The CyberWire Daily Briefing for 3.6.2014
Russia continues to fine-tune cyber support for its invasion of Crimea. Domestic networks haven't been neglected: VKontakte websites are being blocked for "encouraging terrorist activity." Cyber operations in Ukraine itself continue to be restrained, but some cables appear blocked. (Restrained, that is, in comparison with the Georgian or Estonian experience.)
The US Senate Intelligence Committee wonders why US intelligence agencies didn't give earlier warning of the incursion. Analysts point darkly to an erosion of Cold War vigilance, but this is historically ill-informed: after all, when that vigilance reigned, the Soviets achieved surprise in their 1968 invasion of Czechoslovakia.
Marble Security claims Android tablets and smartphones manufactured by Samsung, Motorola, Asus and LG have been sold to consumers with pre-installed malware that harvests credentials and sends them to a server in Russia. The manufacturers don't appear implicated; it appears to be a supply chain compromise.
Kaspersky contrasts the GnuTLS and Apple goto bugs. GnuTLS releases security updates to address its problem.
US beauty products retailer Sally Beauty suffers a credit card breach.
University researchers demonstrate a novel side-channel attack. Another research team shows how much traffic analysis of HTTPS communications can reveal (it's quite a bit).
A fourth Bitcoin exchange, Bitstamp, is hacked. The Bitcoin community increasingly migrates to Tor, which itself is increasingly infested with cyber criminals.
AnonGhost's pathetic, motiveless, sad sacks deface the wrong British target.
Target's CIO resigns over the retailer's data breach.
In the US, the White House dialogue on privacy focus on commercial, not government, issues.
Notes.
Today's issue includes events affecting Australia, Canada, Cyprus, Georgia, India, Italy, Russia, Ukraine, United Arab Emirates, United Kingdom, and United States..
Cyber Attacks, Threats, and Vulnerabilities
Russia Blocks Ukrainian Activists Websites For Encouraging "Terrorist Activity" (TechCrunch) As Russia continues its military intervention into the revolution-rocked Ukraine, authorities are now blocking 13 activist websites on the Russian social media network, VKontakte. The Russian Prosecutor's General Office ordered the agency's overseeing media, Roskomnadzor, to block off dissident websites, accusing them of encouraging "terrorist activity"
Russia and Ukraine in cyber 'stand-off' (BBC) As diplomatic efforts are stepped up to ease tensions in Ukraine, security experts have warned that Kiev and Moscow are locked in a cyber stand-off
Watching for a Crimean Cyberwar Crisis (MIT Technology Review) An info-war is under way as websites are blocked and telecom cables to Crimea are mysteriously cut
Ukraine: Why didn't the U.S. know sooner? (Politico) Despite Russian President Vladimir Putin's history as a tough-as-nails leader bent on restoring Russia's sphere of influence, the U.S. intelligence community failed to read the signs when it came to Ukraine
New Android devices sold with pre-installed malware (Help Net Security) A wide range of smartphones and tablets manufactured by Samsung, Motorola, Asus and LG Electronics have apparently been compromised with malicious apps before being sold to unsuspecting clients
Goto Aside, GnuTLS and Apple Bugs are not the Same (Threatpost) The similarities between the GnuTLS bug and Apple's goto fail bug begin and end at their respective failure to verify TLS and SSL certificates. Otherwise, they're neither siblings, nor distant cousins
Sally Beauty Hit By Credit Card Breach (Krebs on Security) Nationwide beauty products chain Sally Beauty appears to be the latest victim of a breach targeting their payment systems in stores, according to both sources in the banking industry and new raw data from underground cybercrime shops that traffic in stolen credit and debit cards
Sally Beauty Holdings Statement (MarketWatch) In response to rumors throughout the retail industry regarding security intrusions at various retailers, Sally Beauty Holdings, Inc. issued the following statement on March 5, 2014
"Ooh Aah… Just a Little Bit": A small amount of side channel can go a long way (International Association for Cryptologic Research) We apply the FLUSH+RELOAD side-channel attack based on cache hits/misses to extract a small amount of data from OpenSSL ECDSA signature requests. We then apply a "standard" lattice technique to extract the private key, but unlike previous attacks we are able to make use of the side-channel information from almost all of the observed executions. This means we obtain private key recovery by observing a relatively small number of executions, and by expending a relatively small amount of post-processing via lattice reduction. We demonstrate our analysis via experiments using the curve secp256k1 used in the Bitcoin protocol. In particular we show that with as little as 200 signatures we are able to achieve a reasonable level of success in recovering the secret key for a 256-bit curve. This is significantly better than prior methods of applying lattice reduction techniques to similar side channel information
