The CyberWire Daily Briefing 01.12.15
Anonymous, having announced counter-jihad action #OpCharlieHebdo last week, appears over the weekend to have succeeded with a denial-of-service attack against the French-based Islamist site Ansar al Haqq. But (as Anonymous itself could well testify in other contexts) it's difficult to shut down online propaganda: witness the widespread dissemination of kosher-market killer Amedy Coulibaly's video avowal of fidelity to the caliphate, made before French police ended Coulibably's life, but distributed post mortem by Coulibably's sympathizers.
As authorities in France and elsewhere respond to the Islamist violence of the Charlie Hebdo attacks, they turn to the low-hanging fruit of cyber-intelligence. The US President and the UK's Prime Minister will soon meet to discuss even closer cooperation, and the US Attorney General calls for more international cyber intelligence and law enforcement collaboration. Defense intellectuals continue to debate what constitutes casus belli in cyberspace; the US NSA Director says cyber attacks should be met with "consequences."
North Korea's alleged involvement in the Sony hack prompts unusual scrutiny of the DPRK's home-grown (largely stolen) OS and browser. Researchers find them both vulnerable, with the additional fragility any monoculture carries.
Researchers find more commonalities among CosmicDuke, Miniduke and OnioDuke.
TorrentLocker ransomware crops up in Australia and New Zealand.
Google squabbles with White Hat over the security of the former's Aviator OS. Microsoft criticizes Google's open publication of vulnerabilities as hasty and irresponsible.
The Sony hack continues to spur cyber insurance growth. Some venture capitalists think the endpoint security market saturated. TechCrunch publishes leaked Palantir business documents.
Notes.
Today's issue includes events affecting Australia, France, Iran, Ireland, Democratic Peoples Republic of Korea, New Zealand, Russia, United Kingdom, and United States.
Cyber Attacks, Threats, and Vulnerabilities
'Hacktivist' group Anonymous says it will avenge Charlie Hebdo attacks by shutting down jihadist websites (Telegraph) Hacker group Anonymous have released a video condemning the Paris attacks, saying "freedom of expression has suffered an inhuman assault"
Anonymous shuts down first Jihadi website in 'Op Charlie Hebdo' (HackRead) Yesterday we reported Anonymous' plan to conduct cyber attacks on Jihadi websites under the banner of #OpCharlieHebdo, and today the hacktivists have initiated the op by conducting a DDoS attack and shutting down a France based website promoting Jihadi content
The latest Islamic State video shows how hard it is to shut down jihadist propaganda online (Quartz) The latest video from the Islamic State (or ISIL/ISIS), released Jan. 11, shows Amedy Coulibaly, who killed four people in a Paris grocery store last week, declaring his allegiance to the self-declared caliphate and its leader, and urging other Muslims in France to follow in his footsteps
Inspired, Networked & Directed — the Muddled Jihad of ISIS & Al Qaeda Post Hebdo (War on the Rocks) The jihadi movement may have finally become what its original luminaries always wanted it to be — and in Paris of all places
RedStar OS reveals all of North Korea is one giant intranet (CSO) North Korea is…interesting. I've never been to North Korea, so I don't have any firsthand experience to share, but from the outside, the reclusive nation seems like it's a real-life incarnation of George Orwell's 1984 — with pervasive control and manipulation of its population. Robert Hansen, VP of WhiteHat Labs at WhiteHat Security, recently learned that the scope of the North Korean government's control of its people seems to extend even to its state-developed operating system and Web browser
Attacking 'Red Star': Leaks Show Just How Easy It Might Be To Hack North Korea (Forbes) North Korea's Red Star operating system, a clone of Apple's Mac OS X, was leaked online as the world said goodbye to 2014. This gave researchers a chance to poke around the state-tweaked version of Linux and its browser. They've already uncovered some glaring vulnerabilities and some basic coding mistakes
The Sony Hack in Context (CTO Vision) The good news for the moment is that the North Korean attack on Sony Pictures is in the headlines and has the nation discussing cyber security issues. The bad news is that neither the press nor the government is placing the Sony attack in context
MiniDuke, CosmicDuke and OnionDuke have the same matrix (Security Affairs) Security experts collected further evidences of the link between the CosmicDuke, Miniduke and OnioDuke Advanced Persistent Threat campaigns
