The CyberWire Daily Briefing 01.15.15
Various Islamist factions compete for discredit as they claim the Charlie Hebdo massacres and use of children as executioners.
Fast becoming as familiar (and perhaps as decentralized in use) as the Anonymous Guy Fawkes mask, the CyberCaliphate's checkered shemagh defaces North Korea's Air Koryo Facebook page.
Speculation about hacktivists behind the compromise of US CENTCOM's social media accounts continues to focus on a disaffected Brummie, Jumaid Hussein al-Britani, former Midlands jailbird, current whereabouts unknown, but possibly somewhere in the Levant. His wife said last week he was killed by a drone, but few believe this. The US Army says the CENTCOM hack exposed a "significant number" of retired generals' personal information.
Sucuri reports a vulnerability in Vbulletin to PHP code insertion.
Microsoft researchers detail the most recent enhancements to CryptoWall.
Brazilian banking customers struggle with what observers call a "virtual mugging" that uses the KL-Remote exploit toolkit.
Malvertising with convincing spoofs of legitimate publications is found in Google AdSense. Online advertiser Tum uses an undeletable Verizon tracking number to spawn "zombie cookies." Tum says Verizon told them it was o.k.
American and United airline frequent fliers' user accounts are compromised and miles are reported stolen.
UK PM Cameron will push his widely-criticized views on encryption during his summit with US President Obama. The President's own cyber proposals receive weaker reviews today: observers see RICO prosecutions for innocent online activity, with civil liberties protected only by prosecutorial discretion. (Still, some like the parts granting immunity for sharing data with the Government.)
A note to our readers: the CyberWire will observe Martin Luther King Day and not publish Monday. We'll resume regular publication on Tuesday, January 20.
Notes.
Today's issue includes events affecting Australia, Brazil, Canada, China, Côte d'Ivoire, Germany, India, Japan, Democratic Peoples Republic of Korea, Malaysia, Russia, Syria, Sweden, United Kingdom, United States, and and Vietnam.
Cyber Attacks, Threats, and Vulnerabilities
Disputed Claims Over Qaeda Role in Paris Attacks (New York Times) The younger of the two brothers who killed 12 people in Paris last week most likely used his older brother's passport in 2011 to travel to Yemen, where he received training and $20,000 from Al Qaeda's affiliate there, presumably to finance attacks when he returned home to France
IS 'Child Executioner' Reports Blocked, Played Down In Central Asia (Radio Free Europe/Radio Liberty) Central Asian news outlets are playing down reports of a video that appears to show a Kazakh child militant executing two men. Some stories have been blocked entirely
Pro-Isis hackers attack North Korean airline Facebook page (Guardian) Hackers post image of black and white flag of Islamic State and brand Kim Jong-un a 'crying pig' on page promoting Air Koryo
CENTCOM Twitter hackers posted info for many retired generals (Military Times) The Army is contacting a "significant" number of retired general officers whose personal information was posted online when hackers took over U.S. Central Command's Twitter account Monday, an Army official said
Meet the Star-Crossed Lovers Behind the Islamic State's Centcom Hack (Foreign Policy) When a group calling itself the "CyberCaliphate" breached Centcom's Twitter and YouTube accounts and flooded both with pro-Islamic state messages and videos earlier this week, American law enforcement officials raced to find out who was responsible for the attack. The main suspects: a group led by Junaid Hussain, a 20-year-old who moved from Britain to Syria — accompanied by his 45-year-old alt-rock girlfriend — to kick-start the Islamic State's hacking campaign
VBulletin SEO Module Has "Critical" Flaw, Says Sucuri (Computer Business Review) Bug could lead to PHP code insertion and malicious follow-up
Ouch! Home router security "bypass" actually means no security AT ALL (Naked Security) About two years ago, a Spanish security researcher named Eduardo Novella found an astonishing bug in the Pirelli P.DGA4001N routers that were used by a Spanish ISP
What Can Happen If Your Organization Is Targeted (Fortinet Security Research Blog) A few weeks ago, we received a file that was being spread as an attachment in a spear phishing email. The sample, which we are detecting as W32/Byanga.A!tr, turns out to be a dropper for a bot which, if active in an organization's system, has the capability to perform malicious activities that can be very damaging to the targeted organization
CryptoWall 3.0 hides C&C Communications with I2P Anonymity Network (Security Affairs) Security Experts at Microsoft discovered a new variant of CryptoWall 3.0 ransomware that adopts I2P Anonymity Network for C&C Communications
CryptoWall ransomware is back with new version after two months of silence (IDG via CSO) Attackers have started distributing a new and improved version of the CryptoWall file-encrypting ransomware program over the past few days, security researchers warn
