The CyberWire Daily Briefing for 9.20.2013
The week ends relatively quietly. The usual desultory cyber-rioting continues in South Asia as MaDleets TeaM vandalizes Pakistani government sites. A bit father east, Anonymous Cambodia ups its low game from denial-of-service attacks to leaking personal information. The most recent subjects of this unwelcome attention had their data exfiltrated from Cambodia's governmental Anti-Corruption Unit.
In Europe, Spiegel attributes Belgacom's undersea cable system hack to Britain's GCHQ, which was evidently interested in monitoring traffic in the Middle East. Separately, the Belgian Foreign Service reports it was targeted by a campaign seeking diplomatic and commercial intelligence.
The Council on Foreign Relations publishes an appreciation of Chinese state and state-linked cyber operations. It sees Chinese hackers not as "a monolithic group, but rather multiple actors with manifold motivations."
Those interested in malware obfuscation may wish to review notes about the Andromeda botnet's use of AutoIT scripts. The US FBI warns that the Beta Bot Trojan represents a continuing threat to payment systems and financial institutions.
A lockscreen hole has been found in iOS7. The bug potentially enables an attacker to access photo galleries.
The TDSS and Zero Access malware families have similar functionality but have generally been regarded as unrelated (indeed competing) toolkits. Trend Micro, however, has found them using the same domain generation algorithm module, which may indicate either convergence or common third-party users.
The US seeks to repair surveillance-frayed ties with Brazil as Brasilia pursues security-driven IT autarchy. Brookings offers an overview of national cyber security policy's complex interaction with international trade.
Notes.
Today's issue includes events affecting Belgium, Brazil, Bulgaria, Cambodia, China, Democratic People's Republic of Korea, Republic of Korea, Pakistan, United Kingdom, and United States..
Cyber Attacks, Threats, and Vulnerabilities
MaDleets TeaM defaces official Pakistani Military and Bar Council Websites (HackRead) Pakistani hacktavists from MaDleets TeaM have defaced the official websites of Pakistan Military Engineer Services, Pakistan Bar Council and Secretariat Training Institute along with 150+ other high profiles Pakistani websites
Anonymous Hackers Leak Data from Cambodia's Anti–Corruption Unit (Softpedia) Anonymous Cambodia has moved on from launching distributed denial-of-service (DDOS) attacks against government websites to actually hacking them. A couple of days ago, they leaked personal and financial data allegedly belonging to government officials
North Korea Believably Targeted South with Espionage Attack (Spamfighter) Security researchers at Kaspersky Lab have just revealed one espionage scheme that believably originated from North Korea and aimed attacks on many military and government departments of South Korea
Belgacom Attack: Britain's GCHQ Hacked Belgian Telecoms Firm (Der Spiegel) A cyber attack on Belgacom raised considerable attention last week. Documents leaked by Edward Snowden and seen by SPIEGEL indicate that Britain's GCHQ intelligence agency was responsible for the attack. Documents from the archive of whistleblower Edward Snowden indicate that Britain's GCHQ intelligence service was behind a cyber attack against Belgacom, a partly state-owned Belgian telecoms company
Belgian Foreign Service Reports Cyber Attack (Prensa Latina) The Belgian foreign service was target of a cyber attack, seeking for information about the diplomatic personnel and commercial activities of this country, reported the media of this capital today
Lynx, Mukden, Mooncakes, and Chinese Hackers (CFR) After a summer dominated by revelations of U.S. espionage and offensive cyber operations, Chinese hackers are back in the news. Three stories do a good job of illustrating that Chinese hackers are not a monolithic group, but rather multiple actors with manifold motivations
Andromeda botnet employs AutoIT scripts to hide malware (FierceITSecurity) The Andromeda botnet is using AutoIT scripts to hide malicious code and infect machines, according to McAfee researcher Umesh Wanve. AutoIT scripts are gaining in popularity among hackers. "Attackers are using AutoIt scripts to hide and install malicious payloads. This example [Andromeda] shows that AutoIT has easy and powerful APIs [application programming interfaces] for executing malicious code," Wanve explained in a blog
FBI Warning Users About Beta Bot Malware (Threatpost) The FBI began warning computer users about the Beta Bot Trojan this week, sounding the alarm about malware that has targeted a variety of online payment platforms and financial institutions over the few last months
iOS 7 lockscreen hole discovered already — all your private photos could end up online! (Naked Security) Serial iOS bug finder "videosdebarraquito" has struck again. With some deft fingerwork, he can get into your photo gallery from the lockscreen and do pretty much what he wants with your images - such as publishing them online
Researchers discover ties between TDSS and ZeroAccess rootkit families (Help Net Security) A lot has been said and written about the long-lasting TDSS (or TDL) and the considerably newer ZeroAccess (or Sirefef) rootkits, and the similarities between the two have been noticed before
