skip navigation

More signal. Less noise.

Daily briefing.

Anonymous hacktivists claim another attack on North Korean Websites. They also announce the beginning of "OpPetrol," a campaign directed initially against the Saudi government but promised to affect a total of twelve countries. OpPetrol appears to have yielded a few Saudi email login credentials, but not much else. Its instigators are exercised over the pricing of oil in dollars as opposed to a "Muslim" currency. Elsewhere in the hacktivist underworld a "jihadi Geek Squad" works to deliver effective crypto to al Qaeda.

Microsoft warns against the Febipos Trojan, first observed in Brazil, that exploits Chrome and Firefox to hijack Facebook profiles. Researchers at Rutgers University discover another threat to Facebook, this one exploiting expired Hotmail accounts.

The US military's reliance on international hardware—notably telecommunications equipment and semiconductors—is said to pose an unacceptably high supply chain risk, both in terms of embedded threats and issues of wartime availability. Huawei again denies engaging in cyber espionage.

The cyber underground economy continues to evolve along lines that parallel legitimate consumer e-commerce. Denial-of-service tools may be purchased via PayPal, and zero-day exploits are freely advertised (the US Government is said to be the largest purchaser of zero-days).

New York State announces formation of a cyber security advisory council; its members include Good Harbor's Richard Clark and CrowdStrike's Shawn Henry. USA Today sees a strong flow of venture capital into cyber start-ups.

Information on last week's ATM bank robbery indictments continues to appear. Observers agree the crime was enabled by weak endpoint security.

Notes.

Today's issue includes events affecting Bahrain, Brazil, Canada, China, Dominican Republic, France, Germany, Israel, Italy, Japan, Democratic Peoples Republic of Korea, Kuwait, Malaysia, Oman, Philippines, Qatar, Romania, Russia, Saudi Arabia, Taiwan, Turkey, United Arab Emirates, United Kingdom, United States..

SINET has opened a call for presentations to be delivered at August's Innovation Summit—the CyberWire will cover the Summit in a series of special issues. (See the note in Cyber Events, below.)

Cyber Attacks, Threats, and Vulnerabilities

Hacker group attacks North's Web sites again (Korea Joongang Daily) The international hacker collective Anonymous, which previously hacked the pro-Pyongyang propaganda Web site Uriminzokkiri and leaked some 15,000 members personal profiles on the Internet in March, carried out its second cyberattack of the Norths Web sites yesterday.One of the hackers who conducted the attack, identified by the ID @AnonyOpsKorea, stated on Twitter that the attack began at 10 a.m. yesterday Korean time, and that they successfully hacked the official Web sites of the Norths public

Anonymous and Anonghost started #OpPetrol with the leak of Saudi Arabia Govt. Email Login credentials (Hackers News Bulletin) After #OpUSA in which Hackers hacked, defaced many websites, leaked emails and data of govt. websites and financial institutions of USA, we also collected a plethora of hacked stuff under #OpUSA and we also got many fake hacks, defacement from various hackers over the world but after their #OpUSA hackers started #OpPetrol.In the start of #OpPetrol hackers claim to hack 16 Gov Emails login credentials of Saudi Arabia Government, according to hackers this latest operation will target 12 Countries

Can The Jihadi Geek Squad Secure The Web For Al Qaeda? (TPM) "Most cryptography applications today use public-key cryptography. Every web browser has public key cryptography, so when you do your online banking, you go through SSL and that uses pub key cryptography," explained Phil Zimmermann president and

Febipos Malware in the wild that steals your Facebook profile (cyberwarzone) Microsoft has discovered a trojan which hijacks Facebook accounts. The malware penetrates through a Chrome extension or Firefox add-on. Safari and Internet Explorer seem to be safe. Microsoft warns that the malware takes over the Facebook account and then performs various unwanted actions. The malware - now known as Febipos was first found in Brazil. The malware can chat, share content, post messages to other profiles, comment on posts, like pages and join Facebook groups. In the warning report

