Ars Technica calls Red October an espionage "Swiss Army knife," and Kaspersky discussed details of the campaign's 1000 malware modules. Romanian intelligence services think Red October was used principally to steal information on state policy.
General William Shelton, US Air Force Space Command head, describes Iranian cyber capabilities as a "force to be reckoned with," and attributes Iran's new proficiency to its response to Stuxnet. Cyber warfare appears to be escalating in the Korean peninsula as well. Anonymous announces support for the Zapatistas, and subjects Mexico's Defense Department to a denial-of-service attack.
Several new online threats circulate, affecting users of Skype, the US Electronic Federal Tax Payment System, Apple SMS, okCupid, and Red Cross sites. Physical loss of poorly secured devices continues to raise problems for the health care sector. Goold Health Systems and the University of Washington are recent victims.
HP considers selling Autonomy and HP's EDS unit. TeaMp0isoN hacktivist celebrity Junaid Hussein, a.k.a. TriCk, is out of prison and says he's going straight, offering white hat hacking services. Packet Storm offers bug hunters $7000 bounties for zero-days.
Infosec island asks a good question: how well do organizations secure the personal information of unsuccessful job applicants?
Boeing's Dreamliner isn't a cyber story, but it's an interesting case study in the consequences aggressive outsourcing has for quality control.
Statisticians find ways of identifying anonymous medical information. The US Army is researching ways of attacking air-gapped SCADA systems.
Aaron Swartz's suicide continues to prompt reassessment of cyber legislation and prosecutorial discretion.
Today's issue includes events affecting Afghanistan, Australia, Bahrain, Canada, China, European Union, Germany, India, Indonesia, Iraq, Iran, Italy, Kenya, Kuwait, Lebanon, Malaysia, Mexico, Nigeria, North Korea, Qatar, Romania, Russia, Saudi Arabia, South Korea, Singapore, Spain, Thailand, Turkey, Venezuela, Iran, United Arab Emirates, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
Why Red October malware is the Swiss Army knife of espionage(Ars Technica) The Red October malware that infected hundreds of computer networks in diplomatic, governmental, and scientific research organizations around the world was one of the most advanced espionage platforms ever discovered, researchers with antivirus provider Kaspersky Lab have concluded. Its operators had more than 1,000 modules at their disposal, allowing them to craft highly advanced infections that were tailored to the unique configurations of infected machines and the profiles of those who used them
Inside the 1,000 Red October Cyberespionage Malware Modules(Threatpost) The Red October espionage malware campaign is providing security researchers with a deep dive into the complexity of targeted attacks, which in this case made use of more than 1,000 malware modules for everything from reconnaissance on targets to exfiltration of data to command and control servers
Costin Raiu on the Red October Cyberespionage Campaign(Threatpost) Costin RaiuDennis Fisher talks with Costin Raiu and Ryan Naraine about the newly uncovered Red October cyberespionage campaign that has targeted embassies, diplomats, research facilities and military targets for more than five years now. Raiu explains the origins of the campaign, where the attackers likely are located, the complexity and scale of the malware tools involved and what other components might be lurking undiscovered out there
Aggressor of cyber attack christened 'Red October' seeks to exfiltrate data on state policy(ACT Media) The impact of a cyber attack christened 'Red October' is determined both by the fact that the aggressor 'aims at exfiltrating data/documents on state policy and decisions taken at the level of some institutions, and that, by stealing access and authentication passwords, the aggressor could get access to other computer systems', spokesman of the Romanian Intelligence Service (SRI) Sorin Sava informed
Cyber warfare between Koreas, a warning for any cyber power(Security Affairs) Earlier this month is has been spread the news that South Korea is investing to improve the cyber capabilities of the country recruiting and training hackers to involve in the cyber defense due the increasing number of attacks suffered. A cyber attack hit recently the presidential transition team, in particular the press rooms server, but real extent of the damage caused by the event was not determined according the, Yonhap News Agency reports. The authorities has identified the servers used by the attackers, 17 units were located in 10 foreign countries and 2 systems have been found within the country