CryptoLocker — a new ransomware variant (Emsisoft) Over the past few days Emsisoft's malware research team has received numerous reports of a new file encrypting ransomware strain. This new family of ransomware is commonly referred to as CryptoLocker or Trojan:Win32/Crilock.A. Like all file encrypting ransomware (also known as cryptomalware) the goal of the attacker is to encrypt important files on the victim's system in order to compel them to pay a ransom in return for their files
jre7u21 and earlier Click-2-Play Warning Bypass spotted in a Cool EK variant (Malware Don't Need Coffee) A new variant of a "Kore-ish" Cool EK appeared few days ago. Yes…it's difficult to follow the EK fast moving landscape…No payload in the jar for that one
Arrays in requests, PHP and DedeCMS (Internet Storm Center) We received an interesting submission about a strange looking Apache web server log. While the log does not look malicious, after examining it carefully it certainly looks strange, as you can see below
Recycling bins in the City of London tracked people's movements for over two months (Quartz) City of London staff knew for a week that recycling bins in the local authority were tracking the movements of passers-by, but didn't put a stop to it until news reports prompted a public outcry. London-based startup Media Metrica, which also goes by the name Renew, installed tracking devices in a dozen of its internet-connected bins, most of them along a busy street in the City of London. The devices, called Renew Orbs, recorded a unique ID on people's smartphones in order to track them. Few were aware of the scheme
Website programming error compromises personal information (SC Magazine) A programming error on the website belonging to PLS Financial Services — a Chicago-based consumer financial services retailer — allowed some visitors to access personal information of an undisclosed number of customers
BEL USA Acknowledges Security Breach (eSecurity Planet) Promotional products supplier BEL USA LLC, which does business at DiscountMugs.com and other sites, recently began notifying customers who placed an order either online or by phone between March 1, 2013 and July 15, 2013 that their personal information may have been accessed by unauthorized third parties when the site's server was breached
Security Patches, Mitigations, and Software Updates
iOS 7 patches 80 vulnerabilities (ZDNet) Holding off on upgrading to iOS 7 from iOS 6 may be a good idea for many reasons, but your iOS 6 device will have scores of unpatched vulnerabilities. It's not the flashiest improvement in iOS 7, but the new version fixes 80 security vulnerabilities that presumably remain in iOS 6
Latest IE 0–day insight: Background, severity and solutions (Help Net Security) This recently discovered Internet Explorer zero day vulnerability is bad. Users and administrators should take immediate action to mitigate the risk. Considering the timing, I personally expect to see an out of band patch from Microsoft
RSA Tells Its Developer Customers: Stop Using NSA-Linked Algorithm (Wired) Amidst all of the confusion and concern over an encryption algorithm that may contain an NSA backdoor, RSA Security released an advisory to developer customers today noting that the algorithm is the default in one of its toolkits and strongly advising them to stop using the algorithm
Cyber Trends
Biometrics' Unprecedented Public Integration (SIGNAL Magazine) Security vs. Privacy: Experts believe the conflict can be resolved in a way that improves the world. Biometrics is on the verge of becoming more pervasive than ever in everyday life, setting the stage for personal identifiers to take the place of other common security measures. The expansion mirrors increased usage in fields such as military operations, citizen enrollment and public safety
Cyber security: do you know where you stand? (Information Age) It is impossible to assess the true extent of cyber attacks, but businesses can make a sensible assessment of their risk profile and security posture
Imagining a Cyberattack on the Power Grid (New York Times) It's electrifying. Iran and Venezuela want to destroy the United States, so they conspire with a rogue Russian spy to launch a cyberattack on the North American power grid, beginning by electrocuting a lineman in North Dakota. Their main obstacle is a small-town sheriff in the state's badlands, Nate Osborne, a former Marine Corps lieutenant in Afghanistan whose titanium leg ultimately saves the day
Experts Worry About Long-Term Implications of NSA Revelations (Threatpost) With all of the disturbing revelations that have come to light in the last few weeks regarding the NSA's collection methods and its efforts to weaken cryptographic protocols and security products, experts say that perhaps the most worrisome result of all of this is that no one knows who or what they can trust anymore
Marketplace
Energy Department spends $30M to bolster utility cybersecurity tools (Network World) The Department of Energy today awarded $30 million to a 11 security vendors to develop technology the agency says will better protect nation's electric grid, oil and gas infrastructure from cyber-attack
Tech Firms 'Grandstanding' Over U.S. National Security Agency, According To Verizon Communications Inc. (NYSE:VZ) Executive Report (Fiscal Insider) Verizon Communications Inc. (NYSE:VZ) senior executive has disclosed that many tech companies 'grandstanding' over U.S. National Security Agency activity to collect the customers data from the companies in order to conduct comprehensive domestic secret surveillance operations earlier this year. According to the senior executive of the Communications firm, John Stratton, the report previously leaked by Edward Snowden in public, so that U.S. spy agencies has collected the customer data without their consent and was used against them