Bank Fraud Toolkit Circumvents 2FA & Device Identification (Dark Reading) KL-Remote is giving Brazilian fraudsters a user-friendly "virtual mugging" platform
Google AdSense Used for Malvertising Campaign (Softpedia) Advertisements redirecting users to scam websites impersonating reputable magazines and blogs that touted shady health products have been spotted in Google's AdSense program
Fake BBC News Site Baits Victims with Charlie Hebdo Misinformation (Infosecurity Magazine) A suspicious site that was attempting to mimic the official BBC News website while serving up false information about the Charlie Hebdo tragedy managed to garner an immense amount of traffic earlier this week — with the likely intent to deceive and perhaps harm visitors via malicious file downloads or through click-fraud
Zombie cookie: The tracking cookie that you can't kill (Ars Technica) Online ad company uses cookies that come back to life after Verizon users delete them
Ham-fisted phishing attack seeks LinkedIn logins (IDG via CSO) LinkedIn users targeted by slippery phishing campaign
Park 'N Fly, OneStopParking Confirm Breaches (KrebsOnSecurity) Late last year, KrebsOnSecurity wrote that two huge swaths of credit card numbers put up for sale in the cybercrime underground had likely been stolen from Park 'N Fly and from OneStopParking.com, competing airport parking services that lets customers reserve spots in advance of travel via Internet reservation systems. This week, both companies confirmed that they had indeed suffered a breach
Hackers enjoying free rides after hacking thousands of American, United airlines accounts (HackRead) Countless American and United airlines' User Accounts Stolen by Hackers — dozens of free trips booked as hackers retrieve user ids and passwords via third party source
Anonymous Wages War on Montréal Police for Dismantling Homeless village (HackRead) The online hacktivist Anonymous has sent a threatening message to the Service de Police de la Ville de Montréal (SMPV) and Montreal police against bulldozing of a homeless camp set up by Anonymous in Viger Square for OpSafeWinte
Anatomy Of A 'Cyber-Physical' Attack (Dark Reading) Inflicting major or physical harm in ICS/SCADA environments takes more than malware
Security Patches, Mitigations, and Software Updates
Mozilla Releases Security Updates for Firefox, Firefox ESR, SeaMonkey, and Thunderbird (US-CERT) The Mozilla Foundation has released security updates to address multiple vulnerabilities in Firefox, Firefox ESR, SeaMonkey, and Thunderbird. Exploitation of these vulnerabilities may allow a remote attacker to take control of an affected system
Insta-sham: Instagram fixes its not-so-private photo bug… well, sort of (Naked Security) Instagram has fixed a privacy flaw that allowed anyone with the URL to see photos and videos posted on the service, even if the user's account was set to private. At least, it has kind of fixed it
Microsoft accused of money-grabbing with Patch Tuesday reform (V3) Microsoft's decision to cease Patch Tuesday notices to non-premier customers is a greed-induced step backwards for the firm's security efforts, according to security experts
Cyber Trends
Five key security, identity and access management trends (Help Net Security) CA Technologies announced five key trends for security and identity and access management (IAM) that will impact organizations and security professionals in 2015 as they compete in the application economy
2014 cyberattack victims in the crosshairs again, warns SANS' Eric Cole (FierceCIO) The big news in IT security in 2015 will not be the newest Fortune 1000 cyberattack victim. Instead, expect the cybercriminals to return to the scene of the crime, and re-attack one of last year's top victims
Check-the-Box Mentality Exposes Banks to Big Cyber Risks (American Banker) The year of 2014 will be remembered as the year of the data breach. Hackers struck numerous large corporations, from Target to Home Depot to JPMorgan Chase
The 7 biggest lies you've been told about hacking (Daily Dot) Online security is increasingly an issue rich for headlines as everyone from movie studios and celebrities to major retailers and CENTCOM find themselves the victims of digital infiltrators. However, "hacking" is also a very technical issue and, like many technical issues, one the media often gets wrong
Developers, the Cloud, and Security Concerns (Cloud Tweaks) So I got to thinking about security and how this relates to developers in particular. This was prompted by a recent read of the findings reported in a survey, "2014: The Year of Encryption" conducted by Egress Software Technologies, of delegates at Europe's largest information security event Infosecurity Europe 2014. And you know the first and almost overwhelming thought that struck me was how important security should be for these folk
Computer viruses cost Vietnamese users almost $400mn in 2014: Bkav (Tuoi Tre News) Malicious software programs, or viruses, caused damage worth nearly US$400 million to Vietnamese computer users last year, a local Internet security firm said Tuesday
