The CyberWire Daily Briefing 02.10.15
Kurdish hackers take the Turkish government to task for its alleged support of ISIS.
Government services — notably in China, Russia, North Korea, and Iran, but elsewhere as well, as such activity establishes new international norms — are expected to continue to expand espionage and sabotage in cyberspace.
KrebsOnSecurity looks at the Anthem breach and suggests it may have started as early as April of 2014, far earlier than Anthem's announced December attack date. Anthem says the compromise may be traceable to successful phishing of a few employees. Investigators continue to speculate about possible Chinese government responsibility for the breach, but remember the notorious difficulty of attribution. (Read Tenable's blog for a refresher course in healthy skepticism. Attribution's difficulty seems to motivate the US White House's formation of its new Cyber Threat Intelligence Integration Center.)
State insurance commissioners are calling for a multi-state investigation of Anthem's security. Other regulators (like the Federal Financial Institutions Examination Council and New York's Department of Financial Services) clarify guidance for the sectors they oversee.
Ransomware remains of concern, with Critroni affecting French businesses and CryptoWall appearing in a new, stripped-down variant.
Dr. Web reports on a multi-purpose Linux backdoor Trojan. PlugX retains its popularity as a tool for targeted attacks.
Today is Patch Tuesday: non-premium customers should know shortly what Microsoft intends to fix.
The public and private sectors seem in a surly, reactive mood, as op-eds variously call for cyber-law-west-of-the-Pecos or Citizens' Vigilance Committees (or at least a more active corporate approach to cyber crime).
Today's issue includes events affecting Australia, Bangladesh, China, European Union, France, Germany, Iran, Democratic Peoples Republic of Korea, Republic of Korea, New Zealand, Philippines, Russia, Singapore, Somalia, Sweden, Turkey, United Kingdom, United States, and and Vietnam.
Cyber Attacks, Threats, and Vulnerabilities
"Stop Supporting ISIS": Anonymous Kurdistan Hacks Turkish Govt. Websites (HackRead) On Thu, 02 Jan 2014, a Kurdish hacker going with the handle of Anonymous Kurdustan & Muhmad Emad hacked two Turkish government websites belonging to the Afyonkarahisar Provincial Disaster and Emergency Management (Afyonkarahisar is a city in western Turkey, the capital of Afyon Province), asking the Turkish government to stop supporting the ISIS terrorist group
Nation-State Cyber Espionage, Targeted Attacks Becoming Global Norm (Dark Reading) New report shows 2014 as the year of China's renewed resiliency in cyber espionage — with Hurricane Panda storming its targets — while Russia, Iran, and North Korea, emerging as major players in hacking for political, nationalistic, and competitive gain
Anthem Breach May Have Started in April 2014 (KrebsOnSecurity) Analysis of open source information on the cybercriminal infrastructure likely used to siphon 80 million Social Security numbers and other sensitive data from health insurance giant Anthem suggests the attackers may have first gained a foothold in April 2014, nine months before the company says it discovered the intrusion
Anthem Breach: Phishing Attack Cited (GovInfoSecurity) Phishing campaigns now targeting Anthem members
Probe of Anthem pushed after consumer data stolen in cyber attack (ABC 7 News Denver) Members of the National Association of Insurance Commissioners want a multi-state examination of Anthem, Inc. and its affiliates, following the discovery of a cybersecurity breach at the health insurance company
Health data breaches could be expensive and deadly (CSO) Health-related data breaches could be expensive and life-threatening
New multi-purpose backdoor targets Linux servers (Help Net Security) A new multi-purpose Linux Trojan that opens a backdoor on the target machine and can make it participate in DDoS attacks has been discovered and analyzed by Dr. Web researchers, who believe that the Chinese hacker group ChinaZ might be behind it
PlugX, Go-To Malware for Targeted Attacks, More Prominent than Ever (Threatpost) Existing in some form since 2008, the popular remote access tool PlugX has as notorious a history as any malware, but according to researchers the tool saw a spike of popularity in 2014 and is the go-to malware for many adversary groups
Cryptowall 3.0 Slims Down, Removes Exploits From Dropper (Threatpost) A slimmed down version of Cryptowall is in circulation, and this one contains no built-in exploits, confirming a growing trend that most ransomware will be spread almost exclusively via exploit kits
French firms targeted with ransomware (Help Net Security) French companies are the latest targets of cyber crooks wielding the CTB Locker (aka Critroni) ransomware
Is Anonymous Attacking Internet Exposed Gas Pump Monitoring Systems in the US? (TrendLabs Threat Intelligence Blog) Even as attacks on SCADA devices has become more public, devices are constantly being reported as Internet-facing and thus, vulnerable to attacks. Very little security is implemented on these devices, making them perfect targets of opportunity. Recently, Internet-facing gas station pumps have gained some attention, when several articles exposing the availability of these devices were published online
