skip navigation

More signal. Less noise.

Daily briefing.

Anonymous and Islamist hacktivists voice support for OpUSA, but so far there's little sign that it's having much effect (claims by Algeria's Charaf Anons to the contrary). The Izz ad-Din al-Qassam Cyber Fighters are suspending attacks this week to avoid confusion of purpose and attribution, but they also call for Anonymous to strike US banks. US banks tell customers their online transactions might be a bit slow today.

The Syrian Electronic Army claims penetration of Israeli intelligence sites. They also hijack the Onion and E! Online's Twitter feeds (the former to post pro-Assad propaganda, the latter, oddly, to spread Justin Bieber rumors).

Indian government websites continue to report attacks—there's no clear attribution yet. A new Android Trojan surfaces in Germany. AutoIt sees increasing use in malware coding. Malware posing as a Flash update appears in Dropbox. The Sans Institute sees signs of an incipient typosquatting epidemic.

More information on the IE zero-day appears—researchers note waterholes' advantages over spearphishing, and observers discern a lesson about large-enterprise software updates. A Metasploit module for the exploit is out.

The US Department of Defense officially accuses China's army with cyber espionage (which China indignantly denies).

Defense News describes the challenges of acquiring cyber companies. A new version of password cracker Cain & Abel is released. Los Alamos National Laboratory demonstrates a prototype quantum-encrypted network.

McAfee's Chief Privacy Officer suggests the key to enterprise privacy is to think like a teenager concealing something from her parents (like "a crush on a football player").


Today's issue includes events affecting Algeria, Australia, Canada, China, European Union, France, Germany, India, Indonesia, Iran, Israel, Netherlands, New Zealand, Syria, Turkey, United Kingdom, United States..

Cyber Attacks, Threats, and Vulnerabilities

Government Takes Precautions Over Expected 'OpUSA' Cyber Attack (ABC News) The Department of Homeland Security and the FBI are cautioning American government and financial institutions that they could be targets of a wave of cyber attacks Tuesday from Anonymous-linked hacktivists in the Middle East and North Africa

Anonymous, Islamist Hackers Plan Major Assault for Tuesday (Mashable) Anonymous and various Islamist groups claim that they will take down nine U.S. government websites on May 7, including those of the Pentagon, the National Security Agency, the FBI and the White House, along with over 130 bank websites, such as those

Izz ad-Din al-Qassam Cyber Fighters Pause OpAbabil During OpUSA (Softpedia) In April, Izz ad-Din al-Qassam Cyber Fighters revealed their contribution to OpUSA. They said they would continue focusing on their own campaign, Operation Ababil, but they urged the OpUSA hacktivist groups to help them attack US banks. However, according to a statement published a few hours ago, the hackers say they're pausing Operation Ababil. In fact, they will not be launching any attacks this week.As was specified in the previous statements, al-Qassam Cyber Fighters's purpose of DDoS attacks

1062 Websites Hacked by Charaf Anons from Algeria (Hack Read) Famous hacker from Algeria going with the handle of Charaf Anons has hacked and defaced 1062 websites from all over the world for Opersation USA (#Op:USA). Hacker left a deface page along with a simple message on all hacked websites, displaying Islamic prayer on the index page of targeted websites.Hacked by Charaf Anons, There is no god but one God and Prophet Muhammad is the final messenger of God. Jihad is coming. All hacked sites belong to different countries of the world such as China, India

Banks: Cyber attacks could slow service today (Springfield News Sun) The potential cyber attack could render online banking services unavailable, officials said. "We are taking it very serious," said Patrick Harris

Cyber-attack could target Ohio banks, credit unions (Dayton Daily News) Ohio's banks and credit unions are warning of a potential cyber-attack Tuesday that could render online banking services unavailable. U.S. financial institutions, including some in Ohio, have been threatened by an attack by the Internet activist group

