The CyberWire Daily Briefing for 8.28.2013
Late yesterday the Syrian Electronic Army (SEA) compromised the New York Times and Twitter. The attack, discovered when the SEA tweeted its success, was accomplished by taking over a reseller account at domain name provider Melbourne IT. Other outlets were also affected: the New York Times and Twitter are the two most prominent. This marks the second high-profile SEA hack of media outlets in less than a week.
Redirection and disruption aside, the attack is serious because of its potential for confidential source compromise (important to the Assad regime as it faces a pending UN Security Council resolution authorizing intervention in the Syrian Civil War) and man-in-the-middle exploitation. It's also worth remembering that an enterprise can be attacked through its web-hosting providers, domain name registrars, and DNS resolution providers.
G-20 participants are targeted for APT installation via a phishing campaign run by Calc Team and other groups associated with China's People's Liberation Army.
More malware evolution is seen as Drive, a version of the DirtJumper DDoS toolkit, gains capability to bypass mitigations. The mitigations are older and less capable, but the development is more evidence of a disturbing trend.
China slowly dribbles out information on its weekend DDoS incident. Nasdaq and NYSE blame each other for last week's flash freeze; the SEC investigates.
In industry news, IBM wins a contract to handle security data at Australian airports. Businesses look for confidential ways of sharing attack information.
LOVEINT abuse at NSA was apparently discovered largely through self-disclosure, not monitoring or auditing.
Today's issue includes events affecting Australia, Canada, China, European Union, Germany, India, Pakistan, Philippines, Russia, Syria, and United States..
Cyber Attacks, Threats, and Vulnerabilities
Syrian Electronic Army Hacked Domain Name Servers of Twitter and New York Times (Fast Company) The Syrian Electronic Army has hacked into domain name servers belonging to Twitter, whilst attacking those belonging to both the New York Times and the Huffington Post's U.K. site. The attack, which happened around 6pm EST yesterday, altered contact details and DNS records--which would enable the hackers to send visitors to the compromised sites to anywhere on the web they wanted. The first anyone knew about it was when the SEA posted an image on its Twitter feed
Twitter, New York Times, other marquee sites hit by powerful cyber attack (InfoWorld) The Syrian Electronic Army is believed to have modified DNS records for many websites. Twitter, The New York Times, and other prominent websites were struck by a powerful cyberattack that continued affecting other websites into Tuesday evening, directing visitors to a site purportedly controlled by the Syrian Electronic Army (SEA). The attackers apparently struck an Australian IT services company, Melbourne IT, which provides domain name registration services. The pro-Syrian government SEA has recently conducted several high-profile attacks against media and other websites
Syrian Electronic Army Hack Results in Compromise of Domain Data for NY Times, Twitter (Threatpost) The Syrian Electronic Army, a group known for attacking high-profile media sites in the last year or so, has in the last few hours compromised the domain information for a large number of sites, including the New York Times home page and some of Twitter's domains. Security researchers say that the most likely attack vector
Melbourne IT tells how hacker launched NY Times cyberattack (C/NET) The newspaper's domain name registrar says that someone took over a reseller account on Melbourne IT's systems to take down the Web site of the New York Times
Syrian Electronic Army brings down Twitter and The New York Times through domain name provider hack (Naked Security) Slightly more than a week after the Syrian Electronic Army (SEA) redirected readers of Time, CNN and The Washington Post through its hack of Outbrain, the group continued its online assault of Western media companies by taking down social media giant Twitter and "newspaper of record" The New York Times
NY Times DNS Compromised (Internet Storm Center) The website for the New York Times was taken offline today by way of an attack on their DNS. Shown below is the summary Dr. J whipped up
Twitter and New York Times clash with hackers for control of their sites (Ars Technica) For a good chunk of Tuesday, website administrators at Twitter, The New York Times, and other high-profile media outlets appeared to be locked in a high-stakes battle with self-proclaimed Syrian hackers for control of their Internet domains. Just as quickly as twitter.co.uk, nytimes.com, and other domains were returned to their rightful owners, Internet records showed they'd be seized all over again and made to point to a Russian Web host known to cater to purveyors of drive-by malware exploits and other online nasties
