The CyberWire Daily Briefing for 7.15.2013
LulzSec reappears, post-Sabu, to deface Peruvian government sites in protest against Peru's use of Level 3 hosting services (in LulzSec's mind an NSA cat's paw). Israel's Knesset successfully defends itself from cyber attack (possibly one inspired by Iran).
Spam-distributed malware, attacks on game makers, and spoof Twitter accounts highlight current threats. Researchers demonstrate a vulnerability in Verizon network extenders (Verizon says it's closed this particular hole). TrendMicro reports finding an unusual attack in the wild: a file infector with an unusual information theft routine.
InformationWeek wonders at the patch cycle, and asks why software vendors can't be as quick as Pwn2Own.
BAE sees coming consolidation in the cyber sector driven by increasingly stringent and sophisticated customer requirements—less capable firms will disappear; niche companies will be acquired.
The PRISM affair continues to give US businesses headaches. LulzSecPeru's animus against Level 3 is a minor but telling episode. Silicon Valley generally is worried about perceptions that it's too close to NSA. There are signs of a shifting labor market as well—US cyber talent may be shying away from Government employment. (Contrast Europe, where security services see an apparently PRISM-driven upswing in job applicants.)
The leaks continue to have diplomatic ramifications. Observers see them as a shot-in-the-arm for (US-opposed) efforts at national Internet controls. Germany's government receives criticism as Bild reports on its alleged cooperation with NSA.
None of this has softened the US line toward Chinese cyber operations, as the House considers extending security-motivated restrictions on acquisition of Chinese hardware.
Notes.
Today's issue includes events affecting Brazil, Bolivia, Brunei Darussalam, Cambodia, Canada, China, Cuba, Ecuador, European Union, Germany, Israel, Italy, Indonesia, Japan, Laos, Malaysia, Malta, Mexico, Myanmar, Nicaragua, Peru, Philippines, Russia, Singapore, Turkey, Thailand, United Kingdom, United States, Venezuela, and and Viet Nam..
Cyber Attacks, Threats, and Vulnerabilities
LulzSecPeru defaces, leaks data of Peru's government portals for using NSA's backed hosting service (Hack Read) LulzSecPeru known as one of the most skilled online hackavists are back, this time by the hackers have hacked and defaced the government of Peru's Citizen Service Portal for using hosting services of Global Crossing's server (now known as Level 3 Communications) that allegedly provides personal information of site's users to American's National Security Agency (NSA)
Knesset stymies major cyber attack (The Times of Israel) The Knesset successfully fended off a severe cyber attack on the parliament's computer system Sunday night, a spokesman said. According to Yotam Yakir, all the attacks were countered by the Knesset cybersecurity staff, with the assistance of other experts
New Zero-Day Attack Copies Earlier Flash Exploitation (NcAfee) Late on July 10, Microsoft released a blog post disclosing that they were aware of a zero-day attack in the wild. This attack exploits a previously unpatched
Android Malware: Separating Reality from Hype (eSecurity Planet) Reports of Android malware are rampant. Should enterprises be worried? You don't have to look hard to find ominous stories about malware on the Android platform. The exact numbers may change, but somewhere north of 90 percent of mobile malware has been found to target
JAVA_EXPLOIT.ZC (TrendLabs Security Intelligence Blog) This is a malicious applet that downloads and executes a file infector detected as PE_EXPIRO.JX-O. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram shown below
File Infector EXPIRO Hits US, Steals FTP Credentials (TrendLabs Security Intelligence Blog) An unusual attack has been spotted in the wild, using an unexpected combination of threats. This attack used exploit kits (in particular Java and PDF exploits) to deliver file infectors onto vulnerable systems. Interestingly, these file infectors have information theft routines, which is a behavior not usually found among file infectors. These malware are part of PE_EXPIRO family, file infectors that was first spotted spotted in 2010. In addition to standard file infection routines, the variants seen in this attack also have information theft routines, an uncommon routine for file infectors. The infection chain goes something like this
Dramatic increase in phishing scams as criminals target Apple IDs (Muscat Daily) Kaspersky Lab recently published a report that analysed increase in cyber criminal campaigns to steal users' Apple IDs and account information by creating fraudulent phishing sites that imitate the official Apple site. Cyber criminals