Hijacking Facebook accounts via expired Hotmail accounts (Help Net Security) Three researchers from Rutgers University in Newark, New Jersey, have discovered a simple way to hijack Facebook accounts by misusing existing features and responses of Facebook, Microsoft's Hotmail

What If We Thought More Often About Being Tracked Online? Man Stalks Himself To Find Out (Fast Company) After tracking his every online (and physical) move for about two months, NYU grad student Frederico Zannier is selling his online data--for a mere $2 per day

An unholy alliance - Fake Anti-Virus, meet Bogus Support Call! (Naked Security) What happens when a scammer decides to marry fake anti-virus and bogus support calls? Paul Ducklin has a bit of a weekend chuckle at the result

Tomren Wealth Management Suffers Security Breach (eSecurity Planet) California's Tomren Wealth Management recently notified clients of a server breach that occurred between February 21 and March 6 of this year (h/t DataBreaches.net).The notification letter [PDF file] states that while forensic investigators found that spamming software had been loaded onto the server, it's unclear whether the attacker also accessed any clients' personal information.Still, the letter states, the server did contain clients' names, Social Security numbers, driver's license informat

Android Font Apps Hosted on Google Play Install Spyware (Softpedia) Security researchers from Webroot have come across a couple of shady Android font apps hosted on Google Play. The apps install not only fonts, but also a piece of spyware.The applications in question, Free Galaxy Classic Fonts and Galaxy Fonts, allow users to install additional fonts on their Android smartphones. However, experts found that besides the fonts, an Android spy app called iKno is also installed. iKno monitors SMSs, calls, and the devices location, and sends the information back to a

Researchers uncovered new malware used by Chinese cyber criminals (Hacker News) Trend Micro researchers have uncovered a new backdoor piece of malware from the Winnti family, which are mainly used by a Chinese cybercriminal group to target South East Asian organizations from the video gaming sector

The U.S. military's supply chain risk called 'frightening' (Computer World) New report from the Alliance for American Manufacturing questions the military's use of foreign semiconductor and telecom equipment. The U.S. military's reliance on foreign-made products, including telecommunications equipment and semiconductors, is putting the nation's security at risk by exposing agencies to faulty parts and to the possibility that producing nations will stop selling vital items, according to a new report from the Alliance for American Manufacturing

Newly launched E-shop for hacked PCs charges based on malware 'executions' (webroot) On the majority of occasions, Cybercrime-as-a-Service vendors will sell access to malware-infected hosts to virtually anyone who pays for them, without bothering to know what happens once the transaction takes place.A newly launched E-shop for malware-infected hosts, however, has introduced a novel approach for calculating the going rate for the hacked PCs. Basically, theyre selling actual malicious binary executions on the hosts that the vendor is managing, instead of just selling access to the

DDoS Services Advertise Openly, Take PayPal (KrebsonSecurity) The past few years have brought a proliferation of online services that can be hired to knock Web sites and individual Internet users offline. Once only found advertised in shadowy underground forums, many of todays so-called booter or stresser services are operated by U.S. citizens who openly advertise their services while hiding behind legally dubious disclaimers. Oh, and they nearly all rely on Paypal to receive payments. Many of these booter sites are based on the same source code, meaning

China: Online predator or hapless host? (The Register) The Peoples Republic of China has been singled out in increasingly unequivocal language by the US and its allies as one of, if not the greatest, source of online attacks, be they perpetrated by criminals or the Chinese state itself. But amid all the anti-Beijing bluster, has China been given an unfairly bad rep

US government is 'biggest buyer' of zero-day vulnerabilities, claims report (Network World) US government is 'biggest buyer' of zero-day vulnerabilities, claims report. While the Pentagon is pointing its finger at China for hacking and cyberespionage, a Reuters report claims China's not the only cyber-devil…we are too. In fact, the US

Booming 'zero-day' trade has Washington cyber experts worried (Reuters) The proliferation of hacking tools known as zero-day exploits is raising concerns at the highest levels in Washington, even as U.S. agencies and defense contractors have become the biggest buyers of such products. White House

