solution features Approved Scan Vendor (ASV) vulnerability scans, a security policy, web-based training, self-assessment, access to an online knowledge base and breach expense protection

Intelligent vulnerability management from CORE Security (Help Net Security) CORE Security launched Insight 3.0, which delivers multi-vector vulnerability assessment, asset categorization, threat simulation, penetration testing and security analytics, all in the context

National Cyber Security Alliance and LGBT Technology Partnership Launch Internet Safety Initiative for LGBT Community (Sacramento Bee) The National Cyber Security Alliance (NCSA), a non-profit public-private partnership focused on helping all digital citizens stay safer and more secure online, today announced a new collaboration initiative with the LGBT Technology Partnership to encourage greater awareness about cybersecurity and safety issues for Lesbian, Gay, Bisexual and Transgender communities

Bitdefender Wins Top Spot in AV-Comparatives' Most Rigorous Test (Wall Street Journal) The award comes a month after Bitdefender scored the #1 spot in trials by AV-TEST, the other major independent analysis firm, with a perfect score for fighting off viruses, worms, Trojans and other online threats. The company also recently won a

Hadoop appears to be everywhere lately, except in big data (FierceBigData) Hadoop, the database everyone associates with big data, has had a run of more traditional deployments lately, which is good for Hadoop, and good for those looking for more proof of its ability to scale

Google announces e-mail money transfers for Google Wallet (C/Net) At its annual Google I/O developer conference in San Francisco, Google makes announcements that will expand Google Wallet far beyond its tap-and-go NFC roots

Technologies, Techniques, and Standards

What A Burned CIA Officer and A Patriot Hacktivist Can Teach Us About Cover Discipline (The Security Dialogue) In light of the news a Central Intelligence Agency officer was detained by Russian counterintelligence, I felt it would be good to examine what it means to have good "cover discipline". In order to accomplish missions that require stealth in plain sight, intelligence operatives use what is commonly referred to as "cover" which is a fictional persona adopted by individual officers so that their true identity and purpose remain unknown to their target. "Cover" takes a significant amount of time to develop and assimilate into the officer. Persons who operate "undercover" will spend a great deal of time studying and perfecting their "cover". Where most officers get caught is when they lose "cover discipline". This could be something as simple as confusing one's "cover" name with their "real" name. In some cases, like the one depicted in this film, "cover" is often lost due to carelessness

Mapping Compliance Proof To Risk-Based Controls (Dark Reading) Risk-based security decisions usually yield more secure environments, but some harmonization with regulations needs to be done to prove compliance. For years now, the risk management gurus of the world have lamented the scourge of check-box compliance, urging organizations to make more security decisions based on sound risk management. The philosophy is that risk-based decisions generally yield more compliant environments: if an organization manages its risks, then compliance will naturally fall into place

PCI Security Standards Council Names New Board Of Advisors (Dark Reading) Members provide strategic and technical input to PCI SSC on specific areas of Council focus. Today the PCI Security Standards Council (PCI SSC), an open, global forum for the development of payment card security standards, announced election results for the 2013-2015 PCI SSC Board of Advisors. The Board will represent the PCI community by providing counsel to SSC leadership

How to Respond to a Data Breach (eSecurity Planet) Despite all of the advice on preventing data breaches, such breaches will inevitably happen. The right preparation will help you respond quickly and contain the damage. According to the results of a recent Ponemon Institute study commissioned by Solera Networks, the average cost of a malicious data breach has risen to $840,000, with the average cost per record at $222

How to keep the feds from snooping on your cloud data (CSO) Virtual padlocks can keep storage providers — and the government — from accessing data in the cloud

Managing My Company's Security is a Nightmare Says Panda Security Director (SYS-CON) If you are a head of corporate security I am sure the words above will have run through your mind more than once. The majority of top-level executives are focused on targeted attacks (by far the most heavily covered malware stories, just take a look at the latest Twitter, Facebook, Apple or Microsoft attacks, for example), however heads of corporate security know better than anybody else what risks they are facing and what their priorities are: –Neutralize attacks before they impact corporate productivity. –Prevent data theft

Q&A: Banks Must Take a Holistic Approach to Cybersecurity (Banktech) I asked Bill Stewart, SVP and lead of Booz Allen Hamilton's financial services…who have to combat such a wide range of differing types of cyber attacks

New group seeks to protect power grid from cyberattacks (Fuel Fix) A group of regulatory and intelligence experts that includes a former director of the Central Intelligence Agency said Thursday they have launched a new effort to focus on computer security solutions facing energy companies and the government. The goal of the group, which includes former CIA and National Security Agency director Michael Hayden, will be to make proposals that can fill in holes and clarify gray areas in regulations and standards to help the electric grid protect against online threats

