The CyberWire Daily Briefing 09.20.13

Summary

By The CyberWire Staff

The week ends relatively quietly. The usual desultory cyber-rioting continues in South Asia as MaDleets TeaM vandalizes Pakistani government sites. A bit father east, Anonymous Cambodia ups its low game from denial-of-service attacks to leaking personal information. The most recent subjects of this unwelcome attention had their data exfiltrated from Cambodia's governmental Anti-Corruption Unit.

In Europe, Spiegel attributes Belgacom's undersea cable system hack to Britain's GCHQ, which was evidently interested in monitoring traffic in the Middle East. Separately, the Belgian Foreign Service reports it was targeted by a campaign seeking diplomatic and commercial intelligence.

The Council on Foreign Relations publishes an appreciation of Chinese state and state-linked cyber operations. It sees Chinese hackers not as "a monolithic group, but rather multiple actors with manifold motivations."

Those interested in malware obfuscation may wish to review notes about the Andromeda botnet's use of AutoIT scripts. The US FBI warns that the Beta Bot Trojan represents a continuing threat to payment systems and financial institutions.

A lockscreen hole has been found in iOS7. The bug potentially enables an attacker to access photo galleries.

The TDSS and Zero Access malware families have similar functionality but have generally been regarded as unrelated (indeed competing) toolkits. Trend Micro, however, has found them using the same domain generation algorithm module, which may indicate either convergence or common third-party users.

The US seeks to repair surveillance-frayed ties with Brazil as Brasilia pursues security-driven IT autarchy. Brookings offers an overview of national cyber security policy's complex interaction with international trade.

Notes.

Today's issue includes events affecting Belgium, Brazil, Bulgaria, Cambodia, China, Democratic People's Republic of Korea, Republic of Korea, Pakistan, United Kingdom, United States.

Selected Reading

Cyber Trends

Biometrics' Unprecedented Public Integration (SIGNAL Magazine) Security vs. Privacy: Experts believe the conflict can be resolved in a way that improves the world. Biometrics is on the verge of becoming more pervasive than ever in everyday life, setting the stage for personal identifiers to take the place of other common security measures. The expansion mirrors increased usage in fields such as military operations, citizen enrollment and public safety

Cyber security: do you know where you stand? (Information Age) It is impossible to assess the true extent of cyber attacks, but businesses can make a sensible assessment of their risk profile and security posture

Imagining a Cyberattack on the Power Grid (New York Times) It's electrifying. Iran and Venezuela want to destroy the United States, so they conspire with a rogue Russian spy to launch a cyberattack on the North American power grid, beginning by electrocuting a lineman in North Dakota. Their main obstacle is a small-town sheriff in the state's badlands, Nate Osborne, a former Marine Corps lieutenant in Afghanistan whose titanium leg ultimately saves the day

Experts Worry About Long-Term Implications of NSA Revelations (Threatpost) With all of the disturbing revelations that have come to light in the last few weeks regarding the NSA's collection methods and its efforts to weaken cryptographic protocols and security products, experts say that perhaps the most worrisome result of all of this is that no one knows who or what they can trust anymore

Legislation, Policy and Regulation

Cybersecurity and Trade: National Policies, Global and Local Consequences (Brookings) In 2009, the Centre for Economic Policy Research published a 100-page collection of essays on the rise of trade barriers and "murky protectionism" following the financial crisis. The word "technology" appears only once in that report. Information technology has often been seen as a huge success story in global trade, but its rapid diffusion has introduced new risks. Modern economies, developed and developing, are increasingly reliant on their IT-supported infrastructure for almost every aspect of daily life. Yet, as the headlines attest, this infrastructure is less than perfectly secure, and the rapidly evolving threat landscape exposes the dependent societies to dramatic risks. The interdependence of systems and institutions means that a security failure can have dire consequences

Could Brazil Actually Keep The NSA Out Of Its Internet Traffic? (Mint Press News) Revelations that the U.S. intelligence agency spied on huge volumes of Brazilian web usage have led the country's president to propose drastic changes. For the White House, the recent bout of trouble the administration finds itself in with Brazil represents the ever-expanding rebuke coming from friends and foes alike. After revelations that the National Security Agency has been covertly eavesdropping on international communiqués originating from or terminating in the United States, a growing number of nations have demanded accountability and an end to American control of global communications

US, Brazil in 'Difficult' Bid to Rebuild Trust (SecurityWeek) Spying allegations and a delayed state visit have breached once–strong ties between the United States and Brazil, and only time will rebuild trust, analysts said Wednesday. "This is a very unfortunate incident," said Riordan Roett, director of the Latin American studies program at Johns Hopkins University

