Iranian hackers (state-sponsored, according to reports) are said to have breached an unclassified US Navy network. Cyber-rioting continues in the Indian subcontinent.
WordPress vulnerabilities are being exploited to create a DDoS botnet. Researchers also discern malware brute-forcing user credentials from WordPress.
The Internet Explorer zero-day exploit appears more widespread than thought. Email encrypted with widely used PGP software is, says PGP's creator, fatally vulnerable to interception. Yahoo's recycled names continue to raise security issues (and analyst hackles).
The Mevade Trojan endemic to Tor has its roots in a much older threat. Spearphishing remains an imperfectly addressed threat to power grid security. CIO runs down seven "devious" hacking techniques.
Analysts discern a hacktivist shift toward social networks. Dark Reading foresees a breakdown in online commerce's trust model. Wearable devices prompt inevitable speculation about novel threats and vulnerabilities.
Industry news is dominated, in the US at least, by the possibility of a "Government shutdown" at midnight; experts explain what this might actually mean. Cyber skills continue to be scarce and expensive, and more employers are seen willing to reach out to "hackers" with dodgy backgrounds to fill skills gaps. In Maryland, bwtech@UMBC graduates its first start-up class: AccelerEyes, Five Directions and Oculis Labs. Down I-95, Virginia's Center for Innovative Technology pushes similar innovation through the Mach37 accelerator.
Congressional deliberation over NSA surveillance continues. The US and Japan move toward closer cyber collaboration. Britain moves toward a national cyber warfare reserve force.
The FBI begins investigating last week's breach of major data brokers.
Today's issue includes events affecting Brazil, Canada, European Union, France, Germany, India, Iran, Japan, Pakistan, South Africa, Switzerland, Taiwan, Thailand, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
Iranian Hackers infiltrated US Navy computers(Hacker News) The Wall Street Journal reported that Iranian hackers have successfully penetrated unclassified US Navy computers, the allegations were made by US officials that consider the attacks a serious intrusion within the Government network
Free Kashmir Says Pakistani Hackers after Hacking and Defacing 20,000 Indian Websites(Hack Read) Two Pakistani hackers going with the handle of Dr@cul@ and Muhammad Bilal have hacked and defaced twenty thousand (20,000) Indian websites against Indian government and in support of alleged freedom movement in Indian administrated Kashmir. All sites were left with a deface page along with a message in support of Kashmir, asking Indian government to leave Kashmir or the hackers will keep on attacking Indian
The Official NUST SEECS subdomain hacked by Hasnain Haxor(HackersPost) The official subdomain of NUST SEECS has been hacked and defaced by a hacker with the handle "Hasnain Haxor". The hacker is from the hacking group Pakistan Haxors Crew (PHC). NUST School of Electrical Engineering and Computer Science (NUST-SEECS, formerly NUST Institute of Information Technology, is the biggest and top school in Islamabad, Pakistan. Mobilink Career Blog, FATA secretariat
Hackers launch huge DDoS attack using WordPress websites(ITProPortal) Thousands of WordPress websites are being used to carry out a huge cyber attack campaign in the form of a distributed denial of service [DDoS] attack. The Hacker News reports that hackers have targeted "a large number" of sites on the WordPress platform after successfully compromising some 90,000 servers way back in April 2012 and in the process have created a WordPress botnet
Malware With Bruteforce Capabilities(abuse.ch) Today I came across an interesting piece of malware that attacks websites that are running WordPress by trying to guess the users credentials using brute-force methodology. Arbor already did an analysis of this threat in the beginning of September which they have published under the name Fort Disco. However, the brute-force attacks issued by Fort Disco is not limited to Content Management Systems (CMS)
Old Mac malware uncovered(ZDNet) Icefog, a Mac version of Windows malware, is a year old but only recently discovered by Kaspersky. It was used experimentally in the far east, bundled with the legitimate program Img2icns. In a report on the Icefog APT (Advanced Persistent Threat) Kaspersky Lab reveals that the authors created a Mac program to connect to their botnet. It was used in limited, experimental attacks in the far east, primarily in South Korea and Japan
Why You Need To Pay Attention To The Slow HTTP Attack(Acunetix) Okay, I admit, I haven't been stressing enough to people just how critical the Slow HTTP vulnerability really is. The Slow HTTP flaw is present on practically every Apache-based system I test and can facilitate denial of service (DoS) conditions rendering even the most resilient web environments useless