Resilience ‒ the way to survive a cyber attack (SC Magazine UK) The claim that any Western information technology dependent society could be brought down by a 15-minute cyber attack has recently provoked intense discussion. In reality, a well-prepared cyber attack does not need to last for 15 minutes to succeed

Keeping one step ahead of the cyber criminals (BBC News) So how do you protect yourself against cyber attacks? Mr McDonough, president of Nasdaq-listed Sourcefire, a cyber security intelligence company

Building Human Firewalls Critical for Protecting against Cyber Threats (San Francisco Chronicle) Swan Island Networks releases new white paper to help address human element of Cyber Security Security intelligence innovator Swan Island Networks

What you need to know to build a solid Ethernet WAN (InfoWorld) Sourcing solid network connectivity, such as for linking a pair of data centers, isn't always as straightforward as it might seem

Block rogue apps with Windows Server—for free (ComputerWorld) You can stop users from putting bad software on good machines. Windows in some organizations is a free-for-all -- users have local administrator rights, install software to their hearts' content, never update it and generally are susceptible to running bad stuff on good machines. Fortunately for Windows administrators, there is a way to stop that

7 steps to securing Java (NetworkWorld) Warnings from Homeland Security should prompt security pros to harden enterprise nets against Java-based exploits

Marketplace

Army Defends Battlefield Intel System (DoD Buzz) Mary Legere, the Army's deputy chief of staff for intelligence, said during a…Some troops and commanders have praised the Palantir software for being

Draft funding bill proposes $147.6 billion for Veterans Affairs (FierceGovernment) Under House Appropriations Committee spending bill for the coming fiscal year marked up in subcommittee May 15, the Veterans Affairs Department would be funded at a topline of $147.6 billion, with $63.1 billion of that being discretionary spending

House Appropriations proposes $786 million DHS cybersecurity budget (FierceGovernmentIT) The House Appropriations homeland security subcommittee fiscal 2014 spending bill, to be marked up by the subcommittee May 16, proposes spending $786 million for Homeland Security Department cybersecurity operations, says a committee statement

House Appropriations proposes $1.22 billion Coast Guard acquisition budget (FierceHomelandSecurity) The House Appropriations homeland security subcommittee fiscal 2014 spending bill, to be marked up by the subcommittee May 16, proposes $1.22 billion for the Coast Guard acquisition budget, an increase from the $951 million in the White House proposal--but also still far less than the approximately $1.46 billion annually the service has been appropriated in recent years

DHS discretionary funding totals $38.9 billion in House Appropriations subcommittee proposal (FierceHomelandSecurity) A House Appropriations subcommittee bill released May 15 would provide the Homeland Security Department with $38.9 billion in discretionary funding for fiscal 2014, a $617.6 million decrease from the fiscal 2013 enacted level

VanRoekel: Open data may require additional infrastructure investment (FierceGovernmentIT) Agencies will receive no additional funds to implement the White House's May 9 Open Data Policy. The memo says upfront investment in opening data will be offset by savings realized from streamlining paper-based operations

Report: No Furloughs for Intell Community (ExecutiveGov) Employees in the U.S. Intelligence Community funded under the National Intelligence Program budget will not be subject to furloughs resulting from sequestration, Federal News Radio reported Wednesday

At Microsoft, a Sharpened Focus on Cybercrime (Threatpost) Cybercrime has developed in the last few years into a major concern, not just for the consumers and businesses that are victims, but also for governments around the world. Obama administration officials have called it one of the larger threats to the United States economy. While law enforcement agencies handle the investigative and prosecutorial

SAIC joins Homeland Security cyber program (UPI) The program by the US Department of Homeland Security is Enhanced Cybersecurity Services, through which private companies such as SAIC become commercial

Cisco CEO Chambers Says Successor Won't Immediately Be Chairman (Bloomberg) Cisco Systems Inc. (CSCO) Chairman and Chief Executive Officer John Chambers said his successor probably won't immediately hold both roles. It's appropriate to split the positions when there is a new CEO, he said today in an interview on Bloomberg Television's "In the Loop with Betty Liu." "We will probably do that when my succession occurs for a couple years, and then if the CEO is successful, then combining the two roles is the most likely outcome," Chambers said

Sotera Announces CEO Transition (The Herald) In the interim, Sotera will be led by William Cave and Laurie Villano as Interim Co-CEOs, who will also continue oversight of the Defense & Intelligence Solutions and Cyber Systems & Solutions lines of business, respectively. ... mid-tier national

