The CyberWire Daily Briefing 10.08.13

Summary

By The CyberWire Staff

Palestinian hacktivists deface WhatsApp and AVG sites with an anti-Zionist message; they also deface a LeaseWeb page (with no particular message). Pakistani hackers (motivation unclear) are also active, hitting ASPX Vietnam and three Caribbean domains.

Macau's gaming industry attracts cyber criminals—the city's Internet access was almost lost to a hack over the weekend. Customers of Hong Kong's PureVPN receive a bogus message falsely warning of the service's imminent shutdown—the attackers exploited a WHMCS zero-day.

Several new vulnerabilities and exploits are reported, including a flaw in iOS that enables a thief to halt a stolen iPhone's "Find My Phone" feature long enough to extract personal data or even re-register the phone.

A new virtual dedicated server crops up to serve the cyber black market, occupying part of the niche left by the Russian Business Network. More reports appear that the Blackhole exploit kit's author has been arrested by Russian authorities, and FoxIT has observed chatter around Blackhole users suggesting that in fact this has happened. Look for cyber criminals to move on to other kits.

A FireEye report outlines national styles as expressed in cyber attacks. Vormetric thinks most unauthorized data access goes undetected.

Former Director NSA McConnell warns that there's a war in cyberspace, and the US is losing. Debate over the proper conduct of that war continues, with a mix of tu quoque and me too from Germany, the United Kingdom, and Australia.

Aspiring gumshoes take note—some computer forensic types are now getting private eye licenses.

Notes.

Today's issue includes events affecting Antigua and Barbuda, Australia, Canada, China, European Union, Germany, Pakistan, Palestinian Territories, Russia, Saint Lucia, Singapore, Suriname, United Kingdom, United States and Vietnam.

Selected Reading

Cyber Trends

Cyber-Security in 2013: Software, People Still Have Vulnerabilities (eWeek) Both cyber-security awareness and the security threat landscape itself have changed over the past decade, but some of the basics about how individuals and enterprises can stay secure have not. October 2013 marks the 10th anniversary of National Cyber Security Awareness Month, which is all about helping educate users and enterprises on how best to secure themselves against online threats

War Drums Beat Louder For 'World War C' (Forbes) If the lingo of cyber security experts, zombie warfare might that be that far fetched after all. Call it "World War C", and it playing right now at a nation near you. It is quiet, mostly invisible and oddly as safe as it is dangerous

Report outlines characteristics of nation-state driven cyber attacks (Guardian) New report examines international and local characteristics of cyber-attack campaigns waged by governments worldwide

Most unauthorized data access goes undetected (Help Net Securiy) With a focus primarily on large enterprise organizations, a Vormetric study of 700 IT security decision-makers indicates that there are major gaps between existing security processes and the technologies

U.S. fighting a losing war in cyberspace (Ground Report) "The U.S. is fighting a cyber war today and we are losing it", said Admiral Mike McConnell in remarks recorded in the Congressional record

Mikko Hypponen: "Who we're fighting has completely changed in the last decade" (Graham Cluley) If you were running Windows on your computer 10 years ago, you were running Windows XP. In fact, you were most likely running Windows XP SP1 (Service Pack 1). This is important, as Windows XP SP1 did not have a firewall enabled by default and did not feature automatic updates

Cybercrime rate in Singapore dips, but victims losing 75 percent more (ZDNet) While the crime rate appears to have dipped from 48 percent to 37 percent of online users, the cost per victim was the highest worldwide at US$1,158--nearly four times the global average, according to the 2013 Norton Study

Legislation, Policy and Regulation

Could the revelations regarding the NSA PRISM program hinder U.S. relations around the world? (Council on Foreign Relations) Revelations about the National Security Agency's (NSA) electronic surveillance program were met with tough words from many of the United States' allies. German leaders criticized the United States and France threatened to delay the start of U.S.-EU trade talks. More recently, Brazilian president DilmaRousseff delivered a searing address to the United Nations General Assembly after canceling a state visit to the White House

Brazil determined to stop NSA spying (Help Net Security) Perhaps no country in the world has been as vocal about doing something about NSA's global Internet surveillance reach as Brazil. As one of the fastest-growing major economies in the world that is

Europe wants to regulate the cloud for a post-Snowden world (VentureBeat) It's not always clear where data travels on the Internet, but with American cloud providers like Amazon Web Services and others powering a sizable chunk of the modern web, there's a fair chance the National Security Agency can examine and store your data — even if you live across the pond

Japan Needs 80,000 More IT Security Experts (Softpedia) Japan wants to make sure government and other critical systems are properly protected against cyberattacks. However, experts have determined that the country needs an additional 80,000 IT security engineers

David Cameron Says Surveillance By GCHQ And NSA Are Aimed At Protecting Public (Huffington Posk UK) David Cameron has backed the snooping activities of GCHQ and its American counterpart, the NSA, which were exposed by whistleblower Edward Snowden, saying the the programmes were designed to protect the public