Syrian Hackers Strike (Free Beacon) A hacker group known as the Syrian Electronic Army (SEA) claims to have penetrated one of Israels central Internet infrastructure systems in Haifa in response to an Israeli attack over the weekend on Syrian weapons shipments.The Anonymous-affiliated SEA, or SCADA Attackers, announced Monday afternoon that it had penetrated one of the main infrastructural systems (SCADA) in Haifa and managed to gain access to some sensitive data, according an email announcement by the group released on Pastebin

The Onion, E! Online Twitter Feeds Hacked by Syrian Electronic Army (eSecurity Planet) While the hackers posted pro-Syria tweets on The Onion's feed, they simply used E! Online's feed to claim that Justin Bieber is gay

Cheapest way to rob bank seen in cyber-attack- like street hustle (Washington Post) The hackers often struck late on Fridays, starting about a year ago, sending skeleton crews at more than a dozen European banks rushing to keep bombardments of digital gibberish from crashing their websites. Damaging as the

Meet the new paid-archive malware families (Technet) In a previous post, "Fake apps: Behind the effective social strategy of fraudulent paid-archives," we exposed the social engineering technique behind Win32/Pameseg - our detection for a family of "paid-archives."We described the use of "low-ball" techniques and explained how users are led to believe they are making an informed choice. However, the choice ultimately leads to the user being deceived into doing what the attacker wants - downloading and executing an installer.The scheme begins with

Malware you can "live with", but shouldn't (Help Net Security) The main symptom of a computer being infected with the ZeroAccess (or Sirefef) malware is that online searches via Google Search often lead to unhelpful pages filled with ads and equally useless links

Heads-Up - AutoIt Used To Spread Malware and Toolsets (Trend Micro) AutoIt is a very flexible coding language thats been used since 1999 by coders looking for a fast, easy, and flexible scripting language in Windows. From simple scripts that change text files to scripts that perform mass downloads with complex GUIs, AutoIt is an easy-to-learn language that allows for quick development. The trend for malicious actors to use AutoIt to code malware and tools however has been increasing, and the trend appears to be getting strongerAutoIt Hacker Tools

Is there an epidemic of typo squatting? (Internet Storm Center) One of our readers, Jim, wrote in earlier today to say he has noticed an increase in "working" typo squatting over the last 2 months or so. That is, he's seen users accidently surfing to them or being redirected there by some sort of malicious javascript trickery. His question for us (and the rest of you) is, is this a local phenomenon or are the bad guys making more use of this tactic? I'm not currently setup to monitor this type of activity, so I figured I'd ask our loyal readers. Do you monitor your proxy and DNS logs for this type of activity and have you seen an increase? Leave a comment below or our contact form to let us know. Below are just a few examples of the domains he has seen

Malicious Flash Player Updates Hosted on Dropbox (Softpedia) Cybercriminals often disguise malware as updates for Flash Player. An interesting example has been analyzed recently by security experts from Zscaler.The attack starts with a number of websites that redirect their visitors to Once victims land on this site, they're urged in English or Turkish to update their Adobe Flash Player in order to see a video.The interesting thing about this particular attack is that the malicious Flash Player update is actually stored in a Dropbox

300 Indian Websites Hacked & Defaced by [IN]SecInjection (Hack Read) A hacker going with the handle of [IN]SecInjection has hacked and Defaced 300 Indian websites yesterday.It seems the hacker is from Latin America, as the sites are left with a deface page along with a message in Portuguese language

ZertSecurity Android trojan hits German users (lookout) We have been investigating a new piece of Android malware that was being sent out to German Android users as part of a phishing campaign targeting customers of Postbank.ZertSecurity is a banking trojan which masquerades as a certificate security application that asks the user to input their bank account number and PIN.ZertSecurity was found in the Google Play store, although less than 100 copies had been downloaded in the 30 or so days that it was live. It has since been removed by Google

US Convenience Store Chain Mapco Express Hacked, Payment Cards Compromised (Softpedia) Mapco Express, the US-based convenience store chain, is notifying customers about a security breach. The company says hackers have managed to gain access to customer credit/debit card information by planting malware on payment processing systems. The precise number of affected customers hasnt been revealed. However, all individuals that made payments with their debit and credit cards at Mapco locations between March 19-25, April 14-15 and April 20-21 could be impacted.The affected stores are

