The CyberWire Daily Briefing 11.12.14
Reports of hacktivism, cyber-rioting, and state-sponsored attacks on NGOs surface across the Old World from Spain to Israel to China.
State-versus-state cyberspace tensions between the US and China rise even as a Sino-American summit reaches agreement on other issues. The recent hack of the US Postal Service is generally attributed to China, and as observers talk (a bit over-heatedly) of "cyber war," the US darkly promises a response (but that response is likelier lawfare than warfare).
And, not to forget Russo-American cyber tensions, US observers continue to digest reports of BlackEnergy.
DarkHotel (which Kaspersky very tentatively suggests may be a South Korean operation) raises, in a new way, old concerns about hotel Wi-Fi services. (Similar concerns surface in scrutiny of the proposed acquisition of the Waldorf by Chinese interests, likely to provide a useful case study of cyber regulation and due diligence in M&A activity.)
Researchers window-shop the black market's bargain basement, and note that the keyloggers and point-of-sale badness on offer therein poses a particular risk of targeted attack against small businesses.
Other researchers see a chance for you to become — legally, sez they — your own NSA, GCHQ, FBI, BND, etc. with easily used tools. (The CyberWire's local heritage of privateering and national heritage of frontier justice aside, such enthusiasm makes us uneasy.)
Yesterday's Patch Tuesday excites considerable interest, as some of the vulnerabilities addressed are old, dangerous, and readily exploitable.
Wall Street looks at cyber and (for now) likes what it sees.
Germany's BND discloses large cyber ambitions.
Today's issue includes events affecting Australia, Belgium, Canada, China, European Union, Germany, India, Iran, Israel, Japan, Democratic Peoples Republic of Korea, Republic of Korea, Netherlands, New Zealand, Palestinian Territories, Russia, South Africa, Spain, Ukraine, United Kingdom, and United States.
Cyber Attacks, Threats, and Vulnerabilities
AnonGhost Hacks United Nation Website Amid Al-Aqsa Mosque Tensions (HackRead) The famous online pro-Palestinian hacktivist "AnonGhost" has hacked and defaced the official website of United Nations (UN) earlier today against the Israeli invasion of Al-Aqsa Mosque in East Jerusalem
Catalonia 'suffered cyber attack in independence vote' (AFP via ahramonline) Catalan authorities suffered a massive cyberattack while the region was voting in an independence ballot outlawed by Madrid, their leader said on Tuesday
Massive cyber-attacks on human rights website (News Weekly) One of the world's leading human rights groups, Human Rights Without Frontiers (HRWF), has reported that it has been subject to "repeated and sophisticated" cyber-attacks on its web site. The group has traced the attacks back to Russia and China, which have been the subject of repeated criticism over human rights violations
US Postal Service breached, employee and customer data stolen (Naked Security) The United States Postal Service on Monday warned workers that their data had been compromised
Report: China behind Postal Service hack (The Hill) Even as President Obama and Secretary of State John Kerry hold trade talks in Beijing with an emphasis on cybersecurity, the Chinese government is being accused in a Monday report of hacking the U.S. Postal Service (USPS)
BlackEnergy malware threat has some uneasy (Pittsburgh Post-Gazette) A malicious software dubbed BlackEnergy has intrigued and frightened cybersecurity experts, in part because of its intent and in part because of its origin
Cyberattacks On US Government Amount To 'War' (Sky News) Efforts to protect sensitive government data are struggling to keep pace with an increasing number of cyberattacks
US 'won't stand idle' in charging China over cyberattacks (ZDNet) Snowden-disclosure irony aside, the US government is going full throttle in attempts to charge China with cyberespionage
DarkHotel: A Sophisticated New Hacking Attack Targets High-Profile Hotel Guests (Wired) The hotel guest probably never knew what hit him. When he tried to get online using his five-star hotel's WiFi network, he got a pop-up alerting him to a new Adobe software update. When he clicked to accept the download, he got a malicious executable instead
Stuxnet: Zero Victims (SecureList) The identity of the companies targeted by the first known cyber-weapon
Masque Attack: All Your iOS Apps Belong to Us (FireEye Blog) In July 2014, FireEye mobile security researchers have discovered that an iOS app installed using enterprise/ad-hoc provisioning could replace another genuine app installed through the App Store, as long as both apps used the same bundle identifier
Drive-by 'unicorn' 0day beats EMET, burns Windows from 95 to now (Register) Researcher explains why 19 year old Windows bug is especially nasty
Microsoft Schannel Bug Latest in Long Line of Serious Crypto Flaws (Threatpost) The critical vulnerability in the Schannel technology in Windows that Microsoft patched Tuesday is ripe for exploitation, experts say, and continues the long line of severe vulnerabilities in major SSL/TLS implementations in recent months
How bad is the SCHANNEL vulnerability (CVE-2014-6321) patched in MS14-066? (Internet Storm Center) We had a number of users suggesting that we should have labeled MS14-066 as "Patch Now" instead of just critical. This particular vulnerability probably has the largest potential impact among all of the vulnerabilities patched this Tuesday, and should be considered the first patch to apply, in particular on servers