New anti-malware drive focuses on 'EvilGrab'(ComputerWorld) A new malware targeting governments in Asia and Europe has recently been discovered by Trend Micro. Called EvilGrab, the malware is found to be the object of the new anti-APT (advanced persistent threat) campaign that targets security software and uses a system's audio and visual components to seize information after monitoring the data
EE hit by weekend of outages(ComputerWeekly) Users of the EE mobile network were affected by outages over the weekend, with little explanation offered up by the operator. Customers were unable to access mobile data up and down the country, with some of the problems falling over into Monday morning
The Ghost in the (Portable) Machine: Securing Mobile Banking(TrendLabs Security Intelligence Blog) Online banking is one of the many tasks that have been made more convenient by mobile technology. Now, users can purchase products and/or services, pay their bills and manage their finances from anywhere, and anytime. However, there are threats against mobile banking exist, which need to be addressed and secured against
Fake "You Sent a Mobile Payment" PayPal Emails Used in Phishing Scam(Softpedia) In case you receive an email from PayPal informing you that a mobile payment has been made from your account to JD Sports, take a good look at it, as it might have nothing to do with PayPal. Cybercriminals are abusing the payment processor's reputation in a phishing scam
Online dating scam costs lovelorn Canadian $500k(Naked Security) The rise of online dating has been spotted by cyber-crooks looking to exploit every weakness of the web-using world. Poor "Tony" lost $500,000 (CAD) to online scammers after being pulled into a complex, long-term fake romance con by a man he met on a dating site
Insider Incident Leads Breach Roundup(HealthCareInfoSecurity) In this week's breach roundup, Holy Cross Hospital in Fort Lauderdale, Fla., is notifying 9,900 patients that a former employee inappropriately accessed their records with the apparent intent to commit fraud. Also, Virginia Tech reports that a computer server containing job application information was illegally accessed, exposing information on 145,000
Social Networks Are the New Battleground of the Cyber-Activist, According to Panda Security PandaLabs Report(PR.com) Panda Security, The Cloud Security Company, has just published the results of its Quarterly Report for Q2 2013, drawn up by PandaLabs. One of the main conclusions that can be drawn from this global study is that malware creation reached record levels in the second quarter of the year. In this context, Trojans continued to account for most infections. Additionally, the report shows a worrying increase in malware targeting the Android platform, and discuses some of the major stories concerning cyber-war and cyber-espionage
Cyber Execs' Competing Priorities are Often aT Odds with Each Other(Nextgov) Cybersecurity executives are faced with such a broad range of complex challenges that their priorities — from staffing to training to technology — are often at odds with each other, according to a new report. A survey of more than 1,600 C-level executives from around the world by (ISC)², Booz Allen Hamilton and Frost and Sullivan, found that top security executives are faced with a number of critical, yet often paradoxical, security challenges
Financial markets next big cyber target, says US expert(ComputerWeekly) Manipulation of international financial markets will be the next evolution of cyber crime, according to Scott Borg, chief of the US Cyber Consequences Unit. There is a limit to the amount of money criminals can make through theft and credit card fraud, he told a joint session of the ASIS International and (ISC)2 annual congresses in Chicago
Security industry in 'rut,' struggling to keep up with cybercriminals(CSO) Experts agree hackers are winning but some are hesitant to blame it on a lack of new technology, however. Dramatic changes are needed in multiple fronts if the security industry hopes to move ahead of cybercriminals, who are continuously finding new ways to breach corporate systems, experts say. Some technology pros say the industry needs to develop new technologies and architectures that send hackers back to the drawing boards
Commerce In A World Without Trust(Dark Reading) The trust model underlying online commerce has been threatened by the constant attacks on information providers used to authenticate consumers. Is the Internet as secure as it needs to be anymore? Trust is kind of a squishy concept. If you refer back to the definition from our pals at Merriam-Webster, trust is the "belief that someone or something is reliable, good, honest, effective, etc." Reliable? Honest? Sounds great, right