TorrentLocker Ransomware Hits ANZ Region (TrendLabs Security Intelligence Blog) We recently reported that the EMEA (Europe-Middle East-Africa) region experienced a surge in ransomware, specifically, crypto-ransomware attacks. It appears that these attacks are no longer limited to that region. Research from Trend Micro engineers shows that the ANZ (Australia-New Zealand) region is the latest to be greatly affected by this type of malware — this time by TorrentLocker ransomware
Lizard Stresser Runs on Hacked Home Routers (KrebsOnSecurity) The online attack service launched late last year by the same criminals who knocked Sony and Microsoft's gaming networks offline over the holidays is powered mostly by thousands of hacked home Internet routers
Macs vulnerable to virtually undetectable virus that "can't be removed" (ZDNet) A security researcher has discovered a way to infect Macs with malware virtually undetectable, that 'can't be removed,' and which can be installed using a modified Apple gigabit Ethernet Thunderbolt adapter
Advancing Research on Side Channel Data Leaks (SIGNAL) Technologists measure cybersecurity-threatening computer energy leakage
Inadequate free Wi-Fi protections risk hotel guest security: WatchGuard (CSO Australia) Hotels, restaurants and other hospitality organisations are letting down consumers with inadequate security mechanisms that could expose users to malware or data theft, a new survey of hospitality networks has found
Google Engineers Critical of Aviator Browser Security (Threatpost) Within hours on Thursday of WhiteHat Security releasing its Aviator browser to open source, a remote code execution vulnerability was disclosed, along with a handful of other coding issues that Google security engineers said jeopardized the security and privacy of Aviator's users
Avoid Aviator browser if you care about security and privacy, Google warns (ZDNet) A public spat between WhiteHat Security and Google has erupted over the open-source Aviator browser
Risks in Retail: New POS Vulnerabilities and Malware (CSO Australia) In 2014, large retailers, franchises and small businesses alike were affected by new vulnerabilities and malware targeting point-of-sale (POS) devices, systems and vendors. One recent vulnerability affecting POS devices and systems was detailed by the US-CERT in its Vulnerability Notes Database
Malware coders adopt DevOps to target smut sites (Register) Linux VXers are aiming below the belt
No, the Linux leap second bug WON'T crash the web (Register) Fear the fear, not the second
'Silk Road Reloaded' Adopts I2P Anonymous Network and Darkcoins (Tripwire: the State of Security) 'Silk Road Reloaded,' a new anonymous online drug market, draws upon a host of new anonymizing features, including I2P connectivity and the use of cryptocurrencies other than Bitcoin
Three Reasons to Be Concerned About So-Called Anonymity Apps (IBM Security Intelligence) A time-honored proverb from a Boston politician on how to be discrete goes something like this: "Never write if you can speak; never speak if you can nod; never nod if you can wink." Today, in sharp contrast, a growing number of digital natives are throwing such discretion to the wind as they flock to a new category of so-called anonymity apps
Your private Instagrams weren't as private as you thought they were (Quartz) A privacy hole was publicly exposing an untold number of photographs Instagram users believed were private, until Instagram fixed it this weekend in apparent response to queries by Quartz
Scammers Target Brokerage Accounts (Wall Street Journal) The Morgan Stanley data breach Is a reminder of the big dollars at risk
Microsoft Software Flaws Increase Sharply But Majority Affect IE (Dark Reading) The number of reported flaws in core Windows components in 2014 were lower compared to the year before
Bitstamp reopens Bitcoin exchange, adds security precautions (Ars Technica) The firm preserved its old system for investigators and adopted better security
Hackers have been f**king with downtown LA's road signs (Graham Cluley) It seems that the Los Angeles Department of transportation isn't launching a bold new literacy campaign after all
Mayor says attack on library website was 'random' (Bundaberg NewsMail) Bundaberg mayor Mal Forman has spoken about the hacking of the Bundaberg Regional Libraries website over the weekend
Schools across region fall victim to cyber attack (Hermiston Herald) Schools across the region were without Internet for 30 minutes after their systems were suspect to a hack
Bulletin (SB15-012): Vulnerability Summary for the Week of January 5, 2015 (US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information
Security Patches, Mitigations, and Software Updates
Microsoft swings punch at Google — accuses Project Zero of a "Gotcha!" (Naked Security) Google came under fire right at the start of 2015 for openly publishing source code showing how to exploit a vulnerability in Windows 8.1
