Cyber conflict follows physical conflict. The prospect of a punitive strike against Syria's Assad regime escalates cyber war (and cyber rioting) with some significant attempts at the more propagandistic forms of information operations.
The regime's Syrian Electronic Army compromised a US Marine Corps recruiting site with messages like "I didn't join to fight for al Qaeda." Another hacker whose sympathies are apparently with the Syrian regime posts what purport to be emails from a member of the US Joint Staff; the traffic suggests that chemical attacks in Syria were staged as an anti-Assad provocation. Assad-connected sites also undergo cyber attack, some of them apparently from Syrian expatriates.
The media exchange speculation over the likelihood of cyber conflict involving Syria and the West (obviously high, since it's happening) and the severity of such conflict (less obvious).
The usual cyber vandalism sputters in various corners of the world. Details emerge on recent US Energy Department (the Department says it couldn't afford to patch Cold Fusion) and US Army (no mitigation beyond security awareness) hacks.
A cross-device mobile banking Trojan defeats dual authentication. Citadel is back (in Japan). Kelihos, NetTraveler, and ZeroAccess malware suites evolve in sophistication and capability.
Two large acquisitions are in progress: Verizon will buy out Vodaphone's share of Verizon Wireless, and yesterday Microsoft concluded an agreement to buy Nokia's hardware unit.
The Voice of Russia editorializes in favor of security over privacy (ZDNet suggests what this means in practice). PRISM diplomatic fallout sours US relations with Brazil and Mexico.
Today's issue includes events affecting Algeria, Argentina, Australia, Bangladesh, Brazil, China, Cuba, France, Germany, India, Iran, Israel, Japan, Mexico, New Zealand, Pakistan, Qatar, Russia, Saudi Arabia, South Africa, Syria, United Arab Emirates, United Kingdom, United Nations, United States..
Facebook Page of Syria's Largest Telecom Company SyriaTel Allegedly Hacked, spams graphical videos(Hack Read) An Algerian hacker going with the handle of Virus DX has hacked the official Facebook page of Syria's largest telecommunication company known as SyriaTel. After taking over the page which has 153,030 likes, the hacker changed its cover picture from SyriaTel official logo to his own cover pictures that shows Algerian flag with Anonymous group official logo saying 'Virus DX is here'
Syria's largest city just dropped off the Internet(Washington Post) While the U.S. government continues to weigh military intervention in Syria, it appears that Syria's largest city has gone dark on the Internet. Aleppo, a city in Northern Syria that has been the site of intense fighting between rebel forces and the Assad regime, and the surrounding area appear to have lost connectivity to the Internet as of last night
Syrian Electronic Army: If U.S. Attacks 'We Will Target All of It'(Mashable) The mysterious pro-Assad hacker group known as the Syrian Electronic Army was back in the spotlight this week, when it hijacked The New York Times and Twitter Internet domains. Following the attack, which was just the latest in a long string of successful hacks at the expense of Western media outlets, the purported official Twitter account of the hacking group tweeted a Gmail email address in response to a media request for contact
Could Syria launch a major cyberattack against the USA?(CIO) Should our leaders consider whether pro-Syrian forces might launch a cyberattack against US critical infrastructure in retaliation for military action? My view: American businesses should hope for the best, while preparing for the worst
Syrian Electronic Army a Credible Threat(ABC News) US officials prepare for increased cyber warfare as a result of potential…Here at home, the FBI and Department of Homeland Security are focusing on the…They sent out a classified intelligence bulletin to law enforcement agencies all over this
Crippling Syrian cyber strike fear may make Obama re-consider military intervention: Report(Business Standard) Syria and its ally Iran have been building cyber attack capabilities for years and might even use them in a hot war for the first time, cyber security experts have warned. Former U.S. officials and cyber security scholars said Syria has a demonstrated cyber attack capability and could retaliate against anticipated Western military strikes against it
Cyber Likely Afterthought in Syria Intervention Plans(Defense News) As the US moves toward intervention in Syria, blossoming American cyber capabilities are getting a hard look as a solution to one of the more difficult military problems: the Syrian air defense network. But much of the uncertainty that has plagued the use of cyber — both the legal concerns and the lack of verification for the effectiveness of attacks — is likely to limit its use in a conflict
Syrian Electronic Army Is Not the Only Pro–Assad Hacker Group, Experts Warn(Softpedia) A few days ago, experts warned that a possible military attack by Western countries against Syria might lead to cyberattacks being launched by hackers that support the Assad regime. The first name that came to everyone's mind was the one of the Syrian Electronic Army. These hacktivists haven't demonstrated too much sophistication (they mostly rely on spear phishing)