German NSA has deal to tap ISPs at major Internet Exchange (Ars Technica) Spy agency BND stays mum on how it's distinguishing domestic vs. foreign traffic. The rough German equivalent of the National Security Agency has secret arrangements with local telecom firms, providing direct access to data flowing over domestic fiber. According to the German magazine Der Spiegel (Google Translate), the Federal Intelligence Service (known by its German acronym, BND) has taps on the major Internet exchange point in Frankfurt known as DE-CIX

Australian government withheld knowledge of Prism program (Guardian) Freedom of information request confirms Attorney General's Department prepared a secret ministerial briefing in March

White House pursues online privacy bill amid NSA efforts (Politico) Even as it defends the National Security Agency's controversial Internet surveillance programs, the Obama administration has been working on legislation to

Paper finds fault in 'nothing to hide' government surveillance argument (FierceGovIT) A common response among Americans when learning of government surveillance programs, such as those managed by the National Security Agency, is to say surveillance is fine because "I have nothing to hide." A paper recently published in the San Diego Law Review, however, says there are several problems with the argument that if someone is a law-abiding citizen, they have nothing to worry about. "The nothing to hide argument is one of the primary arguments made when balancing privacy against security," writes George Washington University Law Professor Daniel Solove

The NSA Oversight Farce (TechCrunch) This weekend we learned that President Barack Obama's NSA surveillance panel, built at least in theory to vet our intelligence activities and weigh their performance against the right of privacy, went on hiatus after the government shutdown froze its funds. It was an emblematic moment. As a nation we couldn't even keep the farce of oversight in play long enough to have it ultimately disappoint us

Products, Services, and Solutions

SSL Certificate Provider HydrantID Adopts Authentify's Authentication Services (Dark Reading) uthentify, the pioneer in employing telephony and telephones in authentication work flows, today announced that its services have been selected by HydrantID to strengthen the provisioning process for purchasing Secure Sockets Layer (SSL) Certificates via HydrantID's customer portal. HydrantID joins a cadre of security conscious organizations who use Authentify

Corero Partners with Neustar to Deliver Best of Both Worlds in DDoS Protection (Wall Street Journal) Corero Network Security (CNS:LN), a leading provider of First Line of Defense®solutions for Distributed Denial of Service (DDoS) and cyber threat protection, has entered into an agreement under the Strategic Alliance Program with Neustar, Inc. (NYSE: NSR), an information services company and leading provider of cloud-based DDoS protection services. As a Neustar Strategic Alliance Program partner, Corero enables its customers to extend the power of its on-premise always on protection with the added security and flexibility of Neustar's on-demand, cloud-based DDoS protection services to combat growing cyber threats

CMU researchers tout SafeSlinger, snoop-proof smartphone app (Tribune-Review) Carnegie Mellon University software researchers say they have written a smartphone messaging app with security that not even the National Security Agency can break, yet is easy to use

Security App of the Week: Dr.Web Scan Link for Firefox (Softpedia) In case you're looking for a clever Firefox application that will tell you if a certain website contains malware, you can use Dr.Web Scan Link

Can data science be put in a box? (ZDNet) Data science is one part analysis and one part art. It gathers together data from many sources and gleans important insights. Can this demanding practice be packaged as a piece of software? Prelert believes that it can

Technologies, Techniques, and Standards

Technology Or Education? Tackling Phishing Requires Both (Dark Reading) Neither technology nor awareness services can solve the phishing threat, but using both can significantly reduce attackers' success

CSAM — RFI with a small twist (Internet Storm Center) Logs are under appreciated. We all collect them, but in a majority of organisations you will find that they are only ever looked at once something has gone wrong. Which is unfortunately usually when people discover that either they didn't collect "that" log or timestamps are out of whack, log files rolled over, etc. Which is unfortunate because log files can tell you quite a bit of information as we are hoping to show throughout October as part of the Cyber Security Awareness Month

False Expectations And Consumerized Devices (TrendLabs Security Intelligence Blog) Recently, there was a very public example of how not to do a tablet deployment. The Los Angeles Times reported that the Los Angeles Unified School District had been forced to suspend a program to provide iPads to students because several hundred students had figured out ways to remove security restrictions put in place by school administrators

Want to Evade NSA Spying? Don't Connect to the Internet (Wired) Since I started working with Snowden's documents, I have been using a number of tools to try to stay secure from the NSA. The advice I shared included using Tor, preferring certain cryptography over others, and using public-domain encryption wherever possible. I also recommended using an air gap, which physically isolates a computer or local network of computers from the internet. (The name comes from the literal gap of air between the computer and the internet; the word predates wireless networks.) But this is more complicated than it sounds, and requires explanation

How the NSA might use Hotmail, Yahoo or other cookies to identify Tor users (Ars Technica) "Quantum cookie" attacks are plausible but only in highly limited cases. One of the more intriguing revelations in the most recent leak of NSA documents is the prospect that the spy agency is using browser cookies from Yahoo, Hotmail or the Google-owned DoubleClick ad network to decloak users of the Tor anonymity service

UK bankers prep for cyberwar: Will simulate ATTACK on system (Register) UK banks, the stock market and payment providers will undergo extensive stress tests in November that are designed to test their responses to cyber-attacks

