Assad's Syrian Electronic Army has shifted its sights from media to chat and VOIP services, evidently in a move toward more effective surveillance and repression.
Emirati authorities coordinate a response to pro-Morsi hacktivism with the Egyptian government.
Compromise of French Webhost OVH has international repercussions (particularly in Canada). The commodification and de-skilling of crimeware proceeds apace, with a new banking Trojan ("KINS") on offer for $5k and a new botnet-setup-as-a-service available. KINS has the potential to displace Citadel from its place atop the bank fraud tool black market.
A malicious app targeting the Android "master key" vulnerability (discovered recently by Bluebox Security) has been found in the wild. The cross-platform Janicab Trojan affects both PCs and Macs. SIM card vulnerabilities are easily fixed, says Security Research Labs, but the problem matters nonetheless—a lot of appliances connect through problematic cheap mobile data modules.
OpUSA peters out into desultory cybervandalism, but researchers note it produced an increase in malicious DNS request traffic.
The cyber industry mulls Cisco's $2.7B acquisition of SourceFire. Analysts think it's the beginning of major consolidation, with IBM, Juniper, EMC, and Check Point named as likely buyers. Cash-flush big defense integrators like Lockheed Martin, BAE, and Northrop Grumman aren't mentioned (but should be).
The US executive and legislative branches square-off on surveillance, and the White House hangs surprisingly tough. New Zealand legally extends its own surveillance programs.
Lawyers and those who consume their services might look at two unrelated but interesting articles on Internet scraping and privacy policies.
Today's issue includes events affecting Australia, Canada, China, Egypt, France, Germany, Ireland, Lithuania, New Zealand, Syria, United Arab Emirates, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
Syrian Electronic Army follows Guardian and FT hacks with Tango data theft(ITProPortal) The Syrian Electronic Army (SEA) has claimed to have successfully hacked free video and text messaging service Tango. The organisation, which is loyal to Syrian President Bashar-al-Assad, boasted that it breached Tango's website and back-up, database, managing to steal sensitive personal data, including users' private phone numbers, contacts and email addresses. The stolen information allegedly amounts to 1.5TB of data
UAE thwarts cyber attacks from Egypt(Business Standard) TRA director general Mohammed Nasser Al Ghanim said the organisation had traced the source of the cyber attack. TRA has contacted the relevant Egyptian authorities in order to coordinate the efforts of the two countries on this matter, he said
UAE Fends Off Cyber-Attacks Originating in Egypt(Infosecurity Magazine ) Another Middle East-focused cyber-attack has been launched, but it's a piece of news that would not be out of place in the Cold War era: the International Atomic Energy Agency has been hacked. Information from an out-of-use server has been stolen and
New Trojan could create headaches for banks, customers(CSO) KINS is 'something that cyber criminals are cheering on,' RSA said. With the major developers of banking malware laying low, a new crook on the block has emerged gunning to be top dog in the market. The developer's new malware is called KINS, and he's selling it for $5,000 a pop, although that price is likely to climb if the malware is a good as he brags it is
First Malicious Apps Targeting Android 'Master Key Vulnerability' Found in the Wild(SecurityWeek) Earlier this month, researchers from Bluebox Security uncovered a serious vulnerability in Android that allowed for the modification of apps without affecting the cryptographic signature, making it possible for attackers to turn legitimate apps into Trojans. Shortly after the "master key vulnerability" was uncovered, Proof-of-concept code for exploiting it was found on the Internet
HTML ransomware goes global(Help Net Security) Last week we saw that a ransomware scheme does not need to involve actual malware, as clever cyber crooks leveraged browsers' "restore from crash" feature to make inexperienced users believe they cannot
Equal-opportunity malware targets Macs and Windows(Ars Technica) Janicab ushers in cross-platform era as OS X becomes more appealing target. Researchers have uncovered a family of malware that targets both Windows and OS X. Janicab.A, as the trojan is known, is also unusual because it uses a YouTube page to direct infected machines to command-and-control (C&C) servers and follows a clever trick to conceal itself
Sessions with(out) cookies(Internet Storm Center) Recently in a penetration test engagement I tested a WebSphere application. The setup was more or less standard, but the interesting thing happened when I went to analyze how the application handles sessions