A Call for Better Coordinated Vulnerability Disclosure (Microsoft Security Response Center) For years our customers have been in the trenches against cyberattacks in an increasingly complex digital landscape. We've been there with you, as have others. And we aren't going anywhere. Forces often seek to undermine and disrupt technology and people, attempting to weaken the very devices and services people have come to depend on and trust. Just as malicious acts are planned, so too are counter-measures implemented by companies like Microsoft. These efforts aim to protect everyone against a broad spectrum of activity ranging from phishing scams that focus on socially engineered trickery, to sophisticated attacks by persistent and determined adversaries. (And yes, people have a role to play — strong passwords, good policies and practices, keeping current to the best of your ability, detection and response, etc. But we'll save those topics for another day)
Microsoft discontinues Advance Notification Service, but why? (Naked Security) It appears Microsoft is starting out 2015 on the wrong foot
Cyber Trends
Why criminals pick on small business (CSO) Small and midsized businesses are now the preferred targets for cybercriminals — not because they are lucrative prizes individually but because automation makes it easy to attack them by the thousands, and far too many of them are easy targets
The Four Horsemen Of The Cyber Apocalypse (TechCrunch) If 2014 did anything good for cybersecurity, it showed us just how exposed major corporations, governments and militaries are to cyber attacks. From vulnerabilities in our power grids to our cash registers, cyber attacks have become the $400 billion problem. And while the attacks differ in motive and method, there are four consistent perpetrators charging at us at full speed — and we need to rein them in
Cloud security now considered 'a board-level issue' (CloudPro) How cyber breaches and shadow IT are making firms more cautious of cloud
How the software-defined data centre will affect security (Information Age) The software-defined trend has bulldozed its way through the data centre market, affecting servers, storage and networks. But what does it mean for security?
Sony Was Just the Beginning (Newsweek) In 1964, the Stanley Kubrick movie Dr. Strangelove sported an alternate title, How I Learned to Stop Worrying and Love the Bomb. An existential atomic anxiety permeated society: We lived with the dread that just a button push could unleash new technology that would, ironically, end modern life
UD expert predicts bumpy year ahead for cybersecurity (News Journal via Delaware Online) Remember public enemies Bonnie and Clyde, the Great Depression-era robbers who traveled the country with their hardscrabble gang, ticking off felonies like a bucket list?
Fox Host gets hacked live on TV; John McAfee gives a demo of what hackers can do (TechWorm) Stuart Varney asks for proof of hacking; John McAfee provides Live TV Demonstration
Cyber attacks could disable critical US infrastructure: Dempsey (Press TV) America's top military officer General Martin Dempsey says cyber attacks are incredibly disruptive and could disable his country's critical infrastructure
Ireland on frontline in cyber war as hackers box clever (Independent) As the fallout from the Sony hacking debacle worries cyber-security experts worldwide, Irish firms are now regarded as a 'prized target' by criminal hackers — because of our business links with multi-nationals
Marketplace
Sony Hack Shows Need For Cyber Coverage On Many Fronts (Law 360) The massive Sony Pictures Entertainment Inc. hack raises concerns beyond the privacy and data liability issues seen in other recent high-profile cyberattacks, underscoring the need for companies to acquire comprehensive insurance coverage to shield themselves from other cyber-related risks such as business interruption, attorneys say
5 Pitfalls For Emerging Endpoint Security Vendors (CRN) Industry observers: crowded market can't sustain itself
Companies Worry About Security Implications of Cloud Services (eWeek) An annual report on the state of the cloud economy by the Cloud Security Alliance finds that companies are still worried about cloud adoption, even as their employees are increasingly using services
Leaked Palantir Doc Reveals Uses, Specific Functions And Key Clients (TechCrunch) Since its founding in 2004, Palantir has managed to grow into a billion dollar company while being very surreptitious about what it does exactly. Conjecture abounds. The vague facts dredged up by reporters confirm that Palantir has created a data mining system used extensively by law enforcement agencies and security companies to connect the dots between known criminals
IBM in the midst of massive reorganisation (Business Cloud News) IBM has appointed Robert LeBlanc to the role of senior vice president of cloud, with the company set to implement a massive reorganisation, according to multiple reports confirmed by BCN sources
FireEye Inc: FEYE Stock Is in Attack Mode (InvestorPlace) FEYE stock attacks a bullish chart pattern