DHS leadership nominees favorably received at Senate hearing (FierceHomelandSecurity) The nominees for head of the National Protection and Programs Directorate and general counsel at the Homeland Security Department testified before a supportive Senate Homeland Security and Governmental Affairs Committee Sept. 18

Products, Services, and Solutions

Secure Messaging App Wickr Launched for Android (eSecurity Planet) The company's CTO calls the app 'the next step in our overall quest to protect users against the many threats to their privacy'

HP unveils cyber security solutions for enterprises in India (Business Standard) Technology major Hewlett-Packard today announced new cyber security solutions for enterprises in India to enable firms upgrade their security infrastructure

Acronis advances secure BYOD with mobilEcho (Help Net Security) Acronis launched mobilEcho 4.5, a mobile file management (MFM) solution that now includes in-app editing tools for Microsoft Office documents and military-grade, certified encryption

DeviceLock now prevents data leakage from Macs (Help Net Security) DeviceLock announced DeviceLock Endpoint DLP Suite 7.3 that delivers essential device control capabilities for corporate endpoints with OS X Lion and OS X Mountain Lion operating systems

Want an NSA.org email address? Yours for $139. Miley Cyrus fans need not apply (Graham Cluley) If you want to sound like a spy, and have over $100 burning a hole in your pocket, this might interest you. You can now buy your very own @nsa.org email address. Current price? $139

Vormetric to Showcase Security Intelligence Use Cases for Large Enterprises and Federal Agencies (Sacramento Bee) Vormetric Data Firewall™ and HP ArcSight SIEM platform fill-in security analytics blind spot for faster and more accurate APT, Malware and insider threat identification

Technologies, Techniques, and Standards

Microsoft Adopts Open Specs For Threat Intel-Sharing (Dark Reading) Microsoft will be one of the first companies to adopt emerging open protocols for intelligence threat-sharing — as part of its new intel–sharing forum for incident responders. The software giant in July announced its Microsoft Active Protections Program (MAPP) for Responders program for incident responders, such as CERTs, government entities, and private companies, that includes its own intel–sharing mechanism. The company this week said its platform will be based on the Structured Threat Information eXpression (STIX) open specification led by Mitre for expressing and specifying threat information, as well as the Trusted Automated eXchange of Indicator Information (TAXII), a Department of Homeland Security-led protocol for transporting the information

Major changes ahead as NIST cybersecurity framework nears October publication (CSO) Even as the deadline for the NIST cybersecurity framework, developed per an executive order, looms ever nearer, changes are still being implemented

Experts praise Pentagon's march to security standards (CSO) Consolidation of the Defense Department's 15,000 networks expected to cut costs, as well as improve security against Edward Snowden-like leaks

Joint Information Environment Is Under Way (SIGNAL Magazine) The military's plan to create a single, secure information-sharing environment for all the services finally is taking shape. After much talk and planning, the U.S. Defense Department's Joint Information Environment (JIE) now is being built with its first component reaching initial operational capability this summer

Can Companies Fight Against Targeted Attacks? (Security Intelligence Blog) There are various reasons why targeted attacks can happen to almost any company. One of the biggest reasons is theft of a company's proprietary information. There are many types of confidential data that could be valuable. Intellectual property is often the first thing that comes to mind. There are also other, less obvious items of value that can be acquired: for example financial information, employee and customer personal information, information related to pending sales, financial deals, and legal actions. However, companies can also be targeted for reasons having nothing to do with their products or information

Defending against web–based malware: Spot the smoke, don't wait for fire (Naked Security) Fire sprinklers and clearly marked escape routes are a great way to save lives in the event of fire. But smoke alarms save both life and property, and they do so at a much earlier stage. It's much the same with cyberattacks: malware rarely gets into your network without signs of smoke beforehand

Search for tracking tools as cookie crumbles (Financial Times) Data collectors are developing alternative ways for profiling users

NSA on Wrong Side of Proactive Security Measures (Threatpost) The National Security Agency, as it turns out, is just as reactive when it comes to information security as 99 percent of the enterprises out there. America's top spy agency gives out too much privileged access to employees and contractors, allows removable storage devices in sensitive areas, and has no system of checks and balances with regard to those employees with privileged access. And only when the stuff hits the fan, as it has with Edward Snowden, does it amp up its security

Marketplace

Energy Department spends $30M to bolster utility cybersecurity tools (Network World) The Department of Energy today awarded $30 million to a 11 security vendors to develop technology the agency says will better protect nation's electric grid, oil and gas infrastructure from cyber-attack

