Pakistan and China appear to have been the ultimate targets of a long-running and sophisticated Indian cyber espionage campaign, interesting on many levels, not the least of which is its choice of third-party attack paths. Norman Shark, which has been on investigative point, cautions against reading too much into the presence of an Indian security company's name in the malicious code: the company might be implicated, but it could also be a victim of misdirection.
The Lady Boyle remote access Trojan has appeared on South Korean military sites in a reconnaissance effort directed against that country's defense posture.
Sino-American cyber tensions continue to rise as the People's Liberation Army resumes operations against US targets. Well-connected advisors tell the US Administration it's time to go on the offense against China, and Congress yanks the Pentagon's leash over purchases of Chinese sitcom services. (Watch for similar scrutiny of Foxconn-built Apple products' appearance in Defense networks.) Analysts continue to explore how Chinese espionage represents a supply chain problem. The 2010 Google Aurora hack looked at the time like a campaign against Chinese ethnic minority activists, but now seems to have been a counterespionage effort: the hackers were after US Government surveillance requests in Google databases.
A new version of the Citadel banking malware is circulating in Payza, a money transfer service popular in the developing world.
Connoisseurs of US Army procurement will follow the latest DCGS-Palantir smack-down with interest.
Journalists react with alarm to an apparently growing US Government tendency to regard them as accessories to espionage.
[Updated 08.01.2014 cwu000-003]
Today's issue includes events affecting Azerbaijan, Belarus, Brazil, China, Cuba, Georgia, India, Italy, Japan, Kazakhstan, Republic of Korea, Democratic Peoples' Republic of Korea, Mexico, Pakistan, Russia, South Africa, Sweden, Syria, Tajikistan, Turkey, United Nations, United States, and Uzbekistan..
Cyber Attacks, Threats, and Vulnerabilities
Indian 'attacks' Norwegian telco to get at Pakistan, China(The Register) Security researchers have uncovered what appears to be a sophisticated targeted attack launched from India and designed to steal information from a range of government and private enterprise victims in Pakistan, China and elsewhere
Cyber-Spying Campaign Traced Back to India: Researchers(eWeek) Security researchers link a cyber-attack on a Norwegian telecommunications carrier to India's IP space and to potential nation-state espionage. A widespread espionage network that targeted a Norwegian telecommunications provider and several groups in Pakistan appears to have links to India, Norway-based security firm Norman AS and the Shadowserver Foundation stated in an analysis released on May 20
APT Attacks Trace To India, Researcher Says(InformationWeek) Multi-year hacking campaign targeted mining companies, legal firms, Pakistan, Angolan dissidents and others in Pakistan, the U.S., Iran, China and Germany
Aurora attackers were looking for Google's surveillance database(Help Net Security) When in early 2010 Google shared with the public that they had been breached in what became known as the Aurora attacks, they said that the attackers got their hands on some source code and were looking to access Gmail accounts of Tibetan activists. What they didn't make public is that the hackers have also accessed a database containing information about court-issued surveillance orders that enabled law enforcement agencies to monitor email accounts belonging to diplomats, suspected spies and terrorists
National Security Data on Private Networks Exposed as a Weak Point(Threatpost) The United States intelligence community and its counterparts in law enforcement are quite secretive about their surveillance methods and the targets of those operations. Few people are privy to information about ongoing surveillance, but now it turns out that the Chinese government may have a better handle on who some of those targets are than the average U.S. citizen or politician does
APT1 Three Months Later — Significantly Impacted, Though Active & Rebuilding(Mandiant M-unition) On 18 February 2013, Mandiant released a report exposing one of China's cyber espionage units. The group, which Mandiant calls APT1, is one of the most prolific we track in terms of the sheer quantity of information it has stolen. The scale and impact of APT1′s operations compelled us to write the report and release more than 3,000 Indicators to help organizations defend against APT1's tactics. The report linked APT1 to a unit within China's People's Liberation Army and received widespread attention from the media and from the U.S. government