Dissecting a WordPress Brute Force Attack(Sucuri Blog) Over the past few months there has been a lot of discussion about WordPress Brute Force attacks. With that discussion has come a lot of speculation as well. What are they doing? Is it a giant WordPress botnet? Is it going to destroy the internet? Well, as you would expect of any good geeks we set out to find a way to find out
SIM card vulnerabilities easy to fix, researcher says(PCWorld) A pair of severe security problems in millions of SIM cards should be easy for operators to fix, according to the German security researcher who found the issues. Karsten Nohl of Security Research Labs in Berlin previewed research earlier this week that millions of SIM cards are likely still using an outdated, 1970s-era form of encryption to authenticate over-the-air (OTA) software updates
Hacking the SIM card: Why it matters to the enterprise(FierceCIO: TechWatch) It appears that the SIM card has finally been hacked, more than 20 years after it was first developed. More specifically, security researcher Karsten Nohl of Security Research Labs says he has found a serious vulnerability that allows mobile phones to be tricked into granting access to SMS functions and other capabilities--without the owner knowing
Cybercriminals Capitalize on Plants vs. Zombies 2 Hype(TrendLabs Security Intelligence Blog) The original Plants vs. Zombies game enjoyed a lot of popularity back then when PopCap Studios released it on the iOS in 2010, and on the Android in 2011. Now, with the approaching release of its sequel (soft-launched in New Zealand and Australia), cybercriminals have already begun taking advantage of the hype
Royal Baby lures to Blackhole Site(SecureList) Kaspersky Lab congratulates the royal couple on the birth of their new baby boy and wish them all well for the future. It is truly joyous news that is being celebrated in the UK and in the rest of the world
The Birth of the Royal Baby Blackhole Exploit Kit Run(TrendLabs Security Intelligence Blog) Since the first official announcement in early December last year, the world has eagerly awaited for the birth of the firstborn child of Prince William and Kate Middleton. After months of anticipation, the Duchess of Cambridge has given birth to a son, the new Prince of Cambridge, a couple of days ago
Lessons learnt from the Lakeland attack(Help Net Security) Last Friday, the British Kitchenware store, Lakeland, suffered a major data breach that involved two encrypted databases. To make things worse, the company doesn't know if data was compromised or what data was involved
Increase in malicious DNS request traffic(Help Net Security) With regard to the OpUSA hacktivist campaign, Solutionary discovered that attackers responsible for previous DDoS attacks on the financial sector leveraged a variety of techniques to execute the campaign, including SQL Injection and XSS, in addition to DDoS
Scenario Puts Energy, Politics in Hackers' Cross Hairs(Defense News) A US Army cyber official warns that the nation faces a possible cyberwar in which anonymous foreign computer hackers penetrate government networks andcreate friction between Washington and its allies, discredit elected officials, and create political and economic instability if the US fails to adapt
Cyber-Sabotage Is Easy(Foreign Policy) So why aren't hackers crashing the grid? Hacking power plants and chemical factories is easy. I learned just how easy during a 5-day workshop at Idaho National Labs last month. Every month the Department of Homeland Security is training the nation's asset owners -- the people who run so-called Industrial Control Systems at your local wastewater plant, at the electrical power station down the road, or at the refinery in the state next door -- to hack and attack their own systems. The systems, called ICS in the trade, control stuff that moves around, from sewage to trains to oil. They're also alarmingly simply to break into. Now the Department of Homeland Security reportedly wants to cut funding for ICS-CERT, the Cyber Emergency Response Team for the nation's most critical systems
Is a cyber attack on US infrastructure inevitable?(Salon) The U.S. and China locked horns on cyber espionage, Edward Snowden allegedly leaked classified intelligence about National Security Agency (NSA) monitoring programs that target communication networks, and the Cobalt malware took 13 U.S. oil refineries
ASX goes to war on cyber crime(Brisbane Times) A research paper published by the World Federation of Exchanges and the International Organisation of Securities Commission found 53 per cent of exchanges - including the key global exchanges - suffered a cyber attack last year. ASX chief information
US cloud firms face backlash from NSA spy programs(Computerworld) A Cloud Security Alliance (CSA) survey found that 10% of 207 officials at non-U.S. companies have canceled contracts with U.S. service providers following the revelation of the NSA spy program last month. The alliance, a non-profit organization with
Ex–CIA official to address government–wary hackers(Hartford Courant) A former CIA official and a retired Air Force general will address next week's Def Con hacking convention, which for the first time asked federal officials to steer clear because of anger over alleged government spying