Syrian Electronic Army Threatens Vice for Identifying Alleged Member(Softpedia) A couple of days ago, Brian Krebs and Vice Motherboard published articles in which they claimed to have identified two alleged members of the notorious Syrian Electronic Army. In the meantime, Krebs was contacted by Mohammed Osman, the man he identified as being a key member of the hacker group. Osman, who is said to be a web designer, denies being part of the Syrian Electronic Army. In addition, he claims that Muhammad Abed Al-Karim is one of his clients, not his new identity as Krebs determined
How the US Could Cyber Attack Syria, Too(Motherboard) Over the weekend, President Obama announced that he would seek Congressional approval for a strike on Syria, and immediately began a "lobbying blitz" to
Did the NY Times fail to ensure their suppliers were cyber secure?(IT Governance) A common mantra about cyber security is that your security is only as strong as the weakest link. But what happens when the weakest link is outside of your control? The Syrian Electronic Army (SEA) are reportedly to of hacked the New York Times website by attacking the company that registered the domain names for the New York Times, the Huffington Post UK and Twitter
Saudi hacker hacks and defaces websites of US embassy and UNESCO New Zealand(Hack Read) A Saudi hacker going with the handle of Dr.SHA6H has hacked and defaced the official website of United States Embassy in New Zealand and United Nations Educational, Scientific and Cultural Organization New Zealand UNESCO. The hacked United States Embassy site is actually its blog run by David Huebner, US ambassador to New Zealand
Washdyke business falls victim to cyber attack(Timaru Herald) Washingtons Exploration is not a multi-national corporation - yet somehow their website became the target of a bizarre hack. The Timaru-based drilling company's website,…was replaced with an image featuring a brandished AK-47, the slogan ''hacked by Team 755'', and what appears to be Arabic slogans
Hackers Attack RIA Novosti Bureau in Paris(RIA Novosti) Last month, two of RIA Novosti's Twitter accounts were subjected to a cyber attack. Hackers broke into Twitter accounts of the agency's International Multimedia
Energy Dept. Hack Details Emerge(InformationWeek) Exclusive: Unpatched ColdFusion server containing employee information was hacked; agency claims lack of budget to put proper fixes in place
An Important "What If" of the NASDAQ Flash Freeze(Huffington Post) There was a collective holding of breath on Thursday when the NASDAQ suddenly shut down trading. Terse reports and statements that "technical problems" caused the halt raised the specter of an information technology meltdown or--worse yet--a deliberate, malicious event. Fortunately, as the day wore on trading resumed and at least, for now, it does not appear that the "flash freeze" was due to a cyber-attack. As the gaming of the event along with the forensic analyses moves ahead, however, it is worth contemplating some questions that would be asked if in fact the flash freeze was the result of a cyber-attack
Kentucky's online school portal attacked(Cincinnati.com) An aggressive cyber attack last week crashed Kentucky Department of Education's "parent portal," the part of its online Infinite Campus system that lets parents
Mobile Trojan Defeats Dual Authentication(GovInfoSecurity) Perkele Trojan ID'd in Attacks Against U.S., European Banks. A new cross-device mobile Trojan that already has targeted online-banking customers has been linked to the same group that waged the successful High Roller attacks last summer. So far, customers of several top-tier institutions in Northern Europe and a handful in the U.S. have been victimized. The attackers behind the malware are believed to be Russian
Citadel Makes a Comeback, Targets Japan Users(Trend Micro) Through investigation and collaboration between our researchers and engineers, we discovered a malicious online banking Trojan campaign targeting users in Japan, with the campaign itself ongoing since early June of this year. We've reported about such incidents in the past, including in our Q1 security roundup – and we believe this latest discovery shows that those previous attacks have been expanded and are a part of this particular campaign
Hackers eye new Java exploits that impacts users who haven't upgraded(SC Magazine) Attackers are always on the hunt for the most reliable exploits to add to crimeware kits - and it appears they currently are eyeing a number of "critical" bugs in Java that remain unpatched for many users. According to researchers, hackers have swapped out one such exploit from Neutrino, a popular underground exploit kit, in search of a more effective alternative
Symantec says that Cyber Crooks make ZeroAccess more Durable against External Attacks(Spamfighter) According to security firm Symantec, malware creators are continuously developing their formations with the creators of infamous ZeroAccess Trojan as no exception. In late June (2013), Symantec security researchers marked some important changes in the ZeroAccess P2P (peer-to-peer) communication protocol that made the threat increasingly robust and resilient in opposition to exterior manipulation