I Know Why You Went to the Clinic: Risks and Realization of HTTPS Traffic Analysis (ARXIV) Revelations of large scale electronic surveillance and data mining by governments and corporations have fueled increased adoption of HTTPS. We present a traffic analysis attack against over 6000 webpages spanning the HTTPS deployments of 10 widely used, industry-leading websites in areas such as healthcare, finance, legal services and streaming video. Our attack identifies individual pages in the same web-site with 89% accuracy, exposing personal details including medical conditions, financial and legal affairs and sexual orientation
Cross-platform JRAT Targets UK and UAE Individuals (InfoSecurity Magazine) A new spam campaign delivering a Java remote access trojan (RAT) known as JRAT has been uncovered, with the emails claiming to have attached a payment certificate to the message. The campaign has predominantly affected the UAE and the UK to date and appears to be after specific victims
Android RATs Branch out with Dendroid (Symantec Connect) Darwinism is partly based on the ability for change that increases an individual's ability to compete and survive. Malware authors are not much different and need to adapt to survive in changing technological landscapes and marketplaces. In a previous blog, we highlighted a free Android remote administration tool (RAT) known as AndroRAT (Android.Dandro) and what was believed to be the first ever malware APK binder. Since then, we have seen imitations and evolutions of such threats in the threat landscape. One such threat that is making waves in underground forums is called Dendroid (Android.Dendoroid), which is also a word meaning something is tree-like or has a branching structure
CyberLocker's success will fuel future copycats (CSO) Ransomware with unbreakable encryption will attract cyber bandits like flies to offal. Nothing spurs malware development like success and that's likely to be the case in the coming months with ransomware
The Problem With Corporate Webmail (Forbes) The first step in hacking the company of your choice may be as simple as Googling "Company X webmail." The search will in many cases lead you to the front door of a company's fortress of sensitive information and documents. (Try it with your own company.) If an attacker figures out the right knock to get in — which in many cases is just a username/password — that company may wind up with a huge and potentially expensive data breach on their hands
Bitstamp Warns of Phishing Emails After Being Hit by Hackers (Softpedia) The Bitcoin exchange service Bitstamp has been hacked. It's uncertain what the attackers have managed to steal, but it's certain that they've obtained Bitstamp customer email addresses
Withdrawal vulnerabilities enabled bitcoin theft from Flexcoin and Poloniex (PC World) Hackers found security weaknesses that allowed them to overdraw accounts with Flexcoin and Poloniex, two websites that facilitate bitcoin transactions, and exploited them to steal bitcoins from the two services. The attacks put Flexcoin out of business and cost Poloniex's users 12.3 percent of their bitcoins
Most Popular Bitcoin Apps Soon To Run On Tor Anonymity Network (Forbes) Bitcoin and Tor have become perhaps the two most widely used software tools for maintaining anonymity on the Web. Now they're about to be stitched together—a move that could make a large swathe of the Bitcoin network significantly stealthier
Tor Attracts More and More Cybercriminals, Experts Warn (Softpedia) Kaspersky security researchers have been monitoring the activities of cybercriminals on the Darknet, particularly Tor, and they've found that the number of operations relying on the anonymity network is increasing
OMG a Ransomcrypt Trojan with a Conscience! (Symantec Connect) Ransomcrypt authors are not known to have a conscience, and until now have always left their victims with no way out, other than paying the extortion demand to decrypt their files. This seems to have changed somewhat with the arrival of Trojan.Ransomcrypt.G. While the authors of this malware are still total scammers, they seem to have some principles and offer to decrypt the victim's files for free after a one month period, even if the ransom has not been paid. While this behavior does not exonerate the actions of the malware authors, it does leave some light at the end of the tunnel for any unfortunate victims of this scam
Meetup.com Back Online After DDoS Attacks, Extortion Attempt (Threatpost) Social networking site Meetup.com is finally back online today yet it warns the site could still face future outages following a series of sustained denial of service attacks (DDoS) over the weekend
Payroll vendor breached, data on more than 43,000 employees at risk (SC Magazine) More than 43,000 former and current employees of Chicago-based Assisted Living Concepts (ALC) are being notified that their personal data — including Social Security numbers and pay information — may be at risk after an unauthorized third party breached ALC's payroll vendor and gained access to sensitive files
Cyberpoaching — hacking GPS to find endangered animals (Webroot) "The attempted hacking of a Bengal tiger's GPS collar in the Panna Tiger Reserve last July alerted the world to a new kind of threat to its wildlife: cyberpoaching. Since then, many proactive wildlife experts have been trying to figure out how to fight a poacher who sits half a world away from the animals they're targeting"