New York Times, Twitter sites still having problems following attack (Washington Post) The New York Times is still feeling the effects of a Tuesday afternoon attack on its Web site. The hack was claimed by a group known as the Syrian Electronic Army, which also took credit for a similar attack on social networking site Twitter. Tuesday's intrusions were the most sophisticated in a series of attacks on high-profile Western media organizations, including The Washington Post and the Associated Press. The hackers use the attacks to broadcast their support of Syrian President Bashar al-Assad, although they has never been found to have any official ties to his regime
Syrian Hack Of NYTimes.com Could Have Inflicted Much More Than Mere Embarrassment (Forbes) When hackers take down a website, their weapon of choice is often a less-than-subtle technique known as a denial of service attack, which merely overwhelms a site' servers with junk traffic. But the trick that the hacker group known as the Syrian Electronic Army pulled against the New York Times, Twitter, and the Huffington Post UK Tuesday seems to have been very different—and potentially far more invasive
The Three Providers Who Decide Whether You Will Be Hacked (SecurityWeek) The need for organizations to design and adhere to strong security policies in order to maintain the integrity of their systems is well understood. As long as all you have to worry about is your own internal infrastructure, creating the right policies and sticking to them is a great way to help reduce risk on your network. But there are some circumstances where it is necessary to outsource a mission-critical piece of infrastructure to a third party. Some services are simply not cost-effective to build and manage in-house to get the required level of performance and security. Other services can only be procured from a third party vendor. Herein lies the soft underbelly of security for many organizations
G–20 themed emails deliver spying malware to EU, Canadian officials (Help Net Security) The topic of the G-20 summit that is scheduled to be held in Russia next month is being misused by multiple cyber espionage groups some of which have been tracked to China, warn Rapid 7 researchers
Group behind attack on New York Times linked to G20 phishing attack (CSO) Multiple groups are leveraging the upcoming G20 summit to launch Spear Phishing attacks, including the group responsible for attacking the New York Times. Over the last two weeks, there has been a spike in the level of Phishing attacks using the upcoming G-20 summit as bait. One of the groups involved in these recent attacks is Calc Team (APT-12), best known for their attack on the New York Times earlier this year. Claudio Guarnieri, security researcher for Rapid7, has investigated these recent attacks, and discovered that in addition to APT-12, there are multiple intrusion groups taking advantage of the upcoming G-20 summit in St. Petersburg, Russia in order to compromise an untold number of victims. The involvement of Calc Team is noteworthy, as the group is believed to have strong ties to China's People's Liberation Army (PLA). Earlier this month, Calc Team seemed to return to the public after a period of inactivity following their attack on the New York Times
Websites of Calicut & Malappuram Police hacked, Kerala Government Server Defaced by Pakistani Hacker (Hack Read) A Pakistani hacker going with the handle of rOOx had hacked two official websites belong to Indian cities of Kozhikode aka Calicut and Malappuram, along with defacing the official Kerala government server with 17 high profile websites
4 Million Patients At Risk After Computer Theft From Chicago Medical Group (Dark Reading) Unencrypted Social Security numbers, names, addresses, health insurance information potentially exposed in major HIPAA violation
Line accused of allowing third parties to snoop in on its messaging service (The Next Web) Popular mobile messaging service Line is under pressure in Thailand — its second largest market — where a media report has claimed that messages sent across its service are vulnerable to interception from third parties
Eggheads turn Motorola feature phone into CITYWIDE GSM jammer (The Register) Innocent mobile turns bad…with good software. Berlin boffins have spotted a procedural flaw in the long-lived GSM protocol and created an exploit around it which can knock out a mobile network or even target an individual subscriber in the same city
Not–So–Cute FTP Attack (Fortinet Blog) Spear phishing attacks are increasing today and the FBI has even issued a warning to the public due to its ability to target multiple organizations. Such attacks are considered as a part of APTs (Advanced Persistent Threats), which attempt to gain a foothold in the network of an organization. Recently, my email inbox has received two spam emails with suspicious attachments. A screenshot of one of the emails can be seen below