Alert Logic targets expansion for newly acquired Dallas company (Houston Business Journal) Houston-based Alert Logic Inc. a fast-growing software-as-a-service for the cloud company, announced it acquired Dallas-based Critical Watch, an IT security company Jan. 6, with plans to grow
Tom Still: 'Cybersecurity talent shortage matter of economic and national security' (Wisconsin State Journal) In the (first) Cold War, Americans worried about nuclear attack and a retaliatory Armageddon that would have reduced the world to a smoldering wreck
Vistronix Promotes Paul Falkler to President, National Intelligence Sector (PRWeb) Will lead and expand sector in support of customers' high-priority missions
Products, Services, and Solutions
Vectra Networks correlates odd bits of user behavior that signal an attack in progress (Network World) Behavioral analysis is used to identify and correlate incidents that, taken individually, might be ignored
Threat Data ≠ Threat Intelligence (iSight Partners) We spent most of our limited time on the exhibit floor at the 2014 RSA Conference being very nervous. In a blog prior to the show, Forrester analyst Rick Holland had invoked Office Linebacker Terry Tate to bring the pain train to abusers of the term "actionable intelligence." From what we heard at the various booths, we half-expected Terry to sack the pitchman in the first few minutes of many conversations since many were with organizations claiming to have actionable intelligence
Technologies, Techniques, and Standards
Energy Department releases energy sector cybersecurity framework (Federal Times) Energy companies and utilities should develop risk management strategies and incorporate cyber best practices into their security procedures, according to voluntary guidance released by the Energy Department Jan. 8
Regulating Nuclear Cyber Security: The Core Issues (Langner) If there is anything such as "critical infrastructure" where a cyber attack must be prevented by all means, it's certainly the international fleet of nuclear power plants and associated facilities for the production, processing and storage of nuclear material. Potential cyber attacks against these facilities don't cause concern in respect to the confidentiality, integrity, and availability of information, but in respect of public health and national security
Are We Asking the Right Questions in the Wake of the Sony Pictures Breach? (Wired) Much has been written about the Sony Pictures data breach and no doubt, more will be revealed as time goes on. It is the latest in a string of high-profile attacks that adds Sony, for the second time in recent years, to a litany of marquee breaches that includes eBay, Target, Home Depot, JPMorgan Chase and others
How Sony could've avoided a 'wipe-out' (Information Age) Malware development has reached a new threat level with the emergence of catastrophic 'wiper' worms, such as that used in the attack against Sony Pictures
The 2015 Social Engineering Survival Guide (CSO) What you need to know to keep your enterprise secure from social engineering exploits
Chick-fil-A Breach: Avoiding 5 Common Security Mistakes (Dark Reading) On the surface these suggestions may seem simplistic. But almost every major retail breach in the last 12 months failed to incorporate at least one of them
Google offers security tips for staying safe online (Mashable) Be it the ubiquity of hacking or widespread government surveillance, better online security is something that we could all use more of these days
Website Hacking, Part VI: Input Validation and Filtering in PHP (Infosec Institute) In this part of the series, we are going to examine the different ways to escape HTML characters in PHP in order to add security to your web project. We will also give a brief introduction to PHP's Perl-compatible regular expressions and show how they can be used for input validation. We are also going to examine PHP 5's built-in input validation and filtering methods
Hacking VoIP — Decrypting SDES Protected SRTP Phone Calls (Anthony Critelli) VoIP security is a fairly complex topic, rife with acronyms, competing solutions, and enough implementation challenges to make any administrator pull their hair out
Examining Shellcode in a Debugger through Control of the Instruction Pointer (SANS DFIR) During the examination of malicious files, you might encounter shellcode that will be critical to your understanding of the adversary's intentions or capabilities. One way to examine this malicious code is to execute it using a debugger after setting up the runtime environment to allow the shellcode to achieve its full potential. In such circumstances, it's helpful to take control of the instruction pointer to direct the debugger towards the code you wish to examine