Vital Mission: New Facility Will Work To Secure Country's Cyber Infrastructure (CBS) There's a threat of invasion no locked door can prevent, but a new Maryland company is taking on the challenge. Pat Warren reports on a new cyber security center
Ballmer calls Google a 'monopoly' that authorities should control (The Verge) While Microsoft unveiled its new Bing logo and design this week, CEO Steve Ballmer opted to highlight his concerns over Google's business practices yesterday. During a presentation at Microsoft's financial analysts meeting, Ballmer discussed how Microsoft might generate money in consumer services. "Google does it," he noted. "They have this incredible, amazing, dare I say monopoly that we are the only person left on the planet trying to compete with." Asked by an analyst how Microsoft can attack Google's dominance in search and advertising, Ballmer explained "we're the only guys in the world trying," with the Bing search engine
ZTE Device Called American Spurned After China Spy Angst (Bloomberg) The U.S. government stripped a videoconferencing system contract from a Maryland company after a federal agency said the device marketed as American-made is really Chinese
Trend Micro Opens New Global Operations Headquarters (SecurityWeek) Security software maker Trend Micro officially announced the grand opening of its Global Operations Headquarters in Irving/Las Colinas, Texas this week. Located just outside of Dallas, the new location will house operations for the company's threat research, finance, legal, customer support, commercial sales and marketing, and human resources business units
Products, Services, and Solutions
Secure Messaging App Wickr Launched for Android (eSecurity Planet) The company's CTO calls the app 'the next step in our overall quest to protect users against the many threats to their privacy'
HP unveils cyber security solutions for enterprises in India (Business Standard) Technology major Hewlett-Packard today announced new cyber security solutions for enterprises in India to enable firms upgrade their security infrastructure
Acronis advances secure BYOD with mobilEcho (Help Net Security) Acronis launched mobilEcho 4.5, a mobile file management (MFM) solution that now includes in-app editing tools for Microsoft Office documents and military-grade, certified encryption
DeviceLock now prevents data leakage from Macs (Help Net Security) DeviceLock announced DeviceLock Endpoint DLP Suite 7.3 that delivers essential device control capabilities for corporate endpoints with OS X Lion and OS X Mountain Lion operating systems
Want an NSA.org email address? Yours for $139. Miley Cyrus fans need not apply (Graham Cluley) If you want to sound like a spy, and have over $100 burning a hole in your pocket, this might interest you. You can now buy your very own @nsa.org email address. Current price? $139
Vormetric to Showcase Security Intelligence Use Cases for Large Enterprises and Federal Agencies (Sacramento Bee) Vormetric Data Firewall™ and HP ArcSight SIEM platform fill-in security analytics blind spot for faster and more accurate APT, Malware and insider threat identification
Technologies, Techniques, and Standards
Microsoft Adopts Open Specs For Threat Intel-Sharing (Dark Reading) Microsoft will be one of the first companies to adopt emerging open protocols for intelligence threat-sharing — as part of its new intel–sharing forum for incident responders. The software giant in July announced its Microsoft Active Protections Program (MAPP) for Responders program for incident responders, such as CERTs, government entities, and private companies, that includes its own intel–sharing mechanism. The company this week said its platform will be based on the Structured Threat Information eXpression (STIX) open specification led by Mitre for expressing and specifying threat information, as well as the Trusted Automated eXchange of Indicator Information (TAXII), a Department of Homeland Security-led protocol for transporting the information
Major changes ahead as NIST cybersecurity framework nears October publication (CSO) Even as the deadline for the NIST cybersecurity framework, developed per an executive order, looms ever nearer, changes are still being implemented
Experts praise Pentagon's march to security standards (CSO) Consolidation of the Defense Department's 15,000 networks expected to cut costs, as well as improve security against Edward Snowden-like leaks
Joint Information Environment Is Under Way (SIGNAL Magazine) The military's plan to create a single, secure information-sharing environment for all the services finally is taking shape. After much talk and planning, the U.S. Defense Department's Joint Information Environment (JIE) now is being built with its first component reaching initial operational capability this summer
Can Companies Fight Against Targeted Attacks? (Security Intelligence Blog) There are various reasons why targeted attacks can happen to almost any company. One of the biggest reasons is theft of a company's proprietary information. There are many types of confidential data that could be valuable. Intellectual property is often the first thing that comes to mind. There are also other, less obvious items of value that can be acquired: for example financial information, employee and customer personal information, information related to pending sales, financial deals, and legal actions. However, companies can also be targeted for reasons having nothing to do with their products or information