Operation Beebus and the Beginning of Era of Hacking Drones(Cyberoam) The dust has hardly settled on the cyber attacks on Iranian nuclear program that brought out the infamous Stuxnet worm into the open, and Cyber warfare seems to be already leaping into a new era- an era of hacking drones. Drones are nothing but unmanned aerial vehicles (UAVs) and are of strategic importance to military and intelligence arms of nation states. Hacking into aerospace, defense, and telecommunications organizations was so far not too common but security experts of late have observed a series of such attacks and termed it operation Beebus. Operation Beebus seems to have stolen data from several companies regarding all aspects of unmanned vehicles (drones) from research to design to manufacturing of the vehicles and their various subsystems
New Citadel Malware Strain Targeting Payza Service(Threatpost) A new variant of Citadel malware is making the rounds that are targeting Payza, a money transfer service popular all over the world, especially in developing nations that are under-serviced when it comes to online banking access
Lookitsme Breached, 4294 Accounts leaked From 300,000(Cyberwarzone) A British based chat and social website has become victim to hackers after its security failed to keep them out. The site named Lookitsme (http://www.lookitsme.co.uk) which appears to be a adult social and chat site which allows users to have personal gallery's, get rated by others on "looks" and have chats with others has become a target after its system was found to be insecure and a hacker using the handle
Moore, Oklahoma tornado charitable organization scams, malware, and phishing(Internet Storm Center) I find it sad that in times when people are facing disaster, many have died, others missing, and the survivors facing having lost everything that there are scumbags who will try to take advantage. Be very wary of any charity that is raising funds for victims of any disaster, particularly one that has not been around for very long. There are many legit charities, I would recommend sticking to ones you are already familiar with. The American Red Cross for example has been around for a long time, does amazing work, and is always in need of funding. They are just one example of a well established charity that does good work and is already involved in helping out in Moore, Oklahoma
Official United Nation Pacific Website Hacked by Pakistani Hacker(Hack Read) H4x0r HuSsY from Pakistan who was in news for his high profile hacks against India and Sri Lankan is back with another one, this time the official website of United Nation Pacific (http://pacific.one.un.org/) has been hacked and defaced few hours ago
South Africa Police Service Hacked(Cyberwarzone) South Africa Police Service (SAPS) website has reportedly been struck by hackers, a move that will not only embarrass the police but question how serious state treats information security for protecting citizens
Timesofmalta.com claims it was victim of 'possible cyber attack'(MaltaToday) The Times of Malta has claimed its website experienced a sudden increase in requests "in what could have been a cyber attack", the newspaper reported today. The site experienced a denial of service attack which the Times said was "usually associated
New commercially available DIY invisible Bitcoin miner spotted in the wild(Webroot Threat Blog) Just as we anticipated in our previous analysis of a commercially available Bitcoin miner, cybercriminals continue "innovating" on this front by releasing more advanced and customizable invisible Bitcoin miners for fellow cybercriminals to take advantage of. In this post, we'll profile yet another invisible Bitcoin miner, once again available for purchase on the international cybercrime-friendly marketplace, emphasize on its key differentiation features, as well as provide MD5s of known miner variants
Zero-day vulnerabilities in first-person shooter game engines allow attackers to pwn your PC(ComputerWorl) Are you are gamer? If the answer is also "yes" to playing first-person shooters, then listen up. "Thousands of potential attack vectors" in game engines, open the way to "millions of potential targets" aka players, explained ReVuln Security researchers Luigi Auriemma and Donato Ferrante. At NoSuchCon, they presented "Exploiting Game Engines For Fun & Profit". The researchers found zero-day vulnerabilities to exploit game engines such as CryEngine 3, Unreal Engine 3, id Tech 4 and Hydrogen Engine
