CDM and Wikipedia)

Home , IRC bot

CONTENTS CYBER WARNINGS Is The NSA Spying and Snooping Really “New” News?...4 Published monthly by Cyber Defense Preventing Your Smartphone From Getting Hacked...... 5 Magazine and distributed electronically via opt-in Email, HTML, PDF and Online Flipbook What is FISA? How does this help the NSA Spy on formats. Everyone?...... 9 EDITOR Is It Time to Focus on Counter Surveillance?...... 19 PierLuigi Paganini, CEH [email protected] Biggest threat vectors for mobile communications...... 22 ADVERTISING Top 3 Myths About Antivirus Software...... 25 Jessica Quinn [email protected] Hardware-Assisted Incident Response...... 28 CDTL - LAB REVIEWS Special Guest Winn Schwartau Explains MDSM/BYOD.31 Stevin Victor [email protected] Cyber Intelligence Europe, Brussels, Belgium, 17th – 19th

September...... 33 KEY WRITERS AND CONTRIBUTORS

Why are ERP systems an easy target for cyber-attacks? Pierluigi Paganini Dave Porcello ...... 34 Phillip Hallam-Baker Christian Mairoll NSA Spying Concerns? Learn Counterveillance...... 36 Tim Pierson Dan Ross Edward A. Adams Webcam Spying Through Chrome and Flash...... 37 Peter Jenney Paul Paget David Rosen Twenty Critical CSIS Security Controls: Part Two ...... 40 Allan Cowen Meisam Eslahi Cyber Warnings Newsflash for June 2013 ...... 44 Mike Danseglio David Strom Jeff Bardin US law enforcers suggest a kill switch for mobile and Jake Sailana Apple adapts ...... 110 Marcela De Vivo and many more… Top Twenty INFOSEC Open Sources...... 112 Interested in writing for us: [email protected] National Information Security Group Offers FREE CONTACT US: Techtips ...... 113 Cyber Defense Magazine

Job Opportunities ...... 114 Toll Free: +1-800-518-5248 Fax: +1-702-703-5505 SKYPE: cyber.defense Free Monthly Cyber Warnings Via Email ...... 114 Magazine: http://www.cyberdefensemagazine.com

Copyright (C) 2013, Cyber Defense Magazine, a division of STEVEN G. SAMUELS LLC 848 N. Rainbow Blvd. #4496, Las Vegas, NV 89107. EIN: 454-18-8465, DUNS# 078358935. All rights reserved worldwide. [email protected]

Executive Producer: Gary S. Miliefsky, CISSP®

2 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide 3 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide Is The NSA Spying and Snooping Really “New” News?

The NSA has been spying on everyone and everything it can, for a long time. Allegedly its their job. Now, suddenly it's front page news. As the US government continues to expand, the NSA believes they need to create more programs, deliver more tools - to automate, to store data for forensic purposes and the list goes on. So we go from a tiny spigot of spying into a flood of eavesdropping on everything - all phone calls, all emails, soon all internet searches, all facebook messages, all tweets, all linkedin notes and the list goes on. Will this stop a terrorist attack? No. It's like my friends in police departments tell us - 'people call us for help knowing it could take up to 12 minutes to arrive - we usually show up to clean up the mess' - of course that's why even Joe Biden wants you in America to at least have a shotgun - it's an instant equalizer while you wait 3-12 minutes for help. So the NSA decided to not wait around for someone to test the true Constitutionality of their efforts - they felt it was in the best interests of the citizens if they could spy on all of us, hoping to find that one needle in a haystack...correction, allegedly 50 terrorist needles in a haystack of 330,000,000 Americans in a world of 6,500,000,000 people. I can't tell you if their success stories are real because it's hard for an agency that has highly classified information to share anything with us that's true. Where does that leave us? Not feeling so good about being spied upon. Imagine you have that kind of power - to tap into a data source for everything on everyone...what's out there but a secret tribunal to protect the world? Should the UN get involved? Is that good enough? Many Americans are beginning to question this and size it up against the 1st, 2nd, 4th and 5th amendments saying that their rights are being trampled in the name of security. Remember, as one of America’s Founding Fathers' said "A society that's willing to give up Liberty for Security shall have Neither." This is the warning cry to all Nations. What’s more interesting, however, is the amount of cyber crime going on through our mobile devices by the same techniques of government eavesdropping. So, we begin this edition of Cyber Warnings with some best practices on using your mobile devices and we wish you a private and enjoyable summer. Pierluigi Paganini Pierluigi Paganini, Editor-in-Chief, [email protected]

P.S. Congratulations to Alejandro Grinan – United States as this month’s contest winner! 4 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide Preventing Your Smartphone From Getting Hacked

As we use our phones to send emails, texts, photos and videos, for banking and for accessing social media accounts, we are transmitting important personal information that can easily be intercepted. This risk has increased in the last few years as people who may be savvy about protecting their laptops or desktops from virus attacks, have left their mobile devices open to attack. From having the phone stolen to malware in apps, your data is vulnerable if you don’t protect your smartphone.

Cell phone hacking is on the rise in the United States and will continue to grow—protect your phone and your valuable data with these steps.

Image courtesy of posterize / FreeDigitalPhotos.net

1. Lock Your Phone

Most phones have a “locked” with password option—use it. One of the simplest things you can do to keep your phone secure, locking your phone makes it difficult (if not impossible) to hack if you lose it or if it’s stolen.

Top passwords from 2010. Image courtesy of fixedgear/ flickr.com

Here’s where a lot of people fumble as well, even though it’s one of the easiest things to do to protect your phone. The top passwords for 2010 and 2011 were very similar and variations on the word “password” and the first six consecutive numbers.

Birthdays, anniversaries, and phone numbers also make terrible passwords—anything you’ve been told not to use for PINs goes for passwords as well. A strong password contains a mix of upper- and lowercase letters, symbols and numbers; it should also be six characters or greater in length.

Use phrases or lyrics from a favorite song combined with four digits; instead of spaces, use characters. This will be much easier for you to remember than a random assemblage of letters, numbers and characters.

Change up your password on a regular basis; set a reminder to change once a month or every few months. This applies to your home Wi-Fi connection as that can be a point of vulnerability as well.

3. Use a Locator Application

These applications allow you to find your smartphone if it’s lost or stolen and lock it remotely. Some of these apps even allow you to remotely take a pic of the their or the surroundings of the phone to help you locate it. Download and install (or enable the app, in the case of an iPhone) these apps to remotely wipe out your data should your mobile device fall into the wrong hands. This will keep all the other passwords, photos, videos and more stored on your phone, safely out of the reach.

Regularly back-up your phone’s data to a cloud or your computer so that you don’t completely lose all your information!

4. Download or Buy Malware Protection

While there are no "viruses" for mobile phones yet, there are some known "malware" apps developed to steal information off of your phone. Protect your phone from these apps using mobile security apps that check your phone for malware.

Androids and jailbroken iPhones are the most vulnerable to malware app attacks, as they are open to download apps from any seller or site—non-jailbroken iPhones can only buy apps from the Apple Store and therefore are less exposed to malware apps. Android and jailbroken iPhone users should exercise caution when downloading applications; only buy from well-known developers and pay attention to unusual pop-up activity when downloading from a site.

5. Be Judicious in Using Apps with Geo-Location

6 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide Particularly popular in social media outlets like Facebook, Twitter, Instagram and Foursquare, GPS software can notify all your “friends” and followers of your exact location if you have geo-location turned on. Hackers have begun to use geo-location details for targeted attacks on social media sites for targeted phishing.

6. 3G is safer than Wi-Fi

Using someone else’s Wi-Fi (or your own, if not secure), like in a Starbucks or airport, leaves you open to hackers fishing for data in your phone.

Using common sense—and some software or applications created to increase the security of your phone—you can protect your smartphone from enterprising hackers and thieves.

About The Author

Marcela De Vivo is a freelance writer in California, whose writing covers several different industries, including technology, marketing and gaming. She also writes for HostPapa.

As a business owner, she uses her phone often to conduct business and therefore is sure to take the necessary precautions to prevent her phone from being hacked.

The Foreign Intelligence Surveillance Act of 1978 ("FISA" Pub.L. 95–511, 92 Stat. 1783, 50 U.S.C. ch. 36) is a United States law which prescribes procedures for the physical and electronic surveillance and collection of "foreign intelligence information" between "foreign powers" and "agents of foreign powers" (which may include American citizens and permanent residents suspected of espionage or terrorism).[1] The law does not apply outside the United States. The law has been repeatedly amended since the September 11 attacks.

Subsequent amendments

The Act was amended in 2001 by the USA PATRIOT Act, primarily to include terrorism on behalf of groups that are not specifically backed by a foreign government. An overhaul of the bill, the Protect America Act of 2007 was signed into law on August 5, 2007.[2] It expired on February 17, 2008. The FISA Amendments Act of 2008 passed by the United States Congress on July 9, 2008.[3]

History

The Foreign Intelligence Surveillance Act (FISA) was introduced on May 18, 1977, by Senator Ted Kennedy and was signed into law by President Carter in 1978. The bill was cosponsored by nine Senators: Birch Bayh, James O. Eastland, Jake Garn, Walter Huddleston, Daniel Inouye, Charles Mathias, John L. McClellan, Gaylord Nelson, and Strom Thurmond.

The FISA resulted from extensive investigations by Senate Committees into the legality of domestic intelligence activities. These investigations were led separately by Sam Ervin and Frank Church in 1978 as a response to President Richard Nixon’s usage of federal resources to spy on political and activist groups, which violates the Fourth Amendment.[4] The act was created to provide Judicial and congressional oversight of the government's covert surveillance activities of foreign entities and individuals in the United States, while maintaining the secrecy needed to protect national security. It allowed surveillance, without court order, within the United States for up to one year unless the "surveillance will acquire the contents of any communication to which a United States person is a party". If a United States person is involved, judicial authorization was required within 72 hours after surveillance begins.

Bush administration warrantless domestic wiretapping program Main article: NSA warrantless surveillance controversy 9 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide The Act came into public prominence in December 2005 following publication by the New York Times of an article[5] that described a program of warrantless domestic wiretapping ordered by the Bush administration and carried out by the National Security Agency since 2002; a subsequent Bloomberg article[6] suggested that this may have already begun by June 2000.

Scope and limits

For most purposes, including electronic surveillance and physical searches, "foreign powers" means a foreign government, any faction(s) or foreign governments not substantially composed of U.S. persons, and any entity directed or controlled by a foreign government. §§1801(a)(1)-(3) The definition also includes groups engaged in international terrorism and foreign political organizations. §§1801(a)(4) and (5). The sections of FISA authorizing electronic surveillance and physical searches without a court order specifically exclude their application to groups engaged in international terrorism. See §1802(a)(1) (referring specifically to §1801(a)(1), (2), and (3)).

The statute includes limits on how it may be applied to U.S. persons. A "U.S. person" includes citizens, lawfully admitted permanent resident aliens, and corporations incorporated in the United States.

The code defines "foreign intelligence information" to mean information necessary to protect the United States against actual or potential grave attack, sabotage or international terrorism.[7]

In sum, a significant purpose of the electronic surveillance must be to obtain intelligence in the United States on foreign powers (such as enemy agents or spies) or individuals connected to international terrorist groups. To use FISA, the government must show probable cause that the “target of the surveillance is a foreign power or agent of a foreign power.”[4][8]

Provisions

The subchapters of FISA provide for:

 Electronic surveillance (50 U.S.C. ch. 36, subch. I)  Physical searches (50 U.S.C. ch. 36, subch. II)  Pen registers and trap & trace devices for foreign intelligence purposes (50 U.S.C. ch. 36, subch. III)  Access to certain business records for foreign intelligence purposes (50 U.S.C. ch. 36, subch. IV)  Reporting requirement (50 U.S.C. ch. 36, subch. V)

The act created a court which meets in secret, and approves or denies requests for search warrants. Only the number of warrants applied for, issued and denied, is reported. In 1980 (the first full year after its inception), it approved 322 warrants.[9] This number has steadily grown to 2,224 warrants in 2006.[10] In the period 1979–2006 a total of 22,990 applications for warrants were made to the Court of which 22,985 were approved (sometimes with modifications; or with the splitting up, or combining together, of warrants for legal purposes), and only 5 were definitively rejected.[11]

Generally, the statute permits electronic surveillance in two scenarios.

Without a court order

The President may authorize, through the Attorney General, electronic surveillance without a court order for the period of one year provided it is only for foreign intelligence information;[7] targeting foreign powers as defined by 50 U.S.C. § 1801(a)(1),(2),(3)[12] or their agents; and there is no substantial likelihood that the surveillance will acquire the contents of any communication to which a United States person is a party.[13]

The Attorney General is required to make a certification of these conditions under seal to the Foreign Intelligence Surveillance Court,[14] and report on their compliance to the House Permanent Select Committee on Intelligence and the Senate Select Committee on Intelligence.[15]

Since 50 U.S.C. § 1801(a)(1)(A) of this act specifically limits warrantless surveillance to foreign powers as defined by 50 U.S.C. §1801(a) (1),(2), (3) and omits the definitions contained in 50 U.S.C. §1801(a) (4),(5),(6) the act does not authorize the use of warrantless surveillance on: groups engaged in international terrorism or activities in preparation therefore; foreign-based political organizations, not substantially composed of United States persons; or entities that are directed and controlled by a foreign government or governments.[16] Under the FISA act, anyone who engages in electronic surveillance except as authorized by statute is subject to both criminal penalties[17] and civil liabilities.[18]

Under 50 U.S.C. § 1811, the President may also authorize warrantless surveillance at the beginning of a war. Specifically, he may authorize such surveillance "for a period not to exceed fifteen calendar days following a declaration of war by the Congress".[19]

With a court order

Alternatively, the government may seek a court order permitting the surveillance using the FISA court.[20] Approval of a FISA application requires the court find probable cause that the target of the surveillance be a "foreign power" or an "agent of a foreign power", and that the places at which surveillance is requested is used or will be used by that foreign power or its agent. In addition, the court must find that the proposed surveillance meet certain "minimization requirements" for information pertaining to U.S. persons.[21]

Physical searches

In addition to electronic surveillance, FISA permits the "physical search" of the "premises, information, material, or property used exclusively by" a foreign power. The requirements and procedures are nearly identical to those for electronic surveillance.

FISA court Main article: United States Foreign Intelligence Surveillance Court 11 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide The Act created the Foreign Intelligence Surveillance Court (FISC) and enabled it to oversee requests for surveillance warrants by federal police agencies (primarily the F.B.I.) against suspected foreign intelligence agents inside the U.S. The court is located within the Department of Justice headquarters building. The court is staffed by eleven judges appointed by the Chief Justice of the United States to serve seven-year terms. Proceedings before the FISA court are ex parte and non-adversarial. The court hears evidence presented solely by the Department of Justice. There is no provision for a release of information regarding such hearings, or for the record of information actually collected.

Main article: United States Foreign Intelligence Surveillance Court of Review

Denials of FISA applications by the FISC may be appealed to the Foreign Intelligence Surveillance Court of Review. The Court of Review is a three judge panel. Since its creation, the court has come into session twice: in 2002 and 2008.

Remedies for violations

Both the subchapters covering physical searches and electronic surveillance provide for criminal and civil liability for violations of FISA.

Criminal sanctions follows violations of electronic surveillance by intentionally engaging in electronic surveillance under the color of law or through disclosing information known to have been obtained through unauthorized surveillance. The penalties for either act are fines up to US$10,000, up to five years in jail, or both.[17]

In addition, the statute creates a cause of action for private individuals whose communications were unlawfully monitored. The statute permits actual damages of not less than $1,000 or $100 per day. In addition, that statute authorizes punitive damages and an award of attorney's fees.[18] Similar liability is found under the subchapter pertaining to physical searches. In both cases, the statute creates an affirmative defense for a law enforcement agent acting within their official duties and pursuant to a valid court order. Presumably, such a defense is not available to those operating exclusively under presidential authorization.

Lone wolf amendment

In 2004 FISA was amended to include a "lone wolf" provision. 50 U.S.C. § 1801(b)(1)(C). A "lone wolf" is a non-U.S. person who engages in or prepares for international terrorism. The provision amended the definition of "foreign power" to permit the FISA courts to issue surveillance and physical search orders without having to find a connection between the "lone wolf" and a foreign government or terrorist group. However, "if the court authorizes such a surveillance or physical search using this new definition of 'agent of a foreign power', the FISC judge has to find, in pertinent part, that, based upon the information provided by the applicant for the order, the target had engaged in or was engaging in international terrorism or activities in preparation therefor".[22]

Before FISA

In 1967 the Supreme Court of the United States held that the requirements of the Fourth Amendment applied equally to electronic surveillance and to physical searches. Katz v. United States, 389 U.S. 347 (1967). The Court did not address whether such requirements apply to issues of national security. Shortly after, in 1972, the Court took up the issue again in United States v. United States District Court, Plamondon, where the court held that court approval was required in order for the domestic surveillance to satisfy the Fourth Amendment. 407 U.S. 297 (1972). Justice Powell wrote that the decision did not address this issue that "may be involved with respect to activities of foreign powers or their agents".

In the time immediately preceding FISA, a number of courts squarely addressed the issue of "warrantless wiretaps". In both United States v. Brown, 484 F.2d 418 (5th Cir. 1973), and United States v. Butenko, 494 F.2d 593 (3rd Cir. 1974), the courts upheld warrantless wiretaps. In Brown, a U.S. citizen's conversation was captured by a wiretap authorized by the Attorney General for foreign intelligence purposes. In Butenko, the court held a wiretap valid if the primary purpose was for gathering foreign intelligence information.

A plurality opinion in Zweibon v. Mitchell, 516 F.2d 594 (D.C. Cir. 1975), held that a warrant was required for the domestic surveillance of a domestic organization. In this case, the court found that the domestic organization was not a "foreign power or their agent", and "absent exigent circumstances, all warrantless electronic surveillance is unreasonable and therefore unconstitutional."

Post-FISA

There have been very few cases involving the constitutionality of FISA. In two lower court decisions, the courts found FISA constitutional. In the United States v. Duggan, the defendants were members of the Irish Republican Army. 743 F.2d 59 (2nd Cir., 1984). They were convicted for various violations regarding the shipment of explosives and firearms. The court held that there were compelling considerations of national security in the distinction between the treatment of U.S. citizens and non-resident aliens.

In the United States v. Nicholson, the defendant moved to suppress all evidence gathered under a FISA order. 955 F.Supp. 588 (Va. 1997). The court affirmed the denial of the motion. There the court flatly rejected claims that FISA violated Due process clause of the Fifth Amendment, Equal protection, Separation of powers, nor the Right to counsel provided by the Sixth Amendment. 13 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide However, in a third case, the special review court for FISA, the equivalent of a Circuit Court of Appeals, opined differently should FISA limit the President's inherent authority for warrantless searches in the foreign intelligence area. In In re Sealed Case, 310 F.3d 717, 742 (Foreign Intel. Surv. Ct. of Rev. 2002) the special court stated “[A]ll the other courts to have decided the issue [have] held that the President did have inherent authority to conduct warrantless searches to obtain foreign intelligence information . . . . We take for granted that the President does have that authority and, assuming that is so, FISA could not encroach on the President's constitutional power.”

Criticisms

K. A. Taipale of the World Policy Institute, James Jay Carafano of the Heritage Foundation,[23] and Philip Bobbitt of Columbia Law School,[24] among others,[25] have argued that FISA may need to be amended (to include, among other things, procedures for programmatic approvals) as it may no longer be adequate to address certain foreign intelligence needs and technology developments, including: the transition from circuit-based communications to packet-based communications; the globalization of communications infrastructure; and the development of automated monitoring techniques, including data mining and traffic analysis.[26]

The need for programmatic approval of technology-enabled surveillance programs is particularly crucial in foreign intelligence. See, for example, John R. Schmidt, the associate attorney general (1994–1997) in the Justice Department under President Bill Clinton,[27] recalling early arguments made by then-Attorney General Edward Levi to the Church Committee that foreign intelligence surveillance legislation should include provisions for programmatically authorizing surveillance programs because of the particular needs of foreign intelligence where "virtually continuous surveillance, which by its nature does not have specifically predetermined targets" may be required. In these situations, "the efficiency of a warrant requirement would be minimal."

