The CyberWire Daily Briefing for 10.29.2013
Israeli officials tentatively attribute recent attacks on industry and government sites to the Chinese "defense industry." Elsewhere in Israel Carmel Tunnel problems remain controversial, with skeptics questioning hacking reports.
November 5, Guy Fawkes Day, beloved by Anonymous, approaches. Observers believe they discern chatter indicating an #OpNSA denial-of-service campaign in the works. The nominally independent but clearly state-supported Syrian Electronic Army assumes an implausible (nonetheless embarrassing) rhetorical high ground, claiming ethical motives for recent exploits.
The Internet Storm Center warns of an "exploit cocktail" targeting three-month old (yet unpatched) vulnerabilities. Attack Secure describes vulnerabilities in Facebook apps for Android exposing user access tokens. The fuss over LinkedIn's new "Intro" feature continues: LinkedIn defends it; researchers call it a man-in-the-middle attack waiting to happen.
Security agencies in the UK and Netherlands warn their business communities against rising cyber crime levels. (The approaching holidays also should prompt businesses everywhere to be on their guard.) Law firms recently worried about becoming the hacker's "soft underbelly" of commerce, but NGOs and not-for-profits shouldn't be overlooked: they offer similarly attractive attack surfaces.
Surveillance allegations give Google a stiff headwind in Brazilian markets. Australia's new government will not relax security strictures against Huawei's participation in national broadband initiatives.
Industry reviews NIST's draft cyber guidelines. Battelle sets a 2015 goal for practical quantum cryptography.
US surveillance travails continue, as the President considers "constraints" and IC staffers feel (off-the-record) hung out to dry. On the record, DNI Clapper releases more FISA documents. Former NSA-defender Senator Feinstein executes a volte-face.
Notes.
Today's issue includes events affecting Australia, Brazil, China, Colombia, France, Germany, India, Israel, Italy, Mexico, Netherlands, Spain, Syria, Sweden, United Kingdom, and United States..
Cyber Attacks, Threats, and Vulnerabilities
Israel Suspects China in Failed Cyberattack Vs. Defense Industry (Defense One) Israeli authorities suspect Chinese involvement in a failed cyberattack targeting 140 top defense industry executives and program officials, according to Israel's Channel 2 News
Cyberattack Against Israeli Highway System? Maybe Not (Tom's Guide) Did a cyberattack shut down a major road system in Israel last month? The Associated Press says it did, but security experts who spoke to Tom's Guide weren't so sure
The reality of cyber–war hits home: Israeli road system taken down by Trojan (ITProPortal) One of Israel's major infrastructure hubs was shut down by a cyber-attack in September, according to inside sources. The disclosure comes after the Israel Defence Forces (IDF) Chief of General Staff, Lieutenant General Binyamin Gantz named computer sabotage as one of the primary concerns facing Israel's defence forces in the future
Syrian Hackers Target Obama's Twitter, Facebook Posts (USA Today) The pro-Assad group Syrian Electronic Army claims it hacked the Twitter and Facebook accounts of U.S. President Barack Obama
Web Intelligence Shows Early Signs of OpNSA Cyber Campaign, DDoS Attacks Planned for November 5 (Analysis Intelligence) The U.S. National Security Agency's website was down for roughly 11 hours on Friday. The agency says the downtime was caused by an error during a routine website update; others believe the NSA was hacked ahead of anti-government surveillance protests in Washington, D.C. on Saturday. Web intelligence shows members of Anonymous clearly promoting the physical protests prior to Saturday (the Recorded Future alert shown below was delivered on October 11), and we know that efforts by hacktivists are closely tied to campaigns by activists on the ground. The dates of October 26 and November 5 have been visible in Anonymous circles for weeks
Exploit cocktail (Struts, Java, Windows) going after 3–month old vulnerabilities (Internet Storm Center) When ISC reader Yin reported earlier today that one of their servers had been hacked via the Apache Struts remote command execution vulnerability (CVE-2013-2251), at first this was flagged as "business as usual". Said vulnerability, after all, is known since July, and we've been seeing exploit attempts since early August (diary here). So it wasn't quite a surprise to see an unpatched internet-exposed server subverted. Given the rampant scanning, it was more a surprise that it had survived unscathed until now