Sharyl Attkisson's computers compromised(Politico) Sharyl Attkisson, the Emmy-award winning CBS News investigative reporter, says that her personal and work computers have been compromised and are under investigation. "I can confirm that an intrusion of my computers has been under some investigation on my end for some months but I'm not prepared to make an allegation against a specific entity today as I've been patient and methodical about this matter," Attkisson told POLITICO on Tuesday. "I need to check with my attorney and CBS to get their recommendations on info we make public"
Guantanamo Wi-Fi Access Shut Down Amidst Cyber Threats(PC Magazine) Officials at Guantanamo Bay prison shut down access to wireless Internet service as well as social networks over the weekend amidst concerns about a coordinated cyber attack. Service has since been restored, an Army spokesman confirmed
Wi-Fi client security weaknesses still prevalent(Help Net Security) Google Android, Apple iOS, BlackBerry, and Windows Mobile devices have an inherent security weakness in the method they use for connecting to Wi-Fi networks that has the potential for exploitation by skilled cyber-attackers says security expert Raul Siles
Three wireless security myths - busted!(Naked Security) Last year Sophos looked at Wi-Fi security in London and Sydney and the results weren't fantastic. So we thought it was time to make a short revision video, just in time for 2013 Cyber Security Awareness Week in New Zealand
Akron: Attorneys assist concerned residents after cyber attack(WKYC-TV) "We are treating this cyber attack as we would any other attack on the city and its residents," Mayor Don Plusquellic says. "Although we already had extra people manning the 311 phone lines, we are significantly expanding our staffing in the hopes that
Former CIA Director Warns About Cyber Threats From North Korea(Wall Street Journal) Former CIA Director R. James Woolsey, Tuesday, said that the United States is at risk of a devastating cyber attack delivered by North Korea. Such an attack would use electromagnetic radiation to potentially wipe out 70% of the U.S. electric grid and
Swedish Telcom Giant Teliasonera Caught Helping Authoritarian Regimes Spy on Their Citizens(Electronic Frontier Foundation) According to a recent investigation by the Swedish news show Uppdrag Granskning, Sweden's telecommunications giant Teliasonera is the latest Western company revealed to be colluding with authoritarian regimes by selling them high-tech surveillance gear to spy on its citizens. Teliasonera has allegedly enabled the governments of Belarus, Uzbekistan, Azerbaijan, Tajikistan, Georgia and Kazakhstan to spy on journalists, union leaders, and members of the political opposition. One Teliasonera whistle-blower told the reporters, "The Arab Spring prompted the regimes to tighten their surveillance…There's no limit to how much wiretapping is done, none at all"
Cyberwar of words(SC Magazine) Flip through the cyberwar headlines over the last decade and you'll find that governments and members of the cybersecurity industrial complex have taken to using terms like 'active defense', 'maginot line', and 'preemptive warfare
Los Alamos Director Echoes Cyber Concerns(PRNewswire) Los Alamos National Laboratory Director Charlie McMillan told a gathering of energy executives today that securing the electrical grid is a major concern now and it's only becoming more serious. "If you look back at the last year, there were several hundred attacks on critical infrastructure," McMillan said, addressing attendees at the Deloitte Energy Conference near Washington, DC. "More than 40 percent of those attacks were on the energy sector"
Is Michigan prepared for a cyber attack?(Crain's Detroit Business) Imagine someone hacking into our waste management system, causing millions of gallons of raw sewage to spill into our rivers, lakes and parks. Marine life across our lakes and rivers dies, the stench is horrible and diseases spread fast
Small businesses beware! Point-of-sale malware is after you(Naked Security) Malware targeting point-of-sale (POS) systems has been a major trend for the last six months. With easy pickings to be had from mom-and-pop shops, this pattern is only going to grow until people start fighting back with better system security, and ideally better payment card systems
Finding the time for cyber security(TechRadar) Possibly the most disturbing feature to emerge from the Federation of Small Businesses' (FSB) new cyber security report is that making computer systems secure can be a complex and time consuming process that a lot of small firms can't manage