How Does Law Enforcement 'Subvert' Tor? (InfoSecurity Magazine) Last summer an FOI request showed that the FBI had abandoned an investigation into TSChan, allegedly a child pornography site on the Darknet, since "because everyone…connected to the TOR Network is anonymous, there is not currently a way to trace the origin of the website. As such no other investigative leads exist"

Marketplace

Microsoft pays out $28K to IE bug hunters in its first–ever bounty program (IT World) Security expert calls it a success — enough bugs to fill one or two IE updates — even though the dollar amount was about the same as Google's for the last iteration of Chrome

General Dynamics to Develop Integrated Computer-Network Defence System for Canadian Department of National Defence (MENAFN) Technology demonstration program seeks to enhance security of Department of National Defence networks, minimizing the risk to operations brought through cyber attacks

SINET Chairman to Present One of the Nation's First Cyber Resumes (Herald Online) SINET's Chairman & Founder, Robert Rodriguez, will present one of the Nation's first Cyber Resumes at the CyberMaryland conference. America's leading Cybersecurity companies, agencies and organizations will join together with leading educators in Baltimore, Maryland, on October 8, 2013, at 3:30pm to kick off Cybersecurity Ideation Day at CyberMaryland 2013. Cyber Ideation is a web-based interactive classroom experience where schools enable their students to "test drive" future careers in Cybersecurity by living a day in the life of the nation's Cybersecurity leaders called LifeJourney Mentors

Amazon Web Services Wins Again In Battle To Build The CIA And NSA Cloud (TechCrunch) Amazon Web Services has won a major battle against IBM in the pursuit to build a cloud infrastructure for the intelligence community. In a ruling published today, U.S. Court of Federal Claims Judge Thomas Wheeler wrote that AWS legitimately won a $600 million contract with the CIA that IBM had contested. IBM plans to appeal the ruling. In a statement, the company said what the company offers is more cost-effective and that they have decades of experience working with the U.S. government

Cisco completes acquisition of cybersecurity firm Sourcefire (ZDNet) Cisco has announced the completion of the Sourcefire takeover, worth $2.7 billion

Obamacare Exchange Sign–ups Hobbled by IT Systems Not Ready for Prime Time (IEEE Spectrum) I don't need to tell anyone about the controversy surrounding the Affordable Care Act (more commonly known as Obamacare). It was the central issue in the game of brinksmanship that led to the U.S. government shutdown last week. But mirroring that mind-blowing dysfunction was the less-than-stellar 1 October rollout of the federal website healthcare.gov. The Obamacare-mandated Web portal lets consumers who don't have employer-sponsored medical insurance meet the legal requirement to sign up for health coverage through the states where they reside. (To be precise, healthcare.gov is for residents of 36 states whose governments opted not to set up independent healthcare exchanges.) Online exchanges for some of the other 14 states and the District of Columbia also debuted with disappointing results

5 design flaws of HealthCare.gov (FierceGovIT) Amid the government shutdown and partisan games plaguing Washington, D.C., and the rest of the country, something is actually happening--online signups for the Affordable Care Act. HealthCare.gov is finally open for business, but how well is it designed? The site has more than a few technical issues and was down for maintenance over the weekend

Contractors to Restart Work as DoD Brings Back 90% of Furloughed Civilians (GovConWire) The U.S. Defense Department intends to end the furloughs of certain inspectors and officials that work with contractors at government sites

Research and Development

Algorithm to redact PHI takes opposite track (FierceHealthIT) Rather than training an algorithm to spot personal health information (PHI) for de-identification in physician notes, new research focused on words and phrases that are not PHI, according to a study published at BMC Medical Informatics and Decision Making. It achieved a recall rate of 98 percent of PHI from 220 discharge summaries, the authors report. All patient names, phone numbers, and home addresses were at least partially redacted

Security Patches, Mitigations, and Software Updates

Router Flaw Could Disclose Sensitive Cofiguration, Password Information (Threatpost) Taiwanese electronics company Asus has released an update for one of its routers that corrects an authentication bypass vulnerability discovered in the devices over the summer. The vulnerability is in Asus' RT-N10E brand of routers, sold primarily throughout Europe, China and South America

Microsoft Critical Patches Address Windows, IE Zero–Day Flaw (CRN) Microsoft (NSDQ:MSFT) will address critical errors in Internet Explorer including a zero-day flaw in the browser that has been tied to a group that has carried out at least one serious data breach. Microsoft said the update this week would address a critical remote code execution vulnerability in Internet Explorer. The zero-day flaw has been tied to a group responsible for carrying out the Bit9 data breach. Additional attacks were detected targeting firms in Japan, according to security firm FireEye, which warned that attacks could become more widespread. Microsoft issued a temporary IE patch Sept. 17 shielding the flaw from further zero-day attacks

Cyber Attacks, Threats, and Vulnerabilities

WhatsApp hacked by Palestinian protesters, site defaced (C/NET) WhatsApp was briefly hacked this morning, with its website defaced by someone claiming to be the KDMS team, a new group of Palestinian hackers affiliated to Anonymous