Guest Post: Changing the Cyber Security Playing Field in 2015 (D&O Diary) As I have noted in a number of recent posts, there have been a host of significant cyber security developments, including among the Sony Pictures Entertainment hack attack. These developments have a number of important implications for the cyber security arena in the year ahead. In the following guest post, Paul Ferrillo of the Weil Gotshal law firm takes a look at the implications of these developments for companies and their executives. A version of this alert was initially distributed as a Weil client alert
Cloud Adoption Practices & Priorities Survey Report (Cloud Security Alliance) The benefits for enterprises moving to the cloud are clear: greater business agility, data availability, collaboration, and cost savings. The cloud is also changing how companies consume technology. Employees are more empowered than ever before to find and use cloud applications, often with limited or no involvement from the IT department, creating what's called "shadow IT." Despite the benefits of cloud computing, companies face numerous challenges including the security and compliance of corporate data, managing employee-led cloud usage, and even the development of necessary skills needed in the cloud era. By understanding the cloud adoption practices and potential risks, companies can better position themselves to be successful in their transition to the cloud
The Evolution of Web Application Firewalls (Tech Cocktail) Technological advances related to computing and the Internet have affected every one of us. The Information Revolution that the Internet has made possible is affecting society just as dramatically as the Industrial and Agricultural Revolutions of the past, but there is an unpleasant side to progress
Cyber Marines get tactical during Bold Alligator (Marine Corps Times) Developers with the Office of Naval Research are pushing cyber warfare training further than ever by incorporating it into tactical crisis response scenarios, including those at Exercise Bold Alligator 14
Design and Innovation
Exit Bitcoin, enter block-chain technology (Euromoney) Negative publicity around cryptocurrencies such as Bitcoin has deflected attention from the potential of the underlying technology to facilitate real-time — and therefore much cheaper — international payments
Little known facts about crypto currency technology (Business Quarter) 2014 was an eventful year for cyber security with many cyber breaches, spying scandals, and privacy violations hitting the news. Crypto currencies, a new form of digital payment, have also made headlines of late. PwC's Paul Esparon reveals several little known facts about the technology
Research and Development
Computer scientists "crack" poker (Naked Security) This week's red-hot "Wow, Science!" news is the pronouncement, as many articles are happy to present it, that Poker Is Solved
Legislation, Policy, and Regulation
David Cameron and President Obama to hold security talks (Telegraph) The Prime Minister will fly to Washington to discuss the atrocities in France and the fight against Islamic State, as he draws up plans for joint defences against cyber-attacks with the US President
In Britain, Spy Chief Calls for More Power for Agency (New York Times) Britain's domestic intelligence chief has demanded greater authority for spies to help fight the threat of Islamist extremism, a sign that the attack on a satirical newspaper in Paris is likely to sharpen the security-versus-privacy debate in Western countries
Give security services more money in wake of Paris shootings, former minister says (Telegraph) Lord West, the former security minister, calls for security services to be given more money in the wake of the Paris shootings says he was 'very irked' by Nick Clegg's opposition to giving them new powers
US National Security Threats Warrant 'Global Intelligence System': Advisor (Sputnik News) Former National Security Council special advisor to US President George W. Bush said that the complex range of threats to US national security underscore the need for a global intelligence apparatus
French snooping as deep as PRISM: Le Monde (Register) Metadata on everything 'stored for years'
The Charlie Hebdo attack was a strike against free speech. So why is the response more surveillance? (Guardian) As politicians drape themselves in the flag of free speech and freedom of the press in response to the tragic murder of Charlie Hebdo cartoonists, they've also quickly moved to stifle the same rights they claim to love. Government officials on both sides of the Atlantic are now renewing their efforts to stop NSA reform as they support free speech-chilling surveillance laws that will affect millions of citizens that have never been accused of terrorism
Finding a balance between cybersecurity and liberty to take center stage in months ahead (Personal Liberty) Well-publicized cyberattacks on the U.S. in late 2014 have made it almost certain that government will focus heavily on the nation's technological security in the year ahead. And as cybersecurity talks heat up in Washington, policymakers will be tasked with striking a balance between protecting the nation's cyber infrastructure and enacting rules that threaten U.S. Internet liberties, such as 2012's much maligned Cyber Intelligence Sharing and Protection Act