Java 6 exploit found in the wild (The Inquirer) Security researchers are urging users of Oracle's Java 6 software to upgrade to Java 7 as soon as possible to avoid becoming the victims of active cyber attacks. F-secure senior analyst Timo Hirvonen warned about the exploit this weekend over Twitter, advising that he had found an exploit in the wild actively targeting an unpatched vulnerability in Java 6, named CVE-2013-2463
Kelihos botnet: What victims can expect (Help Net Security) Kelihos is a botnet which utilizes P2P communication to maintain its CnC Network. With all of the attention around Kelihos, it should be no surprise that 30/45 AV vendors are detecting the latest installer. I took some time to analyze recent threat reports that came through our malicious/suspicious files queue, to see if I could find anything to add. It didn't take long to find a now infamous iteration of this botnet installer in action. In particular, I found a file called "rasta01.exe"
Cybercrime service automates creation of fake scanned IDs, other identity verification documents (NetworkWorld) The service produces high-quality fake scans that can be used in fraud attacks to impersonate victims, Group-IB researchers said. A new Web-based service for cybercriminals automates the creation of fake scanned documents that can help fraudsters bypass the identity verification processes used by some banks, e-commerce businesses and other online services providers, according to researchers from Russian cybercrime investigations firm Group-IB
Updated Drive/DirtJumper DDoS Toolkit Includes Mitigation Bypasses (Threatpost) Drive, a variant of the DirtJumper DDoS toolkit, has been updated with mitigation bypass capabilities
Who Wrote the Pincer Android Trojan? (Krebs on Security) Stories in this blog's Breadcrumbs series have sought to comb through clues that point to the possible location and identities of malware authors and purveyors. But from time to time those clues lead definitively back to an individual. In today's post, we'll talk with the author of the Pincer Trojan for Android — a 32–year–old programmer at a mobile app development firm in Russia
Department Of Energy Cyberattack: 5 Takeaways (InformationWeek) Exclusive: Outdated, unpatched system blamed for DOE breach, but agency said to be getting its cybersecurity house in order. Is the Department of Energy (DOE) serious about cybersecurity? It appears to be doing better than most federal agencies, despite two high-profile breaches this year. What follows is a second-day look at what's known about the latest breach, how it happened and what the agency might do to prevent future attacks. First, some background. The DOE warned employees in an emailed memo earlier this month that information pertaining to 14,000 current and former employees had been compromised in a "cyber incident that occurred at the end of July." Stolen information included personally identifying information (PII) in the form of names and social security numbers, according to a copy of the memo published by The Wall Street Journal
Whistleblower–friendly site Cryptome booted briefly offline for hosting "malicious content" (Naked Security) US whistleblower-friendly site Cryptome recently suffered a short outage, after it was booted offline by its ISP and then let back
Chinese report massive DDOS attack (ITWire) The China Internet Network Information Centre (CNNIC - the acronym it prefers) is the government body responsible for Chinese domain names. It has published sketchy details of a DDOS (distributed denial of service) attack on the weekend
SEC reviews Nasdaq as rivals blame each other for outage (Reuters via Yahoo Finance) Regulators are questioning how robust Nasdaq OMX Group's systems are after last week's massive trading outage, while shrugging off a spat with NYSE Euronext as a distraction, a source familiar with the matter said on Tuesday
Nasdaq crash heightens fear of data meltdown (FierceBigData) "Whenever I meet people I ask them about the quality of their data," says Duncan Ross, director of data sciences at Teradata, which provides data warehousing systems for clients including Wal-Mart, Tesco and Apple in an article in The Guardian. "When they tell me that the quality is really good, I assume that they haven't actually looked at it"
Social networks: Can robots violate user privacy? (Help Net Security) High–Tech Bridge decided to conduct a simple technical experiment to verify how the 50 largest social networks, web services and free emails systems respect — or indeed abuse — the privacy of their users
Large breach expected from an analytics provider in next 12 months (FierceBigData) "One thing that's almost guaranteed to happen in the next year is we're going to see one of the large providers of analytics services--whether security, log data or something else--get breached," said H.D. Moore, chief research officer at Rapid7, at the UNITED Security Conference according to an article in Dark Reading. "It's just the law of averages at this point. There's enough folks offering services who don't necessarily know what they're doing that we're going to see a big breach"