And, in a recent essay, Judge Richard A. Posner opined that FISA “retains value as a framework for monitoring the communications of known terrorists, but it is hopeless as a framework for detecting terrorists. [FISA] requires that surveillance be conducted pursuant to warrants based on probable cause to believe that the target of surveillance is a terrorist, when the desperate need is to find out who is a terrorist.”[28]

Amendments

Terrorist Surveillance Act of 2006

On March 16, 2006, Senators Mike DeWine (R-OH), Lindsey Graham (R-SC), Chuck Hagel (R-NE), and Olympia Snowe (R-ME) introduced the Terrorist Surveillance Act of 2006 (S.2455),[29][30] under which the President would be given certain additional limited statutory authority to conduct electronic surveillance of suspected terrorists in the United States subject to enhanced Congressional oversight. Also on March 16, 2006, Senator Arlen Specter (R-PA) introduced the National Security Surveillance Act of 2006 (S. 2453),[31][32] which would amend FISA to grant retroactive amnesty[33] for warrantless surveillance conducted under presidential authority and provide FISA court (FISC) jurisdiction to review, authorize, and oversight "electronic surveillance programs". On May 24, 2006, Senator Specter and Senator Dianne Feinstein (D-CA) introduced the Foreign Intelligence Surveillance Improvement and

14 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide Enhancement Act of 2006 (S. 3001) asserting FISA as the exclusive means to conduct foreign intelligence surveillance.

All three competing bills were the subject of Judiciary Committee hearings throughout the summer.[34] On September 13, 2006, the Senate Judiciary Committee voted to approve all three mutually exclusive bills, thus, leaving it to the full Senate to resolve.[35]

On July 18, 2006, U.S. Representative Heather Wilson (R-NM) introduced the Electronic Surveillance Modernization Act (H.R. 5825). Wilson's bill would give the President the authority to authorize electronic surveillance of international phone calls and e-mail linked specifically to identified terrorist groups immediately following or in anticipation of an armed or terrorist attack on the United States. Surveillance beyond the initial authorized period would require a FISA warrant or a presidential certification to Congress. On September 28, 2006 the House of Representatives passed Wilson's bill and it was referred to the Senate.[36]

Protect America Act of 2007 Main article: Protect America Act

On July 28, 2007, President Bush called on Congress to pass legislation to reform the FISA in order to ease restrictions on surveillance of terrorist suspects where one party (or both parties) to the communication are located overseas. He asked that Congress pass the legislation before its August 2007 recess. On August 3, 2007, the Senate passed a Republican-sponsored version of FISA (S. 1927) in a vote of 60 to 28. The House followed by passing the bill, 227–183. The Protect America Act of 2007 (Pub.L. 110–55, S. 1927) was then signed into law by George W. Bush on 2007-08-05.[37]

Under the Protect America Act of 2007, communications that begin or end in a foreign country may be wiretapped by the U.S. government without supervision by the FISA Court. The Act removes from the definition of "electronic surveillance" in FISA any surveillance directed at a person reasonably believed to be located outside the United States. As such, surveillance of these communications no longer requires a government application to, and order issuing from, the FISA Court.

The Act provides procedures for the government to "certify" the legality of an acquisition program, for the government to issue directives to providers to provide data or assistance under a particular program, and for the government and recipient of a directive to seek from the FISA Court, respectively, an order to compel provider compliance or relief from an unlawful directive. Providers receive costs and full immunity from civil suits for compliance with any directives issued pursuant to the Act.

A summary of key provisions follows. The Act empowers the Attorney General or Director of National Intelligence ("DNI") to authorize, for up to one year, the acquisition of communications concerning "persons reasonably believed to be outside the United States" if the Attorney General and DNI determine that each of five criteria has been met:

 There are reasonable procedures in place for determining that the acquisition concerns persons reasonably believed to be located outside the United States;  The acquisition does not constitute electronic surveillance (meaning it does not involve solely domestic communications); 15 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide  The acquisition involves obtaining the communications data from or with the assistance of a communications service provider who has access to communications;  A significant purpose of the acquisition is to obtain foreign intelligence information; and  Minimization procedures outlined in the FISA will be used.

This determination by the Attorney General and DNI must be certified in writing, under oath, and supported by appropriate affidavit(s). If immediate action by the government is required and time does not permit the preparation of a certification, the Attorney General or DNI can direct the acquisition orally, with a certification to follow within 72 hours. The certification is then filed with the FISA Court.

Once the certification is filed with the FISA Court, the Attorney General or DNI can direct a provider to undertake or assist in the undertaking of the acquisition.

If a provider fails to comply with a directive issued by the Attorney General or DNI, the Attorney General may seek an order from the FISA Court compelling compliance with the directive. Failure to obey an order of the FISA Court may be punished as a contempt of court. Likewise, a person receiving a directive may challenge the legality of that directive by filing a petition with the FISA Court. An initial review must be conducted within 48 hours of the filing to determine whether the petition is frivolous, and a final determination concerning any non-frivolous petitions must be made – in writing – within 72 hours of receipt of the petition. Determinations of the FISA Court may be appealed to the Foreign Intelligence Court of Appeals, and a petition for a writ of certiorari of a decision from the FICA can be made to the U.S. Supreme Court.

All petitions must be filed under seal.

The Act allows providers to be compensated, at the prevailing rate, for providing assistance as directed by the Attorney General or DNI. The Act provides explicit immunity from civil suit in any federal or state court for providing any information, facilities, or assistance in accordance with a directive under the Act. Within 120 days, the Attorney General must submit to the FISA Court for its approval the procedures by which the government will determine that acquisitions authorized by the Act conform with the Act and do not involve purely domestic communications. The FISA Court then will determine whether the procedures comply with the Act. The FISA Court thereafter will enter an order either approving the procedures or directing the government to submit new procedures within 30 days or cease any acquisitions under the government procedures. The government may appeal a ruling of the FISA Court to the FICA and ultimately the Supreme Court.

On a semiannual basis, the Attorney General shall inform the Intelligence and Judiciary Committees of the House and Senate of incidents of noncompliance with a directive issued by the Attorney General or the DNI, incidents of noncompliance with FISA Court-approved procedures by the Intelligence Community, and the number of certifications and directives issued during the reporting period. The amendments to FISA made by the Act expire 180 days after enactment, except that any order in effect on the date of enactment remains in effect until the date of expiration of such order and such orders can be reauthorized by the FISA Court.”[38] The Act expired on February 17, 2008.

Legal experts experienced in national security issues are divided on how broadly the new law could be interpreted or applied. Some believe that due to subtle changes in the definitions of terms such as "electronic surveillance", it could empower the government to conduct warrantless physical searches and even seizures of communications and computer devices and their data which belong to U.S. citizens while they are in the United States, if the government contended that those searches and potential seizures were related to its surveillance of parties outside the United States. Intelligence officials, while declining to comment directly on such possibilities, respond that such interpretations are overly broad readings of the act, and unlikely to actually occur. Democratic lawmakers have nonetheless indicated that they are planning to introduce a revised version of the legislation for consideration as early as September 2007.[39] In a September 10, 2007 address at a symposium on modernizing FISA held at Georgetown University Law Center's National Security Center, Kenneth L. Wainstein, Assistant Attorney General for National Security, argued against the current six-month sunset provision in the Protect America Act of 2007, saying that the broadened surveillance powers the act provides for should be made permanent. Wainstein proposed that internal audits by the Office of the Director of National Intelligence and the National Security Division of the Justice Department, with reporting to select groups of Congressmen, would ensure that the expanded capability would not be abused.[40]

Also on September 10, DNI Mike McConnell testified before the Senate Committee on Homeland Security and Governmental Affairs that the Protect America Act had helped foil a major terror plot in Germany. U.S. intelligence-community officials questioned the accuracy of McConnell's testimony and urged his office to correct it, which he did in a statement issued September 12, 2007. Critics cited the incident as an example of the Bush administration's exaggerated claims and contradictory statements about surveillance activities. Counterterrorism officials familiar with the background of McConnell's testimony said they did not believe he made inaccurate statements intentionally as part of any strategy by the administration to persuade Congress to make the new eavesdropping law permanent. Those officials said they believed McConnell gave the wrong answer because he was overwhelmed with information and merely mixed up his facts.[41] Speaking at National Security Agency headquarters in Fort Meade, Maryland on September 19, 2007, President George W. Bush urged Congress to make the provisions of the Protect America Act permanent. Bush also called for retroactive immunity for telecommunications companies who had cooperated with government surveillance efforts, saying, "It's particularly important for Congress to provide meaningful liability protection to those companies now facing multibillion-dollar lawsuits only because they are believed to have assisted in efforts to defend our nation, following the 9/11 attacks".[42]

On October 4, 2007, the bipartisan Liberty and Security Committee of the Constitution Project, co- chaired by David Keene and David D. Cole, issued its "Statement on the Protect America Act".[43] The Statement urged Congress not to reauthorize the PAA, saying the language of the bill "runs contrary to the tripartite balance of power the Framers envisioned for our constitutional democracy, and poses a serious threat to the very notion of government of the people, by the people and for the people". Some in the legal community have questioned the constitutionality of any legislation that would retroactively immunize telecommunications firms alleged to have cooperated with the government from civil liability for having potentially violated their customers' privacy rights.[44]

In an article appearing in the January/February 2008 issue of the Institute of Electrical and Electronics Engineers journal of Security and Privacy, noted technology experts from academia and the computing 17 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide industry found significant flaws in the technical implementation of the Protect America Act which they said created serious security risks, including the danger that such a surveillance system could be exploited by unauthorized users, criminally misused by trusted insiders, or abused by the government.[45] On October 7, 2007, the Washington Post reported that House Democrats planned to introduce alternative legislation which would provide for one-year "umbrella" warrants, and would require the Justice Department inspector general to audit the use of those warrants and issue quarterly reports to a special FISA court and to Congress. The proposed bill would not include immunity for telecommunications firms facing lawsuits in connection with the administration's NSA warrantless surveillance program. House Democrats said that as long as the administration withholds requested documents explaining the basis for the program that they cannot consider immunity for firms alleged to have facilitated it.[46] On October 10, 2007 comments on the White House South Lawn, President Bush said he would not sign any bill that did not provide retroactive immunity for telecommunications corporations.[47] On October 18, 2007, the House Democratic leadership put off a vote on the proposed legislation by the full chamber to avoid consideration of a Republican measure that made specific references to Osama bin Laden. At the same time, the Senate Intelligence Committee reportedly reached a compromise with the White House on a different proposal that would give telephone carriers legal immunity for any role they played in the National Security Agency's domestic eavesdropping program approved by President Bush after the Sep 11 terrorist attacks.[48]

On November 15, 2007, the Senate Judiciary Committee voted 10–9 along party lines to send an alternative measure to the full Senate other than the one the intelligence committee had crafted with the White House. The proposal would leave to the full Senate whether or not to provide retroactive immunity to telecommunications firms that cooperated with the NSA. Judiciary Committee chairman Patrick Leahy said that granting such immunity would give the Bush administration a "blank check" to do what it wants without regard to the law. Arlen Specter of Pennsylvania, the top Republican on the committee, said that court cases may be the only way Congress can learn exactly how far outside the law the administration has gone in eavesdropping in the United States. When the full Senate takes up the bill, Specter is expected to offer a compromise that would shield the companies from financial ruin but allow lawsuits to go forward by having the federal government stand in for the companies at trial.[49] On the same day, the House of Representatives voted 227–189 to approve a Democratic bill that would expand court oversight of government surveillance inside the United States while denying immunity to telecom companies. House Judiciary Committee chairman John Conyers left the door open to an immunity deal in the future, but said that the White House must first give Congress access to classified documents specifying what the companies did that requires legal immunity.[50]

In February 2008, the Senate passed the version of the new FISA that would allow telecom companies immunity. On March 13, 2008, the U.S. House of Representatives held a secret session to discuss related information. On March 14, the House voted 213–197 to approve a bill that would not grant telecom immunity – far short of the 2/3 majority required to override a Presidential veto.[51] The Senate and House bills are compared and contrasted in a June 12, 2008 report from the Congressional Research Service.[52]

On March 13, 2008, the House of Representatives held a secret, closed door meeting to debate changes to the FISA bill.[53][54]

(Source: Wikipedia.org)

Surveillance is the monitoring of the behavior, activities, or other changing information, usually of people for the purpose of influencing, managing, directing, or protecting.[2] Surveillance can be the observation of individuals or groups by government organizations but can also relate to disease surveillance, which monitors the progress of a disease in a community while not directly observing individuals. The word surveillance is the French word for "watching over"; "sur" means "from above" and "veiller" means "to watch". The inverse (reciprocal) of surveillance is sousveillance ("to watch from below").[3] The word surveillance may be applied to observation from a distance by means of electronic equipment (such as CCTV cameras), or interception of electronically transmitted information (such as Internet traffic or phone calls). It may also refer to simple, relatively no- or low-technology methods such as human intelligence agents and postal interception. Surveillance is very useful to governments and law enforcement to maintain social control, recognize and monitor threats, and prevent/investigate criminal activity. With the advent of programs such as the Total Information Awareness program and ADVISE, technologies such as high speed surveillance computers and biometrics software, and laws such as theCommunications Assistance For Law Enforcement Act, governments now possess an unprecedented ability to monitor the activities of their subjects.[4] However, many civil rights and privacy groups, such as the Electronic Frontier Foundation and American Civil Liberties Union, have expressed concern that by allowing continual increases in government surveillance of citizens we will end up in a mass surveillance society, with extremely limited, or non- existent political and/or personal freedoms. Fears such as this have led to numerous lawsuits such as Hepting v. AT&T.[4][5]

19 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide Computer surveillance Official seal of the Information Awareness Office -- a U.S. agency which developed technologies for mass surveillance

The vast majority of computer surveillance involves the monitoring of data and traffic on the Internet.[6] In the United States for example, under the Communications Assistance For Law Enforcement Act, all phone calls and broadband Internet traffic (emails, web traffic, instant messaging, etc.) are required to be available for unimpeded real-time monitoring by Federal law enforcement agencies.[7][8][9] There is far too much data on the Internet for human investigators to manually search through all of it. So automated Internet surveillance computers sift through the vast amount of intercepted Internet traffic and identify and report to human investigators traffic considered interesting by using certain "trigger" words or phrases, visiting certain types of web sites, or communicating via email or chat with suspicious individuals or groups.[10] Billions of dollars per year are spent, by agencies such as the Information Awareness Office, NSA, and the FBI, to develop, purchase, implement, and operate systems such as Carnivore, NarusInsight, and ECHELON to intercept and analyze all of this data, and extract only the information which is useful to law enforcement and intelligence agencies.[11] Computers can be a surveillance target because of the personal data stored on them. If someone is able to install software, such as the FBI's Magic Lantern and CIPAV, on a computer system, they can easily gain unauthorized access to this data. Such software could be installed physically or remotely.[12] Another form of computer surveillance, known as van Eck phreaking, involves reading electromagnetic emanations from computing devices in order to extract data from them at distances of hundreds of meters.[13][14] The NSA runs a database known as "Pinwale", which stores and indexes large numbers of emails of both American citizens and foreigners.[15][16] Other types include:

 Telephones  Smartphones  Cameras  Webcams  Computers  Social Networks  Biometrics  Drones and other Aerial Devices  Data mining and profiling  Corporate Eavesdropping  Human Operatives  Satellite Imagery  Identification and Credentials  Wireless, Cellular Networks, Internet, RFID, BLUETOOTH, NFC and Geolocation Devices (GPS)  Hidden devices (Minicams, audio ‘bugging’, etc.)  Postal Services  Tax databases 20 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide Is Enough, Enough? Time for Countersurveillance? Some critics state that the claim made by supporters should be modified to read: "As long as we do what we're told, we have nothing to fear." For instance, a person who is part of a political group which opposes the policies of the national government, might not want the government to know their names and what they have been reading, so that the government cannot easily subvert their organization, arrest, or kill them. Other critics state that while a person might not have anything to hide right now, the government might later implement policies that they do wish to oppose, and that opposition might then be impossible due to mass surveillance enabling the government to identify and remove political threats. Further, other critics point to the fact that most people do have things to hide. For example, if a person is looking for a new job, they might not want their current employer to know this. Some critics, such as Michel Foucault, believe that in addition to its obvious function of identifying and capturing individuals who are committing undesirable acts, surveillance also functions to create in everyone a feeling of always being watched, so that they become self-policing. This allows the State to control the populace without having to resort to physical force, which is expensive and otherwise problematic.[109] Numerous civil rights groups and privacy groups oppose surveillance as a violation of people's right to privacy. Such groups include: Electronic Privacy Information Center, Electronic Frontier Foundation, American Civil Liberties Union There have been several lawsuits such as Hepting v. AT&T and EPIC v. Department of Justice by groups or individuals, opposing certain surveillance activities. Legislative proceedings such as those that took place during the Church Committee, which investigated domestic intelligence programs such as COINTELPRO, have also weighed the pros and cons of surveillance. Countersurveillance is the practice of avoiding surveillance or making surveillance difficult. Developments in the late twentieth century have caused counter surveillance to dramatically grow in both scope and complexity, such as the Internet, increasing prevalence of electronic security systems, high-altitude (and possibly armed) UAVs, and large corporate and government computer databases. Inverse surveillance is the practice of the reversal of surveillance on other individuals or groups (e.g., citizens photographing police, although this is more of a political reference, as some groups specifically aim to harass police and retaliate for their own criminal pasts, as well as ongoing criminal activity, such as was the case with regard to Rodney King's continual illegal activities. This was confirmed upon his death when authorities recorded ongoing illegal drug and alcohol use. Well-known examples are George Holliday's recording of the Rodney King beating and the organization Copwatch, which attempts to monitor police officers to prevent police brutality or for other nefarious uses as blackmailing. It is well known that certain criminal rights groups seek to use counter-methods in efforts to deter detection of criminal activities, as was the case with Rodney King's historical criminal record, and the intentional set up to use counter-surveillance as a form of entrapment to record police tactics to combat crimes. Counter-surveillance can be also used in applications to prevent corporate spying, or to track other criminals by certain criminal entities. It can also be used to deter stalking methods used by various entities and organizations. Sousveillance is inverse surveillance, involving the recording by private individuals, rather than government or corporate entities.[110] (Sources: CDM and Wikipedia)

Part 2, Securing mobile devices: A multi-faceted operation

We exist in a world of continuous cyber threats to the safe operation of mobile devices. State actors, organized crime, drug cartels and corporate or industrial espionage all pose imminent mobile communication risks.

Industry and government are instituting a full court press to secure the communications of these invaluable workforce tools. While both realize that a comprehensive solution is the desired outcome, securing the mobile space is still an immature field comprised of piecemeal solutions. These require the collaboration of disparate technologies, companies or even competitors. There are three questions that must be asked of any technology to ensure it offers the 360-degrees of protection needed to secure mobile communications.

Who’s holding the device and what are they authorized to do?

The first steps to securing mobile devices are to verify the identity of the individual in possession of the device and confirm what they’re permitted to do. Without addressing these critical tasks, the rest of the measures taken to secure the device will be for naught.

The common practice for accomplishing both tasks relies upon multi-factor authentication. Two of the three factors of authentication must be present: Something the user knows, password/pin/pattern. Something the user is, biometric characteristics. Something the user has, smartcard/CAC Card.

Authentication based on what the user knows, commonly referred to as the shared secret, is probably the most common way to verify physical possession of the mobile device. Much like the desktop world, a pin or password is commonly used to accomplish this task on a mobile device.

But there are newer technologies that expand authentication options. One example is cryptographic signing which can be defined as the input of personally established signatures or patterns on blank screens or touch pads.

Using biometrics to verify the user’s identity is an expanding factor of authentication that can help answer the question of “something the user is.” In the mobile space, multiple biometric mediums are utilized to accomplish this task including fingerprint, iris scans, voiceprint and facial recognition.

Some of the issues slowing larger scale adoption of biometrics include cost, accuracy of the technology, vulnerability to spoofing/replay attacks or personal resistance to authorizing the release of information that may be permanently used to identify the individual and access sensitive personal accounts. 22 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide The third factor of authentication, “what the user has,” is also used to verify the identity of the individual in possession of the device. In the desktop world, this function traditionally has been accomplished through PIV/CAC cards or dongles that possess cryptographic keys.

The challenge in the mobile world has been deciding how best to transfer this technology to a much smaller device without compromising security. First generation solutions accomplished this through sleds, CAC Card readers, cryptographic tokens and adapters for the various ports accessible to the mobile device. These have proven to be cumbersome and expensive to field on a large scale. An operational security concern has also been raised about a mobile device with an exposed adapter, or CAC card sticking out of the back on a sled.

Based on demand by the customer, next generation solutions emerged that provision derived certificates on the mobile device by way of near field communications, secure Bluetooth or an encrypted path. The certificates can then be stored and utilized. In an even more innovative manner, they can reside within a hardware cryptographic processor (microSD). Here they can be remotely updated and provide authorization of the user, while the encryption processor performs secure communications.