Amid Dell's ownership battle, declining PC sales took a big bite out of its profits (Quartz) The numbers: Not good. PC maker Dell reported earnings per share of $0.21, which missed estimates, and net income fell by 79% to $130 million. But it reported better-than-expected revenue at $14.1 billion

Security Patches, Mitigations, and Software Updates

How Google updated Android without releasing version 4.3 (Ars Technica) Could there be a light at the end of the fragmentation tunnel

Apple fixes 41 iTunes security flaws, some more than a year old (Naked Security) Apple released the latest update to iTunes today, version 11.0.3, fixing 41 vulnerabilities in the Windows version and 1 in the OS X version. Many of these flaws are rated critical and we advise you update as soon as possible

Oracle renumbers Java patch updates, confuses users even more (CSO) New numbering scheme necessary to take into account increase in zero-day patches

Cyber Attacks, Threats, and Vulnerabilities

17000 Facebook Accounts of Israel hacked under (Anonymous and Anonghost) operation #OpPetrol (Hackers News Bulletin) Anonymous and Anonghost they both are the hacktivists and started #OpPetrol on 12 May 2013 by the leak of some Saudi Govt. email login credentials, now 2nd Hack released by Mauritania Attacker who said to be the owner of Anonghost team message us about the their latest hack attack of 17000 Facebook Accounts of Israel

OpSaudi : Anonymous launched cyber attack on Saudi Government site (E Hacking News) Saudi branch of Anonymous hacktivist has launched cyberattack on Saudi Government websites , the operation has been named as "#OpSaudi". Few government websites are facing heavy Distributed-denial-of-service(DDOS) attack from the Anonymous.The affected government sites include Saudi Arabia and the Ministry of Foreign Affairs(mofa.gov.sa), The Ministry of Finance(mof.gov.sa), General Intelligence Presidency(gip.gov.sa ).The Anonymous saudi also claimed they have gained access to the server

City of Akron Web Site Hacked (eSecurity Planet) Tens of thousands of names, mailing addresses and Social Security numbers were published online. Macker Maxney of the Turkish Ajan Hacker Group recently breached and defaced the official Web site for the City of Akron, Ohio. In a statement on the defacement page, Maxney wrote, "Since today, you have been trying to bring Middle east under chaos, United States of America, which is controlled by Zionist jewish people to achieve their goals for centuries"

e-netprotections.su? (Internet Storm Center) Like with .biz, I sometimes have the impression that .su and .cc could be sinkholed in their entirety, because the bad domains seem to vastly outnumber whatever (if any) good is running under these TLDs as well. Earlier today, ISC reader Michael contacted us with information that several PCs on his network had started to communicate with iestats.cc, emstats.su, ehistats.su, e-protections.su and a couple other domains. I was pretty sure that I had seen the latter domain on an earlier occasion in a malware outbreak, but I couldn't find it in our records…until I only searched for "e-protections", and found e-protections.cc. This domain had been implicated back in October 2012 in a malware spree that was linked to the nasty W32.Caphaw, a backdoor/information stealer. The similarity of the names was too much of a coincidence, and it meant bad news for Michael

Hacker Ag3nt47 breached Suzuki and Mazda Russia (E Hacking News) The hacker with twitter handle Ag3nt47 who hits top university websites has breached the Suzuki and Mazda Russia websites.The hacker tweeted links to the dump. The database dumped(pastebin.com/u01PitxP) from the Japanese automobiles manufacturer Suzuki includes password hashes, email addresses.The data(pastebin.com/9hrwnmgC) taken from Russian website of the Japanese-based automobiles manufacturer Mazda contains no interesting data. There is no specific reason mentioned by the Ag3nt47 for the attack

Android.RoidSec: This app is an info stealing "sync-hole"! (Webroot Threat Blog) Android.RoidSec has the package name "cn.phoneSync", but an application name of "wifi signal Fix". From a 'Malware 101' standpoint, you would think the creators would have a descriptive package name that matches the application name. Not so, in this case. So what is Android.RoidSec? It's a nasty, malicious app that sits in the background (and avoids installing any launcher icon) while collecting all sorts of info-stealing goodness

Malwarebytes unmasks new Skype phishing scam (IT Pro) Cyber criminals steal validated login credentials while also deploying banking Trojan. Malwarebytes researchers have discovered a new scam being distributed via Microsoft-owned instant messaging service Skype

Spam Campaigns Take to Tumblr (Symantec) As the urban legend goes, the bank robber Willie Sutton was asked why he robbed banks. "Because that's where the money is," he is attributed as saying. While Sutton has long since distanced himself from the statement, the concept resonates with many people, to the extent that it's been used to describe principles in accounting and even medicine