AVG anti–virus website attacked by pro–Palestinian hackers (Graham Cluley) The website of AVG, makers of one of the world's most popular free anti-virus products, appears to have been hacked by a pro-Palestinian group

World's Largest Web Hosting Company LeaseWeb Hacked by KDMS Team (Hackers Post) LeaseWeb, one of the worlds largest hosting company has been hacked and defaced by a Palestinian hacker group named "KDMS Team". "Who Are you? Who is but the form following the function of what and what are you is a hosting company with no security. KDMS Team: Well, we can see that ", The hackers

ASPX Vietnam official website hacked by Anon Cop (Hackers Post) The official ASPX Vietnam website has been hacked and defaced by a Pakistani hacker with the handle Anon Cop. The hacker is a member of "Pak Mad Hunters" hacking group. There is no specific reason mentioned by the hacker on the deface page."RooT@admin: StampeD By Anon Cop. Aspx.vn Pawned!", the hacker wrote on the deface

Suriname, Antigua and Barbuda, and Saint Lucia High Profile Sites hacked by 1337 (Hackers Post) If the domain registrar server or NIC of a country was hacked recently, there's a decent chance it is hacked by Pakistani Hacker 1337. The infamous hacker 1337 hit domain registrar server again and hijacked high profiles domains of Caribbean islands of Antigua and Barbuda, Suriname, and Saint Lucia

Macau authorities thwart another cyberattack but won't reveal origin (South China Morning Post) Macau authorities thwarted a cyberattack on Sunday which would have brought down the area's internet access, the gambling hub's sole internet provider has said in a statement

Gamblers and hackers alike flock to Macau, the world's casino capital (Quartz) Macau, the Portuguese–influenced region on the southern coast of China is famed for its money–spinning casinos and the UNESCO–listed ruins of a 17th century Catholic cathedral. It also appears to be a recent magnet for hackers

WHMCS Zero–Day vulnerability used against PureVPN (CSO) PureVPN customers got a shock over the weekend, when attackers leveraged a flaw in WHMCS to send emails warning of a loss of privacy and legal issues. Hong Kong–based PureVPN faced problems this weekend, after someone used a Zero-Day vulnerability in WHMCS to send the networking firm's customers an alarming message. The rogue email stated that the VPN service was going to shutdown due to legal issues, and that customer information was handed over to the authorities

WHMCS SQL Injection Vulnerability in the Wild (Sucuri Blog) A few days ago, a zero-day SQL injection vulnerability in WHMCS was disclosed by…along with the exploit code. It was quickly patched by the WHCMS team and rated as critical since it allows an attacker full access to the database hosting WHMCS

New iOS 7 Flaw Thwarts 'Find My iPhone' Feature (InfoSecurity Magazine) A fresh Apple iOS 7 bug has been uncovered, which would allow a remote attacker shut down the "find my iPhone" functionality that allows users to remotely wipe stolen or lost phones

Is Microsoft recycling old Outlook.com and Windows Live email accounts? (Naked Security) Just a couple of weeks ago I wrote about how Yahoo was recycling old email addresses and IDs and how some people who took over old accounts were receiving messages aimed at the previous owners

How public tools are used by malware developers, the antivm tale (Alien Vault) Malware authors are aware of new technologies and research made by the security community. This is palpable when they implement new vulnerability exploitation on their tools or even reuse source code that belongs to public projects

Hacking The Adobe Breach (Dark Reading) Financially motivated attackers could abuse stolen source code for broader attacks. At first glance, the massive breach at Adobe that was revealed last week doesn't neatly fit the profile of a pure cybercrime attack: Not only did the bad guys steal customer data and payment card information from the software company, but they also nabbed the source code for Adobe's ColdFusion, Acrobat, and Reader software

Wireless carriers need to make changes to combat SIM-card fraud (CSO) U.S. carriers will need to adjust security tactics soon to combat an emerging threat in which criminals hijack SIM cards used to authenticate mobile phone customers on wireless networks, experts say

"Gameover" trojan hides activity in encrypted SSL connections to defraud victims (SC Magazine) Saboteurs spreading the Gameover banking trojan are hosting the Zeus variant on a number of infected websites and using an encrypted secure sockets layer (SSL) connection to remain undetected. Researchers at Dell SecureWorks Counter Threat Unit (CTU) detailed attackers' latest schemes to spread the financial malware in a blog post published last Friday

Hesperbot: An Atrocious Banking Trojan (InfoSec Institute) Last month, a newly effective banking trojan has been discovered, targeting online banking users. This malware uses very reliable looking link addresses or domains which are related to trusted organizations to attract victims into running them. Even though this trojan has analogous functionality and goals like that of the ignominious Zeus and SpyEye, its architecture and way of implementation makes it fall in a new malware family . This banking trojan, regardless of being a new malware program, emerged as Win32/Spy.Hesperbot. The main aim of the offender is to obtain credentials giving access to the victim's bank account and making them install a mobile component of the malware on smartphone platforms (Symbian, Android, and Blackberry)