Defending against web–based malware: Spot the smoke, don't wait for fire (Naked Security) Fire sprinklers and clearly marked escape routes are a great way to save lives in the event of fire. But smoke alarms save both life and property, and they do so at a much earlier stage. It's much the same with cyberattacks: malware rarely gets into your network without signs of smoke beforehand
Search for tracking tools as cookie crumbles (Financial Times) Data collectors are developing alternative ways for profiling users
NSA on Wrong Side of Proactive Security Measures (Threatpost) The National Security Agency, as it turns out, is just as reactive when it comes to information security as 99 percent of the enterprises out there. America's top spy agency gives out too much privileged access to employees and contractors, allows removable storage devices in sensitive areas, and has no system of checks and balances with regard to those employees with privileged access. And only when the stuff hits the fan, as it has with Edward Snowden, does it amp up its security
Research and Development
NIST Awards Grants To Improve Online Security And Privacy (Dark Reading) Funding will enable five U.S. organizations to develop pilot identity protection and verification systems
Air Force Research Lab puts money up for tools to stop future Snowdens (Ars Technica) AFRL modifies cyber research program to find ways to catch "insider threat." Whistleblowers have demonstrated how vulnerable military and intelligence networks are to trusted insiders over the past few years, much to the embarrassment of the organizations charged with defending those networks. To prevent future Edward Snowdens and Chelsea (formerly Bradley) Mannings from adding insult to injury, the Air Force Research Lab (AFRL) recently added a new request to its ongoing cybersecurity research program that seeks technology to shut down the insider threat
The devil and the details (The Economist) Quantum cryptography has yet to deliver a truly unbreakable way of sending messages. Quantum entanglement may change that. Recent revelations of online snooping on an epic scale, by government agencies which may well have been breaking the law, have prompted some users of the internet to ask who you can trust with sensitive data these days. According to Artur Ekert, an Oxford academic who moonlights as director of the Centre for Quantum Technologies (CQT) in Singapore, one possibility is a defunct Irish physicist called John Stewart Bell
Academia
Strayer University Launches Graduate Degree Program in Cybersecurity (Fort Mill Times) Strayer University, a leading postsecondary adult education institution, today announced the launch of a new graduate degree program in cybersecurity. The new Master of Science in Information Assurance (MSIA) will prepare graduates to critically analyze security vulnerabilities and safeguard networks of all sizes from cyberattacks
Students prepare for in Cyber Defense hacker competition (Iowa State Daily) Professional hackers from across the nation will be in Ames this weekend, putting 215 IoSU students to the test. Saturday will mark the annual Cyber Defense Competition, which will be hosted from 8 a.m. to 5 p.m. in Coover Hall
Legislation, Policy, and Regulation
Cybersecurity and Trade: National Policies, Global and Local Consequences (Brookings) In 2009, the Centre for Economic Policy Research published a 100-page collection of essays on the rise of trade barriers and "murky protectionism" following the financial crisis. The word "technology" appears only once in that report. Information technology has often been seen as a huge success story in global trade, but its rapid diffusion has introduced new risks. Modern economies, developed and developing, are increasingly reliant on their IT-supported infrastructure for almost every aspect of daily life. Yet, as the headlines attest, this infrastructure is less than perfectly secure, and the rapidly evolving threat landscape exposes the dependent societies to dramatic risks. The interdependence of systems and institutions means that a security failure can have dire consequences
Could Brazil Actually Keep The NSA Out Of Its Internet Traffic? (Mint Press News) Revelations that the U.S. intelligence agency spied on huge volumes of Brazilian web usage have led the country's president to propose drastic changes. For the White House, the recent bout of trouble the administration finds itself in with Brazil represents the ever-expanding rebuke coming from friends and foes alike. After revelations that the National Security Agency has been covertly eavesdropping on international communiqués originating from or terminating in the United States, a growing number of nations have demanded accountability and an end to American control of global communications
US, Brazil in 'Difficult' Bid to Rebuild Trust (SecurityWeek) Spying allegations and a delayed state visit have breached once–strong ties between the United States and Brazil, and only time will rebuild trust, analysts said Wednesday. "This is a very unfortunate incident," said Riordan Roett, director of the Latin American studies program at Johns Hopkins University