Anonymous launches attack on Mexico's Defense Department(CNet) Announcing its support of the Zapatista National Liberation Army, the hacking collective hits the government's defense Web site with a DDoS shutdown. Anonymous has set its sights on Mexico's Department of Defense. The group's Mexican legion has claimed responsibility for waging a distributed-denial-of-service attack on the government site, rendering it inoperable for several hours yesterday, according to the Associated Press
New Version of Shylock Malware Spreading Through Skype(Threatpost) There is a new version of the Shylock malware that is now capable of spreading through Skype. The new version is spreading mainly in the U.K., Europe and the U.S. and is playing off the fact that Microsoft is about to kill its Messenger application in favor of Skype
Bogus 'Payroll Declined' emails deliver malware(Help Net Security) A malicious email campaign impersonating the Electronic Federal Tax Payment System (EFTPS) - a service offered by the U.S. Department of the Treasury that allows taxpayers to make tax payments either
SMS spam threat targets Apple fans(Help Net Security) AdaptiveMobile today sheds light on the extent of a new global SMS spam threat. According to Ongoing Threat Analysis (OTA) which examines mobile security threats from around the world, consumers should
'Terrific Employee' Fired After Losing USB Drive Containing Medical Records(Threatpost) A Maine-based company announced Thursday it fired an otherwise exemplary employee who dowloaded medical data onto a jump drive and then lost the device while traveling between Salt Lake City, Denver and Washington, D.C. The unidentified woman's termination follows yesterday's disclosure of a data breach affecting 6,000 Medicaid recipients in Utah. Clair told The Salt Lake Tribune the contractor had difficulty downloading a patient report and decided to use the portable device, which is against the company's and the Utah Health Department's policies. She lost the device sometime last week."She was a terrific employee who made a mistake, a pharmacist who oversees the entire Utah account," said Jim Clair, CEO of the Goold Health Systems
Washington University School of Medicine Acknowledges Security Breach(eSecurity Planet) The Washington University School of Medicine in St. Louis recently announced that a physician's laptop was stolen at a conference in Argentina on November 28, 2012. The laptop, which was password-protected but not encrypted, contained information on approximately 1,100 patients, including patients' names, dates of birth, medical record numbers, diagnoses, and types and dates of surgery. Social Security numbers were also included for 39 of the patients
Many Fed smartphones have zero password protection(Help Net Security) A new report showcases increased security risks with mobile device usage within Federal government as adoption of smartphones and other mobile devices becomes more widespread. Sponsored by EMC, VMware
Important SCADA systems secured using weak logins, researchers find(CSO) Thousands of critical SCADA systems reachable from the Internet are secured by dangerously weak default passwords, a survey carried out with the help of the US Department of Homeland Security has found. According to a third-party report, Bob Radvanovsky and Jacob Brodsky of consultancy InfraCritical used scripts run through the Shodan search engine - 'Google for hackers' - to identify 7,200 vulnerable logins
Spear-Phishing Experiment Targets, Hooks Energy Firms(Dark Reading) More than one-fourth of utility employees in experiment fell victim to spearphishing emails. Spear-phishing is everywhere in targeted attacks today -- even in the SCADA/industrial control systems (ICS) world. A recent experiment involving two real-world utilities showed just how successful those types of campaigns can be: Twenty-six percent of utility employees clicked on a link in the phony emails
Facebook scams and why users fall for them(Help Net Security) The two main reasons why scammers are grateful for Facebook's existence are the fact that they can easily access a great number of people in a short period of time, and the fact that victims often end
Planet Blue Coat: Mapping Global Censorship and Surveillance Tools(Citizenlab) Blue Coat Devices capable of filtering, censorship, and surveillance are being used around the world. During several weeks of scanning and validation that ended in January 2013, we uncovered 61 Blue Coat ProxySG devices and 316 Blue Coat PacketShaper appliances, devices with specific functionality permitting filtering, censorship, and surveillance. 61 of these Blue Coat appliances are on public or government networks in countries with a history of concerns over human rights, surveillance, and censorship (11 ProxySG and 50 PacketShaper appliances). We found these appliances in the following locations: Blue Coat ProxySG: Egypt, Kuwait, Qatar, Saudi Arabia, the UAE. PacketShaper: Afghanistan, Bahrain, China, India, Indonesia, Iraq, Kenya, Kuwait, Lebanon, Malaysia, Nigeria, Qatar, Russia, Saudi Arabia, South Korea, Singapore, Thailand, Turkey, and Venezuela