Hacker Hits Church of Scotland, Church of Cyprus, Lutheran Church of Australia (eSecurity Planet) More than 4,500 user credentials were published on Pastebin
Assisted Living Concepts Data Breach Exposes 43,600 Employees' Payroll Info (eSecurity Planet) Current and former employees' names, addresses, birthdates, pay information and Social Security numbers were exposed
Ghosts of Banking Past (LightBlueTouchpaper) Bank names are so tricksy — they all have similar words in them… and so it's common to see phishing feeds with slightly the wrong brand identified as being impersonated
Drone U: A Defense Department Engineer Warns About Drone Hacking (Slate) This week, Drone U features a podcast from Donna Dulo, a senior mathematician, computer scientist, and systems engineer for the United States Department of Defense
Transformers Expose Limits in Securing Power Grid (Wall Street Journal) The U.S. electric grid could take months to recover from a physical attack due to the difficulty in replacing one of its most critical components. The glue that holds the grid together is a network of transformers, the hulking gray boxes of steel and copper that weigh up to 800,000 pounds and make it possible to move power long distances. Transformers were badly damaged in an attack on a California substation last year
Security Patches, Mitigations, and Software Updates
Cisco Patches Authentication Flaw in Wireless Routers (Threatpost) There's a serious security flaw in some of Cisco's wireless routers that could allow a remote attacker to take complete control of the router. The bug is in a number of the Cisco small business routers, as well as a wireless VPN firewall. Cisco has released patches to fix the vulnerability in its Wireless-N VPN
Schneider Electric Mitigates Vulnerabilities in OPC Factory Server and Floating License Manager Products (Threatpost) The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) last week issued advisories warning of serious vulnerabilities in Schneider Electric SCADA gear
GnuTLS Releases Security Update (US-CERT) GnuTLS has released security updates to address a vulnerability affecting certificate verification functions. An attacker could use a specially crafted X509 certificate to bypass validation checks, impersonate legitimate web sites or services, and perform man-in-the-middle attacks
9 must-do's if you must stick with Windows XP (CSO) Without updates after April 8 Windows XP is expected to fall prey to any number of zero-day attacks for which Microsoft will provide no defense, but there are some things die-hard XP users can do to make their machines safer
Microsoft's quest to make users drop Windows XP continues (Help Net Security) As the date of the scheduled retirement of Windows XP — arguably one of Microsoft's most popular products ever — draws near, the company continues its quest to make as many users as possible migrate to a newer version of the OS, preferably to Windows 8.1
Cyber Trends
Financial services sector attracts most cyber crime, says PwC study (ComputerWeekly) More than a third of financial sector organisations say they have been victims of cyber crime, compared with only 17% in other industries
Reflections on RSA and the need for Retailer Information Sharing (Gartner) Just got back from the 2014 RSA Security conference where I had lots of stimulating conversations with colleagues in the security industry. What stood out the most to me was the dearth of information sharing in the retail payment card industry. You'd think that the PCI Security Council would promote information sharing on threats and POS malware to help retailers prevent breaches against their systems. But instead that task has fallen largely to well-known security blogger Brian Krebs who has to sleuth his way around the underworld and the opaque payments industry to uncover the truth about breaches against retailers
RSA 2014: Four luminaries discuss underestimated security threats (IT Knowledge Exchange) I spent a whirlwind trip to the RSA conference this week in San Francisco hanging out in the Information Systems Security Association (ISSA) booth, catching up with the group's members as they popped in. We talked about many things: cyber warfare, the need for collective security intelligence, how important being a member of a group such as ISSA is to a career, Edward Snowden, how much system access security vendors should give the government, how threats are becoming increasingly political in nature
CIOs Must Look to Adaptive Security Systems in Face of Evolving Threats (CIO) Microsoft's government security expert warns that there's no such thing as perfect security, so systems must be able to adapt and respond to attacks on unforeseen vulnerabilities
The fallacy of targeted attacks (SC Magazine) It's time to admit that the bad guys can always make a first move, says Damballa's Manos Antonakakis
Big Data Meets Threat Detection (InformationWeek) Security practitioners are getting a lot smarter about using security analytics and big data to identify threats in real-time. But there's a still a lot to learn
