************************** SPONSORED BY SANS **********************
Needle in a Haystack? Getting to Attribution in Control Systems, featuring SANS instructor and infrastructure security expert, Matt Luallen http://www.sans.org/info/97061 Wednesday, February 22, 2012 at 1:00 PM EDT
--SANS North American SCADA 2012, Lake Buena Vista, FL January 21-29, 2012 Gain the most current information regarding SCADA and Control System threats and learn how to best prepare to defend against them. Hear what works and what doesn't from peer organizations. Network with top individuals in the field of SCADA security. Return from the summit with solutions that you can immediately put to use in your organization. Pre-Summit courses: January 21-25, 2012 Summit: January 26-27, 2012 Post-Summit Courses: January 28-29, 2012 http://www.sans.org/north-american-scada-2012/
--SANS Monterey 2012, Monterey, CA January 30-February 4, 2012 6 courses. Bonus evening presentations include Who Do You Trust? SSL and TLS Under Attack; and IOS Programming Demo. http://www.sans.org/monterey-2012/
--SANS Phoenix 2012, Phoenix, AZ February 13-18, 2012 7 courses. Bonus evening presentations include Desktop Betrayal: Exploiting Clients Through the Features They Demand; and Windows Exploratory Surgery with Process Hacker. http://www.sans.org/phoenix-2012/
--SANS Secure Singapore 2012, Singapore, Singapore March 5-17, 2012 5 courses. Bonus evening presentations include Introduction to Windows Memory Analysis; and Why Our Defenses are Failing Us: One Click is All It Takes ... http://www.sans.org/singapore-2012/
SANS Mobile Device Security Summit: The Growing and Constantly Changing Challenge, Nashville, TN March 12-15, 2012 Summit: March 12-13, 2012 Post-Summit Courses: March 14-15, 2012 Mobile device security experts and practitioners will discuss the best approaches to this new and evolving challenge. Organizations who have developed successful mobile device security programs will share how they developed and gained management support for their plans. http://www.sans.org/mobile-device-security-summit-2012/
--SANS 2012, Orlando, FL March 23-29, 2012 42 courses. Bonus evening presentations include Exploiting Vulnerabilities: 60 Minutes from Discovery to Exploit; Evolving Threats; and Harbinger of Evil: The Forensic Art of Finding Malware. http://www.sans.org/sans-2012/
--SANS Northern Virginia 2012, Reston, VA April 15-20, 2012 7 courses. Bonus evening presentations include Linux Forensics for Non-Linux Folks; and Who Do You Trust? SSL and TLS Under Attack http://www.sans.org/northern-virginia-2012/
--SANS Cyber Guardian 2012, Baltimore, MD April 30-May 7, 2012 11 courses. Bonus evening presentations include Ninja Assessments: Stealth Security testing for Organizations; and Adjusting Our Defenses for 2012. http://www.sans.org/cyber-guardian-2012/
Legislators Dropping Support for PIPA and SOPA (January 18, 2012)
More US legislators have announced that they are withdrawing their support for the house's Stop Online Piracy Act (SOPA) and the Senate's Protect IP Act (PIPA). Citing concerns that the bills have moved forward too fast and that their provisions were overly-broad and heavy handed, legislators in both houses and on both sides of the aisle are moving away from support of the controversial legislation. Some on those who have withdrawn support were originally co-sponsors of the measures. Wikipedia and other websites went dark on Wednesday, January 18 in protest of the bills. -http://www.scmagazine.com/senators-change-sides-on-sopapipa-issue/article/223719 / -http://arstechnica.com/tech-policy/news/2012/01/pipa-support-collapses-with-13-n ew-opponents-in-senate.ars [Editor's Note (Murray): Well, it sounded better than it reads. Evening news last night suggested that many legislators were blaming staff for the mess they find themselves in. I am afraid that new Congressional opponents of this obnoxious proposal do not understand it any better now than they did when they supported it. The opposition is populist. The support is from a kitty of tens of millions of dollars. Jingoistic ads supporting the proposal were all over TV today. The race is not always to the swift or the legislation to the MPAA, RIAA, and K Street but that is how the smart money bets.]
