The CyberWire Daily Briefing for 1.15.2014
Turkish hacktivists ("TurkGuvenligi") hit the Syrian Electronic Army's website with denunciations of SEA "imbecils" (sic) who phish Turkish citizens. TurkGuvenligi promises both retaliation and (eventual) divine retribution.
The cyber threat to the Sochi Olympics continues to take shape as Islamist hacktivists of "Caucasus Anonymous" promise to disrupt the games.
InterCrawler reports an increase in black-market shopping for decryption services. It links this to recent US retailer breaches: it's a sign the cybercriminals responsible are working to fence stolen data in a usable form. Target works to contain reputational damage, but an early initiative—$5M for online security awareness training—is cooly received. Payment card sector analysts see two industry-wide responses as likely (and prudent): more widespread adoption of chip-and-pin cards in the US, and better information-sharing among retailers and financial institutions.
Lest one think data vulnerabilities are restricted to the world of commerce, think again: not-for-profits are also targets. The US Fund for UNICEF has disclosed a November 2013 breach that exposed individuals' names, phone numbers, and credit card information in at least three US states.
Researchers report finding 60,000 SCADA systems exposed to hacking worldwide.
Kaspersky says the "Icefog" cyber espionage campaign, generally thought of as affecting Japanese and South Korean targets, exploited Java vulnerabilities to infiltrate three US oil and gas companies' networks.
Sino-American cyber tensions simmer unabated, with US firms struggling to stave off IP theft, Chinese companies concerned about allegedly compromised systems.
Four areas draw intense cyber industry interest: malware analysis, forensics, zero-day sales, and privacy solutions.
Today's issue includes events affecting Australia, China, European Union, France, Japan, Republic of Korea, Romania, Russia, South Africa, Syria, Turkey, United Kingdom, and United States..
For a complete running list of events, please visit the Event Tracker.
FloCon2014 (Charleston, South Carolina, USA, Jan 13 - 16, 2014) FloCon 2014, a network security conference, takes place at the Francis Marion Hotel in Charleston, South Carolina, on January 13–16, 2014. This open conference provides a forum for operational network analysts, tool developers, researchers, and other parties interested in the analysis of large volumes of traffic to showcase the next generation of flow-based analysis techniques.
Federal Intel Summit (, Jan 1, 1970) The Potomac Officers Club is proud to host the 2014 Federal Intel Summit featuring Congressman Mike Rogers and leadership from across the Federal Agencies focused on protecting our national interests.
cybergamut Tech Tuesday: Malware Reverse Engineering — An Introduction to the Tools, Workflows, and Tricks of the Trade to Attack Sophisticated Malware (, Jan 1, 1970) Reverse engineering malware can be an integral part of every security team's calculus. This session provides a technical review of the tools, workflows, and advanced analytic insight a senior reverse engineer brings to the fight. It will help demystify the process and illustrate the value-proposition associated with deep analytics of malware. Moreover, understanding the detail available through reverse engineering gives the security professional deeper insight into the tactics and techniques the attackers use to circumvent their defensive solutions. The session empowers cyber security professionals at every level to make better-informed judgments on how to improve their response and remediation protocols.
Federal Mobile Computing Summit (, Jan 1, 1970) The Federal Mobile Computing Summit: Digital Government Strategy II will feature government leaders who played an instrumental role in the development of the DGS and worked on the resulting deliverables. These IT thought leaders will examine the mobile landscape over the next 18 months — and beyond.
"Cyber Threat Landscape": How the FBI is counteracting the current threats (, Jan 1, 1970) Donald J. Good, FBI Section Chief Cyber Operations and Outreach Section, will offer first-hand awareness of how the FBI works with other government agencies and the private sector to counteract the current cyber threat scenario.
Cybertech — Cyber Security Conference and Exhibition (Tel Aviv, Israel, Jan 27 - 29, 2014) Cybertech Israel, the first event of its kind, will present world-leading companies in the field of cyber defense alongside young companies that offer unique solutions to advance the discipline of cyber security. The conference will focus on commercial problem-solving strategies and solutions for cyber infrastructure experts across multiple sectors: energy, utilities, finance, defense, R&D, manufacturing, service sectors, health, government, telecommunications, transportation and more.
2014 Cybersecurity Innovation Forum (Baltimore, Maryland, USA, Jan 28 - 30, 2014) The 2014 Cybersecurity Innovation Forum (CIF) is a three-day event, sponsored by the National Cybersecurity Center of Excellence (NCCoE) with DHS, NIST, and NSA as primary participating organizations. The CIF will cover the existing threat landscape and provide presentations and keynotes on current and emerging practices, technologies and standards. The 2014 CIF will provide action-oriented outputs to fuel voluntary principle-driven consensus-based standards efforts, create opportunities for industry growth and drive research activities, and define use cases for subsequent exploration, which in turn will feed back into the subsequent CIF's, continually evolving the state of the art.