How does the enterprise ensure secure and effective mobile usage?

Mobile Device Management is a new and rapidly growing field dedicated to ensuring a mobile device abides by the ground rules of the enterprise while performing official functions. Some means of control include: device enrollment, configuration of profiles, device feature management, data management, evaluating mobile network performance, application support and mobile network monitoring.

With the prevailing trend toward a Bring Your Own Device environment for both the federal and commercial workforce, MDM is becoming even more important as users conduct official and private functions on the same mobile device. Several interesting trends are emerging to help in this effort.

Over the air programming: The ability to remotely configure a single or fleet of devices has become a key component of an enterprise MDM solution. This enables the agency to rapidly provision, protect, update, manage and expand their span of control of the mobile devices in the organization.

Professional and personal functionality on the same device: Some companies have developed partitioned operating systems that completely split the functionality between work and personal tasks. Others have created security containers that house enterprise accepted applications that have been modified to enhance their security profile. A way to meet this demand in the field of mobile application security is to place a root of trust within the mobile device. This ensures the authenticity and proper functioning of the application, thus eliminating many of the concerns of using native applications for official use.

SaaS vs. on-premise: The majority of MDM companies still rely on the installation of an on-premises type solution. Here, control for the inventory of devices is done through a traditional hardware-type solution residing behind the firewall of the organization.

Recently Software as a Service, or a cloud-based system which provides those services, has emerged as an alternative. Cloud MDM providers tout flexibility and ability to scale as a competitive advantage. On- 23 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide premise MDM providers tend to highlight their capabilities to provide MDM functionality securely, through tried and tested means controlled by the organization. Similar to the diverse methods applied in the field of dual persona computing, as the MDM market evolves it can be assumed that these approaches will merge.

How are the communications and data secured?

Just as an enterprise must ensure its email, personal information manager (PIM) and web browser are managed by an MDM-type solution, it must also secure its communications and data. Data residing on the mobile device (Data at Rest) is a different challenge than the exchange of secure messaging (File Transfer) or the transmission of a data stream (Data in Transit). These unique mediums for data, lead to security companies applying different techniques to solve the secure data issue (encryption of the data, path obfuscation, establishment of Virtual Private Networks, etc.).

Similarly, there are different views about the manner and effectiveness of securing communications (hardware versus software encryption). Recently, the US Federal Government, through NIST, and industry began to consolidate around the idea of securing both the data and communications of the mobile device through hardware anchors that provide a common cryptographic standard for the device.

Commonly referred to as a hardware root of trust, this technology can be embedded in the motherboard of the device or come in the form of a microSD cryptographic processor which integrates with the applications of the device. The continued challenge is to provide this capability in a flexible and agnostic manner that is inclusive of the innovation brought forward by the market.

Not yet ready for prime time

To date there is a deficit of companies attempting to provide all the aspects of mobile security listed previously in this article, and it is very likely that no single company can do them all effectively. This will change as the space evolves and the technologies mature. Until that point, an agency or enterprise must do its homework and stay abreast of a patchwork of disparate technologies with which it will be confronted.

About The Author

J.D. Jack is the head of the Federal Division of KoolSpan, Inc., a global provider of encrypted security solutions for connected devices.

Mr. Jack has over 20 years of experience serving the military and federal government in a variety of sensitive political and intelligence leadership positions. He graduated from the United States Military Academy at West Point and earned an M.A. from Harvard University.

25 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide 26 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide (Source: CDM, www.AntiVirusTruth.org, www.privacyrights.org, and nvd.nist.gov)

27 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide Hardware-Assisted Incident Response by Kristopher Carver, Technical Director, WindowsSCOPE subsidiary of BlueRISC, Inc.

The goal of any cyber investigation is to obtain as much evidence as possible from the computer, while at the same time ensuring the integrity of the evidence. It is equally important that investigators are able to find the needed evidence as quickly as possible. Investigation efforts are drastically slowed by privacy and security measures, such as login passwords and full disk encryption, which have become all- too-common in modern personal computers. In addition, stealth rootkits and other anti-forensic techniques further interfere with evidence collection. This article will describe some core capabilities that are necessary for overcoming these obstacles in investigations: bypassing login passwords, physical memory acquisition, relevant virtual memory acquisition, memory reverse engineering, space-time analysis/anomaly detection, and custom analysis and integration support.

Bypassing Login Passwords

When encountering a powered on system, live forensics is the only way to preserve the full state of a system. It allows investigators to capture valuable data from DRAM, which is otherwise lost if the computer is unplugged or shutdown. In computers with encrypted volumes, live forensics is often the only means of obtaining the encryption keys for the disk, since the keys are present in memory while the system is running. The main difficulty with live forensics, however, is that it requires being able to login to the computer. Investigators rarely have the password to the computers they examine, so they require a method to login without knowing the password.

Hardware devices, such as the CaptureGUARD Gateway ExpressCard are able to bypass login passwords without restarting, by using direct memory access (DMA) to disable the password protection mechanism. With the password protection disabled, the investigator can login to the computer to perform live forensics, which may include physical memory acquisition, virtual memory acquisition, and extracting data from file systems. While logged in, the investigator will typically have full access to encrypted volumes including those managed by BitLocker. The file system can either be investigated while the system is live, or the encryption keys can be extracted from a memory image and used to investigate the encrypted disk offline.

Physical Memory Acquisition

Once the password has been bypassed, the investigator has full access to the computer, allowing them to gather any evidence necessary, including the contents of the DRAM in the system. The most common method of acquiring a memory image is to run a small program that reads the contents of physical memory and stores it to a file, usually located on a removable drive. One problem with this method, however, is that running the memory dumping software on the computer being investigated leaves behind a memory footprint, modifying some of the data in the evidence being collected. Another problem is that rootkits can hide or modify memory contents, preventing software memory acquisition tools from creating an accurate memory image. A better approach is to use a PCI Express or ExpressCard device like CaptureGUARD for memory acquisition. Since the PCI Express bus connects directly to the

28 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide DRAM, hardware devices connected to it can acquire a memory image without having to run any software on the host system. This means that a memory dump can be acquired without affecting the evidence at all. FireWire is also capable of performing DMA, but has limitations in its ability to access physical memory. FireWire is only able to access the low 4GB of system memory, and in many cases, accessing certain memory locations can crash the system.

Comparison between Methods of Memory Acquisition

Due to the nature of advanced stealth rootkits, not every memory acquisition method is effective at detecting all types of threats. For example, there are rootkits known to subvert the virtual memory architecture, whereas others hook operating system APIs that may be used for acquisition. To adequately detect different types of threats, memory snapshots acquired by various different methods can be added to the repository. Different acquisition methods that can be used include software based physical memory acquisition, hardware based physical memory acquisition, and related virtual memory acquisition.

Memory Reverse-Engineering

Once the live data has been extracted from the system it can be taken off-site to be analyzed. Due to the fact that x86 processors use a virtual memory architecture with paging, getting meaningful information from a physical memory dump requires an involved reverse-engineering process. The operating system works together with the x86 processor to give each process its own view of memory, called its virtual address space. The operating system creates a set of page tables for each process, which the processor uses to translate virtual addresses into physical addresses. To reverse-engineer a physical memory 29 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide dump, the page tables for each process need to be found. Then the page tables can be used to reconstruct the virtual address space of each process that was running when the image was acquired.

There are 3 different x86 paging schemes – 32-bit addressing without physical address extension (PAE), 32-bit addressing with PAE, and 64-bit addressing. Although these paging schemes are all similar, the slight differences between them can complicate the memory reverse-engineering process if the exact scheme in use is unknown. Fortunately, memory analysis tools such as WindowsSCOPE can examine physical memory dumps and automatically detect the architecture and operating system from the memory dump.

Space-Time Comparison/Anomaly Detection

During the reverse-engineering process tools may translate memory dumps into a forensics intermediate format enabling efficient analysis of forensic artifacts by saving the result of the reverse- engineering process and allowing the investigator to add annotations. Typical information of interest stored in intermediate format includes the interrupt table, system service table, process table, handle tables, thread tables, and all sections of executable code on the system. These pieces of information can be used for detailed intra-snapshot analysis techniques such as code disassembling and control flow graphing. In addition to intra-snapshot analysis, several memory snapshots can be stored in a repository, which also enables inter-snapshot analysis, such as space-time comparison. In space-time comparison, snapshots taken from different computers over a span of time can be stored in the same repository and compared.

With snapshots taken at regular intervals on several different computers, it becomes possible to detect exactly where and when anomalies appear. Not only can the threat be pinpointed in a single computer, but the generic approach also enables the tracking of that threat throughout the network, ensuring that all nodes that have been affected can be quarantined, analyzed further and properly decontaminated.

About The Author

Kristopher Carver is the Technical Director at WindowsSCOPE, a subsidiary of BlueRISC, Inc. He has been with the company since inception and leads the technical direction of the company and its cyber-security focused products. Kris has 10+ years of experience in hardware and software reverse engineering, hardware and software-based protection solutions and state-of-the- art attack models.

Kris can be reached online at [email protected] and at our company website: http://www.windowsscope.com

But…you’ll have to wait until July’s Edition…so stay tuned…teaser below…

31 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide 32 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide Cyber Intelligence Europe, Brussels, Belgium, 17th – 19th September Cyber Security is an ever growing topic that many European Government Departments are taking seriously, by investing heavily in securing their critical infrastructure and sensitive information. There is now a greater need for European Governments to take cyber security more seriously and to have the correct security/intelligence in place before they are attacked.

Many Governments are looking to co-operate with the private sector to help them secure their infrastructure and cyberspace as many government/military computer systems are becoming integrated and layered making it significantly harder to secure from a cyber-attack. This event will provide you with an overview of Government cyber security strategies and challenges, providing a great opportunity to develop and learn more about how the public sector maintain and manage their ever growing computer systems. Join us at our inaugural Cyber Intelligence Europe event to hear in-depth and knowledgeable presentations from the public and private sector on cyber security issues and trends from their perspective countries.

Speakers include:

 Major General Roar Sundseth, Chief Information Officer and Commanding General of Cyber Defence, Norwegian Armed Forces  Suleyman Anil, Head of Cyber Defence, NATO *  Troels Oerting, Head of European Cybercrime Centre (EC3), EUROPOL  Guiseppe Abbamonte, Head of Unit, Trust and Security, DG-CONNECT, European Commission  Dr. Udo Helmbrucht, Executive Director, European Network and Information Security Agency (ENISA) *  Omar Sherin, Director, Critical Infrastructure, Qatar Computer Emergency Response Team (Q-CERT)  Senior Inspector Ljuban Petrovic, Cyber Crime Investigator, Service for Combating Organized Crime, Cyber Crime Department, Ministry of Interior, Serbia  Samir Mukhtarzadeh, Senior Detective Officer, Cybercrime Unit, Ministry of National Security, Republic of Azerbaijan  Francesca Bosco, Project Officer, United Nations Interregional Crime and Justice Research Institute (UNICRI)

Don’t miss out on the chance to hear from a wide international perspective on topical sessions on European Cyber Security Strategies & Policies, Cyber Law, Emerging Cyber Threats, Combating Cybercrime and International cooperation and collaboration.

If you are interested in participating at please contact [email protected]

 Listen to the key European players in the cyber security industry  Opportunity to network with 150+ delegates from across the globe  Discuss the latest cyber security challenges and emerging threats  Analyse the latest solutions to stop cyber terrorism with esteemed government personnel  Take the time to visit the vibrant exhibition to learn the industry solutions to cyber security  Don’t miss the chance to be networking with senior cyber experts for a full 3 day event

33 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide Why are ERP systems an easy target for cyber-attacks? by Alexander Polyakov CTO at ERPScan

At first, cyber-attacks are real and their number is going to grow. While filtering all information on this topic, I paid attention to the special area, which is related to cyber espionage and fraud. Among the most recent interesting findings, there was an AutoCad worm that steals files with interesting drawings and sends them to China. We are talking about real targeted attacks focused on stealing corporate secrets here. It’s not a simple example: there are many worms looking for PDF files with interesting content and sending them to authors, but this AutoCad example is something that can be a start of a new type of cyber-espionage weapons. All of this must be taken into account because there is one area which is underestimated in comparison to the current top security topics such as Cloud, BYOD and SCADA. Nowadays, the targets are mostly countries and their critical infrastructure, but there are business applications such as ERP systems that store and process critical data. They can become the target of espionage and fraud while very little attention is paid to them now. For example, there are a lot of internal fraud attacks, but should such an attack be automated and combined with a worm that would deliver exploits to the ERP system, you will combine the risk of a single fraudulent action with the power of the computer worm, which may potentially lead to the financial collapse of a single country if, for example, money from all financial organizations is simultaneously transferred to a certain account by this worm.

An ERP system is the heart of any large company; it enables all the critical business processes, from procurement, payment and transport to human resources management, product management and financial planning. All data stored in ERP systems is of great importance, and any illegal access can mean enormous losses, potentially leading to termination of business processes. Our “SAP Security in Figures” survey shows that the situation has changed significantly since early 2000s, when nobody knew about vulnerabilities and there were only fractions of information about them. In 2000, all the security of SAP boiled down to segregation of duties. By 2012, the interest in SAP has grown immensely in the security community, with 20 unique reports being released per year about various research in this area. SAP AG also started paying a lot of attention to this area, increasing the security of their products and conducting internal security conferences with external guest experts. We are working closely with them on discovering and patching security issues, so the process is underway. But the main issue is that the responsibility for securing business applications now falls to administrators, who should implement all applications securely, take customization into account and prioritize security updates. SAP itself can be securely configured, but it is not an easy task, especially if you do it manually and deal with a lot of systems. We also need to understand that SAP is not the only solution: there are Oracle and Microsoft business applications, and their security is no better.

ERP is a perfect target for cyber weapons because it is much easier now to find bugs and to exploit them, comparing to OS or browsers. Those are the targets of many cybercriminals and it is harder with every year to find something useful. ERP systems also store all data that you need so you do not need to design special payload or complex exploits such as Stuxnet. Speaking about the attacks that were described in public, the hot news from November about Anonymous attack on Greece finance ministry 34 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide are worth remembering. They used an exploit on the SAP system and published critical inside documents. While this information is neither approved nor declined, it’s a sign of interest in this topic anyway. Not only hacktivists but other large companies, too, can be interested in attacks on ERP, stealing corporate secrets, or executing DoS attacks on a competitor’s infrastructure. I spoke to some commercial organizations that sell and buy exploits for private and government companies (security intelligence services), and I was interested if there is a market for ERP exploits. They say that there is interest from both sides. Also, there are forums that sell access to botnets with IP ranges of specific companies. Nowadays, large companies sometimes have more power than governments, so corporate wars are one of possible scenarios, and business critical systems can be the most useful targets. And if no examples have been made public yet, in most cases it is because very few organizations use at least something to monitor malicious activity, so even if their system was compromised, they are not ready for forensic investigation and cannot expose the fact of compromise.

We are trying to increase awareness in this area. Put all threats together and design the best approach. For example, there are a lot of areas which should be analyzed such as backdoors in custom source code or logging of all relevant events for forensic investigation. Putting it all together and combining different methods, we also collect information for the project OWASP-EAS which is focused on the security of business-critical applications. Speaking of automated solutions and commercial software, technical assessment appeared in the end of 2010/11 while SoD checks were known since 2003. Nowadays, there are some players in the area of vulnerability assessment and SAP security monitoring focused on preventing cyber-attacks, including our company, of course. We are unique in ensuring full coverage of SAP security, including vulnerability assessment, source code security review, SoD, monitoring of malicious activities and attacks. As I said before, we cover business and technical areas that allow us to see the whole picture and understand more. It is like 1+1=3. It is a pretty small market yet, but we see great potential and a number of new competitors appear.

About The Author

Alexander Polyakov is CTO of ERPScan. Co-founder of ERPScan. Organizer of ZeroNights, a deeply technical security conference. Expert in security of enterprise business software like ERP, CRM and other. Manager of OWASP- EAS. Well-known security expert in SAP and Oracle security, who published over 100 vulnerabilities in the applications of these vendors. Writer of multiple whitepapers and surveys devoted to information security research in SAP, for example, the award-winning survey "SAP Security in Figures". Alexander is frequently invited to speak and train at prime international conferences such as BlackHat, RSA and 30 others around the globe as well as in internal workshops for SAP and Fortune 500 companies. Alexander can be reached online at @sh2kerr and at company website http://www.erpscan.com/

Free Online Course on July 11, 2013 at www.concise-courses.com

"NSA Spying Concerns? Learn Counterveillance" is a 60-minute live online instructor-led course for beginners who will learn how easily we are all being spied upon - not just by the NSA but by cyber criminals, malicious insiders and even online predators who watch our children; then you will learn the basics in the art of Counterveillance and how you can use new tools and techniques to defend against this next generation threat of data theft and data leakage.

The course has been developed for IT and IT security professionals including Network Administrators, Data Security Analysts, System and Network Security Administrators, Network Security Engineers and Security Professionals.

After you take the class, you'll have newfound knowledge and understanding of:

1. How you are being Spied upon. 2. Why Counterveillance is so important. 3. What You can do to protect private information.

Course Overview:

How long has the NSA been spying on you? What tools and techniques have they been using? Who else has been spying on you? What tools and techniques they have been using? What is Counterveillance? Why is Counterveillance the most important missing piece of your security posture? How hard is Counterveillance? What are the best tools and techniques for Counterveillance?

Your Enrollment includes :

1. A certificate for one free personal usage copy of the Preview Release of SnoopWall for Android 2. A worksheet listing the best open and commercial tools for Counterveillance 3. Email access to the industry leading Counterveillance expert, Gary S. Miliefsky, our educator. 4. A certificate of achievement for passing the Concise-Courses Counterveillance 101 course.

Stay tuned for the direct URL to this upcoming event and bookmark http://www.concise-courses.com 36 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide Webcam Spying Through Chrome and Flash

Researcher Egor Homakov demonstrated the possibility of Webcam hacking exploiting Chrome Inbuilt Flash player, a flaw that represents a serious threat to privacy. Webcam hacking, hackers are increasing their interest on millions of cams that surround us. These prying eyes are everywhere, in the street as in our home, gaming consoles, smartTV and PC are all equipped with a camera. The impressive diffusion of mobile devices equipped with web cameras makes Webcam hacking very attractive and it is considerably a serious menace for users' privacy, these attacks are silenced and could cause serious problems. Think for an instant of the implication related to Webcam hacking made by cybercriminals or by a government for surveillance purpose, we have seen it in the movies but today it is a reality. Let’s start from domestic webcam, the Webcam hacking is a reality according to a recent post published by Egor Homakov that highlighted a serious flaw in Google Chrome’s integrated Flash player. Egor Homakov demonstrated that just pressing the play button a user could authorize an attacker to access his webcam giving him the possibility to capture video and audio without getting permission. "I've heard a hacker could access my webcam and watch me in front of my computer. Could this really happen?" YES, it is possible exploiting new Flash based flaw in Google Chrome. "This works precisely like regular clickjacking - you click on a transparent flash object, it allows access to Camera/Audio channel. Voila, attacker sees and hears you," Homakov said. This type of attack dubbed is known for several years as Clickjacking, a known vulnerability in Adobe Flash Player Settings Manager. Adobe is aware of Clickjacking attacks and it resolved the flaw with a change to the Flash Player Settings Manager SWF file hosted on the Adobe website. Differently for Camjacking attacker could hide the Flash Player security message when the flash file is trying to access a web camera or to a microphone.

37 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide According the researcher the Webcam hacking is possible exploiting an invisible Flash element present on the page, it is enough that victim using Chrome Browser clicks on it is. “That's what I thought as well. written a simple page with the opacity and flash container (flash requested access to the web-camera), it was observed that 21 Firefox, Opera 12.15 or ignore transparency flash animation, or just do not handle. But IE and Chrome 27.0.1453.110 10 well treated transparency and allowed to place himself on top of the text and / or image. That, no doubt, would have gone into the hands of web designers. But to remain on its laurels were just not interested, and I started to dig deeper, taking the idea of Clickjacking attack, but to remake it to fit their needs, ie to borrow all the "useful" function for the attacker. I chose access to the webcam (of course, yet we can get access to the microphone, but it was important, then?) So, I wrote a simple USB flash drive, take a picture with the help of a web camera and sends it to the server. “ Homakov verified that Webcam hacking with Camjacking doesn’t work with semi-transparent on IE.