The real cyber threat(GLobal Public Square) The announcement by prosecutors that charges had been filed against suspected cyber thieves believed responsible for stealing $45 million in a matter of hours from ATM's in two dozen countries should send a stark message to governments around the world - banks could be the most vulnerable front in cyber space
The true root causes of software security failures(Computer World) Developers being overly trusting is one of them. In the 10 years since I launched my consulting/training venture, I've worked with thousands of software developers around the world. As you might expect, I've seen many software security failures. Given that experience, I'm often asked what I think are the biggest, baddest mistakes made in software today
China Isn't The Only Source Of Cyberattacks(Wall Street Journal) On Friday, the Financial Times became the latest victim of the Syrian Electronic Army when the pro-Assad group hijacked the newspaper's technology blog and its Twitter account. Since the hacker group emerged in 2011, it has attacked the Associated Press, the BBC, Al Jazeera, Harvard University and even Oprah Winfrey's Facebook page and the satirists at the Onion
Weak Links in the Supply Chain(Volokh Conspiracy) Intrusions on our networks have reached new heights. They have moved from penetration of government and military systems to wholesale compromises of companies, trade associations, think tanks, and law firms. Most of these attacks have been carried out for espionage purposes - stealing commercial, diplomatic, and military secrets on a massive scale
Honeywell wins $26M contract for cyber-related support services(Washington Technology) These services will support the Fleet Cyber Command's Cyber Security Inspection Certification Program as well as verification, validation and reporting effort for oversight of Navy Marine Corps Intranet/Next Generation Enterprise Network, the Defense
BAE Systems to Provide Advanced Data Management Capabilities to the National Geospatial-Intelligence Agency(Fort Mill Times) The National Geospatial-Intelligence Agency (NGA) awarded BAE Systems the iSToRE XP contract to provide advanced data management capabilities in support of National System for Geospatial-Intelligence (NSG) sites and users. The software solution is built on BAE Systems' commercial product, GXP Xplorer, which enables analysts to easily access their local data and connect to remote geospatial data stores and libraries
Prolexic Gets Clickpoint! Media Back Online Quickly After Layer 4 SYN Flood DDoS Attack Campaign(Yahoo Business and Finance) Prolexic, the global leader in Distributed Denial of Service (DDoS) protection services, announced today that Clickpoint! Media has chosen Prolexic as its DDoS mitigation services provider for multiple websites across its media services network. Clickpoint! offers a network of media services designed to help marketing and advertising organizations optimize their campaigns for greater return on investment, increased web traffic and heightened brand awareness
Blue Coat Buys Intel-Backed Solera Networks To Beef Up In Big Data, Encrypted Data Security(TechCrunch) Web security provider Blue Coat Systems — itself acquired in a $1.3 billion deal by Thoma Bravo at the end of December 2011 — is making an acquisition today: it's buying Solera Networks, a specialist in big data security, for an undisclosed sum (although we have reached out to the company to ask). The deal is expected to close in the next thirty days
Products, Services, and Solutions
Google Adds Conversational Search In Latest Chrome Build, We Go Voice On(TechCrunch) Google has updated Chrome in build 27 to include conversational voice search, a feature it demoed on stage at Google I/O this year that allows you to search by voice, but also transcribes your queries in real time and lets you use natural language, asking Google straightforward questions and getting straightforward answers, both read back to you by dictation and in actual Google search results
Microsoft Curbs Click-Fraud in ZeroAccess Fight(Threatpost) Microsoft observed a precipitous drop-off in click-traffic on their "extended publishing network," which they claim reflects a similar drop-off in click-fraud, as a result of the actions they have taken to stymie ZeroAccess, according to Microsoft Malware Protection Center researchers Tommy Blizard and Nikola Livic
Find TrueCrypt and BitLocker encrypted containers and images(Help Net Security) Passware announced that Passware Kit Forensic 12.5 can now recognize hard disk images and containers, such as TrueCrypt, BitLocker, PGP, during a computer scan. For a computer forensic professional this means that no evidence is hidden inside a volume
