The CyberWire Daily Briefing for 2.3.2014
Much political hacktivism around the world over the weekend. The Syrian Electronic Army defaces PayPal UK and eBay websites, Pakistani hackers count coup with claims of 2000 intrusions into Indian sites, and the Svoboda Party (described by Hack Read as "neo-fascist") vandalizes thirty Ukrainian government and media websites.
Yahoo! works to contain (and claims to have done so successfully) last week's attack on Yahoo Mail.
Telecom companies Orange and Bell Canada sustain separate attacks. The criminals in the Bell Canada incident were apparently after sensitive small business data.
A banking Trojan exploits an Android debugging feature in a novel way by using enabled Developer Option as a backdoor into devices.
Daily Motion is still infected and still serving up fake AV malware.
Russia's English-language customs site is hacked, as are sites belonging to the UK's National Health Service.
Romanian police (with a technical assist from Bitdefender) unpack a seized Reveton/Icepol server.
In industry news, investors are watching cyber security start-ups closely. The usual darlings are mentioned in dispatches, but Israeli companies are also entering the market with some éclat.
The Target breach prompts businesses to reevaluate cyber insurance and disclosure policies.
Google may be selling Motorola to Lenovo, but it's keeping Motorola's patents.
High-ranking GCHQ cyber official Andrew France retires to join security startup Darktrace.
Observers comment on and summarize the forthcoming NIST cyber framework. Experts advise businesses on avoiding drive-by malware attacks and recovering from collateral reputational damage.
Legal observers in the US warn of a rise in "COURTINT."
Notes.
Today's issue includes events affecting Australia, Belgium, Brazil, Canada, France, Germany, India, Israel, Netherlands, Pakistan, Philippines, Romania, Russia, Sweden, Switzerland, Syria, Ukraine, United Kingdom, and United States..
Cyber Attacks, Threats, and Vulnerabilities
eBay and PayPal UK domains hacked by Syrian Electronic Army (ZDNet) In its ongoing firestorm of breaches and defacements, the Syrian Electronic Army penetrated websites belonging to PayPal UK and eBay and provided visual examples on its Twitter feed
Cyber warfare: Pakistani hackers claim defacing over 2,000 Indian websites (Express Tribune) Pakistani hackers have claimed responsibility for hacking over 2,000 Indian websites on the country's Republic Day, confirming reports published by the Indian media earlier this week
30 Ukrainian government and media websites defaced by neo-fascist Svoboda party (Hack Read) Hacktivists from Ukrainian neo-fascist 'Svoboda' party hacked and defaced more than 30 Ukrainian government and media websites. Hackers have left a deface page along with a statement on all hacked websites that 'Svoboda' is ready to seize power in Ukraine and that they are the only real political force in the country. We are ready
Yahoo Mail accounts compromised in coordinated attack (Help Net Security) Unknown attackers have attempted to access a number of Yahoo Mail accounts, the company warned on Thursday, and urged users to change their passwords even if they haven't been affected.