Online payment provider CashU warns Middle East PC users against potential increase in malware threats (Albawaba) Leading regional online payment provider CashU has warned Middle East PC users to remain diligent and protect their PCs with up to date antivirus and antimalware software in light of the recent malicious attacks across the region. The virus prompts users with an onscreen message that their PC is locked and asks users to send a set amount of money via CashU service to have their PC unlocked. While CashU service has not been interrupted nor has the integrity of our customers information been breached

Manila-Taipei cyberwar threatens to escalate as PHL group vows 'operation' (GMA News) The Anonymous #Philippine Cyber Army claimed Comelec's website www.comelec.gov.ph, which was still inaccessible Sunday afternoon, remained under cyber-attack by Taiwan. "Comelec is still under cyber attack by Taiwan. It has dealt great damage and

Comelec website down 2 days before polls, possible victim of cyber attack (GMA News) With two days before the May 13 elections, the Comelec website, along with several other government websites, became inaccessible. Comelec spokesman James Jimenez claimed that this was due to the volume of traffic rather than sabotage. Jimenez

US-Japan foreign ministry files thought leaked (AsiaOne) Last year's cyber-attack on the farm ministry, which is thought to have resulted in the leak of about 3,000 documents overseas, also included documents created jointly by the Foreign Ministry and the US government, sources revealed

City of Mobile Police Hacked & Data Leaked by Turkish Ajan (cyberwar news) Turkish Ajan hacker group has today announced a leak of data from the City of Mobile Police.The City of mobile police is located in the town of Mobile which claims to be the 3rd largest city in the U.S. State of Alabama and is the official police department for the county and surrounding area.The announcement has come from the official twitter account of Turkish Ajan

Washington Court Data Breach Exposes 160K SSNs (Threatpost) Attackers using a vulnerability in Adobe's ColdFusion app server were able to compromise servers belonging to the Washington State court system sometime in the last few months and walked off with data belonging to as many as a million residents of the state. The attackers had access to 160,000 Social Security numbers and the driver's license numbers and names of a million people

Administrative Office of the Courts announces data breach (Chinook Observer) Upon continued investigation, with the assistance of the Multi-State Information Sharing and Analysis Center (the key resource designated by the U.S. Department of Homeland Security for cyber threat prevention response and recovery for state, local and

Bitdefender Warns of 419 Scam Spreading on LinkedIn (eSecurity Planet) Bitdefender researchers recently received a LinkedIn message from a user identifying himself as Aziz Mohammed, a manager at Malaysia's Standard Chartered Bank. The LinkedIn user's profile appeared to have been built using the photo and profile

Patient data at risk after X-ray scam (FierceHealthIT) Protected health information for more than 17,000 patients of an orthopaedic clinic in North Carolina is at risk, thanks to a silver-mining vendor scam

Schnucks CEO Issues Message on Cyber Attack (KMOX.com) "I sincerely apologize for the inconvenience caused by the cyber attack on our card payment system. We were able to block access on March 30th and we increased security." Schnuck said customers can use any new debit and credit cards at the store "with

Security Patches, Mitigations, and Software Updates

Adobe Shipping Critical Fixes for Reader and Acrobat in May Patch (Threatpost) Adobe is set to publish security updates in various versions of its Acrobat and Reader software packages along with Microsoft in the May edition of Patch Tuesday

Microsoft Security Bulletin Advance Notification for May 2013 (Microsoft Security TechCenter) This is an advance notification of security bulletins that Microsoft is intending to release on May 14, 2013. This bulletin advance notification will be replaced with the May bulletin summary on May 14, 2013. For more information about the bulletin advance notification service, see Microsoft Security Bulletin Advance Notification

Cyber Trends

Ten Emerging Threats Your Company May Not Know About (Dark Reading) Some new attacks get a lot of attention. Here's a look at 10 that haven't, but ought to be on your radar. Security professionals are certainly not at a loss for things to worry about. Indeed, the list of threats to corporate systems and the data they contain is very long, and IT departments are constantly challenged in their efforts to mitigate these risks. Unfortunately, the security threats you know about are only the proverbial tip of the iceberg. Lying underneath the churning waves of business requirements and technology shifts is the bottom of the berg -- a threat that's scariest because it's largely unknown