Cyber War, Cybered Conflict, and the Maritime Domain (US Naval War College) It has been well over a decade since the first "prophets" of information warfare proclaimed a new age of conflict fought not just on air, sea, and land but with electrons in what came to be known as "cyberspace." Since these early predictions, many incidents have confirmed that criminals, random hackers, and government-sanctioned specialists can wreak havoc on governments, military communications systems, and corporations
Malware Threats Making Anti-Virus Software 'Totally Useless' (Huffington Post) Some computer consultants say the global malware threat has gotten so bad that conventional security measures, such as anti-virus software, are no longer adequate to fight them
In dark days for privacy, protecting data gets more hands-on (TechTarget) Privacy is the new black. Or maybe it's the other way around. At Mobile World Congress 2014 this week in Barcelona, the world was introduced to Blackphone. Described as "the world's first smartphone which places privacy and control directly in the hands of its users," it's not to be confused it with Black. The latter is a smartphone created by Boeing, aimed at government and security workers, that will self-destruct if tampered with. Your mission, should you choose to accept it, is personally protecting data privacy
Security roundup: Malvertising replaces porn as largest threat to mobile security (PCR) This week's security news reveals mobile adverts prose a bigger threat to mobile security than pornography and 'black phones' could make users a target for hackers
How cybersecurity pros feel about those on the other side (CNBC) The RSA Security Conference in San Francisco brought together top information security experts from around the globe. But the attention at the conference, which ran Feb. 24 to 28, was often on those not in attendance: malicious hackers and cybercriminals, often referred to as "adversaries"
Major gaps found in the governance of emerging technologies (Help Net Security) SailPoint published an infographic which outlines recent research results that indicate that while global enterprises are embracing — and in some instances mandating — the use of cloud and mobile technologies, they do not have IT controls in place to properly manage them
Cybersecurity concerns becoming a boardroom issue (Help Net Security) The increasing frequency, sophistication, and business impact of cyber-attacks have pushed cybersecurity planning and protection from an operational concern of IT departments to a key theme on the strategic agenda of boards and CEOs
Marketplace
Target CIO Resigns as Part of Security Overhaul (Tripwire: the State of Security) Target's Chief Information Officer Beth Jacob has announced her resignation in the wake of the massive data breach that exposed account details of more than 100 million customers, and the company has implemented plans for a major security overhaul with the assistance of third-party consultants
Why a top Target executive says she's leaving (MarketWatch) Beth Jacob, the most high-level executive to leave Target Corp. following the company's well-noted data breach, said it's time for a change
Target Seeks New CIO (Dark Reading) Data breach last year prompts CIO Beth Jacob to resign; Target will hire interim CIO and chief compliance officer
Target CIO Resignation Puts Retail CIOs on Alert (CIO) As Beth Jacob's resignation from Target shows, retail CIOs are culpable for security breaches even though they might not have the resources in-house to protect the company
Evidence that the D.C. area really is a hotbed for cybersecurity jobs (Washington Post) For evidence of the boom in cybersecurity jobs in the Washington region, one could simply take a drive up Interstate 95 toward Fort Meade: The crop of upscale apartments and restaurants make clear that white-collar professionals are moving into the area as it is being remade into the federal government's hub for cybersecurity work
There are plenty of cyber jobs in Maryland — you just need experience (Baltimore Business Journal) As you would expect, the number of cyber security jobs in Maryland is growing faster than the national average. But you will need experience before landing a gig
Rampant FireEye Shares Makes Founder Ashar Aziz a Cybersecurity Billionaire (Forbes) On Monday, Forbes published its annual Billionaires list with a record number 1,645 members. You can now add one more individual to that list. Ashar Aziz, founder of cybersecurity firm FireEye, is the world's newest billionaire as shares in his company continue to skyrocket following a September initial public offering
Company news: New additions at Rapid7 and Vaultive (SC Magazine) Trey Ford has joined Rapid7, a Boston-based vulnerability management and penetration testing company, as global security strategist
Yahoo to Name TrustyCon Founder Alex Stamos as Next Chief Information Security Officer (Re/code) It has been more than a year since Yahoo's last chief information security officer left the company. Now the Internet giant is getting close to naming a new one
Al Pisani Appointed Corporate Development SVP at Serco Inc.; Dan Allen Comments (GovConWire) Al Pisani, formerly senior vice president of TASC's intelligence group, has joined Serco Group's North American subsidiary — Serco Inc. as senior vice president of corporate development
HP To Battle Google Staff In Hacking Contest (TechWeekEurope) Security staff from Hewlett-Packard and Google are to compete in a web browser hacking contest
