Top 10 Stories

Launch of the Cybersecurity Framework Today the Obama Administration is announcing the launch of the Cybersecurity Framework, which is the result of a year-long private-sector led effort to develop a voluntary how-to guide for organizations in the critical infrastructure community to enhance their cybersecurity. Through the development of this Framework, industry and government are strengthening the security and resiliency of critical infrastructure in a model of public-private cooperation.  Over the past year, individuals and organizations...

Europe calls time on US stewardship of the internet ZDNet - The European Commission has published proposals aimed at weakening US control of key parts of the internet. According to the EC, revelations about "large-scale surveillance" by the US National Security Agency have "called into question the stewardship of the US when it comes to internet governance".

Utopia drugs market forced off Tor by Dutch police BBC - An online marketplace used to promote the sale of illegal drugs, weapons and hacking tools has been forced offline by the Dutch National Police force. Utopia was launched last week and was hidden to the public unless they used software to access Tor - an otherwise invisible layer of the net.

U.S. to offer companies broad standards to improve cybersecurity Reuters - The U.S. government is expected on Wednesday to release the final version of voluntary standards meant to help U.S. companies in nationally critical industries better protect themselves against cyber attacks. Criticized in earlier drafts for being too vague and toothless, the so-called cybersecurity framework attempts to turn a vast amount of industry input into guidelines designed for 16 different sectors whose disruption could be...

Hacking Team and the Targeting of Ethiopian Journalists CitizenLab: Ethiopian Satellite Television Service (ESAT) is an independent satellite television, radio, and online news media outlet run by members of the Ethiopian diaspora. In the space of two hours on 20 December 2013, an attacker made three separate attempts to target two ESAT employees with sophisticated computer spyware, designed to steal files and passwords, and intercept Skype calls and instant messages.  The spyware communicated with an IP...

Volunteer CISOs Help Small Businesses Gov Info Security: A new program in Howard County, Md., is offering small and midsize businesses the opportunity to work with area chief information security officers who are volunteering to offer free advice on a variety of security issues to help mitigate cyber-attack risks.  

Guardian - The Bank of England has launched an internal inquiry into allegations that its officials endorsed sharing of information between traders in the foreign exchange market, the central bank's deputy governor told MPs. The inquiry will examine claims that at a meeting between Bank officials and senior currency traders last April the officials said it was permissible for traders in different banks to share information about clients' positions ahead of the setting of a benchmark rate in...

Infosecurity - Although there are still major challenges in executing data encryption policies, the use of encryption continues to grow in response to consumer concerns, privacy compliance regulations and ongoing data breaches in the headlines. The 2013 Global Encryption Trends Study, written by the Ponemon Institute and sponsored by Thales, reveals that there has been a steady increase in the deployment of encryption solutions used by organizations over the past nine years, with 35% of organizations...

Canoe - More than 700 debit cards in Canada have been compromised after hackers used malware to target debit machines in stores, a new report from a U.S. cyber intelligence firm says. The latest strain is called JackPOS and was detected several days ago, the firm IntelCrawler says, but victims' cards may have been compromised more than 18 days ago.

Net Security - Prolexic Technologies issued a high alert DDoS attack threat advisory on the DNS Flooder v1.1 toolkit. The toolkit makes it faster and easier for malicious actors to launch crippling reflection attacks and will likely be widely adopted in the DDoS-as-a-Service market, potentially increasing the number of attacks.   This new toolkit enables malicious actors to purchase, set up and use their own DNS servers to launch reflection attacks without the need to...