US cyberwar strategy stokes fear of blowback (NBCNews.com) "The only people paying are on the offensive side," said Charlie Miller, a security researcher at Twitter who previously worked for the National Security Agency. A spokesman for the NSA agreed that the proliferation of hacking tools was a major concern

Cyber Insecurity: The 21st Century's Version of Air Pollution (Time) Then-defense secretary Leon Panetta referred to the threat of cyber attacks as a "cyber Pearl Harbor." - A senior Cyber Command official has declared that we are in the middle of a "cyber arms race." - Other experts have used public health as a

Power companies present cybersecurity gaps (USA Today) The U.S. military's top cybercommander said some of the nation's utility companies have lagged in investing in network security, raising concerns about the vulnerability of the nation's critical infrastructure. "The power industry has a wide scale, from companies that are very good to companies that need a lot of work and a lot of help," Gen. Keith Alexander, commander of Cyber Command, said Friday

Can collaboration defend US critical infrastructure? (FCW.com) Keith Alexander, National Security Agency director and commander of U.S. Cyber Command. "When you talk about legislation and developing standards, the power companies are really the ones who have the biggest problem, because if you say, 'We want

Nearly two-thirds of organizations do not enforce encryption policies, says analyst (FierceMobileIT) BYOD presents enterprises with a number of security and privacy challenges that must be addressed, Gib Sorebo, chief cybersecurity technologist at research firm SAIC, told an audience here at Interop on Thursday. Sorebo related that nearly two-thirds of organizations do not enforce encryption policies, which opens up corporate data to risk of unauthorized disclosure

Marketplace

Former presidential advisors named to Gov. Andrew Cuomo's Cyber Security Advisory Board (Auburn Citizen) Sony senior vice president and chief information security officer Phil Reitinger. Reitinger was the director of the National Cyber Security Center at the U.S. Department of Homeland Security. He also worked at the Defense Department's Cyber Crime

ANALYSIS: Why this surge of VC funding is different (USA Today) With companies and governments spending billions to repel cyber threats, a surge of venture capital has begun pouring into companies developing cybersecurity technologies. "Cyber is the front line of the conflict, and there is a tremendous need for solutions which secure the digital frontier," says Bob Ackerman, managing director of Allegis Capital

Huawei CEO Dismisses Security, Spying Concerns (InformationWeek) Company founder denies that Huawei employees would ever be forced to spy for China

Jim McAleese: The 2013 Sequester and How GovCon Firms Have Responded so Far (GovConWire) Jim McAleese, founder and principal at McAleese & Associates, recently caught up with Executive Mosaic, parent company of the Potomac Officers Club (P.O.C) and publisher of GovCon Wire, to provide some detailed insight and perspective into the 2013 sequester. McAleese will be speaking on May 14 at the P.O.C's Post-Sequestration Summit with nine other government and industry thought leaders about

Praescient Analytics: Decoding Data for National Security and Defense (Tech Cocktail) Katie Crotty, Yvonne Soto, and Patrick Ryan embarked on a mission when they started Praescient Analytics: revolutionize the way the world understands information with the latest analytics tools. It began as a modest offering, but soon blossomed into a $20-million-dollar business with clients in the Department of Homeland Security, the Department of Defense, and the intelligence community

A new defense contractor opens an office in WestGate Tech Park (Greene County Daily World) WestGate at Crane Technology Park has a new defense contractor that provides engineering and technical services support to a wide range of world-wide clients. Camber Corporation is opening a technology office in the tech park. Camber Corporation's customers span the global and federal market place and include Homeland Security, Department of Defense, and state governments as well as wide ranging international clients from Dubai to Japan, the Philippines, Africa, and Asia

Bloomberg bars reporters from client activity after spying scandal (Sydney Morning Herals) Financial data and news company Bloomberg says it has corrected a "mistake" in its newsgathering policies and cut off its journalists' special access to client log-in activity on the company's ubiquitous trading information terminals after Goldman Sachs complained about the matter last month.A person familiar with the matter said on Friday that Goldman Sachs became concerned about outside access after a Bloomberg reporter, investigating what she thought was the departure of a Goldman employee

