Cyber Attacks, Threats, and Vulnerabilities
Stuxnet-style malware 'developed by Western intelligence agency' uncovered in Russia and Saudi Arabia (Computing) New malware dubbed "Regin", which has been likened to Stuxnet, has been uncovered in Russia and Saudi Arabia, according to Symantec
Regin: Top-tier espionage tool enables stealthy surveillance (Symantec) An advanced spying tool, Regin displays a degree of technical competence rarely seen and has been used in spying operations against governments, infrastructure operators, businesses, researchers, and private individuals
The Regin Espionage Toolkit (F-Secure) Regin is the latest in the line of sophisticated espionage toolkits used to target a range of organizations around the world. As already reported, it's one of the more complex pieces of malware around, and just like many of the other toolkits it also has a long history behind it. We first encountered Regin nearly six years ago in early 2009, when we found it hiding on a Windows server in a customer environment in Northern Europe
Stealthy, sophisticated 'Regin' malware has been infecting computers since 2008 (PC World) Symantec researchers have identified a particularly sophisticated piece of malware, called "Regin" that was likely developed by a nation state and has been used to spy on governments, infrastructure operators, businesses, researchers and individuals since at least 2008
Researchers Uncover Government Spy Tool Used to Hack Telecoms and Belgian Cryptographer (Wired) It was the spring of 2011 when the European Commission discovered it had been hacked. The intrusion into the EU's legislative body was sophisticated and widespread and used a zero-day exploit to get in
Traces of Regin malware may date back to 2006 (IDG via CSO) Malware that Symantec says was probably developed by a nation state may have been used for as long as eight years, a length of time that underscores the challenges the security industry faces in detecting advanced spying tools
Stuxnet-like malware highlights need for skills and vigilance (Computerweekly) The discovery of an advanced piece of malware that has been used to spy against organisations for at least six years underlines the need for skills and vigilance, say security experts
SECURITY: Cyberattackers have penetrated U.S. infrastructure systems — NSA chief (E&E News) The head of the National Security Agency and the U.S. Cyber Command said yesterday that unnamed foreign nations and groups have gained the technical capability to take down control systems that operate U.S. power grids, water systems and other critical infrastructure
Intel boss' warning on cyber attacks no joke, say experts (Fox News) Top cybersecurity experts echoed a dire warning from a top intelligence chief on the vulnerability of the U.S. power grid, with one telling FoxNews.com that state-sponsored hackers could send America's nerve centers on an "uncontrollable, downward spiral"
Fears grow of Iran cyber attack (The Hill) Fears are growing that Iran will unleash cyber warfare on U.S. companies if negotiators are unable to reach a nuclear deal by Monday that would require Tehran to limit its nuclear program
Crowdsourced War (TechCrunch) At least 4,000 people have died in Eastern Ukraine, according to United Nations estimates, spilling roughly 5,000 gallons of blood on the nation's soil
India calls Islamic State a big threat on cyber world (Daily Times) India's Home Affairs Minister Rajnath Singh on Saturday blamed that terrorism in India was Pakistan-sponsored, hitting out at neighbouring country over Dawood Ibrahim, whom he described as the 'most-wanted criminal'
Gitmo 'Poet' Now Recruiting for Islamic State (Weekly Standard) An ex-Guantanamo detainee based in northern Pakistan is leading an effort to recruit jihadists for the Islamic State, an al Qaeda offshoot that controls large portions of Iraq and Syria
ISIL targets Halifax security forum with social media messages (Halifax Chronicle Herald) ISIL is sending messages to participants and staff at the Halifax International Security Forum, the conference's top official said Saturday
Anonymous targets Canadian City, Police, Supreme Court against teen's arrest. (Hack Read) A hacker going with the handle of @AerithXOR hacked the official website of Ottawa city, Canadian Supreme Court and Ottawa police
Toronto Police Service website down after DDoS attack (Toronto Star) The Toronto Police Service website was the subject of a Distributed Denial of Service attack on Sunday evening after a Twitter user threatened to hack the site
Hackers pledge more attacks (Ottawa Sun) The Anonymous hacker group that carried out Friday's cyber attack on City Hall has pledged attacks on eight more targets, including Ottawa Police and the Supreme Court
Ecuadorian President Says His Accounts Under Cyber Attacks From US (Sputnik) Ecuadorian President reportedly announced that his accounts have been a target of cyber attacks that came from the United States
Hikvision DVRs sporting bugs that allow device hijacking (Help Net Security) A while back, SANS ISC CTO Johannes Ullrich discovered that cybercrooks were targeting Hikvision Digital Video Recorders (DVRs) in order to infect them with bitcoin-mining malware. They were successful because the DVRs come with a default administrative account "admin" with password "12345," and these are often left unchanged by users
Backdoored CMS Plugins Used to Hijack Web Servers (SecurityWeek) Thousands of backdoored plugins and themes for popular content management systems (CMS) are being leveraged by a threat group to abuse Web servers on a large scale
Hacking RFID Payment Cards Made Possible with Android App (TrendLabs Threat Intelligence Blog) We recently encountered a high-risk Android app detected as ANDROIDOS_STIP.A in Chile. This app, found distributed through forums and blogs, can be used to hack into the user's RFID bus transit card to recharge the credits. What is the mechanism behind this, and what is the security risk of RFID payment cards in general?