Malaysian companies indifferent to cyber security, says solutions firm (Malaysian Insider) Many Malaysian companies adopt a stopgap attitude when it comes to investing in cyber security measures, a solutions company said today
Coffee, Wi-Fi and the Moon (Atlantic Council: the Art of Future Warfare) The unknown story of the greatest cyber war of them all
'Blackhat' director Michael Mann has a worst-case cyber-attack scenario for you (HitFix) A half-hour sitting across a table from Michael Mann is more than enough time to remind you of all the stuff you don't know. A consummate researcher-filmmaker, he never puts something out into the creative ether without knowing it inside and out, without knowing its world, its players — everything that needed to exist in order to birth it in the first place, he's canvased it. So no, he wasn't shocked to hear that last month, corporate giant Sony had been maliciously hacked leaving privileged information scattered to the public
Marketplace
Here's how insurance will respond to the Sony cyber hack (Insurance Business America) The Sony Pictures cyber attack of seven weeks ago represented a game-changer in the recent string of data breaches that have plagued high-profile companies like Target, Home Depot and Dairy Queen. With repercussions ranging from entertainment industry rumors to potential matters of national security, the breach was a strong reminder of just what’s at risk when hackers attack
Symantec Acquires Boeing's Cybersecurity Unit in a Bid to Boost Big Data Capabilities (Forbes) Symantec Corp. announced on January 12 that it is taking over 65 engineers and data scientists from Boeing's cybersecurity unit, Narus. Boeing will retain ownership of Narus' licenses and intellectual property, which will be licensed by Symantec. Terms of the deal were not disclosed
KPMG makes third cyber security acquisition in four months (KPMG via LinkedIn) We've just announced that KPMG Finland has acquired 100% of Trusteq Oy, a 45 strong Finnish cyber security consulting company specializing in identity and access management services and security transformation projects
BlackBerry says $7.5 billion Samsung takeover deal is bogus [Updated] (Ars Technica) BlackBerry stock jumped a crazy 30 percent after the news
EMC Restructures RSA; Coviello Says Split From EMC Federation Unlikely (CRN) EMC has laid off management and sales staff as part of an overhaul of its RSA security division, according to people familiar with the matter
Exclusive: FireMon will hire 100 in 2015, doubles office space after sale (Kansas City Business Journal) A new owner with tech clout and hefty resources is enabling significant growth for Overland Park-based FireMon LLC
Microsoft Welcomes Cylance Into The Antivirus Club (Forbes) When I think of antivirus there are specific vendors and tools that come to mind: Symantec, McAfee, Panda Security, BitDefender, and others. Microsoft is expanding the definition of "antivirus", though, by inviting Cylance to join the Microsoft Virus Initiative (MVI) and Virus Information Alliance (VIA) — groups organized by Microsoft to coordinate antimalware efforts, and provide effective security for Microsoft customers
Palo Alto Networks warns of lengthening channel lead times (CRN) Next-generation firewall unable to meet standard two-week guarantee on orders, according to email sent to partners today
Digital security company Gemalto expands operations to Ivory Coast (Human IPO) One of the world's leading digital security companies Gemalto has announced further operational expansion in Africa with the commencement of operations in Abidjan, Côte d'Ivoire
Trailblazing Secure Managed Cloud Provider FireHost Appoints Longtime Security Veteran Dr. Parveen Jain to Board of Directors (Herald Online) Secure managed cloud leader FireHost has appointed industry veteran Dr. Parveen Jain to its board of directors
Products, Services, and Solutions
2014 Top Security Tools as Voted by ToolsWatch.org Readers (ToolsWatch) We are honored to announce the 2014 Top Security Tools as Voted by ToolsWatch.org Readers, this is the second edition of our online voting by users and readers
Peerio — End-to-End Encrypted Secure Messenger and File Sharing App (Hacker News) On one end, where governments of countries like Russia is criticizing end-to-end encryption and considering to ban the encrypted communication apps like Snapchat, CryptoCat, WhatsApp and Apple's iMessage. On the other hand, the Internet community has come up with a new and rather more secure encrypted communication app
Watching A Cyberattack Bloom: vArmour Visualizes The Data Breach (Xconomy) Financial firm Morgan Stanley is the latest big company forced to acknowledge a data breach, after finding to its horror early this month that the names and account numbers of thousands of its wealthy investment clients had been posted on the Internet. The New York firm follows entertainment giant Sony and a long list of other apparent cybercrime victims, whose vulnerability leaves other businesses wondering what bugs and cracks might lie undetected in their own computer systems