Tens of thousands of spamvertised emails lead to the Win32/PrimeCasino PUA (Potentially Unwanted Application) (Webroot Threat Blog) Looking for legitimate online gambling services? You may want to skip the rogue online casinos that I'll highlight in this post. Over the past few days, we intercepted multiple spam campaigns launched by the same party, enticing users into downloading fake online casinos most commonly known as the Win32/PrimeCasino/Win32/Casonline PUA (Potentially Unwanted Application)
Thousand of Konami and Bohemia Interactive accounts affected by cyber-attack (GameDynamo) It is definitely worrying that several gamemakers have been hit by cyber-attacks this month, and that the attacks don't seem to be stopping. Following reports of hackers breaking into Ubisoft's website and Nintendo's Club Nintendo site, Konami has
British PM Links to Spoof Twitter Account (Cyberwarzone) British Prime Minister David Cameron fell victim to a Twitter spoof on Monday when he sent a message linked to a fake account that lampoons the government and portrays ministers as a privileged elite
Go ahead, Asia, have a look in your Dropbox… We DARE you — hackers (The Register) 10-country trade group targeted by NYT hacking crew, claim researchers. The Chinese hacking crew that made headlines worldwide after a high-profile series of attacks against the New York Times last year has returned with assaults against South East Asia, at least according to threat intelligence firm Cyber Squared
Unusual Facebook spam campaign delivers malicious Macros (Help Net Security) A bizarre spam / malware delivery campaign is currently targeting Facebook users. It starts with the offer to see a video of a girl performing a salacious act - and this is the first and only
Turkish hackers Leak 40K Accounts Data From Sony Italy (Cyberwarzone) Maxney, a hacker of the Turkish Ajan group, has announced another attack against a high-profile company. They have leaked over 40,000 records allegedly belonging to Sony Italy customers
Hacked Verizon device Mobile Spy Station (Cyberwarzone) Two security experts said they have figured out how to spy on Verizon Wireless mobile phone customers by hacking into devices the U.S. carrier sells to boost wireless signals indoors
How Hackers Tapped Into My Cellphone For Less Than $300 (Cyberwarzone) In the wake of the National Security Agency cyber-spying revelations, you may be worrying about the government keeping track of your digital life. But, for less than $300, a group of ordinary hackers found a way to tap right into Verizon cellphones
Japanese government accidentally shares internal mails over Google Groups (PCWorld) A Japanese ministry is conducting an internal investigation after a Google Groups account used for international treaty negotiations was left on its default, publicly viewable settings
Security Patches, Mitigations, and Software Updates
Overcome The Microsoft Mindset: Patch Faster (InformationWeek) Why can't vendors patch every critical bug like it was the Pwn2Own competition
Cyber Trends
Think sandboxing will stop malware? Here's why you're wrong, Apple (The Guardian) The announcement that Apple will introduce 'sandboxing' for code on Macs, and that Microsoft has similar plans for some Windows 8 apps, doesn't mean the malware problem is going to end
One big threat to cybersecurity: IT geeks can't talk to management (Quartz) A new report on the state of risk-based cybersecurity management helps explain why IT employees and their corporate bosses don't see eye to eye about hacking and other computer-based threats
Cyber security in private sector a 'significant' problem: Public Safety records (CTV News) In September, Telvent Canada announced it had suffered a cyber attack which security firm Mandiant later linked to Chinese military hackers. Telvent quickly shut off access to its clients to prevent the intruders from infiltrating their systems and
Experts warn of data theft in firms (Deccan Chronicle) Companies should take reasonable precautions to keep their data secure since nearly 50,000 of them worldwide were coming under cyber attack every day, according to speakers at a conference on cyber security, organised by the Confederation of Indian Industry (CII) here on Saturday
Marketplace
BAE Says Cyber-Security Is Survival of Fittest as Field Shrinks (Bloomberg) Cyber-security activities account for about 25 percent of Detica's sales, with the rest from data-management services and financial compliance
The Market in Zero-Day Exploits (Lawfare) Today's New York Times, brings a rich article by Nicole Perlroth and David Sanger on the growing market in zero-day exploits. Zero-day exploits are previously unknown flaws in computer programming that make it possible to subvert the program. They are