Security Patches, Mitigations, and Software Updates
Pinterest And StumbleUpon patch critical flaws that could have exposed over 100 million users' email addresses (Naked Security) Websites Pinterest and StumbleUpon have patched critical vulnerabilities in their services that could have enabled an attacker to discover users' email addresses
Cisco issues second major security update for UC Manager in a month (FierceITSecurity) Cisco has issued a major security advisory for its Unified Communications Manager, the second major advisory for the product in a month
Virus targets the social network in new fraud twist (Reuters) In the world of cyber fraud, a fake fan on Instagram can be worth five times more than a stolen credit card number
The Internet of Everything: What Could Possibly Go Wrong? (Trend Micro Simply Security) The exciting thing about being in the technology industry is that every few years there's a new area of huge innovation that seems to upset the established order, create previously unconceivable possibilities, and change life for the better
HTC Reportedly Building New Mobile OS Specifically For China Market, In Partnership With Chinese Government (TechCrunch) HTC's Hail Mary play might not take the form of another new smartphone: The Taiwanese company is reportedly working with Chinese government officials to build a mobile OS that includes "deep integration" with China-specific services like Weibo, aimed specifically at the Chinese market. The project could see the new mobile OS launch before year's end, according to the Wall Street Journal, which
US cloud providers feel impact of NSA snooping (FierceITSecurity) In this column, I have examined the impact of the National Security Agency's massive surveillance program on the privacy and due process rights of U.S. citizens. But there is another side to NSA snooping: U.S. cloud providers appear to be losing business to their European counterparts as a result of the suspicion generated by the scandal
Air Force Adds 8 Companies to $7B NETCENTS–2 Contract, Now 16 Awardees (GovConWire) The U.S. Air Force has added eight companies to a potential $6.9 billion contract for information technology products, doubling the number of awardees to 16
Cylance Extends Advanced Threat Prevention Commitment Into Canada (CEN) Cylance, Inc., a global cyber security technology and services company applying science to security to prevent advanced threats, today announced its expansion into the Canadian market with the addition of Jonathan Raymond as Canadian Sales Director. Expanding North American presence with local company representatives continues Cylance growth in people, security intelligence and customer commitment
BlackBerry reportedly spinning off BBM to compete with WhatsApp, Viber (ITProPortal) BlackBerry is reportedly looking to spin off its BlackBerry Messenger (BBM) service into a separate business that would compete with the likes of Viber and WhatsApp
IBM lands spook data–sharing standard at Oz airports (The Register) Airline passenger data and 'other relevant material' checked in 'real time'. The Australian Customs and Border Protection Service (ACBPS) has gone live with IBM-delivered passenger analytics which it says will help identify risky passengers before they enter Australia
Products, Services, and Solutions
Ex–CSOs Team, Offer Free Security Help (Dark Reading) Former enterprise CSOs from Anheuser-Busch, State Farm Insurance, Deutsche Bank, and other firms form a new team at Websense that assists and mentors other CSOs — gratis
DHS Warns Fire, Police Departments About Android Threats (Threatpost) DHS and the FBI issued a bulletin to emergency services personnel that out-of-date versions of Android on mobile devices poses a security risk
Firefox Extension HTTP Nowhere Allows Users to Browse in Encrypted–Only Mode (Threatpost) A new browser extension for Firefox is designed to use SSL and do so correctly by only accepting HTTPS requests
McAfee protects workloads on private and public clouds (Help Net Security) McAfee announced a new version of its data center security solution that addresses enterprises' growing need to leverage the scalability and cost savings of running workloads in public clouds
AirWatch and Appthority partner for mobile app risk analysis (Help Net Security) Appthority and AirWatch announced that AirWatch EMM is integrated with Appthority's fully automated App Risk Management service for app analysis and risk management. The Appthority partnership
SSLI SDK for security solution providers (Help Net Security) With an increasing level of Web traffic rapidly moving to the encrypted HTTPS protocol, Bloxx is now offering its Secure Sockets Layer Intercept (SSLI) Software Development Kit (SDK) for security
Layer 7 updates mobile access gateway solution (Help Net Security) Layer 7 Technologies announced updates to its SecureSpan Mobile Access Gateway, a middleware solution that simplifies enterprise application management