'DoubleDirect' MitM attack affects iOS, Android and OS X users (SC Magazine) For at least six months, a security firm has seen a specific type of man-in-the-middle (MitM) attack, dubbed "DoubleDirect," being leveraged, which puts iOS, Android and OS X users at risk
Four-year old comment security bug affects 86 percent of WordPress sites (Ars Technica) Bug allows script attack that could be used to hijack sites or attack visitors
Lookout Mobile Security Software Discusses NotCompatible Malware (Dumb Out) When mobile devices — nay, cell phones — started to make their way into the common public fray, security experts and researchers knew that it would only be a matter of time before these pieces of technology would become the target of malicious software like spam and malware
A Nightmare on Malware Street (SecureList) CoinVault ransomware in the wild
Craigslist Domains Hacked by Digital Gangsters, down around the world. (Hack Read) A group (probably hacking) going with the handle of Digital Gangsters has hacked the world-renowned classified advertisements website Craigslist
Has the PlayStation Network really been hacked? Should you change your password? (Naked Security) A smallish sample of usernames and passwords allegedly stolen from services listed as PlayStation Network (PSN), Windows Live and 2K Gaming has been leaked by a trio of crackers calling themselves
Vaporizer chargers can contain malware (Webroot Threat Blog) Vaporizers (AKA E-cigarettes) have been gaining some serious traction and widespread use over the past few years. The sudden surge of popularity isn't too surprising considering the fact that the health implications of nicotine consumption are vastly more favorable with vaporizers when compared to traditional cigarettes
FUD: E-Cig chargers said to be delivering malware (CSO) There is absolutely no proof these claims are true, none
Russian webcam-spying site highlights common security failing (ComputerWeekly) A Russian website collecting streaming images from internet-connected cameras in the UK and more than 200 other countries highlights a common security failing, say information security professionals
Webcam snooper now looking for a job (IDG via CSO) The developer of a widely vilified website that aggregated feeds from unsecured webcams is apparently looking for work as a remote programme
Budding Brazilian Hackers Get Online Training from $46 (Infosecurity Magazine) Wannabe cyber-criminals in Brazil can receive online training in the dark arts from as little as $46, the only place in the world this is possible, according to new research from Trend Micro
Are Some Parts of the Web Especially Likely to Host a Phishing Attack? (Cyveillance Blog) We recently shared intelligence about the phishing threat based on real attacks Cyveillance saw over a one year period
Companies urged to 'consider the risks' of non-computing devices connected to global networks (Canadian Underwriter) There is an increase in the number of cars, industrial control systems and other non-computing devices that are connected to a global computer network, some of these devices are sold without "thorough security and functional testing" and are therefore "easier targets" for criminals than personal computers, yet most corporate information technology departments "are not responsible" for managing the security of such devices, IBM Corp. warned in a recent report
Bulletin (SB14-328) Vulnerability Summary for the Week of November 17, 2014 (US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information
Security Patches, Mitigations, and Software Updates
Sony quietly POODLE-proofs Playstations (Register) Innocuous 'system software stability' update brings no patch, no surf, regime
You stupid BRICK! PCs running Avast AV can't handle Windows fixes (Register) Fix issued, fingers pointed, forums in flames
Cyber Trends
The Week When Attackers Started Winning The War On Trust (Dark Reading) The misuse of keys and certificates is not exotic or hypothetical. It's a real threat that could undermine most, if not all, critical security controls, as recent headlines strongly show
Cloud Security By The Numbers (Dark Reading) Quantifying the perceptions around cloud security practices
Retailers optimising transactions but forsaking security this holiday season (GrowthBusiness) Despite record growth in online transactions forecast around the Christmas period, compliance and security is lower than ever
Cyberwar is bullshit (Verge) As governments build stronger and smarter digital weapons, we're all collateral damage
Financial services cyber trends for 2015 (Help Net Security) If 2014 was the "year of the breach," then what future cybersecurity threats await us? What's the next mode of attack, and how much worse will it be? That's the question on the minds of financial services companies as they invest in cyber protection measures, manage growing customer concerns and try to predict what's next
Cybersecurity lapses leave government agencies vulnerable to hackers (Washington Times) State Department, Postal Service, White House experience breaches as recommendations ignored
Marketplace
Why Palo Alto Networks Rallied 87% in 2014 (Motley Fool) Palo Alto Networks' (NYSE: PANW ) stock has soared 87% in 2014, easily outperforming its industry peers and the overall market. What fueled that massive rally, and will the stock keep climbing in 2015?