Watch out for Waterhole Web Attacks(eSecurity Planet) Just as lions look for gazelles with their defenses down at waterholes, hackers are spreading malware through websites popular with specific groups of users. As every kid who grew up watching "Wild Kingdom" knows, there are few places in the jungle more dangerous than a watering hole because of the hungry lions lurking there with hopes of picking off a gazelle
Security Patches, Mitigations, and Software Updates
Multiple Cisco Security Notice(Internet Storm Center) "Cisco Adaptive Security Appliance (ASA) Software contains a vulnerability that could allow an unauthenticated, remote attacker to fill the connection table in the ASA preventing new connections to be established through the device"
Our Newfound Fear of Risk(Schneier on Security) We're afraid of risk. It's a normal part of life, but we're increasingly unwilling to accept it at any level. So we turn to technology to protect us. The problem is that technological security measures aren't free. They cost money, of course, but they cost other things as well. They often don't provide the security they advertise, and — paradoxically — they often increase risk somewhere else. This problem is particularly stark when the risk involves another person: crime, terrorism, and so on. While technology has made us much safer against natural risks like accidents and disease, it works less well against man–made risks
Login and password troubles revealed(Help Net Security) Increasingly lengthy and complex log-in processes and web forms are driving consumers away from websites, according to Ping Identity. The study revealed that an overwhelming 80% of consumers had locked themselves out of websites because they couldn't remember their log-in details
The fanciful world of cyber warfare(Young Witness) The explosion was catastrophic. When the gas pipeline ruptured that day in Siberia in 1982, the detonation was so large that the North American Aerospace Defence Command headquarters, NORAD, initially thought it might have been a missile launch. Equivalent to three kilotonnes of TNT (or a small nuclear device), it was the largest non-nuclear explosion so far seen from space. Over 20 years later, a United States National Security Council staffer reported in his memoirs that the explosion was the result of an American sabotage operation. A Trojan horse computer virus had been embedded in the software that controlled the pressure and flow in the Siberian pipeline; in disrupting and manipulating the pressure, the virus placed stress on the pipes, ultimately leading to the massive explosion. It was, the staffer declared, the first-ever act of cyber warfare. Except it wasn't
MORGAN HOUSEL: So, if this scares you, don't invest(Herald Zeitung) There are a lot of things to worry about as an investor. Hackers aren't one of them. Last week, hacker magazine 2600 described what a potential cyber attack on global stock markets could look like. It wrote (via Business Insider)
India lacks security professionals despite being highly targeted by cyber criminals(CIOL) SANS Institute, a cooperative research and education organization, and the largest source for world-class information security training and security certification, has stressed the importance of repeatable and sustainable training programs that focus on combatting real-world attacks if India is to successfully secure its critical and most sensitive systems
The STEM Crisis Is a Myth(IEEE Spectrum) Forget the dire predictions of a looming shortfall of scientists, technologists, engineers, and mathematicians
Is There a U.S. IT Worker Shortage?(IEEE Spectrum) Someone who is a data scientist today is said by Harvard Business Review to have the sexist job alive. And if sexy isn't enough, how about being a savior of the economy? According to a 2011 report by consulting company McKinsey & Company, "Big Data" is "the next frontier for innovation, competition and productivity." That is, of course, if enough of those sexy data scientists can be found
Microsoft to acquire Nokia's mobile phone business(IT World) Two years after hitching its fate to Microsoft's Windows Phone software, a withered Nokia collapsed into the arms of the U.S. software giant, agreeing to sell its main handset business for 5.44 billion euros ($7.2 billion)
Sizing Up The Nokia That Remains, HERE Business A Bright Spot That Gains More Platform Freedom(TechCrunch) Nokia is divesting itself of its hardware division, selling that business mostly off to Microsoft in a deal worth around $7.2 billion announced today. But it will continue to operate its own software and services, including the revamped maps division that it branded HERE nearly a year ago, and expanded from geospacial services to additional lines of business including the in-car infotainment
The Biggest Merger in Over a Decade Is Poised to Happen(Slate) A big cross-border merger and acquisition is close to completion and at a price of $130 billion it's one of the largest on record. But unfortunately for business writers, it's also really boring. At stake is a proposal by Verizon to buy…Verizon Wireless
SafeNet CEO says no to IPO(Baltimore Business Journal) An IPO is likely going on the shelf for Belcamp cyber security firm SafeNet as the company's new leadership pursues cloud computing as a way to grow the