CISPA: The Awful Anti-Privacy Law That Won't Prevent Another Sony Hack (Gizmodo) CISPA is back. You might remember the bill as the Cyber Intelligence Sharing and Protection Act — or perhaps as "the worst privacy disaster our country has ever faced." Rep. Dutch Ruppersberger reintroduced the bill to the House Intelligence Committee on Friday under the auspices of preventing another Sony hack
Armed Attacks in Cyberspace: A Reply to Admiral Stavridis (Lawfare) Last week, Admiral (Ret.) James Stavridis, former NATO Supreme Allied Commander and presently Dean of the Fletcher School of Law and Diplomacy at Tufts University, correctly expressed concern that "unlike sea, air and land, much of cyberspace's doctrine remains undefined, to include even the most fundamental of terms. We do not even have an agreed-upon definition of what constitutes an attack in cyberspace — and it is high time we did." His article, appearing in Signal, identified a key real-world shortcoming of international law as applied to cyber activities. The lawyers cannot state with any certainty when a cyber operation trips over Article 51's "armed attack" threshold thereby allowing the victim State to respond with either kinetic or cyber force
NSA Director: Must Be 'Price to Pay' for Cyber Attacks (International Business Lines) The director of the National Security Agency thinks the recent cyberattack on Sony Pictures could set a precedent for future attacks aimed at the United States
Obama to unveil plans to improve cyber security (Financial Times) Barack Obama next week will unveil plans to improve cyber security and protect consumers from identity theft, as the administration continues to grapple with the hacking of documents, personal data and emails at Sony Pictures
White House Aims to Harden Cyberattack Defense (Wall Street Journal) Initiative comes after major breaches at Target, Home Depot and Sony Pictures Entertainment
White House seeks cyber bounce from Sony hack concerns (Politico) The White House is preparing a policy package of executive actions and proposed legislation to promote cyberthreat information sharing — taking advantage of public worries following the Sony hack, multiple sources familiar with the planning tell POLITICO
Obama aims to tighten laws on data hacking and student privacy (ITWorld) U.S. President Barack Obama is expected to call Monday for new federal legislation requiring hacked private companies to report quickly the compromise of consumer data
Committee Releases Fiscal Year 2015 Homeland Security Appropriations Bill (US House of Representatives Committee on Appropriations) Bill will fund the Department of Homeland Security for the remainder of the fiscal year, target funds to critical security and law enforcement efforts, limit White House overreach on immigration
Why the US Needs More Than Just $59 Billion for Cyber Defense (Defense One) Despite paying $59 billion for data protections since fiscal 2010, the federal government couldn't stave off hacks against the White House, State Department, Army and dozens of other agencies
Holder urges more global cooperation to fight terrorism (Politico) The United States has "adequate resources" to counter terrorist threats, Attorney General Eric Holder said Sunday, but countries can do a better job of sharing intelligence
Federal Cybersecurity Spending is Big Bucks. Why Doesn't It Stop Hackers? (Nextgov) Despite paying $59 billion for data protections since fiscal 2010, the federal government couldn't stave off hacks against the White House, State Department, Army and dozens of other agencies
French terror attack reframes GOP argument on defunding Department of Homeland Security (Cleveland.com) With the terror attack this week in France, congressional Republicans were put in an awkward position regarding continuing funding of the Department of Homeland Security
DHS head: Cybersecurity, unity of effort top priorities (Federal Times) our months after being confirmed and sworn in as the secretary of homeland security, Jeh Johnson issued a memo to his top leaders in the department that launched his "Unity of Effort" initiative
GOP panel calls briefing on North Korean threat (The Hill) The House Foreign Affairs Committee next week will hold a public briefing on the cyber threat posed by North Korea, Chairman Ed Royce (R-Calif.) announced on Friday
Fischer to Chair Senate Armed Services Subcommittee on Emerging Threats and Capabilities (Political News) Senate Armed Services Committee Chairman John McCain announced that Senator Deb Fischer will chair the Subcommittee on Emerging Threats and Capabilities for the 114th Congress