IE 8 Zero Day Found as DoL Watering Hole Attack Spreads to Nine Other Sites (Threatpost) Microsoft issued an advisory warning that an IE 8 zero-day exploit was used to attack the US Department of Labor website and nine others, including government and non-profit organizations in Europe

Internet Explorer 8 Zero Day Exploit Targeted Nuclear Workers (PC Magazine) Late in April, security researchers discovered an exploit in Internet Explorer 8 that allowed attackers to execute malicious code on a victim's computer. Most troublingly, the exploit has been found in the wild on a U.S. Department of Labor

IE8 0-day used in watering hole attacks (Help Net Security) Last week a U.S. Department of Labor website was discovered to be redirecting users to sites serving a hard-to-detect variant Poison Ivy backdoor Trojan. Researchers are now saying that the exploit

Watering Hole Attacks an Attractive Alternative to Spear Phishing (Cisco Blogs) "Watering Hole" attacks, as evidenced by the recent attack involving the U.S. Department of Labor, are becoming increasingly popular as alternatives to attacks such as Spear Phishing. In a "Watering Hole" attack, the attacker compromises a site likely to be visited by a particular target group, rather than attacking the target group directly. Eventually, someone from the targeted group visits the "trusted" site (A.K.A. the "Watering Hole") and becomes compromised

Cyberattack highlights software update problem in large organizations (CSO) Attackers targeting government employees working with nuclear weapons understood departments are using outdated versions of Windows,IE

Old Java exploit kit taught new tricks (CSO) G01pack mounts a multi-stage attack after invading computers running unpatched versions of Oracle's Java 6

Evernote Says Cyber Breach Which Cost Millions Wasn't From China (Businessweek) Evernote Corp., an online note-taking and document storage service, said a March cyber attack that obtained usernames and encrypted passwords cost "many millions of dollars" and didn't come from China. The attack wasn't state-sponsored and appears to

LivingSocial Reveals Cyber-Attack, Notifies 50 Million, Says No Credit Data Breached (Bloomberg BNA) Online daily deal company LivingSocial Inc. has contacted more than 50 million customers whose information may have been compromised in a recent cyber-attack, a company spokesman told BNA April 29

Security tools can't keep hackers at bay (CSO) Breaches like one that exposed credit card data of Schnucks supermarket customers for four months could become commonplace

U.S. Directly Blames China's Military For Cyberattacks (New York Times) The Obama administration on Monday explicitly accused Chinas military of mounting attacks on American government computer systems and defense contractors, saying one motive could be to map military capabilities that could be exploited during a crisis

Espionage fuels China's fast-paced military buildup: Pentagon (Reuters) China is using state-sponsored industrial espionage to acquire the technology it needs to forge ahead with a fast-paced military modernization program and cut its reliance on foreign arms makers, the Pentagon said in a new report on Monday

China denies Pentagon cyber-attack claims (Telegraph) China denies Pentagon cyber-attack claims. China has denied claims from the US that it is using espionage to acquire technologies to fuel its fast-paced military modernisation programme. China has denied claims from the US that it is using espionage to

It's not just about China and America—smaller countries want to wage cyberwar too (Quartz) America's Department of Defense yesterday released its annual report on China's military capabilities (pdf). The report includes "electronic warfare" and "information dominance" as part of a larger campaign it says is an "essential element, if not a fundamental prerequisite" of China's defense planning. The report is good PR for China's cyberwarriors but there is nothing surprising about the country's ambitions. America itself is relatively open about its cyberwarfare activities

Security Patches, Mitigations, and Software Updates

Google Fixes CSRF Vulnerability in Translator and Clickjacking Flaw in Gmail (Softpedia) Security researchers Prakhar Prasad has identified a couple of vulnerabilities in Google services. Both have been addressed by Google, so the expert published proof-of-concept videos for each of them.The first security hole was a cross-site reference forgery (CSRF) that affected Google Translate.[The vulnerability] allowed me to become an Editor on someone's Google Website Translator Service. The page had CSRF Protection, but the CSRF token check was skipped on server side, the expert explained