New Cyber Service Investigates Behavior Of Specific Threats (HS Today) As complex operations become an increasingly frequent feature of contemporary cyber crime, Kaspersky Lab has launched an online service that brings together all the information it holds on the most sophisticated cyber campaigns. The interactive Targeted cyberattacks logbook project displays Kaspersky's research and analysis
Fasoo Launches Secure Content Service for Dropbox Users to Prevent Security Breaches (Virtual Strategy Magazine) Folder Cryptor for Dropbox provides secure management of folders in Dropbox to protect personal files in the cloud
Fpweb.net and Incapsula Team to Secure Global SharePoint Customers (MarketWatch) Incapsula WAF and Global CDN enhances performance for Fpweb.net's 1,500 customers across 80 countries
Cimcor Releases CimTrak Version 2.0.6.18.1; Builds on Heritage of Integrity Monitoring Innovation (IT Business Net) The latest update to Cimcors CimTrak file integrity monitoring and compliance solution version 2.0.6.18.1 includes a host of improvements to make change detection easier than ever for your IT staff
South River Technologies Combines Managed File Transfer and Enterprise File Sharing in New Cornerstone MFT (Marketwired) New release enables better IT oversight and reduces security risk, while providing an easy solution for user productivity
Haystax and Franz Inc. Partner to Deliver Insider Threat Detection Solutions (Virtual Strategy Magazine) Haystax Technology, Inc., and Franz Inc., announced a technology partnership that will enable Haystax to leverage Franz's AllegroGraph technology for patented algorithms and sophisticated behavior models used in Haystax's insider threat detection solutions
LinkedIn Selects Proofpoint's Nexgate Division for Certified Compliance Partner Program (MarketWatch) Nexgate's advanced social media security and compliance solutions add best-in-class LinkedIn functionality
NICE Systems, CloudScann partner on mobile app deployed by NJ TRANSIT (Urgent Communications) NICE Systems and CloudScann announce an integrated solution that lets users document incidents in the field via their smartphones and enable two-way transmissions of text, photo and video information with a centralized command center
ESET launches ESET NOD32 Antivirus 8 and ESET Smart Security 8 (Technuter) ESET, the global player in proactive digital protection, has announced the latest versions of its flagship security software products: ESET NOD32 Antivirus 8 and ESET Smart Security 8. The latest line-up includes Botnet Protection and Enhanced Exploit Blocker that protects against exploits and offer anti-phishing and social media scanning capabilities
IBM Launches z13 Mainframe — Most Powerful and Secure System Ever Built (PRNewswire) First system able to process 2.5 billion transactions per day, built for mobile economy. Makes possible real-time encryption on all mobile transactions at scale. First mainframe system with embedded analytics providing real time transaction insights 17X faster than compared competitive systems at a fraction of the cost
WatchGuard Earns Top Spot in Network World Product Shootout for UTM Firewall Appliances (PRNewswire) WatchGuard's Firebox® T10 stands out with its real-time visibility tool Dimension™, great user management interface, and new services like Advanced Persistent Threat protection
Technologies, Techniques, and Standards
ISO floats storage security standard (Register) ISO/IEC 27040:2015 is bedtime reading for storage admins
5 questions to ask before a breach happens (CSO) Use these five questions to start the conversations necessary to 'assume breach' and plan ahead
Strategy: Planning and Recovering From a Data Breach (SecurityWeek) 2014 was a terrible, horrible, no good, very bad year for cyber attacks. Target's point-of-sale attack in late 2013 proved to be a common breach theme in 2014, targeting retailers such as Michaels, Kmart, Home Depot, and Neiman Marcus. Attackers also began targeting cloud applications, from Apple iCloud to Salesforce (Zeus variant and Dyreza) to Office 365. The recent Sony Pictures breach also demonstrated attackers' turn for the malicious, from sending threatening employee emails and demanding ransom to creating malware focused not just on exfiltration but on destroying data
Getting Employee Security Awareness Training Right (SecurityWeek) Time after time, attackers seem to find ways to get users to open an attachment
CapTipper — Malicious HTTP traffic explorer tool (Omri Herscovici) CapTipper is a python tool to analyze, explore and revive HTTP malicious traffic. CapTipper sets up a web server that acts exactly as the server in the PCAP file, and contains internal tools, with a powerful interactive console, for analysis and inspection of the hosts, objects and conversations found