G DATA: Fresh RAT 'COMpfun' Employs New Persistence Mechanism (Spamfighter) Security experts of security firm G DATA have recognized a fresh RAT (Remote Administration Tool) which uses a novel persistence mechanism which has never been used before. Security experts also analysed and found that it is known as COMpfun and named after (4char-random) value of the malware called "pfun"
BrowserStack hacked, but it's not shutting down (Help Net Security) BrowserStack, the popular cross browser testing service used by over 25,000 customers around the world, including Microsoft, eBay, Adobe, Wikipedia and many others, has suffered a breach but is not shutting down
POS (Point of Sale) Malware Revisited (Cyphort) In the past six months the retail industry has experienced a row of data breaches of shocking dimensions. Industry giants like Target, Home Depot and UPS have lost millions of financial card data records to committed cyber criminals. Now questions arise: how this many cards could have been compromised, what are the capabilities of the malicious tools used in the hacks and how retailers can create a secure environment around their most valuable data assets?
Small-to-Midsized Businesses Targeted In More Invasive Cyberattacks (Dark Reading) How notorious remote access tools Predator Pain and Limitless have evolved into bargain-basement tools accessible to masses of cybercriminals
Organized cyber crooks plunder SMBs with simple, cheap keyloggers (Help Net Security) The popularity and pervasiveness of Zeus/Zbot has made it almost a synonym for banking malware, but there are unfortunately many more types of malicious software that allow attackers to steal money from their victims. Some of these, in the "right" hands, can bring in an astounding amount of money
Abusing Samsung KNOX to remotely install a malicious application: story of a half patched vulnerability (Quarkslab's Blog) We explain a vulnerability found when the Samsung Galaxy S5 was released and patched recently by Samsung. It allows a remote attacker to install an arbitrary application by using an unsecure update mechanism implemented in the UniversalMDMClient application related to the Samsung KNOX security solution. The vulnerability has been patched on the Samsung Galaxy S5 but also Note 4 and Alpha. Yet the Samsung Galaxy S4, Note3 and Ace 4 (and possibly others) are still vulnerable
Ungoverned Service Accounts With Privileged Access Leave Door Open for Hackers (Marketwired) Courion findings reveal many organizations underestimate their access risk due to service accounts with default password settings
Atlantic Philanthropies Is the Latest Nonprofit Subject to Email 'Phishing' Attacks (Chronicle of Philanthropy) Even if they had never heard of Christopher Oechsli, a lot of people who read what landed in their inboxes on October 29 had every reason to believe he was a pretty generous guy
October 2014 Cyber Attacks Statistics (Hackmageddon) Here we are with the statistics extracted from the October cyber attacks timelines
Security Patches, Mitigations, and Software Updates
Microsoft Security Bulletin Summary for November 2014 (Microsoft Security TechCenter) This bulletin summary lists security bulletins released for November 2014
Assessing Risk for the November 2014 Security Updates (Microsoft Security Research and Defense Blog) Today we released fourteen security bulletins addressing 33 unique CVE's. Four bulletins have a maximum severity rating of Critical, eight have a maximum severity rating of Important, and two have a maximum severity rating of Moderate. This table is designed to help you prioritize the deployment of updates appropriately for your environment
Microsoft updates EMET anti-hack tool (ZDNet) A new version of the Enhanced Mitigation Experience Toolkit mostly improves compatibility with applications software, and specifically with Java and Chrome
Firefox Now Has Increased Privacy Control With "Forget" Button and Anonymous Search (Slate) We've all been there: spending two hours reading up on on the life and times of Michael Jackson or watching YouTube clips of every talk show interview Benedict Cumberbatch has ever done. But if you want to pretend that your most recent excursion down the Internet rabbit hole never happened, then Firefox version 33.1 may be your new favorite browser
Security updates available for Adobe Flash Player (Adobe Security Bulletin) Adobe has released security updates for Adobe Flash Player for Windows, Macintosh and Linux. These updates address vulnerabilities that could potentially allow an attacker to take control of the affected system. Adobe recommends users update their product installations to the latest versions
Stable Channel Update (Google Chrome Team) The stable channel has been updated to 38.0.2125.122 for Windows, Mac and Linux. This release contains an update for Adobe Flash as well as a number of other fixes. A full list of changes is available in the log
Rights groups, NGOs struggle against malware attacks (IDG via CSO) A multi-year study of cyberattacks against 10 activist and human rights groups shows they're hit with the same types of intrusions as large organizations but have far fewer resources to defend themselves
Targeted Attacks: Not just for "too big to fail" any more (Trend Micro: Simply Security) Think for a minute about "targeted attacks." When you think about them, who do you see as the targets of these kinds of attacks?