Metasploit Module Released For IE Zero-Day Flaw Used In Labor Attack (Dark Reading) A targeted attack discovered last week serving up malware from the U.S. Department of Labor's (DOL) website employed a previously unknown vulnerability in Internet Explorer 8 that Microsoft says it will fix either with an emergency patch or via its

Cyber Trends

The anonymous denizens of the Indonesian 'twitterverse' (The Jakarta Post) Oscar Wilde once said "man is least himself when he talks in his own person. Give him a mask and he will tell you the truth." Given the discreet nature of online social media, many users opt to wear masks to broadcast the truth, or some part of it

No strategy for data protection? (Help Net Security) While financial services organizations are obligated to establish and report stringent service availability objectives for mission-critical systems, they are actually among the worst performing


High Stakes And The Sequester Squeeze (Foreign Policy) It's all about national security, isn't it? Or is it? Rick's back room is alive and well in Washington, D.C. And it is shocking, just shocking, to learn that as the defense drawdown continues, not a single player at the defense table has stopped placing bets, stopped trying to fix the outcome of the game, or tried another role of the dice to end-run the impact of the sequester

Pentagon Awards Drop 52% As U.S. Automatic Cuts Trigger Slowdown (Bloomberg Government) Pentagon contracts tumbled 52 percent in April from a month earlier as across-the-board federal budget cuts took hold

Federal funding drying up for anti-terror centers (WLUK Fox 11) Two centers that link Wisconsin to a national antiterrorism intelligence network are trying to figure out how to keep functioning as federal funding is starting to dry up. The so-called fusion center in Madison has been getting state funds to

Gov. Bob McDonnell Endorses Springfield for New FBI Headquarters ( "Locating the FBI headquarters to the Springfield GSA Warehouse property would offer numerous synergies with the United States intelligence community," McDonnell said. "The Central Intelligence Agency, the Department of Homeland Security, the

NSA plans new computing center for cyber threats (Baltimore Sun) Keith B. Alexander, the director of the National Security Agency and head of U.S. Cyber Command, said during a groundbreaking ceremony Monday at Fort Meade. The 600,000-square-foot facility, similar in function to an existing computer center

Interior Dept Picks 10 for $1B Cloud IDIQ (GovConWire) Ten companies have won positions on a potential 10-year $1 billion cloud computing services contract with the Interior Department, Federal Times reported Thursday. Nicole Johnson writes the indefinite-delivery/indefinite-quantity includes three base years and seven option years through 2023. Contractors will compete to provide cloud storage, file transfer, database and Web hosting, development and testing

TASC Names Randy Phillips Senior Vice President of Corporate Development and Chief Strategy Officer (Wall Street Journal) TASC, Inc. has appointed Randy Phillips to the position of senior vice president of corporate development and chief strategy officer. In this new role, Phillips will lead the development of TASC's corporate strategy, identify and execute acquisitions to extend TASC's core offerings, and contribute to priority growth initiatives

Allot Named Market Leader in Infonetics Deep Packet Inspection Report (IT News Online) Allot Communications Ltd. (NASDAQ: ALLT), a leading supplier of service optimization and revenue generation solutions for fixed and mobile broadband service providers worldwide, announced today that it has been named the overall market share leader

Dell acquires Enstratius (Help Net Security) Dell today announced the acquisition of Enstratius, which helps organizations manage applications across private, public and hybrid clouds, including automated application provisioning and scaling

Avast Acquires (The Droid Guy) Avast a consumer antivirus maker has just acquires the Facebook-focuesd…cut down the amount of cyber bullying and prevent the children from spending way

BMC to go private in $6.9 bln deal led by Bain, Golden Gate (Reuters) Business software maker BMC Software Inc , whose anemic growth has been a source of frustration for its largest shareholder, said it would be taken private by a group led by Bain Capital and Golden Gate Capital for about $6.9 billion