Dynamic Malware Analysis with REMnux v5 — Part 1 (Count Upon Security) Part 1 illustrates a series of very useful tools and techniques used for dynamic analysis. Security incident handlers and malware analysts can apply this knowledge to analyze a malware sample in a quick fashion using the multi-purpose REMnux v5. This way you can extract IOCs that might be used to identify the malware across your defense systems and aid your incident response actions
Design and Innovation
Competition: Design the UK’s crypto-open-backdoor stamp of approval! (Graham Cluley) If David Cameron is re-elected as British Prime Minister in May, he plans to introduce legislation that will get rid of all that pesky security that prevents the law enforcement agencies from snooping on secure communications
Academia
Nysmith Students Meet Cyber Defense Challenge (Connection) Two teams of middle school students from The Nysmith School of Herndon recently finished second and 12th out of 200 U.S. and Canadian teams participating in the seventh Annual CyberPatriot National Youth Cyber Defense Competition. The program puts students in the position of newly-hired IT professionals and challenges them to find and resolve cybersecurity vulnerabilities in simulated environments
Legislation, Policy, and Regulation
David Cameron to press Barack Obama on security fears (Financial Times) David Cameron will seek Barack Obama's support this week for a push to improve co-operation between intelligence agencies and technology companies such as Twitter and Facebook, warning the president that public safety is at stake
US mulls more sanctions even as North Korea denies cyber attack on Sony (Big News Network) The United States is contemplating a new set of sanctions against North Korea over its alleged involvement in the massive cyber attack on Sony even as the reclusive nation repeatedly denied any role
Syria urges intelligence sharing to fight terrorism: state media (Reuters) Syrian President Bashar al-Assad urged states fighting terrorism to share intelligence, Syrian state media reported on Wednesday, saying European policies were responsible for attacks by Islamist gunmen in France last week
Prime minister wrong on encryption say experts (SC Magazine) Prime minister David Cameron's perceived criticism of encryption technologies has prompted a staunch defence from the information security community
Australia tries to ban crypto research — by ACCIDENT (Register) Academics could risk JAIL under defence trade laws starting in May
FACT SHEET: Safeguarding American Consumers & Families (White House: Office of the Press Secretary) Today, President Obama will build on the steps he has taken to protect American companies, consumers, and infrastructure from cyber threats, while safeguarding privacy and civil liberties. These actions have included the President's 2012 comprehensive blueprint for consumer privacy, the BuySecure initiative — launched last year — to safeguard Americans' financial security, and steps the President took earlier this year by creating a working group of senior administration officials to examine issues related to big data and privacy in public services and the commercial sector
Sony hack gives Obama political capital to push cybersecurity agenda (Christian Science Monitor) In gridlocked Washington, the aftereffects of the cyberattack on Sony Pictures may ultimately forces Republicans and Democrats to come together on an information-sharing bill
Obama wants Congress to increase prison sentences for hackers (Ars Technica) Proposal also expands hacking definition. That's a "dangerous idea," expert says
Obama's War on Hackers (Errata Security) In next week's State of the Union address, President Obama will propose new laws against hacking that could make either retweeting or clicking on the above link illegal. The new laws make it a felony to intentionally access unauthorized information even if it's been posted to a public website. The new laws make it a felony to traffic in information like passwords, where "trafficking" includes posting a link
Obama Security Proposals 'Will Create Cyber Police State' (Forbes) Another of Obama's recommendations could see offenses covered by the CFAA included in prosecutions under the Racketeering Influenced and Corrupt Organizations Act. According to Graham, just being linked to a hacker group would land you in danger of a 20-year prison sentence. As many innocent researchers and interested parties hang around in the same chatrooms and forums as criminal hackers, this could again ensnare many who don't deserve to have their online activities criminalised
Obama's cybersecurity plans part of decade-old programs (AP via the Longview News-Journal) President Barack Obama said Tuesday that recent cyberthreats to Sony and the military's U.S. Central Command are reminders of the serious threats facing the nation. But an Associated Press review shows that some of his plans are retreads from years past
Experts: Obama's Calls for New Cybersecurity Laws a Good Start, but Nation Needs More (SIGNAL) President Barack Obama has put the cybersecurity ball into Congress' court, seeking legislation that pushes what some industry experts have clamored for in the quest to better protect the nation's information network