PURA: NU Outsourcing, Closings Don't Hurt Storm Response, Cyber Security (Hartford Courant) Northeast Utilities' plan to outsource more than half of its information technology staff and to close almost a dozen regional work centers does not hurt the utility's storm response or cyber security efforts, according to a regulatory review of the company's plans
Products, Services, and Solutions
Cryptocat Wins Apple Approval (InformationWeek) NSA surveillance and other worldwide events drive interest in secure messaging, and iOS users now have a new option
Informatica And Imperva Partner To Deliver Layered Database Privacy And Security (Dark Reading) Imperva will resell Informatica's data masking technology
EventTracker Wins Gold in Info Security Products Guide's Global Excellence Awards for the Second Year in a Row (Yahoo! Finance) EventTracker wins category ahead of ArcSight in its second year of honors from the Global Excellence Awards
The best password manager apps for Android (Android Authority) Getting your password hacked is not a pleasant event. Dealing with password recovery, convincing the website the account actually belongs you, and getting everything back in order is a real pain. If you make your password too weak and easy to remember, the chances of getting hacked goes up. If you do a really complicated password, chances are you'll either forget it or have to write it down somewhere to remember. If this sounds like a problem you're having then why not try out a password manager
Du to offer WiFi in public places (Emirates 24/7) Project will start in Abu Dhabi and Dubai then gradually across the rest of the UAE
New "Snowden Phone" likely not quite up to Snowden-level standards (Ars Technica) Still, making an inexpensive, hardened smartphone is difficult
AT&T lays out 'radical' network changes with SDN (IT World) AT&T is remaking its infrastructure as a "user-defined network cloud" in the pursuit of greater flexibility, lower costs and faster response to user needs, the carrier's infrastructure chief said
Technologies, Techniques, and Standards
New approach to SQL injection detection (Help Net Security) In this podcast recorded at RSA Conference 2014, Dave Rosenberg, CTO at DB Networks, talks about a new approach to SQL injection detection and explains how they solve this problem in their products
Why is 'bring your own encryption' (BYOE) important? (TechTarget) BYOE, or bring your own encryption, is a cloud computing security model that allows cloud services customers to use their own encryption software and manage their own encryption keys. It works by allowing customers to deploy a virtualized instance of their own encryption software alongside the business application they are hosting in the cloud. The business application is configured so that all its data is processed by the encryption application, which then writes the ciphertext version of the data to the cloud service provider's physical data store
Use cases for self-managed cloud data security in the enterprise (TechTarget) As most security practitioners know by now, securing enterprise cloud usage can be quite a challenge. Because it can spring up unexpectedly, security teams often learn about the adoption of cloud services after the fact. And despite pleas from security administrators, business pressures make the implementation of additional security controls challenging, since executives understandably loathe seeing anticipated cost savings eaten away
Continuous Security Monitoring: The Attack Use Case (Tripwire: the State of Security) In this fifth article in the CSM series, we will examine specific attack use cases, as the first installment of this series provided a general overview of continuous security monitoring, and in the second article explained how CSM can help your organization react better to threats. In the third article, we examined the challenges regarding full visibility into your environment, and the fourth article discussed classifying your network assets
Attack obfuscation: How attackers thwart forensics investigations (TechTarget) Could you provide a description of what is meant by the term "offensive forensics"? What forensics tools are used in such attacks, and what can enterprises do to stop them? Offensive forensics, simply put, is a method of attack obfuscation in which an attacker takes specific steps to make investigating an incident more difficult for a forensic examiner
RAM-scraping malware update: Enterprise defense against RAM scrapers (TechTarget) RAM-scraping or memory-scraping malware has advanced significantly since it first became widely known via the 2010 Verizon Data Breach Investigations Report. Following the 2013 attack on Target in which attackers used a RAM scraper to capture credit card numbers, there has been renewed interest in the topic. While the technical aspect of malware using RAM-scraping has changed little since 2010, the overall sophistication of the attacks has increased tremendously
Why you need to segment your network for security (CSO) Pen tester Mark Wolfgang argues segmenting for security is a key piece of an overall defense-in-depth strategy. Here he explains why and how to accomplish it in your organization
