Maryland leads the nation in cybersecurity with a large, highly qualified workforce, 20,000 job openings, investment opportunities, and proximity to key buyers.
March 4, 2016.
By The CyberWire Staff
The "Naikon" threat group, active for more than a year in Southeast Asia, seems to have ceased operations, or at least dropped from sight, according to Kaspersky, which has been tracking them.
ISIS appears to be earning money through various forms of currency manipulation. Senior US officials have repeatedly promised over the week that American cyber attacks will substantially degrade ISIS capabilities. One wonders whether the US cyber offensive against ISIS communications (which according to reports is having effect) will eventually turn to interdiction of Halawa monetary remittance systems.
The attack on Western Ukraine's power grid last December attract further analysis. Recorded Future reports what it's learned from open sources about BlackEnergy and related attack traffic.
The Triada Trojan currently afflicting Android devices is, according to researchers at Kaspersky Labs, "as complex as any Windows malware." Kaspersky sees the growing complexity and sophistication of mobile malware as a reflection of criminals diverting their attention toward relatively poorly protected mobile devices.
Cisco updated its switches Wednesday. Among the fixes was removal of weak static credentials.
In industry news, observers are struck by a growing degree of cooperation among companies one might normally expect to have a purely competitive relationship.
In the continuing dispute between Apple and the FBI over Government OS, Apple has picked up a surprisingly large number of partisans among former senior US intelligence and security officials.
The French parliament has moved to pre-empt a similar legal face-off with legislation designed to punish companies whose encryption impeded police investigations.
Today's issue includes events affecting Cambodia, China, France, Indonesia, Iraq, Laos, Malaysia, Myanmar, Nepal, Philippines, Russia, Singapore, Syria, Thailand, Ukraine, United Kingdom, United States, and Vietnam.
2016 National Conference of Minority Cybersecurity Professionals(Washington, DC, March 23 - 24, 2016) The landmark ICMCP conference will elevate the national dialogue on the necessary measures needed to attract and develop minority cybersecurity practitioners to address the cross-industry cybersecurity skills shortage.
Women in Cybersecurity (WiCYS) 2016(Dallas, TX, March 31 - April 2, 2016) The 3rd annual conference brings together women (students, faculty, researchers, professionals) in cybersecurity from academia, research organizations and industry for the sharing of knowledge and experience, networking and mentoring.
RSA Conference 2016: A chat with the UK’s cyber envoy to the U.S.(Stack) Over at RSA Conference 2016, The Stack’s security editor, Richard Morrell, meets and talks with the British Cyber Envoy to the United States, and takes a deeper look at one of the most interesting British companies making an impression at San Francisco this week
Authentication: One Size Does Not FIt All(RSA Blogs) I’ve been coming to the RSA conference on and off (mostly on) for more than 15 years, and each year there seems to be more strong authentication vendors demonstrating new and interesting approaches to authenticating end users
Researcher demonstrates hijacking of police drone(Help Net Security) A security researcher has demonstrated to the RSA Conference crowd how he – or anyone, for that matter – can take over control of a drone used by the Dutch police and make it do anything the rightful owner can
Cybercrime trends point to growing sophistication(TechTarget) Cybercrime trends point to an alarming increase in advanced social engineering techniques and customized, targeted document-based malware attacks in 2016, according to Sophos research
Security is ‘easy': Just ask someone at RSA(We Live Security) It might seem cliché but the biggest vulnerability companies face today is not technological; it's human. Unfortunately, not much has changed in the past half-century
Digital Identity Graph helps detect fraud, cyberattacks(Help Net Security) ThreatMetrix announced at RSA Conference the newest innovation in the fight against global cybercrime – the Digital Identity Graph, a framework for anonymized global digital identities on the internet
ISIS 'making millions' by gaming forex markets(CNBC) The militant group that calls itself Islamic State (ISIS) is exploiting national banking operations in Iraq and could be making up to $25 million a month in Middle Eastern money markets, according to experts
Shedding Light on BlackEnergy With Open Source Intelligence(Recorded Future) If you’re like me, you don’t have access to the malware samples that infected the Ukrainian ICS (industrial control system) networks. You also don’t have packet captures or event logs to try to recreate the series of events that lead to over 200,000 people losing power in late December of last year
Attacks are basically the same no matter the industry(CSO) In 2007, the Aurora generator test showed that a cyber attack could cause physical damage to a power grid, but January's attack in Ukraine awakened security professionals to the reality of the risks to the energy sector
Why Bitcoin is not the root cause of ransomware(CoinCenter) Ransomware has been around for a while—turns out it’s about twenty years older than Bitcoin—but it’s been in the news again recently because of a particularly upsetting case involving a Los Angeles Hospital
IoT Security: Industry Finally Waking Up To The Dangers(InformationWeek) For the last several years, Internet of Things security has been one of the most hotly debated topics at Mobile World Congress. This year, however, IoT security took on a new sense of urgency as more devices are being connected and the technology turns mainstream
Deloitte Highlights Israel's Rise as 'Blockchain Hotspot'(CoinDesk) A new report from global professional services firm Deloitte focuses on Israel's development into a blockchain hub, outlining the work of a number of startups working on distributed ledger solutions across a variety of industries
CACI makes U.K. cyber deal(Washington Technology) While CACI International may be digesting its largest acquisition ever – the $550 million purchase of L-3 national security business – its U.K. subsidiary has shown the copy is always on the look out for another deal
Engility appoints former Raytheon executive Lynn Dugle as CEO(Lawyer Herald) Engility Holdings Inc. has announced its new CEO after Tony Smeraglinolo stepped down. It declared former Raytheon Intelligence, Information and Services president Lynn Dugle for the job aiming for organic growth and repayment of debt
Is DevOps the Holy Grail for information security?(CSO) DevOps is the computing philosophy that, through unified agile software development and business operations, you can improve your products and time to market. But does it actually improve information security?