Amazon Cloud Gets Federal Stamp Of Approval(InformationWeek) FedRAMP was created through a joint effort by the General Services Administration, National Institute of Standards and Technology, Department of Homeland Security, Department of Defense, National Security Agency, Office of Management and Budget and
Dell updates SonicWall security appliances(V3) Ranging from six to 24 core deployments, the network appliances will sport the Reassembly-Free Deep Packet Inspection security platform and will be able to analyse traffic in real time without adversely impacting network latency
Compliance Manager launched to meet increasing demands
(Retail Digital) A new service designed to help organisations deal with the increased pressure of governance, risk and compliance (GRC) processes was launched by leading global information assurance firm, NCC Group. Roger Rawlinson, Managing Director Assurance
Proficio Partners With Qualys to Provide Cloud-Based IT Security and Compliance for Medium-Sized Businesses(Wall Street Journal) Qualys, Inc. (NASDAQ: QLYS), a pioneer in cloud-based security and compliance solutions, and Proficio Inc., a leading provider of managed security services, today announced a partnership to provide the QualysGuard suite of IT security and compliance solutions along with Proficio's managed services -- providing customers with a cost-effective, comprehensive security and compliance solution that includes continuous monitoring, logging, analysis and remediation
Intel rolls out one development tool for all Android platforms(FierceCIO: TechWatch) Intel is rolling out a new development environment that it hopes will help developers build apps for Android devices on both ARM and Intel microprocessors. Called Beacon Mountain 0.5, the tool is said to facilitate and accelerate the design, coding, and debugging of applications
After Getting Booted From Apple's App Store, Mobile Privacy App Clueful Returns On Android(TechCrunch) Clueful, the mobile privacy app Apple booted from its App Store for being too revealing -- or possibly because of its own behavior - is staging a comeback. This time around, Clueful's maker Bitdefender is targeting Android users instead, with plans to reveal what the apps on your phone are doing, and how your privacy may be compromised in the process
Technologies, Techniques, and Standards
The Top 10 Internet Resources to Use After Suffering a Cyber Breach(Infosec Institute) Most cyber breaches into your online presence will be directed at your website server and its accompanying databases or accounts. And, if you've been the victim of a server hack, it probably occurred through one of two different means. The first would be an attack at some sort of weakness in third party web applications, or at addons/plugins that are attached to them and working from within your hosting server; the attack could even have taken place against your LAMP software bundle components. Secondly, your servers could have been breached because someone with password access accidentally or deliberately infected them with malware through FTP
How to protect PCs from dummies(FierceCIO: TechWatch) It pays to dummy proof PCs for your family and friends, according to Brad Chacos of PC World. Speaking from his experience doubling as the unofficial--and probably overworked--one-man tech support crew for family and friends, Chacos offers some advice on how to preempt common PC problems before they happen
USC Viterbi Offers New Master's Program in Cyber Security(Sacramento Bee) "The USC Viterbi School of Engineering is in a strong position to offer this program, as USC is a National Security Agency (NSA) and Department of Homeland Security (DHS) Center of Academic Excellence in Research," said Schorr. "Through interaction
Legislation, Policy, and Regulation
House Panel Shoves Pentagon-China Satellite Deal Out of the Airlock(Wired) The Pentagon insists that its deal with a Chinese satellite firm to carry U.S. troops' communications isn't a security risk. But Congressmen with the ultra-influential House Armed Services Committee don't want to leave military data in Beijing's hands. They're moving to block any future contracts, like the one the Defense Department just signed
Congress Smashes Pentagon's New Den of Spies(Wired) If the Pentagon's not careful, it's going to find its new network of spies rolled up by Congress. The Defense Clandestine Service was supposed to be the Defense Department's new squad for conducting "human intelligence" -- classic, informant-based spying. The idea was to place up to 1,600 undercover operatives and military attachés around the world, collecting tips on emergent battlefields. The problem was that the U.S. already had a human intelligence crew: the CIA. Almost immediately after the Defense Clandestine Service was introduced, an array of outside observers began to loudly question its value