Nations Buying as Hackers Sell Computer Flaws (Cyberwarzone) On the tiny Mediterranean island of Malta, two Italian hackers have been searching for bugs not the island's many beetle varieties, but secret flaws in computer code that governments pay hundreds of thousands of dollars to learn about and exploit
NSA Data Collection Worrisome For Global Firms (Dark Reading) While Microsoft, Google, Facebook and other tech firms have downplayed their participation in government spying programs, U.S. and international companies should worry about access to their data in the cloud
Could NSA spying hurt California economy? (San Diego Union Tribune) California and its businesses have a problem. It's called the National Security Agency. That may sound provincial. The debate over the massive NSA surveillance programs disclosed by Edward Snowden is a national and global matter, not just a California concern
US Hackers Cooling Off Towards Federal Agencies (Voice of America) Past gatherings were regularly attended by officials from the Central Intelligence Agency (CIA), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), the Secret Service and various military agencies. Last year's keynote
The ban on feds at Defcon draws a mixed reaction (CSO) Call for U.S. government workers to avoid security conference rankles some cyber warriors, gets cheers from others
Microsoft Leaks Reveal Depth of NSA's Ties with Silicon Valley (Foreign Policy) Judging by the latest revelations made by Edward Snowden, the National Security Agency has Microsoft firmly in its pocket
DARPA picks six companies to define enabling technologies for U.S. cyber warfare strategy (GovConWire) Information security experts at the U.S. Defense Advanced Research Projects Agency (DARPA) in Arlington, Va., have chosen six companies so far to define ways of understanding, planning, and managing military cyber warfare operations in real-time, large-scale, and dynamic networks
Node.js just got an enterprise-grade security shot in the arm (exclusive) (VentureBeat) As with all young technology projects, Node has experienced its fair share of FUD on its way to the enterprise, and some of that FUD has been around security. To help ease the FUD and make Node more secure and hacker-proof, The Node Firm, a consultancy/brain trust for Node.js, has just acquired the mind behind The Node Security Project, one Mr. Adam Baldwin
IBM acquires Israeli cloud computing firm (Washington Business Journal) IBM has acquired Computing Solutions Leaders International, a leading provider of virtualization management technology for IBM's zEnterprise system, according to The Algemeiner
Israel eyes Lockheed Martin for IT move to new Military Intelligence site (World Tribune) lockheed-martin-6500 L-M was teamed with Israel's Bynet Data Communications to upgrade software and prevent cyber attacks as part of the military's so-called Project 5/9. "We specialize in carrying out especially difficult migration to computer system
Products, Services, and Solutions
List of Recommended Pocket-Friendly AntiVirus Software Published on Boffin Today (Newsday) Boffin software review website revealed the top choices for free antivirus software that offer quality system protection to users' devices. The list includes anti-virus gems such as Avira and Avast, as well as lesser-known ones but equally efficient software
Estonia publishes its e-voting source code on GitHub (Ars Technica) System architect says he welcomes "development and security of the e-elections." Estonia, which created the world's first nationwide Internet-based voting system, has finally released its source code to the public in an attempt to assuage a longstanding concern by critics
DeepDB: General Purpose Database For Big Data Era (InformationWeek) Startup's new database handles structured, semi-structured and unstructured data. But is it a hard sell in today's enterprise
Technologies, Techniques, and Standards
IT/NETWORKING—Encryption 101 (SecurityInfoWatch) The key standards used today to provide public-key cryptography conform to the American National Standards Institute (ANSI), and International Standards organization (ISO). The most prevalent and widely used set of cryptographic standards is published
Protection technology can prevent cyber attacks (Times of India) Kaspersky Lab has said in a statement that protection technologies can help avoid targeted attacks on office computers. It said that according to surveys in Europe and the United States, company employees spend up to 30% of their working hours on private affairs. By multiplying the hours spent on non-business-related things by the average cost of the working hour, the analysts estimate the costs to companies amounting to millions of dollars a year. Indirect losses may be even higher. If these employees - inadvertently or otherwise - assist hack attacks or identity theft, cause reputational damage or infringe copyright, the costs could be even greater
