The CyberWire Daily Briefing 01.09.15
As French police close in on terror suspects, several French municipal Websites are defaced with the black flag of ISIS and a message praising the Charlie Hebdo massacre.
In the US, the FBI investigates media Website defacements by the self-described "CyberCaliphate."
Ukraine says the Russian government, not mere hacktivism, is to blame for attacks on German government Websites.
Attribution of the Sony hack remains as controversial as ever, at least in the judgment of the media covering the story, prompting some to conclude the attack may have been overdetermined. Researchers take a look at North Korea's Naenara browser (based on an obsolete version of Firefox and slaved to the DPRK's RedStar operating system). They find "more than a little weirdness." What's not weird, or at least not unexpected, is that Naenara seems built for censorship and decloaking.
Researchers find a Linux DDoS Trojan apparently designed to assemble a large denial-of-service botnet. Other researchers discover root command execution vulnerabilities in Asus routers.
Lookout reports that SocialPath, nominally a privacy tool, is actually a malicious data theft app.
Ars Technica publishes a look at Cryptowall 2.0's advanced evasion and obfuscation features.
Cyber criminals hunt Netflix credentials.
US officials, notably DNI Clapper and NSA Director Rogers, see the Sony hack as an inflection point. Clapper tells business to wake up to China's cyber threat; Rogers foresees a greater role for Government in defending private networks. In the UK, MI5's chief warns of terrorism and calls for more extensive Internet surveillance capabilities and authorization.
Notes.
Today's issue includes events affecting China, European Union, France, Germany, Iran, Ireland, Japan, Democratic Peoples Republic of Korea, Russia, Saudi Arabia, Switzerland, Syria, Taiwan, Ukraine, United Kingdom, and United States.
Cyber Attacks, Threats, and Vulnerabilities
Charlie Hebdo: Hacker Posts "Death to Charlie" Message With ISIS Flag on French Municipality Websites (Tripwire: the State of Security) A hacker has defaced the websites of a number of French municipalities with a message in support of the Wednesday attacks against the satirical French magazine Charlie Hebdo, a massacre which killed 12 including two police officers
Reuters: Ukraine says Russia behind cyber attack on German government (Kyiv Post) Ukraine's prime minister blamed Russian intelligence on Jan. 8 for a hacker attack against German government websites, for which a pro-Russian group claimed responsibility
Inside North Korea's Naenara Browser (Threatpost) Up until a few weeks ago, the number of people outside of North Korea who gave much thought to the Internet infrastructure in that country was vanishingly small. But the speculation about the Sony hack has fixed that, and now a security researcher has taken a hard look at the national browser used in North Korea and found more than a little weirdness
Persistent hijacked GoDaddy domains serve malware via Turkish IPs (Dynamoo's Blog) Last year I wrote about a small bunch of IPs belonging to Radore Veri Merkezi Hizmetleri A.S in Turkey that seemed to be aggressively pushing an exploit kit via hijacked GoDaddy domains. Today I was slightly surprised to see that this is still going on, and in some cases using the same domains as they were all those months ago
Linux DDoS Trojan Has Obfuscating RootKit (DarkMatters) Analysts have identified a Linux DDoS Trojan with a built-in rootkit that is suspected to be building an arsenal of zombie systems that could be leveraged for distributed denial of service attacks
Got an Asus router? Someone on your network can probably hack it (Ars Technica) Root command execution bug invades most wireless routers
SocialPath privacy tool steals data, researchers warn (ComputerWeekly) The SocialPath mobile privacy tool is really a piece of mobile malware that steals users' data, researchers have warned
Thunderstrike — new Mac "ueberrootkit" could own your Apple forever (Naked Security) US-based security researcher Trammell Hudson presented an intriguing paper on Mac rootkits at the recent Chaos Computer Congress (CCC) in Germany
Inside CryptoWall 2.0: Ransomware, professional edition (Ars Technica) Code that switches from 32-bit to 64-bit and turns off Windows' defenses
Cracked Andromeda 2.06 Spreads Bitcoin Miner (Fortinet Security Research) Andromeda is a botnet that has had a long history. The latest version is now 2.09, which most active bots would have already received. Recently, however, our FortiGuard Labs Threat Intelligence system was able to capture the activities of a previous variant of Andromeda that is apparently still alive. During our analysis, we found that it is a cracked version of an old variant, and the author used it for spreading a Bitcoin miner