Yahoo thwarts web mail cyber attack (ITPro) Internet giant claims to have prevented hackers from gaining access to users' Yahoo Mail accounts
Reactions to the Yahoo Mail hack (Help Net Security) Unknown attackers have attempted to access a number of Yahoo Mail accounts and urged users to change their passwords even if they haven't been affected. Here are some of the comments we received
Cybercriminals release new Web based keylogging system, rely on penetration pricing to gain market share (Webroot Threat Blog) In need of a fresh example of penetration pricing, within the cybercrime ecosystem, used by a cybercrime-friendly vendor in an attempt to quickly gain as much market share as possible in the over-supplied market segment for keylogging-specific systems? We're about to give you a very fresh one
Kaspersky issues data theft warning (ihotdesk) Experts at the Kaspersky cyber security firm have issued a new warning about data theft. The company claims to have seen a spike in the number of loan offers sent through spam email messages in recent months and has posted a new guidance document on the subject
PoC mobile malware records swipes on touch screen smartphones (Help Net Security) A security researcher has developed proof-of-concept malware capable of capturing screenshots and finger swipes on mobile devices, and is set to demonstrate his creation at the RSA Conference
Researchers uncover months-old POS malware botnet (Help Net Security) With the Target and Neiman Marcus breach being all over the news in the last few weeks, the topic of malware that collects card data directly from Point-of-Sale devices has received renewed interest
Android banking malware with a twist in the delivery (Naked Security) Here's an intriguing tale of an Android malware curveball spotted recently in SophosLabs. You're expecting the pitch to come at you in a predictable direction, but a hidden twist in the action brings the onslaught from another angle altogether
Orange: Hackers nab data from 800,000 clients (The Local (French edition)) Telecom giant Orange revealed on Monday that the names, addresses and phone numbers of hundreds of thousands of French customers have been pilfered in a mammoth data breach. Find out how the hackers could cause headaches for those affected
Cyber-attack on Bell supplier highlights rising hacker threat (The Globe and Mail) Bell Canada is the latest big-name company to become ensnared in a hacking incident after announcing that a cyberattack on a third-party supplier compromised the confidential account information of more than 22,000 of its small business customers
Belgian professor in cryptography hacked (De Standaard) A new Belgian episode in the NSA scandal: Belgian professor Jean-Jacques Quisquater, internationally renowned expert in data security was the victim of hacking. And, as was the case in the Belgacom hacking affair, there are indications the American secret service NSA and its British counterpart, the GCHQ might be involved
Today's Cyber Attack on Lawfare (Lawfare) Y'all might have noticed: Lawfare was inaccessible, in an on-again, off-again fashion, for a good part of the day. We asked our hosting service, Blue Water Media, to resolve the problem and report back to us
Seized Server Yields Details on Icepol (aka, Reveton) Ransomware Infections (InfoSecurity Magazine) A malware server was seized by the Romanian police in September 2013. Disk images were provided to Romanian security firm BitDefender, and have since been analyzed, giving insights into both the malware it distributed and the method and reach of the malware distribution network
What a fake antivirus attack on a trusted website looks like (Ars Technica) Video shows how drive-by attacks turn healthy paranoia against their victims
PSA: Missed Call From A Mystery Number? Be Careful. (TechCrunch) The people who read our site are a pretty savvy lot. You know not to accept checks from distant princes. You can spot a phisher from a mile away. But here's one that might be new for you: scammers are apparently trying to exploit your "missed call" screen, now
Daily Motion Still Infected, Serving Fake AV Malware (Threatpost) More than three weeks after notifying video-sharing site DailyMotion that it was compromised, security company Invincea reports the popular website is still infected
Kaspersky to Reveal Details of Sophisticated Cyber Espionage Operation "The Mask" (Softpedia) Next week, at the Kaspersky Security Analyst Summit 2014, researchers will present their findings on another highly sophisticated cyber espionage campaign that Kaspersky has dubbed "The Mask"
English Website of Russia's Federal Customs Service Hacked (Softpedia) The official English language website of Russia's Federal Customs Service has been hacked and defaced by members of Team MaXiMiZerS. The attack took place on Saturday
UK National Health Service Hacked, Site Set Up to Serve Malware (Softpedia) The official website of the United Kingdom's National Health Service has been hacked. Malicious code has been planted on hundreds of pages in an effort to redirect visitors to malware sites or advertisements