Tech Firms 'Grandstanding' Over U.S. National Security Agency, According To Verizon Communications Inc. (NYSE:VZ) Executive Report (Fiscal Insider) Verizon Communications Inc. (NYSE:VZ) senior executive has disclosed that many tech companies 'grandstanding' over U.S. National Security Agency activity to collect the customers data from the companies in order to conduct comprehensive domestic secret surveillance operations earlier this year. According to the senior executive of the Communications firm, John Stratton, the report previously leaked by Edward Snowden in public, so that U.S. spy agencies has collected the customer data without their consent and was used against them

Vital Mission: New Facility Will Work To Secure Country's Cyber Infrastructure (CBS) There's a threat of invasion no locked door can prevent, but a new Maryland company is taking on the challenge. Pat Warren reports on a new cyber security center

Ballmer calls Google a 'monopoly' that authorities should control (The Verge) While Microsoft unveiled its new Bing logo and design this week, CEO Steve Ballmer opted to highlight his concerns over Google's business practices yesterday. During a presentation at Microsoft's financial analysts meeting, Ballmer discussed how Microsoft might generate money in consumer services. "Google does it," he noted. "They have this incredible, amazing, dare I say monopoly that we are the only person left on the planet trying to compete with." Asked by an analyst how Microsoft can attack Google's dominance in search and advertising, Ballmer explained "we're the only guys in the world trying," with the Bing search engine

ZTE Device Called American Spurned After China Spy Angst (Bloomberg) The U.S. government stripped a videoconferencing system contract from a Maryland company after a federal agency said the device marketed as American-made is really Chinese

Trend Micro Opens New Global Operations Headquarters (SecurityWeek) Security software maker Trend Micro officially announced the grand opening of its Global Operations Headquarters in Irving/Las Colinas, Texas this week. Located just outside of Dallas, the new location will house operations for the company's threat research, finance, legal, customer support, commercial sales and marketing, and human resources business units

Research and Development

NIST Awards Grants To Improve Online Security And Privacy (Dark Reading) Funding will enable five U.S. organizations to develop pilot identity protection and verification systems

Air Force Research Lab puts money up for tools to stop future Snowdens (Ars Technica) AFRL modifies cyber research program to find ways to catch "insider threat." Whistleblowers have demonstrated how vulnerable military and intelligence networks are to trusted insiders over the past few years, much to the embarrassment of the organizations charged with defending those networks. To prevent future Edward Snowdens and Chelsea (formerly Bradley) Mannings from adding insult to injury, the Air Force Research Lab (AFRL) recently added a new request to its ongoing cybersecurity research program that seeks technology to shut down the insider threat

The devil and the details (The Economist) Quantum cryptography has yet to deliver a truly unbreakable way of sending messages. Quantum entanglement may change that. Recent revelations of online snooping on an epic scale, by government agencies which may well have been breaking the law, have prompted some users of the internet to ask who you can trust with sensitive data these days. According to Artur Ekert, an Oxford academic who moonlights as director of the Centre for Quantum Technologies (CQT) in Singapore, one possibility is a defunct Irish physicist called John Stewart Bell

Security Patches, Mitigations, and Software Updates

iOS 7 patches 80 vulnerabilities (ZDNet) Holding off on upgrading to iOS 7 from iOS 6 may be a good idea for many reasons, but your iOS 6 device will have scores of unpatched vulnerabilities. It's not the flashiest improvement in iOS 7, but the new version fixes 80 security vulnerabilities that presumably remain in iOS 6

Latest IE 0–day insight: Background, severity and solutions (Help Net Security) This recently discovered Internet Explorer zero day vulnerability is bad. Users and administrators should take immediate action to mitigate the risk. Considering the timing, I personally expect to see an out of band patch from Microsoft

RSA Tells Its Developer Customers: Stop Using NSA-Linked Algorithm (Wired) Amidst all of the confusion and concern over an encryption algorithm that may contain an NSA backdoor, RSA Security released an advisory to developer customers today noting that the algorithm is the default in one of its toolkits and strongly advising them to stop using the algorithm

Cyber Attacks, Threats, and Vulnerabilities

MaDleets TeaM defaces official Pakistani Military and Bar Council Websites (HackRead) Pakistani hacktavists from MaDleets TeaM have defaced the official websites of Pakistan Military Engineer Services, Pakistan Bar Council and Secretariat Training Institute along with 150+ other high profiles Pakistani websites

Anonymous Hackers Leak Data from Cambodia's Anti–Corruption Unit (Softpedia) Anonymous Cambodia has moved on from launching distributed denial-of-service (DDOS) attacks against government websites to actually hacking them. A couple of days ago, they leaked personal and financial data allegedly belonging to government officials