Get Free Followers! on Instagram? Get Free Malware, Survey Scams Instead (TrendMicro) The popular photosharing app Instagram is the latest social networking site targeted by the ubiquitous survey scams seen on Facebook and Twitter. This time, we found that these survey scams may also lead users to download an Android malware

New India-Based Spy Malware Campaign Targeting Pakistanis (Threatpost) A new malware campaign has been hitting Pakistan hard over the last few months and after a little e-sleuthing, it appears the not-so-stealthy attacks have been originating from nearby India and exploiting a certificate to run its binaries

Symantec Protection for Targeted Attacks in South Asia (Symantec) ESET recently blogged about a targeted cyber/espionage attack that appears to be originating from India. Multiple security vendors have been tracking this campaign. The attack appears to be no more than four years old and very broad in scope. Based on our telemetry (Figure 1), it appears that attackers are focusing on targets located in Pakistan, specifically government agencies

Kangaroo targeting Australian bank customers (Cyberwarzone) Security researchers from Russian cybercrime investigations firm Group-IB have uncovered a cyberfraud operation that uses specialized financial malware to target the customers of several major Australian banks

Essex County Council has 27,000 computer hacker attacks in a year (BBC) More than 25,000 cyber attacks were carried out against Essex County Council in the past year, it has emerged

In a sea of malware, viruses make a small comeback (CSO) Microsoft has noticed a small uptick in viruses that infect files

Money Mules and Honey Mules (Cloudmark) One common form of spam that we see across all sorts of platforms is work from home scams. As well as traditional email, this can also be found on most social networks, and more recently in SMS

Utilities Targeted by Hackers Raise Dire U.S. Warnings (Bloomberg) Cyber attacks on computers that run the nation's energy grid, nuclear reactors and water-treatment plants are increasing with potentially lethal effects, the Department of Homeland Security's top investigator said. Successful infiltrations of computer

Cyber Thugs Disseminate Winnti Malicious Program Utilizing Genuine Analysis Tool (Spamfighter News) Trend Micro has said that hackers are disseminating Winnti a malicious program for compromising Web-surfers' computers by employing one fresh backdoor Trojan through an analysis tool which isn't a fake. The backdoor known as "Bkdr_Tengo.A pretends to be one genuine Dynamic Link Library (DLL) file that has been labeled winmm.dll

Here Are The Commands You Need To Gain Root Access To Your Google Glass (TechCrunch) There has been a lot of talk about rooting your Glass device, or if it's even possible. Well, it is. During a Hacking Google Glass session today, the team shared the steps to go through to gain root access for your Glass device. Only the Fastboot tool for UNIX works, but there have been issues with using the OS X one. An official native dev kit will be available, too, which was announced

How I 'stole' $14 million from a bank: A security tester's tale (CNN Money) In early 2010, Nish Bhalla sat down at his computer with one objective: steal a huge amount of money from a bank

Academia

Universities get schooled on DNS amplification attacks (GCN) Colleges and universities are getting a piece of advice when it comes to the growing problem of distributed denial of service attacks that exploit the Domain Name System: Don't be a part of the problem. The Research and Education Networking Information Sharing and Analysis Center (REN-ISAC) recently advised its members check their network and DNS configurations to avoid becoming "an unwitting partner" in distributed DOS attacks

Litigation, Investigation, and Enforcement

LulzSec group sentenced; hacker combats child porn allegations (ZDNet) Core members of LulzSec have been sentenced for their campaigns, but according to the defense, some of the victims were "thoroughly deserving" of what happened to them

LulzSec: the unanswered questions (The Guardian) The sentencing of four of the members of the LulzSec hacking crew closes the book on its three-month campaign, waged between May and July 2011, against a range of sites and targets – including government, media and games sites. Yet three big questions remain: Who was Avunit? … Who has the Bitcoins? … Did LulzSec really hack the PlayStation Network

Former Lulzsec hacker Jake Davis on his motivations (BBC) Four men were sentenced on Thursday for computer hacking. In 2011 they were all linked to the Lulzsec hacking collective which targeted organisations including the FBI and Britain's Serious Organised Crime Agency (SOCA) in a 50-day campaign which wrought havoc across the internet. Among those sentenced was Lulzsec's self-appointed PR man, Jake Davis, who in his first TV interview has spoken to BBC Newsnight's Susan Watts about what he did and why

Opinion: No, the LulzSec hackers weren't noble (Naked Security) Was the LulzSec hacking gang harmless? Perhaps noble, even? Graham Cluley argues that it's not cool, or funny, to hack into companies, expose the private information of members of the general public, and to launch denial of service attacks