The Challenge of Buying Cyber Companies (Defense News) Every major US defense contractor is busy building a new cyber center or announcing a revolutionary new cyber tool. And to support those cyber efforts, they are buying companies with new technology and approaches, buttressing their in-house capabilities

Procera Networks Inc. (NASDAQ: PKT) surges after it receives multimillion follow on order (WallStreetPR) Procera Networks Inc. (NASDAQ: PKT) (Closed: $14.08, Up by 27.08) registered positive movement of 27 percent in its share prices following the company's announcement of multimillion dollar follow on order

Gordon Johndroe Named Lockheed Media Relations VP (GovConWire) Gordon Johndroe, a former National Security Council spokesman and deputy White House press secretary during the George W. Bush administration, has joined Lockheed Martin (NYSE: LMT) as vice president of media relations and international communications. The 15-year communications and public relations veteran will serve as the company's chief spokesperson and lead campaigns and strategies for

DynCorp to Realign Business Units, Start New Intl Org (GovConWire) DynCorp International is reorganizing from five business units to three, with one of them a new organization intended to focus on international opportunities, the Washington Post reports. Marjorie Censer writes the company will restructure into three business units: DynAviation, DynLogistics and the new DynGlobal organization. Steve Gaffney, DynCorp chairman, president and CEO told the Post

Products, Services, and Solutions

Adobe Creative Cloud Move Elevates Company, Stymies Users (eWeek) Adobe announced it is moving to an all subscription model, delivering new functionality only through its Creative Cloud from now on - which has some customers concerned

Cray brings top supercomputer tech to businesses for a mere $500,000 (Ars Technica) Technology powering world's top supercomputers now in an entry-level package

General Dynamics Offers Real Time Threat Detection And Cyber Solutions With Fidelis XPS ( General Dynamics Fidelis Cybersecurity Solutions has integrated its flagship network security solution, Fidelis XPS, with IBM's security information and

Panda GateDefender Integra eSeries eSB (SC Magazine Australia) Panda Security's GateDefender Integra eSeries eSB is both easy to set up and offers a rich feature set

Cain & Abel 4.9.44 released (Help Net Security) Cain & Abel is a password recovery tool for Microsoft operating systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using dictionary

Center for Internet Security Announces Partnerships for Discounted Cyber Security Training (MarketWatch) Agreements with SANS Institute, (ISC)(2)(R) and Inspired eLearning Offer Cost-Effective Solutions for Government, Not-for-Profits and Educational Institutions

Interop Las Vegas: 10 Cool Products (InformationWeek) From video conferencing knockouts to data protection tools, intriguing new products are on tap at Interop Las Vegas 2013. Take a closer look

Technologies, Techniques, and Standards

How to Stop DNS Application Attacks (Cloudshield) We already discussed strategies to secure a Domain Name Service (DNS) infrastructure from a network point of view, ways to reduce the DNS traffic load, and how to secure the DNS protocol itself…but what about DNS application security

Security Logging in an Enterprise, Part 1 of 2 (Cisco Blogs) Logging is probably both one of the most useful and least used of all security forensic capabilities. In large enterprises many security teams rely on their IT counterparts to do the logging and then turn to the IT logging infra when they need log information. That in itself isn't bad; however, the needs/requirements for IT may not be a 100% fit for a CIRT. Read on to find out how we handled it

Amid a barrage of password breaches, "honeywords" to the rescue (Ars Technica) Security experts have proposed a simple way for websites to better secure highly sensitive databases used to store user passwords: the creation of false "honeyword" passcodes that when entered would trigger alarms that account hijacking attacks are underway.The suggestion builds on the already established practice of creating dummy accounts known as honeypot accounts. It comes as dozens of high-profile sites watched user data become jeopardizedincluding LivingSocial, dating site Zoosk, Evernote

Companies explore self-detonating data as security control (CSO) Putting controls on what people see and putting expiration dates on sensitive documents. The popular Snapchat photo-messaging app used mainly by Android and iOS mobile device owners to share images that then self-destruct after 10 seconds is the sort of security idea that businesses say can help them secure online transactions with business partners