Verint Is A Highly-Rated Economic Castle (Seeking Alpha) Let's have a look at Verint, one of the highest-rated economic castles in our coverage. We think the strongest companies on a fundamental basis are ones that generate the most value for shareholders
Splunk Jumps On A Rock Solid Quarter (Motley Fool) Unstructured data specialist Splunk (NASDAQ: SPLK) has had a rather turbulent year. After peaking at $106 in February, shares pulled all the way back to $40 as names in big data briefly fell out of favor. Well, shares have been on the road to recovery for a few months now, and Splunk just reported strong earnings that are giving its recovery even stronger legs
IBM Stock: Will This New Technology Kick-Start Big Blue? (Motley Fool) At this point, IBM's (NYSE: IBM) struggles have been well documented. As CEO Ginni Rometty and team continue the company's transition from old-school technologies such as hardware and PC-related solutions — IBM's former bread and butter — anxious investors are quickly running out of patience. One look at IBM's stock price, which is hovering at or near 52-week lows, speaks volumes
CipherCloud raises $50 million for APAC expansion (Business Spectator) Cloud visibility and data protection firm CipherCloud has announced a $50 million round of financing, to be used for marketing and growth across Europe and Asia Pacific
Northrop Grumman Launches Cyber Center (National Defense) Northrop Grumman, in an effort to address its clients' most dangerous cyber threats, announced on Nov. 19 the launch of its new Advanced Cyber Technology Center
VA to spend $60 million more on cyber after auditors' continued concerns (Federal News Radio) Government auditors say the Veterans Affairs Department's cybersecurity problems are mildly better, but huge concerns remain about the security of veterans' data
Number Of UK IT Security Jobs Doubles In Past Year (TechWeek Europe) The UK is reporting a higher demand for IT security professionals than ever before as businesses look to shore up their defences following a series of high-profile cyberattacks
Malcovery's Phil Compton Named CFO of the Year (PRWeb) Malcovery Security, the leading provider of cyber threat intelligence, announced today that its Chief Financial Officer, Phil Compton, was named the 2014 CFO of the Year, in the "For-Profit Small" category, by the Pittsburgh Business Times
ForgeRock Adds Security and Enterprise Software Industry Veteran Robert Humphrey as Chief Marketing Officer (Marketwired) Marketing leader hired to drive global brand awareness and revenue growth
Tom McNeight Joins Vorstack Board of Directors (PRWeb) Tech heavyweight with history of building great companies to help grow threat intelligence market
Thales Board To Select New Chief Executive (Defense News) Thales will hold a board meeting on Monday to choose a successor to Chairman Jean-Bernard Levy, who is leaving the defense electronics company to take the top job at utility giant Electricité de France (EDF), a company executive said
Capital Buzz: Tenable hires executive with IPO experience (Washington Post) Tenable Network Security, the Columbia-based company that helps businesses and government agencies guard against cyber attacks, may be preparing to go public
Products, Services, and Solutions
IBM Offers Single-User Bluemix For Added Cloud Security (TechWeek Europe) IBM's latest offerings are intended for customers who want to buy into the cloud while keeping a maximum of control over their data
Ghostery Makes Privacy Marketable (InformationWeek) Service that blocks Web tracking code turns out to be good for business, too
The BlackBerry Passport enigma: TCOB-machine or "worst designed thing, ever" (Ars Technica) It's not your teenager's smartphone, which is kind of the point
New System Detects and Alerts to Automobile Cyber Attacks (Marketwired) Network Enforcement Module helps protect today's sophisticated 'computers on wheels'
We compare BitDefender Antivirus with Panda Global Protection 2014 (Gamer Headlines) In the modern day and age of the use of firewalls and security software is becoming incredibly important for individuals who want to keep their computer safe and their data secure. In this review we will take a look at two high-quality security tools and will outline the features on the way in which they can be used. We also outline their level of protection and will decide which one is the best. In this review will compare the Panda Global Protection 2014 with the BitDefender Antivirus
Check Point Next Generation Threat Prevention Receives Highest Scores in Recent Miercom Testing (Marketwired) World class security technology leads with accuracy and performance in Miercom Advanced Threat Prevention With Sandbox Analysis Report