North Korea Believably Targeted South with Espionage Attack (Spamfighter) Security researchers at Kaspersky Lab have just revealed one espionage scheme that believably originated from North Korea and aimed attacks on many military and government departments of South Korea

Belgacom Attack: Britain's GCHQ Hacked Belgian Telecoms Firm (Der Spiegel) A cyber attack on Belgacom raised considerable attention last week. Documents leaked by Edward Snowden and seen by SPIEGEL indicate that Britain's GCHQ intelligence agency was responsible for the attack. Documents from the archive of whistleblower Edward Snowden indicate that Britain's GCHQ intelligence service was behind a cyber attack against Belgacom, a partly state-owned Belgian telecoms company

Belgian Foreign Service Reports Cyber Attack (Prensa Latina) The Belgian foreign service was target of a cyber attack, seeking for information about the diplomatic personnel and commercial activities of this country, reported the media of this capital today

Lynx, Mukden, Mooncakes, and Chinese Hackers (CFR) After a summer dominated by revelations of U.S. espionage and offensive cyber operations, Chinese hackers are back in the news. Three stories do a good job of illustrating that Chinese hackers are not a monolithic group, but rather multiple actors with manifold motivations

Andromeda botnet employs AutoIT scripts to hide malware (FierceITSecurity) The Andromeda botnet is using AutoIT scripts to hide malicious code and infect machines, according to McAfee researcher Umesh Wanve. AutoIT scripts are gaining in popularity among hackers. "Attackers are using AutoIt scripts to hide and install malicious payloads. This example [Andromeda] shows that AutoIT has easy and powerful APIs [application programming interfaces] for executing malicious code," Wanve explained in a blog

FBI Warning Users About Beta Bot Malware (Threatpost) The FBI began warning computer users about the Beta Bot Trojan this week, sounding the alarm about malware that has targeted a variety of online payment platforms and financial institutions over the few last months

iOS 7 lockscreen hole discovered already — all your private photos could end up online! (Naked Security) Serial iOS bug finder "videosdebarraquito" has struck again. With some deft fingerwork, he can get into your photo gallery from the lockscreen and do pretty much what he wants with your images - such as publishing them online

Researchers discover ties between TDSS and ZeroAccess rootkit families (Help Net Security) A lot has been said and written about the long-lasting TDSS (or TDL) and the considerably newer ZeroAccess (or Sirefef) rootkits, and the similarities between the two have been noticed before

CryptoLocker — a new ransomware variant (Emsisoft) Over the past few days Emsisoft's malware research team has received numerous reports of a new file encrypting ransomware strain. This new family of ransomware is commonly referred to as CryptoLocker or Trojan:Win32/Crilock.A. Like all file encrypting ransomware (also known as cryptomalware) the goal of the attacker is to encrypt important files on the victim's system in order to compel them to pay a ransom in return for their files

jre7u21 and earlier Click-2-Play Warning Bypass spotted in a Cool EK variant (Malware Don't Need Coffee) A new variant of a "Kore-ish" Cool EK appeared few days ago. Yes…it's difficult to follow the EK fast moving landscape…No payload in the jar for that one

Arrays in requests, PHP and DedeCMS (Internet Storm Center) We received an interesting submission about a strange looking Apache web server log. While the log does not look malicious, after examining it carefully it certainly looks strange, as you can see below

Recycling bins in the City of London tracked people's movements for over two months (Quartz) City of London staff knew for a week that recycling bins in the local authority were tracking the movements of passers-by, but didn't put a stop to it until news reports prompted a public outcry. London-based startup Media Metrica, which also goes by the name Renew, installed tracking devices in a dozen of its internet-connected bins, most of them along a busy street in the City of London. The devices, called Renew Orbs, recorded a unique ID on people's smartphones in order to track them. Few were aware of the scheme

Website programming error compromises personal information (SC Magazine) A programming error on the website belonging to PLS Financial Services — a Chicago-based consumer financial services retailer — allowed some visitors to access personal information of an undisclosed number of customers

BEL USA Acknowledges Security Breach (eSecurity Planet) Promotional products supplier BEL USA LLC, which does business at DiscountMugs.com and other sites, recently began notifying customers who placed an order either online or by phone between March 1, 2013 and July 15, 2013 that their personal information may have been accessed by unauthorized third parties when the site's server was breached

Academia

Strayer University Launches Graduate Degree Program in Cybersecurity (Fort Mill Times) Strayer University, a leading postsecondary adult education institution, today announced the launch of a new graduate degree program in cybersecurity. The new Master of Science in Information Assurance (MSIA) will prepare graduates to critically analyze security vulnerabilities and safeguard networks of all sizes from cyberattacks