The White House War Against Whistleblowers (American Free Press) As a contractor for the National Security Agency (NSA), in November 2005, Thomas Drake revealed to Siobhan Gorman of the Baltimore Sun that his employer wasted $1.2B on an Internet surveillance system named Trailblazer. Rather than pursue this

Associated Press proudly supports Anonymous and tweeted "We are Anonymous" (Hackers News Bulletin) News broke Friday that the government had wiretapped and extensively spied on the Associated Press for reporting on terrorist activities. This was quickly followed by a now-deleted tweet in support of the shadowy collective of hackers known as Anonymous. A spokesperson for the AP refused to comment, leading some to speculate the tweet was the result of hackers from Anonymous. Others believe this was possibly a false flag attack from the CIA aimed at discrediting the AP

Why Associated Press tweeted "We are Anonymous"? (Hackers News Bulletin) As we are getting mails, messages and much more regarding the tweet of AP in which they said that "We are Anonymous. We do not forgive. We do not Forgot. Expect us", and in the seek of info we found an interesting news on "www.mediaite.com" about the AP, why they tweeted that they are Anonymous and we think that the tweet is linked from this news

Liability for Personal Information, DHS Cyber Team Draw Scrutiny at Hearing (Main Justice) The panel was addressing the Department of Homeland Security's role in protecting the country from a cyber attack. Three DHS officials testified about the department's various cyber efforts. Noting that DHS could help "facilitate communications among

Walmer man jailed for cyber attack on Kent Police website (Yourcanterbury.co.uk) Walmer man jailed for cyber attack on Kent Police website. Lewys Stephen Martin also tried to disrupt the websites of Oxford and Cambridge universities. Comments; Email; Print. To send a link to this page to

GSA will pay $3M to more than 1,000 contractors kicked out of schedules program (FierceGovernment) The General Services Administration collectively owes more than one thousand contractors more than $3 million because the agency failed to pay off vendors after kicking them out of the schedules program. The finding came as the result of an investigation by the House Small Business Committee

Federal judge rules in favor of FBI use of stingray (FierceGovernmentIT) A federal judge in Arizona says the FBI can use evidence collected by a device that masquerades as a cellular base tower, triggering an automatic register response from nearby devices and routing communications from those devices through it

JPMorgan confronts Bloomberg (FierceFinance) A cynic might argue that JPMorgan's foray into the great controversy over the Bloomberg snooping is an attempt to deflect attention away from its shareholder annual meeting woes, where the media narrative hasn't been great…In contrast, by letting it be known that the bank is confronting Bloomberg about reporter snooping via terminals allows for a more positive portrayal of the bank, a picture of an outraged bank defending its privacy rights and taking on a media giant. That explanation is perhaps too cynical. The reality is that the still influential bank has plenty to be legitimately angry about. Many are likely applauding the bank's demand that that Bloomberg hand over five years' worth of employee data access logs…Bloomberg, to its credit, is making the right moves, reaching out directly to top executives at client firms, assuring them that the company gets the importance of the move

Design and Innovation

The $18.2 million reason Larry Page would like a regulation-free playground in which to experiment (Quartz) Yesterday Google CEO Larry Page said it would be nice if there were some part of the world that were free of regulation so that companies like Google could experiment without fetter. He cited Burning Man, the drug-fueled quasi-anarchist arts festival that Page has been known to attend, as an example of such a place, but in reality it might look more like special economic zones like the one in Honduras

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

Suits and Spooks La Jolla 2013 (LaJolla, California, USA, June 15 - 16, 2013) Exploring Cyber Warfighting and Threat Mitigation for Corporations and Governments. The original concept for this event was to look at what special operations forces and corporate CERTs or SOCs have in common…it readily became apparent that two broad areas kept coming up: threat mitigation through intelligence and active defense (a.k.a. offense as defense). San Diego is a wonderful location for exploring this theme thanks to its military and high technology industries. The FBI, NCIS, DOD, academia and some cutting edge INFOSEC startups will be represented.

Buzzword Forensics: Mobile is the Future…and the Future is Now (Laurel, Maryland, Sioux Falls, June 18, 2013) Digital forensics is evolving, as all forensic sciences must evolve. With the explosive growth of the Internet as context, the discipline of digital forensics has evolved significantly since the last millennium. In today's talk we briefly explore this evolution from the Paleolithic last millennium to our present, and increasingly mobile ecosphere. Mobile device forensics has something old and something new. Open source and commercial tools have had spotty records over the years with respect to mobile device forensics. We will explore some of the similarities and look explicitly at some of the major differences between classic computer forensics and mobile device forensics, using demos of Android forensics as an exemplar. Al Holt, adjunct professor at Towson University, will be the presenter.