8chan, related sites go down in Lizard Squad-powered DDoS (Ars Technica) 8chan founder says "there is no way to know" who really attacked imageboard site
Netflix Credentials Targeted by Phishing Campaign (Softpedia) A new malicious email campaign has been observed by security researchers to target customers of Netflix by feeding them a message purporting to be an important notification from the media streaming service
Pastebin: The remote backdoor server for the cheap and lazy (Register) Web clipboard should be a mainstay of enterprise blacklists
Jan 8 New Year, Old Problems: Large-Scale Dating Site Spam Run Hits Users (TrendLabs Security Intelligence Blog) 2015 has just begun, but we're already seeing old problems crop up again — this time abusing a lot of legitimate web sites. Since the start of the year, we've been seeing a significant increase in the number of spammed messages with links that lead to various Russian dating sites
Hackers try to Blackmail Swiss Bank After Stealing Data: Report (AFP via SecurityWeek) Swiss bank BCGE said Thursday hackers had stolen the personal data of thousands of clients as a newspaper reported it was being blackmailed
Malvertising Campaign Affects 1.8 Billion (Infosecurity Magazine) The Huffington Post, Yahoo News, AOL, TMZ and many others are being hit with malvertising, in all reaching a total of 1.5 billion web visitors
ICS CP/PE (Cyber-to-Physical or Process Effects) case study paper — German Steel Mill Cyber Attack (SANS ICS) In December, 2014 the German government's Bundesamt für Sicherheit in der Informationstechnik (BSI) (translated as Federal Office for Information Security) released their annual findings report. In one case they noted that a malicious actor had infiltrated a steel facility. The adversary used a spear phishing email to gain access to the corporate network and then moved into the plant network. According to thereport, the adversary showed knowledge in ICS and was able to cause multiple components of the system to fail. This specifically impacted critical process components to become unregulated, which resulted in massive physical damage
Underground hacker markets are thriving reports Dell's SecureWorks Counter Threat Unit (TechRepublic) A December 2014 security report finds that the internet's underground hacker economy is booming. This economy is doing so well that it's becoming a buyer's market
Report: More than 88 percent of cloud apps not enterprise ready (Cyber Security Business) Compromised credentials are frequently being used in enterprise cloud apps, putting sensitive business information at risk, according to a report released today by cloud app analytics company Netskope
U.K. Power Grid is Under Attack From Hackers Every Minute, Says Parliament (BusinessWeek) The U.K. government is one step ahead of hackers trying to turn off the country's lights — for now
Hacking into smart home devices is like 'stealing someone’s life' (Cable) The growth in the number of smart devices is increasing the risk of consumers having vital data stolen by hackers, US networking company Cisco has said
16-31 December Cyber Attacks Timeline (Hackmageddon) Despite still related to December 2014, here is the first timeline for 2015 covering the main events occurred between the 16th and 31st December 2014 (first part here)
Security Patches, Mitigations, and Software Updates
Evolving Microsoft's Advance Notification Service in 2015 (Microsoft Security Response Center) Our Advance Notification Service (ANS) was created more than a decade ago as part of Update Tuesday to broadly communicate in advance, about the security updates being released for Microsoft products and services each month. Over the years, technology environments and customer needs have evolved, prompting us to evaluate our existing information and distribution channels. This desire to improve is why customers may have seen us introduce myBulletins to provide bulletin reports tailored to customer preferences, discontinue the Deployment Priority matrix in favor of the Exploitability Index, modify the Exploitability Index to account for more threat scenarios, simplify security bulletin content to help customer understanding, and create a centralized glossary for bulletin definitions. The change being announced today fits within that context
Patch Tuesday January 2015 Preview (Qualys Blog) It is January 2015 and the week before the year's first Patch Tuesday. Microsoft should have posted their first Advance Notification (ANS) kicking off the patch cycle. But a new year brings many changes and the Advanced Notification is affected by one of them. Microsoft will stop providing the ANS information to the general public and parties interested will have to ask for the it through their account manager. Hmmh, I personally have always thought that our customers were interested in the information contained in ANS, but we will see how that works out