Senator to introduce data breach bill (The Hill) Sen. Bill Nelson (D-Fla.), the ranking member on the Senate Commerce Committee, will soon introduce a data breach notification bill that closely resembles a proposal President Obama called for during a Monday speech
Remarks as delivered by DNI James R. Clapper on "National Intelligence, North Korea, and the National Cyber Discussion" at the International Conference on Cyber Security (Office of the Director of National Intelligence) It's great to be here after fighting the snow traffic in Washington to get to the airport, and then flying here
The Futile Effort to Determine When a Cyber Incident Becomes an Armed Attack (Council on Foreign Relations) As Adam mentioned the other day, the Sony hack highlighted the fact that even after years of debates and increased public attention on cyber issues, fundamental policy questions in this area remain unanswered
Michael Daniel: Cybersecurity's many moving parts (Federal Times) Michael Daniel was a long-time national security budget official at the Office of Management and Budget before being tapped in 2012 to oversee the interagency development and implementation of national cybersecurity strategy and policy, leading to President Obama's 2013 milestone signing of Executive Order 13636
In OPM cyber breach, security experts spy fundamental problem (Federal News Radio) While it's far from a full-fledged cyberattack, the "technical malfunction" that besieged an Office of Personnel Management Web portal Monday underscores a governmentwide problem that, experts say, is not easy to fix
NSA Official: Support for Compromised Dual EC Algorithm Was 'Regrettable' (Threatpost) In a new article in an academic math journal, the NSA's director of research says that the agency's decision not to withdraw its support of the Dual EC_DRBG random number generator after security researchers found weaknesses in it and questioned its provenance was a "regrettable" choice
Thornberry Gives Intel Oversight to Full HASC (DefenseNews) The newly minted House Armed Services Committee chairman is putting his mark on the panel, shifting oversight of military intelligence to the purview of the full committee
DISA releases security guidance in implementing, hosting cloud services for DoD agencies (FierceGovernmentIT) The Defense Information Systems Agency Jan. 13 publicly released guidance that updates and codifies enhanced cybersecurity requirements for implementing and hosting cloud computing systems for certain types of sensitive Defense Department data
Department of Defense (DoD) Cloud Computing Security Requirements Guide (SRG) (Defense Information Systems Agency) Cloud computing technology and services provide the Department of Defense (DoD) with the opportunity to deploy an Enterprise Cloud Environment aligned with Federal Department-wide Information Technology (IT) strategies and efficiency initiatives, including federal data center consolidation
DISA Shrinks Cybersecurity To Grow It (Breaking Defense) The day before Islamic radicals hijacked Central Command's Twitter account, the Defense Information Systems Agency officially launched a major overhaul intended, among other things, to increase cybersecurity
Alert: The Regulation of Virtual, Digital and Crypto-currencies (JDSupra Business Advisor) A virtual currency is "a digital representation of value that is neither issued by a central bank or public authority nor necessarily attached to a [fiat currency], but is used by … persons as a means of exchange and can be transferred, stored or traded electronically"
What regulations meant to govern rotary phones could do when applied to the internet (Quartz) In the midst of the gonzo traffic of back-flipping mini-drones, driverless cars and football fields of mobile internet fueled innovation at the Consumer Electronics Show in Las Vegas last week — FCC chairman Tom Wheeler sounded downright presidential
Should Intelligence Officers be 'Hunters' or 'Gatherers'? (Cicero Magazine) Senior American leaders, from President Obama on down, and the U.S. intelligence community as a whole were caught flatfooted
Shakeup at Secret Service; 4 executives reassigned (AP via KLTV) Four of the highest-ranking Secret Service executives have been reassigned following a series of security mishaps and scathing reports questioning leadership within the agency, the Secret Service said Wednesday
UK's Defense Export Chief To Step Down (DefenseNews) The head of the British government's £13 billion a year defense and security equipment export organization is to stand down
Activist pulls off clever Wi-Fi honeypot to protest surveillance state (Ars Technica) "All traffic that occurred via our wireless network has been logged"
Litigation, Investigation, and Law Enforcement
Thousands of German spies at risk after double-agent stole list of identities (Telegraph) Double agent working for US, identified only as Markus R, may have sold top-secret details of 3,500 German intelligence officers posted abroad, according to Bild newspaper