************************** SPONSORED LINKS *************************** 1) Take the SANS 8th Annual Log and Event Management Survey and be entered to win a $250 American Express gift card. Follow this link to the survey:http://www.sans.org/info/96596
2) Take the SANS First Annual Mobility Survey and be entered to win a $250 American Express gift card. Follow this link to the survey: http://www.sans.org/info/96601 ************************************************************************
THE REST OF THE WEEK'S NEWS
McAfee to Patch Spamming Vulnerability in SaaS Total Protection Service (January 18 & 19, 2012)
US Supreme Court Declines to Consider Student Social Media Free Speech Cases (January 17, 2012)
The US Supreme Court has declined to review cases involving social media and free speech issues surrounding schools and punishment. In two of the cases, lower courts had ruled that students who had set up phony social media profiles for their principals could not be punished. In another, the lower court had allowed punishment of a student for making fun of a classmate online. Those bringing the cases before the court hoped that they would receive some guidance, because a 1969 ruling says that schools may not punish non-disruptive political speech and a 1986 ruling says that school administrators may punish students for lewd or vulgar speech. -http://www.sfgate.com/cgi-bin/article.cgi?f=/g/a/2012/01/17/bloomberg_articlesLX Y7590YHQ0X01-LXY75.DTL -http://www.wired.com/threatlevel/2012/01/scotus-student-social-media/ [Editor's Note (Murray): Young people often interpret the idea of "free speech" to mean that no authority can censure of sanction them for what they say. However, while the First Amendment restricts what the state can do, they can still be punished by non-state actors such as parents, churches, and some schools. "Public" schools may be problematic when they attempt to implement government policy. ]
Man Arrested and Charged in Federal Reserve Bank of New York Source Code Theft (January 18 & 19, 2012)
Prison Time for Man Who Stole Patient Database From Former Employer (January 17, 2012)
An Atlanta, Georgia, man has been sentenced to 13 months in prison for breaking into a former employer's patient database and stealing the information. Eric McNeal is an information technology specialist who had worked for the APA medical practice in Atlanta. When he left in November 2009 to work for a similar practice in the same building, he broke into APA's computer system from his home, downloaded the patient database and deleted all the information from APA's system. McNeal began recruiting the patients, by mail, to move to the new practice where he was employed. -http://www.informationweek.com/news/healthcare/security-privacy/232400459
Virginia Middle School Students Wreaked Havoc on Blackboard Application (January 13, 2012)
Authorities in Virginia say that two Fairfax county middle school students managed to get their hands on passwords that allowed them access to an application used throughout the county school district. The two boys allegedly erased content from Blackboard, which teachers use to post assignments, have discussions, and communicate with parents. It also appears that the students used Blackboard to send offensive messages to students; the messages were spoofed so that they appeared to come from teachers. Blackboard has been the site of trouble in the district before. In 2010, a nine-year-old student erased content and changed administrators' passwords. -http://www.washingtonpost.com/local/education/fairfax-officials-2-lake-braddock- students-stole-passwords-erased-school-data/2012/01/13/gIQArRuExP_story.html?tid =pm_local_pop [Editor's Note (Pescatore): Google has taken some small steps in encouraging Google apps users to use "two step verification" as a fairly painless way of moving away from reusable passwords as the sole means of authentication. Any software sold into schools, power plants, fast food retail, etc. ought to be offering the same capabilities - ideally as the default, with admin explicit action required to drop back to reusable passwords. ]
John Pescatore is Vice President at Gartner Inc.; he has worked in computer and network security since 1978.
Stephen Northcutt founded the GIAC certification and is President of STI, The Premier Skills-Based Cyber Security Graduate School, www.sans.edu.
Dr. Johannes Ullrich is Chief Technology Officer of the Internet Storm Center and Dean of the Faculty of the graduate school at the SANS Technology Institute.
Ed Skoudis is co-founder of InGuardians, a security research and consulting firm, and author and lead instructor of the SANS Hacker Exploits and Incident Handling course.
William Hugh Murray is an executive consultant and trainer in Information Assurance and Associate Professor at the Naval Postgraduate School.
Rob Lee is the curriculum lead instructor for the SANS Institute's computer forensic courses (computer-forensics.sans.org) and a Director at the incident response company Mandiant.
Rohit Dhamankar is a security professional currently involved in independent security research.
Tom Liston is a Senior Security Consultant and Malware Analyst for InGuardians, a handler for the SANS Institute's Internet Storm Center, and co-author of the book Counter Hack Reloaded.
Dr. Eric Cole is an instructor, author and fellow with The SANS Institute. He has written five books, including Insider Threat and he is a founder with Secure Anchor Consulting.
Ron Dick directed the National Infrastructure Protection Center (NIPC) at the FBI and served as President of the InfraGard National Members Alliance - with more than 22,000 members.
Mason Brown is one of a very small number of people in the information security field who have held a top management position in a Fortune 50 company (Alcoa). He is leading SANS' global initiative to improve application security.
David Hoelzer is the director of research & principal examiner for Enclave Forensics and a senior fellow with the SANS Technology Institute.
Alan Paller is director of research at the SANS Institute.
Marcus J. Ranum built the first firewall for the White House and is widely recognized as a security products designer and industry innovator.
Clint Kreitner is the founding President and CEO of The Center for Internet Security.
Brian Honan is an independent security consultant based in Dublin, Ireland.
David Turley is SANS infrastructure manager and serves as production manager and final editor on SANS NewsBites.
Please feel free to share this with interested parties via email, but no posting is allowed on web sites. For a free subscription, (and for free posters) or to update a current subscription, visit http://portal.sans.org/
I have never seen such high quality training, distilled to a perfected message, and compressed into a timeframe that any organization should willingly commit employee time to taking as a risk reduction strategy. -- Jim Richards III