Underwater Internet Cables: 'Submarine Cable Map' Shows How The World Gets Online (International Business Times) In today's increasingly wireless world, many forget the massive physical infrastructure used to connect everyone to the Internet. Satellites are used for broadcasting, but most of the world's information is carried over tiny fiber-optic cables buried in the sea bed that span entire oceans
Securing Software Requires Design, Testing, And Improvement (Dark Reading) Adopting secure development, incorporating frequent testing, and creating measures of software security are important to create more secure code
Design and Innovation
On a day of praise for disruptive technologies, a word of caution (TechTarget) A former Google engineer schools aspiring disruptors on what really matters when deploying disruptive technology for human consumption
Research and Development
New tool developed to detect and contain Android root exploit malware (Press Trust of India) Researchers have developed a new tool to detect and contain the type of malware that attempts root exploits in Android devices. The new security tool is called Practical Root Exploit Containment (PREC). Developed by North Carolina State University researchers, the tool is said to improve on previous techniques by targeting code written in the C programming language — which is often used to create root exploit malware, whereas the bulk of Android applications are written in Java
Legislation, Policy, and Regulation
EU officials link cybersecurity to Internet governance (Inside Cybersecurity) Lingering tensions between the European Union and the United States over surveillance activities by the National Security Agency have prompted a number of European initiatives to toughen privacy protections and broaden international control of the Internet
'Just because it is legal doesn't mean we should do it' (Irish Times) US intelligence figures say Europe is acting 'mock surprised' at leaks on NSA. European intelligence agencies were all aware of the type of covert surveillance undertaken by the US National Security Agency (NSA), a former state department official and current director of the Center for Strategic and International Studies (CSIS) has said
Independent court scrutinising MI5 found to be Home Office funded (The Guardian) Clegg and Miliband call for reform of Investigative Powers Tribunal, as critics accuse it of secrecy and unfairness
US holds hearing on data security (ComputerWeekly) The US House of Representatives subcommittee on Financial Institutions and Consumer Credit is to hold a hearing on data security
White House big data privacy review to focus on private sector, not government use (FierceBigData) In January, President Obama announced plans to reform government surveillance programs and charged White House counselor John Podesta with leading the review on big data and privacy. As part of that effort Podesta delivered a keynote speech at an MIT big data workshop on Monday. But he said his White House-ordered privacy group will focus on private sector data practices rather than those in government agencies. Here, as Paul Harvey would say, is "the rest of the story"
White House silent during Obama's 'open debate' data privacy workshop (Daily Caller) The debate over data privacy and government surveillance announced during President Obama's National Security Agency reform speech in January got off to a slow start this week, with White House officials less than engaged in the debate the president called for
Surveillance by Algorithm (Schneier on Security) Increasingly, we are watched not by people but by algorithms. Amazon and Netflix track the books we buy and the movies we stream, and suggest other books and movies based on our habits. Google and Facebook watch what we do and what we say, and show us advertisements based on our behavior. Google even modifies our web search results based on our previous behavior. Smartphone navigation apps watch us as we drive, and update suggested route information based on traffic congestion. And the National Security Agency, of course, monitors our phone calls, emails and locations, then uses that information to try to identify terrorists
Cybersecurity Priorities Unveiled in FY 2015 Budget (GovInfoSecurity) 'Whole-of-Government' approach to incident response proposed
White House proposes multi-agency cybersecurity center (Inside Cybersecurity) To further its push for interagency coordination on cybersecurity, the White House has proposed building a campus to house security specialists from various agencies, including the departments of Justice and Homeland Security
A crime for teenagers to excoriate their unfaithful or abusive lovers on Facebook? (Volokh Conspiracy) That would be one effect of a proposed Colorado bill, which has passed one legislative committee and is about to come before another
Responding to senator's bid to ban Bitcoin, congressman calls for cash ban (Ars Technica) "Dollar bills are present in nearly all major drug busts in the United States." Last month, a senator from West Virginia called on American financial regulators to ban Bitcoin in a seemingly gross misunderstanding of how the cryptocurrency actually works
Litigation, Investigation, and Law Enforcement