Cyber Ground Truth (Trend Micro: Simply Security) Ground Truth is a military term that describes the reality of a tactical situation — as opposed to intelligence reports and mission plans
Avoiding the Dark Security Future (Threatpost) Nick Percoco has been thinking a lot about the future of technology, and some of the things he's dreamed up aren't very pretty: farms of people renting out their spare brain cycles, autonomous cars that freak out and careen into oncoming traffic and hacking groups hijacking users' augmented reality gear and demanding ransoms to unlock them
The fool within bigger threat than the enemy outside (Techday) With mobile security incidents on the rise, the greatest threat to information security comes from within companies, Kiwi IT professionals say. And 2015 is shaping up to be a risky year
Data breaches "inevitable" and regular changes to cybersecurity measures essential, survey finds (CSO) Nuix, a technology company that enables people to make fact-based decisions from unstructured data, has published a survey of corporate information security practitioners, conducted by Ari Kaplan Advisors
AVG finds seven in ten teenagers don't know everyone they've befriended on social networks (IT Pro Portal) Security firm AVG has published a new report looking at online privacy which shows the considerable amount of regret admitted by some teenagers when it comes to things they have posted online — and the fact that seven in ten teens don't know everyone they have befriended on social media
Don't Have Social Media Regret — Keep Conversations Private (Trend Micro: Simply Security) Have you ever engaged in a conversation on social media you thought was private, only to find out everyone could see it? You're not the only one. According to a recent Trend Micro privacy poll of social media users — 1 in 5 people have posted something they later regretted
Many IT pros store compromising material on their mobile phones (Help Net Security) It appears that Jennifer Lawrence is not the only one with risquÉ photos on her mobile device. According to a new survey from ESET, 39 percent of the UK's leading IT professionals have also confessed that if they were to lose their phone, some of the photos and information they have stored on the device could compromise them
Cyber Security Assessment Netherlands 4 (National Cyber Security Centre, Netherlands Ministry of Security and Justice) Cybercrime and digital espionage remain the biggest threat in the area of cyber security. The potential impact of cyber attacks and disruptions will only increase, due to rapid digitization. Another notable finding is the lack of so-called IT Durability
Cybercrime costs South Africa about R5.8 billion a year (htxt.africa) "Cybercrime is a global problem, and it is the country costing hundreds of millions of rand annually. What needs to happen, is that organisation urgently need to collaborate with private entities and the public on cyber threat initiatives," said Wolfpack Information Risk's Craig Rosewarne at the Cybercon Africa conference taking place in Johannesburg today
NIST Framework as Basis for Standard of Care for Cyber Security (JD Supra) When the National Institute of Standards and Technology ("NIST") released its Cybersecurity Framework for Improving Critical Infrastructure Cybersecurity (the "Framework"), (a priority program for the federal Department of Homeland Security), the National Protection and Programs Directorate ("NPPD") became the working session between the government and the private insurance industry to discuss the impact of the NIST Framework on the cyber-insurance marketplace
The false security of anti-virus software (Communities Digital News) Soon, most insurance companies will offer cyber breach coverage. When breaches occur, and the insurance company doesn't pay a claim (and we know insurers don't want to pay claims and they will fight to avoid doing so), the insurance company attorneys are going to have their hands full defending claims
Network security assessment should play part in M&A process (TechTarget) Mergers and acquisitions present opportunities for attackers interested in valuable data, but experts say most enterprises fail to perform a network security assessment before proceeding with a deal
Waldorf sale to Chinese risks US review over spying concerns (New Zealand Herald) For years, high-profile guests at New York City's landmark Waldorf Astoria hotel could be assured their private conversations wouldn't be overheard by anyone — except, perhaps, by US spies