Facebook Android Flaws Enable Any App to Get User's Access Tokens (Threatpost) A researcher has discovered serious vulnerabilities in the main Facebook and Facebook Messenger apps for Android that enable any other app on a device to access the user's Facebook access token and take over her account. The same researcher also discovered a separate, similar flaw in the Facebook Pages Manager for Android, an app that
LinkedIn Defends 'Intro' Email Security (Dark Reading) LinkedIn's newest feature, called Intro, stirred up controversy last week when the professional social network introduced it -- and a few other features -- at an event about its mobile offerings. LinkedIn Intro is an opt-in service that lets you connect on a professional level with people you email every day
Security researchers slam LinkedIn's Intro messaging app (FierceMobileIT) LinkedIn defends new email plug-in after experts compare it to man-in-the-middle attacks
Researchers sinkhole several Cryptolocker C&Cs (Help Net Security) The cyber crooks behind Cryptolocker, one of the latest ransomware threats, are having much success in infecting PC users with the deadly malware, but whether the victims fork over the money or not is still unknown
Social Engineers demonstrate the damage that could be caused by information (CSO) Final report from DEF CON 21's SECTF contest reveals how leaving information exposed can empower attackers around the world
Security Patches, Mitigations, and Software Updates
Microsoft SIR Report Highlights Risks of Unsupported Software Ahead of XP Withdrawal (InfoSecurity Magzazine) On April 8 2014, Microsoft will withdraw all support from the XP operating system, despite 21% of the worldwide OS marketplace still using it, and 13% of the UK. The results of the latest Microsoft SIR report prove just how vulnerable this will leave users, according to Microsoft director of Trustworthy Computing, Tim Rains
Cyber Trends
The future? Big data and intelligence driven security (Help Net Security) As we produce and consume an increasing amount of digital data, even the casual user is becoming aware that the way we store and access this data will continue to shift and expand in the near future. The implications of this are even more profound for the IT security industry
Final Summary—13th ICS Cyber Security Conference (Control) More than 180 attendees from electric, water, oil/gas, chemicals, transportation, food, manufacturing, governments, and academia attended the 13th ICS Cyber Security Conference. Attendees were from North America, Europe, Asia, and the Middle East. This is the first year we had to close registration because of seating limitations. We hope to be able to address the seating limitations next year to accommodate more people. As we do not allow taping and I am totally occupied moderating the Conference, the details are skimpy. All of the speakers were very good. I am including what I feel to be the highlites
Cyber–attacks are the greatest threats UK businesses face (Telegraph) Only four per cent uf UK businesses have adequate security measures in place to battle cyber-attacks
Cyber Security Assesment Netherlands (National Cyber Security Center, Ministry of Security and Justice) Cybercrime and digital espionage remain the biggest threats to both governments and the business community. The threat of disruption of online services has increased. Clearly visible in the past year has been the rise of the criminal cyber services sector. Cyber-attack tools are made commercially available through 'cybercrime as a service'
Cheap and ubiquitous biometrics coming, says panel (FierceHomelandSecurity) Biometric identifiers will become more ubiquitous for commercial and government purposes in the coming years, federal officials told a government technology conference Oct. 28
Cyber Monday Attacks Cost Organizations up to $3.4 Million per Hour in Losses, RSA Finds (Wall Street Journal) New Study Shows That While a Majority of Merchants Experience a Spike in Holiday-Timed Attacks; Most Admit to Not Being Able to Detect Them
GCHQ talks to fund groups over cyber attack risk (FundWeb) GCHQ has conducted a number of meetings with some of the UK's largest fund groups in order to try and counter an increasing threat from corporate cyber attacks, says the FT
The Cyber Threat to Non–Governmental Organizations (Sys-Con Media) Over the past year, cyber threats have emerged as a primary concern, particularly with regard to homeland security. Governments, corporations, houses of worship, and non-profit organizations large and small have been the target of cyber-attacks aimed at defacing websites, disrupting networks, stealing information and damaging systems and infrastructure. In outgoing remarks Homeland Security Secretary Napolitano has a warning for her successor: A massive and "serious" cyber-attack on the U.S. homeland is coming, — the likes of which the nation has never seen