Government Has Power to Improve Security With Incentives(Veracode) Back when I testified with the L0pht to the Senate in 1998 we suggested the government use incentives as a way to get businesses to improve their security. The Senate was Republican controlled at the time and even us political newbies knew that regulation was going to be a non-starter at the time. We also proposed that the government use its purchasing power to require the vendors it buys from to have good security
Medical Device Hackers Find Government Ally to Pressure Industry(Bloomberg) Two years ago, Jay Radcliffe discovered a software bug in his insulin pump that could allow hackers to take remote control of the device. The diabetic and computer security researcher went public with his findings at a hacker conference after the manufacturer, Medtronic Inc., didn't respond to him
Sourcefire-Cisco deal: No layoffs expected(Baltimore Business Journal) Sourcefire Inc.'s roughly 650 employees will all join Cisco Systems after the Columbia cyber security firm's sale is complete, Cisco executives said on Tuesday. San Jose, Calif.-based Cisco announced on Tuesday an agreement to acquire Sourcefire
Cisco Banks On Sourcefire And Snort For Its Security Future(Dark Reading) Cisco's security save to the tune of $2.7 billion, and the Snort pig stays open source. Cisco's announcement today that it plans to purchase Sourcefire in a $2.7 billion deal signals a major effort to resuscitate the networking giant's increasingly shaky standing in the network security market
What Cisco Gains From Sourcefire(InformationWeek) $2.7 billion acquisition deal brings intrusion expertise; Sourcefire promises Snort intrusion detection and prevention system will remain free and open source
IBM, Juniper could be next cyber-security buyers(MarketWatch) Cisco to buy Sourcefire Inc. for $2.7 billion; more deals likely to follow. Big tech firms like IBM and Juniper Networks are likely to follow Cisco Systems Inc.'s $2.7 billion deal for Sourcefire Inc. with their own cyber-security takeovers, said analysts Tuesday
Big Defense Firms Faring Well Despite Budget Cuts(Washington Post) Big defense contractors are weathering the federal budget sequester far more easily than they projected, in part because they have gradually eliminated jobs over the past few years in anticipation of spending cuts. Bethesda-based Lockheed Martin, the world's largest defense contractor, reported Tuesday that its profit rose 10 percent, to $859 million, during the second quarter even as revenue dipped slightly
Lockheed to SAIC Seek $6 Billion U.S. Anti-Hacking Work(Bloomberg) The U.S. Department of Homeland Security plans to create a $6 billion shopping hub for federal, state and local agencies seeking to shield their computer networks from hackers. Contracts for what may become the biggest unclassified cybersecurity program in the U.S. government will be awarded as early as this month
SAIC Awarded $38 Million Task Order By Defense Information Systems Agency(gnom.es) Science Applications International Corporation (SAIC) (NYSE: SAI) announced it was awarded a task order by the Defense Information Systems Agency (DISA) to provide Global Command and Control Systems - Joint (GCCS-J) production, testing and technical services in support of U.S. Combatant Commands. The single-award cost-plus fixed-fee contract has a one-year base period of performance, three one-year options, one six-month option, and a total contract value of approximately $38 million, if all options are exercised. Work will be performed at Fort George G. Meade in Jessup, Md. The task order was awarded under the ENCORE II contracting vehicle
Booz Allen, ManTech, Noblis Win $236M DHS R&D Support IDIQ(GovConWire) The Department of Homeland Security has awarded a potential $236 million contract covering research and development and related professional services to Booz Allen Hamilton (NYSE: BAH), ManTech International (NASDAQ: MANT) and Noblis
US cyber-spies strike electronic gold(Intelligence Online) Without waiting for their former employee Edward Snowden to blow the whistle on their work as contractors to the National Security Agency (NSA), the US cyber-intelligence consultants Booz Allen Hamilton and others have already moved on to fresh pastures. The most lucrative is undoubtedly the Persian Gulf, particularly
Don't Count VMware Out In Rough Seas(InformationWeek) Wall Street analysts and pundits are busy talking down VMware, but the virtualization pioneer is going through a cycle from which it's likely to bounce back. Wall Street talks VMware down, key executives exit and industry pundits continue to pile on the criticism. But VMware can bounce back from this down cycle, if it focuses on its identity as a supplier of fundamental data center software
Tom Anderson Appointed STG COO(GovConWire) Tom Anderson, most recently a group president at Wyle, has joined STG Inc. as chief operating officer. The three-decade federal information technology veteran will be responsible for managing day-to-day operations and driving new business, STG said Tuesday