Bloomberg's culture is all about omniscience, down to the last keystroke (Quartz) At Bloomberg, omniscience is a feature not a bug. The company's New York City skyscraper unfurls around its courtyard like a panopticon. Inside, the decor is punctuated at every turn with fish tanks. No one has an office to hide in, and the meeting rooms are enclosed in clear glass

What Bloomberg employees can see when they snoop on customers (Quartz) Bloomberg LP is in damage-control mode. Some of its largest customers have publicly accused the firm's journalists of snooping on their usage of Bloomberg terminals, the firm's wildly profitable information service for investors

Obama's Cyber Focus Fuels Check Point Advance (Businessweek) Check Point Software Technologies Ltd. (CHKP) had its longest…Obama and intelligence officials have said one of their top policy

Products, Services, and Solutions

Apple can decrypt iPhones for cops; Google can remotely "reset password" for Android devices (Boing Boing) Apple apparently has the power to decrypt iPhone storage in response to law-enforcement requests, though they won't say how. Google can remotely "reset the password" for a phone for cops, too

Open source NAC PacketFence 4.0 released (Help Net Security) PacketFence is a fully supported, trusted, free and open source NAC solution

Technologies, Techniques, and Standards

Are you obligated to point out security flaws if you're just hired for a small job? (Ars Technica) You don't want to throw an employee under the bus, but security holes should be fixed

Extracting Digital Signatures from Signed Malware (Internet Storm Center) Sometimes attackers digitally sign their malicious software. Examining properties of the signature helps malware analysts understand the context of the incident. Moreover, analysts could use the signature as an indicator of compromise. Here are some tips and tools for determining whether a suspicious Windows executable has been signed and for extracting the embedded signature in a Linux environment. We'll look at Pyew, Disitool and get a bit of help from OpenSSL

Bringing networking and security together through network automation (Help Net Security) The past ten years have seen a proliferation of increasingly complex network devices. Coupled with the recent rise in adoption of BYOD policies, mobile working practices, virtualisation and cloud

Research and Development

Google Has Aggressive Plans for Strong Authentication (Threatpost) Google has a long-term plan for strong authentication that ties log-ins to the operating system and hardware, and puts up barriers against man in the middle attacks and weak passwords

Did government scientists really create a secret quantum internet? (io9) But for two years, researchers at Los Alamos National Labs have been working on something they call network-centric quantum communications -- and this could usher in the next generation of hyper-secure, scalable, and affordable quantum cryptographic

Academia

How UNSW creates the world's best hackers (Sydney Morning Herald) It's noon on Tuesday and a group of four students are hovering over their laptops having just bunkered down in a room at UNSW's Kensington campus, where they're going to be for the next 24 hours hacking into IT systems. Computer cables, power boards, water bottles and brown paper bags full of food are spread across the table.Looking over the students' shoulders is their admired IT security lecturer and mentor, who likes to distance himself from being called an academic, laughs off the suggestion

Academic institutions urged to improve network and DNS configurations (Help Net Security) The Research and Education Networking Information Sharing and Analysis Center (REN-ISAC) has issued an alert to IT security staff, and network and DNS administrators urging them to improve their network and DNS configurations to prevent their institution from being an unwitting partner in DoS attacks

Legislation, Policy, and Regulation

Beyond Cellphone Unlocking: Don't Kill the First Reasonable DCMA Reform Bill (Wired) A funny thing happened on the way to Congress yesterday. For once, lawmakers introduced a common-sense bill: the Unlocking Technology Act of 2013. If passed, the bill would give Americans freedom to do what they need — unlock, repair, maintain

FBI's Latest Proposal for a Wiretap-Ready Internet Should Be Trashed (Wired) While it's not yet clear how dire the going-dark scenario really is, the statutory "cure" proposed by the FBI — with fines starting at $25,000 a day for companies that aren't wiretap capable — would surely be worse than the