Marketplace
NSA Spying Allegations Put Google on Hot Seat in Brazil (Bloomberg) The U.S. National Security Agency's eavesdropping on foreign heads of state from Angela Merkel to Dilma Rousseff is poised to produce its first high-profile corporate casualty: Google Inc.'s operations in Brazil
Enjoy the Cylance (CSO) Cylance has a unique approach to security, designed to identify and block threats before they're really threats
Australia Says Broadband Ban on Huawei Stays (SecurityWeek) Australia's new government on Tuesday said Chinese telecoms giant Huawei will remain shut out of bidding to build Australia's national broadband network on advice from security agencies
Start–up Raises More Cash to Rethink Cyber Security (Inc.) Bromium has big backers and big ambitions. And now flush with another $40 million in VC funding, it's out to rethink how you keep your networks safe
Integralis Completes Name Change To NTT Com Security (Dark Reading) NTT Com Security AG, a provider of global information security and risk management solutions, today announced that Integralis has formally changed its name to NTT Com Security
The seven deadly sins of HealthCare.gov (Ars Technica) A data center failure is the latest in Obamacare site's trail of tears
Contractors point fingers at each other and CMS during healthcare.gov hearing (FierceGovIT) Problems plaguing healthcare.gov should be fixed for most users by the end of next month, former White House official Jeffrey Zients told reporters days into his role as head of the "tech surge" the Obama administration says will resolve the system's technical issues
Products, Services, and Solutions
NetCitadel And Webroot Partner To Bring Security Intelligence To The Enterprise (Dark Reading) NetCitadel, Inc., the pioneer in innovative threat management solutions, and Webroot, a leader in cloud-based security intelligence solutions, today announced their partnership to deliver enhanced security intelligence and threat context to enterprises facing sophisticated security attacks and Advanced Persistent Threats (APTs)
Slide Show: 10 Free Network Defense Tools (Dark Reading) Affordably protect the perimeter and beyond with these handy network security utilities and toolkits
New 'Whistleblower' Portal Lets User Report Incidents Anonymously (Dark Reading) GRC Vendor LockPath offers whistleblower portal to let users anonymously report complaints, security violations. A new Web-based portal could offer employees and other users an anonymous method of reporting complaints or security violations in their enterprises without fear of reprisal
A DIY Tor Wi–Fi Access Point (IEEE Spectrum) Recent revelations about the scope of electronic surveillance performed by the U.S. National Security Agency have provoked considerable debate both inside and outside the United States. Ironically, however, over the past few years, departments within the U.S. federal government have been helping to support a project designed to combat Internet monitoring. The Tor Project permits anonymous Web browsing and publishing, and it has received funding from the U.S. National Science Foundation, the Defense Department, and the State Department. They've backed the project either for research purposes or, in the State Department's case, to assist democratic movements in countries with repressive regimes
Jeremiah Grossman on the Aviator Browser (Threatpost) Dennis Fisher talks with Jeremiah Grossman of WhiteHat Security about the company's new Aviator browser, which employees have used for years, but the company just released as a public project
Apple introduces "cloudless dictation", no longer demands your contact list to understand you (Naked Security) Not everyone was happy about Apple's terms and conditions when it introduced dictation to OS X: speech-to-text was done in the cloud, so Apple got to listen to what you were saying. OS X Mavericks changes that - though apparently more for performance than privacy
5 Ways Google Could Improve Security In Android 4.4 KitKat (ReadWrite) Android security has come a long way since the days when malware filled the Google Play app store. But as Google preps the latest version of Android—version 4.4 KitKat—it still has gaps to fill. In the recent past, many of the security questions that have plagued Android were solved by third-party security vendors. The likes of Lookout, Kaspersky, McAfee and others have patrolled Android, plugging the holes that Google was too busy to see
Trend Micro partners with VMware for secure SDDCs (CIOL) Trend Micro will be discussing the latest advances in virtualized server and VDI security, along with sophisticated capabilities