Senate Report Slams Automakers for Leaving Cars Vulnerable to Hackers (Wired) Since hackers first began demonstrating that they could take over cars' digital systems to slam on brakes or hijack steering, most automakers have done everything they can to avoid publicly discussing whether their vehicles are vulnerable. Massachusetts Senator Edward Markey, however, has demanded answers on that car-hacking question. Now he's released his findings: the answers are messy at best, and dangerous at worst
Watch how car hackers can disable brakes and steal your personal data (We Live Security) When US TV correspondent Leslie Stahl drove her car around a deserted parking lot the other day, she was in for a big surprise
Be careful when talking in front of a Samsung SmartTV (Help Net Security) Owners of Samsung SmartTVs that use its Voice Recognition feature to control the device should be aware that everything they say in front of their smart television set may end up in the hands of third parties
From Zero to Your Credit Card (Cyactive) A recent blog post by Nick Hoffman highlights the efficiency of reusing malware techniques and just how easy it is to develop a credit card data stealing malware. The malware that he notes consists in fact of the basic processes that every PoS malware uses. This malware doesn't have a name, and probably served as a Proof-Of-Concept. It is tiny (4k) and as of April 2014 was undetected by most Antivirus. Yet, bottom line, it can steal your credit card data
Chipotle apologises for offensive tweets, says account was hacked (Naked Security) Fast-food restaurant chain Chipotle was forced to apologise after its Twitter account was used to post racist, homophobic and anti-government tweets on Sunday morning
Subdomain of Arizona Army National Guard website hacked by 3xp1r3 Cyber Army (HackRead) The famous Bangladeshi hackers from 3xp1r3 Cyber Army are back in action. This time the hackers hacked and defaced the sub-domain of the official Arizona Department of Emergency & Military Affairs (DEMA) on Feb 2nd, 2015
Marriott Hotels Hit by Credit Card Breach (eSecurity Planet) All the affected locations are run by franchise operator White Lodging Services
Security Patches, Mitigations, and Software Updates
Creaking Patch Tuesday's Viability Rests with Quality, Speed (Threatpost) Today is Patch Tuesday, the 11-year-old procession of security bulletins from Microsoft streamed out automatically to consumers of Windows Update, and pulled en masse by enterprise admins worldwide needing to test each for compatibility
Microsoft products face increased out-of-band patching, predicts Tripwire (ComputerWorld) Is life getting easier or worse for admins given the job of patching Microsoft products or is it perhaps just the same as it's ever been but gradually changing in nature?
It's cyber war: guerrilla tactics gain traction as defense strategy (Reuters) A barrage of damaging cyberattacks is shaking up the security industry, with some businesses and organizations no longer assuming they can keep hackers at bay, and instead turning to waging a guerrilla war from within their networks
Cyber-Attacks Force a Defence Strategy Rethink (EWN) US insurer Anthem Inc. said hackers may have made off with some 80 million personal health records
The Uses and Abuses of Cryptography (CircleID) Another day, another data breach, and another round of calls for companies to encrypt their databases. Cryptography is a powerful tool, but in cases like this one it's not going to help. If your OS is secure, you don't need the crypto; if it's not, the crypto won't protect your data
"Assume Breach" is Not a Defeatist Point of View (Norse Blog) As an industry, we have collectively been talking about the concept of assume breach for at least two years now. Frankly, it's probably been much longer than that, and I feel like the idea is starting to take hold
Security, Privacy Lapses Stem Largely from Lack of Enforcement, Study Finds (IT Business Edge) You'd think that organizations would have learned by now. But as last week's news of the Anthem breach shows, hackers still find it too easy to steal critical information from high-profile companies. A disturbing dimension of all of this is that too often, organizations have the proper security and privacy controls in place, but there's just one problem: They fail to properly enforce them
Are smart homes security smart? (Help Net Security) A new ENISA study aims to identify both the security risks and challenges as well as the countermeasures required for emerging technologies in smart homes, providing a specific and focused approach, with an overview of the current state of cyber security in this emerging domain
It's Safer Internet Day. So where is our Internet of Secure Things? (We Live Security) Today, Tuesday 10 February, has been declared "Safer Internet Day" — a day for all of us to work together to "create a better internet together"
3 questions you should be asking on Safer Internet Day (Naked Security) What's in a word?