Vulnerable and aggressive adware threatening millions (Help Net Security) FireEye discovered a new mobile threat from a popular ad library that no other antivirus or security vendor has reported publicly before. Mobile ad libraries are third-party software included by host

The Challenges in Analyzing 'Bite-Sized' Attacks (SecurityWeek) Recent reports in the media are detailing how various government, media and technology companies in Japan and South Korea were victims of a new kind of cyberattack dubbed Icefog. The attacks originated in China and are the work of cybercriminals hired on a project basis, according to Kaspersky Lab. The attackers appeared to know exactly what they were trying to steal, and they left as soon as they found it. In many circles, the Icefog attacks have been called "hit-and-run APTs" - an oxymoron so blatant that it makes my head hurt. However, semantics aside, this trend of relatively focused, contracted attacks will likely have an effect on how the industry deals with advanced threats moving forward

Blackhole exploit kit author reportedly arrested, changes already noticeable (Malware Bytes) Blackhole is one of the most popular crimeware toolkits serving browser-based exploits from compromised or malicious websites. Their end goal is to deliver malware (ransomware, banking trojans etc) onto unsuspecting visitors. A few hours ago, a tweet from Maarten Boone, a security researcher at Fox-IT, a Dutch security firm didn't go unnoticed

Newly launched VDS–based cybercrime–friendly hosting provider helps facilitate fraudulent/malicious online activity (Webroot Threat Blog) Realizing the market segment potential of bulletproof hosting services in a post-Russian Business Network (RBN) world — although it can be easily argued that as long as its operators are at large they will remain in business — cybercriminals continue supplying the cybercrime ecosystem with market-relevant propositions. It empowers anyone with the ability to host fraudulent and malicious content online. A newly launched Virtual Dedicated Server (VDS) type of bulletproof hosting vendor is pitching itself to prospective cybercriminals, offering them hosting services for spam, malware, brute-forcing tools, blackhat SEO tools, C&C (command and control) servers, exploit kits and warez. In addition to offering the "standard cybercrime-friendly" bulletproof hosting package, the vendor is also excelling in terms of the hardware it relies on for providing the infrastructure to its customers

Hacking and the value of a Zero Day (Marketplace Morning Report) The San Francisco tech geek arrested last week in an Internet drug bust may have been caught because of National Security Agency operations. Or, experts say, the feds could have broken into the Silk Road, his alleged illicit goods network, using a Zero Day exploit

Fake Sallie Mae Instagram Accounts Promote Bogus Loan Forgiveness (Softpedia) Fake Instagram accounts that purport to be operated by student loan company Sallie Mae are trying to trick users into handing over their private details by claiming to offer loan forgiveness due to the government shutdown

Hackers turn US health services site into online Ugg boots store (Naked Security) For at least the past two months, scammers have been hawking football shirts, Ugg shoes and Armani perfume from hacked US government pages that are actually supposed to provide services such as mental health counseling, suicide prevention and help for drug addicts

PayJunction Acknowledges Data Breach (eSecurity Planet) Sales agents' names, Social Security numbers and bank account numbers may have been accessed

Bitcointalk.org Hacked (eSecurity Planet) A site admin is offering 50 BTC to anyone who can explain how the site was breached

UCSF Medical Center Admits Security Breach (eSecurity Planet) More than 3,000 patients' personal and health information may have been exposed when an unencrypted laptop was stolen

Academia

Air Force Cadets Earning Honors as Academic Hackers (Digital Forensic Investigator) The Air Force Academy's Cyber Competition Team has for the third year in a row earned a finalist spot in an international cybersecurity contest hosted by the Polytechnic Institute of New York Univ., placing 10th among 349 teams

Litigation, Investigation, and Enforcement

Supreme Court Declines to Decide When Online Speech Becomes an Illegal Threat (Wired) The Supreme Court declined Monday to weigh into the legal thicket of when an online threat becomes worthy of prosecution, a decision leaving conflicting federal appellate court views on the topic

Charges in cyber attack (Monadnock Ledger Transcript) A 65-year-old man identified as a Hancock resident was charged last week in a federal district court in Virginia with conspiracy to intentionally cause damage to

Tech Titans Poised for Showdown With Justice Department Over NSA (TIME) Since the initial revelations about the National Security Agency's (NSA) surveillance programs were published in June — thanks to documents leaked by former

Should a Computer Forensics Expert Get a Private Investigator License? (Cyber Subpoena Mobile Law) Across the US, a checkerboard of non-uniform state laws governs the licensing of private investigators and digital forensic experts

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

Forensics and Incident Response Summit EU (Prague, Czech Republic, October 6 - 13, 2013) The Summit will focus on high quality and extremely relevant content as well as panel discussions in Digital Forensics and Incident Response. In addition, we encourage you to take every opportunity to make the most of this event from attending the Summit to registering for one or more of the post-summit training classes taught by SANS' top-rated instructors and course authors. Additional events such as DFIR Netwars, evening talks and the SANS Community Night will be taking place during that week too. This event promises to bring together the leading minds in digital forensics and incident response in the EU, as well as many other practitioners from a wide cross section of industries and company sizes. You will be able to share with all of them your challenges and find out new solutions that work, techniques and approaches you didn't even know existed.