Design and Innovation

Vir2us, Inc. Launches Project XeroPass to Eliminate Need to Create, Remember or Enter Passwords and Login Information (MarketWatch) Crowd funding project expects to deliver new secure identity authentication technology, eliminate passwords and solve secure computing challenges for business and consumers

Research and Development

Los Alamos Scientists Build A Prototype Quantum Network (Forbes) The way quantum cryptography works is not at all simple, but here's the basic idea: in quantum mechanics, it's possible for two photons of light to become entangled. Meaning that when you change the quantum "spin" of one of the photons, the spin of the

Commercial Quantum Cryptography Satellites Coming (IEEE Spectrum) Satellites capable of performing quantum cryptography, a form of communication that is theoretically unhackable, don't even exist outside of the lab yet, but researchers at the Institute for Quantum Computing (IQC), in Waterloo, Ont., Canada, are


New Software Security Center To Evaluate Cyberthreats (Dark Reading) S2ERC will be launched at Georgetown later this month. A new Security and Software Engineering Research Center (S2ERC) that will research cyber threats and other security and technology issues will be launched at Georgetown later this month. Eric Burger, research professor of computer science, will serve as director of the new center, which will have its first face-to-face meeting on May 28

Legislation, Policy, and Regulation

Internet Sales Tax Passes — Tax Lawyers Get Ready to Go Boat Shopping (Wired Business) The internet sales tax will be a huge new experiment in regulating interstate commerce. Small businesses could wind up playing the guinea pigs as they wrestle with the tax laws of up to 46 different states

Why Tech's Finance Wizards Are Tearing Out Their Hair (Wired Business) Already overdue, SEC rules implementing the "crowdfunding" provisions of the JOBS Act aren't expected to take effect until the middle of next year. In the meantime, some startups are already burning through capital

Privacy Fail: House Passes Cyber Intelligence Law ( But, unfortunately, the hacker collective largely failed recently to derail the Cyber Intelligence Sharing and Protection Act (CISPA) in much the same way that earlier efforts helped derail the Stop Online Piracy Act (SOPA). As a result, CISPA is still

DHS urged to hire outsider for new cyber chief (The Hill) [Keith] Alexander's role at the National Security Agency and the deputy undersecretary for cybersecurity at DHS," Weatherford told The Hill. "Not just because of the executive order, but when you look at DHS's responsibility of working with the 16

Australia's Privacy Commissioner gets serious about infosec (CSO) The new OAIC information security guide sets out "reasonable steps" to protect personal information, but how many organisations will comply by March 2014

Australian privacy regime leads world but 17-year-old girls lead by example: expert (CSO) Australia's pragmatic privacy legislation is "the gold standard" for world privacy legislation even when compared with the European Union's long-established privacy regime, a US-based privacy expert has concluded – while advising privacy-conscious executives to make employees think like high-school girls if they really want to guarantee data integrity

DoD forming information operations executive steering group (FierceGovernmentIT) The Defense Department will form an information operations executive steering group to better streamline IO, or the mechanisms the department uses to integrate and implement information-related capabilities during military operations, says a May 2 DoD directive

Litigation, Investigation, and Law Enforcement

Kim Dotcom Makes Another Plea For Legal Relief As U.S., UK, Canada Attorneys General Converge Down Under (TechCrunch) Kim Dotcom and his legal team are seizing the moment of a meeting of attorneys general from the U.S., UK, Canada, Australia and New Zealand in Auckland to bring more attention to his legal fight with the U.S. government, which wants to extradite Dotcom from New Zealand and try him for copyright violations related to his now-defunct Megaupload venture. Robert Amsterdam, a high-profile lawyer known

German court convicts, sentences BitTorrent site operator to nearly 4 years (Ars Technica) "Jens R." offered no defense in this case of abetting copyright infringement