Products, Services, and Solutions
SailPoint unveils IAM-as-a-Service suite(Help Net Security) SailPoint announced IdentityNow, an IAM-as-a-service (IDaaS) that delivers enterprise-grade identity governance, provisioning and access management in a single, unified solution
Quarri delivers Protect On Q as a virtual appliance(Help Net Security) Quarri Technologies released Quarri Protect On Q (POQ) 3.2, a virtual appliance version of its flagship web browser security solution. It also delivers high availability, enabling enterprises to deploy
SkyDrive in Windows 8.1 will be like your C Drive(FierceCIO: TechWatch) SkyDrive will be getting a radical overhaul in the upcoming Windows 8.1 update, and using it will be "as easy as saving to your hard drive." Or so says Mona Akmal, group program manager for SkyDrive, in a new blog entry
Sound-Based Device Authentication Has Many Possibilities (Video)(Slashdot) Imagine a short (audio) squawk, less than one second long, as a secure authentication method for cell phones or other mobile devices. A company called illiri has developed (and has a patent pending on) a method to do exactly that. The company is so new that its website has only been up for a month, and this interview is their first real public announcement of what they're up to. They envision data sent as sound as a way to facilitate social media, mobile payments (initially with Bitcoin), gaming, and secure logins. Couldn't it also be used for "rebel" communications, possibly by a group of insurgents who want to overthrow the Iranian theocracy? Or even by dissidents in Russia, the country our interviewee, illiri co-founder Vadim Sokolovsky, escaped from? (And yes, "escaped" is his word.) And, considering the way illiri hopes to profit from their work, should they think about open sourcing their work and making their money with services based on their software, along with selling private servers that run it, much the way Sourcefire does in its industry niche? Their APIs are already open, so moving entirely to open source is not a great mental leap for illiri's management
One–Stop Bot Chop–Shops(Krebs on Security) New fraudster-friendly content management systems are making it more likely than ever that crooks who manage botnets and other large groupings of hacked PCs will extract and sell all credentials of value that can be harvested from the compromised machines
Latest SwiftKey beta goes to the cloud(C/NET) SwiftKey has always been good at learning the way you type. But with today's new beta release, the app can now sync everything it learns across your devices
Solera Networks Introduces Blue Coat ThreatBLADES(Dark Reading) The Blue Coat ThreatBLADES solve this problem by unifying threat intelligence, big data security analytics and security visibility to protect against zero-day, advance persistent, web and email threats, spear phishing attacks and malicious files and
Choosing And Implementing An Enterprise Database Encryption Strategy(Dark Reading) A lot of attention is given to securing database systems-- and rightly so: Databases are the target for attackers who wish to siphon off intellectual property, gather financial data that can be turned into cash and, in some cases, break in just for the sport of it. The attacks against computer systems are diverse, but the end target is typically the database
Moving Away From Rash Hashing Decisions(Dark Reading) Black Hat talk will discuss shortcomings of the latest technical evolution of hashing passwords for safe storage in databases, propose a competition to design something better
Why Taking the Apple Developer Sites Down was a Good Thing(Trend Micro Simply Security) Over the weekend, we learned that Apple's Developer Center was taken down due to a security vulnerability or breach on the site last Thursday July 18. In their notice, Apple indicates that this security breach could have led to developer's names, mailing addresses and e-mail addresses being accessed, although the company states clearly that sensitive personal information was encrypted and not accessed
Continuous Security Monitoring: The Attack Use Case(Securosis) We have discussed why continuous security monitoring is important, how we define CSM, and finally how you should be classifying your assets to figure out the most appropriate levels of monitoring. Now let's dig into the problems you are trying to solve with CSM. At the highest level we generally see three discrete use cases
4 Non–Technical Measures for Mitigating Insidious Insiders(CSO) Even the best technology will be useless if the non-technical basics aren't correct. Can threats from insiders be proactively mitigated with non-technical measures? The short answer is "yes and no." And promise, this isn't going to turn into a blog on quantum computing to explain how these two answers can exist at the same time. An incident associated with a careless or malicious insider can be mitigated, sometimes, but it is highly dependent on a number of factors and many of these are non-technical