Remote Digital Forensics (Columbia, Maryland, Sioux Falls, July 16, 2013) Incident response, packaging, and mailing is a lengthy process averaging many days to get media into a forensics examiner workstation in Maryland. The current process primarily uses stand alone workstations. The project involved devising a set of solutions through the use of appropriate remote forensics tools and techniques to dramatically improve efficiency and lower the cost of investigations. We have defined a set of business models with requirements. The goal is to provide increased timeliness and reduce costs while maintaining ASCLD/LAB accreditation. Other added services could include more detailed intrusion examination reporting with added features such as timeline analysis. An important side benefit is the capture and analysis of volatile memory. The goal is to have a tested, evaluated, mission capable process. This presentation will review the results of this study to include a look at related research and a trade study of the current state of the digital forensics industry. If you are interested in triage, validation, high speed networks, forward analysis, agents, and cloud computing this presentation is for you. Ken Zatyko of Assured Information Security will be the presenter.

A Cloud Computing Introduction for Managers (Columbia, Maryland, Sioux Falls, August 13, 2013) Cloud computing is becoming popular. More and more Technical Managers and Project Managers will be interacting with cloud computing, either developing clouds, using clouds, or selecting among cloud and non-cloud alternatives to accomplish their projects. This talk provides a brief and basic introduction to cloud computing, what managers need to know about cloud computing, what are some of the myths, and what they need to ask about cloud computing from service providers. The presentation will include selected questions specific to managers associated with government projects and security risks of cloud computing. This non-technical presentation will help managers understand cloud basics and how to ask better questions when a cloud becomes part of your project. Dr. Patrick Allen of Johns Hopkins University Applied Physics Lab will be the presenter.

Hack Miami (Miami, Florida, USA, May 17 - 19, 2013) The HackMiami 2013 Hackers Conference seeks to bring together the brightest minds within the information security industry and the digital underground. This conference will showcase cutting edge tools, techniques, and methodologies that are at the forefront of the global threatscape.

CEIC 2013 (Orlando, Florida, USA, May 19 - 22, 2013) The largest digital-investigations conference of its kind and the only one to offer hands-on lab sessions for practical skills development. CEIC offers relevant and practical information from expert speakers. It will be of interest to anyone interested in cyber forensics and e-discovery. Former Director of Central Intelligence Michael Hayden will deliver the keynote.

IEEE Symposium on Security and Privacy (San Francisco, California, USA, May 19 - 22, 2013) Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for the presentation of developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field. Papers offer novel research contributions in any aspect of computer security or electronic privacy. Papers may represent advances in the theory, design, implementation, analysis, or empirical evaluation of secure systems, either for general use or for specific application domains. (Co-located with the IWCC and Web 2.0 Security and Privacy.)

U.S. Department of State Mobile Computing Forum (Washington, DC, USA, May 23, 2013) The U.S. Department of State's Bureau of Information Resource Management will host an educational forum and IT Expo, themed "Mobile Computing," reflecting their mission to empower diplomacy, consular services and development, by providing access to information and technology solutions anytime and anywhere. The U.S. Department of State has over 69,000 users worldwide at 285 posts with approximately 40,000 remote access users! Small businesses and prime contractors with products and services in Mobile Computing are invited to share information about their companies.

International Workshop on Cyber Crime (IWCC) (San Francisco, California, USA, May 24, 2013) The aim of this workshop is to bring together the research accomplishments provided by the researchers from academia and the industry. The other goal is to show the latest research results in the field of digital forensics and to present the development of tools and techniques which assist the investigation process of potentially illegal cyber activity. We encourage prospective authors to submit related distinguished research papers on the subject of both: theoretical approaches and practical case reviews. (Co-located with the IEEE Symposium on Security and Privacy.)

Web 2.0 Security and Privacy (San Francisco, California, USA, May 24, 2013) The goal of this one-day workshop is to bring together researchers and practitioners from academia and industry to focus on understanding Web 2.0 security and privacy issues, and to establish new collaborations in these areas. (Co-located with the IEEE Symposium on Security and Privacy.)

Maryland/DC Celebration of International Trade (Linthicum, Maryland, USA, May 21, 2013) Join Maryland exporters and international business experts as they celebrate International Trade Week. Hosted by the Maryland/DC District Export Council this event is a content rich celebration of international trade. Participate in expert discussions lead by manufacturers, legal, financial, transportation and industry experts as well as government leaders in eight vertical tracks for a total of 24 highly interactive 90 minute sessions.