Self Propagated LulzSec Leader 'Aush0k' Arrested By Australian Federal Police (Voice Of Grey Hat) Many of us knew Hector Xavier Monsegur widely known as 'Sabu' as the leader of infamous international hacker group LulzSec and Antisec. But this idea will surely be changed when you will hear the histrionic story, which came to light when a 24 old Australian proclaimed himself as the leader of notorious hacker collective group Lulz Security also known as LulzSec. The man, known online as Aush0k, is a senior Australian IT professional who works for the local arm of an international IT company

Secrecy shrouds pretrial hearing in WikiLeaks case at Fort Meade ( A military judge has ordered what prosecutors say is an unprecedented closed

Indian Navy gets ready to dismiss officers for posting ship movements on Facebook (Naked Security) The Indian Navy says that the officers posted details about warship locations, including that of the country's one and only aircraft carrier, in the latest case of eye-rollingly bad Facebook indiscretion

Foreign Intelligence Surveillance Court denied no applications in 2012 (FierceGovernmentIT) An annual report on federal clandestine requests for information shows that the Foreign Intelligence Surveillance Court denied none of the 1,856 applications put before it during calendar year 2012

Data Hoarding: How To Stop (InformationWeek) Hoarding information, or storing enterprise data in the wrong places, can open your company to legal liability. But culture change won't be easy

European Commission rules Google's Motorola abused mobile patent dominance (FierceMobileIT) The European Commission has issued a preliminary ruling that Google's (NASDAQ: GOOG) Motorola Mobility abused its mobile patent dominance when it tried to get an injunction against Apple's (NASDAQ: AAPL) iPhone in Germany, the European Union announced on Monday

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Interop Las Vegas (Las Vegas, Nevada, USA, May 6 - 10, 2013) Attend Interop Las Vegas, May 6-10, and attend the most thorough training on Apple deployment at the NEW Mac & iOS IT Conference. Join us in Las Vegas for access to 125+ workshops and conference classes,...

(ISC)² CyberSecureGov (Crystal City, Virginia, USA, May 7 - 8, 2013) Join (ISC)² for an exciting two days as they explore the prevailing factors working against US Government IT Security practitioners and managers, how existing technical and personnel resources are faring...

ITWeb Security Summit 2013 (Sandton, South Africa, May 7 - 9, 2013) A conference devoted to cyber security, with a particular emphasis on countering the latest attack vectors. The gathering creates an opportunity for senior security professionals and business decision-makers...

The Computer Forensics Show (New York City, New York, USA, May 8 - 9, 2013) For IT and business executives responsible for creating, implementing, and managing a proactive and comprehensive IT strategy for information security, risk management, compliance, and business continuity...

ASIS 23rd New York City Security Conference and Expo (New York City, New York, USA, May 8 - 9, 2013) Join more than 2,500 professionals in the Big Apple for the largest annual conference in the Northeast for security management and law enforcement professionals. This exciting event will focus on key challenges...

Software Engineering Institute Invitational Hiring Event (Arlington, Virginia, USA, May 8 - 9, 2013) Attention software engineers and cyber security professionals: Carnegie Mellon's Software Engineering Institute needs your top notch skills to meet today's challenges. SEI staff will be interviewing on...

Baltimore Tech-Security Conference (Baltimore, Maryland, USA, May 9, 2013) The Baltimore Tech-Security Conference features 25-30 vendor exhibits and several industry experts discussing current tech-security issues such as email security, VoIP, LAN security, wireless security,...

CyberSecurity UAE Summit 2013 (Dubai, UAE, May 13 - 14, 2013) Review developments, strategies and best practice in global cyber security. Assess the nature of the latest threats being faced and the impact of these upon your organisation. Discuss the most promising...

GovSec (Washington, DC, USA, May 13 - 15, 2013) GovSec is the nation's premier event for Government, Homeland Security, and Law Enforcement professionals looking for proven strategies and cost effective technology so they can achieve their mission of...

cybergamut Technical Tuesday: Identifying TLS/SSL Encrypted Network Exploitation Activity Using Traffic Externals (Columbia, Maryland, USA, May 14, 2013) Jeff Kuhn of CACI describes recently completed CACI research using adaptive data analytics to distinguish encrypted exploitation activity from legitimate network traffic based on traffic externals in a...