38 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide An Adobe security team representative has confirmed the bug related only to Flash Player for Google Chrome. Will Google solve the problem in the seven days established for fixing the bug to its products? But the concerns do not stop at home webcam, Craig Heffner, a former software developer with the NSA declared to have discovered the previously unreported bugs in digital video surveillance equipment from firms including Cisco Systems Inc, D-Link Corp and TRENDnet. "It's a significant threat," "Somebody could potentially access a camera and view it. Or they could also use it as a pivot point, an initial foothold, to get into the network and start attacking internal systems." said the specialist. He announced his intention to demonstrate it during the next Black Hat hacking conference, on July in Las Vegas. Heffner revealed that he has discovered hundreds of thousands of surveillance cameras exploitable by attackers via Internet. This is not a movie, neither an episode of the television serie Person of Interest ... This is reality and maybe the Big Brother is already exploiting it!

Editor and Chief, Pierluigi Paganini

Continuous Vulnerability Assessments and Secure Configurations by Adam Montville, Security and Compliance Architect at Tripwire Inc.

Synopsis: In the first installment we covered the “Inventory of Authorized and Unauthorized Devices” and the “Inventory of Authorized and Unauthorized Software.” In this article we will look at two more Controls designed to offer guidance on managing secure hardware and software configurations on a variety of devices, as well as implementing continuous vulnerability assessments and remediation efforts.

Recently, the Center for Strategic and International Studies (CSIS) released version 4 of the Twenty Critical Security Controls (here). Because the Controls are so expansive and detailed, I developed this digest to briefly highlight specific requirements so you can later use it as a checklist. Links to more expansive examinations of each Control are also provided.

In the first installment we covered the Inventory of Authorized and Unauthorized Devices and the Inventory of Authorized and Unauthorized Software, which we concluded could be combined into one of Control. Why make the distinction from a process perspective? Computing devices and software are assets from a business perspective, so tracking both with a degree of accuracy is important.

In this article we will look at two more Controls designed to offer guidance on managing secure hardware and software configurations on a variety of devices, as well as implementing continuous vulnerability assessments and remediation efforts.

40 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide Control 3 – Secure Configurations for HW and SW on Mobile Devices, Laptops, Workstations, and Servers

In a Nutshell:  If You Do One Thing, Do This: The plain and sad truth is that you’re going to have to implement some parts of Controls 1 and 2 to get this Control in place. Start with Security Configuration Management (SCM), which is really what this Control is all about. If you look at the breach reports from any of a variety of sources, you’ll find that misconfigurations - or configuration vulnerabilities - are very common breach factors  Prepare for Incidents: This Control has a ties to the Incident Detection and Response processes your organization has in place, so if you need SCM resources to be on standby for your IR program, then prepare for it with tis Control  Take These Requirements To Your Vendors: Once again there are several requirements here that you need to take to your vendors,, especially if you’d like to see frameworks such as the 20 CSC succeed in the long run  Take These Requirements to Your Developers: If you’re developing software in-house, then this Control presents requirements your internal developers need. Have your developers read through this, especially the parts on requiring interoperability between tools and alerting administrative personnel. It would also benefit your organization to consider internal Common Configuration Enumeration identifiers for your in-house application configuration settings

Areas for Improvement:  Use Consistent Terminology: Again, like in Controls 1 and 2, I found that some of the terms used are ill-defined or ambiguous – not helpful for clarity  Too Many Dependencies: It’s annoying that we have such intricate dependencies in Control Frameworks, and this is no exception. The first key takeaway says to implement this Control first, but also says that parts of Controls 1 and 2 need to be in place. There are also business processes that go unmentioned but are alluded to that this Control will effect. It seems that there should be a better way to communicate all this.  Leverage Data Exchange Formats: This and other Controls in this Framework are just begging to be automated. Having tools that work together without complicated, one-off integrations works to your advantage - and if you’re developing in-house, leverage the

41 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide data exchange formats described in the Security Content Automation Protocol, then ask for SCAP by name from your vendors  For more details on this Control - including a numbered list containing each requirement, its description, and my notes pertaining to the requirements – refer to the full analysis here.

Control 4 – Continuous Vulnerability Assessment and Remediation

In a Nutshell:  On Operational Maturity: Perhaps it is because the vulnerability patch cycle has been around for so long, but this Control seems to be different than the others in that it is more focused on the time it takes to accomplish specific tasks than it is on the quantity of the results. In other words, it is about the process of continuous vulnerability management. I foresee other controls going in this direction in the very near future – the efficiency of security processes is what is important, and this can always be improved over time.  On Interoperability: This Control is no different from the others in that it is part of the overall framework’s intricate web. The three obvious points of integration are the asset management, alerting, and ticketing systems, less obvious are integration opportunities with LDAP for user roles and the relationship of vulnerability management with configuration management, which are critically important to the security automation story  On Coverage: This Control leans quite heavily on ensuring that you’ve covered your enterprise, and at more than one point explicitly states that integration with the asset inventory system is important. Be sure to have a list of all software asset classes covered straight out of your asset inventory system when looking for scanning tools, as this will help you ensure that you have adequate coverage

Areas for Improvement - Provide More Explanation: At times, the requirements are not obvious – even to security professionals. Consider what it must be like from the organizational, non- security perspective to read some of these requirements. If the reason for doing work is not clearly articulated, it will not be supported by the organization

42 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide  Categorize Requirements Appropriately: A couple of requirements describing metrics that were not in the metrics section of the framework. This may simply be an oversight, but it’s still something that could be corrected  General Housekeeping: Some of the requirements should probably be reworded - one in particular talks about patches when it would be better to talk about vulnerabilities - and others could be safely omitted  For more details on this Control - including a numbered list containing each requirement, its description, and my notes pertaining to the requirements – refer to the full analysis here.  If there is any conclusion to make, I believe it is that Controls 3 and 4 are critically important to your organization. If you’re just starting out, you’re going to need to roll in some of the inventory management pieces from Controls 1 and 2, but take it small, fail fast, and scale quickly. It should be okay to get it wrong initially (if it isn’t in your organization, then you’re additionally going to need to work on setting expectations and really start small).  Just remember that data can be your friend – look to breach reports for data supporting the importance of configuration management, present it in a way that makes sense to your stakeholders, and you should be on a successful path.

About the Author: Adam Montville is a Security and Compliance Architect at Tripwire Inc. Adam ensures that technical architectures and solution capabilities solve real world security and compliance problems now and in the future. As a key member of the Security and Compliance Solutions team, Adam is part of Tripwire’s R&D, Product Management, Marketing, the field, and Executive Staff. Adam can be reached by email at [email protected] and on Twitter at @AdamMontville.

Highlights of CYBER CRIME and CYBER WARFARE Global News Clippings

Get ready to read on and click the titles below to read the full stories – this has been one of the busiest months in Cyber Crime and Cyber Warfare that we’ve tracked so far. Even though these titles are in BLACK, they are active hyperlinks to the stories, so find those of interest to you and read on through your favorite web browser…

Bit9, FireEye, Palo Alto Networks team to hit zero-day malware

05/21/2013 04:49 (Computer World Singapore)

44 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide Bit9, FireEye, Palo Alto Networks team to hit zero-day malware Bit9 has teamed with FireEye and Palo Alto Networks, which each have sandboxing...

Sourcefire goes beyond the sandbox

05/21/2013 02:43 (Help Net Security)

Sourcefire goes beyond the sandbox Sourcefire introduced malware trajectory capabilities across its Advanced Malware Protection portfolio, giving...

Wi-Fi client security weaknesses still prevalent

05/21/2013 02:43 (Help Net Security)

...Wi-Fi networks that has the potential for exploitation by skilled cyber-attackers says security expert Raul Siles. The vulnerability is dependent...

Officials say Chinese hackers gained access to sensitive data on Google’s servers

05/21/2013 00:26 (Richmond Times-Dispatch (AP))

...targeted the company s servers about the same time Google s system was compromised. The official said Microsoft concluded that whoever was behind...

Chinese hackers resume attacks on U.S. targets

05/20/2013 21:17 (Computer World Singapore)

...U.S. targets For the last three months or so, the U.S. government and some of its defense contractors have engaged in a war of shame on China to...

Peculiar malware trail raises questions about security firm in India

05/20/2013 21:17 (Computer World Singapore)

Peculiar malware trail raises questions about security firm in India Security firm Norman, investigating cyber-espionage- related to a Norwegian...

Attack on Telenor was part of large cyberespionage operation with Indian origins, report says

05/20/2013 21:13 (Computer World Singapore)

...cyberespionage operation with Indian origins, report says A recent intrusion on the computer network of Norwegian telecommunications company Telenor was...

05/20/2013 17:51 (Isssource.com)

...and instead find a way to clean up their system. That only means malware developers will end up turning it up a notch as they are trying a new...

Cloudy Days Ahead: Business App Risks

05/20/2013 17:21 (Isssource.com)

...by the cloud provider and its ability to keep up with trends in cyber crime. Demand the information you need to monitor your business on the...

Mac Malware with Developer ID

05/20/2013 14:14 (Isssource.com)

Mac Malware with Developer ID A new piece of Apple OS X malware is now floating around. Uncovered at the annual Oslo Freedom Conference, where...

LulzSec Members Sentenced

05/20/2013 13:19 (Isssource.com)

...sentences Thursday for their roles in cyber attacks launched against corporate and government sites in 2011. Ryan Cleary, 21, Jake Davis, 20,

4 clues that your smartphone has been hacked

05/20/2013 11:06 (WBALTV.com)

...intent," he said. A recent study by security firm NQ Mobile found malware threats to Android phones have increased 163 percent in the past year. The...

Cyber espionage campaign uses professionally-made malware

05/20/2013 08:53 (Help Net Security)

Cyber espionage campaign uses professionally-made malware Trend Micro researchers have discovered a new, massive cyber espionage campaign that...

Telenor cyberespionage attack has Indian origins

05/20/2013 07:49 (Computerworld) 46 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide ...started several years ago IDG News Service - A recent intrusion on the computer network of Norwegian telecommunications company Telenor was the...

Report: China renews hacking attacks despite Obama administration's warnings

05/20/2013 06:59 (The Hill - Blog)

...Liberation Army has resumed its attacks on U.S. companies and government agencies after going silent for the past three months amid heightened U.S.

Experts highlight top data breach vulnerabilities

05/22/2013 05:16 (Help Net Security)

..."Finance," you've painted a bull s eye on your back for Spear Phishing. Not only that, LinkedIn provides the hackers with the names of your closest...

BLOG: Watch out for waterhole attacks — hackers' latest stealth weapon

05/22/2013 04:56 (Computer World Singapore)

...opens a backdoor or installs other malware. It's like targeted spear phishing, only without the email. Waterholes have already compromised high-profile...

Federal IT mobile plans slowed by security, budget concerns

05/22/2013 00:53 (Computer World Singapore)

...68 percent say that employees in their agency receive written information about mobile device security. "That's an excellent step that they've...

US power companies under frequent cyberattack

05/22/2013 00:53 (Computer World Singapore)

...released on Tuesday. The report is in response to widespread concerns that hackers could damage parts of the U.S. power grid, causing widespread...

Aurora hackers said to have accessed law enforcement targets

05/21/2013 21:55 (Computerworld Malaysia) the Washington Post reported on Monday, citing former and current government officials as sources for the story. Such information would be invaluable...

05/21/2013 18:53 (Isssource.com)

...report comes out amid warnings from the Obama administration that foreign hackers are constantly seeking ways to punch holes in the electric grid.

Cyber Espionage Program Making Rounds

05/21/2013 17:52 (Isssource.com)

...hitting as many as 71 victims each day, including government ministries, technology companies, academic research institutions, nongovernmental...

The real cyber threat

05/21/2013 17:40 (KTXS.com)

...bank account, wouldn't you shut it down, regardless of government guarantees on your deposits? If a regional bank discovered that 10 percent...

Why mobile devices have become the weakest link

05/21/2013 16:55 (9News.com)

...Android, there is a glaring lack of consistency and basic security protocols. Cyber criminals are targeting mobile devices more than traditional...

Microsoft puts Dent into Click Fraud

05/21/2013 16:49 (Isssource.com)

Microsoft puts Dent into Click Fraud Because of efforts to stymie the ZeroAccess malware, Microsoft has seen a drop off in click-fraud traffic.

Cybercriminals Are Coming After Your Mobile Apps: Experts

05/21/2013 15:04 (CNBC)

...tablets. Once a user downloads the app, the phone is infected. "Mobile malware, just a few years ago, was a curiosity," said Chris Doggett, senior...

05/21/2013 14:47 (Help Net Security)

...before. The company says that the group has minimally changed the malware they used in the first attacks and are have again managed to compromise...

How a digital restaurant check stops data thieves

05/21/2013 09:54 (USA Today)

...payment card data remains a common practice. It represents a major security weakness that cyber gangs feast on. The latest high-visibility example:

Digital natives learn 'online hygiene'

05/21/2013 09:26 (PleasantonWeekly.com)

...(friends) we're worried about," DeCesare said. The computer security professional also cautioned his audience to watch for unusual links(phishing)

New Citadel malware variant targets Payza online payment platform

05/23/2013 05:14 (Computerworld Malaysia)

New Citadel malware variant targets Payza online payment platform The Trojan program adds a rogue PIN field to the Payza log-in page on infected...

Growing mobile malware threat swirls (mostly) around Android

05/23/2013 04:36 (Computerworld Malaysia)

Growing mobile malware threat swirls (mostly) around Android Attacks on mobile devices are rising just as PC malware soared with the Web, Kaspersky...

Cyber safety awareness is not enough: AISA

05/23/2013 04:26 (Computerworld Malaysia)

AISA Knowledge and awareness must go hand in hand, says security expert Cyber safety awareness may still be lacking amongst the wider community,

A spotlight on grid insecurity

05/23/2013 03:15 (Help Net Security)

49 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide For example, while almost all utilities said they complied with mandatory Stuxnet standards, only 21 percent of industry- owned utilities, 44...

Microsoft decrypts Skype comms to detect malicious links

05/23/2013 03:14 (Help Net Security)

...certain" the IP address is part of Microsoft s SmartScreen (phishing, malware and spam filter) infrastructure and that these headers are then...

Google engineer bashes Microsoft's handling of security researchers, discloses Windows zero- day

05/23/2013 01:32 (Computerworld) referring to the popular open-source penetration testing framework used by security professionals as well as by cyber criminals. "So it might...

Twitter Introduces Website Security Tool After AP Account Hacked

05/23/2013 00:51 (Washington Post - Bloomberg) the news agency said. Common tactics that hackers use include spear phishing attacks, in which someone is duped into installing malicious code...

Arizona ranks toward the top for Cyber Crime

05/22/2013 21:03 (Tucson News Now)

Arizona ranks toward the top for Cyber Crime TUCSON, AZ (Tucson News Now) - People are taking advantage of you and you may not even know it.

Hackers Find China Is Land of Opportunity

05/22/2013 19:18 (CNBC)

...abound, given the growing number of cybersecurity companies providing network defense services to the government, state-owned enterprises and...

NIST Analysis of Cyber Security Framework

05/22/2013 16:50 (Isssource.com)

NIST Analysis of Cyber Security Framework An initial analysis of hundreds of comments submitted by industry and the public related to President... 50 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide House Committee Continues Talks on Cyber Security Bill

05/22/2013 16:46 (Wltx.com)

House Committee Continues Talks on Cyber Security Bill Columbia, SC (WLTX) -- Lawmakers continued discussing a bill to address identity theft...

Malware and Viruses Still Pose a Threat

05/22/2013 10:46 (Technorati)

Malware and Viruses Still Pose a Threat Australia is fighting the malware problem by posting attack information online and making it public.

10 Data Breach Vulnerabilities Revealed

05/22/2013 10:26 (Portland Business Journal)

..."Finance," you've painted a bull's eye on your back for Spear Phishing. Not only that, LinkedIn provides the hackers with the names of your closest...

Swindles and Spam, Lurking in Your Search Results

05/22/2013 06:00 (Pittsburgh Post-Gazette)

...a nuisance. More perniciously, spammers can infect computers with malware and phish for sensitive personal data like credit card information.

Fighting cybercrime is on the right track

05/24/2013 05:33 (Help Net Security)

...that took place during the first quarter of the year, the fight against cyber-crime is on the right track, according to PandaLabs. Though there...

Facebook phishers target Fan Pages owners

05/24/2013 04:30 (Help Net Security)

Facebook phishers target Fan Pages owners Phishing emails claiming to come from "Facebook Security" are once again hitting users' inboxes, and...

New mobile tools gives agencies ‘giant innovation permission slip'

05/24/2013 02:43 (FederalNewsRadio.com) 51 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide ...fact we treat them different is a disconnect." The security baseline and architecture, the app development and mobile device management guidelines...

Tips for reducing risks while using mobile devices

05/23/2013 22:41 (The Oshkosh Northwestern)

...Security, also donates time as chairman of the non-profit Anti-Phishing Working Group. In this guest essay, Jevan outlines why mobile devices create...

Iran Hacks Energy Firms, U.S. Says

05/23/2013 21:27 (ADR.com)

...Energy Firms, U.S. Says WASHINGTON--Iranian-backed hackers have escalated a campaign of cyberassaults against U.S. corporations by launching...

DHS warns employees that years-old database hole puts their privacy at risk

05/23/2013 20:23 (ComputerWorld)

Social Security number and date of birth. [ SECURITY:Peculiar malware trail raises questions about security firm in India] DHS says the software...

Administration releases mobile security standards

05/23/2013 17:55 (Federal Times)

...a process for vetting mobile apps to check for vulnerabilities and malware and whether downloaded apps have been approved for use by the agency.

U.S. urged to let companies 'hack-back' at IP cyber thieves

05/23/2013 17:22 (ComputerWorld)

...today. The stolen IP is used to help Chinese companies and the Chinese government close the current technology gap with the U.S. That finding is...

Could the Bitcoin network be used as an ultrasecure notary service?

05/23/2013 17:10 (Computerworld)

...digests is the same. Hashing algorithms are an important component of computer security and are often used to verify that an application, for...

05/23/2013 16:48 (Isssource.com)

Hangover Points to Private Attack There is a large-scale malware and cyber-espionage operation related to high-profile attacks and government...

A Privacy App That Ensures Personal Data Really Disappears

05/23/2013 15:14 (Entrepreneur.com)

...experts. Brought together by Jerry Dixon, who served as director of cyber security for the Department of Homeland Security, the San Francisco-based...

China's surprisingly open hacking culture

05/23/2013 13:38 (Yahoo! News)

China's surprisingly open hacking culture A hacker freelancing for a privately owned company can earn up to $100,000 a year overseas Although...

Target located: The growth of the targeted attack

05/23/2013 12:20 (Computerworld Malaysia)

...year, oil giant Saudi Aramco suffered a very serious and very public cyber attack, which floored 30,000 machines. This was a very sophisticated...

Combatting Click Fraud: An Ad Network Checklist

05/23/2013 12:16 (Adotas)

...mitigate the risk will help protect campaigns. The advent of malware-laden botnets has substantially impacted advertisers revenues in recent years,

India likely source of mulit-nation cyberspying

05/23/2013 11:22 (The Daily Journal (AP))

...Norman's report as "Operation Hangover," began with spear phishing. They identified and targeted specific senior Telenor managers, sending them...

05/23/2013 11:19 (ComputerWorld)

...professionals to talk with people who may not know the risks. "Computer security missionary behaviour is about talking. People know how to use Google...

Cyber safety awareness is not enough: AISA

05/23/2013 10:12 (Computer World Singapore)

...of what to do," he said. "This is why the [Australian government's] Stay Smart Online campaign is important, because it is both raising the issue...

Your Mobile Device Is a Hack Waiting to Happen: Pros

05/23/2013 09:49 (CNBC)

Your Mobile Device Is a Hack Waiting to Happen: Pros Technology Editor, CNBC.com Photographer | Collection | Getty Images When it comes to keeping...

Hackers Shift Focus From PC to Mobile: Khan

05/23/2013 08:50 (Bloomberg)

...Executive Officer at NQ Mobile, discusses the dangers from mobile malware and intensified focus from hackers to the mobile market. He speaks...

The dangers of downloading software from unofficial sites

05/23/2013 06:49 (Help Net Security)

The dangers of downloading software from unofficial sites Because malware peddlers often bundle their malicious wares with legitimate software,

Is it time to professionalize information security?

05/23/2013 03:14 (Help Net Security)

...recognised how important information security is to their own national security and have developed cyber security strategies to secure their critical...

China dismisses Australian spy HQ hacking claims

05/28/2013 00:37 (The Guardian)

54 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide ...threaten bilateral ties. Carr refused to confirm ABC reports that the cyber-attack netted documents containing details of the building's floor...