Banks play down cyber attack levels (ComputerWeekly) Banks are under-reporting cyber fraud because they don't want to scare customers, a parliamentary committee has been told.A University of Cambridge researcher told a Treasury select committee that the amount of money being taken from people's accounts through cyber crime is twice as much as what is reported
Internet Security Alliance to launch European spinoff (SC Magazine) A European version of the Internet Security Alliance think-tank will launch next spring
Macquarie Bullish On Cybersecurity Firms (Benzinga) Macquarie initiated coverage on several security software companies Tuesday and expressed that the "relevancy of cyber security has never been greater"
Infonetics: Growth spike expected in virtual security appliance market, driven by SDN and NFV (Marketwired) Market research firm Infonetics Research released excerpts from its latest Data Center Security Products report, which tracks data center security appliances and virtual security appliances
JPMorgan Adds FireEye To Focus List, Demotes Akamai (Barron's) As noted earlier, FireEye (FEYE) is rallying today, up more than 5% in afternoon trading, on news that JPMorgan added the stock to its Focus list
Four Picks in Security, Infrastructure Software (Barron's) Barracuda Networks, Imperva, Palo Alto Networks and VMware have more upside
Palo Alto Networks Inc: Best Stock in the Network Security Sector? (Motley Fool) Palo Alto Networks (NYSE: PANW) is one of the most interesting names in the tech sector, but the decision over buying or selling the stock isn't as easy as you might think. Investors often buy or sell stocks based on their relative valuation within their peer group, but with the network security sector it isn't quite so easy. Why is this so? Furthermore, is Palo Alto Networks a buy or sell?
FishNet CEO: Accuvant Merger About Growth, Not Layoffs (CRN) FishNet Security and Accuvant are not looking to lay off employees as part of their merger, according to FishNet CEO Rich Fennessy
Tor-based Anonabox router revises troubled history as it resurfaces on Indiegogo (PCWorld via CSO) Anonabox, a portable router that claims to hide your online tracks, is taking another stab at crowdfunding after getting booted from Kickstarter last month. The Tor-based device has resurfaced on Indiegogo, where it has already surpassed its $13,370 funding goal
Startup Spotlight: Security-as-a-Service Bitglass (eSecurity Planet) While most cloud security startups focus on securing cloud infrastructure, Bitglass protects data traveling between corporate networks and SaaS applications
Trend Micro on the hunt for valuable partners (MicroScope) One of the current themes of the market has to be around the topic of partner programmes and more general discussions about relationships between vendors and their distributors and resellers
Cyber-Security Salaries on the Up as Shortages Bite (Infosecurity Magazine) IT security salaries are on the rise thanks to a double whammy of increased cross-sector demand and continued skills shortages in key areas, according to recruitment consultancy Morgan McKinley
Products, Services, and Solutions
NICE Wins Hot Product Award for Public Safety Screen Logging Solution (PRNewswire) NICE is recognized for its product innovation for the third time by Public Safety Communications Magazine
Alert Logic Introduces First Fully Managed Suite of Cloud Security Products (bobs guide) Alert Logic, the leading provider of Security-as-a-Service for the cloud, today announced availability of Alert Logic Cloud Defender, a new, fully managed cloud-based security and compliance suite that offers the functionality of a managed Security Information and Event Management (SIEM) solution without the cost and complexity of a traditional, on-premises, in-house SIEM
Windows Notepad With Added Encryption Keeps Your Thoughts Safe (Gizmo's Freeware) Secure Edit is a simple Windows notepad program with a difference. It encrypts your text files, using the well-known Blowfish algorithm, which means that someone without the password can't read them. This makes it useful for keeping private notes on your computer, and it's also handy for storing passwords
Wombat Releases Security Education Platform (eWeek) The platform includes auto-enrollment in training modules, which helps ensure that users most susceptible to attack are being trained first
LockPath Introduces Keylight 4.1 (Marketwired) LockPath, a leader in innovative governance, risk, compliance (GRC) and information security (InfoSec) solutions, today introduced Keylight™ 4.1, the newest version of its award-winning platform. Keylight 4.1 includes some of the industry's fastest, most sophisticated and innovative data integration and reporting solutions to date
IBM unveils intelligent cloud security (IT-Online) IBM has announced it has built the industry's first intelligent security portfolio for protecting people, data and applications in the cloud