Microsoft decision to end public advanced notice for Patch Tuesday 'shocking,' says Rapid7 (FierceITSecurity) Microsoft announced on Thursday that it will no longer make its advanced notification service for its Patch Tuesday security updates available to the public
Aw, don't be iDict! Apple kills brute force iCloud cracker (Register) Nefarious activities? I did it 'cos I could — hacker
OpenSSL Patches Eight Vulnerabilities (US-CERT) OpenSSL has released updates patching eight vulnerabilities, one of which may allow an attacker to cause a Denial of Service condition
Cyber Trends
2015: Get Ready for More Attacks on Trust (Venafi) Over the past few years, the threatscape has changed more than some realize. Cyberattackers want trusted status and they are misusing the very technologies that create trust for their nefarious purposes
Cyber attackers and defenders prepare for 2015 (Federal Times) 2014 was known as the year of the cyber breach. Forty-three percent of companies experienced a breach last year, including highly visible and damaging hacks to Sony, Home Depot, Target, and JP Morgan Chase. Unfortunately, the cyber breaches of 2014 were not an aberration, but a likely trend. Both the public and private sectors received wakeup calls from these breaches and are beginning to respond accordingly by working together
BAE Systems Applied Intelligence Reveals Top Five Predictions for 2015 (BAE Systems Newsroom) Based on its work this year in the fields of cyber security and financial crime, BAE Systems Applied Intelligence believes the following will be the top five predictions for the digital criminality landscape in 2015
2014 Hack Retrospective, Or Why Security Ecosystems Matter (TechCrunch) The "Year of the Hack" will probably be one way that 2014 will be remembered. But it actually began in 2013 with a phishing email sent to independent, mid-sized air conditioning vendor Fazio Mechanical
The coming shift in security (Help Net Security) Vendors continue to trumpet new platforms as the best way to improve enterprise-level security. Flashy spinning visualizations, added scalability and the meaningless "next-gen SIEM" or "SIEM 2.0" monikers adorn vendor websites. Big data platforms and upgraded databases provide searchable storage to help security analysts find the root cause for security incidents, provided they know what these incidents are and where to find them
Analysis of global defense-in-depth architectures (Help Net Security) Attackers are bypassing conventional security deployments almost at will, breaching systems in a wide swath of industries and geographies. That's the stark conclusion of new data gathered by more than 1,600 FireEye network and email sensors deployed in real-world networks
State of the Internet: Attack traffic, DDoS, IPv4 and IPv6 (Help Net Security) Akamai today released its latest State of the Internet report, which provides insight into key global statistics such as connection speeds and broadband adoption across fixed and mobile networks, overall attack traffic, global 4K readiness, and IPv4 exhaustion and IPv6 implementation
Akamai predicts more cheap hacking toolkits, political attacks next year (CSO) We'll be seeing more severe vulnerabilities like Shellshock and Heartbleed in 2015
Cyber Warfare Risk: What Are The Investment Impacts? (Seeking Alpha) The devastating cyber-attack against Sony and its allegedly state-sponsored origins raises several key questions with respect to the security risk for the global financial system
An Optimistic Lens on Cybersecurity (Wall Street Journal) Welcome to my first guest column of 2015, in which I will try to inspire some optimism. Fortunately, there are many signs that the world is getting better from an informational standpoint. Not only is there Big Data, but also much more interest in and availability of external data, more focus on information that provides context, and more desire for predictive analysis. Being broader in our information focus, trying to turn data into insight, and anticipating events rather than simply responding to them — all these orientations are making both companies and the world at large better places to work and live
Netskope Report Reveals High Frequency of Compromised Credentials in Enterprise Cloud Apps (PRNewswire) Netskope, the leader in safe cloud enablement, today released the January 2015 Netskope Cloud Report™ that monitors enterprise cloud app usage and trends. The report shows a continued increase in cloud app usage across enterprises, as well as the high volume at which files are being shared outside of a given organization. Most notably, the report finds that as many as 15 percent of business users have had their credentials compromised. Since up to half of users re-use passwords for multiple accounts, the likelihood of users logging into business-critical apps with these credentials is high, putting business-sensitive data at risk