Security Patches, Mitigations, and Software Updates
Security vendors failing to tackle mobile malware, say CISOs(NetworkWorld) Malware is still the biggest threat to mobile security, but most mobile device management (MDM) strategies tend to focus on securing the physical device in case of loss of theft, rather than protecting from cyber threats, according to Peter Gibbons, head of Information Security at Network Rail. Speaking at the Infosecurity Europe 2013 press conference in London this week, Gibbons said that although mobile malware still only represents a tiny fraction of the total amount of malware in the world today, it is growing exponentially. Sooner or later someone is going it get it right and find a vulnerability in iOS or Android or Windows 8 - whatever it happens to be - and they're going to cause a significant loss of data through injected malware
What Would A Cyber Attack On A Major City Look Like?(Risk WatchDog) Let us imagine for scenario's sake that a cyber attack shut down the electricity grid of a major city in a major economy. This would create immediate problems, as people would lose the use of lighting and power in the first instance, and with it
What to expect in the world of IT in 2013(Computer World) [Registration required.] The economic recovery is moving at an unsteady pace, but the emphasis on cost-cutting that dominated IT agendas in recent years is sharing the spotlight with a more interesting imperative: innovation
Republicans Were Right: The Pentagon Should Have Sketched Out Budget Cuts(National Journal) The Pentagon would do well to take Republicans' advice: Determine, quickly, how many civilians would need to be furloughed and alert them. Inform industry about specific cutbacks so that they too can issue warnings about layoffs. Allowing the workers and contractors to panic is the last ammunition the Pentagon has to get Congress to compromise or change the law
Verizon's ICSA Labs Authorized by HHS to Certify Electronic Health Records(Executive Biz) A Verizon independent division, ICSA Labs, has been officially authorized by he Department of Health and Human Services to certify electronic health records, the company has announced. "Now that we are fully authorized and accredited to certify and test technology meeting the permanent Meaningful Use requirements, we are officially open for business," said Amit Trivedi, ICSA Labs health care program manager
Topological data analysis drives startup Ayasdi(Fierce Big Data) It took a couple of years to commercialize his topological data analysis technology and get funding, but Gunnar Carlsson launched his Palo Alto, Calif.-based startup Ayasdi yesterday with the promise of unlocking hidden patterns in vast amounts of data without the need to run queries
Will HP Sell Autonomy, EDS?(InformationWeek) HP has suitors for its troubled Autonomy and Enterprise Services units, WSJ reports. Autonomy sale would be easier for HP than selling EDS assets
Northrop Names Steve Hogan Logistics, Modernization Lead(Govconwire) Northrop Grumman (NYSE: NOC) has appointed Steve Hogan sector vice president and general manager of the integrated logistics and modernization division in the technical services sector, effective Jan. 26. The company said he will lead the division's three business units that focus on global logistics and modernization, systems logistics and modernization and operationally-responsive systems
Raytheon CIO Rebecca Rhoads to Lead New Shared Services Org(Govconwire) Raytheon (NYSE: RTN) has appointed Rebecca Rhoads, vice president and chief information officer, to lead a new organization responsible for deploying enterprise shared services across the company. The company said Rhoads will continue serving in her current roles along with leading the new global business services group. William Swanson, chairman and CEO, said Rhoads has
Exelis Names TASC, Northrop Vet Pamela Drew Info Systems Lead(Govconwire) ITT Exelis (NYSE: XLS) has appointed Dr. Pamela Drew president of the information systems business area, effective March 31. The company said she will succeed the retiring Mike Wilson and lead an area focused on system development, networking and radio frequency communications. Drew's team will be responsible for developing products in defense and intelligence systems