Four Reasons Why Millennials Should Care About Safer Internet Day (TechCrunch) Growing up, I was always close to technology. I explored the vast world of the Internet from a young age. I created my first email account when I was 10 years old, but had no concept of acting safe online and signed up for numerous websites that promised free TVs and other cool prizes. It wasn't long before I fell victim to phishing attacks and almost sent money to someone in Florida for a puppy
AVG: Parents complacent about keeping kids safe online (TrustedReviews) To mark Safer Internet Day 2015, TrustedReviews spoke to Tony Anscombe, AVG's ambassador of free products, to learn about some of the biggest cyber issues facing parents today
CEO heads may roll for security breaches in wake of Sony boss' exit, experts say (Silicon Valley Business Journal) The massive, embarrassing data breach that preceded the exit of Sony Pictures co-chairman Amy Pascal put CEOs on notice that failure to take information security seriously may now be a firing offense
Security professionals warn against relying on cyber insurance (ComputerWeekly) Security professionals have warned businesses not to rely on cyber insurance in the face of increased cyber attacks
Company Shares of Proofpoint Inc Rally 6.22% (Wall Street Pulse) Shares of Proofpoint Inc (NASDAQ:PFPT) rose by 6.22% in the past week and 6.67% for the past 4 weeks. For the past week, the counter has outperformed the S&P 500 by 3.1% and the outperformance increases to 6.12% for the past 4 weeks
Company Shares of Nice-Systems Ltd (ADR) Rally 9.91% (Wall Street Pulse) Shares of Nice-Systems Ltd (ADR) (NASDAQ:NICE) rose by 9.91% in the past week and 7.47% for the past 4 weeks. For the past week, the counter has outperformed the S&P 500 by 6.67% and the outperformance increases to 6.91% for the past 4 weeks
Company Shares of Cyberark Software Ltd Rally 9.45% (Winston View) Shares of Cyberark Software Ltd (NASDAQ:CYBR) rose by 9.45% in the past week and 0.03% for the past 4 weeks. The shares have outperformed the S&P 500 by 6.23% in the past week but underperformed the index by 0.49% in the past 4 weeks
Company Shares of Radware Ltd. Rally 3.95% (Wall Street Pulse) Shares of Radware Ltd. (NASDAQ:RDWR) appreciated by 3.95% during the past week but lost 7.19% on a 4-week basis. The shares have outperformed the S&P 500 by 0.89% in the past week but underperformed the index by 7.67% in the past 4 weeks
HP Acquires Voltage Security (CSO) Today came news that the software giant HP has made a new acquisition. This time they have picked up the encryption vendor Voltage Security. Congrats to Sathivk Krishnamurthy and team
Wandera Raises $15M To Protect Mobile Data And Deliver It More Cheaply (Forbes) The dual current focuses on mobile enablement and IT security mean that there are a growing number of vendors pitching their solution as a mobile-specific one
Consulting Firm System 1 Views Cyber's Landscape Through 'Democratization' of Capability, Exposure (ExecutiveBiz) Federal agencies have put cybersecurity defenses high on their agendas in recent years due in part to a "democratization of cybersecurity capability"
ObserveIT detects UK channel opportunity (ChannelPro) US security vendor ObserveIT launches in UK with new partner programme and EMEA sales chief
Which IBM Layoff Numbers Add Up? (IEEE Spectrum) Last month, tech journalist Robert X. Cringely reported that 26 percent of IBM's employees were about to be shown the door, potentially more than 100,000 people if you look at IBM's worldwide workforce of more than 400,000. IBM responded that it had already announced that it was writing off $580 million for "workforce restructuring," a number consistent with laying off several thousand people. That's a big gap
Calling IBM'ers Who Have Been Chrome'ed, RA'ed, or PIP'ed: Tell Us Your Story (IEEE Spectrum) IBM is currently in the midst of a workforce reduction. Journalist Robert X. Cringely reports that more than 100,000 current employees will be dropped from the payroll by March; IBM counters that it's planned a layoff that will be less than a tenth of that amount
Bridging the Cybersecurity Skills Gap: 3 Big Steps (Dark Reading) The stakes are high. Establishing clear pathways into the industry, standardizing jobs, and assessing skills will require industry-wide consensus and earnest collaboration
Security Startup Illumio Hires Sales Exec From Ruckus (Re/code) Four months after popping out of stealth mode, the security startup Illumio is seriously ramping up its sales efforts
Two Coalfire Executives among the 2015 Federal 100 from Federal Computer Week (Herald Online) Robert Barnes and Tom McAndrew recognized for federal IT expertise
Products, Services, and Solutions
AirPatrol and Pay Tel Announce Partnership to End Contraband Cell Phone Use in Correctional Facilities (Finances) Addressing the growing problem of illicit cell phone use in correctional facilities, AirPatrol, a developer of mobile device detection systems, and Pay Tel Communications, a provider of inmate phone service, today announced a partnership to combat cell phone smuggling