DHS leadership nominees favorably received at Senate hearing (FierceHomelandSecurity) The nominees for head of the National Protection and Programs Directorate and general counsel at the Homeland Security Department testified before a supportive Senate Homeland Security and Governmental Affairs Committee Sept. 18
Litigation, Investigation, and Law Enforcement
Facebook "Likes" can no longer get US employees fired (Naked Security) Happy day, USA: When we click "Like" on Facebook, we are now constitutionally protected from getting fired! If you're thinking, "Well, duh, wasn't I already?", join the club. In fact, at least one court had hitherto decreed that the First Amendment to the US Constitution, which (more or less) ensures the right to free speech, didn't apply to Facebook Likes
China just detained a teen for having 500 retweets (Quartz) As of last week, posting a message that the Chinese government deems inaccurate on social media platforms can get you three years in the slammer, provided it gets 500 retweets (or their equivalent) or 5,000 views. At least, that's what the law said (link in Chinese). But would the new policy, part of the Chinese government's draconian crackdown on "online rumors," be enforced
"Reverse–Engineering Chinese Censorship" (Harvard Magazine) In a talk at the School of Engineering and Applied Sciences on September 12, Gary King, Weatherhead University Professor and director of the Institute for Quantitative Social Science, spoke about what he called the "largest selective suppression of human expression in history": the Chinese government's censorship of social media
Guantánamo tech chief says computer system safe enough for 9/11 trial (Miami Herald) The man in charge of the war court computers system on this base testified Thursday that despite a series of file disappearances, the Pentagon's computer system is safe enough to protect alleged 9/11 mastermind Khalid Sheik Mohammed's attorney–client privilege in the death–penalty trial
Hackers stole £1.3 million from Barclays Bank using KVM device (Graham Cluley) Police have arrested eight men in connection with an audacious scheme which succeeded in stealing £1.3 million from Barclays Bank. The heist was said to have taken place at a branch of Barclays Bank in Swiss Cottage, North London, back in April, after a hardware device was attached to a branch computer
Cisco Officials Accused of Role in Falun Gong Monitoring (Bloomberg) Chinese and U.S. citizens accusing Cisco Systems Inc. (CSCO) of conspiring with China's government to monitor and torture members of Falun Gong now argue officials at the company's headquarters in San Jose, California, were directly involved with human rights abuses. Cisco's main office helped design the surveillance and internal security network known as "Golden Shield," according to an amended lawsuit filed yesterday in federal court in San Jose
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
IT Forum Expo/Black Hat Regional Summit (, Jan 1, 1970) Black Hat Regional Summit will introduce a mix of local in-region experts and researchers from around the globe, discussing the latest trends in information security with an audience of peers. The sessions will provide candid insight and education for IT security professionals.
Strange Loop (, Jan 1, 1970) Meet us in St. Louis, Sept 18-20th, 2013, to make connections with the creators and users of the languages, libraries, tools, and techniques at the forefront of the industry. Find out where we're going…and where we're not. Topics include emerging languages, concurrent and distributed systems, new database technologies, front-end web, and mobile.
CISO Executive Summit (Atlanta, Georgia, USA, Sep 19 - 20, 2013) Be on the forefront of a new global initiative where today's world-class leaders in information security will gather to navigate through international waters. Join these leaders as they follow the wind of change that is sweeping through the IS community motivating today's information guardians to develop a new way of thinking to ensure success in protecting their respective organizations. (At Hacker Halted USA.)
CCBC Leadership Seminar Luncheon: Cyber Awareness: What Employers Need To Know (Owings Mills, Maryland, USA, Sep 20, 2013) , no later than September 13, 2013.
cybergamut Technical Tuesday: Malware Analysis for the Masses (Columbia, Maryland, USA, Sep 17, 2013) With malware becoming more prevalent, and the pool of capable reversers falling short of overall need, there is a greater need to provide quick and efficient malware analysis for network defense. With modern technology and tools, it's now possible for junior security analysts to gather detailed malware indicators to craft defense and alert signatures. More enticing, all of this can be done with free tools and applications, some written by this presenter.
2013 Cyber Security Summit (New York, New York, USA, Sep 25, 2013) The 2013 Cyber Security Summit connects executives responsible for protecting their company's critical infrastructure with innovative product, service and solution providers. The one day event, to be held September 25th at the Hilton in New York City, will showcase the latest tools and resources available to defend against cyber crime on both corporate and government levels. Keynote addresses and interactive panel discussions lead by notable security experts will highlight strategic priorities, risk factors, threats and provide inspirational guidance to prepare and protect from attacks.