AVG Antivirus latest update now helps scan files faster — adds additional security layers (The REM) AVG has been a brand which has been built around the 'protection' factor
FireMon Extends Network Security Monitoring to Cloud Service Infrastructure (Marketwired) FireMon, the industry leader in proactive security intelligence solutions, today announced expanded network security monitoring capabilities for cloud services, including Amazon Web Services (AWS) and OpenStack Icehouse
Nexum, Inc. Partners with FireMon to Deliver Proactive Security Intelligence Solutions (PRWeb) Nexum partners with leader in proactive security intelligence
Ex-NSA and GCHQ Spooks Showcase Intel Platform (Computer Business Review) Security firm Darktrace seeks expansion in SME market with new threat visuals
Tufin Adds Support for Amazon Web Services, Delivers Security Policy Orchestration for Public, Private and Hybrid Cloud Environments (Herald Online) On heels of industry-first support for VMware NSX, Tufin extends support to AWS, ensuring centralised management of security policies as enterprises embrace cloud models
Carousel Joins Palo Alto Networks Channel Program (Channel Partners) Rhode Island-based Carousel Industries will carry enterprise security offerings from Palo Alto Networks as a new member of the company's NextWave Partner Program
KEMP ships new Application Firewall Pack (Channel EMEA) KEMP Technologies has launched a new Application Firewall Pack (AFP) for its LoadMaster™ range of load balancers and Application Delivery Controllers (ADCs). By integrating Web Application Firewall (WAF) and other security services, KEMP enables secure, scalable and always-on workload delivery in a single ADC and load balancing solution
BillGuard And Experian Partner For Consumer Protection (Forbes) BillGuard, which offers free monitoring of credit and debit card activity and notifies users of fraud and unauthorized charges, has partnered with the identity theft prevention of Experian to provide a comprehensive service for consumers whose cards may have been compromised in data breaches like Target and Home Depot
Technologies, Techniques, and Standards
Crypto protocols held back by legacy, says ENISA (Register) EU takes the microscope to security
Confusion Persists around Cyber Threat Intelligence for Enterprise Organizations (Network World) Enterprises have specific questions but government and industry responses are nebulous at best
An Introduction to Cyber Intelligence (DarkMatters) This is the beginning of a short blog series on the topic of cyber intelligence, its sub-disciplines, and its uses. As an Adjunct Lecturer at Utica College, I teach graduate students in the M.S. Cybersecurity program on topics including cyber intelligence and cyber counterintelligence
How CSOs Can Help CIOs Talk Security to the Board (CIO) CIOs aren't necessarily security experts, but that doesn't mean they can't speak intelligently to the company's board of directors. The key is getting a little coaching from the CSO about how and what to communicate
When Panic Leads to Poor Decisions (SecurityWeek) We've all been there before. Something unforeseen happens that triggers a panic response. More often than not we look back at that response and wish we could have done things differently
Design and Innovation
Did the NSA Outline Bitcoin in 1996? (Cryptocoins News) The NSA was one of the first organizations to describe a Bitcoin-like system. About twelve years before Satoshi Nakamoto published his legendary white paper to the Metzdowd.com cryptography mailing list, a group of NSA information security researchers published a paper entitled How to Make a Mint: the Cryptography of Anonymous Electronic Cash in two prominent places, the first being an MIT mailing list and the second being much more prominent, The American Law Review (Vol. 46, Issue 4 )
Hamradiocoin: Crypto via Radio, Alternative Blockchain Channel (Cryptocoin News) HamRadioCoin utilizes the traditional Ham radio mesh to serve modern blockchain technology. This provides the blockchain and cryptocurrency with the first real alternative channel — a communications network that is both standardized and global. Ham radio has been in existence for over 80 years and who could have thought that its global array of operators would emerge as the perfect candidate for providing a P2P alternative to the internet. As we'll explore below, the invaluable role of Ham radio extends its utility into science fiction as the "old" radio combines with the "new" blockchain
Research and Development
Stress-testing the world economy for pandemics, cyber-attacks and war (Telegraph) Cambridge University's business school has worked out the financial effects of several disaster scenarios to help firms plan ahead