91% of targeted attacks start with spear-phishing email

05/28/2013 00:20 (Computer World Singapore)

91% of targeted attacks start with spear-phishing email Ninety-one percent of targeted attacks start with spear- phishing email, according to...

Twitter's two-factor authentication implementation can be abused, researchers say

05/27/2013 22:17 (Computer World Singapore)

An attacker who steals someone's log-in credentials, via phishing or some other method, could associate a prepaid phone number with that person's...

Commission wants to turn tables on IP thieves by crippling PCs with extortion-style lock-outs

05/27/2013 22:17 (Computer World Singapore)

...computers. Variously labeled "ransomware" and "scareware," such malware cripples a PC or encrypts its files, then displays a ransom note demanding...

U.S. needs to bolster cybersecurity

05/27/2013 19:16 (StarTribune.com)

...rather in millions of dollars of intellectual property stolen or compromised. Computer networks are vital to American capitalism and society...

Iran's approaching vote brings restricted web access

05/27/2013 16:26 (WDEF News 12)

...profiles to try to ferret out dissidents. Iran is believed by many security experts to be behind computer-virus attacks last year on Saudi Arabian...

Auburn Gets $1 Million for Cyber Security Program

05/27/2013 16:07 (ABC 32 WNCF TV)

Auburn Gets $1 Million for Cyber Security Program Auburn University will get $1 million in state money for its new cyber security program. The...

05/27/2013 12:47 (Lowell Sun Online (AP))

..."It's just a virus...." You might think that a computer virus is something that is just an annoyance, but you should rethink that assumption.

Hardware keylogger VS Software Keylogger

05/27/2013 11:07 (FreeBusinessWire.com)

Hardware keylogger VS Software Keylogger The most important and effective superiority of a hardware keylogger over a software keylogger is that...

Sourcefire tracks malware with added trajectory capabilities

05/27/2013 07:46 (Computer World Singapore)

Sourcefire tracks malware with added trajectory capabilities Sourcefire has introduced malware trajectory capabilities across its advanced malware...

Commission wants to turn tables on IP thieves by crippling PCs

05/27/2013 06:35 (Computer World Australia)

...computers. Variously labeled "ransomware" and "scareware," such malware cripples a PC or encrypts its files, then displays a ransom note demanding...

Could the Bitcoin network be used as an ultrasecure notary service?

05/27/2013 00:21 (Computer World Singapore)

...digests is the same. Hashing algorithms are an important component of computer security and are often used to verify that an application, for...

Researchers find more versions of digitally signed Mac OS X spyware

05/27/2013 00:16 (Computer World Singapore)

...allows attackers to execute commands on the infected computers. The malware was initially discovered last week on the Mac laptop of an Angolan...

05/27/2013 00:15 (Computer World Singapore)

...target of numerous and daily cyberattacks. Those attacks range from phishing emails to malware infections to unfriendly probes. In contrast with...

Layered defenses largely fail to block exploits, says NSS

05/26/2013 22:17 (Computer World Singapore)

...exploits, says NSS Security experts have long touted a layered approach to cyber security as the most effective way to thwart network intruders, but...

Researchers find unusual malware targeting Tibetan users in cyberespionage operation

05/26/2013 11:11 (Computer World Singapore)

Researchers find unusual malware targeting Tibetan users in cyberespionage operation Security researchers from antivirus vendor ESET discovered...

Researchers warn of increased Zeus malware activity this year

05/26/2013 09:51 (Computerworld Malaysia)

Researchers warn of increased Zeus malware activity this year The number of Zeus variants peaked in mid-May, but the increased activity is expected...

U.S. weapons 'compromised' by hackers

05/29/2013 04:09 (The Province)

Pentagon programs target of China cyber threat - Timesonline.com: Technology

05/29/2013 03:08 (Timesonline.com)

Pentagon programs target of China cyber threat - Timesonline.com: Technology New revelations that China used cyberattacks to access data from...

Addonics releases CipherUSB family of hardware encryption solutions

05/29/2013 02:42 (Help Net Security)

...solution is perfect for protecting any USB storage against viruses or malware attacks. It is also ideal for forensics applications. The CipherUSB...

05/29/2013 02:17 (Help Net Security)

...McAfee, dynamic whitelisting, risk intelligence, and real-time security management. By including mobile device management and support for Macs and...

S.C. House panel says cyber-security bill is too rushed

05/29/2013 01:36 (The Post and Courier (AP))

S.C. House panel says cyber-security bill is too rushed COLUMBIA A bill aimed at strengthening cyber-security across state government may be...

Obama will press China on hacking

05/29/2013 01:00 (The Hill - Blog)

...sensitive blueprints of critical U.S. weapons systems. A Department of Defense spokesman said the Pentagon has taken steps to protect itself...

Cyber crime king

05/29/2013 00:54 (New York Post)

Cyber crime king Feds whack hack He couldn t write a computer program that would get him out of this. An elite member of the computer-hacking...

China army to conduct first 'digital' exercise

05/28/2013 22:37 (Yahoo! News Canada)

Five steps to ultimate Firefox security

05/28/2013 22:03 (Computerworld Malaysia)

Five steps to ultimate Firefox security Fend off malware, phishers, and their ilk by exercising Firefox's built-in security features and picking...

Lack of awareness key challenge for security: Huawei

05/28/2013 19:56 (Computerworld Malaysia)

Lack of awareness key challenge for security: Huawei Cyber Security Conference panel says BYOD and social media mean more threats. Lack of awareness... 58 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide Despite Losses, SMB’s Remain Insecure

05/28/2013 17:34 (Isssource.com) the FSB found 41 percent of its members had been the victims of a cyber attack in the last year. The average cost of cybercrime-related losses...

Obama, China's Xi to discuss cyber security in June meeting

05/28/2013 15:27 (Yahoo! News Canada)

Smart Grid Growing; Security ‘Ignored’

05/28/2013 15:16 (Isssource.com)

...power sector, but it seems companies have disregarded the idea of cyber security, new research said. The restructuring of the power sector and...

Feds shut down 'financial hub' for cybercrime

05/28/2013 14:21 (SecurityInfoWatch.com)

...part of the scheme, calling Liberty Reserve a "financial hub of cyber-crime world." "The defendants deliberately attracted and maintained a customer...

Can mobile malware be activated via sensors?

05/28/2013 11:57 (Help Net Security)

Can mobile malware be activated via sensors? Can mobile malware be activated via sensors available on current mobile devices, and receive commands...

ASIO hack claim no threat to China ties: Carr

05/28/2013 10:37 (Computerworld Malaysia)

Carr Senator Carr has refused to confirm ABC reports that the cyber attack netted documents containing details of the massive new ASIO building's...

Chromium browser gets new reset options for easier recovery from malware

05/28/2013 10:35 (Computerworld Malaysia)

59 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide Chromium browser gets new reset options for easier recovery from malware New default settings options in the Chromium browser point to an easier...

IPS market to grow on back of worry over APT attacks

05/30/2013 05:28 (Computer World Singapore)

...of at least detecting more complex threats rather than stopping conventional malware. Vendors had also invested in 'next generation' IPS capabilities...

FAQ on global supply-chain security standard to prevent IT tampering, counterfeiting

05/30/2013 05:28 (Computer World Singapore)

...the standard. Other OTTF members include representatives from the U.S. Department of Defense (DOD), NASA and Lockheed Martin, plus several IT...

Signature-based endpoint security on its way out

05/30/2013 05:04 (Computerworld Malaysia)

...Signature-based blacklisting security technologies are losing the battle against malware, says McAfee, which has streamlined its endpoint security offerings...

Hackers exploit Ruby on Rails vulnerability to compromise servers, create botnet

05/29/2013 23:46 (Computer World Singapore)

...from a remote server, compile it locally and execute it. The resulting malware is a bot that connects to an IRC (Internet Relay Chat) server...

Spear phishing paves road for Advanced Persistent Threats

05/29/2013 21:56 (Computer World Singapore)

Spear phishing paves road for Advanced Persistent Threats Cyber intrusions that remain undetected for long periods of time and leak information...

Microsoft moving bot-busting fight to the cloud

05/29/2013 21:49 (Computer World Singapore)

...via Azure, Microsoft said. Botnets are typically formed when hackers exploit vulnerabilities in a number of different computers, either via a...

05/29/2013 20:34 (Yahoo! News Canada)

Utility Blackouts as a Weapon

05/29/2013 16:49 (Isssource.com)

...Weapon By Richard Sale Last week s headlines said it succinctly: New cyber attacks from Iran hit U.S. enterprises focusing on energy sector.

Skype Used to Spread Trojan

05/29/2013 14:45 (Isssource.com)

...file containing Liftoh. The Trojan is the capable of downloading additional malware. So far users have clicked on the malicious URLs more than...

U.S. accuses cyber exchange of laundering $6 billion

05/29/2013 14:45 (The Middletown Press)

...statement from the U.S. Treasury. Users could buy malware programs designed to assault financial institutions, as well as lists of information...

Trend Micro Fixes DirectPass Bugs

05/29/2013 14:27 (Isssource.com) could end up leveraged for persistent session hijacking, phishing, module context manipulation and persistent redirects to malicious websites.

U.S. Defense Companies Have Developed Serious Cyber Security Capabilities

05/29/2013 13:08 (Lexington Institute)

U.S. Defense Companies Have Developed Serious Cyber Security Capabilities Yesterday s story in The Washington Post about a DSB report on Chinese...

Ludlam, Brandis clash on privacy in cyber debate

05/29/2013 12:16 (ComputerWorld)

...about the danger of cyber attacks and increase funding for government agencies charged with defending against those attacks. Ludlam said Parliament... 61 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide Hacking overshadows closer U.S.-China military ties

05/29/2013 11:04 (The Advocate (AP))

...Tuesday s meeting emphasized the need to cooperate further on North Korea, cyber-security, climate change and stability in Asia. It called the...

Ruby on Rails bug is being exploited in the wild, researcher warns

05/29/2013 09:59 (Help Net Security)

...crontab and downloads malicious source files and executables. The downloaded malware ultimately sets up an IRC bot that attempted to connect to...

DoD responds to claims that weapons systems were compromised

05/29/2013 08:29 (FederalNewsRadio.com)

...weapons platforms." Little also says, "The Department of Defense takes the threat of cyber espionage and cyber security very seriously, which...

Baltimore-Washington business organizations team on task force to foster cyber industry growth

05/31/2013 07:36 (ABC 12 – WJRT)

...responsible for developing a strategic plan to leverage the region's government, educational and business resources to nurture the growth of the region's...

Virtual haven for rogues and spies

05/31/2013 07:17 (Computerworld Malaysia)

...rogues and spies Liberty Reserve was shut down last weekend, but cyber security experts say it was just one among hundreds of anonymous internet...

Hagel to talk cyber rules with Chinese

05/31/2013 07:10 (THonline.com)

Hagel to talk cyber rules with Chinese ABOARD A U.S. AIRCRAFT -- Defense Secretary Chuck Hagel will meet with members of a Chinese delegation...

AFOSI, security forces train Airmen to track, report suspicious activity

05/31/2013 06:00 (Peninsula Warrior) 62 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide ...go unnoticed and could cause harm to those around. While keeping Langley Air Force Base, Va., safe and secure is every Airman s responsibility;

Yes it can happen here: Poughkeepsie utility hacked

05/31/2013 04:54 (Smart Grid News)

...with state and federal authorities and industry groups to investigate a cyber attack earlier this month where hackers gained entry to as many...

University of Illinois CS department machines compromised

05/31/2013 02:13 (Help Net Security)

...machines compromised Several computers in the University of Illinois Computer Science Department have apparently been compromised to host malware-serving...

Fake tech support scam hits victims

05/31/2013 02:00 (Omaha.com)

...card accounts. Be sure to run a virus scan. If you suspect that your computer is infected by a virus, check with the BBB at bbb.org to find BBB...

Cyber threats pose 'stealthy, insidious' danger: defense chief

05/31/2013 01:42 (The Baltimore Sun)

...avoid conflict on global computer networks. Hagel said he would address cyber security in his speech on Saturday to the Shangri-La Security Dialogue...

Chuck Hagel takes questions from the ranks in Hawaii

05/31/2013 01:37 (Omaha.com)

MCLB workers find out furlough details

05/31/2013 00:59 (WALB.com)

Timely malware: How spammers turn a profit from our misfortune

05/30/2013 22:27 (Computerworld Malaysia)

63 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide Timely malware: How spammers turn a profit from our misfortune Scammers use world disasters to lure you into clicking links to malware. Spammers...

The BYOD mobile security threat is real

05/30/2013 21:43 (Computerworld Malaysia)

...Leaver" open the doors to data breaches in a BYOD environment, says a cyber-crime expert. Paul Luehr knows a thing or two about security, the...

VAFB Firefighters, Civilians Hit With Sequestration Furloughs

05/30/2013 19:37 (KCOY)

...among dozens of Vandenberg Fire Department personnel, as well as civilian Department of Defense workers on the base, who've received furlough...

Workers at Ohio base get furlough notices this week

05/30/2013 16:32 (Akron Beacon Journal)

...furlough notices beginning Friday. Civilians working at Wright-Patterson Air Force Base near Dayton already knew that federal budget cuts would...

Despite Hackers, DOD Retains Faith in Weapon Systems

05/30/2013 15:28 (Department of Defence)

...join to help deter and mitigate these attacks. The Defense Industrial Base Enhanced Cybersecurity Information-sharing Program helps companies...

Government warned urgent action needed on G-Cloud and Universal Credit

05/30/2013 12:23 (ComputerWorld)

...with the red rating, including the department's £5 billion Defence Core Network Services programme, which is responsible for replacing the MoD's...

Gmail tip: Don't forget to check your spam filter

06/03/2013 03:08 (Computerworld Malaysia)

For example, amidst the "enlargement" come-ons and obvious phishing attempts, I found some marketing emails I actually wanted, from companies...

64 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide McAfee Quarterly Threat Report Sees Social Media Worm Resurgence as Spam Rises Dramatically

06/03/2013 00:22 (Reuters US News)

...highs. The McAfee Labs report showed the continued increases in Android malware, malicious web URLs and overall malware samples. But the increase...

Helpful hacking: Volunteers look for ways to use tech to solve Chattanooga problems

06/03/2013 00:05 (Timesfreepress.com)

7 things you can do to make Internet Explorer more secure

06/02/2013 21:37 (Computer World Singapore)

...Explorer--or any Web browser, for that matter--protects against attacks and malware greatly depends on whether you keep it up to date and have the right...

Cybercriminals go back to the USSR

06/02/2013 20:57 (Computerworld Malaysia)

...a spurt in registrations--many of them by miscreants pushing scams and malware, according to cyber-security company Group IB. In 2011, Group...

Hagel Gives Blunt Warning to China on Cyber Attacks

06/02/2013 16:16 (Hawaii Reporter)

...of cyber intrusions, some of which appear to be tied to the Chinese government and military," said Hagel. "As the world s two largest economies,

Oregonians lose over $6 mil. to cyber crime in 2012

06/02/2013 16:06 (KPIC.com)

Oregonians lose over $6 mil. to cyber crime in 2012 EUGENE, Ore. -- Online scams are on the rise, and according to the Internet Crime Complaint...

China, US agree to talks on cyber theft and espionage

06/02/2013 13:15 (The Guardian) high-level talks on how to set standards of behaviour for cyber security and commercial espionage - the first diplomatic effort to defuse the... 65 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide LinkedIn aims to keep hackers out with two-factor login

06/02/2013 12:46 (Computerworld Malaysia) it is not a panacea, some security experts have said. With an email phishing attack, for instance, a hacker could fake a login page to ask for...

Mobile phone security no-brainer: Use a device passcode

06/02/2013 12:32 (Computerworld Malaysia)

Mobile phone security no-brainer: Use a device passcode With mobile device theft on the rise, Microsoft is pushing users to 'protect the device,

McDaniel College computer science majors design zombie App, land postgraduate employment

06/02/2013 09:26 (Chambersburg Public Opinion)

...Last City," users must build a community quickly before zombies attack. Four McDaniel College computer science majors created the game. After...

Why caregivers should care about digital backups

06/02/2013 09:25 (KevinMD.com — Medical Blog)

Cybersecurity seen as topping Obama's agenda during upcoming meeting with Chinese president

06/02/2013 07:40 (Pendleton Times-Post)

Report: US, China to hold talks on cyberattacks

06/02/2013 07:39 (The Hill - Blog)

...Chinese for launching a wide campaign of cyber espionage against the American government and U.S. industries. China denies the allegations. On...

US and China to discuss cybersecurity at high-level diplomatic meetings

06/02/2013 07:27 (The Guardian)

...threat to its interests. Chinese commentators have also frequently pointed to Stuxnet, the computer worm that attacked Iran's nuclear programme in...

06/02/2013 05:01 (RGJ.com(AP))

Komando: Signs your computer is infected Oh, the not-so-humble computer virus. For decades, it s been making computer users miserable. Today,

Lawmakers press Obama to get tough with China on hacking

06/02/2013 02:00 (The Hill - Blog)

...U.S. "will not be tolerated." "In years past, this cyber trade war has been well down the list of bilateral concerns to address with China. It...

Minimizing Risks from Cybercrime

06/01/2013 22:46 (The Cutting Edge)

...for free why?" But common sense is a poor substitute for good security: *Activate your computer s firewall. *Install reputable anti-virus and...

Searching out the evidence: Electronic forensics offers critical information

06/01/2013 22:18 (The Daily Breeze)

...gang cases involve cell phones, photos. The goal of electronic forensics is to examine digital media with the aim of identifying, preserving,

Secret Symantec building keeps websites safe

06/01/2013 09:00 (Tribune-Review (AP))

...let new job blind you to its realities General Mills rides snack attack Stream of covers crowds digital music services Tata brings new life to...

Beware of malware: 5 signs of computer infection, virus

06/01/2013 01:41 (The Desert Sun (AP))

Beware of malware: 5 signs of computer infection, virus Oh, the not-so-humble computer virus. For decades, it s been making computer users miserable.

06/01/2013 01:09 (FOX5 Vegas - KVVU)

Newly Discovered Malware Targets Financial Institutions This article was originally distributed via PRWeb. PRWeb, WorldNow and this Site make...

Cyber specialist to testify at U.S. soldier's WikiLeaks trial

06/04/2013 05:40 (CANOE -- Cnews)

New iPhone hacking threat found

06/04/2013 05:06 (WESH)

...charger." The team plans to demonstrate its findings at the Black Hat computer security conference, which begins July 27 in Las Vegas. In a preview...

Bruins crush Pens 6-1 for 2-0 lead in East finals

06/04/2013 04:47 (8 News NOW)

...could enter insanity plea Tuesday Silicon Valley at front line of global cyber war Thousands go home as wildfire calms north of LA Fort Hood...

Trojan Malware Targets Macs on the Web By Jennifer LeClaire

06/04/2013 02:34 (E-Channel News)

The near impossible battle against hackers everywhere

06/04/2013 02:32 (E-Channel News)

FBI experts enlighten community about cyber crime protection

06/04/2013 00:09 (New Jersey Herald)

FBI experts enlighten community about cyber crime protection By JOE CARLSON [email protected] FRANKFORD Cyber Crimes, IC3, an online crime...

Rip-Off Alert: FBI wary of online photo-sharing programs

06/03/2013 22:47 (My News 3)

68 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide ...system, updated with the latest patches. Ensure your anti-virus software and firewalls are current -- they can help prevent Malware infections.

Plugging network leaks

06/03/2013 22:42 (Computer World Singapore)

...IT compliance, corporate security, product development, critical infrastructure protection and other relevant issues. Identifying potential vulnerabilities...

McAfee sees surge in spam, Koobface samples, MBR attacks

06/03/2013 21:30 (Computerworld Malaysia)

...First quarter of 2013 characterized by significant rise in spam levels and malware samples, new McAfee report says. The first three months of...

Defending against exploit kits

06/03/2013 21:30 (Computer World Singapore)

...Exploit kits comprised of malicious programs that identify and then attack cyber-vulnerabilities and spread malware represent the dark but massively...

Hackers are increasingly targeting Android devices, McAfee warns

06/03/2013 17:43 (Baltimore Sun Blogs) contacts and photos to a hacker s computer. The volume of malware targeted at mobile devices, such as Superclean and DroidCleaner, surged nearly...

Media Advisory - RCMP Warn Public of "Scareware" Scam

06/03/2013 14:34 (Yahoo! Canada Finance)

Evernote beefs up security with two-factor verification

06/03/2013 12:59 (Infosecurity)

Later in the same month the cloud-based service was found to be used for malware control. A trojan known as BKDR_VERNOT.A retrieves its C&C server...