4th Annual Cybersecurity Summit (Washington, DC, USA, Sep 25, 2013) GEN Keith Alexander, Commander of U.S. Cyber Command, Director of the NSA/Chief, Central Security Service and Dr. Pat Gallagher, Director, NIST are among the distinguished speakers confirmed to keynote at the 4th Annual Cybersecurity Summit on September 25, 2013 at the National Press Club in Washington, D.C.Michael Daniel, White House Cybersecurity Advisor, and Gen. Keith Alexander, Commander U.S. Cyber Command, and Director, NSA, are confirmed to keynote. Cybersecurity topics to be addressed include: the White House Cybersecurity Executive Order, the Cybersecurity Framework and New Emerging Standards for Critical Infrastructure, information sharing, mobile security and BYOD, legislative developments in cybersecurity, big data and cloud cybersecurity, continuous monitoring, cyber situational awareness, and the JIE rollout active defense and cyber warfare. Organized by Billington CyberSecurity™.
Information Security Conference (Charleston, West Virginia, USA, Oct 2, 2013) On October 2, the WVOT Office of Information Security and Controls, will be sponsoring a no-charge information and cyber security awareness event at the Charleston Civic Center. The agenda will offer an energizing morning of highly informative sessions. Free posters, calendars, bookmarks, and other security-themed items will be available. The event is open to the public, however registration priority will be given to public sector officials and employees.
The Monktoberfest (Portland, Maine, USA, Oct 4, 2013) Our speakers will explore how social trends can change the way we build and use technology, and how technology in turn can change the way we socialize.
Suits and Spooks NYC 2013 (New York, New York, Oct 5, 2013) Since the landscape is foggy, the threat actors numerous and hard to identify, and the attacks proliferating on a daily basis, the focus of the next Suits and Spooks conference will be to identify non-state aggressors in cyberspace. About twenty speakers will present briefings over two days on hackers, citizen militias, and other non-state entities operating in the Middle East, China, Russia, Pakistan, India, Iran, Africa, South America, the United States (yes - we have non-gov threat actors domestically), and other parts of the world. One of our panel moderators will be Joel Brenner (former National Counterintelligence Executive at the Office of the Director of National Intelligence and former Senior Counsel at the NSA).
Forensics and Incident Response Summit EU (Prague, Czech Republic, Oct 6 - 13, 2013) The Summit will focus on high quality and extremely relevant content as well as panel discussions in Digital Forensics and Incident Response. In addition, we encourage you to take every opportunity to make the most of this event from attending the Summit to registering for one or more of the post-summit training classes taught by SANS' top-rated instructors and course authors. Additional events such as DFIR Netwars, evening talks and the SANS Community Night will be taking place during that week too. This event promises to bring together the leading minds in digital forensics and incident response in the EU, as well as many other practitioners from a wide cross section of industries and company sizes. You will be able to share with all of them your challenges and find out new solutions that work, techniques and approaches you didn't even know existed.
CyberMaryland 2013 (Baltimore, Maryland, USA, Oct 8 - 9, 2013) Join cybersecurity leaders, luminaries and rising stars at CyberMaryland 2013. This two-day event at the epicenter of the nation's cybersecurity innovation and education, will create opportunities for networking and idea sharing amongst the many cyber leaders and professionals across the country, including: federal, state and local government agencies, academic institutions, cybersecurity entrepreneurs, and industry leaders of research and development. CyberMaryland 2013 will address the biggest challenges facing America, including future innovation to meet the security challenges facing our country; collaboration across industry, government and educational institutions; and the development of a generation of cyber-warriors. Surrounding all of these issues is a constantly evolving business framework to provide efficient and effective solutions in a time frame that anticipates and mitigates current and future threats.
2013 Maryland Cyber Challenge (Baltimore, Maryland, USA, Oct 8 - 9, 2013) Held in conjunction with Cyber Maryland and intended to let students and young professionals showcase their cybersecurity skills, Maryland Cyber Challenge offers competition in three divisions: high school, college, and professional. Orientation sessions for teams in each of three divisions -- high school, collegiate and industry and government professionals -- will be held at UMBC in July and August. Two qualifying rounds will be conducted online using SAIC's Cyber Network Exercise System.
AFCEA Hill AFB Technology & Cyber Security Expo (Ogden, Utah, USA, Oct 9, 2013) The purpose of this first-time event is to allow base personnel the opportunity to learn about the latest computer security trends, network with peers, share remediation strategies and to view and demo some of the latest cyber security and information technology products/services available today..