Check Point rolls out new R77 Software Blade Release (CSO) The threats we face have changed significantly over the years, and the very concept of a "network perimeter" is almost nothing more than a quaint memory at this point, but through it all Check Point has been an established leader in network security
Trend Micro's 'Trend Ready' Cloud Security Verification Program Gains Momentum (MarketWatch) As global companies continue to transition to the public cloud, cyber security remains paramount. To address this challenge, Trend Micro's (tyo:4704) "Trend Ready for Cloud Service Providers" program was established in 2012 as a testing ground to verify compatibility of the Trend Micro's security solutions with well-known global cloud providers. A first-of-its kind initiative for cloud infrastructure providers, it helps alleviate concerns regarding the ability to add security to cloud deployments. To date, more than 20 leading cloud service providers, including Amazon Web Services, HP Cloud Services and Dell have been certified
360 Internet Security 4.3.0 brings integrated sandboxing technology (Neowin) By combining the power of the 360 checksum based cloud engine, machine learning cloud QVM engine, and award winning BitDefender local engine
HyTrust enforces two-person approval for VMware security (InforWorld) Following up on customer feedback from U.S. intelligence agencies, VMware security systems provider HyTrust has updated its virtual security appliance so actions taken by administrators can be delayed until external approval for that action is granted. Such precautions are increasingly necessary because today's virtual environments pose "a concentration of risk," said Eric Chiu, president and cofounder of HyTrust
Technologies, Techniques, and Standards
Confidential Submission To The Antivirus Cloud (Dark Reading) Would a government intelligence agency want your antivirus telemetry? Host-based antivirus solutions have continued to shift much of their pre-emptive detection technology into the cloud -- reducing the burden on the beleaguered desktop operating system and promoting a global perspective of the threat. But in the wake of governmental Internet monitoring programs, more questions than answers are arising about who sees what, and precisely what do they do with this raw but likely confidential information
Shielding targeted applications (Help Net Security) When we discuss exploit prevention, we often talk about 'targeted applications.' This term refers to end-user applications which can be exploited by hackers for malicious purposes. There are a few requirements that define these applications
4 HIPAA compliance challenges facing covered entities (FierceHealthIT) Many technical, administrative and legal hurdles remain for covered entities and business associates working to meet compliance standards by next month under the HIPAA omnibus final rule, according to a viewpoint published this week in the Journal of the American Medical Association
Design and Innovation
Open source encrypted email service reaches crowdfounding goal (Help Net Security) Mailpile, the open-source web-mail client with user-friendly encryption whose developers have been asking for funding on Indiegogo, has surpassed its $100,000 goal three weeks before the end of the
GAO: U.S. competitors focus more on commercializing innovation (FierceGovernment) In countries that compete with the United States economically, government programs that support manufacturing place a stronger emphasis on commercialization than U.S. programs do, the Government Accountability Office says
Research and Development
Physicists Test Quantum Cryptography For Handheld Mobile Devices (MIT Technology Review) Quantum cryptography has only ever been possible between places equipped like quantum optics laboratories. Now physicists have worked out how to do it
Quantum cryptography is the last, best defense (InfoWorld) Yet it's likely that usable quantum cryptography will be a fact of life within the decade — and that has huge ramifications. Most of today's popular cipher algorithms
What chip designers will do when Moore's Law ends (VentureBeat) If technological progress, known in the chip industry as Moore's Law, had ended a decade ago, as some people predicted, we wouldn't have had smartphones or tablets
Legislation, Policy, and Regulation
Obama Meets Intelligence Review Group (SecurityWeek) President Barack Obama Tuesday met members of a review board set up to consider the reach of secret US snooping programs exposed by leaker Edward Snowden, sparking a privacy furor. Obama set up the board amid rising public disquiet over the sweeping and covert telephone and Internet spying operations which have sprouted as part of Washington's technological war on terror. The president has said he welcomes public debate on the issue, though critics say that he only moved to engage on the secret programs once the National Security Agency (NSA) operations were blown by Snowden. The group is made up of former US counter-terrorism analyst Richard Clarke, the ex-acting head of the CIA Michael Morrell, former Obama aide Cass Sunstein, Peter Swire, a former White House privacy official and Obama supporter turned critic and University of Chicago law professor Geoffrey Stone