CyberMaryland 2013 (Baltimore, Maryland, USA, October 8 - 9, 2013) Join cybersecurity leaders, luminaries and rising stars at CyberMaryland 2013. This two-day event at the epicenter of the nation's cybersecurity innovation and education, will create opportunities for networking and idea sharing amongst the many cyber leaders and professionals across the country, including: federal, state and local government agencies, academic institutions, cybersecurity entrepreneurs, and industry leaders of research and development. CyberMaryland 2013 will address the biggest challenges facing America, including future innovation to meet the security challenges facing our country; collaboration across industry, government and educational institutions; and the development of a generation of cyber-warriors. Surrounding all of these issues is a constantly evolving business framework to provide efficient and effective solutions in a time frame that anticipates and mitigates current and future threats.

2013 Maryland Cyber Challenge (Baltimore, Maryland, USA, October 8 - 9, 2013) Held in conjunction with Cyber Maryland and intended to let students and young professionals showcase their cybersecurity skills, Maryland Cyber Challenge offers competition in three divisions: high school, college, and professional. Orientation sessions for teams in each of three divisions -- high school, collegiate and industry and government professionals -- will be held at UMBC in July and August. Two qualifying rounds will be conducted online using SAIC's Cyber Network Exercise System.

AFCEA Hill AFB Technology & Cyber Security Expo (Ogden, Utah, USA, October 9, 2013) The purpose of this first-time event is to allow base personnel the opportunity to learn about the latest computer security trends, network with peers, share remediation strategies and to view and demo some of the latest cyber security and information technology products/services available today..

NSU's Raising Savvy Cyber Kids with Ben Halpert (Fort Lauderdale, Florida, USA, October 10, 2013) Ben Halpert is an award-winning author of several books for diverse audiences. The Savvy Cyber Kids At Home: The Family Gets A Computer (October, 2010) is a picture book that teaches the concepts of online safety and privacy to preschool children. The Savvy Cyber Kids At Home: The Defeat of the Cyber Bully (October, 2011) teaches children how to appropriately respond to a cyber bully before playing in the virtual world. All Savvy Cyber Kids books are available in English, Spanish, German, and French. For those in the business field, Ben has published Auditing Cloud Computing: A Security and Privacy Guide (July 2011) through John Wiley & Sons. RSVP at the link.

International Conference on Cyber–Enabled Distributed Computing and Knowledge Discovery (Shanghai, China, October 10 - 12, 2013) International Conference on Cyber-enabled distributed computing and knowledge discovery -promotes research and development of the cyber-related technology. It is unique and significant that spans through cyber-enabled data mining and knowledge discovery, distributed and parallel computing, cyber security, cloud computing, pervasive computing, mobile computing, Internet, wireless networks, cognitive systems, cyber information process, information discovery, e-health via cyber network, e-science, web technology, and network performance and tools. The research and development in these areas have received extensive attention in both the academia and industry to provide ubiquitous services for users. Various hardware and software designs, algorithms, protocols, simulations, and test-bed, and implementations are developed for distributed computing in an interconnected and distributed network environment. The purpose of CyberC is to provide a forum for presentation and discussion of innovative ideas, research results, applications and experience from around the world as well as highlight activities in the related areas.

VizSec 2013 (Atlanta, Georgia, USA, October 14, 2013) VizSec brings together researchers and practitioners in information visualization and security to address the specific needs of the cyber security community through new and insightful visualization techniques.

Hack-in-the-Box Security Conference 2013 (Kuala Lumpur, Malaysia, October 14 - 17, 2013) The 11th annual HITB Security Conference (16th/17th October) will be a triple track offering featuring keynotes by Andy Ellis, Chief Security Officer at Akamai and Joe Sullivan, Chief Security Officer at Facebook. This year's event also features all new 2-day training courses (14th/15th October) on a wide variety of topics including Android exploitation, extreme web hacking, infrastructure security, exploiting injection flaws and a special iOS security course by the world famous Evad3rs team. The full speaker list and conference agenda will be released after the Call for Papers closes on the 25th of July.

USDA Cyber Security Symposium and Expo 2013 (Washington, DC, USA, October 15, 2013) The Cybersecurity Expo, running in conjunction with the Summit, will allow exhibitors the opportunity to provide live demos and share information with government personnel and industry partners. Summit topics will focus on today's vulnerabilities, incidents, security lifecycle, risks and mitigations; it will also identify ways to work together and build a solid security foundation program to meet future challenges and trends in cyber security..

SNW Fall 2013 (Long Beach, California, USA, October 15 - 17, 2013) SNW is the world's largest independently produced conference series focused on the evolution of architecture for a new world of mobility, Big Data and business agility. Produced by Computerworld -- and co-owned by Computerworld and the Storage Networking Industry Association (SNIA) -- SNW remains unbiased and vendor agnostic. Unlike events focused on a specific vendor agenda and product portfolio, SNW provides a forum of open thought leadership and practical education that defines the spectrum of storage, data and infrastructure solutions available to a highly qualified audience of enterprise technology decision-makers.