Carahsoft Adds RSA Offerings to GSA Schedule (ExecutiveBiz) Carahsoft Technology has added the security products and services of RSA, the security division of EMC, to its General Services Administration schedule
AppGuard® for AFCEA Members on CauseNetwork (PRNewswire) Preferred price and $5 donation to AFCEA Educational Foundation STEM Program
Exabeam handles security threats in real time with user behavior intelligence (Tech Republic) Too many firms lack security visibility into their networks, while hackers prowl using stolen credentials. The solution, says Exabeam, requires user behavior intelligence
5 Top Firefox Addons For Anonymous Surfing (eHacking) Firefox is fast,reliable and secure browser that provides a lot of different features except browsing. So this article will talk about anonymous surfing via Firefox
Why Northern HSC Trust chose ForeScout CounterACT for agentless NAC (Cambridge Network) Implementing 802.1x authentication controls across thousands of owned network devices in a large organisation is both complex and time-consuming. Deploying authentication to devices you don't own, manage or (sometimes) know about introduces a new set of issues
DISA Rolls Out Collaboration Tool for Secure Web Conferencing (SIGNAL) Open source enterprise effort expected to save millions of dollars, officials say
Technologies, Techniques, and Standards
FFIEC Issues Cyber-Resilience Guidance (GovInfoSecurity) New business continuity guidelines from the Federal Financial Institutions Examination Council paint a more detailed picture of the cybersecurity initiatives banks and credit unions will be asked about during upcoming examinations
How do we identify our attackers in cyberspace? (Tenable Blog) In 1995 I landed my first independent consulting project: an incident response for an important financial institution in New York City. That experience has informed my attitude about attribution ever since, because it was one of the rare incidents I've ever been involved in when we actually learned the identity and location of the attacker with a high degree of certainty
Email Is Not Forever: Advice on Archiving (eSecurity Planet) In the wake of the Sony scandal, companies may wonder how long to retain email. Hint: The answer is not "forever"
Fighting Advanced Persistent Threat DDoS Using A Pro-Active Defense Approach (Infosec Island) Recently, the Akamai Threat Research Team revealed an application-layer Distributed Denial of Service (DDoS) attack campaign against an airline company web site
Detecting Mimikatz Use On Your Network (Internet Storm Center) I am an awesome hacker. Perhaps the worlds greatest hacker. Don't believe me? Check out this video where I prove I know the administrator password for some really important sites!
A Token's Tale (Google Project Zero) Much as I enjoy the process of vulnerability research sometimes there's a significant disparity between the difficulty of finding a vulnerability and exploiting it. The Project Zero blog contains numerous examples of complex exploits for seemingly trivial vulnerabilities. You might wonder why we'd go to this level of effort to prove exploitability, surely we don't need to do so? Hopefully by the end of this blog post you'll have a better understanding of why it's often the case we spend a significant effort to demonstrate a security issue by developing a working proof of concept
Legacy Approach to Password Management: Trade Security for Convenience? (RSA: Speaking of Security) I came across an article the other day highlighting the importance of password management. The article indicated that employees are willing to sell their passwords to bad actors, and that password management is the right solution to combat this issue. This made me scratch my head — how can password management help mitigate a stolen password or a password that has willingly been handed over?
Don't count on antivirus software alone to keep your data safe (Register) Buckle up with belt and braces
Printer to Shredder — Threat intelligence's problem (Cytegic) You're an IT executive and your company receives regular cyber intelligence updates. They land in your inbox (or have been forwarded to you by your managers, flagged "urgent") every once in a while. When opening one you can find a brief summary of current events or alerts and an attachment, usually a PDF document. If it's over 10 pages long you will then print this and then… well, most likely keep it on your desk for several days. If you have some spare time you might even gaze into this document, and maybe even highlight a paragraph or two for future use. But most likely, you will either ask one of your subordinates to read and summarize it for you or never look at this again before finally shredding it
Design and Innovation
Steps to success in biometric security app design (ZDNet) As we seek new security solutions, what should app developers working in the burgeoning field of biometric security keep in mind?