Students prepare for in Cyber Defense hacker competition (Iowa State Daily) Professional hackers from across the nation will be in Ames this weekend, putting 215 IoSU students to the test. Saturday will mark the annual Cyber Defense Competition, which will be hosted from 8 a.m. to 5 p.m. in Coover Hall

Litigation, Investigation, and Enforcement

Facebook "Likes" can no longer get US employees fired (Naked Security) Happy day, USA: When we click "Like" on Facebook, we are now constitutionally protected from getting fired! If you're thinking, "Well, duh, wasn't I already?", join the club. In fact, at least one court had hitherto decreed that the First Amendment to the US Constitution, which (more or less) ensures the right to free speech, didn't apply to Facebook Likes

China just detained a teen for having 500 retweets (Quartz) As of last week, posting a message that the Chinese government deems inaccurate on social media platforms can get you three years in the slammer, provided it gets 500 retweets (or their equivalent) or 5,000 views. At least, that's what the law said (link in Chinese). But would the new policy, part of the Chinese government's draconian crackdown on "online rumors," be enforced

"Reverse–Engineering Chinese Censorship" (Harvard Magazine) In a talk at the School of Engineering and Applied Sciences on September 12, Gary King, Weatherhead University Professor and director of the Institute for Quantitative Social Science, spoke about what he called the "largest selective suppression of human expression in history": the Chinese government's censorship of social media

Guantánamo tech chief says computer system safe enough for 9/11 trial (Miami Herald) The man in charge of the war court computers system on this base testified Thursday that despite a series of file disappearances, the Pentagon's computer system is safe enough to protect alleged 9/11 mastermind Khalid Sheik Mohammed's attorney–client privilege in the death–penalty trial

Hackers stole £1.3 million from Barclays Bank using KVM device (Graham Cluley) Police have arrested eight men in connection with an audacious scheme which succeeded in stealing £1.3 million from Barclays Bank. The heist was said to have taken place at a branch of Barclays Bank in Swiss Cottage, North London, back in April, after a hardware device was attached to a branch computer

Cisco Officials Accused of Role in Falun Gong Monitoring (Bloomberg) Chinese and U.S. citizens accusing Cisco Systems Inc. (CSCO) of conspiring with China's government to monitor and torture members of Falun Gong now argue officials at the company's headquarters in San Jose, California, were directly involved with human rights abuses. Cisco's main office helped design the surveillance and internal security network known as "Golden Shield," according to an amended lawsuit filed yesterday in federal court in San Jose

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

IT Forum Expo/Black Hat Regional Summit (, January 1, 1970) Black Hat Regional Summit will introduce a mix of local in-region experts and researchers from around the globe, discussing the latest trends in information security with an audience of peers. The sessions will provide candid insight and education for IT security professionals.

Strange Loop (, January 1, 1970) Meet us in St. Louis, Sept 18-20th, 2013, to make connections with the creators and users of the languages, libraries, tools, and techniques at the forefront of the industry. Find out where we're going…and where we're not. Topics include emerging languages, concurrent and distributed systems, new database technologies, front-end web, and mobile.

CISO Executive Summit (Atlanta, Georgia, USA, September 19 - 20, 2013) Be on the forefront of a new global initiative where today's world-class leaders in information security will gather to navigate through international waters. Join these leaders as they follow the wind of change that is sweeping through the IS community motivating today's information guardians to develop a new way of thinking to ensure success in protecting their respective organizations. (At Hacker Halted USA.)

CCBC Leadership Seminar Luncheon: Cyber Awareness: What Employers Need To Know (Owings Mills, Maryland, USA, September 20, 2013) , no later than September 13, 2013.

cybergamut Technical Tuesday: Malware Analysis for the Masses (Columbia, Maryland, USA, September 17, 2013) With malware becoming more prevalent, and the pool of capable reversers falling short of overall need, there is a greater need to provide quick and efficient malware analysis for network defense. With modern technology and tools, it's now possible for junior security analysts to gather detailed malware indicators to craft defense and alert signatures. More enticing, all of this can be done with free tools and applications, some written by this presenter.

2013 Cyber Security Summit (New York, New York, USA, September 25, 2013) The 2013 Cyber Security Summit connects executives responsible for protecting their company's critical infrastructure with innovative product, service and solution providers. The one day event, to be held September 25th at the Hilton in New York City, will showcase the latest tools and resources available to defend against cyber crime on both corporate and government levels. Keynote addresses and interactive panel discussions lead by notable security experts will highlight strategic priorities, risk factors, threats and provide inspirational guidance to prepare and protect from attacks.

