The CyberWire Daily Briefing for 1.9.2014
An unusual feature of recent denial-of-service attacks on gaming sites has been their abuse of the Network Time Protocol (NTP). Similar in effect to DNS-amplification attacks, successfully executed NTP attacks may herald a shift in hacker tactics toward this formerly seldom-used technique.
Consumers continue to feel the effects of Target's payment card breach. Financial institutions work to soften the blow, and other retailers upgrade their point-of-sale systems.
A motive for the Yahoo! malvertising campaign may have emerged: BitCoin mining. A different malvertising attack has hit South Africa, as visitors to the Mail and Guardian site are redirected to a server in the Netherlands, and thence into the hands of criminals.
IntelCrawler identifies a new class of botnet spying on smartphone users. "XXXX.apk" illicitly gathers location information and (perhaps) details on connections to home networks. Other researchers find smartphone personal banking apps "leaky."
Ransomware spoofs a warning from New Zealand police and demands payment in Ukash.
The SnapChat leak turns out to have been inadequately redacted by the professed white hats who published it. Other researchers find they can extract a surprising amount of information (those working on anonymization, take note).
Researchers find, and Siemens fixes, zero-days in Siemens switches.
Defense intellectuals turn their attention to cyber conflict and the prospects of deterrence.
The US President is thought likely to adopt his surveillance review panel's recommendations on curbing surveillance of allied leaders. EU suspicions of economic espionage rise.
The Australian teenager who discovered Victoria's Metlink vulnerability was rewarded with police attention.
Notes.
Today's issue includes events affecting Australia, China, European Union, Ireland, Japan, Republic of Korea, Netherlands, New Zealand, Russia, South Africa, United Kingdom, and United States..
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
IT Security Entrepreneurs Forum (ITSEF) 2014 (, Jan 1, 1970) IT Security Entrepreneurs Forum (ITSEF) is SINET's flagship event, designed to bridge the gap between the Federal Government and private industry. ITSEF brings unique value to the Cybersecurity community by providing a venue where entrepreneurs can meet and interact directly with top government agency and industry officials in an open and collaborative environment. This SINET community of interest and trust facilitates broadened awareness of the government's challenges, needs, and its future direction regarding Cybersecurity, while shining a spotlight on the entrepreneurs and their innovative technologies that are helping to address and solve today and tomorrow's security challenges.
FloCon2014 (Charleston, South Carolina, USA, Jan 13 - 16, 2014) FloCon 2014, a network security conference, takes place at the Francis Marion Hotel in Charleston, South Carolina, on January 13–16, 2014. This open conference provides a forum for operational network analysts, tool developers, researchers, and other parties interested in the analysis of large volumes of traffic to showcase the next generation of flow-based analysis techniques.
NASA Langley Cyber Expo (Hampton, Virginia, USA, Jan 14, 2014) The 2013 NASA Langley Cyber Expo is an annual event dedicated to Cyber Security and Information Technology at this secure facility. As the Cyber Expo hosts, the Office of the Chief Information Officer will be recruiting top federal speakers to provide informational sessions on relevant Cyber issues. Industry exhibitors may sit in on the sessions.This event will be promoted to all NASA Cyber and IT-focused personnel, as well as the entire workforce at this location.
Federal Intel Summit (, Jan 1, 1970) The Potomac Officers Club is proud to host the 2014 Federal Intel Summit featuring Congressman Mike Rogers and leadership from across the Federal Agencies focused on protecting our national interests.
cybergamut Tech Tuesday: Malware Reverse Engineering — An Introduction to the Tools, Workflows, and Tricks of the Trade to Attack Sophisticated Malware (, Jan 1, 1970) Reverse engineering malware can be an integral part of every security team's calculus. This session provides a technical review of the tools, workflows, and advanced analytic insight a senior reverse engineer brings to the fight. It will help demystify the process and illustrate the value-proposition associated with deep analytics of malware. Moreover, understanding the detail available through reverse engineering gives the security professional deeper insight into the tactics and techniques the attackers use to circumvent their defensive solutions. The session empowers cyber security professionals at every level to make better-informed judgments on how to improve their response and remediation protocols.
Federal Mobile Computing Summit (, Jan 1, 1970) The Federal Mobile Computing Summit: Digital Government Strategy II will feature government leaders who played an instrumental role in the development of the DGS and worked on the resulting deliverables. These IT thought leaders will examine the mobile landscape over the next 18 months — and beyond.
Cybertech — Cyber Security Conference and Exhibition (Tel Aviv, Israel, Jan 27 - 29, 2014) Cybertech Israel, the first event of its kind, will present world-leading companies in the field of cyber defense alongside young companies that offer unique solutions to advance the discipline of cyber security. The conference will focus on commercial problem-solving strategies and solutions for cyber infrastructure experts across multiple sectors: energy, utilities, finance, defense, R&D, manufacturing, service sectors, health, government, telecommunications, transportation and more.
U.S. Census Data Protection & Privacy Day (Suitland, Maryland, USA, Jan 28, 2014) The Census Bureau's Privacy Compliance Branch of the Policy Coordination Office is hosting a Data Protection and Privacy Day on January 28. This event is intended to provide a forum for Census employees and contractors to discuss current data protection and privacy policy and to generate ideas to help evolve the current policies . The event will feature various participants from the U.S. Census Bureau as well as other government agencies and industry.
2014 Cybersecurity Innovation Forum (Baltimore, Maryland, USA, Jan 28 - 30, 2014) The 2014 Cybersecurity Innovation Forum (CIF) is a three-day event, sponsored by the National Cybersecurity Center of Excellence (NCCoE) with DHS, NIST, and NSA as primary participating organizations. The CIF will cover the existing threat landscape and provide presentations and keynotes on current and emerging practices, technologies and standards. The 2014 CIF will provide action-oriented outputs to fuel voluntary principle-driven consensus-based standards efforts, create opportunities for industry growth and drive research activities, and define use cases for subsequent exploration, which in turn will feed back into the subsequent CIF's, continually evolving the state of the art.