Obama's Free to Bomb Syria, But Limited on Cybersecurity (Nextgov) As President Obama readies to strike the Syrian regime, it's worth thinking about that other defense problem -- cybersecurity -- and what it says about Washington in the Obama era
Calif. lawmaker calls on Obama to stop violating Fourth Amendment (Washington Times) A Republican lawmaker in California has brought forth a resolution to compel Congress and President Obama to quit the unlawful National Security Agency surveillance and to halt the Fourth Amendment violations
Transparency at NSA is a delicate balance (Washington Post (letter)) Ruth Marcus concluded her Aug. 23 op-ed column, " More NSA deceptions ," by alluding to "hopeful signs" of change, but she cautioned that "they do not erase the ugly history." When the high-level review panel conducts its investigation of the National Security Agency, I sincerely hope there will be recognition of the dedication and extraordinary achievements of the thousands of people who have spent their careers in its employ
Napolitano: U.S. Risks 'Major' Cyber-Attack in the Future (Bloomberg) The U.S. will face a cyber-attack in the future that will cause major disruption in the economy, the outgoing Homeland Security Department chief said. "Our country will, at some point, face a major cyber-event that will have a serious effect on our lives, our economy, and the everyday functioning of our society," Janet Napolitano, President Barack Obama's top homeland security official since 2009, said in remarks prepared for her farewell speech today
New Zealand bans software patents (ZDNet) New Zealand has finally passed a new Patents Bill that will effectively outlaw software patents after five years of debate, delay and intense lobbying from multinational software vendors
Litigation, Investigation, and Law Enforcement
The Scariest Thing About NSA Analysts Spying On Their Lovers Is How They Were Caught (Business Insider) Last week Siobhan Gorman of The Wall Street Journalreported that National Security Agency analysts have occasionally used vast surveillance tools to spy on love interests. NSA Chief Compliance Officer John DeLong told reporters that willful violations of spying rules — dubbed "LOVEINT" — happened on "very rare" occasions, adding that he didn't have exact numbers because most of the violations were self-reported
How Snowden exploited NSA IT security gaps (FCW) Edward Snowden, the former National Security Agency contractor who leaked a trove of documents on secret U.S. spy programs, relied on his broad access as a
Leaker's Security Check Faulted (Wall Street Journal) The most recent background check of former National Security Agency contractor Edward Snowden was so inadequate that too few people were interviewed and potential concerns weren't pursued, according to a federal review following his leak of some of the nation's most closely guarded secrets
Hacker Pleads Guilty to Selling FBI Access to U.S. Supercomputers (Wired) A 24-year-old Pennsylvania hacker pleaded guilty today to accusations he tried to sell access to Energy Department supercomputers he unlawfully accessed
Twitter and Facebook's global impact as told through which governments want their data (Quartz) Facebook, for the first time, has detailed how many user data requests it receives from each country. And since Twitter does the same thing, we can compare the two rivals by a curious but revealing metric: how much governments want their data
Poorly redacted court filing reveals Google contested NSL gag order (Help Net Security) A court filing that has been improperly redacted and has recently been made public by the US Department of Justice shows that Google asked a US court to remove the gag order that accompanied
CREW suit seeks rationale disclosure (Politico) A leading watchdog group wants President Barack Obama's administration to hand over the secret legal rationales behind its policies -- including the National Security Agency's electronic surveillance programs and the administration's controversial drone program
Anonymous Hacker Claims FBI Directed LulzSec Hacks (InformationWeek) Admitted hacker Jeremy Hammond alleges FBI used informer Sabu to persuade LulzSec and Anonymous to hack into foreign governments' networks. Sentencing for former LulzSec leader Hector Xavier Monsegur, better known as Sabu, has again been delayed. Monsegur was scheduled to be sentenced Friday morning in New York federal court. But in a letter to the court, the U.S. attorney general's office requested that Monsegur's sentencing be delayed "in light of the defendant's ongoing cooperation with the government." His sentencing has now been rescheduled for Oct. 25
For a complete running list of events, please visit the Event Tracker.