4th Annual Cybersecurity Summit (Washington, DC, USA, September 25, 2013) GEN Keith Alexander, Commander of U.S. Cyber Command, Director of the NSA/Chief, Central Security Service and Dr. Pat Gallagher, Director, NIST are among the distinguished speakers confirmed to keynote at the 4th Annual Cybersecurity Summit on September 25, 2013 at the National Press Club in Washington, D.C.Michael Daniel, White House Cybersecurity Advisor, and Gen. Keith Alexander, Commander U.S. Cyber Command, and Director, NSA, are confirmed to keynote. Cybersecurity topics to be addressed include: the White House Cybersecurity Executive Order, the Cybersecurity Framework and New Emerging Standards for Critical Infrastructure, information sharing, mobile security and BYOD, legislative developments in cybersecurity, big data and cloud cybersecurity, continuous monitoring, cyber situational awareness, and the JIE rollout active defense and cyber warfare. Organized by Billington CyberSecurity™.

Information Security Conference (Charleston, West Virginia, USA, October 2, 2013) On October 2, the WVOT Office of Information Security and Controls, will be sponsoring a no-charge information and cyber security awareness event at the Charleston Civic Center. The agenda will offer an energizing morning of highly informative sessions. Free posters, calendars, bookmarks, and other security-themed items will be available. The event is open to the public, however registration priority will be given to public sector officials and employees.

The Monktoberfest (Portland, Maine, USA, October 4, 2013) Our speakers will explore how social trends can change the way we build and use technology, and how technology in turn can change the way we socialize.

Suits and Spooks NYC 2013 (New York, New York, October 5, 2013) Since the landscape is foggy, the threat actors numerous and hard to identify, and the attacks proliferating on a daily basis, the focus of the next Suits and Spooks conference will be to identify non-state aggressors in cyberspace. About twenty speakers will present briefings over two days on hackers, citizen militias, and other non-state entities operating in the Middle East, China, Russia, Pakistan, India, Iran, Africa, South America, the United States (yes - we have non-gov threat actors domestically), and other parts of the world. One of our panel moderators will be Joel Brenner (former National Counterintelligence Executive at the Office of the Director of National Intelligence and former Senior Counsel at the NSA).

Forensics and Incident Response Summit EU (Prague, Czech Republic, October 6 - 13, 2013) The Summit will focus on high quality and extremely relevant content as well as panel discussions in Digital Forensics and Incident Response. In addition, we encourage you to take every opportunity to make the most of this event from attending the Summit to registering for one or more of the post-summit training classes taught by SANS' top-rated instructors and course authors. Additional events such as DFIR Netwars, evening talks and the SANS Community Night will be taking place during that week too. This event promises to bring together the leading minds in digital forensics and incident response in the EU, as well as many other practitioners from a wide cross section of industries and company sizes. You will be able to share with all of them your challenges and find out new solutions that work, techniques and approaches you didn't even know existed.

CyberMaryland 2013 (Baltimore, Maryland, USA, October 8 - 9, 2013) Join cybersecurity leaders, luminaries and rising stars at CyberMaryland 2013. This two-day event at the epicenter of the nation's cybersecurity innovation and education, will create opportunities for networking and idea sharing amongst the many cyber leaders and professionals across the country, including: federal, state and local government agencies, academic institutions, cybersecurity entrepreneurs, and industry leaders of research and development. CyberMaryland 2013 will address the biggest challenges facing America, including future innovation to meet the security challenges facing our country; collaboration across industry, government and educational institutions; and the development of a generation of cyber-warriors. Surrounding all of these issues is a constantly evolving business framework to provide efficient and effective solutions in a time frame that anticipates and mitigates current and future threats.

2013 Maryland Cyber Challenge (Baltimore, Maryland, USA, October 8 - 9, 2013) Held in conjunction with Cyber Maryland and intended to let students and young professionals showcase their cybersecurity skills, Maryland Cyber Challenge offers competition in three divisions: high school, college, and professional. Orientation sessions for teams in each of three divisions -- high school, collegiate and industry and government professionals -- will be held at UMBC in July and August. Two qualifying rounds will be conducted online using SAIC's Cyber Network Exercise System.

AFCEA Hill AFB Technology & Cyber Security Expo (Ogden, Utah, USA, October 9, 2013) The purpose of this first-time event is to allow base personnel the opportunity to learn about the latest computer security trends, network with peers, share remediation strategies and to view and demo some of the latest cyber security and information technology products/services available today..