Taiwan needs to speed up work on cyber-attack defence (The Nation) In an ever-growing virtual world, cyberwarfare is likely to overshadow ground

Cyber-attacks show PH 'vulnerability' - group (Rappler) The group behind the crowdsourced Magna Carta for Philippine Internet Freedom, which is being pushed by Sen Miriam Defensor Santiago, said that the recent distributed denial of service (DDoS) attacks on government websites showed the "vulnerability" of the country's Internet security

Japan, U.S. conclude 1st dialogue on cyber defense cooperation (GlobalPost) The participants included officials from Japan's Defense Ministry and National Information Security Center as well as the U.S. Department of Homeland Security and the Pentagon. The dialogue followed the decision of Japan and the United States to

Should Companies Be Required to Meet Certain Minimum Cybersecurity Protections? (Wall Street Journal) Cybersecurity specialists tackle the question of whether the government should set standards for protection of corporate computer networks. U.S. companies appear to have lots of not-so-secret secrets

Do we already live in a police state? (Examiner.com) However, the National Security Agency has spied on American citizens since at least 2001, according to the Electronic Frontier Foundation. Prior to the September 11 terrorist attacks, the NSA had listened in on several of the hijackers' phone calls

In our opinion: Wiretapping laws (Deseret News) In Utah, the National Security Agency is completing construction of a super-secret data center in Bluffdale that will reportedly have the wherewithal to intercept and monitor the entire daily tsunami of worldwide electronic communications

Litigation, Investigation, and Law Enforcement

Feds Won't Say if NSA Surveilled New York Terror Suspects (Wired) Federal authorities prosecuting two brothers on allegations they plotted to blow up a high-profile target in New York City are refusing to divulge whether they cracked the case by employing a style of warrantless electronic eavesdropping first introduced by President

UK spyware used against Bahraini activists – court witness (RT) UK spy technology was used against British citizen in Bahrain, new evidence filed in a UK high court has claimed. Activists are calling for a judicial review of the UKs failure to hold firms accountable for sales of spy software to repressive regimes.The evidence submitted contains a witness statement from Bahraini activist and writer Ala'a Shehabi, 30. She has both Bahraini and British citizenship, and is one of the founding members of Bahrain Watch, an independent research and advocacy organization

Legal Showdown on Cybersecurity (Wall Street Journal) When hackers broke into computer systems at Wyndham Worldwide Corp. and several of its hotels, they allegedly stole payment-card numbers for hundreds of thousands of consumer accounts.They also sparked a high-stakes legal battle over whether a federal agency can use its consumer-protection powers to police cybersecurity practices at American companies

Bank Muscat mulls options to recover card fraud money (Times Of Oman) Bank Muscat on Sunday said it is examining all options to recover $39 million it lost in a major fraud unveiled by US authorities last week."Bank Muscat is aware from press reports that a number of arrests in different jurisdictions have taken place in relation to the prepaid debit card fraud incident which we disclosed on February 25 and 26," the bank said in a disclosure statement posted on MSM website Sunday

Banks must get serious about cyber security (Gulf News) In the global rush to become part of the growing digital economy, few people seem to be paying much attention to security. Every week there are new stories of computer hackers finding inventive ways of breaking into computers, with the end result usually being the loss of millions of dollars. Last weekend, two local banks became the latest victims of online fraud when hackers found a way to increase the limit of prepaid debit cards, which were then used at ATMs to withdraw cash. Over $40 million

Massive Cyber-Heist Result of Weak Endpoint Security (PC Magazine) A cyber-gang walked off with $45 million in cash in an audacious cyber-attack earlier this year, according to court documents unsealed this week. As PCMag.com reported on Friday, eight individuals living in New York were indicted for their roles in a

Hacking Skills Used to Stop Cyber Attacks (WLBZ) Yesterday, U.S. prosecutors announced the arrest of seven suspects involved in a coordinated cyber attack. The suspects are accused of stealing $45 million from banks using ATMs across the world. This is not the first