Hacker steals teacher's direct deposit paycheck: University says too bad so sad (ComputerWorld) No matter how much you love your job, very few people work for free. About 80% of Americans receive their paychecks via direct deposit, but if a hacker manages to reroute your paycheck to his or her account, is that just tough luck and you don't get paid? That's basically what a faculty member at Western Michigan University (WMU) was told
Security Patches, Mitigations, and Software Updates
Boasting Better Encryption, Bug Fixes, OpenSSH 6.5 Released (Threatpost) The OpenBSD Project pushed out a new build on Thursday of the OpenSSH security suite, adding a new private key format, a new transport cipher and fixing 15 bugs in the Secure Shell
Cyber Trends
MasterCard CEO says new safeguards are needed to prevent fraud (MarketWatch: The Tell) MasterCard's CEO says it's critical for the payments industry to adopt safer technologies in the U.S. Without those changes, he added, more data breaches will happen
Security Blown Wide Open: The Alarming Lifecycle Of American SMS Spam (Forbes) Detailed graphics, blowing wide open the alarming way text message (SMS ) spam spreads across the U.S., have prompted chief information officers at telecoms firms to start taking aggressive preventative action
The Many Fields of Digital Forensics and Incident Response (SANS DFIR) As the world of information technology grows in size and complexity, sectors within the IT industry become more and more specialized. Within IT, information security used to be considered niche. Nowadays, saying that your're an infosec professional positions you as somewhat of a generalist. After all, within the infosec field there are several specialization areas, including compliance, pen testing, application security, etc
The Internet of Things is under attack! (Silicon Angle) Most of us enjoy using some kind of Internet of Things device these days — after all, IoT devices run the whole gamut of smaller gadgets, including smartphones, tablets, cars, homes, wearable devices and home appliances that are connected to the Internet, as they make our lives so much easier
BYOD and the Internet of Things bring unique challenges for hospital CIOs (Computer World) There are two trends in healthcare that should give hospital IT professionals pause: BYOD and the Internet of Things. The bring-your-own-device (BYOD) trend is certainly not new, but hospitals are still figuring out how to navigate the security concerns. While BYOD is a trend in the corporate world, too, there are two major differences for hospitals. First, the folks accessing corporate networks are, almost exclusively, employees and they use corporate-owned devices for most of that access. Second, when they do use their own devices, they are mostly reading email, not accessing sensitive data
Sex and Violence: Teens' Risky Online Behavior Increases Cyber-bullying (InfoSecurity Magazine) Most parents worry about their kids' online behavior, especially as news of Facebook suicide campaigns, sexting and other alarming digital phenomena dominate the headlines
Troubling increase in data breaches (Sea Coast Online) Did you know that this past Tuesday was National Data Privacy Day? I hope so, otherwise we could be in for another record year for data breaches. This is not a record to aspire to. Last year, more than 740 million online records were exposed. This is not something we want to see repeated or made worse
Patching times improved in 2013 as vulnerability battle goes on (TechWorld) Report finds improvement but is is enough? Software vendors have improved their response to security flaws in the last 12 months but some still take too long to patch the highest-risk vulnerabilities, figures from Swiss testing firm High-Tech Bridge have suggested
Marketplace
Cyber Security Providers Prepare For New Wars (The Street) The New Year has been auspicious for cyber security companies. FireEye's (FEYE_) agreement to pay nearly $1 billion for Mandiant in early January suggests that M&A activity will remain high in 2014. Companies such as KEYW Holding (KEYW_), Palo Alto Networks (PANW_), Imperva (IMPV_), Proofpoint (PFPT_) and Qualys (QLYS_) have made double-digit percentage gains in share price since FireEye announced the purchase
Slide Show: 20 Security Startups To Watch (Dark Reading) Cloud security, mobile security, advanced behavioral detection and a few other surprises mark this latest crop of newcomers as companies to watch
Watch out Silicon Valley: Israel's cybersecurity start-ups are coming (CSO Salted Hash) When most people think about Israel, topics like Middle East peace talks or touring Holy Land sites usually come to mind. But over the past few years, a powerful transformation has been occurring in focused areas of science and technology in Israel. It's time to take a new look
Private Companies: Risks, Exposures and Insurance (The D&O Diary) In general, and at least in the United States, executives at public companies don't need to be convinced that their companies need to have D&O insurance. That is not always true with officials at private companies. Some officials at some private companies — particularly very closely held private companies — are skeptical that they need the insurance. These individuals believe they will not see any claims that would trigger the insurance