Sybil Logic Bomb Cyber Catastrophe Stress Test Scenario (University of Cambridge Centre for Risk Studies) A risk framework for considering systemic cyber threats and a stress test scenario of a cyber catastrophe for use in business and policy-making
IBM Patents Design for Data Privacy Engine (eWeek) IBM's newly patented data privacy engine safeguards cloud data shared across borders. This new invention improves upon manual privacy techniques
Jericho Systems Receives Patent for Trust Elevation During RESTful Authentication of User Identity (Businesswire) Jericho Systems Corporation, supplier of advanced content filtering and data security solutions, has received issuance notification from the U.S. Patent and Trademark Office of patent number 8,893,293, "Elevating Trust in User Identity During RESTful Authentication"
Radware Launches Hybrid DDoS Attack Protection Solution (SecurityWeek) Radware, a company best known for its DDoS attack mitigation and application deliver appliances, this week announced a new hybrid solution designed to help enterprise organizations detect and protect against sophisticated and volumetric DDoS attacks
Viscount Systems secures second U.S. patent for IT-centric Freedom Access Control platform (Security Info Watch) Viscount Systems, a leading provider of IT-based security software and services, announced today it has received a second U.S. patent for itsFreedom Access Control solution, building on the technology's strong IP foundation. U.S. Patent 8854177 B2 outlines the system and method for storing user permissions for multiple disparate physical devices in a unified permissions database, connected to a network in common with the products
US Army to task Novetta subsidiary with active authentication R&D (Planet Biometrics) The Mission and Installation Contracting Command at West Point has revealed that it intends to award a contract to IBG, a Novetta Solutions Company, for the development of a biometric authentication system based on so-called "active authentication" research
Academia
Angus King touts Maine University System’s role in preventing cyber 'Pearl Harbor' (Bangor Daily News) Warning that the "next Pearl Harbor" will be a cyber attack against the nation's infrastructure, U.S. Sen. Angus King, I-Maine, on Friday announced that the University of Maine System is the first in the country to receive the NSA's stamp of approval for its cyber security program
Ocoee High starts cyber-security team (West Orange Times and Observer) With an influx of viruses and hacks compounding by the minute in the digital age, enhanced cyber security has become a high priority for the U.S. military
Legislation, Policy, and Regulation
Digital Privacy Is "The New Frontier Of Human Rights" (TechCrunch) The impact of mass, digitally-enabled state surveillance upon individuals' privacy has been described as "the new frontier of human rights" by Member of the European Parliament, Claude Moraes, who was giving an annual lecture on behalf of the Centre for Research into Information, Surveillance and Privacy at the London School of Economics on Friday
Extensive Network of Secret Chinese Military Units Attack US on Daily Basis (Epoch Times) An army is attacking the United States. Its war is being waged without bullets or fanfare. Denied by its government, these soldiers operate in shadows and in silence. Yet, glimpses of their operations are seen on a daily basis — hackers and spies attacking and stealing from U.S. businesses and the U.S. government
Australia and Great Power Cyber Strategy after APEC (The Diplomat) It is time to develop a more meaningful cybersecurity dialogue between Australia and China
Brazil doubles down on cyber security? (Open Democracy) The out-sized military response risks compromising citizens' fundamental rights. If Brazil is to build a cyber security system fit for purpose, an informed debate is imperative
Cyberwarfare and NZ (Radio New Zealand) As New Zealand faces an an increasing number of cyber attacks, security experts say it's getting more difficult to counter them
GCHQ whistleblower calls for public interest defence (Guardian) 'I was enraged by the subterfuge and potential blackmail they wanted us to do,' says former GCHQ employee
Geheime dienst kan straks veel meer telefoon– en internetverkeer aftappen (RTL Nieuws) Het kabinet gaat de geheime diensten veel meer armslag geven om het telefoon– en internetverkeer af te tappen. Daartoe wordt de uit 2002 daterende Wet op de inlichtingen– en veiligheidsdiensten drastisch herzien
Gov't pushing to elevate cyber warfare into military operations (Korea Herald) The government has been pushing to categorize cyberspace operations as de facto military ones under the control of the Joint Chiefs of Staff (JCS) commander as part of efforts to boost capabilities to counter growing security threats online, defense ministry officials said Monday