Future malware could harm bytes, bone and brain(CSO) Wearable devices raise risks for damages from bad actors. Wearable computers and use of augmented reality could increase the consequences of cyber attacks for people in the near future, according to a report released this week by a pair of cyber security organizations
Lack of SA skills leads to cyber attack risk(News24) A lack of skills in the computer security sector doesn't bode well for South African companies to protect themselves from cyber attacks, a security company has asserted
On Brink Of Shutdown, All Quiet At Capitol(Washington Post) The U.S. government appeared on Sunday to be on the verge of shutting down for the first time in nearly two decades as House leaders were running out of time and options to keep it open
The Obscure Law That Governs Shutdowns(Government Executive) If rogue Republicans do not relent over the budget impasse by October 1, whatever pandemonium happens next will largely be governed by a federal statute you likely have never heard of: the Antideficiency Act. You can call it the "anti-deadbeat" law — a collection of statutory and administrative provisions, really — that forbid federal officials from entering into financial obligations for which they do not have funding, like paying the salaries of their employees or buying the things they need to run the government. It's also the law that wisely permits certain "essential" government functions — like the military and the courts, for example — to keep operating even in the absence of authorized legislative funding. Predictably, there aren't many legal experts who have built careers around the Antideficiency Act, but I managed to corral a few. The most important messages they offer are these: 1) It's not just present federal work that's affected by the shutdown, it's future work, too; and 2) shutting down the federal government is terribly wasteful and expensive because of the re-start costs involved. That's the point made by the acclaimed dean of Antideficiency Act scholars, University of Baltimore Law Professor Charles Tiefer ("For obscure details," he told me, "you've come to the right guy")
DHS Adds 30 Businesses to $22B EAGLE II Vehicle(GovConWire) The Department of Homeland Security has selected 30 businesses to develop, implement and maintain technology for DHS mission and business functions under the department's seven-year, $22 billion Enterprise Acquisition Gateway for Leading Edge Solutions II contract vehicle
Would you hire a hacker to run your security? 'Yes' say Brit IT bosses(The Register) We don't have enough securo bods in the industry either, reckon gloomy BOFHs. More than two in three IT professionals would consider ex-hackers for security roles, providing they have the right skills to do the job, a survey has found. In addition, 40 per cent of respondents to CWJobs' survey of 352 IT bods reckoned there aren't enough skilled security professionals in the UK technology industry
Skills in demand: Incident response professionals(SC Magazine) Companies who leverage the cloud have concerns over the security of their data. The migration has increased demand for incident response pros, including reverse engineers and malware analysts
Virginia Cybersecurity Program Targets Startup Businesses(GovConWire) The nonprofit Center for Innovative Technology has launched a public-private cybersecurity program for Virginia businesses to receive an initial investment and make presentations to professional investors. The MACH37 Cyber Accelerator is targeted to cyber startups and will comprise of two 90-day sessions per year, Gov. Bob McDonnell's office said Sept. 12
Who Will Stay, and Who Will Go?(Wall Street Journal) Five are in, and five are out! Since the last round of eliminations, the founders have documented a typical day in their lives and endured "hot seat" questioning from two SOTY mentors. Today, the top ten become the final five, one of which will soon be named WSJ Startup of the Year
Metasploit creator seeks crowd's help for vuln scanning(The Register) Security outfit Rapid7 has decided that there's just too much security vulnerability information out there for any one group to handle, so its solution is to try and crowd-source the effort. Announcing Project Sonar, the company is offering tools and datasets for download, with the idea that the community will provide input into the necessary research
John McAfee wants to sell you a $100 gadget that blocks the NSA(The Verge) Part–time fugitive and antivirus software founder John McAfee has a new invention he's working on. After spending some of his time filming a drug-fueled video tutorial to uninstall the antivirus program he helped create, McAfee now believes he can outsmart the NSA. Speaking at the San Jose McEnery Convention Center on Saturday, McAfee unveiled his grand plan to create a "D–Central" gadget that communicates with smartphones, tablets, and laptops to create decentralized networks that can't be accessed by government agencies