President Obama Announces More Key Administration Posts (The White House: Office of the Press Secretary) Today, President Barack Obama announced his intent to appoint the following individuals to key Administration posts: David S. Cohen — Deputy Director, Central Intelligence Agency
Litigation, Investigation, and Law Enforcement
NSA director backs FBI claim that N. Korea is behind Sony cyber attack (Arirang News) The U.S. National Security Agency has echoed the FBI's conclusion that North Korea was behind the attack
After Comey's speech, critics still unconvinced by the FBI's Sony hack theories (+video) (Christian Science Monitor: Passcode) Although FBI Director James Comey meant to clarify the agency's case against North Korea in the Sony hack this week, his comments did little to change the balance of a polarized, but largely skeptical, cybersecurity community
FBI's accusation that North Korea hacked Sony has 'puzzle pieces that don't make sense' says Lieberman Software (Computing) Experts are beginning to question the FBI's assertion that North Korea was behind the recent hacking attacks on Sony Pictures
FBI oversaw NSA's email surveillance program, report reveals (Verge) Declassified study sheds new light on the bureau's surveillance activities, but much remains redacted
Intelligence Community Inspector General Releases Evaluation of ODNI Under the Reducing Over-Classification Act (IC on the Record) Pursuant to the Reducing Over-Classification Act of 2010, the Intelligence Community Inspector General produced the following report that examined ODNI adherence to applicable classification policies and regulations. The IC IG evaluation also includes a trend analysis, which found areas that need to be emphasized across the Intelligence Community. In order to complete a thorough analysis, the IC IG waited until the other IGs at CIA, DIA, NGA, NSA and NRO completed their reports
Criminal charges recommended against Petraeus (Military Times) Federal prosecutors are recommending that retired Army Gen. David Petraeus face criminal charges for passing classified information to his former mistress, Paula Broadwell, according to two U.S. officials
Holder: Decision on Petraeus to come from 'highest level' (Military Times) Attorney General Eric Holder isn't saying whether he still will be on the job when the time comes to decide whether to bring charges in the investigation of former CIA Director David Petraeus
Chinese spy chief Ma Jian detained as corruption crackdown widens (South China Morning Post) Investigators detain deputy state security minister Ma Jian in probe believed linked to mainland tech firm Founder Group
E-mail warrant for all evidence of CFAA crimes violates Fourth Amendment, court holds (Washington Post) In a recent case, United States v. Shah, 2015 WL 72118 (E.D.N.C. Jan. 6, 2015), a district court ruled that a search warrant for an e-mail account for all evidence of violations of the federal computer hacking statute failed to comply with the Fourth Amendment because it did not particularly describe the evidence to be seized
Who was Silk Road's Dread Pirate Roberts? As trial nears, a jury will decide (Ars Technica) Without a last-minute deal, alleged kingpin Ross Ulbricht takes his chances
Zappos data breach: settlement reached (Naked Security) Zappos, an online clothing and shoe retailer, has reached a settlement over a 2012 data breach which impacted up to 24 million of its customers
WikiLeaks Advisor: Russian Spies Tried To Recruit Snowden (AP via Business Insider) A close ally of Edward Snowden has told filmmakers that Russia's intelligence agency sought to recruit the former NSA contractor, but he declined the offer
Edward Snowden is Happy With Life in Russia (Government Executive) Former National Security Agency contractor Edward Snowden wants his critics to know that living is Russia is "great" and that, despite reports to the contrary, he doesn't need alcohol to enjoy his time there
When a prank goes wrong: Student indicted after hacking rival college's calendar (Naked Security) A 21-year-old Georgia Tech student named Ryan Gregory Pickren allegedly pulled a football-rivalry prank that could wind up marking him as a felon for the rest of his life
Man charged with hacking 1,508 bank accounts (Tehran Times) Mohammad Mahdi Kakavan, chief of the Tehran cyber police, said a 24-year-old man in connection with hacking 1,508 bank accounts in six provinces in Iran is now in custody, the Tasnim news agency reported on Saturday
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
U.S. Commercial Service Market Briefings on Europe's Cyber Security & IT Market (Washington, DC, USA, Jan 12, 2015) Join the U.S. Commercial Service Market Briefings on Europe's Cyber Security & IT Market. The value of the global cyber security market is expected to grow by 11.3% each year, reaching $120 billion by 2017. The Western Europe region alone is estimated to contribute $28.1 billion to this industry, driven by changing threats and technologies. These briefings aim to provide the latest information on Cyber Security & IT markets in Europe