Hexis Exchange (Athens, Greece, October 16 - 17, 2013) Attendees will have the opportunity to participate in a knowledge exchange of the latest enterprise security topics through expert led business and technology forums, hands-on sessions, and training. Such topics will include: emerging cybersecurity threats, big data management, advanced analytics, government regulation & compliance, and data retention challenges & solutions.

Cybersecurity Symposium: "Protect. Defend. Educate." (Linthicum, Maryland, USA, October 16 - 17, 2013) The Cybersecurity Symposium being held October 16-17, 2013, will deliver first-class training for government and industry security professionals while simultaneously offering high-level keynote speakers, essential networking opportunities, and an informative technology exposition. The Symposium sessions will have a special emphasis on security challenges facing today's security professionals and cyber awareness training for security professionals responsible for protecting sensitive and classified information from the ever increasing threats of mobile devices, espionage, terrorism, and cyber-attacks to ensure our national security. Register by August 31 to ensure the reduced early bird registration fee. This event is free for government employees and active-duty military personnel. Exhibit space and sponsorship opportunities are also available.

NSU Healthcare Cyber Security Summit (Fort Lauderdale, Florida, USA, October 17, 2013) In today's modern healthcare systems, data is everywhere, including sensitive patient data that needs to be secured and monitored. Join top healthcare security professionals from Nova Southeastern University, AccessData, and RSA to hear about current regulations that affect healthcare companies of all sizes, ways to protect sensitive data, and learn techniques to monitor access for suspicious activity. If you are responsible for the privacy or security of your company's healthcare data, you will benefit from presentations from these leading experts in the field. NSU's Chief Information Security and HIPAA Security Officer, John Christly, will examine the threats to the privacy and security of todays' modern healthcare operations. You will also hear from experts from AccessData and RSA on how to detect and prevent data breaches. RSVP at the link.

Nuclear Regulatory Commission Cyber Security Conference & Expo (Rockville, Maryland, USA, October 17, 2013) This one-day conference will consist of cyber sessions in the NRC Auditorium given by government and industry speakers. Exhibit tables will be set-up just outside the Auditorium and companies will have the opportunity to demo their latest technologies to NRC's IT personnel.

Securing the Internet of Things Summit (San Francisco, California, USA, October 21, 2013) The Internet of Things is still in its infancy and the security community has a chance to build in new approaches to security if we get started now. More secure embedded operating systems and applications, more scalable approaches to continuous monitoring and threat mitigation and new ways of detecting and blocking active threats are evolving and can be tremendously effective. SANS is looking to bring together community talent and ideas to develop new solutions, demonstrate security technology that already works and to provide a force multiplier to making the Internet of Things be more secure than the first phases of Internet evolution.

13th Industrial Control Systems Cyber Security Conference (Atlanta, Georgia, USA, October 21 - 22, 2013) Industrial Control Systems (ICS) operate the infrastructures of electric power, water, chemicals, manufacturing, transportation, defense, etc. and link the digital and physical worlds. Their cyber security presents challenges that are distinct from securing traditional IT systems. The conference is attended by control & operations engineers and their IT counterparts from critical infrastructure industries, by ICS and security vendors, and by universities. Run under the Chatham House rules of confidentiality, the conference discusses ICS cyber incident case studies, provides regulatory updates, discusses solutions in the form of policies and procedures, presents demonstrations of hacking ICS and ICS protocols, and provides a status of ICS security solution field demonstrations.

Cloud Connect (Chicago, Illinois, USA, October 21 - 23, 2013) Cloud Connect returns to Chicago October 21-23, 2013 with an all new program built around the leading cloud platforms. Cloud Connect provides the independent guidance IT professionals need to successfully build, operate and manage the cloud, and the tools to measure application performance and business metrics.

cybergmut Technical Tuesday: Cyber Security Strategy — Why We're Losing and What's Needed to Win (Columbia, Maryland, USA, October 22, 2013) CrowdStrike's Steve Chabinsky of CrowdStrike explains the situation. Everybody seems to be spending more on cybersecurity, but with questionable return on investment. In fact, the problem clearly is getting worse, and current strategies show no indication of reversing that trend. This non-technical presentation explores the typical cyber risk environment, considers the proper balance and likely effectiveness of threat deterrence, vulnerability mitigation, and consequence management to reduce cyber risk, and examines the current and evolving roles of government agencies and the private sector in addressing the problem. Backed by powerful, real-world examples of threat actor tactics, this presentation will help managers develop a better understanding of how their current security approach is most likely to succeed or fail over time, and what strategies are the most likely to shift the advantage to the good guys. cybergamut is co-hosting this event with the Maryland Chapter of InfraGard.

Cyber Security Seminar and IT Expo at Peterson AFB (Colorado Springs, Colorado, USA, October 22, 2013) The Cyber Security Seminar and IT Expo is a one-day event held on-site where industry vendors will have the opportunity to display their products to personnel attending briefings concerning the latest updates in Cyber Security Awareness. This is an excellent and unique opportunity to meet IT personnel from USNORTHCOM, NORAD, Army Space Command, USSPACECOM, and the 21st Space Wing all in one day.