AP Sources: Hagel resigning as Defense secretary (AP) Defense Secretary Chuck Hagel is stepping down from President Barack Obama's Cabinet, senior administration officials said Monday, following a tenure in which he has struggled to break through the White House's insular foreign policy team
ODNI, DOD Update Proposed Budget for FY 2015 Intelligence Programs (ExecutiveGov) The Office of the Director of National Intelligence and Defense Department have released updated budget request figures for their respective intelligence programs in fiscal 2015 to include revised appropriations for overseas contingency operations
Cybersecurity was missing in action on Election Day (The Hill) In the run-up to the recent election, there were many discussions of issues like the Islamic State in Iraq and Syria (ISIS), immigration, the Ebola virus and the Keystone XL pipeline, just to name a few. The one area missing from the pre-election dialogue: a serious discussion about cybersecurity
A divided GOP wrestles with national security and civil liberties (SFGate) The coming Republican majority in Congress will have another debate to add to the pile of questions about how it will run Capitol Hill. After voting down a reform of national security laws, GOP Senate forces need to come up with their own rules governing domestic spying, civil liberties and antiterrorism
Rand Paul's Anti-NSA Campaign Backfires (Right Side News) Michael Hirsh is a Politico reporter who occasionally stumbles on the truth. In a piece on how the anti-NSA campaign has run out of gas, he says the critics of the intelligence agency have failed to come up with "actual instances of state abuse of surveillance" in the United States
CIA Director John Brennan considering sweeping organizational changes (Washington Post) CIA Director John Brennan is considering sweeping organizational changes that could include breaking up the separate spying and analysis divisions that have been in place for decades to create hybrid units focused on individual regions and threats to U.S. security, current and former U.S. intelligence officials said
Should the Central Intelligence Agency be less centralized? (Washington Post) Elsewhere in The Washington Post, intrepid intelligence reporter Greg Miller has quite the scoop about a proposed reorganization of the CIA
EFF Joins the Call for a NIST We Can Trust (EFF) It's looking like we might be on the brink of another crypto war. The first one, in the 90s, was a misguided attempt to limit the public's access to strong, secure cryptography. And since then, the reasons we need the good security provided by strong crypto have only multiplied. That's why EFF has joined 20 civil society organizations and companies in sending a letter to the National Institute of Standards and Technology (NIST) to "re-emphasize the importance of creating a process for establishing secure and resilient encryption standards, free from back doors or other known vulnerabilities"
Campaign Seeks to Dry Out the National Security Agency (TruthDig) "The American surveillance state has an Achilles Heel," organizers of the OffNow campaign say. "We can thwart mass surveillance without relying on Congress or [the] Supreme Court" by passing legislation that stops "the flow of state supplied water and electricity to federal agencies conducting mass, warrantless surveillance"
For Army cyber, it's on-the-job training (FCW) The command sergeant major who is helping the Army develop its new branch for cybersecurity issues is confident that, despite the organizational challenges, the command can meet Army leaders' expectations for improving the service's cybersecurity capabilities
Leaders monitor burnout among intel analysts (Air Force Times) They stay up all night and chug too many energy drinks. They have psychiatrists and chaplains on call, and a therapy dog named Lily
Litigation, Investigation, and Law Enforcement
16 webcam hijacking suspects arrested in wake of bedroom-peeping (Naked Security) An international bust of people illegally using remote-access Trojans (RATs) to hijack people's webcams last week led to the arrest of 16 people across Europe
Convicted ID Thief, Tax Fraudster Now Fugitive (KrebsOnSecurity) In April 2014, this blog featured a story about Lance Ealy, an Ohio man arrested last year for buying Social Security numbers and banking information from an underground identity theft service that relied in part on data obtained through a company owned by big-three credit bureau Experian. Earlier this week, Ealy was convicted of using the data to fraudulently claim tax refunds with the IRS in the names of more than 175 U.S. citizens, but not before he snipped his monitoring anklet and skipped town