Does User Awareness Help? Vendors Begin To Take Sides(Dark Reading) Security vendors such as FireEye speak in favor of awareness training -- even without a dog in the fight. "When all you have is a hammer, everything looks like a nail," the old saying goes. In the past, this has been especially true in cyber security, where technology vendors have attempted to solve virtually every problem with the one thing they have: more technology. Got a virus? Antivirus software. Data leak? Data leak prevention. If you've got a security problem, there's an app (or an appliance) for that
Application Sandboxes: A pen–tester's perspective(Bromium Call of the Wild Blog) I'm excited to announce a new research report from Bromium Labs, written by myself and Rafal Wojtczuk. It ended up being far more comprehensive than we initially thought, so we decided to call it "Application Sandboxes: A Pen Tester's Perspective". In this report we perform security evaluation of publicly available application sandboxes viz: Google Chrome, Adobe Reader, Sandboxie, BufferZone Pro and Dell Protected Workspace
Encryption in the Cloud: Who Holds the Key?(IFSEC Global) There's no silver bullet for cloud security, but cryptography should be at the core of any cloud security architecture. Effective cryptography depends on the ability, not only to encrypt the data, but also to manage and control the keys to decrypt and
Black Hat: Don't Blindly Trust Vulnerability Data(eWeek) Researchers at Black Hat plan to discuss some of the common ways data about vulnerabilities is used to draw false conclusions about security. Numbers never lie--except when they are used to draw false conclusions. And if those false conclusions are part of an IT security strategy, then nothing good can happen
Inside MuckerLab, The Startup Accelerator That's Amping Up L.A.'s Tech Ecosystem(TechCrunch) In the San Francisco Bay Area, there is no shortage of "accelerator" programs that promise to take fledgling technology companies to the next level by providing mentorship, funding, business introductions, and the like. And as the startup scene a few hundred miles south in Los Angeles continues to heat up, the appetite for accelerators is growing too. One of the leading new startup
Latino Startup Accelerator Partners with Google For Entrepreneurs To Launch In Fall(TechCrunch) Manos Accelerator, a program to support Latinos involved in the startup community, has announced a partnership with Google For Entrepreneurs and will launch its first session for five to six startups in September. Based in San Jose, Manos Accelerator is meant to increase the number of Latino entrepreneurs and startups. Less than one percent of venture-backed startups were founded by Latinos
Long–Distance Quantum Cryptography(IEEE Spectrum) Quantum cryptography uses physics, specifically the quantum properties of light particles, to secure communications. It starts with a laser that generates photons and transmits them through a fiber-optic cable. The polarization of photons--whether they
House to Vote on Repealing NSA Dragnet Phone Surveillance(Wired) The House is expected to vote later this week on an amendment to a roughly $600 billion defense spending package that would repeal authorization for the National Security Agency's dragnet collection of phone call metadata in the United States
White House opposes amendment to curb NSA spying(CSO) The White House said the amendment will "hastily dismantle" counterterrorism tools. The White House is opposed to an amendment to a defense spending bill that would limit spending on mass surveillance by the National Security Agency
N.S.A. Director Lobbies House On Eve Of Critical Vote(New York Times) The Obama administration scrambled on Tuesday to slow Congressional opposition to the National Security Agency's domestic spying operations as the House of Representatives prepared to vote on legislation that would block the agency's collection of records about every phone call dialed or received inside the United States
NSA snooping: Here we go again(FierceITSecurity) Here we go again. The secret court that has been rubber stamping requests from the National Security Agency to throw massive dragnets over communications records of carriers and web firms has approved the extension of the U.S. government's surveillance authority past the July 19, 2013, expiration date
U.K. government to probe Huawei security center in southern England(FierceITSecurity) Under pressure from Parliament, the U.K. government has launched a probe into a center set up by Chinese telecom gear maker Huawei in southern England to test the security of its telecom gear before it is deployed into the U.K. critical national infrastructure
Interior Minister sets up a cyber attack response group(LithuaniaTribune) In case of a cyber attack, the group will have to take swift actions to control the crisis," Barakauskas was quoted as saying in a statement by the Ministry of the Interior on Tuesday. The group will include representatives of the Ministries of the