Thriving in the Post-Sequestration GovCon Era (McLean, Virginia, USA, May 14, 2013) The Potomac Officers Club is hosting a summit for GovCon executives and government leaders to collaborate and share ideas on how to navigate a new era involving sequestration. At least five speakers, each...

Second Maryland Cybersecurity Center Symposium (MC2) (College Park, Maryland, USA, May 14 - 15, 2013) Drawing on regional experts of national and international acclaim, MC2's second Annual Cybersecurity Symposium will showcase the latest research, trends, and topics in cybersecurity, including: keynote...

FOSE (Washington, DC, May 14 - 16, 2013) FOSE is the premier event for government technology professionals interested in innovative, effective tools and solutions allowing you and your agency or organization to advance your mission. From IT managers...

7th Annual INSA IC Industry Day (Springfield, Virginia, USA, May 15, 2013) This annual event is held at the TS/SCI level in cooperation with ODNI as a comprehensive forum for IC leaders to relate their budget priorities to industry. The theme of this year's IC industry day is...

Hack Miami (Miami, Florida, USA, May 17 - 19, 2013) The HackMiami 2013 Hackers Conference seeks to bring together the brightest minds within the information security industry and the digital underground. This conference will showcase cutting edge tools,...

CEIC 2013 (Orlando, Florida, USA, May 19 - 22, 2013) The largest digital-investigations conference of its kind and the only one to offer hands-on lab sessions for practical skills development. CEIC offers relevant and practical information from expert speakers.

IEEE Symposium on Security and Privacy (San Francisco, California, USA, May 19 - 22, 2013) Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for the presentation of developments in computer security and electronic privacy, and for bringing together researchers...

U.S. Department of State Mobile Computing Forum (Washington, DC, USA, May 23, 2013) The U.S. Department of State's Bureau of Information Resource Management will host an educational forum and IT Expo, themed "Mobile Computing," reflecting their mission to empower diplomacy, consular services...

International Workshop on Cyber Crime (IWCC) (San Francisco, California, USA, May 24, 2013) The aim of this workshop is to bring together the research accomplishments provided by the researchers from academia and the industry. The other goal is to show the latest research results in the field...

Web 2.0 Security and Privacy (San Francisco, California, USA, May 24, 2013) The goal of this one-day workshop is to bring together researchers and practitioners from academia and industry to focus on understanding Web 2.0 security and privacy issues, and to establish new collaborations...

Maryland/DC Celebration of International Trade (Linthicum, Maryland, USA, May 21, 2013) Join Maryland exporters and international business experts as they celebrate International Trade Week. Hosted by the Maryland/DC District Export Council this event is a content rich celebration of international...

IEEE-Cyber 2013 (Nanjing, China, May 26 - 29, 2013) This conference will cover cyber physical systems, cyber control and automation, cyber robotics, and the Internet of things.

Cyber Security @ CeBIT (Sydney, New South Wales, Australia, May 28 - 30, 2013) The Cyber Security Conference will serve as a platform where all those involved in securing and governing ICT within an organisation can discuss the newest challenges and strategies. The event is a must-attend...

Private Sector Crossovers: Protecting People, Property and Information (, January 1, 1970) With its annual cyber conference on May 29, the Howard County Chamber of Commerce and its GovConnects initiative will offer expert speakers on cyber security and efforts to protect government agencies...

Cyber Security for the Chemical Industry (Franfurt, Hessen, Germany, May 29 - 30, 2013) It is becoming increasingly more important than ever to be aware of the latest cyber threats, and equipped to protect your company from them. In addition to physical security, these industries are faced...

DGI Cyber Security Conference & Expo (Washington, DC, 2013, May 30, 2013) Data security threats continue to increase in number and sophistication. The growing use of collaborative technologies - from mobile devices and social media to virtualization and cloud computing - will...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.