Google updates reCAPTCHA, makes things easier for users (Help Net Security) Google aims to make life easier for its users and more difficult for botmasters with the introduction of the updated reCAPTCHA tool
Cloud–based service provides anonymous reporting (Help Net Security) LockPath released the Anonymous Incident Portal (AIP), a cloud-based service that lets users securely and anonymously report incidents, complaints, violations and more. The offering lets users submit information to their company first before reporting it to the Security and Exchange Commission (SEC), allowing the company to manage incidents internally before they become public
Technologies, Techniques, and Standards
Antivirus Signature Detection Is Not Effective, Why Would You Still Use It? (Bitdefender Blog) With 2.3 unique malware variations created every second, I will explain to you why it is impossible for signature detection to keep up with the onslaught of new malware and why there is still and need to use signatures to protect your devices
Cybersecurity Framework Offers New Ways for Firms to Look at Security (SIGNAL) Information technology and communications companies doing business with the federal government may want to look at the Preliminary Cybersecurity Framework being released for public comment on October 29
Malware: Identifying the Code is Only Half the Battle (SecurityWeek) The U.S. Department of Commerce's National Institute of Standards and Technology (NIST) has become the go-to source for enterprises looking for sage advice on the intricacies of network security. In August, NIST added a new document to its library of expert advice focused on how to deal with malware: NIST Special Publication 800-83 Revision 1
Social media and digital identity. Prevention and incident response (Security Affairs) The hack of a social media account is a common incident that could have a serious impact of our digital identity. How to prevent it? What to do in case of hack
Visual investigations of botnet command and control behavior (Help Net Security) One of the classic debates in computer science concerns whether artificial intelligence or virtual reality is the more worthwhile pursuit. The advocates of artificial intelligence argue that computers can replace the need for human cognition, and will eventually be able to out-think us. The advocates of virtual reality argue that computer systems augment human intuition more effectively than they replace it, and that a human/machine symbiosis will always be more powerful than machines alone
California Attorney General Issues Guidelines on Medical Identity Theft (eSecurity Planet) Kamala Harris published best practice guidelines for the health care industry, along with tips for consumers
Research and Development
How your compiler may be compromising application security (ITWorld) Researchers at MIT develop a tool to identify code that your compiler may inadvertently remove, creating vulnerabilities
Oracle eyes optical links as final frontier of data–center scaling (IT World) Oracle is exploring silicon photonics, an optical technology drawing widespread interest, as a potential weapon in the battle against data-center power consumption
ACS Picked for DOE Cyber Grant Program (ExecutiveBiz) Applied Communication Sciences has secured funding from the Energy Department to research, build and demonstrate technology intended to help prevent cyber attacks on the nation's smart metering infrastructure
Can quantum cryptography work in the real world? (GCN) Battelle Memorial Institute has built what it claims is the nation's first production system for quantum distribution of cryptographic keys and announced plans to create a 400-mile link enabling quantum-key distribution (QKD) between Columbus, Ohio, and Washington, D.C., by 2015
Legislation, Policy, and Regulation
The New York Times Shreds The Obama Administration As 'Pathetic' On NSA Spying (Business Insider) The New York Times editorial board ripped the Obama administration as "pathetic" in its defenses and assurances on revelations about National Security Agency spying on foreign leaders and citizens of close world allies
India to prepare army of reverse engineers to counter cyber attacks (Times of India) National Security Database, an initiative of Information Sharing and Analysis Center ( ISAC) in association with Ground Zero Summit 2013 on Monday organized a seminar on Reverse Engineering in New Delhi. The seminar was organized to identify and create the need for the most credible and valuable information security professionals in India, especially in reverse engineering, to protect the National Critical Infrastructure and economy of the country