FloCon 2015 (Portland, Oregon, USA, Jan 12 - 15, 2015) FloCon is an open network security conference organized by Carnegie Mellon University
National Cybersecurity Center Of Excellence (NCCOE) Speaker Series: Security In A Cyber World (Rockville, Maryland, USA, Jan 14, 2015) The National Cybersecurity Center of Excellence (NCCoE) Speaker Series showcases global thought-leaders to highlight critical cybersecurity issues of national importance. The keynote speaker will be Chris Inglis, former Deputy Director of the National Security Agency
California Cybersecurity Task Force Quarterly Meeting (Walnut Creek, California, USA, Jan 20, 2015) The California Cyber Security Task Force serves as an advisory body to California's senior government administration in matters pertaining to Cyber Security. Quarterly Cybersecurity Task Force meetings address State and Federal cyber legislation; provide updates on Task Force efforts to improve California's cyber workforce and education; promulgate critical information to enhance California's cyber awareness and preparedness; discuss state advances in cybersecurity and digital forensics; and grant residents an opportunity to share cyber information and innovation
FIC 2015 (Lille, France, Jan 20 - 21, 2015) The International Cybersecurity Forum (FIC) forms part of a thinking and exchange process that aims at promoting a pan-European vision of cybersecurity and strengthening the fight against cybercrime, a priority for the European Union as stated in the Stockholm Programme for 2010–2015. Its objective is to open up the cybersecurity debate by bringing together security and risk management experts with non-specialists to enable them to compare viewpoints and lessons learnt
IARPA Proposers' Day for the Cyber-attack Automated Unconventional Sensor Environment (CAUSE) Program (Washington, DC, metropolitan area, Jan 21, 2015) The Intelligence Advanced Research Projects Activity (IARPA) will host a Proposers' Day Conference for the Cyber-attack Automated Unconventional Sensor Environment (CAUSE) Program on January 21, 2015, in anticipation of the release of a new solicitation in support of the Program. The Conference will be held from 9:00 AM to 4:00 PM EDT in the Washington, DC metropolitan area. The purpose of the Conference will be to provide introductory information on CAUSE and the research problems that the Program aims to address, to respond to questions from potential proposers, and to provide a forum for potential proposers to present their capabilities and identify potential team partners
4th Annual Human Cyber Forensics Conference: Exploring the Human Element for Cloud Forensics (Washington, DC, USA, Jan 21 - 22, 2015) The Human Cyber Forensics Conference addresses the human element of cyber. Presentations will look at the tradecraft and efforts required to identify, understand, navigate, and possibly influence human behavior within and across networks. The conference will bring together subject matter experts to discover and share new means of recognizing human related cyber indicators, and the evolution of these human indicators in the coming decades. The Human Cyber Forensics Conference will focus on such topics as insider threat, next generation social engineering, progressive communications, neuroscience, social cognition, social media, and neuro-ethics
AppSec California (Santa Monica, California, USA, Jan 26 - 28, 2015) OWASP's AppSec California goes beyond "security for security?s sake" bringing application security professionals and business experts together with the objective of sharing new information that helps get the right work done faster, so organizations are better able to meet their goals
Cyber Security for Critical Assets: Chemical, Energy, Oil, and Gas Industries (Houston, Texas, USA, Jan 27 - 28, 2015) Cyber Security for Critical Assets Summit will connect Corporate Security professionals with Process Control professionals and serve to provide a unique networking platform bringing together top executives from USA and beyond. They are coming together not only to address the continuing cyber threats and set precautions framework, but most importantly to provide necessary tools, insights and methodological steps in constructing a successful secure policy. These policies will after all protect the critical assets needed to safeguard their company assets
Data Privacy Day San Diego — The Future of IoT and Privacy (San Diego, California, USA, Jan 28, 2015) Join the Lares Institute, Morrison & Foerster, and the National Cyber Security Alliance for Data Privacy Day in San Diego. DPD San Diego will bring together privacy luminaries to discuss fundamental issues facing consumers and business, including in-depth panel discussions on privacy, the Internet of Things (IoT), and many other critical topics