06/03/2013 10:15 (CapitalGazette.com)

...institution in the nation to receive a digital forensics designation from the Defense Cyber Crime Center, also know as DC3. The college was named...

Colleges expand programs as cybersecurity threats grow

06/03/2013 08:18 (USA Today)

...programs. CINCINNATI -- Fueled by an increase in cyber attacks on critical infrastructure -- nearly 200 last year compared with fewer than a dozen...

Cyber experts say calling out China may be working

06/05/2013 05:57 (The Olympian (AP))

Cyber experts say calling out China may be working SINGAPORE After years of quiet and largely unsuccessful diplomacy, the U.S. has brought its...

Hackers access email accounts in Turkish PM Erdogan's office

06/05/2013 05:49 (Yahoo! News Canada)

No slowdown for cyber criminals: Symantec Malaysia report

06/05/2013 05:20 (Computer World Singapore)

...includes targeted attacks in the manufacturing and small businesses sectors, mobile malware, and phishing threats." According to the study, Tan,

China has 'mountains of data' about U.S. cyber attacks: official

06/05/2013 03:02 (Orlando Sentinel)

...Washington for such attacks, and called for greater cooperation to fight hacking. Cyber security is a major concern for the U.S. government and is...

Sourcefire offers advanced security against malware

06/05/2013 02:56 (Computerworld Malaysia)

Sourcefire offers advanced security against malware Solution can track and analyse malware activity for better security With malware and other...

06/05/2013 02:00 (Omaha.com)

Speaker talks zombies to drive home cyber attack points If you've ever paid taxes, filed for unemployment, applied for a driver's license or...

Study asks what happens to hacked data

06/04/2013 23:26 (Computer World Australia)

...mechanism for assessing intelligence and filtering it into a common position for government consideration. In Australia, that's done by the Office...

Researchers find Java users woefully tardy on patching

06/04/2013 23:17 (Computer World Singapore)

...bad app can act very quickly. "More than half the malware out there will communicate with its Internet control within 60 seconds of infection,"

Possibly related DDoS attacks cause DNS hosting outages

06/04/2013 22:52 (Computer World Singapore)

...these small queries into significantly larger responses aimed at a specific network." This attack technique is known as DNS reflection or DNS...

Malware going retro in 2013, security firm finds

06/04/2013 21:34 (Computer World Singapore)

Malware going retro in 2013, security firm finds Malware perpetrators turned to their old tricks in the first quarter of this year, a threat...

NATO boosts cyber defences but members differ on its role

06/04/2013 19:31 (Reuters.co.uk)

...should respond to requests for help from members that come under cyber attack. Smaller countries with limited resources are keen to take advantage...

Computer virus affects 1,670 UMass students

06/04/2013 18:37 (WWLP.com) 71 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide Computer virus affects 1,670 UMass students Health records were exposed AMHERST, Mass. (WWLP) - A computer virus left the health records of more...

Reworked Trojans a Major Threat

06/04/2013 15:46 (Isssource.com)

...said. The quarter also saw yet another boom in the number of mobile malware families operating in the wild. Our count of mobile malware samples,

NetTraveler spyware compromised 1,000 political and industrial targets

06/04/2013 15:15 (Infosecurity)

...tried-and-true, but simplistic one: NetTraveler victims are infected through spear-phishing attacks using Office documents, which exploit two publicly...

Be careful where you get your Apple iOS7 news – it may be a phish

06/04/2013 11:48 (Infosecurity)

...it may be a phish Security researchers have discovered a new phishing website under construction ; one designed to take advantage of rapidly...

Microsoft, US feds disrupt Citadel botnet network

06/06/2013 05:47 (Computer World Singapore)

...Bureau of Investigation have taken aim at a botnet network based on malware called Citadel that is held responsible for stealing people's online...

Mobile security incident costs, regional threat differences revealed

06/06/2013 03:08 (Computer World Singapore)

...someone losing a cell phone in a cab than they are of cybercriminals hacking into a mobile device," Emo said. Another finding may explain why...

The intelligent security model

06/06/2013 03:02 (Computer World Singapore)

Law enforcement agencies are also working together sharing information to combat cyber crime. "With an estimated 14 people per second falling...

06/06/2013 02:28 (Bloomberg)

...Obama meets with Chinese President Xi Jinping, a summit where computer security is expected to be among issues discussed. Hacking has emerged...

Zeus computer virus draining bank accounts

06/06/2013 00:40 (AZFamily.com)

Zeus computer virus draining bank accounts PHOENIX --It turns out the six-year old Zeus Trojan Horse virus has resurfaced and is wrecking havoc...

Malware increasingly uses peer-to-peer communications, researchers say

06/06/2013 00:24 (Computerworld Malaysia)

Malware increasingly uses peer-to-peer communications, researchers say The number of malware samples that use P-to-P (peer-to-peer) communications...

Attorneys learn about digital forensics, electronic data discovery

06/06/2013 00:00 (ObserverToday.com)

Attorneys learn about digital forensics, electronic data discovery MAYVILLE - Gaining an education doesn't stop when schooling ends, not even...

Study asks what happens to hacked data

06/05/2013 23:44 (Computer World Singapore)

...mechanism for assessing intelligence and filtering it into a common position for government consideration. In Australia, that's done by the Office...

Chinese 'NetTraveler' hackers stole data from 350 organisations, says Kaspersky Lab

06/05/2013 21:15 (Computer World Singapore)

...350 organisations, says Kaspersky Lab An apparently innocuous piece of malware called NetTraveler has been identified as a key component of a...

Global $200 million credit card hacking ring busted

06/05/2013 21:00 (E-Channel News) 73 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide U.S. lawmakers to introduce new bill to punish cyber theft

06/05/2013 20:03 (Reuters Canada)

Schneider Mitigates PLCs Holes

06/05/2013 18:23 (Isssource.com)

...PLC products. These vulnerabilities ended up released at the 2013 Digital Bond SCADA Security Scientific Symposium (S4) conference this past...

Adware is biggest threat to smartphone security in U.S., report says

06/05/2013 16:54 (Baltimore Sun Blogs)

...in every thousand users are also susceptible to having financial accounts hacked by apps silently operating in the backgrounds. Known as a Trojan,

Espionage Campaign Uncovered

06/05/2013 16:50 (Isssource.com)

The campaign, in which advanced persistent threat (APT) actors use the malware to spy on their targets, has made over 350 high-profile victims...

Microsoft : Hybrid cloud is good for IT, end users and corporate bottom line

06/05/2013 16:18 (ComputerWorld)

...manage my PCs, all my users' devices as well as my anti-malware on one common infrastructure all these things drive savings," Anderson says. Since...

Mobile Devices and Cybercrime: Is Your Phone the Weakest Link?

06/05/2013 15:15 (Knowledge@Wharton)

Mobile Devices and Cybercrime: Is Your Phone the Weakest Link? You see them everywhere: people hunched over their smartphones or tablets in cafes,

The effect of BYOD on information security

06/05/2013 10:59 (Infosecurity)

74 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide ...stolen devices is considered greater than the threat from downloaded malware. Android is considered the most vulnerable platform but surprisingly,

The need for a collaborative effort against cybercrime

06/05/2013 10:59 (Help Net Security)

...essential to mitigating the mounting risks facing UK businesses. As spear phishing continues to be the most successful method to instigate an...

With troops and techies, U.S. prepares for cyber warfare

06/07/2013 04:32 (Reuters Canada)

Rogue employees, malware exploits and unauthorized software

06/07/2013 04:11 (Help Net Security)

Rogue employees, malware exploits and unauthorized software While IT security professionals recognize the threat posed by unwitting employees,

Cyber disputes loom large as Obama meets China's Xi

06/07/2013 03:32 (Reuters Canada)

Critical IE update slated for Patch Tuesday

06/07/2013 02:43 (Computer World Singapore)

...executed, an attacker would have to craft a malicious site and use a phishing attack to lure an unsuspecting user to the site, which would then compromise...

Experts question UN role in policing cyber attacks

06/07/2013 00:38 (Computerworld Malaysia)

China President Xi Jinping and US President Barack Obama will discuss cyber security between the nations at the upcoming meeting. Photo: Reuters...

Botnets now routinely using P2P to evade detection, says Damballla

06/06/2013 23:46 (Computer World Singapore)

...to evade detection, says Damballla Several of the Internet's most dangerous malware threats are now routinely using peer-to-peer (P2P) command... 75 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide Cyber Security Questioned After UK Huawei Deal

06/06/2013 23:33 (CNBC)

Cyber Security Questioned After UK Huawei Deal A highly critical report by U.K. lawmakers has shone a light on deficiencies in the government's...

Secret Intelligence Fuels U.S. Hacking Fight With China

06/06/2013 22:02 (Bloomberg)

...linking that country s military to attacks on U.S. companies and defense contractors. The seeds of the dispute, though, are at least three years...

3 reasons why criminals exploit social networks (and tips to avoid getting scammed)

06/06/2013 21:22 (Computer World Singapore)

...Marathon bombings and victims in the hours after the incident. The hack of the Associated Press Twitter account was perhaps the first time we...

NSA data mining can help stop cybercrime, analysts say

06/06/2013 20:48 (Daily Record (AP))

NSA data mining can help stop cybercrime, analysts say WASHINGTON - The huge volume of telephone records turned over to the U.S. government could...

Raley’s Customers’ Information Possibly Compromised After Cyber Attack

06/06/2013 17:47 (CBS Sacramento)

Raley s Customers Information Possibly Compromised After Cyber Attack WEST SACRAMENTO (CBS13) Raley s is investigating if customers financial...

P2P Botnets Keep Growing

06/06/2013 16:52 (Isssource.com)

...at Damballa said there has been a five-fold increase in the number malware samples spread via peer-to-peer during the past 12 months. ZeroAccess...

06/06/2013 16:16 (Infosecurity)

...them from undermining our economy and compromising U.S. national security. State-affiliated cyber-espionage campaigns were responsible for one-fifth...

Global Cybercrime Botnet Breached

06/06/2013 15:16 (Isssource.com)

...employed more than one thousand botnets to infect computers with Citadel malware. Once infected, the victim s keystrokes ended up monitored and...

Speeding Up System Forensics

06/06/2013 14:45 (Isssource.com)

...research to work through Concordia s partnership with Canada s National Cyber-Forensics and Training Alliance. This alliance allows law enforcement...

U.S. Veterans Affairs Dept. repeatedly targeted by foreign hackers

06/06/2013 14:14 (Help Net Security)

...state-sponsored entities - some were organized and executed by cyber crime syndicates looking for information they could sell or use themselves...

Obama and Xi fail to bridge cybersecurity gap

06/10/2013 05:59 (WFMZ-TV 69 News)

...state-sponsored cyberweapons has also been reported in recent years, with names like Stuxnet, Duqu and Flame. The U.S. government is widely believed...

Week in review: NSA spying scandal, EU net neutrality, and vulnerable smart TVs

06/10/2013 05:18 (Help Net Security)

...aimed at U.S. woman critical of Turkish movement A failed phishing attempt aimed at an unnamed woman openly critical of the Gülen Movement has...

Israeli leader accuses Iran of cyberattacks

06/10/2013 05:05 (Computerworld Malaysia)

77 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide ...trying to develop a nuclear bomb. Israel is a world leader in cyber security, thanks in large part to expertise developed in shadowy high-tech...

Average cost per data breach has increased by 23 percent: Symantec

06/10/2013 04:14 (Computerworld Malaysia)

...also a worldwide problem. "We are moving away from the era of the mass cyber crime threat to the age of the targeted attack," he said. "That...

Brace for malware-fighting IE, Office patches

06/10/2013 03:17 (Computerworld Malaysia)

Brace for malware-fighting IE, Office patches Microsoft will patch this week a vulnerability in versions 6 through 10 of Internet Explorer, plugging...

Pentagon Five-Year Cybersecurity Plan Seeks $23 Billion

06/10/2013 02:16 (Bloomberg)

...the $3.94 billion budgeted this year. The five-year cyber-expense budget obtained by Bloomberg News calls for spending to remain elevated from...

Cyberthreats Evolve Inside Cloud, Mobile

06/10/2013 01:00 (Arkansas Business)

...Cloud, Mobile The vast and changing world of computer viruses and malware requires a similarly vast world of security to counteract it, especially...

Targeted cyberattacks can’t be prevented: ISACA

06/09/2013 16:36 (ComputerWorld)

...advance with people who can help when the attack comes; such as malware specialists, denial-of-service response services, forensic teams and...

Obama says US, China must develop cyber rules

06/09/2013 13:12 (The Daily Times (AP))

...issues Pushing back against the notion that the controversy over widespread government surveillance by the U.S. undercut his credibility to take...

06/09/2013 11:44 (Computerworld Malaysia)

...or do something they shouldn't do if they were mindful of computer security at all times." The increased presence of employees' personal devices...

U.S. helps allies battle cyberattacks

06/09/2013 08:46 (The Columbus Dispatch)

...for a new era of digital conflict, in this case assuring the defense of computer networks and, if necessary, striking back against assaults.

Failure of cybersecurity bill raises hacking fears

06/08/2013 23:23 (GreenvilleOnline.com (AP))

...with a data breach because of the Legislature s failure to pass cyber-security legislation this year and a budget proviso that makes it voluntary...

Researchers find self-propagating Zeus variant

06/11/2013 05:51 (Help Net Security)

...usually spread via exploit kits (drive-by-downloads), phishing schemes, and social media, but Trend Micro researchers have recently spotted a...

Digital forensics professionals to get global certification

06/11/2013 05:27 (Computer World Singapore)

Digital forensics professionals to get global certification Non-profit certification body (ISC) is preparing to launch what it believes is the...

Cyber threat hunting service from Dell SecureWorks

06/11/2013 03:15 (Help Net Security)

...access privileges laterally across the network and introduce additional malware into the environment to maintain a persistent presence. Most...

Maryland suburbs are front line in cyber war

06/11/2013 02:24 (Richmond Times-Dispatch (AP)) 79 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide Maryland suburbs are front line in cyber war State s largest employers form a Silicon Valley of intelligence, data gathering WASHINGTON The front...

Twitter unveils more secure two-step process for logging in

06/11/2013 01:00 (The Providence Journal (AP))

...content around a news story is available from many sources, the spread of malware and system viruses also increases. If you see a story or photo on...

New backdoor malware 'KeyBoy' used in targeted attacks in Asia, researchers say

06/10/2013 23:12 (Computer World Singapore)

New backdoor malware 'KeyBoy' used in targeted attacks in Asia, researchers say Users from Vietnam, India, China, Taiwan and possibly other countries,

Web Hosting Provider Hacked

06/10/2013 18:22 (Isssource.com)

...Hetzner told its customers after discovering an unknown piece of malware in its internal monitoring systems. The backdoor they ve discovered...

91% of mobile apps expose personal information

06/10/2013 15:47 (Infosecurity)

...are increasingly on the rise, not only in the form of malware but also just lax security guards within applications. Veracode conducted an analysis...

(ISC)² develops cyber-forensics certification

06/10/2013 15:15 (Infosecurity)

(ISC)2 develops cyber-forensics certification (ISC)2 has developed a new certification, the Certified Cyber Forensics Professional (CCFPSM),

Security firm discovers 'most sophisticated Android trojan' to date

06/10/2013 11:32 (News 10)

Security firm discovers 'most sophisticated Android trojan' to date Tech website Mashable is reporting an Android Trojan virus has been discovered...

06/10/2013 10:07 (Computerworld)

New backdoor 'KeyBoy' malware hits Asia with targeted attacks The malware steals credentials and allows attackers to execute commands on infected...

U.S. - China Cyber Security Stalemate Continues

06/10/2013 09:37 (Bloomberg)

U.S. - China Cyber Security Stalemate Continues June 10 (Bloomberg) -- Bloomberg s Hans Nichols reports on the concluding U.S. - China summit...

Microsoft Citadel takedown ultimately counterproductive

06/10/2013 09:00 (Help Net Security) sinkhole malicious botnet domains (not only limited to any specific Trojan / malware family) and report them to Shadowserver," he explains. "Shadowserver,

QualysGuard Express Lite released

06/10/2013 08:01 (Help Net Security)

...abuse to take control of servers and steal data. Website malware detection. Alerts for malicious code lurking in businesses websites that could...

EU to vote on stiffer penalties for hackers

06/10/2013 07:29 (Help Net Security)

EU to vote on stiffer penalties for hackers Member states of the European Union might soon be creating new laws that will raise minimum prison...

Cyber Attacks Focusing on Infrastructure, Not Data

06/10/2013 07:22 (Bloomberg)

...Massachusetts Institute of Technology, talk about the challenges in global cyber security. They speak with Guy Johnson on Bloomberg Television's...

Cisco Launches Platform Exchange Grid

06/12/2013 05:49 (Infosecurity) 81 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide combining Cisco s NetFlow and ISE with Lancope s SIEM. It is a cyber defense trifecta, comments Bart Lauwers, VP of IT infrastructure, that gives...

How to protect yourself from becoming a target for cybercrime

06/12/2013 05:07 (Vancouver Sun)

Interview: Cyber attacks in a changing landscape

06/12/2013 03:59 (Computerworld Malaysia) and the second, in attacking with sophisticated attacks through spear-phishing and social media. This evolution of the attackers to these types...

Trend Micro releases web app security offering

06/12/2013 03:43 (Help Net Security)

...extends beyond vulnerabilities alone to include web application malware checking and web reputation management giving organizations a complete...

Worldwide security market to grow in 2013

06/12/2013 02:29 (Help Net Security)

...prevention), most often by using custom or dynamically generated malware for the initial breach and data-gathering phase. Advanced attackers...

Students find cyber attacks concerning

06/12/2013 01:59 (The Crimson White)

...thought the military email address she used to contact her source would end up hacking her computer. The U.S. Armed Forces sent me two emails...

Australia under attack from cyber spies

06/12/2013 01:51 (Computer World Australia)

Australia under attack from cyber spies The attacks are getting more frequent and more serious, says one of the country's top security chiefs...

06/12/2013 00:26 (Washington Post - Bloomberg)

...transparency, Microsoft wrote in an e- mailed statement. Academics and computer-security specialists say there s a broad range of ways to harness...

Bromium aims to protect users on the move with upgraded virtualization software

06/11/2013 23:28 (Computer World Singapore)

...Windows in a micro-VM on the fly, and guarantees that any malware the users come across will be defeated and discarded without the user noticing,

Kaspersky Lab discovers Android Trojan that behaves like Windows malware

06/11/2013 22:48 (Computerworld Malaysia)

Kaspersky Lab discovers Android Trojan that behaves like Windows malware Kaspersky Lab has discovered a sophisticated Windows-like Android Trojan...

Australian security market tipped to grow 12 per cent: Gartner

06/11/2013 22:11 (Computer World Australia)

...on the target organisation's internal network either through the use of malware or, even if the malware is detected and removed, via post malware...

Android Trojans spread by Bluetooth, hijack bank codes

06/11/2013 21:45 (Computer World Singapore) was recently discovered by Kaspersky Lab in an Android application. The malware is a multi-functional Trojan that can send SMS messages to premium...

Cloud Security Draft Document

06/11/2013 18:07 (Isssource.com)

...cloud. The Risk Management Framework helps federal organizations create a computer security plan based on an organization s risk tolerance and how...

Malware Disguises as Antivirus

06/11/2013 16:30 (Isssource.com) 83 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide Malware Disguises as Antivirus A piece of malware called Bicololo, originally designed to target Russian Internet users, is now evolving. A new...

New Forensics Certification Program

06/11/2013 15:46 (Isssource.com)

...new testing and certification program designed to help validate the skills of digital forensics professionals. (ISC)2, which has certified the...

Self-Propagating Trojan Lives On

06/11/2013 15:27 (Isssource.com)

...Trojan usually spreads in exploit kits via drive-by-downloads, phishing schemes, and social media, however, Trend Micro researchers just found...

More than half of US Fortune 500 firms would face “serious harm” from a cyber attack

06/11/2013 11:38 (Canadian Insurance)

Washington Free Beacon website redirects to malware

06/11/2013 10:22 (Help Net Security)

Washington Free Beacon website redirects to malware A "big" story like that regarding NSA spying was bound to be used by cyber crooks as a lure.

Australia under attack from cyber spies

06/13/2013 04:27 (Computerworld Malaysia)

Australia under attack from cyber spies The attacks are getting more frequent and more serious, says one of the country's top security chiefs...

DHS finds classified cyber sharing program slow to take off

06/13/2013 02:44 (FederalNewsRadio.com)

...companies that receive classified or top secret information from the government about real or potential threats. While many companies are interested,

At halfway mark, industry driving critical infrastructure cyber framework

06/13/2013 01:27 (FederalNewsRadio.com) 84 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide ...about 14 years ago. Not just us, but many others in government. As a consequence, we have system administrators who are contractors working and...