First Regional Southeast Conference on Cyber Security for National Secuerity (Charleston, South Carolina, USA, Sep 10, 2013) The First Southeast Regional CS4NS Conference focuses on the immediate need of strengthening the critical cyber infrastructure of our nation. The conference will address the current cyber security state and rank vulnerabilities of our Critical Infrastructure/Key Resources (CI/KR), Internet Infrastructure, and available security resources. Discussions will highlight future development needs and solutions, especially for underserved businesses and government. Overall, CS4NS will answer the question "Are we secure?"
Wednesday Webcast: Utilizing the Critical Security Controls to Secure Healthcare Technology (webcast, Aug 28, 2013) The development of the SANS Twenty Security Controls is transforming the way companies measure and monitor the success of their security programs while drastically reducing the cost of security. Fifteen of the twenty controls can be automated, some at no cost to the organization, and the data is readily available to be presented in conference rooms and board rooms. Upon implementing, hospitals will have the ability to measure compliance, track progress, and know when they've reached certain goals. The controls are free for use and easy to implement.
SANS Thailand 201 (Bangkok, Thailand, Aug 19 - 31, 2013) SANS hands-on advanced Information Security training is coming to Thailand this August! SANS is bringing our Web App Penetration Testing course to the Crowne Plaza Bangkok Lumpini Park in Bangkok, Thailand.
TechCrunch Disrupt San Francisco (San Francisco, California, Sep 7 - 11, 2013) For the fourth year in a row, TechCrunch Disrupt will take over the San Francisco Design Center Concourse, and we're bringing the hottest startups and best minds in the industry with us. Block off September 7-11 on your calendar, because you're not going to want to miss Disrupt SF 2013. The Hackathon kicks everything off, followed by our main event, which starts every morning with panels of special speakers and guests, one-on-one chats featuring TechCrunch writers and editors, special guest speakers and judges, leading venture capitalists and fascinating entrepreneurs addressing the most important topics facing today's tech landscape. In the afternoons, the Startup Battlefield presentations begin, with the final presentations held on the last day of Disrupt.
SANS CyberCon Fall 2013 (Online, Sep 9 - 14, 2013) With sequestration still in place, organizations are finding themselves with training budgets, but drastically reduced travel budgets. This one-of-a-kind online training event brings SANS' top instructors teaching SANS' top courses to those who can't travel.
15th Annual AT&T Cyber Security Conference (New York, New York, USA, Sep 10, 2013) The AT&T Cyber Security Conference is an annual day-long conference offered by the AT&T Chief Security Office. Combining the expertise of its security experts, the scale and reliability of its global IP network and the innovation of AT&T Labs, AT&T is giving businesses some of the most powerful weapons available today in their battle against cyber security attacks. The conference showcases AT&T's leadership in helping businesses, large and small, manage the increasingly complex and critically important security of their IT networks and assets.
International Common Criteria Conference (Orlando, Florida, USA, Sep 10 - 11, 2013) FBC invites you to participate in the International Common Criteria Conference (ICCC) taking place in Orlando, Florida. This is the first time since 2000 that the ICCC is taking place in the U.S. The ICCC has become the main marketing and meeting opportunity for all those involved in the specification, development, evaluation, and validation or certification of IT security.