International Conference on Cyber–Enabled Distributed Computing and Knowledge Discovery (Shanghai, China, Oct 10 - 12, 2013) International Conference on Cyber-enabled distributed computing and knowledge discovery -promotes research and development of the cyber-related technology. It is unique and significant that spans through cyber-enabled data mining and knowledge discovery, distributed and parallel computing, cyber security, cloud computing, pervasive computing, mobile computing, Internet, wireless networks, cognitive systems, cyber information process, information discovery, e-health via cyber network, e-science, web technology, and network performance and tools. The research and development in these areas have received extensive attention in both the academia and industry to provide ubiquitous services for users. Various hardware and software designs, algorithms, protocols, simulations, and test-bed, and implementations are developed for distributed computing in an interconnected and distributed network environment. The purpose of CyberC is to provide a forum for presentation and discussion of innovative ideas, research results, applications and experience from around the world as well as highlight activities in the related areas.
VizSec 2013 (Atlanta, Georgia, USA, Oct 14, 2013) VizSec brings together researchers and practitioners in information visualization and security to address the specific needs of the cyber security community through new and insightful visualization techniques.
Hack-in-the-Box Security Conference 2013 (Kuala Lumpur, Malaysia, Oct 14 - 17, 2013) The 11th annual HITB Security Conference (16th/17th October) will be a triple track offering featuring keynotes by Andy Ellis, Chief Security Officer at Akamai and Joe Sullivan, Chief Security Officer at Facebook. This year's event also features all new 2-day training courses (14th/15th October) on a wide variety of topics including Android exploitation, extreme web hacking, infrastructure security, exploiting injection flaws and a special iOS security course by the world famous Evad3rs team. The full speaker list and conference agenda will be released after the Call for Papers closes on the 25th of July.
USDA Cyber Security Symposium and Expo 2013 (Washington, DC, USA, Oct 15, 2013) The Cybersecurity Expo, running in conjunction with the Summit, will allow exhibitors the opportunity to provide live demos and share information with government personnel and industry partners. Summit topics will focus on today's vulnerabilities, incidents, security lifecycle, risks and mitigations; it will also identify ways to work together and build a solid security foundation program to meet future challenges and trends in cyber security..
SNW Fall 2013 (Long Beach, California, USA, Oct 15 - 17, 2013) SNW is the world's largest independently produced conference series focused on the evolution of architecture for a new world of mobility, Big Data and business agility. Produced by Computerworld -- and co-owned by Computerworld and the Storage Networking Industry Association (SNIA) -- SNW remains unbiased and vendor agnostic. Unlike events focused on a specific vendor agenda and product portfolio, SNW provides a forum of open thought leadership and practical education that defines the spectrum of storage, data and infrastructure solutions available to a highly qualified audience of enterprise technology decision-makers.
Hexis Exchange (Athens, Greece, Oct 16 - 17, 2013) Attendees will have the opportunity to participate in a knowledge exchange of the latest enterprise security topics through expert led business and technology forums, hands-on sessions, and training. Such topics will include: emerging cybersecurity threats, big data management, advanced analytics, government regulation & compliance, and data retention challenges & solutions.
Cybersecurity Symposium: "Protect. Defend. Educate." (Linthicum, Maryland, USA, Oct 16 - 17, 2013) The Cybersecurity Symposium being held October 16-17, 2013, will deliver first-class training for government and industry security professionals while simultaneously offering high-level keynote speakers, essential networking opportunities, and an informative technology exposition. The Symposium sessions will have a special emphasis on security challenges facing today's security professionals and cyber awareness training for security professionals responsible for protecting sensitive and classified information from the ever increasing threats of mobile devices, espionage, terrorism, and cyber-attacks to ensure our national security. Register by August 31 to ensure the reduced early bird registration fee. This event is free for government employees and active-duty military personnel. Exhibit space and sponsorship opportunities are also available.
Nuclear Regulatory Commission Cyber Security Conference & Expo (Rockville, Maryland, USA, Oct 17, 2013) This one-day conference will consist of cyber sessions in the NRC Auditorium given by government and industry speakers. Exhibit tables will be set-up just outside the Auditorium and companies will have the opportunity to demo their latest technologies to NRC's IT personnel.
13th Industrial Control Systems Cyber Security Conference (Atlanta, Georgia, USA, Oct 21 - 22, 2013) Industrial Control Systems (ICS) operate the infrastructures of electric power, water, chemicals, manufacturing, transportation, defense, etc. and link the digital and physical worlds. Their cyber security presents challenges that are distinct from securing traditional IT systems. The conference is attended by control & operations engineers and their IT counterparts from critical infrastructure industries, by ICS and security vendors, and by universities. Run under the Chatham House rules of confidentiality, the conference discusses ICS cyber incident case studies, provides regulatory updates, discusses solutions in the form of policies and procedures, presents demonstrations of hacking ICS and ICS protocols, and provides a status of ICS security solution field demonstrations.