How a Hacking Stunt at the Academy Awards Launched a Mobile-Security Startup (Inc.) John Hering and his friends discovered a security vulnerability in early bluetooth technology in 2004. They proved what kind of mobile device breach was possible at the 2005 Academy Awards — and turned the concept into a company called Lookout
Will 2015 Be The Year of Information Security Disruption? (CRN) Mark Robinson, president of Findlay, Ohio-based CentraComm, is one of dozens of channel veterans who attends the RSA Conference every year and has watched the security industry's largest annual gathering grow substantially in recent years. Robinson and others recall having to sprint to meet colleagues from one side of the mammoth Moscone Convention Center in San Francisco to the other
Research and Development
China nears launch of hack-proof 'quantum communications' link (MarketWatch) This may be a quantum-leap year for an initiative that accelerates data transfers close to the speed of light with no hacking threats through so-called "quantum communications" technology
Human Traffickers Caught on Hidden Internet (Scientific American) A new set of search tools called Memex, developed by DARPA, peers into the "deep Web" to reveal illegal activity
NSA Announces 3rd Annual Best Scientific Cybersecurity Paper Competition (NSA) The National Security Agency is seeking nominations for the 3rd Annual Best Scientific Cybersecurity Paper Competition. The competition is for scientific papers that were published between January 1, 2014 and December 31, 2014 and that show an outstanding contribution to cybersecurity science. Deadline for nominations is March 31, 2015
Pentagon seeks new war games to combat cyber threats (USA TODAY) The Pentagon think tank that has funded studies into whether Russian President Vladimir Putin has Asperger's syndrome is expanding its research to futuristic war games and investigating the effects of embargoes and trade restrictions, newly released military documents show
DARPA project trains robots to watch YouTube (C4ISR & Networks) Do robots like videos of cute puppies or daring skateboard stunts? Researchers at the Defense Advanced Research Projects Agency might find out, but it will be as a byproduct of the Mathematics of Sensing, Exploitation and Execution (MSEE) program, which is teaching robots to respond to visual information by having them watch YouTube videos
Government Contract to Grier Forensics Speeds-Up Digital Investigation (Forensic Magazine) It is often the case that the spur to innovation in America takes the form of a government solicitation. As an instrument of the people, the government gives power to the those that develop ideas and tools that benefit everyone
Legislation, Policy, and Regulation
France's embrace of harsh anti-terror laws that go far beyond America's Patriot Act (The Week) Hours before 3.7 million people took to the streets of France last month in solidarity with the victims of the Paris shootings, a former minister in the French government tweeted that the country should adopt its own version of the United States Patriot Act
'Glaring hole' in Australia's cyber security policy (The Age) Australia's cyber security policy lacks direction, crucial funding and strength because of an across the board "imagination deficit", experts and analysts say
JCS chairman to take control of [RoK] cyber operations (Yonhap) The Cabinet decided Tuesday to empower the chairman of the Joint Chief of Staff (JCS) to control the operations of the cyber command as part of efforts to counter growing security threats online
U.S.-German Spy Spat Unresolved as Merkel Visits Obama (Bloomberg) The unresolved fallout between the U.S. and Germany over National Security Agency espionage and mass surveillance slid to the background of a visit by Chancellor Angela Merkel to Washington, supplanted by the need for intelligence sharing amid rising threats of terrorism
Obama asks Germany "to give us the benefit of the doubt" on NSA spying (Ars Technica) "The underlying foundation for the relationship remains sound"
National Security Strategy (The White House) Today, the United States is stronger and better positioned to seize the opportunities of a still new century and safeguard our interests against the risks of an insecure world
White House Releases National Security Strategy (Dark Matters) The White Has has released the latest National Security Strategy, which calls for improved network security defenses to protect critical systems and intellectual property from theft, specifically referring to economic espionage by China
Obama Pushes for Greater Intel Sharing in New Strategy (Defense One) Risky or not, the new national security strategy pushes for greater information sharing between intelligence agencies, at home and abroad
New agency to sniff out threats in cyberspace (Washington Post) The Obama administration is establishing a new agency to combat the deepening threat from cyberattacks, and its mission will be to fuse intelligence from around the government when a crisis occurs
Government IT Makes GAO's High Risk List (Fiscal Times) At a time when cyber attacks pose an increasingly serious threat to national security, with hackers launching attacks at the Defense Department every day, watchdogs are flagging federal IT operations as one of the most serious weaknesses in the federal government