Cybersecurity and the Internet of Things(Lexology) The "Internet of Things", commonly referred to as the "IoT", is a phrase that loosely describes the growing body of Internet-connected devices, gadgets, and other items that do not fit the traditional concept of a "computer"
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
International Academic Business Conference(New Orleans, Louisiana, USA, March 6 - 10, 2016) The Clute Institute of Littleton Colorado sponsors six academic conferences annually that include sessions on all aspects of cybersecurity. Cybersecurity professionals from industry and academics are...
CISO Chicago Summit(Chicago, Illinois, USA, March 8, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations...
Navigating Summit 2016(Canberra, Australia, March 8, 2016) The Australian government has pledged to create a future-proofed nation, one that is fit to drive higher economic growth and improved standards of living using information technology innovatively. Privacy...
CISO Atlanta Summit(Atlanta, Georgia, USA, March 10, 2016) Tactics and Best Practices for Taking on Enterprise IT Security Threats. With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing...
The Atlantic Council's Cyber 9/12 Student Challenge(Washington, D.C. USA, March 11 - 12, 2016) Now entering its fourth year, the Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges...
SANS 2016(Orlando, Florida, USA, March 12 - 19, 2016) It is time we unite, join forces, and show that if we work together, we can make a measurable difference in security. It is our pleasure to announce that SANS 2016 is back in Orlando, Florida March 12-21
Pwn2Own 2016(Vancouver, British Columbia, Canada, March 16 - 17, 2016) Since its inception in 2007, Pwn2Own has increased the challenge level at each new competition, and this year is no different. While the latest browsers from Google, Microsoft, and Apple are still targets,...
Insider Threat Symposium & Expo™(San Antonio, Texas, USA, March 17, 2016) The Insider Threat Symposium & Expo was created in the wake of the recent data breaches affecting the U.S. Government (WikiLeaks, NSA Breach), and the continued damaging and costly insider threat incidents...
ICCWS 2016(Boston, Massachusetts, USA, March 17 - 18, 2016) ICCWS 2016 will cover the complex but exciting aspects of international cyber warfare and security
CISO Summit France(Paris, France, March 22, 2016) A forum for innovative IT thought leaders across France. Despite economic instability in the euro zone amid an on-going global financial crisis, IT spending worldwide is expected to increase in the coming...
Risk Management Summit(New York, New York, USA, March 22 - 23, 2016) The Business Insurance Risk Management Summit is a unique two-day conference serving the information and networking needs of senior risk managers, benefits managers and related decision makers from the...
Artificial Intelligence and Autonomous Robotics(Clingendael, the Netherlands, March 23 - 24, 2016) Artificial Intelligence (AI) has been a feature of science fiction writing for almost a century, but it is only in more recent years that the prospect of truly autonomous robotics — even those that...
Commonwealth Cybersecurity Forum 2016(London, England, UK, March 23 - 24, 2016) The Commonwealth, built on consensus and mutual support, is an ideal platform to build international cooperation on various aspects of cybersecurity. CTO's Commonwealth Cybersecurity Forum brings together...
Black Hat Asia 2016(Singapore, March 29, 2016) Black Hat is returning to Asia again in 2016, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days — two...
SecureWorld Boston(Boston, Massachussetts, USA, March 29 - 30, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...
Insider Threat Summit(Monterey, California, USA, March 29 - 30, 2016) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical...
TU-Automotive Cybersecurity USA 2016(Novi, Michigan, USA, March 29 - 30, 2016) TU-Automotive Cybersecurity dissects the real issues behind the headlines, helping you to apply technology and best practices to deliver robust security defenses and processes within a more secure ecosystem.
Women in Cyber Security 2016(Dallas, Texas, USA, March 31 - April 2, 2016) With support from National Science Foundation, Award #1303441 (Capacity Building in Cybersecurity: Broadening Participation of Women In Cybersecurity through the Women in Cybersecurity Conference and Professional...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.