The Target Cyber Breach and Cyber Disclosure Practices (The D&O Diary) In a front-page, above-the-fold article on Saturday, January 18, 2014 — that is, more than a month after Target first learned from the Secret Service that the company had been the subject of a massive cyber security hack — the New York Times reported that the company was vulnerable to the cyber attack because its systems were "astonishingly open — lacking the virtual walls and motion detectors found in secure networks like many banks'"
Tony Smeraglinolo: Engility Targets New Contract Vehicles As DRC Buy Closes (GovConWire) Engility Holdings (NYSE: EGL) has closed its $11.50-per-share acquisition of Dynamics Research Corp. as part of a growth strategy to target markets such as healthcare and homeland security. DRC holds 300 active contracts and that figure includes several positions on indefinite-delivery/indefinite-quality contract vehicles awarded by the Defense Department and civilian agencies, Engility said Friday
This Company Says Its Technology Could Have Detected Snowden's Intrusions (NextGov) Government servants are hardly the best paid employees in the world, even if they are spies. But the older ones do have pensions of the sort most young people could never imagine. So why would a 30-year veteran of Britain's secret service, with a "gold-plated" pension to look forward to, leave his position as deputy director for cyber defense operations at GCHQ (The Government Communications Headquarters, Britain's equivalent to the US's National Security Agency) for a start-up with no history and no security
Brit security startup turns to France for help (The Register) British security startup Darktrace has nabbed Andrew France, the former head of the UK government security snoops at GCHQ, as its chief executive
Kevin Cook Appointed CFO, Mike McConnell to Retire as Vice Chair at Booz Allen (GovConWire) Kevin Cook, senior vice president and corporate controller at Booz Allen Hamilton (NYSE: BAH), has been promoted to chief financial officer and treasurer and will assume those roles on July 1. His appointment is one in a series of executive transitions at the McLean
Alan Kessler: Vormetric Expands Client Base, Security Products Amid Heightened Market Awareness (GovConWire) Vormetric leveraged growing awareness for security-related products to mark 2013 with an increased client base and earnings growth that exceeded market expectations, said Alan Kessler, president and CEO with the data security solutions company
James Peake, Former VA Secretary, Takes Leadership Reins at CGI Federal (GovConWire) James Peake, who served as veterans affairs secretary between December 2007 and January 2009, has become president of CGI Group's (NYSE: GIB) subsidiary for the U.S. federal market — CGI Federal
Christopher Fountain Named Kinnser Software COO; Chris Hester Comments (GovConWire) Christopher Fountain, former CEO and president of Kratos Defense & Security Solutions' (NASDAQ: KTOS) SecureInfo subsidiary, has joined Kinnser Software as chief operating officer
Pwn2Own hack contest puts record $645K on prize table (ComputerWorld) New grand prize of $150,000 requires researchers to deal with Microsoft's EMET anti-exploit toolkit
Google Highlights Value of Patents in Motorola Sale to Lenovo (IEEE Spectrum) Google has exited the smartphone manufacturing business and shored up Android's legal defenses in the smartphone patent wars in a single week. The technology giant sold off Motorola Mobility to Lenovo in a US $12.5-billion deal on Wednesday that allowed it to hold onto most of Motorola's patent portfolio
Brazilian government prioritizes local software (ZDNet) Certification allows local companies to charge up to 18 percent more than foreign firms in public sector contracts
Products, Services, and Solutions
FireEye Scales Threat Protection Management With New Release; Bolsters Email Threat Protection and Operational Readiness (IBN) FireEye, Inc. (Nasdaq:FEYE), the leader in stopping today's advanced cyber attacks, today announced FireEye OS 7.1, a major update to the FireEye OS that offers more scalable management capabilities to the CM series, IPv6 network security support to the NX series, and enhanced email threat analysis capabilities to the EX series. FireEye OS 7.1 will be generally available by the end of February 2014
Dell's Android Dongle Dare (InformationWeek) $129 Cloud Connect, a wireless network card, turns any modern display into a computer; use with Android apps, virtualized PC desktops, and Dell cloud services
Technologies, Techniques, and Standards
NIST's finalized cybersecurity framework receives mixed reviews (CSO) Experts say it has flaws and omissions, but is much better than nothing