Browser Plug-In Vulns The Endpoint's Weakest Link (Dark Reading) As much attention is given to zero-day attacks and system vulnerabilities, the typical exploit assaulting enterprise endpoints actually looks for a much easier attack vector to launch attacks. In more cases than not, the application used to access the Web is also the one most online attackers will target. That's because most attackers and online exploit kit designers realize that the common browser is usually an endpoint's weakest link. Not only are enterprises generally slow to keep up with browser patching, they're downright sluggish at updating plug-ins and extensions
Academia
Cyber security camp aims to address a national issue (WDDE 91.1FM) First State students are learning what it takes to face some of the 21st centuries biggest security threats. Federal and state officials joined together at Wilmington University's New Castle campus on Friday to congratulate the 4th graduating class of the United State Cyber Challenge Delaware Camp. 47 students from Delaware's universities spent a week at the campus taking specialized cyber security classes from college teachers and cyber security experts. While the annual camp taught students valuable skills that improve their marketability, it also helped to identify students with the skills and dedication needed to fill the growing need of cyber security professionals
Legislation, Policy, and Regulation
Iran's New President Hints At Easing Internet Controls (NPR) Iran's President-elect Hasan Rowhani has already called for less filtering of the Internet, saying Iran must maintain its principles, but also needs to engage with the wider world
NSA Leaks Stir Plans in Russia to Control Net (New York Times) N.S.A. Leaks Stir Plans in Russia to Control Net. By ANDREW E. KRAMER. Published: July 14, 2013. MOSCOW -- Edward J. Snowden, the former National Security Agency contractor, fled the United States saying he didn't want to live in a surveillance state
Why NSA spying scares the world (CNN) In 2011, I was on a panel, organized by the security company RSA, with two retired National Security Agency directors, Michael Hayden and Kenneth Minihan. During the course of our debate, I raised concerns, as the only non-American on the panel, that their plans and preferences for having the NSA secure cyberspace for the rest of us were not exactly reassuring. To this, Minihan replied that I should not describe myself as "Canadian" but rather "North American"
Snowden affair chills US–Latin American ties (Cyberwarzone) America's "backyard," as Secretary of State John Kerry once referred to Latin America, is sprouting angry weeds as the scandal involving intelligence leaker Edward Snowden lays bare already thorny U.S. relations with Latin America
German Chancellor Urges Strict EU Data Protection Rules (SecurityWeek) German Chancellor Angela Merkel called Sunday for EU-wide data protection rules and transparency from Internet giants such as Google and Facebook, reacting to reports of sweeping US online surveillance
German spies made use of U.S. surveillance data (Cyberwarzone) Germany's foreign intelligence agency (BND) has known about U.S. surveillance and storage of German data for years and used it in cases of Germans kidnapped abroad, the mass-circulation daily Bild reported on Monday
German opposition criticizes Merkel minister over US snooping (Chicago Tribune) The question of how much the government knew about reports of intrusive surveillance by the U.S. National Security Agency (NSA) has touched a raw nerve in Germany just two months before the election, in which Merkel is tipped to win a third term
Artist investigated after shining Kim Dotcom "light art" on US Embassy (Ars Technica) "United Stasi of America" image shone onto walls of US Embassy for 30 seconds. A German artist may now potentially face criminal charges in Germany after he projected a huge image onto the walls of the United States Embassy in Berlin last Sunday
NSA Chief's Methods Fuel Debate On Privacy (Washington Post) In his eight years at the helm of the country's electronic surveillance agency, Alexander, 61, has quietly presided over a revolution in the government's ability to scoop up information in the name of national security. And, as he did in Iraq, Alexander has pushed hard for everything he can get: tools, resources and the legal authority to collect and store vast quantities of raw information on American and foreign communications