A backdoor into Skype for the Feds? You're joking…(The Register) Gov-enhanced hacking capability is bad, says PGP dude. Heavyweights of the cryptographic world have lined up behind a campaign against proposed US wiretapping laws that could require IT vendors to place new backdoors in digital communications services
Is government on the wrong road with cybersecurity?(FCW) And it's not just the technology that changes; it's the employment of that technology; the operations and practices," Chris Inglis, National Security Agency deputy director, said May 21 at the Center for Strategic and International Studies
US, India pledge to collaborate on combating terrorism(Daily News & Analysis) The two countries also agreed to combat the flow of illicit finances and currency counterfeiting, and to work closely to counter terrorism and promote cyber security, the Department of Homeland Security said in a statement. Both US and India plan
Cyber-attack defenses compiled(The Japan Times) A government panel on Tuesday compiled a final draft of cyber-attack countermeasures, including a proposal to boost the capabilities of the Self-Defense Forces to tackle high-level strikes possibly conducted by foreign governments. "We need to quickly
As Chinese Leader's Visit Nears, U.S. Is Urged to Allow Counterattacks on Hackers(New York Times) With President Obama preparing for a first meeting with China's new president, a commission led by two former senior officials in his administration will recommend a series of steps that could significantly raise the cost to China of the theft of American industrial secrets. If milder measures failed, the commission said, the United States should consider giving companies the right to retaliate against cyberattackers with counterstrikes of their own
Litigation, Investigation, and Law Enforcement
U.S. DOJ accuses journalist of espionage(Help Net Security) Last week's revelation that the U.S. DOJ has successfully subpoenaed two months' worth of telephone toll records for phones of AP journalist has created quite an uproar in media circles
Government Will Decide What We Can Know(New York Times) It tried to impose a lengthy prison term on Thomas Drake, a former National Security Agency official who exposed serious agency corruption and wrongdoing, only for its case to fall apart shortly before trial. A formal United Nations investigation found
Leakers, Recipients, and Conspirators(Volokh Conspiracy) Leaks to reporters -- and investigations of the leaks that included subpoenas of reporters' e-mail logs and searches of reporters' e-mail -- have been in the news; see this post by Orin about the AP story and this post by Conor Friedersdorf (The Atlantic) about the Fox News story. I thought I'd say a few things about the First Amendment issues involved in such matters, especially in response to the Friedersdorf post
DOJ censures former attorney for leak while State Dept. leak investigation continues(FierceGovernment) The former top federal prosecutor in Arizona violated Justice Department policy when he shared an internal memorandum with a Fox News reporter, the DOJ office of inspector general says in a new report, released amid new revelations about the prosecution of a State Department contractor who also allegedly leaked information to a reporter
Scripps Reporters Accused of Hacking In Lifeline Data Breach(Threatpost) Investigative reporters for the Scripps news service have been threatened with legal action after informing a telecommunications company that confidential data on tens of thousands of applicants was available on the Internet. The reporters were said to be looking into companies participating in Lifeline, a federal program that provides discounted phone service for qualified low-income
Eurovision Vote Theft, Russians investigating(Cyberwarzone) Russia's point man on Syria and on its relations with the U.S. is turning his attention toward a subject close to Russian hearts — alleged vote theft at the Eurovision Song Contest
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
CEIC 2013(Orlando, Florida, USA, May 19 - 22, 2013) The largest digital-investigations conference of its kind and the only one to offer hands-on lab sessions for practical skills development. CEIC offers relevant and practical information from expert speakers.