The country is vulnerable without CISPA (Baltimore Sun) While some worry about privacy in a proposed cyber intelligence law, they should be worried about attacks. The uninterrupted operation of our nation's infrastructure is vital to our physical and economic security and our lives. It monitors generators producing power; controls valves that allow gas or oil to flow from well to refinery to pump; manages air, rail, and road traffic; and enables banks to process credit card transactions and business activities nationally and internationally
Intelligence Legalism and the National Security Agency's Civil Liberties Gap (Harvard National Security Journal) Since June 2013, we have seen unprecedented security breaches and disclosures relating to American electronic surveillance. The nearly daily drip, and occasional gush, of once-secret policy and operational information makes it possible to analyze and understand National Security Agency activities, including the organizations and processes inside and outside the NSA that are supposed to safeguard Americans' civil liberties as the agency goes about its intelligence gathering business. Some have suggested that what we have learned is that the NSA is running wild, lawlessly flouting legal constraints on its behavior. This assessment is unfair
Eavesdropping on Our Founding Fathers: How a Return to the Republic's Core Democratic Values Can Help Us Resolve the Surveillance Crisis (Harvard National Security Journal) On April 20, 1978, the Democratic Senator from Indiana, Birch Bayh, stood in the well of the U.S. Senate. He rose to speak in support of S.1566, which, six months later, would receive overwhelming congressional approval, the signature of President Jimmy Carter, and become the Foreign Intelligence Surveillance Act of 1978, commonly known as FISA. Senator Bayh admitted to "mixed feelings" that day, wishing that the legislation "was not necessary." Realism, however, demanded otherwise
Navy Submariner Takes Pentagon Cyber Post (Breaking Defense) The Pentagon named a Navy cryptologist to a top cyber policy position today. Rear Adm. Sean Filipowski, who'll get his second star with the new job, is a protégé of former NSA director Gen. Keith Alexander
California lawmaker proposes warrant requirement for digital data access (Ars Technica) "Californians recognize the risk to their privacy," Sen. Mark Leno tells Ars
EU Parliament blocks Microsoft's new Outlook apps over privacy concerns (PCWorld) Access to Microsoft's new Outlook apps has been blocked for members of the European Parliament because of "serious security issues"
Litigation, Investigation, and Law Enforcement
Wall Street regulator weighing insurance industry cyber rules (The Hill) New York's top financial watchdog will conduct cybersecurity spot checks on insurers that could lead to new regulations for the industry, following the massive data breach at health insurer Anthem Inc
The CIA Lawyer Who Led a Secret Effort to Spy on the Senate (Atlantic) An insider's account of why the intelligence agency monitored its overseers
Twitter Reports a Surge in Government Data Requests (New York Times) Twitter on Monday released its twice-yearly transparency report, showing a surge in government requests for users' Twitter information
FBI really doesn't want anyone to know about "stingray" use by local cops (Ars Technica) Memo: Cops must tell FBI about all public records requests on fake cell towers
Ross Ulbricht Didn't Create Silk Road's Dread Pirate Roberts. This Guy Did (Wired) More than 14 months after his arrest, Ross Ulbricht has been convicted of being the Dread Pirate Roberts, the masked figure who ran the Silk Road's unprecedented online supermarket for drugs. But the man who first created that mask — and in many ways served as Silk Road's mastermind just as much as Ulbricht — remains a mysterious figure, and one who by all appearances walked away unscathed from his involvement in the Silk Road's billion-dollar drug operation
5 technologies that betrayed Silk Road leader's anonymity (ComputerWorld) Even technologies designed to preserve privacy can reveal identities when not used thoughtfully
MyCoin closes its doors, $387 million in investor funds vanishes (ZDNet) Bitcoin exchange MyCoin has vanished — leaving up to $387 million in investor funds unaccounted for
Researcher Releases 10 Million Usernames And Passwords In Fight Against Obama's War On Hackers (Forbes) With the sentencing of Barrett Brown, a journalist who was convicted of numerous crimes and whose jail time was increased because he posted a link to stolen data, and some worrying cyber security proposals from the Obama administration that would appear to outlaw the everyday activities of researchers, both hacks and hackers have been anxious about the chilling effects on their work. Quinn Norton, a long-time security writer, said she would no longer report on leaked information for fear of arrest. Errata Security's Robert Graham said there was a war being waged on professional hackers who have only been trying to make the internet safer