Cybersecurity: Turning the Tide on Hackers with Dispersive Technologies (Forbes) With the recent cyberattacks at The Home Depot HD +0.52%, Target TGT +2.1%, JPMorgan Chase JPM +0.75%, and now Kmart (division of Sears), one has to wonder whether the hackers have the edge in this ongoing cyberwar. Newsflash: in many ways, they do. Every day that goes by makes it easier and less expensive for bad guys to mount attacks that only a few years ago were prohibitively expensive
CactusVPN — Your Gateway to Perfect Anonymity in World Wide Web (HackRead) Here is our brief review of CactusVPN, one of the leading VPN tunneling solutions in World Wide Web
Webfwlog 1.01 — Web-Based Firewall Log Analysis and Reporting (Kitploit) Webfwlog is a flexible web-based firewall log analyzer and reporting tool. It supports standard system logs for linux, FreeBSD, OpenBSD, NetBSD, Solaris, Irix, OS X, etc. as well as Windows XP®
virustotal += Detailed ELF information (VirusTotal) In computing, the Executable and Linkable Format (ELF, formerly called Extensible Linking Format) is a common standard file format for executables, object code, shared libraries, and core dumps. It was chosen as the standard binary file format for Unix and Unix-like systems [Wikipedia]
Technologies, Techniques, and Standards
Tracking Isis, stalking the CIA: how anyone can be big brother online (Guardian) There are a startling number of legal and free tools that let anyone set up NSA-esque operations — or just infiltrate the neighbour's webcam
Anonymise, encrypt, control access and assess risk — a security pro's four-point security checklist for big data (Computing) Big data presents huge opportunity for organisations, but securely storing that data can be a challenge for organisations that may know that they have an obligation to customers and clients to keep their data safe and protected from a data breach, but may not know exactly what steps they should be taking
Securing The Cloud: Why You Need Cast-Iron Guarantees (CIO) Whether you're a CIO or an executive in a non-technical role, you owe it to yourself to be aware of cloud computing issues — particularly data security
3 IT practices that add risk to the cloud (InformationWeek) Poor governance, sloppy data handling, and IAM missteps all increase cloud risk
New Research: Know Your Adversary (Computerworld) Getting a grip on adversary research
How Enterprises Can Get The Most From Threat Intelligence (Dark Reading) Understanding the threats faced by your organization can improve your defenses. Here are some tips for choosing tools and services — and maximizing their impact
Sharing threat information before, during, and after a cyber-attack (Phys.org) Time is not your friend when your information systems are under cyber attack, but sharing threat information before, during, and after an attack with a trusted group of peers can help. Not only does it alert the other members of your community to a potential attack, it can provide critical actionable information to speed and bolster your own defenses. Participating in a formal information sharing group can greatly enhance an organization's cybersecurity capabilities
Vigilance and the Enterprise of Things (Help Net Security) Most enterprises allow BYOD in their environment, with varying levels of supervision. Typically, these are tablets and smartphones but the number of other Internet of Things devices being brought into the enterprise is on the rise. I like to refer to this as the Enterprise of Things
Q&A: ForgeRock on Identification Management in the age of the Internet of Things (Business Review Europe) As the Internet of Things rapidly moves from concept to hardened reality, businesses are ever having to balance the need to offer a seamless online experience across multiple platforms for their customers with a tight grip on security and potential cyber offences
The 7 deadly sins of startup security (CSO) The shift in mindset about security for startups is even more critical in this ever changing risk landscape
DJ Forensics: Analysis of Sound Mixer Artifacts (Ghetto Forensics) In many forensics examinations, including those of civil and criminal nature, there is an art to finding remnants of previously installed applications. Fearing detection, or assuming that an examination is forthcoming, many suspects attempt to remove unauthorized or suspicious applications from a system. Such attempts are usually unsuccessful and result only in additional hours of processing for forensics. But even with a clean uninstall there are traces left within the Windows registry that note such a program was installed