This bracelet could replace your passwords, your car keys, and even your fingerprints(The Verge) Fingerprint readers. Face Unlock. Retinal scanners. They're all no better than your average password, at least the way Dr. Karl Martin sees it. "Your face, your iris — they're all physical features that can be stolen, that you leave everywhere." Luckily, Dr. Martin has a better idea. He's planning to use it to open everything from our phones to our front doors, and even move the car seat exactly how we want it. All we have to do is wear a bracelet
Snort IDS Sensor with Sguil New ISO Released(Internet Storm Center) The CD includes some new tools and updated scripts. It is available in two versions, 32-bit and 64-bit. The install.pdf document on how to install and configure the system is located in the rel_note directory
Check Point stops cyber criminals in their tracks(TechDay) Check Point Software Technologies has announced the availability of Check Point R77, the latest release for its award-winning Software Blade Architecture. R77 offers over 50 product enhancements, including a new ThreatCloud Emulation Service, Check Point HyperSpect performance enhancing technology and Check Point Compliance Software Blade
Technologies, Techniques, and Standards
Quantitative Metrics and Risk Assessment: The Three Tenets Model of Cybersecurity(Technology Innovation Management Review) Progress in operational cybersecurity has been difficult to demonstrate. In spite of the considerable research and development investments made for more than 30 years, many government, industrial, financial, and consumer information systems continue to be successfully attacked and exploited on a routine basis. One of the main reasons that progress has been so meagre is that most technical cybersecurity solutions that have been proposed to-date have been point solutions that fail to address operational tradeoffs, implementation costs, and consequent adversary adaptations across the full spectrum of vulnerabilities
Security Awareness Programs: Better Than Nothing(Akamai) Yesterday's post about the SEA's phishing activities and DNS attacks included advice that companies continue to push for better security awareness among employees and customers. An old friend, Dave Marcus — director and chief architect of McAfee's Federal Advanced Program Group — disagreed
Cloud Security: Why Auditors Are Part Of The Problem(InformationWeek) What your CISO says when asked about moving a server to the public cloud: "No way — we'll lose control of a mission–critical application." What she's really thinking: "No way — it'll make my life a living hell during security audits." And in fact, that's one of the few perfectly rational security–related reasons to shy away from the cloud
10 ways to avoid a cyber attack(New Statesman) Today's business environment relies on digital technology to function. This brings great opportunity as well as risk. Business is undertaken more effectively and efficiently, but information flows can be intercepted and compromised. Whilst online crime has often been viewed as an issue facing larger businesses, smaller organisations are increasingly coming into focus as the next soft target (with their intellectual property and customer and payment databases)
Open Data Initiative: Providing Fresh Ideas on Securely Sharing Information(SIGNAL Magazine) Recently at the AFCEA International Cyber Security Summit in Bethesda, MD, Army Maj. Gen. John A. Davis, Senior Military Advisor for Cyber to the Under Secretary of Defense, said "Cyber partnerships such as those with the National Security Agency and the Defense Intelligence Agency and external partnerships such as those with industry, international allies and academia represent a transformation in the way DOD approaches cybersecurity." For years, the U.S. Defense Department, not surprisingly, took a "do it alone" posture when it came to sharing information and protecting its networks and communication infrastructures from security attacks
Five ways to get the most out of your sandbox(Help Net Security) There's been a lot of talk lately about the value of sandbox technology as part of a cybersecurity defense. While sandboxes are a valuable tool in the hands of a cybersecurity team to identify and analysis
Industry Cyber Guidelines Target 'Insider Threats'(Defense One) The Obama administration has released a draft of computer security protocols for companies that operate key systems, such as chemical plants and the electric grid. The document admittedly does not address privacy issues
NSA: NOBODY could stop Snowden — he was A SYSADMIN(The Register) Virtually unfettered access blew sensitive docs wide open. The US National Security Agency may have some of the most sophisticated cyber-surveillance programs in the world, but it was trivial for former NSA contractor Edward Snowden to walk off with sensitive data, sources say, owing to the agency's antiquated internal security
Cisco CTO Bret Hartman on how to secure BYOD, wearable tech(FierceCIO: TechWatch) BYOD and wearable gadgets are but a couple of the new trends that have emerged in recent years. As these devices make their way onto the corporate network, the inevitable question to security administrators and executives is how they, as well as emerging technologies such as software defined networking (SDN), impact enterprise security
Design and Innovation