IEEE Symposium on Security and Privacy(San Francisco, California, USA, May 19 - 22, 2013) Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for the presentation of developments in computer security and electronic privacy, and for bringing together researchers...
U.S. Department of State Mobile Computing Forum(Washington, DC, USA, May 23, 2013) The U.S. Department of State's Bureau of Information Resource Management will host an educational forum and IT Expo, themed "Mobile Computing," reflecting their mission to empower diplomacy, consular services...
International Workshop on Cyber Crime (IWCC)(San Francisco, California, USA, May 24, 2013) The aim of this workshop is to bring together the research accomplishments provided by the researchers from academia and the industry. The other goal is to show the latest research results in the field...
Web 2.0 Security and Privacy(San Francisco, California, USA, May 24, 2013) The goal of this one-day workshop is to bring together researchers and practitioners from academia and industry to focus on understanding Web 2.0 security and privacy issues, and to establish new collaborations...
Maryland/DC Celebration of International Trade(Linthicum, Maryland, USA, May 21, 2013) Join Maryland exporters and international business experts as they celebrate International Trade Week. Hosted by the Maryland/DC District Export Council this event is a content rich celebration of international...
IEEE-Cyber 2013(Nanjing, China, May 26 - 29, 2013) This conference will cover cyber physical systems, cyber control and automation, cyber robotics, and the Internet of things.
Cyber Security @ CeBIT(Sydney, New South Wales, Australia, May 28 - 30, 2013) The Cyber Security Conference will serve as a platform where all those involved in securing and governing ICT within an organisation can discuss the newest challenges and strategies. The event is a must-attend...
Cyber Security for the Chemical Industry(Franfurt, Hessen, Germany, May 29 - 30, 2013) It is becoming increasingly more important than ever to be aware of the latest cyber threats, and equipped to protect your company from them. In addition to physical security, these industries are faced...
DGI Cyber Security Conference & Expo(Washington, DC, 2013, May 30, 2013) Data security threats continue to increase in number and sophistication. The growing use of collaborative technologies - from mobile devices and social media to virtualization and cloud computing - will...
Diversity Careers in Cybersecurity Symposium(Baltimore, Maryland, USA, May 30 - June 2, 2013) The 2013 Diversity Careers in Cybersecurity Symposium creates opportunities for networking and learning. We invite top executives to give presentations on topics ranging from leadership best practices...
Recent Advances in Reverse Engineering (RARE)(San Francisco, California, USA, June 1 - 2, 2013) The goal of the rare conference is to provide a venue where people interested in the analysis of binary programs can speak to one another directly, and to form a common language outside of their respective...
2013 St. Louis CISO Summit(, January 1, 1970) Be on the forefront of a new global initiative where today's world-class leaders in information security will gather to navigate through international waters. Join these leaders as they follow the wind...
Consumerization of IT in the Enterprise Conference and Expo(San Francisco, California, USA, June 2 - 4, 2013) From smartphones to mobile apps, social software and 4G networks, the wave of innovation in the consumer space is transforming the way companies do business, both inside and outside of the enterprise.
Pen Test Berlin 2013(Berlin, Germany, June 3 - 9, 2013) SANS Pen Test Berlin 2013 takes place from June 3rd to June 8th in the Radisson Blu Hotel on the bank of Berlin's River Spree. SANS will offer penetration testing courses as well as a series of presentations...
CyCon 2013: 5th International Conference on Cyber Conflict(Tallinn, Estonia, June 4 - 7, 2013) CyCon 2013 is an annual NATO Cooperative Cyber Defence Centre of Excellence conference that is conducted with the technical cooperation of the IEEE Estonia Section. CyCon 2013 will focus on the technical,...
NSA SIGINT Development Conference 2013(Fort Meade, Maryland, USA, June 4 - 5, 2013) The National Security Agency is responsible for providing foreign Signals Intelligence (SIGINT) to our nation's policy-makers and military forces. SIGINT plays a vital role in our national security by...
