September 2013  

September 2013

Not-for-profit, educational/informational, selected reports/stories identified are not the content of this organization nor this institution, rather authorship remains with the sources listed in the report/stories and DO NOT reflect the position(s) of any company, agency or other entity, nor serve as an endorsement of any kind. 

The last issue of the American University Law Review is a great read for those interested in anything cybersecurity. Here are the links to the articles

Jorge L. Contreras, Laura DeNards, & Melanie Teplinsky, Foreward, Mapping Today's Cybersecurity Landscape, 62 Am. U.L. Rev. 1113 (2013) 

Ivan K. Fong & David G. Delaney, Transcript, America the Virtual: Security, Privacy, and Interoperability in an Interconnected World, 62 Am. U.L. Rev. 1131 (2013) 

Keir X. Bancroft, Regulating Information Security in the Government Contracting Industry: Will the Rising Tide Lift all the Boats?62 Am. U.L. Rev. 1145 (2013)

Alan Butler, When Cyberweapons End Up on Private Networks: Third Amendment Implications for Cybersecurity Polity, 62 Am. U.L. Rev. 1203 (2013)

Michael McNerney & Emilian Papadopoulos, Hacker's Delight: Law Firm Risk and Liability in the Cyber Age, 62 Am. U.L. Rev. 1243 (2013)

Scott J. Shackelford, Toward Cyberpeace: Managing Cyberattacks Through Polycentric Governance,  62 Am. U.L. Rev. 1273 (2013) 

Miles L. Galbraith, Comment, Identity Crisis: Seeking a Unified Approach to Plaintiff Standing for Data Security Breaches of Sensitive Personal Information, 62 Am. U.L. Rev. 1365 (2013) 

Peter S. Frecehette, Note, FTC v. LabMD: FTC Jurisdiction over Information Privacy is "Plausible," But How Far Can it Go?62 Am. U.L. Rev. 1401 (2013) 

Danielle E. Sunberg, Note, Reining in the Rogue Employee: The Fourth Circuit Limits Employee Liability Under the CFAA,  62 Am. U.L. Rev. 1417 (2013)

ANONYMOUS

'Topiary' tells all: Prison, activism, and LulzSec's beginnings | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57602014-83/topiary-tells-all-prison-ac...

BITCOIN

Bitcoin isn’t ready for prime time as a world wide remittance replacement. http://gigaom.com/2013/09/07/bitcoin-isnt-ready-for-prime-time-as-a-world-wide-remittance-replacement/?utm_source=General+Users&utm_campaign=97ff2778d5-c%3Amob%2Ctec%2Ccld%2Capl%2Ceur%2Cdta+d%3A09-08&utm_medium=email&utm_term=0_1dd83065c6-97ff2778d5-99419753

Andy Greenberg, Follow the Bitcoins: How We Got Busted Buying Drugs on Silk Road's Black Market, http://www.forbes.com/sites/andygreenberg/2013/09/05/follow-the-bitcoins-how-we-got-busted-buying-drugs-on-silk-roads-black-market/

CHINA

Symantec Fingers Most Advanced Chinese Hacker Group, Report here http://csis.org/files/publication/130916_Leed_OffensiveCyberCapabilities_Web.pdf

Or http://blogs.wsj.com/chinarealtime/2013/09/18/symantec-fingers-most-advanced-chinese-hacker-group/

Huawei CTO insists: 'We are not a threat to UK and US national security' http://www.theregister.co.uk/2013/09/13/huawei_sanqi_li_says_no_national_security_threat/

COMPANIES & CORPORATIONS

Don't blame the corporations for the surveillance state, http://www.zdnet.com/dont-blame-the-corporations-for-the-surveillance-state-7000020678/

CONGRESS

House Holds Cyber Threat Hearing as NIST Begins Preliminary Work on Cybersecurity Framework, http://www.powermag.com/house-holds-cyber-threat-hearing-as-nist-begins-preliminary-work-on-cybersecurity-framework/

CYBER ESPIONAGE

ICEFOG ESPIONAGE CAMPAIGN IS ‘HIT AND RUN’ TARGETED OPERATION, http://threatpost.com/icefog-espionage-campaign-is-hit-and-run-targeted-operation/102417

North Korea Spying on South Korea Using Espionage Malware | Threatpost
http://threatpost.com/researchers-uncover-kimsuky-espionage-campaign-aga...