NSA spying will not change Internet governance (ZDNet) The NSA's surveillance of civilians and leaders abroad, now known to include Spain, is guaranteed to generate outrage in those countries. But it won't make any meaningful changes in Internet governance
White House sees need for 'constraints' on NSA spying (Reuters) The White House moved on Monday to reassure U.S. allies and Americans concerned about the sweeping nature of the National Security Agency's surveillance practices by acknowledging that more constraints are needed to ensure that privacy rights are protected
U.S. reviewing spy policies toward allies (USA Today) The Obama administration says that treatment of allies is part of its review of surveillance policies, amid a report that President Obama put a stop to a program that spied on up to 35 foreign leaders
DNI Clapper Declassifies Additional Intelligence Community Documents Regarding Collection Under Section 501 of the Foreign Intelligence Surveillance Act (IC on the record) In June of this year, President Obama directed me to declassify and make public as much information as possible about certain sensitive intelligence collection programs undertaken under the authority of the Foreign Intelligence Surveillance Act (FISA) while being mindful of the need to protect national security. Consistent with this directive, in September 2013, I authorized the declassification and public release of a number of documents pertaining to the Government's collection of bulk telephony metadata under Section 501 of the FISA, as amended by Section 215 of the USA PATRIOT Act (Section 215). Today I am authorizing the declassification and public release of a number of additional documents relating to collection under Section 215. These documents were properly classified, and their declassification is not done lightly. I have determined, however, that the harm to national security from the release of these documents is outweighed by the public interest
White House OKd spying on allies, U.S. intelligence officials say (Los Angeles Times) NSA and other U.S. intelligence agency staff members are said to be angry at President Obama for denying knowledge of the spying
Senator changes tune, now is "totally opposed" to foreign leader surveillance (Ars Technica) "Our oversight needs to be strengthened and increased," says Sen. Dianne Feinstein
Barack Obama surveillance message lost in translation (Politico) From the days of Edward Snowden's first leaks about National Security Agency surveillance, President Barack Obama has tried to calm public fears by stressing that ordinary Americans have nothing to fear
5 Questions to Ask Yourself to Determine if NSA Surveillance Has Made You Safer (LinkedIn) Angela Merkel is irate and Obama red-faced. The US's hypocrisy has been unveiled and damages our ability to influence and work with both enemies and closest allies alike. While the diplomatic soap opera plays out in the major media, I'm focused on the basics: what does the NSA surveillance mean for me personally
Human rights commission questions NSA surveillance (PCWorld) The U.S. government needs to answer for human rights abuses related to the National Security Agency's massive worldwide surveillance of Internet communications and telephone records, privacy advocates told an international human rights board Monday. The NSA is conducting surveillance on "hundreds of millions" of people worldwide, said Steven Watt, a senior staff attorney with the American Civil Liberties Union's Human Rights Program, speaking to the Inter-American Commission on Human Rights (IACHR), part of the Organization of American States (OAS
Righteous indignation over US spying seen as naive in Israel (Fox news) With every passing day bringing new allegations of the U.S. spying on its allies, many Israelis figure they would be naive to believe America wasn't snooping on its closest ally in the Middle East
Is one terrorism death a year really too high a price to pay for freedom from intrusive surveillance? (Graham Cluley) One of the more interesting facets of the case of NSA whistleblower Edward Snowden is the way it has polarised opinion. Normally, that would mean two opposing views, but in this case there seem to be three
How electronic espionage was exposed four decades ago (Sydney Morning Herald) Edward Snowden's exposés of the United States' mass surveillance and electronic espionage programs have made headlines around the world for the past four months
Litigation, Investigation, and Law Enforcement