Malaysia 2015: Symantec, Blue Coat, Fortinet, Axis, Citrix, InfoWatch (MIS Asia) Computerworld Malaysia presents, in completely random order, extracts of interviews and commentaries from industry leaders, which include some of the key challenges and opportunities for the ICT sector in Malaysia in 2015
Marketplace
US Navy Expands CANES Vendor Pool (Defense News) Two more companies have been added to the five already approved to take part in the US Navy's Consolidated Afloat Networks and Enterprise Services (CANES) program, a $2.5 billion, multi-year effort to upgrade ship-and-shore-based computer networks
US Cyber Command Draft RFP Seeks Wide Range of Services (Defense News) The Pentagon has issued a draft solicitation for an omnibus contract for a wide range of services to US Cyber Command, including support for offensive and defensive operations, and management of military networks
U.S. to lead next decade's C4ISR spending, report says (C4ISR & Networks) The emergence of asymmetric warfare and increased counterterrorism efforts will continue to fuel increased U.S. spending on interoperability and integrated solutions for the next decade, according to a recent forecast report by Strategic Defence Intelligence
Gemalto finalizes the acquisition of SafeNet (Gemalto) Gemalto (Euronext NL0000400653 - GTO), the world leader in digital security, today announces the final closing of the acquisition of SafeNet, the worldwide leader in data and software protection, after approval by the relevant regulatory and antitrust authorities
Day & Zimmermann Becomes Sole Owner of SOC LLC and Appoints New SOC President (Marketwired) Day & Zimmermann (D&Z) today announced that it has become the sole owner of SOC LLC (SOC), a leading provider of security, logistics and life support services to the U.S. Government domestically and abroad
Cloud provider Virtustream joins McAfee security alliance (ChannelBiz) The McAfee Security Innovation Alliance (SIA) partner programme is designed to promote the development of interoperable security products
Former Mandiant VP of Finance Joins AnyPresence as CFO to Manage Rapid Growth (Virtual Strategy Magazine) AnyPresence, a leading cloud-based mobile platform provider, today announced Danielle Metzler has joined the company as Chief Financial Officer reporting to Anirban Chakrabarti, Co-Founder and CEO. Mrs. Metzler assumes strategic and tactical financial responsibilities for AnyPresence's growing enterprise mobility software business
White House CIO Returns to Small Business, e-Management (Businesswire) e-Management announces former White House Chief Information Officer (CIO) Karen Britton has joined the company's leadership team as senior vice president (SVP) & chief operating officer (COO). Ms. Britton is a seasoned executive with over 25 years of experience as a strategic consultant, delivering a diverse range of IT solutions to public and private sector clients. Ms. Britton's arrival follows the company's recent spin-off of its newly created commercial unit, CyberRx, LLC, launched in the 4th Quarter of 2014 to provide cybersecurity readiness and preparedness solutions for small and medium-sized businesses looking to strengthen their cybersecurity posture
AXON Ghost Sentinel, Inc. Names Michael Markulec as President & CEO (PRWeb) AXON Ghost Sentinel, Inc. names Michael Markulec as President & CEO and updates senior leadership
ThreatTrack Security Bolsters Executive Team with Veteran Product and Sales Leadership (IT Business Net) ThreatTrack focuses on driving growth, accelerating innovation and establishing its leadership in cybersecurity
Products, Services, and Solutions
AnomalyDetection: Twitter Launches Spam and Bot Activity Detection Tool (HackRead) Twitter has launched a new tool helping administrators in detecting activity spikes in terms of info received by the service from the users. This tool is called the AnomalyDetection and it is useful for finding bot and spam activity
Redspin Launches IT Security Consulting Practice (Virtual Strategy Magazine) New service addresses the need for expert guidance on information security program development, secure cloud migration strategies, HIPAA/PCI compliance, mobile security assessments and more
LyncShield launches new authentication solution for Lync users of secure tokens (LyncShield) LyncShield has introduced a new security solution that allows users of RSA SecurityID and other secure tokens to safely connect to their organization's Lync server without using their AD (Active Directory) credentials
Cytegic Introduces Cybersecurity Maturity and Strategic Risk Management Technology to North American Markets (Marketwired) Cytegic Is the first cybersecurity management platform designed for an executive audience