Protect high–value transactions on iOS and Android(Help Net Security) SecureKey introduced its enhanced cloud-based briidge.net Connect multi-factor authentication service. This latest version of briidge.net Connect incorporates the new briidge.net Connect Mobile SDK, which enables developers to easily add robust multi-factor authentication capabilities into iOS and Android mobile apps
Cyberoam launches next-generation firewall appliances(Help Net Security) Cyberoam unveiled Next-Generation Firewalls (NGFW) in its NG Series appliances. Cyberoam NGFW come with Layer 8 Identity-based technology for actionable intelligence and controls that offer complete security controls over L2-L8 for future-ready security in enterprises
Microsoft Security Essentials: Aiming low?(ZDNet) Microsoft has offered a free consumer security product for years, but is it good enough for you? It's certainly better than nothing, but it's way short of the best products
TCC releases new encryptor for secure voice and cross-network conferencing(MENAFN) Technical Communications Corp. TCCO said it has released its HSE 6000 radio headset and telephone encryptor to secure the land mobile radio voice communications of public safety special operations, and telephone-to-radio conferencing between commanders and field forces, enabled by TCC's innovative X-NCrypt Cross Network Cryptography
Non–NIST Cipher Suite(Silent Circle) One of the most upsetting things about the recent revelations about the NSA's shenanigans is that it has apparently devoted US$250M to suborning international standards. (One of the very upsetting things about these revelations is that there are several most upsetting things.) Over the last few weeks, just about everyone in the standards and crypto business has been looking over the crypto with an eye towards seeing what the NSA might have subverted
Tech Insight: Top 4 Problem Areas That Lead To Internal Data Breaches(Dark Reading) External data breaches (think: Anonymous) and internal data leaks (think: Edward Snowden) have enterprises questioning and rethinking their security programs. Are they doing enough to protect their data? Are their security controls effective? Would they be able to respond appropriately to a data breach and contain it quickly
Do you have your network perimeter secured against downloading malicious content?(Internet Storm Center) Information security professionals take very seriously the network perimeter and tend to put in place several devices to enforce access control to network resources like firewalls, IPS, content filtering devices including antimalware functionality and network access control. But there are two specific variables that can increase a lot the risk of external compromises: Administrative privileges in desktop computers: Many types of business software do not have implemented the principle of requiring the least privileges. That us why now a significant percentage of companies grant Administrator privileges to users, where their use is not monitored in detail
Simplify security but tighten management to keep virtual desktops in check: Imation(CSO) Built-in encryption makes removable USB-based desktop images intrinsically more secure against loss or compromise than conventional desktops, but a virtual-desktop expert warns that companies must still look to two-factor authentication and innovations such as biometrics to ensure security is easy enough that employees won't circumvent it
The impact of false positives on web application security scanners(Help Net Security) Ferruh Mavituna is the CEO at Mavituna Security and the Product Architect of Netsparker. In this interview he discusses what impact false positives have on web application security scanners and what his team is doing to deliver false positive free scans
Cyber attack retaliation a bad idea, says international panel(ComputerWeekly) Retaliatory cyber attacks are not a good idea, an international panel has told attendees of a joint session of the ASIS International and (ISC)2 2013 annual congresses in Chicago. Although security practitioners' ability to trace the source of cyber attacks is improving, they said it is seldom possible to do this with total certainty, particularly in the most sophisticated attacks
F1 champions Red Bull battle constant threats of cyber attacks and data theft(V3) Triple championship-winning Formula One team Infiniti Red Bull Racing faces constant challenges from both internal and external threats as its technological developments provoke the interest of amateur hackers and rival teams. In response to questions from V3 on a visit to the Red Bull team's headquarters in Milton Keynes, CIO Matt Cadieux (pictured) explained that the intensely competitive and secretive nature of Formula One technology means he has to ensure his networks are in complete lockdown so no "bad apples" could ever walk away with technical data and give it to another team