MI6 forced to show how it may snoop on privileged lawyer-client exchanges (Guardian) Documents passed to civil liberties group Reprieve reveal intelligence agency's attempt to show it stays within the law
CIA board breaks with watchdog, clears agency of spying on Senate (The Hill) In a break with its former inspector general and overseers on Capitol Hill, a CIA accountability board has determined that agency officials did not wrongly spy on the Senate early last year
Undercover Agent Reveals How He Helped the FBI Trap Silk Road's Ross Ulbricht (Wired) The FBI agents who arrested Ross Ulbricht in the science fiction section of a San Francisco public library in October of 2013 left nothing to chance
Government Demands for Verizon Customer Data Drop (Threatpost) The number of subpoenas, total orders and warrants that the United States government delivered to Verizon all dropped in the second half of 2014, according to the company's latest transparency report
Reddit user cracks The Pirate Bay secret code (HackRead) The Pirate Bay (TPB), an online index of digital contents that went down on Dec 9 after police raided its data center in Sweden, has been dropping hints that February 1 will be a grand day
Money laundering finds new home in trade finance arena (FierceCFO) As regulators crack down, corporates need to take a closer look
Sextortionist who preyed on teens via Facebook and Skype gets 53 months (Naked Security) A Scottish sextortionist who preyed on victims as young as 13 has been sentenced to 53 months in jail and three years of monitoring after that
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
ShmooCon (Washington, DC, USA, Jan 16 - 18, 2015) ShmooCon is an annual east coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software and hardware solutions, and open discussions of critical infosec issues. The first day is a single track of speed talks called One Track Mind. The next two days bring three tracks: Build It, Belay It and Bring It On
Upcoming Events
FloCon 2015 (Portland, Oregon, USA, Jan 12 - 15, 2015) FloCon is an open network security conference organized by Carnegie Mellon University
California Cybersecurity Task Force Quarterly Meeting (Walnut Creek, California, USA, Jan 20, 2015) The California Cyber Security Task Force serves as an advisory body to California's senior government administration in matters pertaining to Cyber Security. Quarterly Cybersecurity Task Force meetings address State and Federal cyber legislation; provide updates on Task Force efforts to improve California's cyber workforce and education; promulgate critical information to enhance California's cyber awareness and preparedness; discuss state advances in cybersecurity and digital forensics; and grant residents an opportunity to share cyber information and innovation
FIC 2015 (Lille, France, Jan 20 - 21, 2015) The International Cybersecurity Forum (FIC) forms part of a thinking and exchange process that aims at promoting a pan-European vision of cybersecurity and strengthening the fight against cybercrime, a priority for the European Union as stated in the Stockholm Programme for 2010–2015. Its objective is to open up the cybersecurity debate by bringing together security and risk management experts with non-specialists to enable them to compare viewpoints and lessons learnt
IARPA Proposers' Day for the Cyber-attack Automated Unconventional Sensor Environment (CAUSE) Program (Washington, DC, metropolitan area, Jan 21, 2015) The Intelligence Advanced Research Projects Activity (IARPA) will host a Proposers' Day Conference for the Cyber-attack Automated Unconventional Sensor Environment (CAUSE) Program on January 21, 2015, in anticipation of the release of a new solicitation in support of the Program. The Conference will be held from 9:00 AM to 4:00 PM EDT in the Washington, DC metropolitan area. The purpose of the Conference will be to provide introductory information on CAUSE and the research problems that the Program aims to address, to respond to questions from potential proposers, and to provide a forum for potential proposers to present their capabilities and identify potential team partners
4th Annual Human Cyber Forensics Conference: Exploring the Human Element for Cloud Forensics (Washington, DC, USA, Jan 21 - 22, 2015) The Human Cyber Forensics Conference addresses the human element of cyber. Presentations will look at the tradecraft and efforts required to identify, understand, navigate, and possibly influence human behavior within and across networks. The conference will bring together subject matter experts to discover and share new means of recognizing human related cyber indicators, and the evolution of these human indicators in the coming decades. The Human Cyber Forensics Conference will focus on such topics as insider threat, next generation social engineering, progressive communications, neuroscience, social cognition, social media, and neuro-ethics
