Monday, October 07, 2013

Cyber Security News and Education for the Week of October 7, 2013

Cyber Security News of the Week  
From our friends at Citadel Information Group

Cyber Crime

Adobe Breached, Acrobat and ColdFusion Code Stolen along with 2.9M Customer Records: Attackers accessed customer IDs, encrypted passwords as well as source code for a number of Adobe products, Adobe chief security officer Brad Arkin announced. ThreatPost, October 3, 2013

Data Broker Hackers Also Compromised NW3C: The same miscreants responsible for breaking into the networks of America's top consumer and business data brokers appear to have also infiltrated and stolen huge amounts of data from the National White Collar Crime Center (NW3C), a congressionally-funded non-profit organization that provides training, investigative support and research to agencies and entities involved in the prevention, investigation and prosecution of cybercrime. KrebsOnSecurity, October 1, 2013

Cyber Privacy

N.S.A. Gathers Data on Social Connections of U.S. Citizens: WASHINGTON - Since 2010, the National Security Agency has been exploiting its huge collections of data to create sophisticated graphs of some Americans' social connections that can identify their associates, their locations at certain times, their traveling companions and other personal information, according to newly disclosed documents and interviews with officials. The New York Times, September 28, 2013

Cyber Security Management

4TH CYBERSECURITY FRAMEWORK WORKSHOP: GOOD NEWS AND BAD NEWS: I had a chance to visit a number of industrial events this year and can see the evolution of cybersecurity in the industrial field. One of these was the 4th National Institute of Standards and Technology's (NIST) Cybersecurity Framework Workshop (CFW). Kaspersky was in attendance at the previous events, but the main difference with this one, was that now we had sponsors. ThreatPost, September 30, 2013

PCI Community Prepares For New Standards Release: LAS VEGAS, 26 September 2013 - Today the PCI Security Standards Council (PCI SSC), an open, global forum for the development of payment card security standards, announced the close and recap of its seventh Annual North American PCI Community Meeting. The forum provides PCI Participating Organizations and assessors the opportunity to come together and discuss the latest updates and challenges in payment card security. DarkReading, September 27, 2013

Survey results reveal both IT pros' greatest fears and apparent needs: September 18, 2013 - IT professionals have plenty to worry about, according to recent survey results published by eIQNetworks. The survey, which asked 272 IT decision makers what keeps them up at night, shed some light on how much room some security teams have for improvement and why they're facing so many challenges in the first place. CSO, September 18, 2013

The CFO's critical role in promoting cybersecurity: September 09, 2013 - As a steady flow of headlines reinforces with troubling regularity, the importance of cyber security for the world's large businesses cannot be overstated. It was therefore no surprise that at a recent event for Chief Financial Officers hosted by Consero Group, the topic of cyber security captured quite a bit of attention. During one session in particular, Gary Loveland of PricewaterhouseCoopers and Alan Stewart of Epsilon Systems provided a useful cyber security framework for today's Fortune 1000 CFOs. CSO, September 9, 2013

National Cyber Security

US spy chief: Shutdown 'damaging': Senior US intelligence officials have warned the shutdown of the US government "seriously damages" spy agencies' ability to protect the US. BBC, October 2, 2013

Shutdown could test IT security at federal agencies: Computerworld - A government shutdown that lasts more than a few days could test the ability of federal agencies to protect their information systems against security threats. ComputerWorld, October 1, 2013

Qaeda Plot Leak Has Undermined U.S. Intelligence: WASHINGTON - As the nation's spy agencies assess the fallout from disclosures about their surveillance programs, some government analysts and senior officials have made a startling finding: the impact of a leaked terrorist plot by Al Qaeda in August has caused more immediate damage to American counterterrorism efforts than the thousands of classified documents disclosed by Edward Snowden, the former National Security Agency contractor. The New York Times, September 29, 2013


Stan Stahl Radio Interview - CallToni: Watch now as cyber security expert Stan Stahl gives you his two sense on cyber crime and how to be protected. CallToni Radio, October 1, 2013

ISSA-LA October Lunch Meeting: Topic: How threat actors are using your databases against you - Hacking databases to maintain access to your network. October 16, 2013

Cyber Misc

Commerce In A World Without Trust: Trust is kind of a squishy concept. If you refer back to the definition from our pals at Merriam-Webster, trust is the "belief that someone or something is reliable, good, honest, effective, etc." Reliable? Honest? Sounds great, right? DarkReading, September 29, 2013

Cyber Sunshine

Feds Take Down Online Fraud Bazaar 'Silk Road', Arrest Alleged Mastermind: Prosecutors in New York today said that federal agencies have taken over the Silk Road, a sprawling underground Web site that has earned infamy as the "eBay of drugs." On Tuesday, federal agents in San Francisco arrested the Silk Road's alleged mastermind. Prosecutors say 29-year-old Ross William Ulbricht, a.k.a "Dread Pirate Roberts" (DPR), will be charged with a range of criminal violations, including conspiracy to commit drug trafficking, and money laundering. KrebsOnSecurity, October 2, 2013

Silk Road: How FBI closed in on suspect Ross Ulbricht: US authorities believe that 29-year-old Ross William Ulbricht, arrested on Wednesday, is Dread Pirate Roberts (DPR) - the administrator of the notorious Silk Road online marketplace. BBC, October 2, 2013's Security Recruiter Blog