BrightLine Receives Accreditation From A2LA as a FedRAMP Third Party Assessment Organization (3PAO) (Marketwired) BrightLine CPAs & Associates, Inc. is pleased to announce that it has received accreditation to maintain its' Third Party Assessment Organizations (3PAOs) status from the American Association for Laboratory Accreditation (A2LA). A2LA is the independent accreditation body that now performs competency and independence assessments of to 3PAO's as part of the Federal Risk and Authorization Management Program (FedRAMP)
Alibaba, Microsoft agree to crack down on counterfeit software (ZDNet) Alibaba Group will strengthen its anti-counterfeit measures to protect the intellectual property rights of Microsoft as part of a new memorandum of understanding
Technologies, Techniques, and Standards
What New Year’s Resolutions Should Chief Security Officers Be Making? (TechWeekEurope) The best-laid plans of mice and men often go awry, but what plans should CSOs be making this year? Here are some great suggestions along with top tips on how to see them through
Hacking with Kali: Practical Penetration Testing Techniques (TechTarget) In this excerpt of Hacking with Kali: Practical Penetration Testing Techniques, authors James Broad and Andrew Bindner outline the five phases of the penetration testing lifecycle
How to reduce the chances of distributed denial-of-service attacks (TechTarget) Distributed denial-of-service attacks are increasingly a menace for enterprises. Expert Michael Cobb discusses industry initiatives that can help enterprises reduce the occurrence and power of DDoS attacks
Deobfuscating Malicious Macros Using Python (Trustwave: SpiderLabs) Over the past few weeks, we've observed cybercriminals spamming users, particularly in the UK, using document files embedded with malicious macros masquerading as invoices. The attachment is either a Word or an Excel document file
10 Steps to Maximize your Home Wireless Network Security (Heimdall Security) We emphasized so many times we are living in an interconnected world and it is a fact we take for granted. This increasing level of connectivity between us and our devices implies not only a greater degree of physical mobility for us, but also the possibility to access the Internet in most places in the world
Design and Innovation
Internet of Things demands security by design (CIO via CSO) FTC Chairwoman Edith Ramirez takes the stage at CES to caution vendors in the hot IoT space to bake in security and privacy controls, and to give users options to limit data collection
Innovation must not come at the price of security (Help Net Security) One of the main themes to come out of CES has been the advancement of the Connected Human. Whilst we can't commute to work on a Hoverboard just yet, "Sent From My Fridge" emails are now a reality and we can expect to program our coffee machines to have an espresso waiting for us when we arrive home
New Opportunities, New Risks: The Internet of Things and Business Innovation (CIO) The Internet of Things (IoT) is creating unprecedented opportunities for both individuals and organizations to gain greater value from networked connections among people, processes, data and things
DNA For Cryptography Chips (Semiengineering) DNA markers are making counterfeit chips a lot easier to identify, and DNA chips are on the drawing board
Google Calendar's Enforced Birthdays Show The Ugly Side Of Algorithms (TechCrunch) You may recall that Google's mission is to "organize the world's information". So if you've been seeing the Birthdays of people you hardly know appearing UFO-like in your Google Calendar lately, never fear — this is just Mountain View doing its thang organizing your stuff
Research and Development
How Reverse-Engineering the Brain Could Help Machines Learn (Nextgov) Today's supercomputers and high-end machines are fast and powerful, but they don't learn well
Academia
Code.org Launches U.S. Teacher Training Program In Districts With Highest Diversity (TechCrunch) Code.org's Code Studio will be training teachers in 60 different school districts in the U.S., including the 7 largest school districts with the highest diversity in the country
Legislation, Policy, and Regulation
Official: NSA will lead fight against hacks (KRDO) NSA also taking a lead role in combating future large-scale hacks
Sony Hack Prompts U.S. Review of Public Role in Company Security (Bloomberg) The hack of Sony Pictures Entertainment has U.S. officials reassessing when and how the government should help private companies defend against digital assaults, National Security Agency Director Michael Rogers said
Preventing a 'cyber Pearl Harbor' (Washington Times) The Hollywood hack attack revealed the need to upgrade cybersecurity