8 criteria to decide which ISO 27001 policies and procedures to write (Help Net Security) If you're just starting to implement ISO 27001 in your company, you're probably in a dilemma as to how many documents you need to have, and whether to write certain policies and procedures or not
To keep IT companies coming to Wales we need to produce more skilled workers (Wales Online) Matt Southall says the IT sector in Wales will stagnate unless business and education work together to create a conveyor belt of skilled workers
Cybersecurity skills need boost in computer science degrees (Times Higher Education) University computer science courses are failing to make clear the need to develop skills in cybersecurity, leaving the UK with a shortage of experts
Northrop Grumman Supports Australia's Cyber Future; Sponsors University of New South Wales, Canberra/Australian Defence Force Academy (Nasdaq) Northrop Grumman Corporation (NYSE:NOC) in partnership with the University of New South Wales (UNSW), Canberra/Australian Defence Force Academy (ADFA) is providing a AU$35,000 grant to the Australian Centre for Cyber Security (ACCS) to promote cyber advancements for Australia's future
University of Houston preparing cybersecurity workers (MyFox Houston) With breaches in data on the rise, cybersecurity is a growing concern. The University of Houston (UH) has been awarded a $1.5 million CyberCorps grant from the National Science Foundation (NSF) to train students in this increasingly important area of national security
Legislation, Policy, and Regulation
Aufrüsten für den Cyberkampf (Süddeutsche Zeitung) Der Bundesnachrichtendienst will auch geschützte Internet-Verbindungen besser überwachen - und dafür insgesamt 300 Millionen Euro ausgeben. Auch soziale Netzwerke will der Geheimdienst intensiver ausspähen. Angeblich aber nicht in Deutschland
Germany plans early-warning defence against cyber attacks (Financial Times) Germany is to develop a new cyber security "early-warning" system to detect impending foreign-based internet attacks before they are launched
German spies want millions of Euros to buy zero-day code holes (Register) Because once we own them, nobody else can … oh, wait
Israel's Building An Electronic 'Iron Dome' For Stopping Cyber Attacks (Times of Israel via Business Insider) When Hamas rained rockets on Israel in 2012 and again in 2014, the country was able to prevent widespread casualties and damage by activating the Iron Dome system, which intercepted and destroyed rockets fired at Israeli population centers and industrial areas
Cybersecurity? Nothing to do with us, mate — Google and Facebook (Register) Industry lobby group begs EU to ditch new cyber law
Demonizing Strong Encryption: Welcome To The Crypto Wars 2.0 (TechDirt) From the paedophiles,-murderers-and-terrorists dept: Recently Techdirt wrote about the extraordinary tirade by the new GCHQ boss, Robert Hannigan, which boiled down to: "however much we spy and censor online today, it's still not enough." It was so full of wrong-headed and dangerous ideas that it was hard to capture it all in one post. Here's one thing we didn't have room for last time
Former NSA chief: Congress must pass cyber laws to protect energy, finance (Fuel Fix) The United States can only thwart China's economic espionage if lawmakers require intelligence agencies to share their secrets about the world's most dangerous malware tools — and how to stop them — with the private sector, a former National Security Agency director said Tuesday
Lame ducks face the cyber threat (C4ISR & Networks) All the political strategists, lobbyists and media are extremely busy now that the mid-term election is behind us. One of their many efforts is to figure out just what the so-called lame-duck president's focus and agenda will be for the remainder of his term; however, that needs to be put into context with the agenda of the Republican Congress. There are several indications are that one area that will intensify is the passage of cyber security/information-sharing measures in the time that remains in lame-duck session
Why the Regulatory Focus on Cybersecurity? (FTSE Global Markets) Two separate, but related, forces are causing financial regulators to up the ante on cybersecurity
Retail Trade Groups Want Fair Data Breach Reporting Rules (Threatpost) The National Retail Federation and dozens of other related groups cosigned a letter [PDF] to top congressional leaders last week pleading that they consider the passage of a federal law imposing uniform data breach notification rules that are equally applicable to every organization that handles sensitive user information