International Conference on Cyber–Enabled Distributed Computing and Knowledge Discovery (Shanghai, China, October 10 - 12, 2013) International Conference on Cyber-enabled distributed computing and knowledge discovery -promotes research and development of the cyber-related technology. It is unique and significant that spans through cyber-enabled data mining and knowledge discovery, distributed and parallel computing, cyber security, cloud computing, pervasive computing, mobile computing, Internet, wireless networks, cognitive systems, cyber information process, information discovery, e-health via cyber network, e-science, web technology, and network performance and tools. The research and development in these areas have received extensive attention in both the academia and industry to provide ubiquitous services for users. Various hardware and software designs, algorithms, protocols, simulations, and test-bed, and implementations are developed for distributed computing in an interconnected and distributed network environment. The purpose of CyberC is to provide a forum for presentation and discussion of innovative ideas, research results, applications and experience from around the world as well as highlight activities in the related areas.

VizSec 2013 (Atlanta, Georgia, USA, October 14, 2013) VizSec brings together researchers and practitioners in information visualization and security to address the specific needs of the cyber security community through new and insightful visualization techniques.

Hack-in-the-Box Security Conference 2013 (Kuala Lumpur, Malaysia, October 14 - 17, 2013) The 11th annual HITB Security Conference (16th/17th October) will be a triple track offering featuring keynotes by Andy Ellis, Chief Security Officer at Akamai and Joe Sullivan, Chief Security Officer at Facebook. This year's event also features all new 2-day training courses (14th/15th October) on a wide variety of topics including Android exploitation, extreme web hacking, infrastructure security, exploiting injection flaws and a special iOS security course by the world famous Evad3rs team. The full speaker list and conference agenda will be released after the Call for Papers closes on the 25th of July.

USDA Cyber Security Symposium and Expo 2013 (Washington, DC, USA, October 15, 2013) The Cybersecurity Expo, running in conjunction with the Summit, will allow exhibitors the opportunity to provide live demos and share information with government personnel and industry partners. Summit topics will focus on today's vulnerabilities, incidents, security lifecycle, risks and mitigations; it will also identify ways to work together and build a solid security foundation program to meet future challenges and trends in cyber security..

SNW Fall 2013 (Long Beach, California, USA, October 15 - 17, 2013) SNW is the world's largest independently produced conference series focused on the evolution of architecture for a new world of mobility, Big Data and business agility. Produced by Computerworld -- and co-owned by Computerworld and the Storage Networking Industry Association (SNIA) -- SNW remains unbiased and vendor agnostic. Unlike events focused on a specific vendor agenda and product portfolio, SNW provides a forum of open thought leadership and practical education that defines the spectrum of storage, data and infrastructure solutions available to a highly qualified audience of enterprise technology decision-makers.

Hexis Exchange (Athens, Greece, October 16 - 17, 2013) Attendees will have the opportunity to participate in a knowledge exchange of the latest enterprise security topics through expert led business and technology forums, hands-on sessions, and training. Such topics will include: emerging cybersecurity threats, big data management, advanced analytics, government regulation & compliance, and data retention challenges & solutions.

Cybersecurity Symposium: "Protect. Defend. Educate." (Linthicum, Maryland, USA, October 16 - 17, 2013) The Cybersecurity Symposium being held October 16-17, 2013, will deliver first-class training for government and industry security professionals while simultaneously offering high-level keynote speakers, essential networking opportunities, and an informative technology exposition. The Symposium sessions will have a special emphasis on security challenges facing today's security professionals and cyber awareness training for security professionals responsible for protecting sensitive and classified information from the ever increasing threats of mobile devices, espionage, terrorism, and cyber-attacks to ensure our national security. Register by August 31 to ensure the reduced early bird registration fee. This event is free for government employees and active-duty military personnel. Exhibit space and sponsorship opportunities are also available.

Nuclear Regulatory Commission Cyber Security Conference & Expo (Rockville, Maryland, USA, October 17, 2013) This one-day conference will consist of cyber sessions in the NRC Auditorium given by government and industry speakers. Exhibit tables will be set-up just outside the Auditorium and companies will have the opportunity to demo their latest technologies to NRC's IT personnel.

13th Industrial Control Systems Cyber Security Conference (Atlanta, Georgia, USA, October 21 - 22, 2013) Industrial Control Systems (ICS) operate the infrastructures of electric power, water, chemicals, manufacturing, transportation, defense, etc. and link the digital and physical worlds. Their cyber security presents challenges that are distinct from securing traditional IT systems. The conference is attended by control & operations engineers and their IT counterparts from critical infrastructure industries, by ICS and security vendors, and by universities. Run under the Chatham House rules of confidentiality, the conference discusses ICS cyber incident case studies, provides regulatory updates, discusses solutions in the form of policies and procedures, presents demonstrations of hacking ICS and ICS protocols, and provides a status of ICS security solution field demonstrations.