Hack.lu 2013 (Luxembourg, October 22 - 24, 2013) Hack.lu is an open convention/conference where people can discuss about computer security, privacy, information technology and its cultural/technical implication on society.

Joint Federal Cyber Summit 2013 (Washington, DC, USA, October 23 - 24, 2013) This collaborative government wide event is truly one of a kind, with speakers and attendees anticipated to represent more than 10 federal government agencies. Information sharing will be accomplished through keynote speakers on both days, along with numerous targeted breakout sessions (including a session with a federal CISSO panel), hands on live demonstrations, and industry exhibits.

NSU's 12 Simple Cybersecurity Rules For Your Small Business (Fort Lauderdale, Florida, USA, October 24, 2013) In this presentation twelve simple and inexpensive techniques for protecting small businesses from cyber threats will be discussed. While complex and expensive solutions exist to improve the security of information technology most of these products are not designed for the specific needs of small businesses. The techniques that will be discussed in the presentation are designed to address the most common threats encountered by small businesses without requiring significant expertise and expense. RSVP at the link.

BREAKPOINT 2013 (Melbourne, Australia, October 24 - 25, 2013) Over two days, 14 world-renowned speakers front Breakpoint to share their knowledge on a full range of security issues, from unpublished research to the latest trends in information security.

Ruxcon (Melbourne, Australia, October 26 - 27, 2013) Ruxcon is a computer security conference that aims to bring together the best and the brightest security talent within the Aus-Pacific region. The conference is a mixture of live presentations, activities and demonstrations presented by security experts from the Aus-Pacific region and invited guests from around the world. Ruxcon is widely regarded as a leading computer security conference within Australia attracting all facets of the security landscape from industry, academics, to enthusiasts.

2013 ACT–IAC Executive Leadership Conference (Williamsburg, Virginia, USA, October 27 - 29, 2013) Advances in technology and massive increases in data available can both challenge and transform Government mission performance. ELC-2013 focuses on how to make this transformation a reality, in and for agencies. We will hear from nationally prominent speakers and work across government and industry to learn new ideas and techniques. Four mission-oriented tracks will focus on initiatives for driving results using data and the "Innovate, Deliver, Protect and Analyze" paradigm that is at the heart of the Government's strategic vision.

FIRST Energy Symposium (Leesburg, Virginia, USA, October 28 - 29, 2013) Recent reports have shown that the Energy Sector has seen a large increase in the reported number of cyber attacks. The need to protect against threats and improve upon incident management has never been greater. Many control systems are already networked and are target of sophisticated attacks. Organizations will benefit from having a specialized team to work on detection and handling of cyber attacks, analyzing incidents and sharing information with other security organizations. The FIRST Symposium will focus on lessons learned from attacks and technology and sector specific security aspects. Strong emphasis will be given to organizational issues like creation and operation of incident response teams.

SAP NS2: National Security Solutions Summit (Falls Church, Virginia, USA, October 29, 2013) Join us for a day of learning and networking focused on how to advance U.S. national security and homeland security through I.T. innovation. Top-notch speakers will address the new challenges facing U.S. national security and critical infrastructure -- as well as powerful, affordable technologies that are available today to tackle those challenges while saving money and simplifying operations. Learn how your organization can run faster, smarter, leaner in the most secure environments -- with world-class, breakthrough solutions that are bold alternatives to business as usual.

RSA Conference Europe (Amsterdam, the Netherlands, October 29 - 31, 2013) Information security today isn't optional. It's business-critical. Over three days, RSA® Conference Europe 2013 imparts the must-know actions to manage growing cyber threats. With over 60 sessions spanning 10 hours, attend the educational and networking event that builds your knowledge and furthers your career.

Regional Cyber Security Forum & IT Day (CSFI) — Hawaii (Honolulu, Hawai'i, USA, October 30, 2013) 2013 marks the 10th anniversary of National Cyber Security Awareness Month and FBC will host the 1st Annual Cyber Security Forum & IT Day (CSFI) at Fort Shafter - Club Hale Ikena to coinside with the anniversary, and activities surrounding this month. The goal of CSFI is to raise cyber security awareness, and to promote best practices in cyber while allowing DoD personnel and industry partners the opportunity to share the most up to date remediation strategies. The event will feature four educational cyber sessions to go along with an exhibit hall..

NSA Hawaii — Cyber Security, Intelligence & IT Day (Honolulu, Hawai'i, USA, October 30, 2013) Be a part of the 1st Annual Cyber Security, Intelligence and IT Day set to take place at the new National Security Agency (NSA) Hawaii Rochefort facility. The event will be hosted by NS/CCS Hawaii Technology Directorate and will focus on Cyber Security, Big Data and Cloud Computing. There are other areas of interest listed below as well. This is an extremely unique opportunity to network with NSA personnel in Hawaii at their location. Educational sessions will be provided to attendees to coincide with government and industry exhibits.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.