What You Need To Know About The Cybersecurity Framework (Information Security Buzz) On February 13, 2014, the National Institute of Standards and Technology (NIST) plans to publish a comprehensive and detailed cybersecurity framework for critical infrastructure sectors. Developed pursuant to a February 2013 executive order issued by President Obama, this cybersecurity framework promises to fundamentally alter how critical infrastructure asset owners and technology suppliers develop, implement and update their cyber risk assessment and protection systems
Fuzzy math: The need for a national cyber breach notification standard (SC Magazine) It is a well-known fact that cyber attacks pose a significant risk to businesses. Most recently, we have seen how the cyber attack on Target resulted in lower sales, higher costs, and a loss of customer trust. In addition, business partners, such as the card issuers and payment processors are also impacted financially by this breach. According to Lloyd's Risk Index Report for 2013, only high taxation and loss of customers ranked higher than cyber security as top concerns faced by global businesses. The key difference between these top two risks and cyber risk is the availability of information
Shouldn't there be a better way to curate global threat intelligence? (TechTarget) Network security expert Michele Chubirka discusses why objective and curated threat intelligence is so difficult to obtain
How Difficult Is Your Maze? How To Be A 'Hard Target' (SecurityWeek) Suddenly, an early 90's Jean Claude Van Damme movie is relevant again, at least due of its name. Every security team that can fog a mirror is asking the question "what just happened at Target, and how do we make sure that doesn't happen to us?". The objective, of course, is to be a "hard target" — that's a great goal for any security practice (although in the real world, it doesn't involve bumping off the bad guy at the end of the movie)
Forensic analysis of the ESE database in Internet Explorer 10 (Forensic Focus) This project started out as a collaboration with the Swedish Tax Agency (SKV) in Gothenburg. Due to time issues, they are not able to acquire images of drives in many of their investigations and are thus forced to gather as much data as possible using live forensics. They presented us with a problem they encounter while doing live forensics on various systems; the browser artifacts are often difficult to acquire due to outdated software or time-frame problems. In early draft versions our project goal was therefore to create a script for EnCase, using EnScript, which would be able to parse web artifacts from the latest versions of the browsers Internet Explorer, Firefox, Chrome, Safari and Opera and present this in an easily-readable format
WhatsApp — discovering timestamps of deleted messages (Forensic Focus) This is a procedure for locating and parsing deleted messages timestamps in Android WhatsApp database
More From Strings (Total Hash) If you have viewed the analysis page for a sample on the #totalhash site you might have seen a section entitled strings. Strings can be a great way to get some more information from a sample in a very quick way without having to resort to dynamic analysis
Identifying and Protecting Sensitive Data (Dark Reading) You already know the story: enterprises need strong security to keep their secrets secret, but data protection is a tough beast to tame. There are countless variables to consider, and different data types require different treatment. Add the constant x factor of human unpredictability and you have a potentially feral pack of valuable data, complexity, and fallibility
Data Security: 4 Questions For Road Warriors (InformationWeek) Traveling with electronic gear containing sensitive data carries a greater security risk today than ever before
Defending against drive-by downloads (Help Net Security) In case you haven't heard the term before, a drive-by download (DbD) is a class of cyber attack where you visit a booby-trapped web site and it automatically, and silently, downloads and executes malicious
How Small Firms Can Overcome A Bad Name (Wall Street Journal) When your company name gets associated with something unpleasant, don't panic
When an Attack isn't an Attack (Internet Storm Center) I think I have seen it referred to as the "X-Files Effect". You just installed a new firewall or IDS, it is still all new and shiny and the logs are still fresh and interesting. Looking at your logs, it starts dawning at you: "They are out there to get me!". While many of these attacks are attacks, there are also quite a few false positives that typically show up in your logs. At this point, lets quickly define false positives: These are either benign traffic that is mistaken for an attack, or an attack, that just doesn't affect you (famous SQL Slammer attack against a Linux host)
Stopping the Edward Snowden in your Organisation (CollaboristaBlog) In the eyes of some, NSA whistleblower Edward Snowden is a hero who leaked information about top secret state-sponsored surveillance operations to journalists, stoking a global debate on privacy. But from the point of view of his employer, he hardly turned out to be a model staff member
Design and Innovation
What Happened To The New Internet? (Buzz Feed) The movement to make a quieter, cleaner, more exclusive web — and what's left of it