Today I Am Releasing Ten Million Passwords (Passwords) Frequently I get requests from students and security researchers to get a copy of my password research data. I typically decline to share the passwords but for quite some time I have wanted to provide a clean set of data to share with the world. A carefully-selected set of data provides great insight into user behavior and is valuable for furthering password security. So I built a data set of ten million usernames and passwords that I am releasing to the public domain
KickAss Torrent Download Website Seized (HackerNews) So far, the torrent users didn't forget the incident of The Pirate Bay seizer, that another most popular Torrent website, KickAss Torrents, has been kicked off by the Somalian registry
Microsoft, PNP to strengthen Philippine cybersecurity (Philippine Daily Inquirer) Microsoft Philippines is partnering with the Philippine National Police Anti-Cybercrime Group (PNP-ACG) to help the government address cybercrime
INTERPOL and the fast-paced digital threat landscape (Help Net Security) Dr. Madan Oberoi is the Director of Cyber Innovation and Outreach Directorate at the INTERPOL Global Complex for Innovation in Singapore. In this interview he talks about the key developments that allow law enforcement to stay on top the fast-paced digital threat landscape, offers insight on the challenges involved in managing international cyber innovation and research within INTERPOL
Cybercrime: the importance of being alert (Malaysian Insider) The recently published Safe Cities Index 2015 by The Economist magazine placed Singapore as the second-safest major city in the world, after Tokyo. The index does not measure simply crime, but also a wide-ranging set of factors, including digital security
Cybercrime happens — deal with it! (ComputerWorld) It's no use waiting for the law to sort it out — businesses need to act too
You can't trust Snapchat to keep your selfies secure, discovers alleged murderer (Graham Cluley) As if you needed more proof that you're a fool if you think sending a picture via Snapchat means that it won't come back to haunt you
Famed God nabbed by the cops (CSO) There is a nonsensical bad habit that some script kiddies have been getting up for the last couple years. This is the practice of swatting. One person who allegedly fancied himself as a "hacker" was Brandon Wilson aka "Famed God". Despite his lofty moniker he was a 19 year old teen from Nevada
Gamer swatted while live-streaming on Twitch.TV (Naked Security) A gamer has recorded a video of his tearful reaction after he was swatted in the middle of a live Twitch stream of RuneScape
Hacker avoids conviction over university cyber-attack (New Zealand Herald) A 20-year-old Auckland computer hacker has been discharged without conviction after launching a cyber-attack on the University of Melbourne in 2011
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
Cybersecurity for a New America: Big Ideas and New Voices (Washington, DC, USA, Feb 23, 2015) In addition to featuring keynote remarks by Admiral Mike Rogers, Director of the National Security Agency, this event will convene experts and practitioners from the public and private sector, military, media, academia, non-governmental and intergovernmental organizations for a series of discussion panels and first person "pop-up" style speeches on the wide range of cybersecurity issues that are affecting and infecting everything from personal devices and corporate networks to national defense and international affairs. The focus of the event will be to push past the status quo and instead explore the next generation of challenges, as well as highlight bold, new ideas to face them. CNN is the event's media partner and will provide a live-stream of the event
The Vulnerability Economy: Zero-Days, Commerce and National Security (Rockville, Maryland, USA, Mar 10, 2015) Dr. Ryan Ellis (Belfer Center, Harvard University) will explore a series of topics around cybersecurity including the challenges and opportunities associated with the growing trade in previously unknown and undisclosed software vulnerabilities ("zero days"). Drawing from a real-world case study, Dr. Ellis investigates the tension between the development of offensive cyber capabilities and cybersecurity. The discussion considers different approaches to disclosing newly discovered vulnerabilities and highlights the key roles that government and industry can play in promoting enhanced cybersecurity
ICISSP 2015 (Angers, Loire Valley, France, Feb 9 - 11, 2015) The International Conference on Information Systems Security and Privacy aims at creating a meeting point of researchers and practitioners that address security and privacy challenges that concern information systems, especially in organizations, including not only technological issues but also social issues. The conference welcomes papers of either practical or theoretical nature, presenting research or applications addressing all aspects of security and privacy, such as methods to improve the accuracy of data, encryption techniques to conceal information in transit and avoid data breaches, identity protection, biometrics, access control policies, location information and mobile systems privacy, transactional security, social media privacy control, web and email vulnerabilities, trust management, compliance violations in organizations, security auditing, and so on. Cloud computing, big data, and other IT advances raise added security and privacy concerns to organizations and individuals, thus creating new research opportunities