A Research Agenda for Security Engineering(Technology Innovation Management Review) Despite nearly 30 years of research and application, the practice of information system security engineering has not yet begun to exhibit the traits of a rigorous scientific discipline. As cyberadversaries have become more mature, sophisticated, and disciplined in their tradecraft, the science of security engineering has not kept pace. The evidence of the erosion of our digital security — upon which society is increasingly dependent — appears in the news almost daily
Developing an Innovation Engine to Make Canada a Global Leader in Cybersecurity(Technology Innovation Management Review) An engine designed to convert innovation into a country's global leadership position in a specific product market is examined in this article, using Canada and cybersecurity as an example. Five entities are core to the innovation engine: an ecosystem, a project community, an external community, a platform, and a corporation. The ecosystem is the focus of innovation in firm-specific factors that determine outcomes in global competition; the project community is the focus of innovation in research and development; and the external community is the focus of innovation in resources produced and used by economic actors that operate outside of the focal product market. Strategic intent, governance, resource flows, and organizational agreements bind the five entities together. Operating the innovation engine in Canada is expected to improve the level and quality of prosperity, security, and capacity of Canadians, increase the number of Canadian-based companies that successfully compete globally in cybersecurity product markets, and better protect Canada's critical infrastructure
How Google can avoid becoming the next Microsoft, as told by an insider with knowledge of both(Quartz) The deeper you dig into the causes of Microsoft's decade of stagnation and the departure of CEO Steve Ballmer, the more apparent it is that the problems Microsoft faced affect all large companies, to one extent or another. Fortunately for the world (and unfortunately for Microsoft) the company's dysfunction drove away so many talented engineers and managers that they are practically climbing over one another to recount what went wrong in Redmond
Research and Development
The wireless network with a mile–wide range that the "internet of things" could be built on(Quartz) Robotics engineer Taylor Alexander needed to lift a nuclear cooling tower off its foundation using 19 high–strength steel cables, and the Android app that was supposed to accomplish it, for which he'd just paid a developer $20,000, was essentially worthless. Undaunted and on deadline—the tower needed a new foundation, and delays meant millions of dollars in losses—he re–wrote the app himself. That's when he discovered just how hard it is to connect to sensors via the standard long-distance industrial wireless protocol, known as Zigbee…The result is an in-the-works project called Flutter. It's what Taylor calls a "second network"—an alternative to Wi-Fi that can cover 100 times as great an area, with a range of 3,200 feet, using relatively little power, and is either the future of the way that all our connected devices will talk to each other or a reasonable prototype for it
The NSA's crypto "breakthrough"(The Economist) One difficulty of reporting on spy outfits like America's National Security Agency is the veil of secrecy they operate behind. This makes it hard to know exactly what they are and aren't capable of. It is also one reason why Edward Snowden's revelations have been so fascinating. They offer a glimpse--limited and incomplete, to be sure--behind the curtain, and help to constrain the bounds of just what such agencies can do
Inside Hack Reactor, The Coding Bootcamp That Wants To Be The CS Degree Of The Future(TechCrunch) At the same time that unemployment and low wages continue to plague the larger U.S. economy, Silicon Valley and the rest of the tech industry is having a hiring crisis — many tech companies just can't seem to find enough people with the coding skills needed to fill the relatively well-paying jobs of building the software and web products of the future. And even though there is no shortage of
BYOD security challenges are old mortarboard for universities(CSO) Businesses coping with security issues stemming from employee use of personal devices for company work are only experiencing what universities have grappled with for years. "Many of us in higher ed find it very funny when we see how BYOD has dominated so much of the security press lately," Mike Corn, chief privacy and security officer at the University of Illinois (UI) at Urbana-Champaign, said in an interview. "We view that with amusement because Bring Your Own Device has defined our environment almost since the beginning of personal computing." The magnitude of BYOD at a university the size of UI would likely give a corporate security administrator fits. Not only is there a large annual turnover rate — some 10,000 new students arrive on campus each year — but each has an average of 3.5 personal devices in tow
Legislation, Policy, and Regulation