U.S. Census IT Security Conference and Exposition(Suitland, Maryland, USA, June 5, 2013) The Census Bureau's Information Technology Security Office (ITSO) and the Census Bureau's Data Stewardship Office is putting together a series of workshops on 'Information Security' and 'protecting your...
RSA Conference Asia Pacific 2013(Singapore, June 5 - 6, 2013) Join your fellow information security professionals at the inaugural RSA Conference Asia Pacific, where we'll be discussing security issues from both a global and Asia Pacific perspective. Delegates will...
29th Annual INSA William Oliver Baker Award Dinner(Washington, DC, USA, June 7, 2013) his year's awardee is General Michael V. Hayden, former Director of the Central Intelligence Agency and the National Security Agency. Registration is now open and tables are available for purchase.
2013 Cybersecurity Innovation Expo(Baltimore, Maryland, USA, June 10 - 13, 2013) Do not miss the opportunity to participate in the 2013 Cyber Innovation Forum with active participation from National Institute of Standards and Technology (NIST), the National Security Agency (NSA), and...
CISSE 17th Annual Colloquium(Mobile, Alabama, USA, June 10 - 13, 2013) The Colloquium for Information Systems Security Education will meed in Mobile to discuss topics of great interest to our community, including cyber security education, certification, and accreditation.
3rd annual Cyber Security Summit(, January 1, 1970) Over the last 2 years, the summit has gathered 150+ senior Defence, National Security and Industry executives to address current and emerging cyber threats to Australia's security. Now in its 3rd year,...
NovaSec!(McLean, Virginia, USA, June 13, 2013) NovaSec! is Northern Virginia's largest Cybersecurity and physical security networking event of the year. We are bringing together security professionals from commercial and government organizations with...
Suits and Spooks La Jolla 2013(LaJolla, California, USA, June 15 - 16, 2013) Exploring Cyber Warfighting and Threat Mitigation for Corporations and Governments. The original concept for this event was to look at what special operations forces and corporate CERTs or SOCs have in...
25th Annual FIRST Conference(Bangkok, Thailand, June 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.
Hack in Paris(Paris, France, June 17 - 21, 2013) This five day event will examine forensics, malware analysis, and corporate hacking techniques, and what could be better, it is held at the Euro Disney conference center outside of Paris. It has attracted...
2013 ICAM Information Day and Expo(Washington, DC, USA, June 18, 2013) This day provides a forum for the Identity, Credential and Access Management (ICAM) community to get first-hand information on current identity management and related technologies.
Buzzword Forensics: Mobile is the Future…and the Future is Now(Laurel, Maryland, Sioux Falls, June 18, 2013) Digital forensics is evolving, as all forensic sciences must evolve. With the explosive growth of the Internet as context, the discipline of digital forensics has evolved significantly since the last millennium.
NASA National Capital Region Industry Days(Washington, DC, USA, June 25 - 27, 2013) This dedicated Information Technology Expo - sponsored by the Office of the Chief Information Officer - will serve as a focal point for NASA personnel to learn about the latest products and advances in...
AFCEA International Cyber Symposium 2013(Baltimore, Maryland, USA, June 25 - 27, 2013) Cyber threats and challenges grow every day. Successfully defending our networks requires a team approach. With this in mind, the Cyber symposium will engage the key players, including the U. S. Government,...
ShakaCon(Honolulu, Hawaii, USA, June 25 - 28, 2013) This is the fifth year this "laid back security conference in paradise" is being held. Some solid presentations and training on malware analysis and penetration testing. After all, what could be better...
American Technology Awards Technology and Government Dinner(Washington, DC, USA, June 30, 2013) TechAmerica Foundation hosts its Eleventh Annual Technology and Government Dinner at the Ronald Reagan Building in Washington DC. The dinner continues to serve as the premier Washington, DC technology...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.