Google Finds Hacking Attempts On Eve Of Iran Election

06/13/2013 00:36 (CBS San Francisco)

...three weeks, we have detected and disrupted multiple email-based phishing campaigns, Eric Grosse, the vice president for security engineering,

Cyber war 'could kill millions'

06/12/2013 23:51 (Computerworld Malaysia)

Cyber war 'could kill millions' US cyber security expert Scott Borg has told a conference cyber attackers could completely destroy power generators...

Cyberattackers under attack

06/12/2013 23:46 (StarTribune.com)

Security platform provider FireEye says a single organization is targeted by malware about every three minutes. From detection to damage control,

SMS spam cruises for suckers

06/12/2013 23:05 (Computerworld Malaysia)

...pay for the texts. As popular as scams were during the month, bank phishing text spam was even more popular, making up more than 30% of the more...

Gartner: Start security monitoring in the public cloud

06/12/2013 21:36 (Computer World Singapore)

...traffic." Most security monitoring today is done on-premises within the enterprise network using SIEM, intrusion- prevention systems (IPS) and data-loss...

State Plan For Cyber Threats To Electric Grid Taking Shape

06/12/2013 18:08 (CTnow.com)

State Plan For Cyber Threats To Electric Grid Taking Shape Utilities Cooperating With Regulators On Plan Dan Esty, the state's energy commissioner,

06/12/2013 18:03 (CTnow.com)

NSA chief says U.S. infrastructure highly vulnerable to cyber attack WASHINGTON (Reuters) - U.S. critical infrastructure - which ranges from...

Internet should be prepared for “militarisation”: UK ministry report

06/12/2013 17:50 (ComputerWorld)

...weapon of war against other nations, they should avoid creating malware that will proliferate and cause wider harm. Rising alarm Transparency...

Sourceforge accounts hosting malicious files

06/12/2013 16:29 (Help Net Security)

...source code repository Sourceforge has once again been misused by malware peddlers to host malicious files. A considerable number of malware...

Surveillance Thwarted Dozens of Attacks, NSA Chief Says

06/12/2013 16:18 (Bloomberg)

...the leaks, to focus on how the U.S. is countering hacking threats, and Alexander didn t discuss specifics of the classified programs to collect...

Gartner analysts drop the bomb on cyberwar hysteria

06/12/2013 15:05 (Infosecurity)

Regardless of potential impacts, duck and cover will hardly work for a cyber-attack present or future. Hunter then amused the audience with a...

Backdoor Malware Targets Asian Users

06/12/2013 14:55 (Isssource.com)

Backdoor Malware Targets Asian Users Vietnam, India, China, and Taiwan users were a part of an attack campaign that uses Microsoft Word documents...

06/12/2013 14:14 (Isssource.com)

News Site Free after Malware Attack The Washington Free Beacon website is back up and running as normal after suffering a compromise that redirected...

Microsoft Windows Azure Fights Against Botnets

06/12/2013 14:13 (CloudTimes)

Microsoft Windows Azure Fights Against Botnets The cybercrime is a fairly recent phenomenon, but it has already proven its negative effects for...

NSA chief defends his dual cyber, intel roles

06/12/2013 13:03 (Politico)

...yearly defense policy bill to bring new oversight to the government s cybersecurity capabilities. They proposed that the independent Defense...

Dangerous Computer Viruses Often Go Undetected

06/12/2013 12:04 (SBWire)

...Computer Viruses Often Go Undetected Consumers often unaware of serious malware infections, reports virus removal experts at OnlineVirusRepair.com.

NSA leaker: US hacking computers in China, Hong Kong

06/12/2013 11:17 (The Hill - Blog)

...borders that have launched cyberattacks against American companies. Computer security firm Mandiant released a report this February that said...

Interview: Evolving threats

06/14/2013 05:28 (Computer World Singapore)

...answers. How is risk management different from data protection or malware attacks? Risk Management covers a broad spectrum of disciplines and...

Medical device makers at risk for cyberattacks

06/14/2013 03:00 (The Journal Gazette)

87 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide ...cases in which patients have been directly injured because of a device compromised by a computer virus. And there is no evidence that any implantable...

G-20 urged to treat cyberattacks as threat to global economy

06/14/2013 01:20 (The Seattle Times)

...well-being of the world. In March, criminals launched a computer virus that penetrated financial institutions in South Korea. The malware code was...

U.S. Agencies Said to Swap Data With Thousands of Firms

06/13/2013 23:32 (Bloomberg)

...government seeks, the person said. McAfee firewalls collect information on hackers who use legitimate servers to do their work, and the company...

Microsoft criticized for botnet takedown tactics

06/13/2013 22:03 (Computer World Singapore)

...it had disrupted more than 1,400 botnets using the Citadel malware, which affected more than 5 million people worldwide. Microsoft called the...

US FDA calls on medical device makers to focus on cybersecurity

06/13/2013 21:42 (Computerworld Malaysia)

Medical device makers should take new steps to protect their products from malware and cyberattacks or face the possibility that U.S. Food and...

UM Warns Ticket Buyers Of Security Breach

06/13/2013 19:07 (CBS Detroit)

...full-scale, internal investigation is underway with outside computer forensic and cyber security experts. Although our internal investigation...

Who's Really in Control of Cyber Security?

06/13/2013 17:43 (Bloomberg)

Who's Really in Control of Cyber Security? June 13 (Bloomberg) -- Prevendra President and CEO Christopher Burgess and Sophos Senior Security...

06/13/2013 17:28 (Infosecurity) successful exploitation only requires a customer to fall for a phishing campaign, accessing maliciously created Adobe Flash content in an email...

CISSP - the essential cyber security qualification

06/13/2013 16:16 (24-7 Press Release)

Top five cyber security titles that shed light on cyber risk

06/13/2013 16:16 (24-7 Press Release)

Internet Trouble Brewing in Iran Before Presidential Election

06/13/2013 15:55 (Bloomberg)

...there's been a "significant jump" in the volume of "phishing" campaigns originating from the country. Phishing e-mails are designed to trick...

Cyber-security activities with China blocked in House vote

06/13/2013 15:51 (The Hill - Blog)

Cyber-security activities with China blocked in House vote The House approved language late Thursday that would prevent the Department of Defense...

Malware in Canada Among Worst in World, Report Reveals

06/13/2013 15:41 (Technology news - Techvibes.com)

Botnet Hurt, so are Researchers

06/13/2013 15:30 (Isssource.com)

...by groups such as the Shadowserver Foundation to track the activity of malware networks, such as reporting on the IP address of zombies that...

06/13/2013 13:40 (Tech & Gadget - MSN CA)

Google warns Iranian users of politically-motivated phishing

06/13/2013 11:04 (Help Net Security)

Google warns Iranian users of politically-motivated phishing A massive phishing campaign believed to be motivated by the upcoming Iranian presidential...

Eight charged for hacking global financial institutions

06/13/2013 09:34 (Help Net Security)

One in ten new user accounts created to perpetrate fraud: ThreatMetrix

06/17/2013 06:07 (Computerworld Malaysia)

...attack rate in six months reflected the increasing use of banking malware to steal financial details, as well as an increasing percentage of...

Week in review: Reactions to PRISM, and the question of whether or not to hack back

06/17/2013 05:20 (Help Net Security)

...in India, Malaysia, Singapore, and Vietnam have been receiving spear-phishing emails related to diplomatic discussions in the Asia-Pacific region...

Account takeover attempts have nearly doubled

06/17/2013 05:20 (Help Net Security)

...this dramatic increase:Sophisticated credit card cyber gangs adopting banking malware, normally used to hijack bank accounts, to steal full credit...

Federal regulators address rising security risk to medical devices

06/17/2013 03:22 (Computer World Singapore)

...guidance to medical-device makers reflects the growing risk hackers and malware present to the lives of hospital patients. The FDA issued its...

ATT Hacker Weev Is Flashpoint for Website Crime Law

...against Auernheimer. He described how he carried out his attack by writing computer code to generate iPad identification numbers. Auernheimer...

Apple's security strategy: make it invisible

06/16/2013 22:17 (Computerworld Malaysia)

...away for the average user. Apple certainly can't stop the onslaught of phishing attacks. But it can add a built-in, cloud- based password manager...

Bank of England ranks cyber attacks above Eurozone crisis as biggest threat

06/16/2013 21:56 (Computer World Singapore)

...in the UK, four of the banks had claimed that the threat of cyber attack now present a major threat to their stability - more so than even the...

NSA’s Keith Alexander seeks cyber shield for companies

06/16/2013 18:56 (Politico)

...seeks cyber shield for companies Even as he defends controversial government surveillance programs, the head of the National Security Agency...

Computer Virus Affecting Internet, Millions Of Users

06/16/2013 18:18 (DigTriad.com)

Computer Virus Affecting Internet, Millions Of Users A computer virus infecting one in every 17 e-mails is quickly spreading across the internet...

Businesses feeling the bite of cyber crime

06/16/2013 00:00 (Richmond Times-Dispatch (AP))

Businesses feeling the bite of cyber crime As hacker attacks rise, businesses also feel the bite of legal penalties for taking poor security...

And the botnets will get you

06/15/2013 20:05 (Examiner.com - California)

91 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide And the botnets will get you Another major cyber crime ring was uncovered and the members sentenced several months ago when the 10 members of...

Obama’s Cybersecurity Plan

06/15/2013 20:02 (GlobalResearch.ca)

Companies fighting back against hackers

06/15/2013 17:26 (Akron Beacon Journal)

...back has become part of a serious debate among companies, lawmakers and cyber-security experts. From a technical perspective, it s not that challenging,

Is Google A Computer Security Threat?

06/15/2013 14:11 (Yahoo! Finance Canada)

Little thumb drives now a big security threat

06/15/2013 08:35 (USA Today)

...Jevans, founder of Marble Security and current chairman of the Anti-Phishing Working Group, outlines how the little thumb drive has become a security...

Cybersecurity fears raise medical-device standards

06/15/2013 08:22 (Daily Herald)

...patients. Increasingly, officials said, computer viruses and other malware are infecting equipment such as hospital computers used to view X-rays...

Man convicted of stealing thousands from drivers is sentenced

06/18/2013 05:40 (Yahoo! News Canada)

US, Russia create communications link on cyber security

06/18/2013 05:38 (Computerworld Malaysia)

US, Russia create communications link on cyber security The United States and Russia have signed a landmark agreement to reduce the risk of conflict...

06/18/2013 05:03 (Infosecurity)

...think this relationship is the most important bilateral relationship in the world and cyber[security] is at the heart of this , Mullen opined.

Most data breaches caused by human error, system glitches

06/18/2013 04:39 (Computerworld Malaysia)

...in preventing data breaches. When it comes to data breaches, hackers and organized crime garner most of the headlines, but most data breaches...

Editorial: Cyber plans show some good planning

06/18/2013 01:29 (The News-Herald)

...operations," or DCEO, involve reaching outside of U.S. government networks to stop an assault or imminent threat. "Offensive cyber effects operations,"

Rising SSL traffic to degrade firewall performance

06/18/2013 00:45 (Computer World Singapore)

...blind spots during traffic inspection, increasing the chance of malware getting through. Hackers behind advanced persistent threats, which are...

Cisco impresses with first crack at next-gen firewall

06/17/2013 23:34 (Computerworld Malaysia)

...when adding other security features to the ASA, such as IPS and anti-malware scanning, and will continue to take, as add-ons like web security...

Do Microsoft's vulnerability tip-offs give the U.S. a cyber sword or a cyber shield?

06/17/2013 22:29 (Computer World Singapore)

...what if, before a patch was issued, the U.S. government was able to exploit those vulnerabilities using information fed to it by Microsoft? That's...

Cyberattacks on the rise as credit, debit card numbers become commodities

06/17/2013 22:05 (The Sacramento Bee) 93 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide ...Martin's American Bistro and even the city of Sacramento have had their computer systems hacked or compromised. It's part of a shift from mass...

More malware is traveling on P2P networks these days

06/17/2013 21:53 (Computerworld Malaysia)

More malware is traveling on P2P networks these days Hackers have found a devious new way to disseminate malware: They're using peer-to-peer...

Why we can't stop malicious insiders

06/17/2013 21:29 (Computerworld Malaysia)

...a greater threat to organizations, both public and private, than hackers. And the world got another illustration in support of that argument...

Breach Discovery: 10 Hours

06/17/2013 19:05 (Isssource.com)

...threat detection (74 percent), perimeter threats (78 percent), Zero Day malware (72 percent) and compliance controls (80 percent). However, of the...

Canada: A global haven for cybercriminals

06/17/2013 16:58 (Infosecurity)

Molson and hockey: It now has the third largest volume of hosted advanced malware command-and-control servers, according to a new study. Foreign...

On Computers: Programming trick opens your system to virus attacks

06/17/2013 13:46 (The Evening Times)

On Computers: Programming trick opens your system to virus attacks Computer and tablet users often wonder how they pick up viruses by simply...

What's next for Wi-Fi?

06/17/2013 13:07 (ComputerWorld)

...existing infrastructure as you await these new developments. Click here ... Read more about anti-malware in Network World's Anti-malware section.

06/17/2013 12:58 (Infosecurity)

...Labs, Moniz said. Vulnerabilities in IT systems that underpin critical infrastructure like the energy grid, water supply facilities, oil and...

Tech-Friendly: Update your browser for safe computing

06/19/2013 01:06 (The Rock River Times)

...up-to-date will help prevent attacks from drive-by malware on infected websites. Perfectly legitimate websites can be and have been infected...

Source code for Carberp financial malware is up for sale at a very low price, researchers say

06/18/2013 23:25 (Computer World Singapore)

Source code for Carberp financial malware is up for sale at a very low price, researchers say The source code for the Carberp banking Trojan...

Australians fleeced out of $93 million in 2012: report

06/18/2013 21:51 (Computerworld Malaysia)

...of scams with the ACCC noting that the Microsoft Event Viewer computer virus scam continued to target Australians. The public was also subjected...

Start-up tackles advanced persistent threats on Microsoft, Apple computers

06/18/2013 21:50 (Computerworld Malaysia)

...to take over computers by adversaries looking to infiltrate the corporate network an attack often called an "advanced persistent threat" (APT),

Alcatel-Lucent launches 'The Shift Plan' to focus on IP Networking and Ultra-Broadband Access

06/18/2013 21:01 (Reuters US News)

...start-ups, as well as on partnerships and co-developments (such those as in cyber-security). Customer focus Alcatel- Lucent's new product and platform...

Microsoft says it freed millions of computers from criminal botnet

06/18/2013 19:04 (Yahoo! News Canada) 95 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide Cyber-thieves: More tips on how to protect yourself from credit card theft

06/18/2013 17:57 (Blogs and Columnists - The Sacramento Bee)

...Consumer and Small Business Marketing with Symantec, a Mountain View-based computer security firm. "It's essential that people learn to spot...

Malware swarming on P2P networks

06/18/2013 17:29 (Infosecurity)

Malware swarming on P2P networks For all of their benefits when it comes to enabling consumer communication, peer-to- peer networks have been...

HUG: Security, Safety Tech Talk

06/18/2013 17:18 (Isssource.com)

...users minds just like safety. I urge each one of you to treat cyber security as you would process safety, said Jason Urso, vice president and...

F-Secure advances fight against exploits

06/18/2013 15:21 (Help Net Security)

...computer s installed applications to access the computer and infect it with malware that can spy on the user, steal passwords or other sensitive...

The security of WordPress plugins

06/18/2013 13:01 (Help Net Security)

...allow hackers to use the platform as vehicles for mass infections and malware distribution. Since Checkmarx did not focus on the security of the...

Definition of 'critical infrastructure' falls short

06/18/2013 10:04 (USA Today)

Definition of 'critical infrastructure' falls short (Editor's note: In this guest essay, Mercedes Kelley Tunstall, a privacy and data security...

06/18/2013 10:00 (HBR Blog Network)

The Public/Private Cooperation We Need on Cyber Security Not that long ago, cybersecurity was an issue for the back room. Now, it's made its...

Is your password putting you at risk to cyber thieves?

06/18/2013 09:07 (CTV British Columbia News)

Free anti-spam software for the Mac

06/18/2013 08:23 (Help Net Security)

...email to eliminate messaging threats, protecting them against spam, phishing and email-borne viruses. With this release, Cloudmark DesktopOne...

Key obstacles to effective IT security strategies

06/18/2013 07:02 (Help Net Security)

...confidence of executive teams when it comes to their business s cyber defense strategy, compared with the views of the technicians tasked with...

Hacking threat and tougher data laws promise insurance boom

06/20/2013 06:23 (Yahoo! News Canada)

Microsoft offering hackers $1mln for finding bugs in Windows

06/20/2013 05:24 (Yahoo! Canada Finance)

Kaspersky Lab Report: 37.3 Million Users Experienced Phishing Attacks in the Last Year

06/20/2013 02:45 (Yahoo! Canada Finance)

Trojan Uses Fake Adobe Certificate

06/20/2013 01:08 (Isssource.com)

...Certificate It s not uncommon for cybercriminals to sign their malware with digital certificates, because the technique increases the chances...

06/19/2013 23:28 (Computerworld Malaysia)

...continues to be Public Enemy No. 1 when it comes to computer and network security. Oracle released a huge update for the virtually ubiquitous...

5 BYOD Pitfalls and How You Can Avoid Them

06/19/2013 23:10 (ComputerWorld)

These apps can lead to corporate data leakage, open the doors to malware or bring the potential to make workers unproductive. BYOD's early adopters...

Why two-factor authentication isn't a cure-all

06/19/2013 20:27 (USA Today)

...must operate on the service itself: with the diversity of malware, phishing schemes, and online vulnerabilities, sites cannot expect optional...

Many companies are negligent about SAP security, researchers say

06/19/2013 19:24 (ComputerWorld)

Polyakov said. A cyberwar-like scenario where someone creates a computer worm to attack SAP systems and disrupt business at major companies in...

Acceptable risk

06/19/2013 17:34 (ComputerWorld)

...about what the risks are, he says. Willem van der Steen Mobile malware on the rise Research firm Gartner predicts that, through 2014, employee-owned...

(ISC)2 opens nominations for GISLA

06/19/2013 17:25 (Infosecurity)

...infrastructure in the wake of President Obama s February executive order, cyber-security is top of mind. Awards are given in several categories...

Oracle patches 40 critical Java flaws

06/19/2013 16:48 (Infosecurity) 98 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide ...security bulletin. It s a sentiment echoed by the Department of Homeland Security s Computer Emergency Readiness team (US-CERT), which said that...

Cyber threats and leaks spur increased security focus

06/19/2013 14:18 (Yahoo! News)

Cyber threats and leaks spur increased security focus By Andrea Shalal-Esa PARIS (Reuters) - Increased cyber espionage by China and recent leaks...

65+ websites compromised to deliver malvertising

06/19/2013 14:16 (Help Net Security)

...least 65 different sites serving ads that ultimately led to malware have been spotted by Zscaler researchers. The massive malvertising campaign...

Make way for the variants: Carberp source code goes on sale for $5K

06/19/2013 11:39 (Infosecurity)

...CVE-2012-1864; and so-called Web inject scripts that allow the malware to interact with different online banking websites. The sale will inevitably lead...

Highland Park hacker wins award for wearing a 'white hat'

06/19/2013 11:05 (Los Angeles Times)

...through the CyberPatriot competition in high school. He went on to start a cyber defense team in college. This year, that eight-person squad placed...

Tech companies eye security that goes beyond passwords

06/19/2013 10:03 (The News & Observer)

...probably small. Although many people are willing to endure extra security to access computer systems for their jobs or to protect their banking...

Obama takes NSA controversy to cyberrights watchdogs

06/21/2013 07:08 (KITV.com)

...meant to guard Americans' right to privacy against overreach by government cyber intelligence has been around for years. Details of thwarted...

06/21/2013 03:48 (Help Net Security)

...requirements, encryption, or locked office doors. Hack attacks such as phishing, injection of malware or keystroke loggers, denial-of-service...

FBI field director speaks about emerging terrorism, cyber threats at Chamber of Commerce breakfast

06/21/2013 00:00 (SouthCoastToday.com (AP))

...what the bureau considers to be the top emerging threats to national security and the economy, citing cyber attacks on the electrical grid and...

Most notable tech industry deaths of 2013

06/20/2013 21:13 (ComputerWorld)

...programming languages and compilers, grammatical inference, operating systems, computer and network security, and e-commerce technologies. *Aaron...