US Ignores China, N. Korea Cyber Threats, Top Spy Says (Tom's Guide) American businesses need to take significant steps to prevent theft of trade secrets by Chinese spies, North Korea is "deadly serious" about harming the United States through online attacks, and federal budget cuts and the Snowden leaks have left the country less safe, Director of National Intelligence Gen. James R. Clapper said yesterday (Jan. 7)
Nation-State Cyberthreats: Why They Hack (Dark Reading) All nations are not created equal and, like individual hackers, each has a different motivation and capability
North Korea Threatens 'War Disaster' Over Sanctions (NBC News) North Korea has again condemned U.S. sanctions imposed on the country following a cyberattack on Sony Pictures Entertainment and on Wednesday demanded the restrictions be lifted
Snowden: US has put too much emphasis on cyber-offense, needs defense (Ars Technica) In PBS NOVA interview, Snowden warns that USS cyber-warfare strategy could backfire
Snowden Claims U.S. Policy Is Creating A Black Market For Digital Weapons (TechCrunch) Edward Snowden says in a new interview with NOVA Next that the U.S. government wrongly promotes cyber offense strategies at the expense of weakening the system and leaving it open to cyber attacks from the black market
Euro Parliament: Time to rethink DRIP, other snoop laws (Register) Report says all blanket data retention violates EU rights
Cyber Risk: New UK Guidance Makes Ostrich Defence for Directors Even More Untenable (Willis Wire) When I blogged recently about cyber threats and the insurance response particularly from the standpoint of D&O insurance, I said: "The steps directors take to inform themselves of the risks posed to their companies and to mitigate these risks form the main planks of both their individual and their collective defences when (rather than if) something bad happens. If they do nothing, they will have little or no defence or excuse"
Secretive Private Intelligence Contractors Need Better Oversight (Defense One) The possibility of waste, fraud, and abuse exists in any government program. We minimize this risk through transparency, independent oversight and public accountability. Secret intelligence programs, however, are a different story
CISPA Cybersecurity Bill Returns (National Journal) Rep. Dutch Ruppersberger is renewing his push for cyber information-sharing legislation. Rep. Adam Schiff, an NSA critic, has replaced Ruppersberger as the top Democrat on the House Intelligence Committee. Sen. Ron Wyden reintroduced his bill to end "backdoor" NSA searches. The FCC plans to vote on accuracy rules for cellular 911 calls, and Republicans are getting desperate to find a compromise on net neutrality
Credit Union Watchdog Shoots Down Data Encryption Rule (Threatpost) Even after suffering a data breach, the organization in charge of overseeing the needs of credit unions has cast off the idea of implementing a rule mandating the use of encryption for data transfers
FCC Chief Hints He'll Enact Obama's Net Neutrality Plan (Nextgov) Federal regulators appear to be on the brink of claiming expansive powers over Internet access to protect the principle of net neutrality
On net neutrality, Internet providers are betrayed by one of their own (Ars Technica) ISPs angry after lobbyist-turned-FCC chairman suggests Title II classification
Schiff Named Top Democrat on Intelligence Panel (Roll Call) Minority Leader Nancy Pelosi announced Thursday that California Democrat Adam B. Schiff will be the next ranking member on the Intelligence Committee
Navy Official on Needs: Fewer Acquisition Regulations, More Cyber Capabilities (Roll Call) The Navy's top acquisition and R&D official on Wednesday outlined his needs, which included: no new acquisition regulations from Congress, and, in fact, fewer; more spending on cyber and electronic warfare and offensive surface warfare; and the end of the across-the-board cuts of sequestration
Litigation, Investigation, and Law Enforcement
Syria-Based Terror Cells Targeting U.K., MI5 Chief Says (Bloomberg) The U.K. has thwarted three terrorist plots in recent months, the head of the domestic intelligence agency said as he called for more resources to deal with the threat of Syria-based extremists
MI5 boss: We NEED to break securo-tech, get 'assistance' from data-slurp firms (Register) Only brief reference to Charlie Hebdo in pre-planned speech
Can cash-strapped Europe prevent terrorism surge? (CNBC) As France is left reeling from several shootings in the space of 24 hours, risk analysts and terrorism experts fear that cash-strapped Europe is ill-equipped to deal with the threat
FBI: Sony Hacker IP Addresses Used 'Exclusively' By North Korea (Infosecurity Magazine) FBI director James Comey has confirmed the agency's conviction that a destructive cyber attack on Sony Pictures was carried out by North Korea, claiming that mistakes by the hackers led the trail back to IP addresses used "exclusively" by the hermit nation