New task for CIOs: Make money(Computer World) [Registration required.] Sure, all CIOs seek to add value, but some are taking their quest outside the walls of the enterprise by targeting customers directly. CIO James Quinn was thinking more about customers than cash when he gave his IT team a task. His challenge to them: Find ways to deepen the level of engagement between PHI, a Lafayette, La. provider of helicopter services, and its customers, which include some of the world's biggest energy companies needing transport to oil rigs in the Gulf of Mexico
Did ZDI snub your 0-day attack? Packet Storm will buy it for $7k(The Register) Long-running computer security website Packet Storm has launched a bug bounty scheme to reward folks who find and report holes in software. Details of qualifying flaws will eventually be publicly disclosed. Under the new scheme, contributors will be typically paid anywhere between a few hundred dollars and $7,000 for exploits that enable miscreants to execute arbitrary code on vulnerable systems
Products, Services, and Solutions
SCADA Hackers Go On Defense(Dark Reading) ReVuln building SCADA 'shield,' and rolls out SCADA custom-patch service for its customers. One of the most prolific SCADA bug-finding research teams is building a prototype defensive technique for protecting industrial control systems they are best known for hacking
ThreatTrack 2.0 plugs malware holes in real-time(Help Net Security) GFI Software launched GFI ThreatTrack 2.0, the latest version of the security intelligence solution that provides users with visibility into the threat landscape. It produces a range of data streams
Microsoft AVs not good enough, says AV-Test(Help Net Security) AV-Test, the well-known independent organization that tests security software for home and corporate users, has released the results of the latest testing - and it's bad news for Microsoft
ObjectRocket launches MongoDB cloud service(Help Net Security) ObjectRocket launched its fast and scalable MongoDB database-as-a-service (DBaaS). The platform is specifically architected to provide a fast and predictable MongoDB environment
Brand Statements Tell Your InfoSec Story(infosec island) Listening to bad brand statements is like sitting through a bad movie or comedy skit. Well, not quite, since you can leave the theater in those cases without feeling too guilty. Yes, I am among those who stand politely as a vendor tries to sell me something without bothering to determine what I actually care about
Privacy Scares from the Ghosts of Job Applicants Past(infosec island) There is a topic that has been coming up, over and over and over again over the past 12 years, that Ive never seen addressed in other publications. What does your organization do with all the personal information you collect from job applicants? Consider a real situation I encountered around ten years ago
What's wrong with this picture? The NEW clean desk test(CSO) This workspace contains ten security mistakes. Can you spot the errors that put confidential information at risk? What do you notice about this workspace? Most desks hold sensitive documents and information that you don't want to get into the wrong hands. A little care and a few good habits can go a long way toward keeping everything secure
Bank of America CIO Says Simplification and Risk Reduction Are Keys to IT Success(CIO) Bank of America's Catherine Bessant talks about the advantages, and challenges, of being a non-technologist leading IT. She looks at the lessons she's learned from navigating the company's super-sized acquisitions. Bessant also talks about her team's bold plan to simplify dramatically the IT environment while reducing risk through design, aggressive training and more
The challenges of disaster recovery as a service(InfoWorld) Backing up your data and running your systems in the cloud is attractive -- but likely to fail if you don't treat it like a physical warm-site backup. By now, just about everyone is familiar with cloud-based backup services. Whether you're using simple file-based software tools or more complex image-based appliances, these services ship your data into secure cloud storage where it can be accessed at a moment's notice
Disaster recovery: Don't forget mobile(Computer World) [Registration required.] As the mobile workforce continues to grow, IT execs must remember an important new piece of their disaster recovery plans: mobile devices. SAP had two priorities when the earthquake and tsunami hit Japan in 2011: Contact its 1,000 employees there and ascertain their needs. Given the sheer scope of the devastation, and the subsequent nuclear crisis, the task would seem herculean. But SAP leaders quickly connected with their Japan-based workers, most of whom had mobile devices, either company-issued or their own