Alleged Hacker Indicted In New Jersey For Data Breach (Dark Reading) Investigation led by the U.S. Army Criminal Investigation Command-Computer Crime Investigative Unit and the FBI in Newark revealed that Lauri Love allegedly illegally infiltrated U.S. government computer systems
Former FAMU Student Gets Two Years in Prison for Identity Theft (eSecurity Planet) Christopher Wright and two co-conspirators redirected financial aid refunds to prepaid credit cards in their possession
FBI hunt for seven fugitives involved in multimillion–dollar eBay car scam (Naked Security) The FBI has put out a wanted poster and Interpol has issued red notices looking for help in tracking down a gang of seven swindlers who allegedly ran a $3 million (£1.8m) scam, selling cars that were just figments of their very active imaginations
British man charged with hacking NASA and US military computers (ComputerWorld) A British man has been charged with hacking into U.S. government computers and stealing personal data about thousands of employees, then bragging about it on Twitter
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
2013 ACT–IAC Executive Leadership Conference (Williamsburg, Virginia, USA, Oct 27 - 29, 2013) Advances in technology and massive increases in data available can both challenge and transform Government mission performance. ELC-2013 focuses on how to make this transformation a reality, in and for agencies. We will hear from nationally prominent speakers and work across government and industry to learn new ideas and techniques. Four mission-oriented tracks will focus on initiatives for driving results using data and the "Innovate, Deliver, Protect and Analyze" paradigm that is at the heart of the Government's strategic vision.
FIRST Energy Symposium (Leesburg, Virginia, USA, Oct 28 - 29, 2013) Recent reports have shown that the Energy Sector has seen a large increase in the reported number of cyber attacks. The need to protect against threats and improve upon incident management has never been greater. Many control systems are already networked and are target of sophisticated attacks. Organizations will benefit from having a specialized team to work on detection and handling of cyber attacks, analyzing incidents and sharing information with other security organizations. The FIRST Symposium will focus on lessons learned from attacks and technology and sector specific security aspects. Strong emphasis will be given to organizational issues like creation and operation of incident response teams.
SAP NS2: National Security Solutions Summit (Falls Church, Virginia, USA, Oct 29, 2013) Join us for a day of learning and networking focused on how to advance U.S. national security and homeland security through I.T. innovation. Top-notch speakers will address the new challenges facing U.S. national security and critical infrastructure -- as well as powerful, affordable technologies that are available today to tackle those challenges while saving money and simplifying operations. Learn how your organization can run faster, smarter, leaner in the most secure environments -- with world-class, breakthrough solutions that are bold alternatives to business as usual.
RSA Conference Europe (Amsterdam, the Netherlands, Oct 29 - 31, 2013) Information security today isn't optional. It's business-critical. Over three days, RSA® Conference Europe 2013 imparts the must-know actions to manage growing cyber threats. With over 60 sessions spanning 10 hours, attend the educational and networking event that builds your knowledge and furthers your career.
Regional Cyber Security Forum & IT Day (CSFI) — Hawaii (Honolulu, Hawai'i, USA, Oct 30, 2013) 2013 marks the 10th anniversary of National Cyber Security Awareness Month and FBC will host the 1st Annual Cyber Security Forum & IT Day (CSFI) at Fort Shafter - Club Hale Ikena to coinside with the anniversary, and activities surrounding this month. The goal of CSFI is to raise cyber security awareness, and to promote best practices in cyber while allowing DoD personnel and industry partners the opportunity to share the most up to date remediation strategies. The event will feature four educational cyber sessions to go along with an exhibit hall.
NSA Hawaii — Cyber Security, Intelligence & IT Day (Honolulu, Hawai'i, USA, Oct 30, 2013) Be a part of the 1st Annual Cyber Security, Intelligence and IT Day set to take place at the new National Security Agency (NSA) Hawaii Rochefort facility. The event will be hosted by NS/CCS Hawaii Technology Directorate and will focus on Cyber Security, Big Data and Cloud Computing. There are other areas of interest listed below as well. This is an extremely unique opportunity to network with NSA personnel in Hawaii at their location. Educational sessions will be provided to attendees to coincide with government and industry exhibits.