Why You Still Shouldn't Totally Trust FBI Claims On North Korean Hacking Of Sony (Forbes) FBI director James Comey today tried to shed some light on his agency's claims that North Korea was behind the Guardians of Peace cyber attacks that tore apart Sony Pictures in November and forced the cancellation of The Interview, a comedy in which the two central characters are asked to assassinate the country's leader Kim Jong-Un. But, according to security experts, it's unlikely that his fresh assertions that the hackers were sloppy and leaked data that led back to North Korea will stand up to scrutiny
Critics Say New Evidence Linking North Korea to the Sony Hack Is Still Flimsy (Wired) If the FBI's revelations on Wednesday about the sloppiness of North Korea's hackers was meant to silence critics who doubt the government's attribution for what happened to Sony, it failed
FBI's Sony Attribution: Doubts Continue (InfoRiskToday) FBI Director James Comey's Jan. 7 remarks defending the bureau's attribution of the hack attack against Sony Pictures Entertainment to "North Korea actors" haven't silenced many information security experts, who say they remain unconvinced there's enough evidence to attribute the attack to anyone
ISIS loyalists hack local media, spark FBI investigation (Russia Today) The FBI is investigating a group dubbed the 'Cyber Caliphate' after it allegedly hacked websites and social media accounts belonging to a local Maryland television station and a New Mexico newspaper
Impossible Attribution, Aaron Swartz, and Deterring Cybercrime: An Interview with Peter Toren (HackSurfer) The recent cyber-attack against Sony has raised a few legal questions heading into the new year. For example, Sony threatened news outlets for publishing its stolen intellectual property (IP) sparking a debate over the ethics of publishing that material and the attribution of the attack being North Korea continues to be questioned by some experts
Why the Silk Road Trial Matters (Wired) Ross Ulbricht is finally getting his day in court, 15 months after plainclothes FBI agents grabbed him in the science fiction section of a San Francisco library and accused him of running the billion-dollar online drug bazaar known as the Silk Road. It's a day that anyone who cares about crime, punishment and privacy in the shadows of the internet will be watching
Stingray debate doesn't get its day in court (Tehcnical.ly Baltimore) There won't be any hearings in open court about Baltimore's use of the Stingray device to secretly track cell phone data, thanks to a pair of plea deals struck Wednesday
Saudi blogger to be publicly flogged today (Emirates 24/7) For his 1,000 lashes, Badawi is to receive 50 lashes every week for 20 weeks
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
CYBERWEST: the Southwest Cybersecurity Summit (Phoenix, Arizona, USA, Mar 25 - 26, 2015) The purpose of CYBERWEST is to bring together Government and businesses to: Exchange information and learn in areas of policy and strategy; technology and R&D; workforce training and education; and economic, legal, regulatory and insurance impacts. Discuss cybersecurity issues and to focus on applied cybersecurity (i.e. implementing the NIST framework, R&D, legal and regulatory perspectives, state and local approaches). Present content that attendees can take back and use in their organizations
REcon 2015 (Montréal, Québec, Canada, Jun 19 - 21, 2015) REcon is a computer security conference with a focus on reverse engineering and advanced exploitation techniques. It is held annually in Montreal, Canada. The conference offers a single track of presentations over the span of three days along with technical training sessions held before the presentation dates. Technical training varies in length between two and four days
Upcoming Events
Cybersecurity World Conference (New York, New York, USA, Jan 9, 2015) Welcome to Cyber Security World Conference 2015 where renowned information security experts will bring their latest thinking to hundreds of senior business executives and officials focused on protecting the information of today's enterprises and government agencies, respectively. Cyber security experts will discuss topics such as protecting individuals and companies against cyber-attacks, cyber security in the Internet of Things age, biometrics as the future of security, risks brought by mobile computing, and protecting corporate and national infrastructure against foreign attacks
U.S. Commercial Service Market Briefings on Europe's Cyber Security & IT Market (Washington, DC, USA, Jan 12, 2015) Join the U.S. Commercial Service Market Briefings on Europe's Cyber Security & IT Market. The value of the global cyber security market is expected to grow by 11.3% each year, reaching $120 billion by 2017. The Western Europe region alone is estimated to contribute $28.1 billion to this industry, driven by changing threats and technologies. These briefings aim to provide the latest information on Cyber Security & IT markets in Europe