Five Tips for Measuring Progress in Information Security(Tripwire) In my post on Measuring and Reporting on Vulnerability Risk, I talked about how rankings and categories make for some easy to understand graphs, but they tend to fail at meaningfully measuring progress over time. It's tempting to use the standard output of your information security products as the basis for tracking progress, but counting the numbers of highs, mediums and lows simply isn't an accurate a representation overall progress
Could agencies avoid disaster in a Nirvanix–like cloud shutdown?(GCN) The collapse of cloud storage vendor Nirvanix — and the stampede by its customers to recover their data — illustrates why government agencies need sound exit and migration strategies in place before moving any data to the cloud. Upfront due diligence will help agencies if they have to move massive amounts of data on short notice from one cloud service provider to another
Research and Development
Why Recommendation Engines Are About To Get Much Better(InformationWeek) Expanding data sources, including social media sources, are making recommendation engines much more powerful. Amazon.com certainly deserves credit for bringing the term "recommendation engine" into the general lexicon. But recommendation engines have expanded well beyond consumer-facing shopping sites like Amazon as programmatic ways of making accurate recommendations
New proof–of–concept tool detects stealthy malware hiding in graphics cards(PC World) As anti-virus solutions become more robust and Microsoft becomes better at plugging Windows vulnerabilities, malware designers have to get more creative about attacking PCs and servers. One wide-open avenue of attack: hardware components like graphics and network cards. Yes, you read that right
New Penn State Homeland Security Programs Leader Predicts Evolution in Threats and Changes in Education(Digital Journal) In just the last two years, the nation has experienced deadly man-made and natural disasters, including the Boston Marathon bombing, Hurricane Sandy and wildfires. And as terrorism and organized crime continue to converge, information technology security challenges, threats to information integrity, identity theft and cyber-attacks will further increase, predicts Alexander Siedschlag, Penn State's new chair of online homeland security programs
Legislation, Policy, and Regulation
Report: NSA tracks social ties on Facebook(New Press) The National Security Agency has used its massive collections of electronic data to create a graphic analysis of some American citizens' social connections including travel, location, associates and even Facebook ties, a published report said Saturday
NSA should put all Americans' phone records in a lockbox for later search, director says(Syracuse Post=Standard) The National Security Agency wants to collect more phone records so they can be examined at need, the agency's director told a Senate committee that wants to limit NSA's authority to gather such information. Gen. Keith Alexander's made the assertion Thursday during a Senate Intelligence Committee hearing after Sen. Mark Udall, D-Colo., asked him if the NSA wants "the phone records of all Americans," the Huffington Post reported. According to the Post, Alexander replied: "I believe it is in the nation's best interest to put all the phone records into a lockbox that we can search when the nation needs to do it, yes"
US Lawmakers Seek Surveillance Reform(Voice of America) U.S. senators in both parties are proposing changes in the way the National Security Agency collects information as it hunts for terrorists and other threats. Some lawmakers want to limit or end the bulk collection of telephone and email records
Why the nation needs a US Cyber Force(Boston Globe) IN THE early 1980s cyber fiction film, "War Games," a young hacker played by Matthew Broderick almost managed to start World War III when he accidentally nearly launched nuclear strikes against the Soviet Union. It seemed unlikely in those relatively primitive days before the widespread use of the Internet, but it foreshadowed the emerging era of the profound intersection of national security and the cyber world. If we think of cyber as we did of aviation a little more than 100 years ago, we are just now on the beach at Kitty Hawk
Japan, US to Discuss Strengthening Cybersecurity: Reports(SecurityWeek) Japan and the United States will discuss strengthening defenses against cyber-attacks, reports said Monday, as Tokyo looks to play a more active role in global security. At talks in Japan later this week, the foreign and defence ministers from both countries will undertake their first review for 15 years of how their security alliance operates