Design and Innovation
The Mind Of Google: Why Larry Page Argues That Thinking About Competition Is Silly(TechCrunch) "I worry that something has gone seriously wrong with the way we run companies," warns Google's CEO, Larry Page, about companies who focus on the competition. "How exciting is it to come to work if the best you can do is trounce some other company that does roughly the same thing? That's why most companies decay slowly over time." Page's fascinating interview
Army Looking for Ways to Infiltrate Air-Gapped Systems(Threatpost) Every time a story emerges up about malware popping up on an industrial control system or someone remotely hacking into some piece of critical infrastructure, there is a reliable and justifiable chorus of experts wagging their fingers and asking, "Why in the world was that system connected to the Internet in the first place?" At this point, pretty much everyone agrees that sensitive control systems should be air-gapped, or completely disconnected from the Internet. In this way, physical, human interaction should be the only way to access such systems, which is a considerable problem for those in the business of conducting cyberwarfare
What WWI fighter pilots can tell us about internet fame(Quartz) In a world where silly blog gimmicks* can make their way into the spotlight, and a wholly unremarkable girl from New Jersey can become a household name (at least in America), it often seems like fame has nil to do with merit. But obviously, this isn't always the case. The most famous basketball players are generally the highest scoring, and the best known scientists are generally the ones who've made the biggest contributions (or at least stolen some of the credit). In a recent study, two engineers from the University of California, Los Angeles attempted to quantify exactly what bearing personal achievement has on fame
Study: Learning Spanish With Duolingo Can Be More Effective Than College Classes Or Rosetta Stone(TechCrunch) Education is quickly moving online, but we haven't seen all that many studies that actually look into the effectiveness of these new forms of online learning. To see how its program performed, the language learning service Duolingo, founded by CAPTCHA inventor Luis von Ahn, commissioned a study (PDF)into the effectiveness of its program. The result, which even surprised von Ahn: it only takes a
Cybersecurity to be tertiary-level subject in India(ZDNet) Cybersecurity is set to be introduced as a subject in Indian universities and technical colleges, following recommendations made by the government task force. According to Times of India's report Thursday, the University Grants Commission (UGC) has written to all the vice chancellors in these institutions requesting them to introduce the subject of cybersecurity in the curriculum at both undergraduate and post-graduate levels. The UGC reviewed India's national security system and presented its report on May 31, 2012
Report: 'Connected learning' needed to address inequities in education(Fierce Government IT) There is a disconnect between classroom learning and the everyday lives and interests of many young people, alienating them from their schooling, according to a report from the Connected Learning Research Network. The 99-page report, authored by nine researchers and scholars, touts "connected learning" as an approach to addressing inequity in education by leveraging the potential of digital media to expand access to learning
Is 2013 Year Of The MOOC?(InformationWeek) Massive open online courses are forcing institutions to consider how to offer course credit and verify student identities
Legislation, Policy, and Regulation
Canada follows Australia in ditching UNSW ethical hacking report(SC Magazine) The Canadian Government has followed the Australian Government in side-stepping a report by a NSW University researcher that called for hacktivism to be regulated. Alana Maurushat from the University of NSW's law faculty argued in the report that ethical hacking should receive exemptions under law. She told SC in 2011 after she said the Australian Government rejected the report that current law left ethical hackers hanging
Europe considers a requirement to report data breaches(Sydney Morning Herald) To combat a rise in online crime, the European Commission is considering requiring companies that store data on the internet such as Microsoft, Apple, Google and IBM to report the loss or theft of personal information in the European Union or risk sanctions. The proposal, which is being drafted by Neelie Kroes, the European commissioner for the digital agenda, seeks to impose, for the first time, universal reporting requirements on companies that run large databases, those used for internet searches, social networks, e-commerce or cloud services. The proposed directive would supplant a patchwork of national laws in Europe that have made reporting mandatory in Germany and Spain but voluntary in Britain and Italy