Want privacy? Build a new Internet (VB) The Internet was simply not designed with privacy in mind. We don't have to look much further than the continued cybersecurity revelations to prove that state-run agencies and hackers alike continue to carjack the Information Superhighway
Research and Development
Hopkins researchers are creating an alternative to Bitcoin (Baltimore Sun) Zerocoin is an anonymous, cash-like, virtual currency. Inside a drab computer lab at the Johns Hopkins University, a team of researchers is trying to build something that has never existed before: a digital currency that changes hands completely in secret. Its name is Zerocoin
Legislation, Policy, and Regulation
Snowden: Canadian spooks used free airport WiFi to track travellers (The Register) Report says sniffing was probably illegal as local Spookhaus defends actions
Canada's Eavesdropping Agency Blasts Tradecraft Leak (SecurityWeek) Canada's ultra-secret eavesdropping agency on Friday blasted the disclosure of its tradecraft, after it was reported the agency had tracked airline passengers connected to Wi-Fi services at airports
Needed: More eyes on Canada's spies (The Globe and Mail) The playful, almost giddy tone of the Communications Security Establishment Canada's power-point presentation that was revealed last week suggests an extraordinary lack of perspective on what the spy agency's powers and duties consist of — and what is against the law
Cameron says he failed to make case for mass surveillance after Snowden leaks (The Guardian) Files from analyst showed need to update communication laws, says PM, also claiming civil liberties must be held 'in proportion'
John Kerry seeks to calm German anger at NSA reports (Tech2) U.S. Secretary of State John Kerry said Friday that relations with Germany have gone through a "rough patch" recently because of revelations about NSA spying, but insisted that the two countries can put the episode behind them
NSA Sees "Grave Damage" To National Security If Draft Talking Points On Surveillance Released (The Public Record) The National Security Agency appears to have spent a lot of time trying to agree on a set of talking points agency officials could use to respond to revelations that originated with Edward Snowden about the lawfulness of the agency's classified surveillance programs
Several cybersecurity initiatives lost after Snowden's NSA leaks (Los Angeles Times) Experts say several cybersecurity initiatives have been halted by Snowden's leaks of NSA data, leaving the U.S. more vulnerable
FACT CHECK: NSA leaks worst intelligence breach? (Wichita Falls Times Record News) The U.S. intelligence chief, James Clapper, said this week that the loss of state secrets as a result of leaks by former National Security Agency analyst Edward Snowden was the worst in American history. Clapper backed up his assertion with dire forecasts about emboldened enemies abroad, but some historians and researchers said the U.S. has struggled with even more devastating intelligence breakdowns over the past century
White House Added Last-Minute Curbs on NSA Before Obama Speech (Wall Street Journal) On the day before President Barack Obama gave a highly anticipated speech on the National Security Agency, White House officials rushed to include additional surveillance restrictions to address concerns of privacy advocates and the president's own review panel, said people familiar with the process
Holder: Not stopping terrorism doesn't mean telephony metadata not useful (FierceGovIT) Whether or not the intelligence community's bulk storage of telephony metadata has actually prevented a terrorist attack shouldn't be the only metric by which the program's efficacy should be measured, said Attorney General Eric Holder
Why the NSA gets higher marks for privacy than business (ComputerWorld) Those of you following the steady stream of news stories on the National Security Agency's insatiable appetite for information already know that the spy agency has figured out how to snatch data from mobile apps. Since 2007, The NSA and its partner Britain's Government Communication Headquarters (GCHQ) have siphoned from apps address books, buddy lists, phone logs and geographic data
Michael Rogers, Rick Ledgett Unveiled as NSA Leadership Appointees (ExecutiveGov) Navy Vice Adm. Michael Rogers and Rick Ledgett were officially announced Thursday as President Barack Obama's appointees to serve as the top two officials at the National Security Agency
Clapper Praises Rogers' Nomination as Next Cyber Chief (American Forces Press Service) Director of National Intelligence James R. Clapper has praised President Barack Obama's nomination of Navy Vice Adm. Michael S. Rogers to be the next commander of U.S. Cyber Command, director of the National Security Agency and chief of the Central Security Service
Healthcare IT Security at Risk Due to Business Associate Negligence (SecureWorks) Healthcare companies and businesses that do contract work for them may soon be left singing the blues to the tune of an old popular song by The Who. I can hear the new lyrics now: "Too much, Omnibus." That "too much" could refer to rising penalties for noncompliance with HIPAA requirements under the new Omnibus Final Rule Summary, which went into effect Sept. 23 and has a maximum penalty of $1.5 million per violation