IEEE-Cyber 2013 (Nanjing, China, May 26 - 29, 2013) This conference will cover cyber physical systems, cyber control and automation, cyber robotics, and the Internet of things.

Cyber Security @ CeBIT (Sydney, New South Wales, Australia, May 28 - 30, 2013) The Cyber Security Conference will serve as a platform where all those involved in securing and governing ICT within an organisation can discuss the newest challenges and strategies. The event is a must-attend for CIOs, CSOs, CISOs, Chief Risk Officers, Heads of Governance and Compliance and IT Directors. It is predicted that security service spending in Asia-Pacific will reach $7 billion in 2015, so ensure that you are investing in the best technologies for your business by joining us at the Cyber Security Conference on 28 May 2013 and hearing from leading financial institutions, retailers, airlines, telecoms companies and government.

Private Sector Crossovers: Protecting People, Property and Information (, January 1, 1970) With its annual cyber conference on May 29, the Howard County Chamber of Commerce and its GovConnects initiative will offer expert speakers on cyber security and efforts to protect government agencies and private industry. There will be opportunities for informal networking and formal, targeted match-ups for businesses interested in making connections with government contractors and agencies.

Cyber Security for the Chemical Industry (Franfurt, Hessen, Germany, May 29 - 30, 2013) It is becoming increasingly more important than ever to be aware of the latest cyber threats, and equipped to protect your company from them. In addition to physical security, these industries are faced with the ever-increasing risk of cyber attacks to their DCS and SCADA infrastructure networks as well as their R&D networks. These attacks can have a costly affect not only on profits, but also corporate reputation.

DGI Cyber Security Conference & Expo (Washington, DC, 2013, May 30, 2013) Data security threats continue to increase in number and sophistication. The growing use of collaborative technologies - from mobile devices and social media to virtualization and cloud computing - will continue to be one of the most significant factors impacting the security landscape. For these reasons, the federal government has increased efforts to minimize and prevent cyber security attacks, and will continue to place significant focus on securing the nation's cyber infrastructure.

Recent Advances in Reverse Engineering (RARE) (San Francisco, California, USA, June 1 - 2, 2013) The goal of the rare conference is to provide a venue where people interested in the analysis of binary programs can speak to one another directly, and to form a common language outside of their respective hyper-specialized, individual niches.

2013 St. Louis CISO Summit (, January 1, 1970) Be on the forefront of a new global initiative where today's world-class leaders in information security will gather to navigate through international waters. Join these leaders as they follow the wind of change that is sweeping through the IS community motivating today's information guardians to develop a new way of thinking to ensure success in protecting their respective organizations.

Consumerization of IT in the Enterprise Conference and Expo (San Francisco, California, USA, June 2 - 4, 2013) From smartphones to mobile apps, social software and 4G networks, the wave of innovation in the consumer space is transforming the way companies do business, both inside and outside of the enterprise. Over two and a half action packed days, CITE 2013 will bring together IT and business executives, venture capitalists and other practitioners to showcase leading efforts and teach others how to make the most of this transformation.

Pen Test Berlin 2013 (Berlin, Germany, June 3 - 9, 2013) SANS Pen Test Berlin 2013 takes place from June 3rd to June 8th in the Radisson Blu Hotel on the bank of Berlin's River Spree. SANS will offer penetration testing courses as well as a series of presentations and social events. The training offers the opportunity to participate in NetWars.

CyCon 2013: 5th International Conference on Cyber Conflict (Tallinn, Estonia, June 4 - 7, 2013) CyCon 2013 is an annual NATO Cooperative Cyber Defence Centre of Excellence conference that is conducted with the technical cooperation of the IEEE Estonia Section. CyCon 2013 will focus on the technical, strategic and legal implications of using automatic methods in cyber conflicts. The conference will be organized along two tracks: a Strategic Track and a Technical Track. Legal aspects will be incorporated in these two tracks.

NSA SIGINT Development Conference 2013 (Fort Meade, Maryland, USA, June 4 - 5, 2013) The National Security Agency is responsible for providing foreign Signals Intelligence (SIGINT) to our nation's policy-makers and military forces. SIGINT plays a vital role in our national security by providing America's leaders with critical information they need to defend our country, save lives, and advance U.S. goals and alliances globally. The exposition will be unclassified and will consist of a one-day event as an adjunct to the SIGINT Conference. The conference sessions will be conducted in a classified area in close proximity to the exhibits.