FloCon 2015 (Portland, Oregon, USA, Jan 12 - 15, 2015) FloCon is an open network security conference organized by Carnegie Mellon University
National Cybersecurity Center Of Excellence (NCCOE) Speaker Series: Security In A Cyber World (Rockville, Maryland, USA, Jan 14, 2015) The National Cybersecurity Center of Excellence (NCCoE) Speaker Series showcases global thought-leaders to highlight critical cybersecurity issues of national importance. The keynote speaker will be Chris Inglis, former Deputy Director of the National Security Agency
California Cybersecurity Task Force Quarterly Meeting (Walnut Creek, California, USA, Jan 20, 2015) The California Cyber Security Task Force serves as an advisory body to California's senior government administration in matters pertaining to Cyber Security. Quarterly Cybersecurity Task Force meetings address State and Federal cyber legislation; provide updates on Task Force efforts to improve California's cyber workforce and education; promulgate critical information to enhance California's cyber awareness and preparedness; discuss state advances in cybersecurity and digital forensics; and grant residents an opportunity to share cyber information and innovation
FIC 2015 (Lille, France, Jan 20 - 21, 2015) The International Cybersecurity Forum (FIC) forms part of a thinking and exchange process that aims at promoting a pan-European vision of cybersecurity and strengthening the fight against cybercrime, a priority for the European Union as stated in the Stockholm Programme for 2010–2015. Its objective is to open up the cybersecurity debate by bringing together security and risk management experts with non-specialists to enable them to compare viewpoints and lessons learnt
IARPA Proposers' Day for the Cyber-attack Automated Unconventional Sensor Environment (CAUSE) Program (Washington, DC, metropolitan area, Jan 21, 2015) The Intelligence Advanced Research Projects Activity (IARPA) will host a Proposers' Day Conference for the Cyber-attack Automated Unconventional Sensor Environment (CAUSE) Program on January 21, 2015, in anticipation of the release of a new solicitation in support of the Program. The Conference will be held from 9:00 AM to 4:00 PM EDT in the Washington, DC metropolitan area. The purpose of the Conference will be to provide introductory information on CAUSE and the research problems that the Program aims to address, to respond to questions from potential proposers, and to provide a forum for potential proposers to present their capabilities and identify potential team partners
4th Annual Human Cyber Forensics Conference: Exploring the Human Element for Cloud Forensics (Washington, DC, USA, Jan 21 - 22, 2015) The Human Cyber Forensics Conference addresses the human element of cyber. Presentations will look at the tradecraft and efforts required to identify, understand, navigate, and possibly influence human behavior within and across networks. The conference will bring together subject matter experts to discover and share new means of recognizing human related cyber indicators, and the evolution of these human indicators in the coming decades. The Human Cyber Forensics Conference will focus on such topics as insider threat, next generation social engineering, progressive communications, neuroscience, social cognition, social media, and neuro-ethics
AppSec California (Santa Monica, California, USA, Jan 26 - 28, 2015) OWASP's AppSec California goes beyond "security for security?s sake" bringing application security professionals and business experts together with the objective of sharing new information that helps get the right work done faster, so organizations are better able to meet their goals
Cyber Security for Critical Assets: Chemical, Energy, Oil, and Gas Industries (Houston, Texas, USA, Jan 27 - 28, 2015) Cyber Security for Critical Assets Summit will connect Corporate Security professionals with Process Control professionals and serve to provide a unique networking platform bringing together top executives from USA and beyond. They are coming together not only to address the continuing cyber threats and set precautions framework, but most importantly to provide necessary tools, insights and methodological steps in constructing a successful secure policy. These policies will after all protect the critical assets needed to safeguard their company assets
Data Privacy Day San Diego — The Future of IoT and Privacy (San Diego, California, USA, Jan 28, 2015) Join the Lares Institute, Morrison & Foerster, and the National Cyber Security Alliance for Data Privacy Day in San Diego. DPD San Diego will bring together privacy luminaries to discuss fundamental issues facing consumers and business, including in-depth panel discussions on privacy, the Internet of Things (IoT), and many other critical topics