If you think the NSA is bad, try the Putin–controlled Chrome toolbar(ZDNet) I am not making this up. You can't make this stuff up. This is what the world is coming to. When I grew up the Russians were the Soviets and they were the bad guys. We were told we were about 20 minutes or so from mutually-assured destruction and that the Russians (er, Soviets) hated us for our freedoms. Eventually, things changed. The Soviet Union fell but many of the old guard remained in power. Vladimir Vladimirovich Putin is a good example. He spent 16 years in the KGB, mustering out with the title of Lieutenant Colonel (the same rank Ollie North had when he was playing games with Iran and the Contras)
US-Brazil tensions flaring after report that NSA spying program targeted Brazil's president(Washington Post) The Brazilian government condemned a U.S. spy program that reportedly targeted the nation's leader, labeled it an "unacceptable invasion" of sovereignty and called Monday for international regulations to protect citizens and governments alike from cyber espionage. In a sign that fallout over the spy program is spreading, the newspaper Folha de S.Paulo reported that President Dilma Rousseff is considering canceling her October trip to the U.S., where she has been scheduled to be honored with a state dinner. Folha cited unidentified Rousseff aides. The president's office declined to comment
Report: U.S. Agency Spied on French Diplomats, al-Jazeera TV(Naharnet) The U.S. National Security Agency (NSA) spied on the internal communications of France's foreign ministry and diplomats and those of Qatar-based television station al-Jazeera, a German magazine said Sunday. Der Spiegel reported that in 2010 the NSA monitored the internal computer network of France's diplomats and that of the ministry itself by accessing so-called virtual private networks (VPN), a tool that generally offers a secure internet connection to users
NSA tops up exploit pool with $25m in 'grey market' vulnerabilities(CSO) The US National Security Agency (NSA) spent $25.1 million on software bugs from grey market vulnerability vendors in financial year 2013 as part of a larger offensive security program aimed at foreign networks, according to a recent report from Washington Post. Newly disclosed intelligence budget documents provided to the newspaper by former NSA contractor Edward Snowden revealed that US intelligence services are responsible for malware on tens of thousands of devices in foreign networks every year and the US government conducted 231 offensive cyber operations on foreign networks in 2011
Does Congress Have the Power to Enact A General Ban on the Use of Bugging Devices?(Volokh Conspiracy) Since 1968, federal law has prohibited the use of bugging devices — secret microphones — to record private conversations. Here's the relevant text: [A]ny person who…intentionally intercepts, endeavors to intercept, or procures any other person to intercept or endeavor to intercept, any…oral…communication [is guilty of a crime and commits a civil violation] [18 U.S.C. 2511(1)(a)]
Why Are We Spying on Israel?(Slate) The Washington Post's Barton Gellman has another blockbuster today from the mixed-up files of Mr. Edward J. Snowden, this one providing details of the top-secret $52.6 billion "black budget" for the 16 spy agencies that make up the U.S. intelligence community. Among other details, the report discusses the recent resurgence of the CIA and the intelligence community's new focus on "offensive cyber operations." It also includes this striking detail: Pakistan is described in detail as an "intractable target," and counterintelligence operations "are strategically focused against [the] priority targets of China, Russia, Iran, Cuba and Israel"
HHS drops 1-hour HIX breach notification rule(FierceHealthIT) HHS' final regulation on health insurance exchanges does not include a proposed mandate that healthcare organizations report all data breaches within one hour of discovery
Guarding new frontiers: Cyber defence body proposed(Express Tribune) Like terrorism and military aggression, cyber security must be treated as a major threat to the country, the Senate's panel on defence said on Saturday. The panel proposed creating an Inter Services Cyber Command (ISCC) under the office of Chairman Joints Chief of Staff Committee (CJCSC) to pre-empt any cyber attack
David Miranda was carrying password for secret files on piece of paper(Telegraph) A journalist's partner who was detained carrying thousands of British intelligence documents through Heathrow airport was also holding the password to an encrypted file written on a piece of paper, the government has disclosed.In a written statement handed to the High Court in London, a senior Cabinet Office security adviser said it showed "very poor judgment" by David Miranda and other people associated with him
54 Individuals Accused of Being Involved in South African Cybercrime Ring(Softpedia) A total of 54 individuals suspected of being involved in a major South African cybercrime ring will appear on Tuesday before a judge. According to authorities, cited by City Press, the suspects allegedly made over 15 million ZAR ($1.45 million / €1.1 million) with the aid of stolen information
TechCrunch Disrupt San Francisco(San Francisco, California, September 7 - 11, 2013) For the fourth year in a row, TechCrunch Disrupt will take over the San Francisco Design Center Concourse, and we're bringing the hottest startups and best minds in the industry with us. Block off September...