Britain's new cyberwar strike capabilities may just be political posturing(Quartz) Britain's defense minister Philip Hammond made a startling statement yesterday: "We are developing a full-spectrum military cyber capability, including a strike capability, to enhance the UK's range of military capabilities." This is not the first time a government has admitted to developing such capabilities. But it is the first time one has explicitly said it will seek to use it for offensive purposes. In the past, calls for offensive capabilities have been just that: proposals
As governments wage cyber wars, Europe stays away(CNBC) Governments across the world are engaged in cyber-attack campaigns against one another, while European administrations have so far fore-sworn any involvement in offensive online attacks, according to a new report by cyber security firm FireEye. FireEye says that "cyber weapons" are now part of the arsenal governments can use in real-world conflicts
Game apps under fire from consumer law makers(Naked Security) The UK's Office of Fair Trading has investigated how apps and browser-based games comply with consumer law. Alarmed by their findings, they're recommending new developer guidelines around in-app purchases and language inciting children to pay for in-game rewards
FDA's mobile medical apps guidance: Our advisors weigh in(FierceHealthIT) While the U.S. Food and Drug Administration unveiled its long-awaited final guidance on the regulation of mobile medical applications on Monday, some in the healthcare industry weren't sure it went far enough. For instance, Bradley Merrill Thompson, who serves as general counsel for the mHealth Regulatory Coalition, said the final guidance was porous in some areas, such as the definition of what are regulated; disease intended uses compared to unregulated, wellness intended uses; and the exact meaning of an accessory to a medical device
What did the detention of David Miranda achieve?(ComputerWorld) The physical transport of data shouldn't matter. But sometimes it does. The recent detention of David Miranda, partner of The Guardian newspaper journalist Glenn Greenwald, has created yet another furore, instigating much indignation and re-igniting the debate on the ethics of Prism
Edward Snowden e–mail provider Lavabit faced 'pen register' order(Politico) Lavabit—the e-mail provider that shut down last month in a surveillance-related dispute with the federal government—was faced with a "pen register" order that could have been used to obtain information in real-time when National Security Agency leaker Edward Snowden logged into his account and might even have been used to seek his password
LexisNexis confirms data breach; FBI investigating(Bradenton Herald) LexisNexis, one of the country's largest collectors of personal information on individuals and businesses, said it is trying to determine whether hackers may have gained access to Social Security numbers, background reports and other details on millions of Americans during a data breach earlier this year
Qaeda Plot Leak Has Undermined U.S. Intelligence(New York Times) As the nation's spy agencies assess the fallout from disclosures about their surveillance programs, some government analysts and senior officials have made a startling finding: the impact of a leaked terrorist plot by Al Qaeda in August has caused more immediate damage to American counterterrorism efforts than the thousands of classified documents disclosed by Edward Snowden, the former National Security Agency contractor
£1.01 billion kept out of cybercrooks' hands, claim UK e-cops(Naked Security) The UK's Police Central e-crime Unit (PCeU) is claiming to have kept an astonishing £1.01 billion out of the hands of cybercrooks over the past two-and-a-half years. But just how accurate is that figure? John Hawes investigates
Two youngsters arrested for different DDoS attacks(Help Net Security) Following the massive DDoS attack against anti-spam outfit Spamhaus earlier this year, a 35-year-old Dutch citizen believed to be Sven Kamphuis, the owner and manager of Dutch hosting firm Cyberbunker, was arrested in Spain because he was suspected of having participated in the attack
Legal pitfalls lurk in common enterprise BYOD practices(FierceMobileIT) Legal pitfalls could lurk in common enterprise BYOD practices, such as remote wiping of data and tracking of employee-owned devices. This is the warning from Route 1, a digital security and identity management firm, in a recent white paper. Route 1 stresses that the practice of remotely wiping personal devices if they are lost or stolen and the GPS tracking of their devices are "legally ambiguous"
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
InfoSecIndy(Indianapolis, Indiana, USA, April 26 - 27, 2014) Join us on April 26-27, 2014 in Indianapolis, Indiana for the premier Midwest Information Security and Digital Forensics Conference.
