We begin with Network World and a big thumbs down:
Proposal for altered data retention law is still unlawful, Dutch DPA says
The Dutch government’s proposed revision of the country’s data retention law is not enough to bring it into compliance with a recent European Union court ruling, the Dutch privacy watchdog said Monday.
An effort by the Dutch government to adjust a law requiring telecommunications and Internet companies to retain their customers’ location and traffic metadata for investigatory purposes should be dropped, as the infringement of the private life of virtually all Dutch citizens is too great, the Dutch Data Protection Authority (DPA) said on Monday.
The Dutch government is looking to change data retention obligations for telephone and Internet communications operators following a decision last year by the Court of Justice of the European Union (CJEU). The court invalidated the European data retention directive, on which the Dutch law is based, because it violates fundamental privacy rights.
From SecurityWeek, a record year:
Records Compromised in Data Breaches Skyrocketed in 2014: Research
Security firm Gemalto released a report on 2014 data breaches recently and the news was not good.
In its latest Breach Level Index report, the company revealed that one billion records were compromised last year in more than 1,500 data breaches worldwide. Compared to 2013, those numbers are an increase of nearly 80 percent in terms of data records and more than 40 percent in terms of breaches overall.
Gemalto’s Breach Level Index calculates the severity of data breaches across multiple dimensions based on breach disclosure information. Among the notable attacks included in the report are the Home Depot breach, the attack on JP Morgan Chase and the attack on eBay.
While Threatpost covers a massive cabal:
Massive, Decades-Long Cyberespionage Framework Uncovered
Researchers at Kaspersky Lab have uncovered a cyberespionage group that has been operating for at least 15 years and has worked with and supported the attackers behind Stuxnet, Flame and other highly sophisticated operations. The attackers, known as the Equation Group, used two of the zero days contained in Stuxnet before that worm employed them and have used a number of other infection methods, including interdicting physical media such as CDs and inserting their custom malware implants onto the discs.
Some of the techniques the group has used are closely associated with tactics employed by the NSA, specifically the interdiction operations and the use of the LNK vulnerability exploit by Stuxnet.
The Equation Group has a massive, flexible and intimidating arsenal at its disposal. Along with using several zero days in its operations, the attack crew also employs two discrete modules that enable them to reprogram the hard drive firmware on infected machines. This gives the attackers the ability to stay persistent on compromised computers indefinitely and create a hidden storage partition on the hard drive that is used to store stolen data. At the Security Analyst Summit here Monday, researchers at Kaspersky presented on the Equation Group’s operations while publishing a new report that lays out the inner workings of the crew’s tools, tactics and target list. The victims include government agencies, energy companies, research institutions, embassies, telecoms, universities, media organizations and others. Countries targeted by this group include Russia, Syria, Iran, Pakistan, China, Yemen, Afghanistan, India but also US and UK, between and several others.
And CBC News covers an even bigger data thief:
NSA hid spying software in hard drive firmware, report says
- Government, military in Iran, Russia, Pakistan, Afghanistan targeted
The U.S. National Security Agency has figured out how to hide spying software deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers, giving the agency the means to eavesdrop on the majority of the world’s computers, according to cyber researchers and former operatives.
That long-sought and closely guarded ability was part of a cluster of spying programs discovered by Kaspersky Lab, the Moscow-based security software maker that has exposed a series of Western cyberespionage operations.
Kaspersky said it found personal computers in 30 countries infected with one or more of the spying programs, with the most infections seen in Iran, followed by Russia, Pakistan, Afghanistan, China, Mali, Syria, Yemen and Algeria. The targets included government and military institutions, telecommunication companies, banks, energy companies, nuclear researchers, media, and Islamic activists, Kaspersky said.
From Al Jazeera America, the latest European incident:
Police arrest two on suspicion of aiding Copenhagen shooter
- The gunman opened fire on a cafe hosting a free speech debate and attacked a synagogue, killing two
Danish police said Monday they have arrested two people on suspicion of aiding a gunman in deadly attacks during the weekend on a synagogue and an event promoting free speech, violence that has shocked a nation proud of its reputation for safety and openness.
The two men arrested over the weekend are “suspected of helping the perpetrator by giving him advice and assistance in connection with the shootings at Krudttøndenre and Krystalgade,” police said in a statement issued Monday, referring to the locations of the attacks.
A Copenhagen judge later remanded the two suspects to 10 days’ detention.
And CNN covers the shooter:
Denmark terror suspect swore fidelity to ISIS leader on Facebook page
The man suspected of killing two people in Copenhagen swore fidelity to ISIS leader Abu Bakr al-Baghdadi in a posting made on what’s apparently his Facebook page just before the weekend shooting spree.
The post pledges “allegiance to Abu Bakr in full obedience in the good and bad things. And I won’t dispute with him unless it is an outrageous disbelief.”
The suspect in Saturday’s attack has been named as Omar Abdel Hamid El-Hussein, a senior member of the Danish government said. Police have not formally identified the gunman, who opened fire at a free speech forum in Copenhagen on Saturday before shooting several people outside a synagogue and then firing at police. Police killed him in the shootout.
The Washington Post covers another generator of European angst:
UK man charged with attempting to obtain chemical weapon
British police say a man from northwest England has been charged with trying to obtain a chemical weapon.
Greater Manchester Police says Mohammed Ammer Ali, from Liverpool, was arrested after officers raid properties in the city last week as part of a counter-terrorism operation.
He is charged with attempting to have a chemical weapon in his possession between Jan. 10 and Feb. 12.
Ali, who is 31, is due to appear in a London court Tuesday.
And from Deutsche Welle, echoes of the past:
French teens detained for vandalizing Jewish graves
- Investigators have detained five teenagers in connection with the vandalizing of Jewish graves in a cemetery in eastern France. The incident, amid rising anti-Semiticism in France, followed the attacks in Copenhagen
The five suspects detained by French police on Monday are aged between 15 and 17, Philippe Varnier, the prosecutor of the eastern Bas-Rhin region, told a news conference.
All five are from the region of Sarre-Union in Alsace, where some 250 Jewish tombs were defaced and damaged on Thursday.
Vannier said the youngest of the teenagers had gone to police after being shocked at the worldwide reaction to the incident, in which tombs were uprooted or turned around, vaults opened and a monument to the Holocaust vandalized.
“Apparently, he was very very affected by the scale of the reaction to this affair, including the statements from the hightest state authorities,” Vannier told reporters, adding that the boy had denied any anti-Semitic motive.
After the jump, a truce disintegrates in Ukraine, the apocalyptic eschatology ideology of ISIS, the U.S. takes the lead in the Boko Haram fight, Nigerian troops retake two Boko Haram-held towns, while Boko Haram attacks a Cameroonian army base, Yemeni Shiite rebels eye the oil fields, European Jewish leaders reject Netanyahu’s summons, a Netanyahu coalition partner denies Palestinian statehood or a land return, an Indian newspaper closed for reprinting a Charlie Hebdo cartoon, Japan’s Shinzo Abe uses Hormuz Straits minesweeping to push remilitarization, and Abe reaffirms his implacable push for remilitarization while Japan ups the fees for foreigners spying on Japanese corporations. . . Continue reading