New Kiwi spook law allows domestic prying(The Register) Kim Dotcom fair game under revised statute. New Zealand's Government Communications Security Bureau (GCSB), which illegally spied on resident Kim Dotcom, is on the cusp of gaining sweeping new powers that include wiretapping NZ citizens
Rabbitte ignores calls for State role in blocking online porn(The Independent) Communications Minister Pat Rabbitte will stand firm against calls to require Irish internet service providers to block pornography from home broadband services. Writing exclusively in today's Irish Independent, Mr Rabbitte says that legal concerns attached to mandatory filters, as well as a fear of imposing censorship, have persuaded him against trying to force ISPs to impose mandatory pornography-blocking internet filters
ISPs: Relax. Blocking smut online WON'T really work(The Register) Plus: Anti-porn MP slathered with porn (well, her website anyway). Since the start of this year it has become clear that the government was shifting away from its hands-off approach to censoring content online by leaving ISPs to work out an agreed code that would prevent regulatory intervention
Facebook Event For 'NSA Nature Walk' Leads To Police Visit For German Man(Forbes) People outside of the United States have been alarmed by revelations about the degree of NSA access to information held by American technology companies given that foreigners are not granted the same privacy protections as U.S. citizens. Daniel Bangert, a 28-year-old German man, has been following news articles about the Edward Snowden leaks closely. Last month, after discovering that the NSA has a facility near his home in Griesheim, he posted a screed to Facebook lamenting "hav[ing] the NSA spies on my doorstep." A few weeks later, after creating a satirical Facebook FB +0.33% event inviting people to join him for a "nature walk" around the NSA's "Dagger Complex," he had actual police on his doorstep
Protecting Your Privacy Could Make You the Bad Guy(Wired) There's a funny catch-22 when it comes to privacy best practices. The very techniques that experts recommend to protect your privacy from government and commercial tracking could be at odds with internet business models and the law. It's a system
Internet 'Data Scraping': A Primer for Counseling Clients(Law Technology News) The proliferation of Internet access and mobile devices has led to an exponential explosion of content on the Web, creating a vast repository of "publicly available" information. This includes not only news, business, and financial information, but also personal data, movie and restaurant reviews, concert ticket sales, flight information, and a virtually endless array of other categories. This same technological explosion, however, has made it far easier for third parties to extract this data for commercial sale and use--and to do so for free and without authorization. This data extraction, commonly referred to as "scraping," "crawling," or "spidering" (collectively "scraping"),1 creates legal issues and concerns for both sides of this issue--those who want to scrape, and those who want to protect against scraping of their websites
State Department's Cybersecurity Office is a S#%t Show(RYOT) In an apparent effort to emulate the very hackers it's tasked with fighting, the Department of State's Bureau of Information Resource Management, Office of Information Assurance (still with us?) is evidently an aimless, overfunded LAN party with no real boss or reason to exist. We'd like to be able to tell you what the IRM/IA does, but a new report from the Office of the Inspector General concludes that it doesn't really do anything
IG: State Dept. Security Office 'Irrelevant'(GovInfoSecurity) For example, the IG says, the information assurance office is charged with overseeing the information systems security officer programs, but it's not the principal office where ISSO personnel overseas seek information and guidance. Several unit
Secret court renews NSA's snooping authority(FierceITSecurity) The secret court set up to oversee the National Security Agency's snooping program has given the green light for the agency to continue its information dragnet. The Office of the Director of National Intelligence confirmed on Friday that the Foreign Intelligence Surveillance Court had renewed the NSA's authority to collect "certain telephony metadata under the business records provision of the Foreign Intelligence Surveillance Act," authority, which expired on July 19, 2013
VA seeks dismissal of data breach lawsuit(FierceHealthIT) The U.S. Department of Veterans Affairs last week motioned to dismiss a lawsuit brought against it following a data breach made public in April by the William Jennings Bryan Dorn VA medical center in Columbia, S.C., HealthITSecurity reported
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Black Hat 2013(Las Vegas, Nevada, USA, July 27 - August 1, 2013) Black Hat USA is a major international security conference, featuring learning, networking, and skill-building. Sessions include training, briefings, technical presentations, and more.