GrrCon (Grand Rapids, Michigan, USA, Sep 12 - 13, 2013) Says IT World, "Another hacker conference, this time in Michigan. The schedule looks to be bawdy, brash and anything but dull, with hackers promising to "pwn" you before you leave town. There are also sessions on penetration testing tools and mobile hacking methods."
cybergamut Technical Tuesday: Malware Analysis for the Masses (Columbia, Maryland, USA, Sep 17, 2013) With malware becoming more prevalent, and the pool of capable reversers falling short of overall need, there is a greater need to provide quick and efficient malware analysis for network defense. With modern technology and tools, it's now possible for junior security analysts to gather detailed malware indicators to craft defense and alert signatures. More enticing, all of this can be done with free tools and applications, some written by this presenter.
Shaping the Future of Cybersecurity Education Workshop (Gaithersburg, Maryland, USA, Sep 17 - 19, 2013) The third annual Shaping the Future of Cybersecurity Education Workshop will be held at the National Institute of Standards and Technology (NIST) in Gaithersburg, MD and focus on "Navigating the National Cybersecurity Education Interstate Highway".
NovaSec! (McLean, Virginia, USA, Jun 13, 2013) NovaSec! is Northern Virginia's largest Cybersecurity and physical security networking event of the year. We are bringing together security professionals from commercial and government organizations with members of local Northern Virginia businesses and associations to allow participants to meet, interact on key issues and provide a unified forum to network with likeminded individual.
Strange Loop (, Jan 1, 1970) Meet us in St. Louis, Sept 18-20th, 2013, to make connections with the creators and users of the languages, libraries, tools, and techniques at the forefront of the industry. Find out where we're going…and where we're not. Topics include emerging languages, concurrent and distributed systems, new database technologies, front-end web, and mobile.
ISSA Cyber Security Forum at Ft Belvoir (Fort Belvoir, Virginia, USA, Sep 19, 2013) This event will allow personnel from Fort Belvoir the chance to learn about the latest cyber security trends, network with peers, discuss Army best practices and to view and demo some of the latest cyber security and information technology products/services available today. This is an excellent opportunity for exhibitors to network with key decision makers, cyber, technology, communications and contracting personnel from various commands and tenant units at Fort Belvoir.
CISO Executive Summit (Atlanta, Georgia, USA, Sep 19 - 20, 2013) Be on the forefront of a new global initiative where today's world-class leaders in information security will gather to navigate through international waters. Join these leaders as they follow the wind of change that is sweeping through the IS community motivating today's information guardians to develop a new way of thinking to ensure success in protecting their respective organizations. (At Hacker Halted USA.)
2013 Cyber Security Summit (New York, New York, USA, Sep 25, 2013) The 2013 Cyber Security Summit connects executives responsible for protecting their company's critical infrastructure with innovative product, service and solution providers. The one day event, to be held September 25th at the Hilton in New York City, will showcase the latest tools and resources available to defend against cyber crime on both corporate and government levels. Keynote addresses and interactive panel discussions lead by notable security experts will highlight strategic priorities, risk factors, threats and provide inspirational guidance to prepare and protect from attacks.
4th Annual Cybersecurity Summit (Washington, DC, USA, Sep 25, 2013) GEN Keith Alexander, Commander of U.S. Cyber Command, Director of the NSA/Chief, Central Security Service and Dr. Pat Gallagher, Director, NIST are among the distinguished speakers confirmed to keynote at the 4th Annual Cybersecurity Summit on September 25, 2013 at the National Press Club in Washington, D.C.Michael Daniel, White House Cybersecurity Advisor, and Gen. Keith Alexander, Commander U.S. Cyber Command, and Director, NSA, are confirmed to keynote. Cybersecurity topics to be addressed include: the White House Cybersecurity Executive Order, the Cybersecurity Framework and New Emerging Standards for Critical Infrastructure, information sharing, mobile security and BYOD, legislative developments in cybersecurity, big data and cloud cybersecurity, continuous monitoring, cyber situational awareness, and the JIE rollout active defense and cyber warfare. Organized by Billington CyberSecurity™.