Aetna CISO: Mandate protection of health data by risk, not regulation (FierceHealthIT) Healthcare companies increasingly are being targeted by cybercriminals, and as threats to consumers' private health information grow, the industry must do more to prevent breaches
HealthCare.gov Gets Cybersecurity Upgrades (AP via WKRG News 5) Officials say HealthCare.gov has gotten cybersecurity upgrades ahead of a Nov. 15 start for the second open enrollment season under President Barack Obama's health care law
Senior intel officer removed after controversial comments on China (Navy Times) A senior Navy intelligence leader whose provocative comments this year about Chinese bellicosity stirred an international controversy has been shelved in the wake of an investigation into his conduct, Navy Times has learned
Litigation, Investigation, and Law Enforcement
Did the government hack a CBS journalist? Maybe. [Updated] (Ars Technica) Sharyl Attkisson claims to have evidence, but she isn't sharing it all
Dark Net hackers steal seized site back from the FBI (Daily Dot) There's a tug of war at play on the Dark Net
Silkroad 2.0 Operation Onymous Tor takedowns not so shocking (V3) Law enforcement agencies' recent takedown operation against dark web service are not a sign the Tor network is fundamentally insecure, or broken, according to experts from the security community
Operation Onymous: 17-nation bust takes out over 400 "hidden services" (Naked Security) It turns out that last week's bust of Silk Road 2.0's kingpin was just a hint at what was coming: namely, a multinational crackdown on dark-market sites hidden away on the Tor network
Are fingerprints PINs or physical artifacts? (Computerworld via CSO) A judge's ruling that a person can be forced to open his phone with his fingerprint ignores the fact that the fingerprint scan is just a substitute PIN, which can't be required by law enforcement
Paedophile caught after targeted girl's father impersonates her on Facebook (Naked Security) A paedophile was on bail waiting to be sentenced for a string of sex offences when he contacted what he thought was a 10-year-old girl, telling her she was "gorgeous" and that she should come to his home for "cuddles"
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
The affect of cybersecurity on humans (Albuquerque, New Mexico, USA, Nov 14, 2014) Most people would agree that technology is fascinating and has changed our lives in countless ways. But but how is it affecting us as humans and what are the issues surrounding the rapid advance in technology, especially when it comes to cybersecurity
Israel HLS 2014 (Tel Aviv, Israel, Nov 9 - 12, 2014) The third International Conference on Homeland Security will bring together government officials, public authorities, and HLS industry leaders from around the world to share their knowledge and experience. They will participate in high-level discussions on securing the safety of citizens and protecting critical infrastructure and property, and explore Israel's advanced HLS technologies and systems.
i-Society 2014 (London, England, UK, Nov 10 - 12, 2014) i-Society 2014 is a global knowledge-enriched collaborative effort that has its roots from both academia and industry. The conference covers a wide spectrum of topics that relate to information society, which includes technical and non-technical research areas.
Seattle SecureWorld (Seattle, Washington, USA, Nov 12 - 13, 2014) Offering two days of cyber security education. Earn 12-16 CPE credits, network with industry peers, and take advantage of more than sixty educational events. Over the past decade SecureWorld has emerged as one of North America's most vital cyber-security conference, providing globally relevant education, training and networking for cyber-security professionals on a regional level. SecureWorld provides more content and facilitates more professional connections than any other event in the cyber-security industry. Established in 2002, SecureWorld offers many different continuing professional education sessions over two days in 14 cities throughout the United States.
AVAR 2014 (, Jan 1, 1970) The 17th Association of anti-Virus Asia Researchers International Conference: Security Down Under. Topics will include case studies of targeted attacks, real-life attack demonstrations, web-inject attacks/code insertion attacks, man-in-the-browser attacks, targeted advanced persistent threats, dedicated advanced evasion techniques, and mitigations to all of these. The conference will also take up identification and investigation of targeted threats, how to spot targeted attacks in collections, COINTEL (counter intelligence) on determined adversaries (e.g, detecting the attacker, running honeypots, etc.), mobile malware, and security policies.