Cyber-thieves snatched $45 million via Indian back office (The Hindu) Highlighting the global scale of the crime, Ms. Lynch said the U.S. Secret Service and Department of Homeland Security had worked in concert with law enforcement authorities in Japan, Canada, Germany, Romania the United Arab Emirates, Dominican

TRA denies penalties for using Skype in UAE (Emirates 24/7) The Telecommunication Regulatory Authority (TRA) has denied media report that UAE residents could be fined and imprisoned for using Skype. A report said today that some of the services that Skype offers - like making telephone calls - need a licence from the TRA and the violators could be fined up to Dh1 million and also imprisonment

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

CyberSecurity UAE Summit 2013 (Dubai, UAE, May 13 - 14, 2013) Review developments, strategies and best practice in global cyber security. Assess the nature of the latest threats being faced and the impact of these upon your organisation. Discuss the most promising...

GovSec (Washington, DC, USA, May 13 - 15, 2013) GovSec is the nation's premier event for Government, Homeland Security, and Law Enforcement professionals looking for proven strategies and cost effective technology so they can achieve their mission of...

Thriving in the Post-Sequestration GovCon Era (McLean, Virginia, USA, May 14, 2013) The Potomac Officers Club is hosting a summit for GovCon executives and government leaders to collaborate and share ideas on how to navigate a new era involving sequestration. At least five speakers, each...

cybergamut Technical Tuesday: Identifying TLS/SSL Encrypted Network Exploitation Activity Using Traffic Externals (Columbia, Maryland, USA, May 14, 2013) Jeff Kuhn of CACI describes recently completed CACI research using adaptive data analytics to distinguish encrypted exploitation activity from legitimate network traffic based on traffic externals in a...

Second Maryland Cybersecurity Center Symposium (MC2) (College Park, Maryland, USA, May 14 - 15, 2013) Drawing on regional experts of national and international acclaim, MC2's second Annual Cybersecurity Symposium will showcase the latest research, trends, and topics in cybersecurity, including: keynote...

FOSE (Washington, DC, May 14 - 16, 2013) FOSE is the premier event for government technology professionals interested in innovative, effective tools and solutions allowing you and your agency or organization to advance your mission. From IT managers...

7th Annual INSA IC Industry Day (Springfield, Virginia, USA, May 15, 2013) This annual event is held at the TS/SCI level in cooperation with ODNI as a comprehensive forum for IC leaders to relate their budget priorities to industry. The theme of this year's IC industry day is...

INSA Innovators' Showcase (Springfield, Virginia, USA, May 16, 2013) The INSA Innovators' Showcase is an opportunity for R&D focused companies to present innovative IRAD projects to a panel of government scientists selected by ODNI. Interested companies are asked to submit...

Hack Miami (Miami, Florida, USA, May 17 - 19, 2013) The HackMiami 2013 Hackers Conference seeks to bring together the brightest minds within the information security industry and the digital underground. This conference will showcase cutting edge tools,...

CEIC 2013 (Orlando, Florida, USA, May 19 - 22, 2013) The largest digital-investigations conference of its kind and the only one to offer hands-on lab sessions for practical skills development. CEIC offers relevant and practical information from expert speakers.

IEEE Symposium on Security and Privacy (San Francisco, California, USA, May 19 - 22, 2013) Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for the presentation of developments in computer security and electronic privacy, and for bringing together researchers...

Maryland/DC Celebration of International Trade (Linthicum, Maryland, USA, May 21, 2013) Join Maryland exporters and international business experts as they celebrate International Trade Week. Hosted by the Maryland/DC District Export Council this event is a content rich celebration of international...

U.S. Department of State Mobile Computing Forum (Washington, DC, USA, May 23, 2013) The U.S. Department of State's Bureau of Information Resource Management will host an educational forum and IT Expo, themed "Mobile Computing," reflecting their mission to empower diplomacy, consular services...

International Workshop on Cyber Crime (IWCC) (San Francisco, California, USA, May 24, 2013) The aim of this workshop is to bring together the research accomplishments provided by the researchers from academia and the industry. The other goal is to show the latest research results in the field...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.