Hertfordshire County Council fears cyber attack over banned words email list (Welwyn Hatfield Times) HCC fears computer hackers will mount a 'denial of service' attack. Fears of a cyber attack by hackers, or hostile foreign powers, has led a council to refuse to release a list of words banned from its emails
Litigation, Investigation, and Law Enforcement
Judges Poised to Hand U.S. Spies the Keys to the Internet (Wired) How does the NSA get the private crypto keys that allow it to bulk eavesdrop on some email providers and social networking sites? It's one of the mysteries yet unanswered by the Edward Snowden leaks. But we know that so-called SSL keys are prized by the NSA — understandably, since one tiny 256 byte key can expose millions of people to intelligence collection. And we know that the agency has a specialized group that collects such keys by hook or by crook. That's about it
Medical lab says FTC breach probe forced it to close (ComputerWorld) LabMD decides to close in the midst of an FTC investigation into a leak of the personal data of some 10,000 people
Delayed breach response prompts lawsuit against Kaiser (FierceHealthIT) California Attorney General Kamala Harris sued Kaiser Foundation Health Plan Inc. in state court on Jan. 23, alleging the company was too slow to notify more than 20,000 current and former employees that their personal information was compromised in a 2011 security breach, Law360 reported. In the breach, an external hard drive that contained personal information of Kaiser employees—including Social Security numbers, dates of birth and addresses—had been sold to a member of the public at a thrift store
Dallas student accused of 'cyber terrorism' (Luzerne County Citizens' Voice) A tenth-grade Dallas High School student is being accused of a "cyber terrorism" attack on the school's computer system last week, but his attorney claims he's innocent
11 high school students expelled for keylogging teachers' computers (Ars Technica) Police: local tutor directed installation of keylogger to goose students' grades
Operation Endeavour: The Tip of the Iceberg? (Forensic Focus) In mid January 2014, reports began emerging of a cybersex ring that had recently been under investigation in the Philippines. Crime agencies across the UK, USA, Australia and the Philippines themselves have been working together since 2012 on a case codenamed Operation Endeavour, and recently results have started to be published in the media
How Edward Snowden went from loyal NSA contractor to whistleblower (The Guardian) He was politically conservative, a gun owner, a geek and the man behind the biggest intelligence leak in history. In this exclusive extract from his new book, Luke Harding looks at Edward Snowden's journey from patriot to America's most wanted
Russian National Sentenced To 30 Months In Prison For $1 Million Trading Account Hack, Securities Fraud Scheme (Dark Reading) Petr Murmylyuk admitted that he participated in a conspiracy to steal from online trading accounts at Scottrade, E*Trade, Fidelity, Schwab, and others
Hackers file complaint against government (The Local (German edition)) Hacking group, the Chaos Computer Club (CCC), has filed a criminal complaint against the entire German government, including Chancellor Angela Merkel, over the spying scandal
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
Cyber Training Forum at NGA (Springfield, Virginia, USA, Feb 4, 2014) The 2014 Cyber Security Training Forum (CSTF) will take place at the NGA East Campus in Springfield, VA. This event is designed to provide education and training to the NGA Workforce, the Intelligence Community, and Industry. The CSTF will include keynotes, breakout sessions, and cyber security demonstrations from industry.
U.S. Department of Commerce Technology Expo (, Jan 1, 1970) Department of Commerce is interested in hearing from you! The OCIO Office is specifically looking for speakers on Vulnerability Management and Implementation of Continuous Monitoring. Please contact your FBC representative to submit an abstract today.
Cyber Security 2014 (, Jan 1, 1970) The threats and the opportunities conference brings together over 150 business leaders, senior decision makers, business development managers and IT professionals from across the whole defence and security supply chain, from Prime Contractors, through tier 1 and tier 2 suppliers, SMEs and those at the front of R&D and the development of new and innovative products and services. The event will provide a unique opportunity for those within the whole supply chain to understand both the current and future threat of Cyber Security on the supply chain and what action will need to be taken to mitigate these and ensure we are fit to compete in the future — both as businesses and as a country. Organisations who have confirmed their attendance include: RBS, Finmeccanica Selex, Thales, MOD, Scottish Government, Lockheed Martin UK, BAE Systems and others.