DHS Secretary Janet Napolitano announces resignation (Daily Caller) Director of US National Intelligence James Clapper (L), Homeland Security Director Janet Napolitano (C) and US Attorney General Eric Holder (R) share a few words before US President Barack Obama speaks in the Rose Garden at the White House in
DHS secretary Napolitano's exit leaves leadership vacuum (CSO) Departure brings the number of vacant or soon-to-be vacant leadership positions at Homeland Security to 15, seven requiring confirmation
A DHS Cabinet Officer Goes — The Problems Remain (Security Debrief) The same "continuity" goes for at least five issues outgoing-Homeland Security Secretary Janet Napolitano's successor will face at the Department of Homeland Security (DHS). First, and foremost, we are not stopping homegrown terrorism. The cellular
Possible contenders to lead Department of Homeland Security (Fox News) Her move leaves a void at the top of the government agency tasked with keeping Americans safe and overseeing everything from immigration and border patrol to cyber security as well as responses to natural disasters like Hurricane Sandy. Even though
Large agencies on board with DHS' cyber program (Federal Times) DHS will centrally oversee the procurement, operations, and maintenance of diagnostic tools for agencies to quickly identify and fix cyber risks in their networks. DHS expects the tools will eventually conduct 60 billion to 80 billion security checks
US Government Works with Internet Firms to Stop Chinese Cyber Attacks (ExecutiveGov) The U.S. government has been collaborating with Internet service providers in an effort to intercept cyber attacks from China, The Wall Street Journal reported Friday. Danny Yadron and Siobhan Gorman write the U.S. Department of Homeland Security
Feds Shared Chinese Hacker Data With Service Providers (InformationWeek) FBI and Homeland Security temporarily slowed attacks by giving U.S. service providers info on Chinese hackers' command-and-control infrastructure. The FBI and Department of Homeland Security (DHS) in February supplied hundreds of IP addresses of suspected Chinese command-and-control (C&C) servers to U.S. service providers
House Appropriations to consider extending anti-Chinese supply chain measure (FierceGovIT) A temporary anti-Chinese manufacturer supply chain measure currently in force for a handful of major agencies would stay in effect through fiscal 2014 under a provision included in a subcommittee spending bill
Schumer, Israel want secret court less secret (Newsday) A month after leaks revealed that the National Security Agency collects millions of U.S. telephone and Internet records, two federal lawmakers representing Long Island say they want the secret court that OKs spying and surveillance programs to be more transparent and accountable
Litigation, Investigation, and Law Enforcement
Russia risks US wrath on Snowden asylum (Dawn) Russia on Saturday faced stark warnings from the United States against granting asylum to fugitive US leaker Edward Snowden after he broke three weeks of silence to tell activists he wanted sanctuary in the country
NSA Leaker Says He Has 'No Regrets' (USA Today) Meanwhile, Glenn Greenwald, the columnist with The Guardian newspaper who first published the leaked documents, said Sunday that Snowden has sensitive "blueprints" detailing how the NSA operates that would allow someone who read them to evade or duplicate NSA surveillance
NSA Spying Lawsuit Advances Despite Long Odds, National Security Concerns (Huffington Post) Klein had recently read in The New York Times that the National Security Agency was eavesdropping on phone calls coming in and out of the United States without obtaining warrants. Based on what he had learned about room 641A, he assumed that the
Snowden Has 'Blueprints' to NSA (Cyberwarzone) Edward Snowden has highly sensitive documents on how the National Security Agency is structured and operates that could harm the U.S. government, but has insisted that they not be made public, a journalist close to the NSA leaker said
L'affaire Snowden and (Computer) Security (PJ Media) UNCLASSIFIED, CONFIDENTIAL, SECRET, and TOP SECRET: So not the whole story
NHS Surrey fined £200,000 after losing patients' records (BBC) The NHS Surrey data breach was one of the most serious the ICO has seen. NHS Surrey has been fined £200,000 by data regulators over the loss of sensitive information about more than 3,000 patients
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
London Summer 2013 (London, England, UK, Jul 9 - 16, 2013) SANS London Summer takes place at the London Marriott Hotel Kensington and gives security professionals the opportunity to take one of four of SANS most popular 6-day courses and the 2-day "Securing The Human" course.