Blue Button set for improvements(Fierce Government IT) Federal health information technology officials highlighted Jan. 16 efforts to give patients the ability to download personal health record data via the Blue Button initiative
Constitutional amendment protecting the right to bear data(Fierce Big Data) President Barack Obama signed 23 executive orders yesterday as an opening salvo for a more comprehensive approach to addressing America's appalling acceptance of death and violence over public safety and common sense--a result of adhering to the outdated language of the Second Amendment to the United States Constitution, which has been rendered inadequate for the times and technology as they have evolved. Seven of those orders can benefit from the advancing capabilities of big data
New Congress seen shunning SOPA(Computer World) [Registration required.] Backers fear a new bill like the Stop Online Piracy Act would elicit a repeat of last year's massive online protests. As A new U.S. Congress begins work this month, few insiders expect that there will a rush to create new versions of the controversial Stop Online Piracy Act (SOPA) or the Protect IP Act (PIPA)
Litigation, Investigation, and Law Enforcement
Cryptome escapes Thales' attack dogs in bank security row(The Register) Defence giant Thales has withdrawn its demand for the removal of banking security documents from whistle-blowing website Cryptome. The global corporation filed a DMCA* takedown notice last week citing copyright infringement: two of its manuals for cryptographic equipment have been available from Cryptome since 2003. Ross Anderson, a professor in security engineering at the University of Cambridge Computer Laboratory, fired a broadside at Thales earlier this week arguing that the action amounted to attempted censorship
The death of Aaron Swartz is the failure of brinksmanship—and prosecution of real computer crimes(Quartz) Reality is what refuses to go away when you stop believing in it. The reality—the ground truth—is that Aaron Swartz is dead. Now what? Brinksmanship is a terrible game, that all too many systems evolve towards. The suicide of Aaron Swartz is an awful outcome, an unfair outcome, a radically out of proportion outcome. As in all negotiations to the brink, it represents a scenario in which all parties lose
The Criminal Charges Against Aaron Swartz (Prosecutorial Discretion)(Volokh Conspiracy) This is the second in a series of posts on the Aaron Swartz prosecution. In my first post, I analyzed whether the charges that were brought against Swartz were justified as a matter of law. In this post, I consider whether the prosecutors in the case properly exercised their discretion. As some readers may know, prosecutors generally have the discretion to decline to prosecute a case; once they charge a case, they have the discretion to offer or not offer a plea deal; and once they offer the plea deal, they have some discretion to set the terms of the offer that they will accept. This post considers whether the prosecutors abused that discretion. To provide some attempted answers, I'm going to break down the question into four different issues: First, was any criminal punishment appropriate in the case? Second, if so, how much criminal punishment was appropriate? Third, who is to blame if the punishment was excessive and the government's tactics were overzealous? And fourth, does the Swartz case show the need to amend the Computer Fraud and Abuse Act, and if so, how
TED X Baltimore: Baltimore Rewired(Baltimore, Maryland, USA, January 25, 2013) At our TEDxBaltimore event, TEDTalks video and live speakers will combine to spark deep discussion and connection in a small group. The TED Conference provides general guidance for the TEDx program, but...
Data Privacy Day(Various locations, January 28, 2013) The National Cyber Security Alliance (NCSA), a non-profit public-private partnership focused on helping all digital citizens stay safer and more secure online, and official coordinator of Data Privacy...
tmforum Big Data Analytics Summit(Amsterdam, Netherlands, January 29 - 30, 2012) Bringing together leading service providers, market analysts and all of the big names in Big Data, this forward-looking, education-packed two-day Summit combines keynote perspectives, case studies, debates,...