Cloud Connect (Chicago, Illinois, USA, October 21 - 23, 2013) Cloud Connect returns to Chicago October 21-23, 2013 with an all new program built around the leading cloud platforms. Cloud Connect provides the independent guidance IT professionals need to successfully build, operate and manage the cloud, and the tools to measure application performance and business metrics.

cybergmut Technical Tuesday: Cyber Security Strategy — Why We're Losing and What's Needed to Win (Columbia, Maryland, USA, October 22, 2013) CrowdStrike's Steve Chabinsky of CrowdStrike explains the situation. Everybody seems to be spending more on cybersecurity, but with questionable return on investment. In fact, the problem clearly is getting worse, and current strategies show no indication of reversing that trend. This non-technical presentation explores the typical cyber risk environment, considers the proper balance and likely effectiveness of threat deterrence, vulnerability mitigation, and consequence management to reduce cyber risk, and examines the current and evolving roles of government agencies and the private sector in addressing the problem. Backed by powerful, real-world examples of threat actor tactics, this presentation will help managers develop a better understanding of how their current security approach is most likely to succeed or fail over time, and what strategies are the most likely to shift the advantage to the good guys. cybergamut is co-hosting this event with the Maryland Chapter of InfraGard.

Cyber Security Seminar and IT Expo at Peterson AFB (Colorado Springs, Colorado, USA, October 22, 2013) The Cyber Security Seminar and IT Expo is a one-day event held on-site where industry vendors will have the opportunity to display their products to personnel attending briefings concerning the latest updates in Cyber Security Awareness. This is an excellent and unique opportunity to meet IT personnel from USNORTHCOM, NORAD, Army Space Command, USSPACECOM, and the 21st Space Wing all in one day.

Joint Federal Cyber Summit 2013 (Washington, DC, USA, October 23 - 24, 2013) This collaborative government wide event is truly one of a kind, with speakers and attendees anticipated to represent more than 10 federal government agencies. Information sharing will be accomplished through keynote speakers on both days, along with numerous targeted breakout sessions (including a session with a federal CISSO panel), hands on live demonstrations, and industry exhibits.

2013 ACT–IAC Executive Leadership Conference (Williamsburg, Virginia, USA, October 27 - 29, 2013) Advances in technology and massive increases in data available can both challenge and transform Government mission performance. ELC-2013 focuses on how to make this transformation a reality, in and for agencies. We will hear from nationally prominent speakers and work across government and industry to learn new ideas and techniques. Four mission-oriented tracks will focus on initiatives for driving results using data and the "Innovate, Deliver, Protect and Analyze" paradigm that is at the heart of the Government's strategic vision.

SAP NS2: National Security Solutions Summit (Falls Church, Virginia, USA, October 29, 2013) Join us for a day of learning and networking focused on how to advance U.S. national security and homeland security through I.T. innovation. Top-notch speakers will address the new challenges facing U.S. national security and critical infrastructure -- as well as powerful, affordable technologies that are available today to tackle those challenges while saving money and simplifying operations. Learn how your organization can run faster, smarter, leaner in the most secure environments -- with world-class, breakthrough solutions that are bold alternatives to business as usual.

Regional Cyber Security Forum & IT Day (CSFI) — Hawaii (Honolulu, Hawai'i, USA, October 30, 2013) 2013 marks the 10th anniversary of National Cyber Security Awareness Month and FBC will host the 1st Annual Cyber Security Forum & IT Day (CSFI) at Fort Shafter - Club Hale Ikena to coinside with the anniversary, and activities surrounding this month. The goal of CSFI is to raise cyber security awareness, and to promote best practices in cyber while allowing DoD personnel and industry partners the opportunity to share the most up to date remediation strategies. The event will feature four educational cyber sessions to go along with an exhibit hall..

NSA Hawaii — Cyber Security, Intelligence & IT Day (Honolulu, Hawai'i, USA, October 30, 2013) Be a part of the 1st Annual Cyber Security, Intelligence and IT Day set to take place at the new National Security Agency (NSA) Hawaii Rochefort facility. The event will be hosted by NS/CCS Hawaii Technology Directorate and will focus on Cyber Security, Big Data and Cloud Computing. There are other areas of interest listed below as well. This is an extremely unique opportunity to network with NSA personnel in Hawaii at their location. Educational sessions will be provided to attendees to coincide with government and industry exhibits.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.