THREADS Conference 2014 (Brooklyn, New York, USA, Nov 13, 2014) A 2-day conference exploring state-of-the-art advances in security automation. We will present new research and innovations on integrating security into modern software development and operations, focusing on automation, integration, detection, and response time. Our goal is to make security a fundamental part of development and operations — without turning it into a roadblock
ZeroNights 2014 (Moscow, Russia, Nov 13 - 14, 2014) ZeroNights is an international conference dedicated to the practical side of information security. It will show new attack methods and threats, showcase new possibilities of attack and defense, and suggest out-of-the-box security solutions. ZeroNights gathers experts, infosecurity practitioners, analysts, and hackers from all over the world
Cyber Security Awareness Week Conference (New York, New York, USA, Nov 13 - 15, 2014) Get ready for CSAW: the largest student-run cyber security event in the nation, with a research conference that attracts some of the biggest names in the industry, and a career fair with an impressive list of corporate partners. It's a weekend of competitions, keynote talks and cyber security events, designed to prepare best-performing students with the skills and knowledge to shape the future of the industry
Ground Zero Summit, India (New Dehli, India, Nov 13 - 16, 2014) Ground Zero Summit (GOS) 2014 in its second year promises to be Asia's largest Information Security gathering and proposes to be the ultimate platform for showcasing researches and sharing knowledge in the field of cyber security. GOS rationale: The increasing volume and complexity of cyber threats - including phishing scams, data theft, and online vulnerabilities, demand that we remain vigilant about securing our systems and information. Enterprises and governments worldwide are grappling the grim reality of data and critical systems being exploited. This summits aims at addressing these new forms of cyber attack and formulate solutions
Cyber Threats to Critical Infrastructure: A Discussion of Challenges, Responses and Next Steps (Herndon, Virginia, USA, Nov 18, 2014) The vulnerability of the nation's critical infrastructure to cyber attack or disruption, whether from nation-states, non-state actors, hackers or disgruntled insiders, is of increasing concern to both the government and the private sector. INSA's Homeland Security Intelligence Council and Cyber Council are bringing together a panel of nationally-recognized experts to respond to a fictional scenario involving a cyber attack on critical infrastructure in the energy sector
Deepsec 2014 (Vienna, Austria, Nov 18 - 21, 2014) DeepSec is an annual European two-day in-depth conference on computer, network, and application security. This is a non-product, non-vendor-biased conference event. Our aim is to present the best research and experience from the fields' leading experts.
BugCON (Mexico City, Mexico, Nov 19, 2014) BugCON Security Conference is hardcore technical conference focused on the technical side of the security. Running since 2008 BugCON is the oldest forum where researchers, students and professionals shows their latest research and projects
Navy Now Forum: Admiral Rogers (Washington, DC, USA, Nov 19, 2014) Leaders from the Navy will present new initiatives in-depth, providing the audience with a thorough knowledge of the Navy's future plans. During the luncheon, military personnel and industry leadership will provide feedback on these initiatives to help chart the Navy's direction. This luncheon will feature NSA Director Admiral Michael Rogers
International Cyber Warfare and Security Conference (Ankara, Turkey, Nov 19 - 20, 2014) In-depth discussions will cover: new emerging threats and challenges on cyber warfare, the policy of leading cyber nations in cyber warfare and security, legal aspects of cyber warfare, industrial perspective in cyber warfare and security, new trends, new developments, technologies and solutions, and the next generation of cyber attacks—mapping the future threat environment.
EDSC 2014 (Seattle, Washington, USA, Nov 20 - 21, 2014) EDSC is a security conference focusing on embedded systems, hardware, and anything behind the silicon curtain. Embedded testing is a rapidly expanding area of the security industry staying current is important for engineers, researchers, and testers alike. EDSC will bring the top thought leaders in the embedded security field together for two days to share knowledge, techniques, and research.
Cyber Security World Conference 2014 (New York, New York, USA, Nov 21, 2014) Welcome to Cyber Security World Conference 2014 where renowned information security authorities and innovative service providers will bring their latest thinking to hundreds of senior executives focused on protecting today's enterprises. Cyber security experts will discuss topics such as protecting individuals and companies against cyber-attacks, biometrics as the future of security, risks brought by mobile computing, and protecting corporate and national infrastructure against foreign attacks
Ethiopia Banking and ICT Summit (Addis Ababa, Ethiopia, Nov 21, 2014) he one day summit is designed to highlight the key Investment opportunities especially in the Banking & ICT Sectors. As an emerging economic capital for the region, Ethiopia is leading the way in industrial growth, international trade and global integration for sub-Saharan Africa as a whole.
BSidesVienna (Vienna, Austria, Nov 22, 2014) BSidesVienna will open it's doors again in 2014. Be part of it and stay tuned
BSidesToronto (Toronto, Ontario, Canada, Nov 22, 2014) This year the conference is bigger, better, faster and…well, still one day in length but, we have an awesome line up. And no I'm not just paying "lip service"
DefCamp5 (Bucharest, Romania, Nov 25 - 29, 2014) DefCamp is the most important conference on Hacking & Information Security in Central Eastern Europe. The goal is bringing hands-on talks about latest research and practices from the INFOSEC field, gathering under the same roof security specialists, entrepreneurs, academic, private and public sectors