Security Analyst Summit 2014 (Punta Cana, Dominican Republic, Feb 9 - 13, 2014) The Kaspersky Security Analyst Summit (SAS) is an annual event connecting anti-malware researchers and developers, global law enforcement agencies and CERTs and members of the security research community. The goal is to learn, debate, share and showcase cutting-edge research, new technologies and discuss ways to improve collaboration in the fight against cyber-crime.
FBI HQ Cloud Computing Vendor Day (, Jan 1, 1970) As part of its FAR mandated market research efforts and in order to keep FBI employees informed of new products, technologies and services available in the industry, ITED has been tasked with organizing four 'Vendor Days' a year focusing on technology that can enhance current IT capabilities. These market research events will enhance exposure for all Department of Justice (DOJ)/Federal Bureau of Investigation (FBI) employees to new products and services and to have an opportunity to interact directly with the industry. Vendor days are for demo purposes only and are designed to facilitate FBI market research efforts. Attending vendors shall make all inquiries concerning pending or future FBI requirements to the cognizant FBI contracting officer.
New FFIEC Guidelines on Social Media: 3 Things You Need to Know (, Jan 1, 1970) We'll take an in-depth look at the new Federal Financial Institutions Examination Council (FFIEC) guidelines on social media and consumer compliance risk, and how they may impact your organization. We'll break down nearly 20 pages of dense government material, distilling the key topics for legal, compliance, risk and finance professionals.
Free OWASP Training and Meet Up (San Francisco, California, USA, Feb 24, 2014) OWASP is hosting a special security boot camp for all conference-goers: RSA Conference, Bsides SF, and TrustyCon as well as local developers. The training is recommended for developers who want to learn more about securing their code as well as security professionals who want to become acquainted with the latest web vulnerabilities.
RSA Conference USA (San Francisco, California, USA, Feb 24 - 28, 2014) Hundreds of game-changing interactions will give you an unparalleled diversity of industry insight and information based on best practices, real implementation stories, and detailed case studies. Each year, educational sessions feature new and returning educational tracks you won't find anywhere else.
Nellis AFB Technology & Cyber Security Expo (, Jan 1, 1970) For over 12 years, the Armed Forces Communications & Electronics Association (AFCEA) - Las Vegas Chapter and FBC have been co-hosting the Annual Information Technology Expo at Nellis AFB. As was the case last year, the 2014 event will once again have a Cyber Security theme. This is an excellent opportunity for any technology or cyber company to meet with the personnel at Nellis AFB, as well as the local AFCEA members.
Cloud Expo Europe (, Jan 1, 1970) Cloud Expo Europe covers everything from hybrid cloud to software defined networks and data centres, from open source cloud to IaaS, from security and governance to cloud applications and from complex hosting to development platforms.
Suits and Spooks Security Town Hall (, Jan 1, 1970) Privacy versus Security: An Informed Debate and Discussion to Raise Industry Awareness. Taia Global and our sponsoring companies are hosting our first Suits and Spooks Security Town Hall at the Ritz Carlton San Francisco on February 27, 2014 (7pm-10pm). We are condensing the Suits and Spooks two-day "collision" model into a 3-hour debate and discussion format to help raise awareness about the complexities involved in balancing security objectives with our privacy rights.
Trustworthy Technology Conference (, Jan 1, 1970) Join us for the first Trustworthy Technology Conference, to be held on 27 February 2014 at the AMC Metreon Theatre in San Francisco, California. We welcome all security researchers, practitioners and citizens who are interested in discussing the technical, legal and ethical underpinnings of a stronger social contract between users and technology.
Creech AFB Technology & Cyber Security Expo (, Jan 1, 1970) The Armed Forces Communications & Electronics Association (AFCEA) - Las Vegas Chapter, with support from the 432d Wing, will host a Cyber Security Awareness Day & Technology Expo at Creech AFB. This is an excellent opportunity for technology, cyber and tactical technology companies to meet with remote personnel at Creech AFB. At the 1st Annual event held in February 2013 over 100 Creech AFB personnel attended this event. Some of their job descriptions included: Commander, Flight Chief, Communications Officer in Charge, IT Lead, Systems Admin, Wing Training, Information Assurance Officer, Knowledge Management, Section Chief, Avionics, Physical Security, Project Manager, Director and more.