Information Security Conference(Charleston, West Virginia, USA, October 2, 2013) On October 2, the WVOT Office of Information Security and Controls, will be sponsoring a no-charge information and cyber security awareness event at the Charleston Civic Center. The agenda will offer...
The Monktoberfest(Portland, Maine, USA, October 4, 2013) Our speakers will explore how social trends can change the way we build and use technology, and how technology in turn can change the way we socialize.
Suits and Spooks NYC 2013(New York, New York, October 5, 2013) Since the landscape is foggy, the threat actors numerous and hard to identify, and the attacks proliferating on a daily basis, the focus of the next Suits and Spooks conference will be to identify non-state...
Forensics and Incident Response Summit EU(Prague, Czech Republic, October 6 - 13, 2013) The Summit will focus on high quality and extremely relevant content as well as panel discussions in Digital Forensics and Incident Response. In addition, we encourage you to take every opportunity to...
CyberMaryland 2013(Baltimore, Maryland, USA, October 8 - 9, 2013) Join cybersecurity leaders, luminaries and rising stars at CyberMaryland 2013. This two-day event at the epicenter of the nation's cybersecurity innovation and education, will create opportunities for...
2013 Maryland Cyber Challenge(Baltimore, Maryland, USA, October 8 - 9, 2013) Held in conjunction with Cyber Maryland and intended to let students and young professionals showcase their cybersecurity skills, Maryland Cyber Challenge offers competition in three divisions: high school,...
AFCEA Hill AFB Technology & Cyber Security Expo(Ogden, Utah, USA, October 9, 2013) The purpose of this first-time event is to allow base personnel the opportunity to learn about the latest computer security trends, network with peers, share remediation strategies and to view and demo...
NSU's Raising Savvy Cyber Kids with Ben Halpert(Fort Lauderdale, Florida, USA, October 10, 2013) Ben Halpert is an award-winning author of several books for diverse audiences. The Savvy Cyber Kids At Home: The Family Gets A Computer (October, 2010) is a picture book that teaches the concepts of online...
VizSec 2013(Atlanta, Georgia, USA, October 14, 2013) VizSec brings together researchers and practitioners in information visualization and security to address the specific needs of the cyber security community through new and insightful visualization techniques.
Hack-in-the-Box Security Conference 2013(Kuala Lumpur, Malaysia, October 14 - 17, 2013) The 11th annual HITB Security Conference (16th/17th October) will be a triple track offering featuring keynotes by Andy Ellis, Chief Security Officer at Akamai and Joe Sullivan, Chief Security Officer...
USDA Cyber Security Symposium and Expo 2013(Washington, DC, USA, October 15, 2013) The Cybersecurity Expo, running in conjunction with the Summit, will allow exhibitors the opportunity to provide live demos and share information with government personnel and industry partners. Summit...
SNW Fall 2013(Long Beach, California, USA, October 15 - 17, 2013) SNW is the world's largest independently produced conference series focused on the evolution of architecture for a new world of mobility, Big Data and business agility. Produced by Computerworld -- and...