North American ICS & SCADA Summit(Lake Buena Vista, Florida, USA, February 6 - 15, 2013) The Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset owning and operating organizations along...
ATMiA US Conference 2013(Scottsdale, Arizona, US, February 19 - 21, 2013) A conference devoted to the design of ATMs, and the future of the ATM industry.
#BSidesBOS(Cambridge, Massachusetts, USA, February 23, 2013) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of...
RSA USA 2013(San Francisco, California, USA, February 25 - March 1, 2013) RSA Conference continually evolves program offerings to meet the ever-changing needs of our delegates in the dynamic infosec industry.
Nullcon Goa 2013(Bogmallo Beach Resort, Goa, India, February 26 - March 2, 2013) An international information security conference that will feature speakers and training. Topics include security and politics, vulnerability elimination, Android hacking, SCADA and smart grid penetration...
TechMentor Orlando 2013(Orland, Florida, USA, March 4 - 8, 2013) Celebrating 15 years of educational events for the IT community, TechMentor is returning to Orlando, Florida, March 4-8, for 5 days of information-packed sessions and workshops. Surrounded by your fellow...
Business Insurance Risk Management Summit(New York City, New York, USA, March 5 - 6, 2013) The annual Risk Management Summit, now in it its fourth year, provides attendees with focused insight via specific, timely general sessions and strategic, thought-provoking discussions with peers and industry...
e-Crime Congress 2013(London, England, March 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding...
CTIN Digital Forensics Conference(Seattle, Washington, USA, March 13 - 15, 2013) Speakers include experts and published authors in the field of digital forensics and cybersecurity. Topics include; Mobile Device Forensics, Internet Forensics, Physical Memory Analysis, Open Source Tools,...
IT Security Entrepreneurs' Forum (ITSEF 2013)(Palo Alto, California, USA, March 19 - 20, 2013) Supported by the U.S. Department of Homeland Security, Office of Science and Technology, ITSEF 2013 aims to connect the ecosystem of the entrepreneur: industry, government, and academia. The conference...
The Future of Cyber Security 2013(London, England, UK, March 21, 2013) Cyber Security and the Citizen 2013 is a one-day conference and exhibition for senior decision-makers of central and local government organisations, NGOs and major private sector enterprises.
Cloud Connect Silicon Valley(Santa Clara, California, USA, April 2 - 5, 2013) Cloud Connect returns to Silicon Valley, April 2-5, 2013, for four days of lectures, panels, tutorials and roundtable discussions on a comprehensive selection of cloud topics taught by leading industry...
Cyber 1.3(, January 1, 1970) Maj. Gen. Suzanne Vautrinot, USAF, commander, 24th Air Force, and commander, Air Force Network Operations, will discuss the global strategic implications that relate to the cyber domain at the Space Foundation...
INFILTRATE 2013(Miami, Florida, USA, April 11 - 12, 2013) INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Researchers focused on the latest technical issues will demonstrate techniques that you cannot find elsewhere.
InfoSec World Conference & Expo 2013(Orlando, Florida, USA, April 15 - 17, 2013) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen...
Infosec Southwest 2013(Austin, Texas, USA, April 19 - 21, 2013) InfoSec Southwest is intended to be a general security and hacking conference with no specific industry or topical focus. As such, nearly all topics (other than vendor pitches) are fair game and the attending...
25th Annual FIRST Conference(Bangkok, Thailand, June 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.
SECRYPT 2013(Reykjavik, Iceland, July 29 - 31, 2013) The 10th International Conference on Security and Cryptography (SECRYPT 2013) will take place from 29 to 31 July 2013 in Reykjavik, Iceland…The conference will focus on information systems and network...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.