SECRYPT 2013(Reykjavik, Iceland, July 29 - 31, 2013) The 10th International Conference on Security and Cryptography (SECRYPT 2013) will take place from 29 to 31 July 2013 in Reykjavik, Iceland…The conference will focus on information systems and network...
AFCEA Global Intelligence Forum(Washington, DC, USA, July 30 - 31, 2013) During this day and one half unclassified conference in the National Press Club in downtown Washington, D.C., leaders from across the government, military, and industry will explore the role that the Intelligence...
International Conference on Cyber Security(New York, New York, USA, August 5 - 8, 2013) The Federal Bureau of Investigation and Fordham University will host the fourth International Conference on Cyber Security (ICCS 2013) on August 5 - 8, 2013 in New York City. ICCS, the White Hat Summit,...
SINET Innovation Summit(New York, New York, USA, August 6, 2013) The purpose of the Innovation Summit is to reinvigorate public private partnership efforts and increase relationships between industry, government and academia that fosters sharing of information and collaboration...
3rd Annual Cyber Security Training Forum(Colorado Springs, Colorado, USA, August 6 - 7, 2013) The Information Systems Security Association (ISSA) - Colorado Springs Chapter and FBC, Inc. will once again host the 3rd Annual Cyber Security Training Forum (CSTF). Formerly known as the Cyber Security...
AFCEA Tinker AFB Information Technology & Cyber Security Expo(Oklahoma City, Oklahoma, USA, August 8, 2013) Commercial vendors are invited to Tinker Air Force Base on Thursday, August 8th to exchange information and provide products demonstrations to the military and civilian personnel on base. IT and Information...
AIAA Aviation 2013(Los Angeles, California, USA, August 12 - 14, 2013) Leading cybersecurity experts will speak at AIAA AVIATION 2013, being held August 12-14 at the Hyatt Regency Century Plaza, Los Angeles, Calif. Hosted by the American Institute of Aeronautics and Astronautics,...
A Cloud Computing Introduction for Manager(Columbia, Maryland, Sioux Falls, August 13, 2013) Cloud computing is becoming popular. More and more Technical Managers and Project Managers will be interacting with cloud computing, either developing clouds, using clouds, or selecting among cloud and...
Resilience Week 201(San Francisco, California, USA, August 13 - 15, 2013) 2013 Resilience Week brings together colleagues across government, academia and industry to facilitate an exchange of ideas dedicated to promising research in resilient systems that will protect cyber-physical...
Kirtland AFB/Sandia/DOE Cyber Security Seminar & IT Expo(Albuquerque, New Mexico, USA, August 15, 2013) This expo is designed to stimulate exchanges of information between industry partners and Kirtland AFB Information Management Officers', Information Technology personnel, Contracting Officers' as well...
National SCADA Conference(Melbourne, Victoria, Australia, August 15 - 16, 2013) The 12th Annual National SCADA Conference, Australia's largest and longest running SCADA conference, will bring together many of the luminaries of the Australian and International SCADA community to evaluate...
SANS Thailand 201(Bangkok, Thailand, August 19 - 31, 2013) SANS hands-on advanced Information Security training is coming to Thailand this August! SANS is bringing our Web App Penetration Testing course to the Crowne Plaza Bangkok Lumpini Park in Bangkok, Thailand.
Human Cyber Forensics Forum(Washington, DC, USA, August 21, 2013) This forum brings together subject matter experts to discover and share new means of recognizing the human indicators related to cyber intrusions, and the evolution of these human indicators in the coming...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.