Mobility Solutions for the Federal Market (Falls Church, Virginia, USA, Jul 16, 2013) With the improvements in mobile technology, smart phones and tablets, DOD, DHS and Civilian agencies have an opportunity to improve their service delivery models and the programs that serve their constituents. In order to accomplish this, Agencies across all branches of government must understand how and where mobile technology can be leveraged, where it's already being successfully leveraged to improve service delivery, and identify the areas of improvement necessary within their agency or program to ensure today's workforce is leveraging mobile technology to help their agency accomplish their goals. Join us at this highly interactive July 16th Potomac Officers Club Mobility Summit where our speakers will be addressing strategic issues.
2013 World Comp (Las Vegas, Nevada, USA, Jul 22 - 23, 2013) 2200 leading researchers, academics, and executives from government, academia and industry will come together at this annual event which facilitates communication among researchers in different fields of computer science, computer engineering, and applied computing.
Black Hat 2013 (Las Vegas, Nevada, USA, Jul 27 - Aug 1, 2013) Black Hat USA is a major international security conference, featuring learning, networking, and skill-building. Sessions include training, briefings, technical presentations, and more.
SECRYPT 2013 (Reykjavik, Iceland, Jul 29 - 31, 2013) The 10th International Conference on Security and Cryptography (SECRYPT 2013) will take place from 29 to 31 July 2013 in Reykjavik, Iceland…The conference will focus on information systems and network security, including applications within the scope of knowledge society in general and information systems development in particular, especially in the context of e-business, internet and global enterprises. It will bring together researchers, mathematicians, engineers and practitioners interested in security aspects related to information and communication.
International Conference on Cyber Security (New York, New York, USA, Aug 5 - 8, 2013) The Federal Bureau of Investigation and Fordham University will host the fourth International Conference on Cyber Security (ICCS 2013) on August 5 - 8, 2013 in New York City. ICCS, the White Hat Summit, is an unparalleled opportunity for global leaders in cyber threat analysis, operations and law enforcement to coordinate their efforts to create a more secure world. With the number of cyber threats escalating worldwide, the need for comprehensive security analysis, assessment, and actions has never been greater. Join those working on the front-lines of secure cyber networks at ICCS for the opportunity to learn useful knowledge and share critical intelligence on issues shaping the future of cyber security.
SINET Innovation Summit (New York, New York, USA, Aug 6, 2013) The purpose of the Innovation Summit is to reinvigorate public private partnership efforts and increase relationships between industry, government and academia that fosters sharing of information and collaboration on mutual Cybersecurity research projects.
3rd Annual Cyber Security Training Forum (Colorado Springs, Colorado, USA, Aug 6 - 7, 2013) The Information Systems Security Association (ISSA) - Colorado Springs Chapter and FBC, Inc. will once again host the 3rd Annual Cyber Security Training Forum (CSTF). Formerly known as the Cyber Security Training Conference, CSTF is set to convene from Tuesday August 6, 2013 to Wednesday, August 7, 2013 at the DoubleTree by Hilton, Colorado Springs, Colorado.CSTF 2013 will bring together cyber experts from the DoD, federal government, business, research, and academia to address: the latest DoD and government cyber policies, remediation strategies and best practices, the growing impact, and evolution, of cyber threats and how to continue to protect and defend the Global Information Grid (GIG), mobility strategies, cloud & virtualization advancements, and emerging technologies. This will be accomplished through a number of in-depth cyber sessions, hands on live demonstrations, the yearly cyber challenge and government and industry exhibits. Don't miss this educational, and cost effective, cyber event in Colorado Springs, CO..