Obama knew CIA secretly monitored intelligence committee, senator claims (The Guardian) White House declines to comment after Mark Udall says agency spied on staffers preparing scathing report into CIA torture after 9/11
A New Day, But the Same Old CIA (US News and World Report) A new investigation reveals the CIA is still abusing its power
N.S.A. Director Says Snowden Leaks Hamper Efforts Against Cyberattacks (New York Times) Gen. Keith B. Alexander, the director of the National Security Agency, said Tuesday that the leaks by the former agency contractor Edward J. Snowden had slowed the effort to protect the country against cyberattacks on Wall Street and other civilian targets
Bruce Schneier hints at new Snowden documents, analysis techniques (TechTarget) Think the Edward Snowden-NSA storyline is played out? Think again. "I think this story is going to keep going for at least a year, probably longer," said Bruce Schneier, chief technology officer with Co3 Systems, who is working with The Intercept's Glenn Greenwald to analyze and report on the NSA documents allegedly stolen and leaked by former contractor Edward Snowden." There's an enormous pile of documents; they're very technical [and] hard to understand, and as you go through them, you find stories"
Daniel Ellsberg: Obama Should Say 'Thank You Edward Snowden' (Fusion) Some people think Edward Snowden should get the Nobel prize, others think he should be tried for treason. Fusion's Daniel Clark sits down with the legendary whistleblower who leaked the Pentagon papers to discuss why leaking top-secret information will continue to happen for years to come
Credit card breaches: Are consumers out of luck? (CBS News) Cyber security attacks that compromised the credit card information of hundreds of millions of customers at major retailers like Target over the holiday season drew vast national media attention. But "there's actually been a number of breaches over the years," Consumer Financial Protection Bureau Director Richard Cordray told CBS News; "your information is always at risk, every day"
Rebekah Brooks: I did not investigate phone hacking as NI chief executive (The Guardian) Court also hears Brooks never asked what private investigator Glenn Mulcaire had been doing when she was NoW editor
FBI believes small Pennsylvania hosting company is connected to Silk Road (Ars Technica) Affidavit says JTAN, a privacy-minded firm, was backing up Silk Road's server
Feds drop most charges against former Anon spokesman (Ars Technica) In 2012, Barrett Brown was hit with 12 charges related to a link he posted in IRC
46 Piracy Websites Will Be Blocked at ISP Level in Italy (Softpedia) Italian authorities have decided to block a total of 46 websites that offer torrents, streaming and file sharing services. This is said to be the largest operation against pirate websites Italy has seen so far
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
SEC Cybersecurity Roundtable (Washington, DC, USA, Mar 26, 2014) The Securities and Exchange Commission today announced that it will host a roundtable next month to discuss cybersecurity and the issues and challenges it raises for market participants and public companies, and how they are addressing those concerns.
Black Hat USA 2014 (, Jan 1, 1970) Black Hat USA is the show that sets the benchmark for all other security conferences. As Black Hat returns for its 17th year to Las Vegas, we bring together the brightest in the world for six days of learning, networking, and skill building. Join us for four intense days of Trainings and two jam-packed days of Briefings.
Black Hat Europe 2014 (, Jan 1, 1970) The premier conference on information security returns to the beautiful city of Amsterdam, Netherlands in October, 2014. Professionals from all over the world gather for two days of intense Trainings and two thought-provoking days of Briefings brought to you by some of the brightest minds in the industry.
Reducing the Nation's Cyber Risk: White House Insights on the President's Critical Infrastructure Framework (New York, New York, USA, Mar 11, 2014) The Fordham School of Professional and Continuing Studies and the Fordham Computer and Information Science Department present this informative panel, open and free to the public.
cybergamut Technical Tuesday: Virtualization Technologies in Cyberwarfare (Columbia, Maryland, USA, Mar 11, 2014) Virtualization is often talked about in the context of cloud computing, cost savings and enterprise environments. In this talk, Jason Syversen of Siege Technologies will introduce Intel, AMD and ARM virtualization architectures and describe novel approaches to implementing virtualization technology / hypervisors for offensive and defensive cyber security applications. Case studies will be presented for malware detection, reverse engineering, code protection, security testing, stealthy code and other applications.
Nuclear Regulatory Commission ISSO Security Workshop (, Jan 1, 1970) Exhibitors will have the opportunity to showcase cutting-edge products and services available in today's market. All companies specializing in products and services that would benefit the NRC workforce are encouraged to exhibit at this one-day expo. Topics of the workshop and of high interest to attendees include: computer security policy, standards and guidance, cybersecurity, FISMA compliance, and training updates.