SANS CyberCon Fall 2013(Online, September 9 - 14, 2013) With sequestration still in place, organizations are finding themselves with training budgets, but drastically reduced travel budgets. This one-of-a-kind online training event brings SANS' top instructors...
15th Annual AT&T Cyber Security Conference(New York, New York, USA, September 10, 2013) The AT&T Cyber Security Conference is an annual day-long conference offered by the AT&T Chief Security Office. Combining the expertise of its security experts, the scale and reliability of its global IP...
International Common Criteria Conference(Orlando, Florida, USA, September 10 - 11, 2013) FBC invites you to participate in the International Common Criteria Conference (ICCC) taking place in Orlando, Florida. This is the first time since 2000 that the ICCC is taking place in the U.S. The ICCC...
GrrCon(Grand Rapids, Michigan, USA, September 12 - 13, 2013) Says IT World, "Another hacker conference, this time in Michigan. The schedule looks to be bawdy, brash and anything but dull, with hackers promising to "pwn" you before you leave town. There are also...
cybergamut Technical Tuesday: Malware Analysis for the Masses(Columbia, Maryland, USA, September 17, 2013) With malware becoming more prevalent, and the pool of capable reversers falling short of overall need, there is a greater need to provide quick and efficient malware analysis for network defense. With...
Shaping the Future of Cybersecurity Education Workshop(Gaithersburg, Maryland, USA, September 17 - 19, 2013) The third annual Shaping the Future of Cybersecurity Education Workshop will be held at the National Institute of Standards and Technology (NIST) in Gaithersburg, MD and focus on "Navigating the National...
NovaSec!(McLean, Virginia, USA, June 13, 2013) NovaSec! is Northern Virginia's largest Cybersecurity and physical security networking event of the year. We are bringing together security professionals from commercial and government organizations with...
Strange Loop(, January 1, 1970) Meet us in St. Louis, Sept 18-20th, 2013, to make connections with the creators and users of the languages, libraries, tools, and techniques at the forefront of the industry. Find out where we're going…and...
ISSA Cyber Security Forum at Ft Belvoir(Fort Belvoir, Virginia, USA, September 19, 2013) This event will allow personnel from Fort Belvoir the chance to learn about the latest cyber security trends, network with peers, discuss Army best practices and to view and demo some of the latest cyber...
CISO Executive Summit(Atlanta, Georgia, USA, September 19 - 20, 2013) Be on the forefront of a new global initiative where today's world-class leaders in information security will gather to navigate through international waters. Join these leaders as they follow the wind...
2013 Cyber Security Summit(New York, New York, USA, September 25, 2013) The 2013 Cyber Security Summit connects executives responsible for protecting their company's critical infrastructure with innovative product, service and solution providers. The one day event, to be...
4th Annual Cybersecurity Summit(Washington, DC, USA, September 25, 2013) GEN Keith Alexander, Commander of U.S. Cyber Command, Director of the NSA/Chief, Central Security Service and Dr. Pat Gallagher, Director, NIST are among the distinguished speakers confirmed to keynote...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.