CYBERSECURITY FRAMEWORK

House Holds Cyber Threat Hearing as NIST Begins Preliminary Work on Cybersecurity Framework, http://www.powermag.com/house-holds-cyber-threat-hearing-as-nist-begins-preliminary-work-on-cybersecurity-framework/

Draft cybersecurity framework gets mixed reviews, October deadline looms, http://www.csoonline.com/article/print/739155

CYBER THREAT

McAfee Threats Report: Second Quarter 2013, http://www.mcafee.com/us/resources/reports/rp-quarterly-threat-q2-2013-summary.pdf

New Cyber 'Mercenaries' Prefer Quick Strikes, Researchers Say, http://www.defensenews.com/article/20130927/DEFREG02/309270009?utm_source=twitterfeed&utm_medium=twitter

F-Secure published Threat Report H1 2013 on security landscape, http://securityaffairs.co/wordpress/18206/cyber-crime/f-secure-threat-report-h1-2013.html

CYBERWAR

What Would a Real Cyberwar Look Like?, http://www.slate.com/articles/health_and_science/new_scientist/2013/09/cyberwar_and_cyberattacks_it_s_really_espionage_subversion_or_sabotage.html

Cyberwar Is Overhyped, http://breakingdefense.com/2013/09/10/cyberwar-is-over-hyped-it-aint-war-til-someone-dies/

Why a cyberwar won't happen - opinion - 09 September 2013 - New Scientist, http://www.newscientist.com/article/mg21929334.800-why-a-cyberwar-wont-happen.html?full=true#.Ui5egsu9KSM

CYBER WORKFORCE

Why the Nation Needs a U.S. Cyber Force: Boston Globe Op-ed by Dean Stavridis, http://www.bostonglobe.com/opinion/2013/09/29/why-nation-needs-cyber-force/quM4WWdJOh0FoSyE7rmxJI/story.html

DATA BREACH

2 Million Customer Records Stolen in Vodafone Germany breach | Threatpost
http://threatpost.com/contractor-accesses-2-million-vodafone-germany-cus...

DHS

DHS launches working group to encourage industry adoption of cyber framework, http://insidecybersecurity.com/Cyber-General/Cyber-Public-Content/dhs-launches-working-group-to-encourage-industry-adoption-of-cyber-framework/menu-id-1089.html?S=LI#%21

DISA

RADM DAVID SIMPSON REFLECTS ON DISA TENURE AND ENVISIONS AGENCY’S FUTURE, http://www.disa.mil/News/Stories/2013/simpson_farewell

DOD

Is IT Becoming a Battlefield?, http://science.dodlive.mil/2013/09/30/is-it-becoming-a-battlefield/

Pentagon to Merge Information Networks in Effort to Thwart Hackers and Leakers, http://www.nationaldefensemagazine.org/blog/Lists/Posts/Post.aspx?List=7c996cd7-cbb4-4018-baf8-8825eada7aa2&ID=1267

Cyber Security Solutions for the DOD and Intelligence Community, http://www.tripwire.com/state-of-security/security-data-protection/cyber-security-solutions-for-the-dod-and-intelligence-community/

DOJ

Exclusive: U.S. directs agents to cover up program used to investigate Americans | Reuters
http://www.reuters.com/article/2013/08/05/us-dea-sod-idUSBRE97409R20130805

US stops jailed activist Barrett Brown from discussing leaks prosecution, http://www.theguardian.com/world/2013/sep/04/barrett-brown-gag-order-us-government?goback=%2Egde_1807664_member_271963697#%21 

DON

"U.S. Says Iran Hacked Navy Computers", http://online.wsj.com/article/SB10001424052702304526204579101602356751772.html

ECPA

Google’s Wi-Fi Sniffing Might Break Wiretap Law, Appeals Court Rules, http://www.wired.com/threatlevel/2013/09/googles-wifi-wiretapping/

FIFTH AMENDMENT

Apple's Fingerprint ID May Mean You Can't 'Take the Fifth' | Wired Opinion | Wired.com
http://www.wired.com/opinion/2013/09/the-unexpected-result-of-fingerprin...