Cloud Connect (Chicago, Illinois, USA, Oct 21 - 23, 2013) Cloud Connect returns to Chicago October 21-23, 2013 with an all new program built around the leading cloud platforms. Cloud Connect provides the independent guidance IT professionals need to successfully build, operate and manage the cloud, and the tools to measure application performance and business metrics.
cybergmut Technical Tuesday: Cyber Security Strategy — Why We're Losing and What's Needed to Win (Columbia, Maryland, USA, Oct 22, 2013) CrowdStrike's Steve Chabinsky of CrowdStrike explains the situation. Everybody seems to be spending more on cybersecurity, but with questionable return on investment. In fact, the problem clearly is getting worse, and current strategies show no indication of reversing that trend. This non-technical presentation explores the typical cyber risk environment, considers the proper balance and likely effectiveness of threat deterrence, vulnerability mitigation, and consequence management to reduce cyber risk, and examines the current and evolving roles of government agencies and the private sector in addressing the problem. Backed by powerful, real-world examples of threat actor tactics, this presentation will help managers develop a better understanding of how their current security approach is most likely to succeed or fail over time, and what strategies are the most likely to shift the advantage to the good guys. cybergamut is co-hosting this event with the Maryland Chapter of InfraGard.
Cyber Security Seminar and IT Expo at Peterson AFB (Colorado Springs, Colorado, USA, Oct 22, 2013) The Cyber Security Seminar and IT Expo is a one-day event held on-site where industry vendors will have the opportunity to display their products to personnel attending briefings concerning the latest updates in Cyber Security Awareness. This is an excellent and unique opportunity to meet IT personnel from USNORTHCOM, NORAD, Army Space Command, USSPACECOM, and the 21st Space Wing all in one day.
Joint Federal Cyber Summit 2013 (Washington, DC, USA, Oct 23 - 24, 2013) This collaborative government wide event is truly one of a kind, with speakers and attendees anticipated to represent more than 10 federal government agencies. Information sharing will be accomplished through keynote speakers on both days, along with numerous targeted breakout sessions (including a session with a federal CISSO panel), hands on live demonstrations, and industry exhibits.
2013 ACT–IAC Executive Leadership Conference (Williamsburg, Virginia, USA, Oct 27 - 29, 2013) Advances in technology and massive increases in data available can both challenge and transform Government mission performance. ELC-2013 focuses on how to make this transformation a reality, in and for agencies. We will hear from nationally prominent speakers and work across government and industry to learn new ideas and techniques. Four mission-oriented tracks will focus on initiatives for driving results using data and the "Innovate, Deliver, Protect and Analyze" paradigm that is at the heart of the Government's strategic vision.
SAP NS2: National Security Solutions Summit (Falls Church, Virginia, USA, Oct 29, 2013) Join us for a day of learning and networking focused on how to advance U.S. national security and homeland security through I.T. innovation. Top-notch speakers will address the new challenges facing U.S. national security and critical infrastructure -- as well as powerful, affordable technologies that are available today to tackle those challenges while saving money and simplifying operations. Learn how your organization can run faster, smarter, leaner in the most secure environments -- with world-class, breakthrough solutions that are bold alternatives to business as usual.
Regional Cyber Security Forum & IT Day (CSFI) — Hawaii (Honolulu, Hawai'i, USA, Oct 30, 2013) 2013 marks the 10th anniversary of National Cyber Security Awareness Month and FBC will host the 1st Annual Cyber Security Forum & IT Day (CSFI) at Fort Shafter - Club Hale Ikena to coinside with the anniversary, and activities surrounding this month. The goal of CSFI is to raise cyber security awareness, and to promote best practices in cyber while allowing DoD personnel and industry partners the opportunity to share the most up to date remediation strategies. The event will feature four educational cyber sessions to go along with an exhibit hall..
NSA Hawaii — Cyber Security, Intelligence & IT Day (Honolulu, Hawai'i, USA, Oct 30, 2013) Be a part of the 1st Annual Cyber Security, Intelligence and IT Day set to take place at the new National Security Agency (NSA) Hawaii Rochefort facility. The event will be hosted by NS/CCS Hawaii Technology Directorate and will focus on Cyber Security, Big Data and Cloud Computing. There are other areas of interest listed below as well. This is an extremely unique opportunity to network with NSA personnel in Hawaii at their location. Educational sessions will be provided to attendees to coincide with government and industry exhibits.