AppSec California (Santa Monica, California, USA, Jan 26 - 28, 2015) OWASP's AppSec California goes beyond "security for security?s sake" bringing application security professionals and business experts together with the objective of sharing new information that helps get the right work done faster, so organizations are better able to meet their goals
Cyber Security for Critical Assets: Chemical, Energy, Oil, and Gas Industries (Houston, Texas, USA, Jan 27 - 28, 2015) Cyber Security for Critical Assets Summit will connect Corporate Security professionals with Process Control professionals and serve to provide a unique networking platform bringing together top executives from USA and beyond. They are coming together not only to address the continuing cyber threats and set precautions framework, but most importantly to provide necessary tools, insights and methodological steps in constructing a successful secure policy. These policies will after all protect the critical assets needed to safeguard their company assets
Data Privacy Day San Diego — The Future of IoT and Privacy (San Diego, California, USA, Jan 28, 2015) Join the Lares Institute, Morrison & Foerster, and the National Cyber Security Alliance for Data Privacy Day in San Diego. DPD San Diego will bring together privacy luminaries to discuss fundamental issues facing consumers and business, including in-depth panel discussions on privacy, the Internet of Things (IoT), and many other critical topics
Cyber Threat Intelligence Summit (Washington, DC, USA, Feb 2 - 9, 2015) Join SANS for this innovative event as we focus on enabling organizations to build effective cyber threat intelligence analysis capabilities
Suits and Spooks (Washington, DC, USA, Feb 4 - 5, 2015) Suits and Spooks DC (Feb 4-5, 2015) is moving to the Ritz Carlton hotel in Pentagon City! We're expanding our attendee capacity to 200 and for the first time will be including space for exhibitors. We have an international panel of speakers from the public and private sectors and we'll be adding live-streaming via Webex for those who cannot attend in person
Nullcon 2015 (Goa, India, Feb 4 - 7, 2015) Nullcon discusses and showcase the future of information security, next-generation of offensive and defensive security technology as well as unknown threats
ICISSP 2015 (Angers, Loire Valley, France, Feb 9 - 11, 2015) The International Conference on Information Systems Security and Privacy aims at creating a meeting point of researchers and practitioners that address security and privacy challenges that concern information systems, especially in organizations, including not only technological issues but also social issues. The conference welcomes papers of either practical or theoretical nature, presenting research or applications addressing all aspects of security and privacy, such as methods to improve the accuracy of data, encryption techniques to conceal information in transit and avoid data breaches, identity protection, biometrics, access control policies, location information and mobile systems privacy, transactional security, social media privacy control, web and email vulnerabilities, trust management, compliance violations in organizations, security auditing, and so on. Cloud computing, big data, and other IT advances raise added security and privacy concerns to organizations and individuals, thus creating new research opportunities
2015 Cyber Risk Insights Conference — London (London, England, UK, Feb 10, 2015) The cyber threat landscape is undergoing rapid change. Lloyd's and the London market are at the forefront of developing insurance products to address the evolving exposures of organizations throughout the world. Privacy remains a key concern, but increasingly board members, corporate executives and risk professionals are focusing on a broader array of cyber-related risks. These include industrial espionage and various operational risks, including business interruption and contingent business interruption. Mark your diary for Advisen's 4th Annual Cyber Risk Insights Conference in London on Tues 10 Feb 2015. Graeme Newman of CFC Underwriting is the 2015 Conference Chairman. Sponsors include Swiss Re Corporate Solutions, Willis, and Epiq Systems
AFCEA West 2015 (San Diego, California, USA, Feb 10 - 12, 2015) Showcasing emerging systems, platforms, technologies and networks that will impact all areas of current and future Sea Service operations.
Cybersecurity: You Don't Know What You Don't Know (Birmingham, Alabama, USA, Feb 24 - 25, 2015) What: Connected World Conference in partnership with University of Alabama at Birmingham's Center for Information Assurance and Joint Forensics Research (The Center) have teamed up to bring professionals together to discuss security and connected devices. Purpose: Convene the leading industry, government, and academia leaders. Chief Objective: Influence professionals from the most innovative and influential organizations in the world will meet to unravel the relationship between the connected society and cybersecurity