FISC

Surveillance court orders transparency review of its NSA opinions | PCWorld, http://www.pcworld.com/article/2048716/surveillance-court-orders-transparency-review-of-its-nsa-opinions.html?tk=rel_news

FISMA

Federal cyber security pros lack confidence in FISMA, http://www.net-security.org/secworld.php?id=15627

GOOGLE

Google fights to kill email-scanning lawsuit brought by Gmail users, It's hoping to dismiss the class-action suit over privacy, http://www.computerworld.com/s/article/9242155/Google_fights_to_kill_email_scanning_lawsuit_brought_by_Gmail_users

HACKING

The rise of the white hat vigilante - Hackers - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/356543,the-rise-of-the-white-hat-vigil...

The Geeks on the Front Lines, http://www.rollingstone.com/feature/the-geeks-on-the-frontlines#i.edbfp2dzbfbawg

LEGISLATION

Lawmakers: Leaks slowed cybersecurity legislation, http://fcw.com/articles/2013/09/12/snowden-cybersecurity-legislation.aspx

NSA

NSA Internet Spying Sparks Race to Create Offshore Havens for Data Privacy, http://online.wsj.com/article/SB10001424052702303983904579096082938662594.html

How a Crypto ‘Backdoor’ Pitted the Tech World Against the NSA, http://www.wired.com/threatlevel/2013/09/nsa-backdoor/

Keith Alexander: In Best Interest Of U.S. To 'Put All The Phone Records' Into A Searchable 'Lockbox', http://www.huffingtonpost.com/2013/09/26/keith-alexander-nsa_n_3998071.html

Chief of National Security Agency (NSA), General Keith Alexander defended US surveillance programs as part of a Noble Mission to protect the nation, http://thehackernews.com/2013/09/nsa-chief-general-alexander-defends-us.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29&_m=3n.009a.350.rz0ao05fd7.7l2

NSA mines Facebook for connections, including Americans’ profiles, http://www.cnn.com/2013/09/30/us/nsa-social-networks/index.html?hpt=hp_t3

NSA Illegally Gorged on U.S. Phone Records for Three Years, http://www.wired.com/threatlevel/2013/09/nsa-violations/

Brazil after NSA spying, http://www.reuters.com/article/2013/09/12/net-us-usa-security-snowden-brazil-idUSBRE98B14R20130912

Johns Hopkins apologizes for yanking prof's NSA blog | Security & Privacy - CNET News

http://news.cnet.com/8301-1009_3-57602345-83/johns-hopkins-apologizes-fo...

NIST Refutes Allegations NSA Compromised Crypto Standards | Threatpost
http://threatpost.com/nist-refutes-allegations-nsa-compromised-crypto-st...

U.S. tapped into networks of Google, Petrobras, others: report | Reuters
http://www.reuters.com/article/2013/09/09/us-usa-security-snowden-petrob...

Google encrypts data amid backlash against NSA spying - Washington Post
http://articles.washingtonpost.com/2013-09-06/business/41831756_1_encryp...

NSA Secretly Admitted Illegally Tracking Thousands Of 'Alert List' Phone Numbers For Years - Forbes
http://www.forbes.com/sites/andygreenberg/2013/09/10/nsa-secretly-admitt...

NSA hands Israel intelligence data on 'US persons' | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57602543-83/nsa-hands-israel-intelligen...

NSA director expected to be no-show at Dutch security conference - SC Magazine
http://www.scmagazine.com/nsa-director-expected-to-be-no-show-at-dutch-s...

Lavabit's Owner Appeals Secret Surveillance Order That Led Him to Shutter Site | Threat Level | Wired.com
http://www.wired.com/threatlevel/2013/09/lavabit-appeal/

What NSA snoops like about the iPhone | Security & Privacy - CNET News
http://news.cnet.com/8301-1009_3-57601981-83/what-nsa-snoops-like-about-...