Tax benefit, Catalyst Fund and other financial Incentives for Small Businesses (Columbia, Maryland, USA, Feb 10, 2015) Rescheduled. Meet the experts! Tax incentives, credits and loans available for small businesses. Learn the details: How to apply for Cyber Tax Credits, Research Tax Credits, Security Clearance Tax Credits, Secured Space Tax Credit, Maryland Small Business Financing Authority and the Catalyst Fund Manager
2015 Cyber Risk Insights Conference — London (London, England, UK, Feb 10, 2015) The cyber threat landscape is undergoing rapid change. Lloyd's and the London market are at the forefront of developing insurance products to address the evolving exposures of organizations throughout the world. Privacy remains a key concern, but increasingly board members, corporate executives and risk professionals are focusing on a broader array of cyber-related risks. These include industrial espionage and various operational risks, including business interruption and contingent business interruption. Mark your diary for Advisen's 4th Annual Cyber Risk Insights Conference in London on Tues 10 Feb 2015. Graeme Newman of CFC Underwriting is the 2015 Conference Chairman. Sponsors include Swiss Re Corporate Solutions, Willis, and Epiq Systems
AFCEA West 2015 (San Diego, California, USA, Feb 10 - 12, 2015) Showcasing emerging systems, platforms, technologies and networks that will impact all areas of current and future Sea Service operations.
Cybergamut Technical Tuesday: An Hour in the Life of a Cyber Analyst (Hanover, Maryland, USA, Feb 17, 2015) Workshop Description: This hands-on workshop will demonstrate how easy it is for a breach to occur by analyzing a virtualized web server environment. Participants will use open source tools such as port scanners and protocol analyzers to identify security issues and then attempt to exploit the discovered vulnerabilities. Following the hands-on activity, the workshop will conclude with a discussion about how to avoid some of the security failures that were identified. The workshop will be presented by Ryan Harvell of OPS Consulting and Marcelle Lee of Anne Arundel Community College CyberCenter
DEFCON | OWASP International Information Security Meet (Lucknow, India, Feb 22, 2015) Defcon | OWASP Lucknow International Information Security Meet is a combined meet of Defcon and OWASP Lucknow. Defcon Lucknow is a DEF CON registered convention for promoting, demonstrating & spreading awareness regarding the field of Information Security and OWASP Lucknow is a chapter of OWASP Community
10th Annual ICS Security Summit (Orlando, Florida, USA, Feb 22 - Mar 2, 2015) Attendees come to the Summit to learn and discuss the newest and most challenging cyber security risks to control systems and the most effective defenses. The Summit is designed so you leave with new tools and techniques you can put to work immediately when returning to your office. The summit will allow you to learn from industry experts on attacker techniques, testing approaches in ICS, and defense capability in ICS environments
Workforce Development Forum — CyberWorks Information Session (Baltimore, Maryland, USA, Feb 24, 2015) Are you a technology company that would like to actively participate in growing the right candidates for your open IT and cybersecurity positions? Are you a job seeker interested in pursuing a career in IT/cybersecurity who would benefit from business mentorship and hands-on practical work experience? If you said yes to either question please join us at the upcoming CyberWorks information session to learn how you can benefit from this innovative program. CyberWorks is an industry-led, workforce development program designed to help Maryland companies fill their cybersecurity needs with qualified candidates, while simultaneously helping individuals start careers and improve Maryland's economy
Cybersecurity: You Don't Know What You Don't Know (Birmingham, Alabama, USA, Feb 24 - 25, 2015) What: Connected World Conference in partnership with University of Alabama at Birmingham's Center for Information Assurance and Joint Forensics Research (The Center) have teamed up to bring professionals together to discuss security and connected devices. Purpose: Convene the leading industry, government, and academia leaders. Chief Objective: Influence professionals from the most innovative and influential organizations in the world will meet to unravel the relationship between the connected society and cybersecurity
NEDForum: Cyber Network Exploitation and Defence: "Darknet & the Primordial Soup of Cyber Crime" (Edinburgh, Scotland, UK, Feb 27, 2015) Speakers will cover such topics as: "Fear and loathing on Darknet," (Greg Jones, Managing Consultant, Digital Assurance), "Securing the internet of everything" (Rik Ferguson, Global Vice President Security Research, Trend Micro), and "Is your organisation setup for success in security?" (Patrick Brady, Independent Consultant)