Computer virus scam targets elderly

06/20/2013 18:44 (News 4 Jax)

Computer virus scam targets elderly Pop-up ad claims to be FBI alert The views expressed are not those of this company or its affiliated companies.

Web's Reach Binds N.S.A. and Silicon Valley Leaders

06/20/2013 18:00 (Pittsburgh Post-Gazette)

Alexander, the agency's director and the chief of the Pentagon's Cyber Command, showed up at one of the world's largest hacker conferences in...

Hagel discusses ‘State of DoD’ in Nebraska speech

06/20/2013 18:00 (The Fort Campbell Courier)

Hagel discusses State of DoD in Nebraska speech WASHINGTON, D.C. In a wide-ranging speech given today at the University of Nebraska at Omaha,

(ISC)² launches Cyber Warrior Scholarship for veterans

...the military that, with additional training, can lead to successful cyber and information security careers. Booz Allen is proud to support a...

NSA contractor hired Snowden despite concerns about resume

06/20/2013 16:57 (The Baltimore Sun)

..."estimated" he would receive a master's degree in computer security from Liverpool sometime this year. Some of the educational information listed...

High School Students Learn to Fight Cyber Terrorists

06/20/2013 16:16 (NBC San Diego)

...This is not your typical summer camp. San Diego-based Internet security company ESET is hosting Cyber Boot Camp this week. It s an intensive...

Cybersecurity is a business imperative

06/20/2013 14:43 (Help Net Security)

Cybersecurity is a business imperative While cybercrime threats are on the rise, current attempts to counter them remain largely unsuccessful.

FDA Cautions About Cybersecurity

06/20/2013 14:20 (Medical Device Summit)

...cyberattack, which could be initiated by the introduction of malware into the medical equipment or unauthorized access to configuration settings...

Twitter lawyer appointed to senior White House technology role

06/20/2013 11:38 (Reuters US News)

Congress and the White House have been arguing about how best to address cyber security for more than a year. Last month, the House of Representatives...

Tips for testing your mobile app security

06/20/2013 08:35 (Computer World Australia)

101 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide ...application" (BYOA), because many public app stores have serious malware problems. Enterprise app stores could be the answer. Gartner is predicting...

Take a data-centric approach to securing information in the cloud to protect against the risks of privileged users

06/20/2013 02:40 (Computer World Australia)

...Computerworld's Business & Government newsletter ] [ IN DEPTH:Biggest insider threat? Sys admin gone rogue] An organization's ability to meet...

Why social networks draw scams (and how to avoid them)

06/24/2013 00:18 (Computer World Singapore)

...Marathon bombings and victims in the hours after the incident. The hack of the Associated Press Twitter account was perhaps the first time we...

China 'gravely concerned' by Snowden's claims of U.S. cyber attacks on China

06/23/2013 23:48 (The Morning Call)

...express grave concern about the recent disclosures of the U.S. government's cyber attacks on China," Foreign Ministry spokeswoman Hua Chunying...

First ransomware app targeting Android devices spotted in the wild, Symantec says

06/23/2013 23:06 (Computer World Singapore)

...will not have the capability to uninstall the malicious app as the malware will attempt to prevent other apps from being launched. The threat...

Africa increases cybersecurity efforts

06/23/2013 22:23 (Computerworld Malaysia)

...cybersecurity efforts. African countries have recently suffered an increase in phishing scams, malware, advance-fee scams (commonly known as...

Fake AV and ransomware: Coming soon to an Android device near you

06/23/2013 21:40 (Computerworld Malaysia)

...you Symantec has uncovered a new Android threat you might recognize from PC malware--fake antivirus and ransom ware attacks. A message on your...

06/23/2013 21:40 (Computerworld Malaysia)

...are planning to target smartphone users with this lucrative form of malware. The bogus antivirus software, dubbed Fakedefender, is the first...

Nothing Is Safe in Cyberspace: Pro

06/23/2013 20:34 (CNBC)

...Bavisi, President & CEO of EC Council says "snooping around" is not new, but the expanding arena of cyber crime is re- defining modern warfare.

Pentagon ban on portable flash drives has many exceptions

06/23/2013 15:29 (The Trentonian) he said. Steven Bucci, a former Pentagon official and now a cyber security expert for the conservative Heritage Foundation think-tank, said a...

Helpdesk: External hard disk helps you back up files and prevent losing valuable data

06/22/2013 18:01 (Ventura County Star (AP))

...that the external drive will fail or that you may someday back up a computer that contains a virus, then a second external hard disk would help.

On computers: Trick opens your system to virus attacks

06/22/2013 11:14 (The Journal-Standard)

On computers: Trick opens your system to virus attacks Computer and tablet users often wonder how they pick up viruses by simply surfing the...

The coming of China-U.S. cyber war

06/22/2013 00:00 (The Marietta Times)

The coming of China-U.S. cyber war The cyber warfare between Washington and Beijing is becoming more intense, as Edward Snowden the Whistleblower...

A primer in malware: viruses, spyware and bots, oh my

06/21/2013 21:44 (The Seattle Times) 103 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide A primer in malware: viruses, spyware and bots, oh my Q. You frequently mention malware and viruses in your column. Just what is malware? Is...

U.S., Russia Cyber Hotline

06/21/2013 15:15 (Isssource.com)

...U.S. and its Russian counterpart will exchange information on any malware that appears to originate in the other country. The Nuclear Risk Reduction...

Apple IDs a Hacker’s Delight

06/21/2013 14:56 (Isssource.com)

...around 1,000 daily instances in which their customers accessed Apple phishing websites, according to Kaspersky Labs. Since the beginning of 2012,

UK Home Office kicks off £4 million cyber-awareness campaign

06/21/2013 14:50 (Infosecurity) designed to educate businesses and citizens about rising hacker threats. The government plans to use the money to launch the first stage of the...

Obama takes NSA controversy to cyberrights watchdogs

06/21/2013 07:08 (KITV.com)

...meant to guard Americans' right to privacy against overreach by government cyber intelligence has been around for years. Details of thwarted...

FBI field director speaks about emerging terrorism, cyber threats at Chamber of Commerce breakfast

06/21/2013 00:00 (SouthCoastToday.com (AP))

...what the bureau considers to be the top emerging threats to national security and the economy, citing cyber attacks on the electrical grid and...

Most notable tech industry deaths of 2013

06/20/2013 21:13 (ComputerWorld)

...programming languages and compilers, grammatical inference, operating systems, computer and network security, and e-commerce technologies. *Aaron... 104 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide Hagel discusses ‘State of DoD’ in Nebraska speech

06/20/2013 18:00 (The Fort Campbell Courier)

Hagel discusses State of DoD in Nebraska speech WASHINGTON, D.C. In a wide-ranging speech given today at the University of Nebraska at Omaha,

(ISC)² launches Cyber Warrior Scholarship for veterans

06/20/2013 17:56 (Infosecurity)

...the military that, with additional training, can lead to successful cyber and information security careers. Booz Allen is proud to support a...

High School Students Learn to Fight Cyber Terrorists

06/20/2013 16:16 (NBC San Diego)

...This is not your typical summer camp. San Diego-based Internet security company ESET is hosting Cyber Boot Camp this week. It s an intensive...

Trend Micro and INTERPOL to fight cyber crime in unison

06/25/2013 05:33 (Computerworld Malaysia)

Trend Micro and INTERPOL to fight cyber crime in unison Trend Micro will deliver training programmes to INTERPOL, government and/or police organisations...

Cyber attack alert in South Korea

06/25/2013 01:56 (Computer World Singapore)

Cyber attack alert in South Korea On alert ... South Korea government warned to be wary of the possibility of cyber attacks. SEOUL: South Korea...

Indigenous cyber safety issues need addressing: report

06/25/2013 01:11 (Computer World Australia)

...Australians. [ Get the latest IT news on the Australian government and businesses in Computerworld's Business & Government newsletter ] Cyber...

Australian boards urged to wake up to cyber threat

06/24/2013 23:37 (Computerworld Malaysia) 105 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide ...action," she said. The warnings come as the federal government explores a proposal that would force companies to publicly disclose security breaches...

Malwarebytes pounces on exploit-blocking rival ZeroVulnerabilityLabs

06/24/2013 21:45 (Computerworld Malaysia)

...startup ZeroVulnerabilityLabs in an effort to broaden its appeal from simply fixing malware infections to blocking them before they occur. It's an...

UW Bothell launches Digital Future Lab

06/24/2013 18:07 (Bothell Reporter) which offers several new degrees including a Bachelor s in Interactive Media Design and a Master s of Science in Cyber Security Engineering.

Google implements Chrome app scanning for G+ developer site

06/24/2013 16:20 (Infosecurity)

...in the Flash implementations of Chrome. In April, a malware trojan was revealed as a malicious browser extension specifically targeting Chrome...

Fake anti-virus jumps from PCs to Android

06/24/2013 15:49 (Infosecurity)

...scheme is plaguing Android users by way of the well-known FakeAV malware, which has now made the leap from computers to mobile devices. According...

Barracuda Web Filter models with 10 GbE interfaces

06/24/2013 15:15 (Help Net Security)

...increased performance and capacity to offer comprehensive web content filtering and malware protection at multi-gigabit speeds. A recent IEEE report...

Cyber Security Depends on Education

06/24/2013 15:00 (HBR Blog Network)

Cyber Security Depends on Education We're facing an eyebrow-raising talent shortfall in cyber security. Consider the findings of a recent inquiry...

06/24/2013 14:18 (CIO Today)

...well as the individual's closest connections. "Rather than getting a phishing e-mail with a link from Facebook or another site, a fraudster could...

Nearly 200,000 new malware samples appear daily

06/24/2013 14:13 (Help Net Security)

Nearly 200,000 new malware samples appear daily Most companies greatly underestimate the number of new malicious programs appearing daily, and...

Carberp malware source code offered for sale with $50,000 price tag

06/24/2013 14:04 (Computer World Singapore)

Carberp malware source code offered for sale with $50,000 price tag The source code for the once-mighty Carberp bank Trojan is being offered...

Microsoft to reward hackers for finding bugs in Windows (amended)

06/24/2013 13:38 (Albuquerque News.Net)

...crime in which more than 500 million dollars were stolen from banks and Stuxnet virus, which attacked Iran's nuclear programme in 2010. The report...

Cybercrooks target SMBs with new types of attacks

06/24/2013 13:34 (Computerworld Malaysia)

Cybercrooks target SMBs with new types of attacks Ransomware, mobile malware and brute-force attacks aimed at small business are on the rise.

Android fake AV demands ransom, crashes

06/24/2013 13:05 (Help Net Security)

...download - and pay for - the full version that will supposedly remove the malware from the phone. If the victim declines to do so, the software...

06/24/2013 11:33 (Help Net Security)

...infrastructure required to effectively combat threats and eventually enhance digital security. In response, INTERPOL is establishing the INTERPOL...

5 steps to safer mobile device Web surfing

06/24/2013 11:16 (Appleton Post Crescent (AP))

Know where danger lurks. Yes, porn sites are risky. But malware can also be hidden on technology-related sites, Web advertisements, entertainment...

Week in review: Microsoft bug bounties, NSA, GCHQ surveillance, and the new issue of (IN)SECURE Magazine

06/24/2013 04:49 (Help Net Security)

...issue 38 released (IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Issue...

WordPress plugins leave you vulnerable to attack, and new devices 'protect you' from cellphone radiation

06/24/2013 04:48 (Computerworld)

...and App.net (@quistuipater) and on Facebook (quistuipater). Read more about anti-malware in Network World's Anti- malware section. By Mark Gibbs

108 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide 109 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide US law enforcers suggest a kill switch for mobile and Apple adapts

The idea of US law enforcers is the realization of a kill switch on mobile devices that would be used in case of theft. New York's top prosecutor, State Attorney General Eric Schneiderman, and San Francisco District Attorney George Gascón promoted an initiative, dubbed Secure Our Smartphones (SOS), with purpose to shutdown secondary market on devices.

The initiative is sustained by law enforcers, state attorneys general, police chiefs, district attorneys, major city, activists and consumer advocates. The figure of the parallel market for stolen devices are impressive, Schneiderman reported that nearly 113 Smartphones are stolen or lost every minute in the US, but what is concerning is that many of the thefts turning violent.

The overall crime rate in New York city increased 3% last year -- but "if you subtracted just the increase in Apple product thefts, we would have had an overall decrease in crime in New York," Deputy Police Commissioner Paul Browne said.

Following the introduction made by SOS board:

In 2012, 1.6 million Americans were victimized for their smartphones. This is a growing epidemic affecting all corners of our nation and accounting for a majority of the robberies in our cities. Last year, 50 percent of the robberies in San Francisco involved a stolen mobile communication device.

Washington D.C Police reports Smartphone theft accounting for 38 percent of their robberies, with Philadelphia Police reporting this type of theft accounting for 33 percent of all robberies. In New York City, 20 percent of all robberies involved the theft of a smartphone; a 40 percent increase in the past year. These crimes have led to severe injuries and the loss of life. The trend indicates that the problem will only get worse if manufacturers and carriers do not take immediate action.

The principal points of the initiative are: 110 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide  Analyzing patterns, causes and trends behind device theft;  Investigating the capability of manufacturers to develop technology that would deter theft, including a kill switch that would brick stolen devices permanently, eliminating the economic incentives for would-be thieves;  Understanding how the economics of device theft have affected decision-making by the Smartphone industry;  Working with device manufacturers to make a kill switch, or equally effective deterrent technology, a standard feature of their products; and  Investigating impropriety on the part of manufacturers, raising public and shareholder awareness about industry practices in this area, and using all available tools to press for safety- oriented innovation and responsible corporate citizenship.

The fourth point in particular focus on will to create a kill switch for mobile, just after the request of the SOS initiative Apple revealed that next release of its mobile operating system, iOS 7, include the function “activation lock“ that can make a stole Apple devices (iPhone or iPad) unusable permanently.

The function will improve the feature already available known as “Find My iPhone” that allows mobile tracking. The company added the same ID and password will be needed to reactivate a device after it's been remotely erased.

"We think this is going to be a really powerful theft deterrent," said Craig Federighi, a senior vice president at Apple.

The main problem is that thief, and criminal organization behind him, could be able to change the handset's International Mobile Station Equipment Identity (IMEI) number, the unique 15 digit code assigned at production to each device, making impossible device tracking.

A further initiative to improve security for mobile users is the creation of a database for stolen devices, phones and tablet included in this archive could not be activated and would not work on an LTE network in the United States.

A kill switch could improve protection for mobile devices, but let’s wait the reply of the cybercriminal industry that for sure will reply proposing new illegal countermeasures, anyway the SOS initiative is a step forward in the right direction.

Our Editor Picks His Favorite Open Sources You Can Put to Work Today

There are so many projects at sourceforge it’s hard to keep up with them. However, that’s not where we are going to find our growing list of the top twenty infosec open sources. Some of them have been around for a long time and continue to evolve, others are fairly new. These are the Editor favorites that you can use at work and some at home to increase your security posture, reduce your risk and harden your systems. While there are many great free tools out there, these are open sources which means they comply with a GPL license of some sort that you should read and feel comfortable with before deploying. For example, typically, if you improve the code in any of these open sources, you are required to share your tweaks with the entire community – nothing proprietary here.

Here they are:

1. TrueCrypt.org – The Best Open Encryption Suite Available 2. OpenSSL.org – The Industry Standard for Web Encryption 3. OpenVAS.org – The Most Advance Open Source Vulnerability Scanner 4. NMAP.org – The World’s Most Powerful Network Fingerprint Engine 5. WireShark.org – The World’s Foremost Network Protocol Analyser 6. Metasploit.org – The Best Suite for Penetration Testing and Exploitation 7. OpenCA.org – The Leading Open Source Certificate and PKI Management - 8. Stunnel.org – The First Open Source SSL VPN Tunneling Project 9. NetFilter.org – The First Open Source Firewall Based Upon IPTables 10. ClamAV – The Industry Standard Open Source Antivirus Scanner 11. PFSense.org – The Very Powerful Open Source Firewall and Router 12. OSSIM – Open Source Security Information Event Management (SIEM) 13. OpenSwan.org – The Open Source IPSEC VPN for Linux 14. DansGuardian.org – The Award Winning Open Source Content Filter 15. OSSTMM.org – Open Source Security Test Methodology 16. CVE.MITRE.org – The World’s Most Open Vulnerability Definitions 17. OVAL.MITRE.org – The World’s Standard for Host-based Vulnerabilities 18. WiKiD Community Edition – The Best Open Two Factor Authentication 19. Suricata – Next Generation Open Source IDS/IPS Technology 20. CryptoCat – The Open Source Encrypted Instant Messaging Platform

Please do enjoy and share your comments with us – if you know of others you think should make our list of the Top Twenty Open Sources for Information Security, do let us know at [email protected].

(Source: CDM)

Have a tough INFOSEC Question – Ask for an answer and ‘YE Shall Receive

Here’s a wonderful non-profit organization. You can join for free, start your own local chapter and so much more.

The best service of NAISG are their free Techtips. It works like this, you join the Techtips mailing list.

Then of course you’ll start to see a stream of emails with questions and ideas about any area of INFOSEC. Let’s say you just bought an application layer firewall and can’t figure out a best-practices model for ‘firewall log storage’, you could ask thousands of INFOSEC experts in a single email by posting your question to the Techtips newsgroup.

Next thing you know, a discussion ensues and you’ll have more than one great answer. It’s the NAISG.org’s best kept secret.

So use it by going here: http://www.naisg.org/techtips.asp

SOURCES: CDM and NAISG.ORG

SIDENOTE: Don’t forget to tell your friends to register for Cyber Defense Magazine at: http://register.cyberdefensemagazine.com where they (like you) will be entered into a monthly drawing for the Award winning Emsisoft anti-malware and our new favorite system ‘cleaner’ from East-Tec called Eraser 2013.

SnoopWall LLC is looking for a telecommuting Windows Kernel, Device Driver and GUI expert all rolled into one for a 3-6 month contracting gig. Send resumes to [email protected] – no head-hunters or third party representations. Great coders only.

This is a brand new section – please send all job opportunities for INFOSEC jobs only to [email protected]

Free Monthly Cyber Warnings Via Email

Enjoy our monthly electronic editions of our Magazines for FREE.

This magazine is by and for ethical information security professionals with a twist on innovative consumer products and privacy issues on top of best practices for IT security and Regulatory Compliance. Our mission is to share cutting edge knowledge, real world stories and independent lab reviews on the best ideas, products and services in the information technology industry. Our monthly Cyber Warnings e-Magazines will also keep you up to speed on what’s happening in the cyber crime and cyber warfare arena plus we’ll inform you as next generation and innovative technology vendors have news worthy of sharing with you – so enjoy.

You get all of this for FREE, always, for our electronic editions.

Click here to signup today and within moments, you’ll receive your first email from us with an archive of our newsletters along with this month’s newsletter.

By signing up, you’ll always be in the loop with CDM.

Published by Cyber Defense Magazine, a division of STEVEN G. SAMUELS LLC.Cyber Defense Magazine, CDM, Cyber Warnings, Cyber Defense Test Labs and CDTL are Registered Trademarks of STEVEN G. SAMUELS LLC. All rights reserved worldwide. Copyright © 2013, Cyber Defense

Magazine. All rights reserved. No part of this newsletter June be used or reproduced by any means, graphic, electronic, or mechanical, including photocopying, recording, taping or by any information storage retrieval system without the written permission of the publisher except in the case of brief quotations embodied in critical articles and reviews. Because of the dynamic nature of the Internet, any Web addresses or links contained in this newsletter June have changed since publication and June no longer be valid. The views expressed in this work are solely those of the author and do not necessarily reflect the views of the publisher, and the publisher hereby disclaims any responsibility for them.

Cyber Defense Magazine - Cyber Warnings rev. date: 06/27/2013 114 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide Cyber Warnings E-Magazine April 2013

Sponsors:

To learn more about us, visit us online at http://www.cyberdefensemagazine.com/ 115 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide Don’t Miss Out on a Great Advertising Opportunity.

Join the INFOSEC INNOVATORS MARKETPLACE: First-come-first-serve pre-paid placement One Year Commitment starting at only $199 Five Year Commitment starting at only $499

http://www.cyberdefensemagazine.com/infosec-innovators-marketplace

Now Includes: Your Graphic or Logo Page-over Popup with More Information Hyperlink to your website BEST HIGH TRAFFIC OPPORTUNITY FOR INFOSEC INNOVATORS Email: [email protected] for more information.

116 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide 117 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide 118 Cyber Warnings E-Magazine – June 2013 Edition Copyright © Cyber Defense Magazine, All rights reserved worldwide