AIAA Aviation 2013 (Los Angeles, California, USA, Aug 12 - 14, 2013) Leading cybersecurity experts will speak at AIAA AVIATION 2013, being held August 12-14 at the Hyatt Regency Century Plaza, Los Angeles, Calif. Hosted by the American Institute of Aeronautics and Astronautics, the conference will address the risk of the evolving cyber threats to the world's $2.2 trillion commercial aviation enterprise.
A Cloud Computing Introduction for Manager (Columbia, Maryland, Sioux Falls, Aug 13, 2013) Cloud computing is becoming popular. More and more Technical Managers and Project Managers will be interacting with cloud computing, either developing clouds, using clouds, or selecting among cloud and non-cloud alternatives to accomplish their projects. This talk provides a brief and basic introduction to cloud computing, what managers need to know about cloud computing, what are some of the myths, and what they need to ask about cloud computing from service providers. The presentation will include selected questions specific to managers associated with government projects and security risks of cloud computing. This non-technical presentation will help managers understand cloud basics and how to ask better questions when a cloud becomes part of your project. Dr. Patrick Allen of Johns Hopkins University Applied Physics Lab will be the presenter.
Resilience Week 201 (San Francisco, California, USA, Aug 13 - 15, 2013) 2013 Resilience Week brings together colleagues across government, academia and industry to facilitate an exchange of ideas dedicated to promising research in resilient systems that will protect cyber-physical infrastructures from unexpected and malicious threats - securing our way of life. Four different symposia will be offered: Resilient Control Systems, Resilient Cyber Systems, Resilient Cognitive Systems, and Resilient Communication Systems. Keynotes will be provided by numerous leading subject matter experts - from agencies including: NSA, DARPA, Sandia National Laboratory, and Office of the Assistant Secretary of Defense for Research and Engineering.
Kirtland AFB/Sandia/DOE Cyber Security Seminar & IT Expo (Albuquerque, New Mexico, USA, Aug 15, 2013) This expo is designed to stimulate exchanges of information between industry partners and Kirtland AFB Information Management Officers', Information Technology personnel, Contracting Officers' as well as end-users, developers, scientists, researchers and project managers in the areas of cyber security and information technology.
National SCADA Conference (Melbourne, Victoria, Australia, Aug 15 - 16, 2013) The 12th Annual National SCADA Conference, Australia's largest and longest running SCADA conference, will bring together many of the luminaries of the Australian and International SCADA community to evaluate and find solutions for the increasing demands of the SCADA environment. The theme for 2013 will be delivering intelligence and improved performance to SCADA networks. The SCADA conference program will deliver fantastic first-hand knowledge from leading international and local SCADA experts with a great mix of burning SCADA issues, case studies, security and real world implementations together with practical advice. The networking opportunities provided coupled with the largest SCADA exhibition in the Southern Hemisphere ensure the National SCADA Conference is a must attend event for Australia's and New Zealand's SCADA Communit.
First International Conference on Cyber-Physical Systems, Networks, and Application (Taipei, Taiwan, Aug 19 - 20, 2013) CPSNA 2013 will focus on core challenges of cyber-physical systems. Given a tight integration of computation and the physical world, cyber-physical systems must compose robust systems, networks, and applications built upon predictable, analyzable, and certifiable models and abstractions. CPSNA 2013 will serve as a forum to discuss new ideas for such core challenges of cyber-physical systems.
SANS Thailand 201 (Bangkok, Thailand, Aug 19 - 31, 2013) SANS hands-on advanced Information Security training is coming to Thailand this August! SANS is bringing our Web App Penetration Testing course to the Crowne Plaza Bangkok Lumpini Park in Bangkok, Thailand.
Human Cyber Forensics Forum (Washington, DC, USA, Aug 21, 2013) This forum brings together subject matter experts to discover and share new means of recognizing the human indicators related to cyber intrusions, and the evolution of these human indicators in the coming decades.