Welcome to another edition of our Weekly Rewind – where we summarize all our posts from the last week. The top stories this week were 3) “Encrypting Tweets for Your Fun & Not Profit”, 2) “ShmooCon 2013 FireTalks – CFP”, and 1) “CIA Laptop Breached, DHS XSSed by ‘Game Over’ ”. If you missed anything or happened to be offline, we hope you find this summary post useful as a quick reference.
A la Schneier … you can also use this rewind post to talk about the security stories in the news that we haven’t covered.
ShmooCon 2013 FireTalks – CFP: Although many of the details are still being worked out we wanted to put out a quick post to announce the ShmooCon 2013 FireTalks CFP. This year we are planning on having between five and eight 15-minute speaking slots each night depending on the final discussions the ShmooCon team. (continued here)
Encrypting Tweets for Your Fun & Not Their Profit: This morning Mikko “@mikko” Hypponen put out an encrypted tweet with the message indicating that you needed a TS/SCI with Poly clearance to read it. Dan “@dakami” Kaminsky followed up with the idea of possibly creating an encrypted tweet mechanism. Now there’s an idea… Right now companies like Twitter and Facebook make money off of the content we give to them. If there was an easy way to encrypt and decrypt that same content, could their business models fall apart? Have any tools that you use to encrypt tweets? Let us know in the comments below. (continued here)
ShmooCon Speaker Line Up Announced: The 15th of December has come and gone and The Shmoo Group has officially announced the speakers for the upcoming hackfest taking place in our very own Washington, DC. With a new “BELYAT IT” track replacing the longstanding “BREAK IT” track to focus more on strategic/long term topics, it’s sure to be a conference much different from previous years. A few local folks that made the elite list include Michael “@theprez98” Schearer and David “@darthnull” Schuetz. Congrats guys! If there’s anyone else that we missed let us know in the comments. What are you looking forward to seeing? Let us know in the comments below. (continued here)
ShmooCon Epilogue 2013 CFP: Just a little reblog action here to get the word out… For the second year in a row the NoVA Hackers Association (aka, NoVA Hackers) will be holding their ShmooCon Epilogue conference the Monday following ShmooCon. Hopefully, it’s not too late to extend those travel plans! With a little bit of effort … we can sorta make ShmooCon last a little longer…(continued here)
US Justice Department Plans Indictments Against Cyber Hackers: In an attempt to fight the ever-increasing foreign cyber attacks on US companies, the US Department of Justice intends on using criminal prosecutions as a defense tactic. This could be a step in the right direction, as Chinese state-sponsored hackers have been very persistent in their attacks against US organizations without real consequence. The Justice Department is training more than 100 prosecutors to take on the task, and is looking to indict actual hackers, as well as government officials. Do you think that indictments are the solution to cyber attacks? Post your comments below. (continued here)
CIA Laptop Breached, DHS XSSed by “Game Over”: Cyber War News is reporting a malicious hacker that goes by the name of Game Over breached a CIA agent’s laptop. The documents leaked range from terrorist information to vice president visits. The leak occurred about a month ago however it’s just now being more widely discussed. What are your thoughts on the “Game Over” hacking? Post your comments below. (continued here)
Yet Another Government Cybersecurity Review: The Government Accounting Office (GAO) is analyzing the US cybersecurity strategy for its effectiveness in protecting government IT and critical information infrastructures. The report is due to be completed in late January 2013 with recommendations to Congress and the Obama administration on how to improve IT security. What do you think the GAO review will determine? Post your comments below. (continued here)
The TV Is NOT Watching You … Mostly Likely: I’ve been following this story regarding the vulnerability in Samsung’s Smart TVs over the past week… Basically someone could remotely access your TV via port 80 to perform a number of nefarious activities (e.g., controlling the TV a la a virtual remote control, watching you watch TV, and accessing data on an attached USB drive). Although this is an awesome find, I tend to look at things from more of a risk perspective. Do you think this vulnerability is worth getting all in a big fuss about? Let us know in the comments below. (continued here)
Hope everyone had a wonderful week. Have a great weekend and a happy holiday!