Privacy Scandal: NSA Can Spy on Smart Phone Data, http://www.spiegel.de/international/world/privacy-scandal-nsa-can-spy-on-smart-phone-data-a-920971.html

Here's how to best secure your data now that the NSA can crack almost any encryption, http://www.networkworld.com/news/2013/090613-here39s-how-to-best-secure-273574.html?source=NWWNLE_nlt_daily_am_2013-09-08&goback=%2Egde_1807664_member_271977707#%21

The Cowboy of the NSA,  http://www.foreignpolicy.com/articles/2013/09/08/the_cowboy_of_the_nsa_keith_alexander?print=yes&hidecomments=yes&page=full

Internet experts want security revamp after NSA revelations, http://www.reuters.com/article/2013/09/08/us-internet-security-idUSBRE98701J20130908?goback=%2Egde_1836487_member_271911123#%21

OFFENSIVE CYBER OPERATIONS

UK becomes first state to admit to offensive cyber attack capability, http://www.ft.com/cms/s/0/9ac6ede6-28fd-11e3-ab62-00144feab7de.html#axzz2gNoO7Z12

Report: CSIS Thinks the Pentagon Must Establish Cyber Offense Guidelines, http://fedscoop.com/a-plan-for-dods-cyber-offensive/

PATCHES & UPDATES

Oracle Updates Java 7 | Threatpost
http://threatpost.com/new-monitoring-security-features-for-java-7/102280

WordPress Fixes Remote Code Execution Flaw With 3.6.1 Release | Threatpost
http://threatpost.com/wordpress-fixes-remote-code-execution-flaw-with-3-...

Adobe Fixes Code Execution Bugs in Flash, Reader | Threatpost
http://threatpost.com/adobe-fixes-code-execution-bugs-in-flash-reader/10...

BlackBerry Patches Security Flaws in Z10, Q10, PlayBook | Threatpost
http://threatpost.com/blackberry-patches-flash-webkit-and-libexif-flaws-...

PRIVACY

10 Incredibly Simple Things You Should Be Doing To Protect Your Privacy, http://www.forbes.com/sites/kashmirhill/2012/08/23/10-incredibly-simple-things-you-should-be-doing-to-protect-your-privacy/?goback=%2Egde_3045583_member_277090702#%21

TECHNOLOGY

Google security exec: 'Passwords are dead', http://news.cnet.com/8301-1009_3-57602286-83/google-security-exec-passwords-are-dead/

Microsoft created a collaboration lab with the Univ of Washington, to allow lawmakers to make better policies by allowing them to understand the technology. http://blogs.seattletimes.com/brierdudley/2013/09/12/uw-microsoft-create-tech-policy-lab/

TOOLS & EXPLOITS

Protecting Routers and Networks from Hackers,  http://www.newsfactor.com/story.xhtml?story_id=122003ZFNBK2

Research detects dangerous malware hiding in peripherals, http://www.scmagazine.com.au/News/358265,research-detects-dangerous-malware-hiding-in-peripherals.aspx"

5 Security YouTube Channels to Watch, http://www.informationsecuritybuzz.com/5-security-youtube-channels-to-watch/

Countering Attacks Hiding In Denial-Of-Service Smokescreens, http://www.darkreading.com/threat-intelligence/countering-attacks-hiding-in-denial-of-s/240161237 

Ion beam used to wiretap secure chips - Crypto - SC Magazine Australia - Secure Business Intelligence

http://www.scmagazine.com.au/News/356897,ion-beam-used-to-wiretap-secure...

$20 'toy' deactivates cheap home alarms, opens doors - Messaging - SC Magazine Australia - Secure Business Intelligence
http://www.scmagazine.com.au/News/356907,20-toy-deactivates-cheap-home-a...

Mobile Pwn2Own Offers $300k For Zero Days | Threatpost
http://threatpost.com/mobile-pwn2own-offers-300k-for-zero-days/102278

UK

UK becomes first state to admit to offensive cyber attack capability, http://www.ft.com/cms/s/0/9ac6ede6-28fd-11e3-ab62-00144feab7de.html#axzz2gNoO7Z12

UK to create new cyber defence force, http://www.srmti.com/news/uk-to-create-new-cyber-defence-force-10822/#!

WHITE HOUSE

Government Announces Steps to Restore Confidence on Encryption Standards, http://bits.blogs.nytimes.com/2013/09/10/government-announces-steps-to-restore-confidence-on-encryption-standards/?_r=0

White House cybersecurity official says 'no new regulations', http://insidecybersecurity.com/Cyber-Daily-News/Daily-News/white-house-cybersecurity-official-says-no-new-regulations/menu-id-1075.html

Back to top