ICS Summit 2014 (Lake Buena Vista, Florida, US, Mar 17 - 18, 2014) The 9th Annual North American ICS Security Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset owning and operating organizations along with control systems and security vendors who have innovative solutions for improving security.
27th Annual Federal Information Systems Security Educators' Association (FISSEA) Conference (, Jan 1, 1970) The 27th Annual Federal Information Systems Security Educators' Association (FISSEA) Conference will be held at the National Institute of Standards and Technology on March 18-20, 2014, exhibits will be on display March 19 only. This year's theme "Partners in Performance: Shaping the Future of Cybersecurity Awareness, Education, and Training" will focus on developing a better understanding of current information systems/cybersecurity projects, emerging trends, and initiatives. Through numerous high quality sessions, approximately 200 attendees will learn new ways to improve their IT security program and practical solutions to training problems while earning Continuing Professional Education (CPE) credits. The vendor fair gives attendees a tactical look at the products and services available to meet their professional goals.
Suits and Spooks Singapore (, Jan 1, 1970) Our first international Suits and Spooks conference will be held in Singapore with a visit to Malaysia on March 20-21, 2014. The focus will be on how multi-national corporations can profitably operate in a globally hostile environment that consists of foreign intelligence collection, mercenary hacker crews, insider threats, and supply chain/vendor vulnerabilities. Our international list of speakers will discuss who the threat actors are, what they're after, and best practices to mitigate the risks.
MCT-Congress: Going Mobile with Clinical Trials (Edinburgh, Scotland, UK, Mar 20 - 21, 2014) It is almost inevitable that mHealth solutions will be adopted across healthcare systems worldwide over the next decade. What is less clear is the impact that mobile solutions are having and could have on the clinical research process.
Cyber Security for Energy & Utilities (, Jan 1, 1970) Following the rapid evolution of the cyber and digital world, IT Security Directors, Information Security Directors, Chief Security Officers, Chief Information Officers and many more will gather at the 3rd Edition of Cyber Security for Energy & Utilities conference taking place from 23 -26 March 2014 at The Westin Golf Resort in Abu Dhabi, UAE.
Veritas 2014 (, Jan 1, 1970) At Veritas 2014, hear directly from the big data experts in top tier retail finance who are now implementing strategy and starting to yield real commercial value. Experts dedicated to Big Data in the sector will show you how the right approaches can lead to far-reaching results in business model innovation, risk mitigation and identifying new revenue streams. See how Veritas 2014 will help you develop your big data implementation strategy.
Black Hat Asia (, Jan 1, 1970) Black Hat is returning to Asia for the first time since 2008, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days--two days of deeply technical hands-on Trainings, followed by two days of the latest research and vulnerability disclosures at our Briefings.
Cyber Security Management for Oil and Gas (, Jan 1, 1970) Attend to gain cutting-edge information from oil and gas cyber security experts on: Using the very latest in intelligence techniques to find and neutralize the newest threats in time. Preventing security breaches while ensuring your employees, social media and mobile devices operate effectively. Implementing best practices in order to achieve and maintain SCADA and other key systems security. How a "critical infrastructure" designation would impact different aspects of oil and gas cyber security management.
ISSA Colorado Springs — Cyber Focus Day (Colorado Springs, Colorado, USA, Mar 27, 2014) Join us for the Information Systems Security Association (ISSA) — Colorado Springs Chapter — Cyber Focus Day set to take on Thursday, March 27, 2014 at Colorado Technical University (CTU).
Corporate Counter-Terrorism: the Role of Private Companies in National Security (Washington, DC, USA, Mar 28, 2014) The 2014 American University Business Law Review Symposium will address the growing role of corporate America in governmental counter-terrorism programs, including the bulk metadata and PRISM surveillance initiatives. John Carlin, Assistant Attorney General for National Security, will deliver the keynote. Other speakers will include current and senior officials from the Justice Department, National Security Agency, Office of the Director of National Intelligence, FBI, DHS, Google, and Microsoft.
SyScan 2014 (Singapore, Mar 31 - Apr 4, 2014) SyScan is a deep knowledge technical security conference. It is the aspiration of SyScan to congregate in Asia the best security experts in their various fields, to share their research, discovery and experience with all security enthusiasts in Asia.
Interop Conference (, Jan 1, 1970) Interop Conference sessions help you find actionable solutions to your current IT headaches and plan for future developments.