U.S. Census IT Security Conference and Exposition (Suitland, Maryland, USA, June 5, 2013) The Census Bureau's Information Technology Security Office (ITSO) and the Census Bureau's Data Stewardship Office is putting together a series of workshops on 'Information Security' and 'protecting your information' to lead up to their Annual IT Security Awareness Conference. This specific workshop will take place on June 5, 2013 with a focus on Security Issues..

RSA Conference Asia Pacific 2013 (Singapore, June 5 - 6, 2013) Join your fellow information security professionals at the inaugural RSA Conference Asia Pacific, where we'll be discussing security issues from both a global and Asia Pacific perspective. Delegates will be able to attend keynote sessions presented by leading information security industry experts and guest speakers, and choose from approximately 50 sessions.

29th Annual INSA William Oliver Baker Award Dinner (Washington, DC, USA, June 7, 2013) his year's awardee is General Michael V. Hayden, former Director of the Central Intelligence Agency and the National Security Agency. Registration is now open and tables are available for purchase.

2013 Cybersecurity Innovation Expo (Baltimore, Maryland, USA, June 10 - 13, 2013) Do not miss the opportunity to participate in the 2013 Cyber Innovation Forum with active participation from National Institute of Standards and Technology (NIST), the National Security Agency (NSA), and the Department of Homeland Security (DHS). This four-day event will take place at the Baltimore Convention Center on Monday, June 10 - Thursday, June 13 with the exposition taking place June 11-12.

3rd annual Cyber Security Summit (, January 1, 1970) Over the last 2 years, the summit has gathered 150+ senior Defence, National Security and Industry executives to address current and emerging cyber threats to Australia's security. Now in its 3rd year, ADM Cyber Security aims at: reviewing solutions to the ever increasing level of attacks, whether real or potential, [and] equipping all stakeholders with a wide range of actionable strategies.

NovaSec! (McLean, Virginia, USA, June 13, 2013) NovaSec! is Northern Virginia's largest Cybersecurity and physical security networking event of the year. We are bringing together security professionals from commercial and government organizations with members of local Northern Virginia businesses and associations to allow participants to meet, interact on key issues and provide a unified forum to network with likeminded individual.

25th Annual FIRST Conference (Bangkok, Thailand, June 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.

Hack in Paris (Paris, France, June 17 - 21, 2013) This five day event will examine forensics, malware analysis, and corporate hacking techniques, and what could be better, it is held at the Euro Disney conference center outside of Paris. It has attracted a stellar lineup of speakers and promises to be a very technical event with heavy emphasis on training. This is its second year.

2013 ICAM Information Day and Expo (Washington, DC, USA, June 18, 2013) This day provides a forum for the Identity, Credential and Access Management (ICAM) community to get first-hand information on current identity management and related technologies.

NASA National Capital Region Industry Days (Washington, DC, USA, June 25 - 27, 2013) This dedicated Information Technology Expo - sponsored by the Office of the Chief Information Officer - will serve as a focal point for NASA personnel to learn about the latest products and advances in the marketplace.

AFCEA International Cyber Symposium 2013 (Baltimore, Maryland, USA, June 25 - 27, 2013) Cyber threats and challenges grow every day. Successfully defending our networks requires a team approach. With this in mind, the Cyber symposium will engage the key players, including the U. S. Government, the International Community, Industry and Academia, to discuss the development of robust cyberspace capabilities and partnerships. The AFCEA International Cyber Symposium 2013 focuses on the critical missions of U.S. Cyber Command and the interface with Army Cyber Command, Marine Corps Forces Cyber Command, 10th U.S. Fleet Cyber Command, 24th Air Force Cyber, Department of Homeland Security, U.S. Coast Guard, DoD-CIO, National Security Agency (NSA), Defense Information Systems Agency (DISA), Defense Advanced Research Projects Agency (DARPA), Academia, Industry partners. The operational theme " Defining Full Spectrum Global Cyberspace Operations" will explore the operational security of DoD and Industry Networks, Cyber Operations with Joint and Coalition partners, and discuss the training and development of the cyber workforce.

ShakaCon (Honolulu, Hawaii, USA, June 25 - 28, 2013) This is the fifth year this "laid back security conference in paradise" is being held. Some solid presentations and training on malware analysis and penetration testing. After all, what could be better than "sun, surf, and C Shells?" There are intensive training classes on hacking mobile apps and even lock picking (the set of tools is included in the class registration).

American Technology Awards Technology and Government Dinner (Washington, DC, USA, June 30, 2013) TechAmerica Foundation hosts its Eleventh Annual Technology and Government Dinner at the Ronald Reagan Building in Washington DC. The dinner continues to serve as the premier Washington, DC technology networking event bringing hundreds of tech industry, congressional, and government leaders together at one venue to celebrate the partnership between industry and government.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.