Hexis Exchange(Athens, Greece, October 16 - 17, 2013) Attendees will have the opportunity to participate in a knowledge exchange of the latest enterprise security topics through expert led business and technology forums, hands-on sessions, and training. Such...
Cybersecurity Symposium: "Protect. Defend. Educate."(Linthicum, Maryland, USA, October 16 - 17, 2013) The Cybersecurity Symposium being held October 16-17, 2013, will deliver first-class training for government and industry security professionals while simultaneously offering high-level keynote speakers,...
NSU Healthcare Cyber Security Summit(Fort Lauderdale, Florida, USA, October 17, 2013) In today's modern healthcare systems, data is everywhere, including sensitive patient data that needs to be secured and monitored. Join top healthcare security professionals from Nova Southeastern University,...
Nuclear Regulatory Commission Cyber Security Conference & Expo(Rockville, Maryland, USA, October 17, 2013) This one-day conference will consist of cyber sessions in the NRC Auditorium given by government and industry speakers. Exhibit tables will be set-up just outside the Auditorium and companies will have...
Securing the Internet of Things Summit(San Francisco, California, USA, October 21, 2013) The Internet of Things is still in its infancy and the security community has a chance to build in new approaches to security if we get started now. More secure embedded operating systems and applications,...
13th Industrial Control Systems Cyber Security Conference(Atlanta, Georgia, USA, October 21 - 22, 2013) Industrial Control Systems (ICS) operate the infrastructures of electric power, water, chemicals, manufacturing, transportation, defense, etc. and link the digital and physical worlds. Their cyber security...
Cloud Connect(Chicago, Illinois, USA, October 21 - 23, 2013) Cloud Connect returns to Chicago October 21-23, 2013 with an all new program built around the leading cloud platforms. Cloud Connect provides the independent guidance IT professionals need to successfully...
Cyber Security Seminar and IT Expo at Peterson AFB(Colorado Springs, Colorado, USA, October 22, 2013) The Cyber Security Seminar and IT Expo is a one-day event held on-site where industry vendors will have the opportunity to display their products to personnel attending briefings concerning the latest...
Joint Federal Cyber Summit 2013(Washington, DC, USA, October 23 - 24, 2013) This collaborative government wide event is truly one of a kind, with speakers and attendees anticipated to represent more than 10 federal government agencies. Information sharing will be accomplished...
NSU's 12 Simple Cybersecurity Rules For Your Small Business(Fort Lauderdale, Florida, USA, October 24, 2013) In this presentation twelve simple and inexpensive techniques for protecting small businesses from cyber threats will be discussed. While complex and expensive solutions exist to improve the security...
2013 ACT–IAC Executive Leadership Conference(Williamsburg, Virginia, USA, October 27 - 29, 2013) Advances in technology and massive increases in data available can both challenge and transform Government mission performance. ELC-2013 focuses on how to make this transformation a reality, in and for...
SAP NS2: National Security Solutions Summit(Falls Church, Virginia, USA, October 29, 2013) Join us for a day of learning and networking focused on how to advance U.S. national security and homeland security through I.T. innovation. Top-notch speakers will address the new challenges facing U.S.
Regional Cyber Security Forum & IT Day (CSFI) — Hawaii (Honolulu, Hawai'i, USA, October 30, 2013) 2013 marks the 10th anniversary of National Cyber Security Awareness Month and FBC will host the 1st Annual Cyber Security Forum & IT Day (CSFI) at Fort Shafter - Club Hale Ikena to coinside with the anniversary,...
NSA Hawaii — Cyber Security, Intelligence & IT Day(Honolulu, Hawai'i, USA, October 30, 2013) Be a part of the 1st Annual Cyber Security, Intelligence and IT Day set to take place at the new National Security Agency (NSA) Hawaii Rochefort facility. The event will be hosted by NS/CCS Hawaii Technology...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.