Ahead of the Threat: Driving Innovation for Cyber Security (Bethesda, Maryland, USA, Oct 30, 2013) Sponsored by the Tech Council of Maryland, this conference will feature a presentation by Sondra L. Barbour, Lockheed Martin Information Systems & Global Solutions (IS&GS) Executive Vice President, will discuss the importance of understanding the adversary and staying ahead of the threat. Moving beyond the government, the need for intelligence-driven defense is becoming more critical across commercial industries such as oil and gas, finance and healthcare. The escalating landscape of cyber-attacks is forcing companies to take a closer look at their security posture to protect their assets, intellectual property and their customers' personal information.
TrustED 2013 (Berlin, Germany, Nov 4, 2013) In this workshop we consider selected aspects of cyber physical systems and their environments. We aim at bringing together experts from academia, research institutes, industry and government for discussing and investigating problems, challenges and some recent scientific and technological developments in this field. In this context we particularly are interested in the participation of industry representatives.
OKTANE 1 (San Francisco, California, USA, Nov 3 - 5, 2013) OKTANE13 is an identity, security and mobility event. Whether you're just getting started with cloud applications, evaluating a mobile strategy, building a hybrid enterprise IT, or looking to make your employees more productive and secure, OKTANE13 will keep you up to date with the latest enterprise technology.
MIRcon 2013 (Washington, DC, USA, Nov 5 - 6, 2013) With targeted attacks becoming more prevalent, today's incident responders are faced with the tremendous challenge of accelerating their response times while capturing relevant data from attacks in progress. From analysts and innovators to managers and executives the Mandiant Incident Response Annual Conference® (MIRcon®) is an excellent investment in your business and your professional development where you will learn about new technologies, incident response best practices, and key strategies for managing network security.
KMWorld 2013 (, Jan 1, 1970) KMWorld 2013 is a must-attend event for those concerned with improving their organizations' bottom line, business processes, and productivity, as well as streamlining operations, and accelerating development and innovation in their evolving enterprises. It offers a wideranging program especially focused to meet the needs of executives, and strategic business and technology decision-makers. Attendees learn how to maximize their technology investments through practical information and case studies; build relationships with speakers and thought leaders from around the world; and create flexible, competitive enterprises.
Maryland Art Place Annual Fall Benefit (Baltimore, Maryland, USA, Nov 9, 2013) Maryland Art Place (MAP) is pleased to announce the participating artists of its 2013 Annual Fall Benefit, the Starlight Dinner - highlighting technology and innovation in contemporary art. The dinner will be held on Saturday, November 9, 2013 at 6 o'clock in the evening at the beautiful Thames Street Wharf building, located at Harbor Point courtesy of Beatty Development. A great deal of technology of interest to the cyber community will be on display.
cybergamut Technical Tuesday: Location Based, Context Aware Services for Mobile — Today and Tomorrow by Guy Levy-Yurista, Ph.D. (available at various nodes, Nov 12, 2013) As we continue to grow our dependence on mobile devices in our daily routine from taking pictures to delivering corporate documents, the contexts in which these devices are acting becomes increasingly important. Mobility today does not only take into account who the user is but where they are, when they are there, why they go there, what they're interested in, and what they're going to do. As our smart phones evolve, they are growing into a contextual engine that will not be just our personal assistant, but also our best friend providing us with all our information needs at the right time and in the right place.
Cyber Education Symposium (Arlington, Virginia, USA, Nov 19 - 20, 2013) Both the public and the private sectors suffer from a lack of highly trained and effective cyber security leaders. In response, the government, businesses, and academic institutions are all exploring ways to retrain the existing workforce and develop a new pool of cybersecurity professionals capable of meeting the needs of tomorrow. The Cyber Education Symposium offers a rare opportunity for the brightest minds in government (.gov), the private sector (.com), and the educational community (.edu) to convene and discuss trends and challenges in cybersecurity education. The Symposium will provide a forum to identify new ways of thinking about the problem, exchange best practices, and forge a pathway forward that leverages the full resources of our nation's leadership.
APPSEC USA (New York, New York, USA, Nov 18 - 21, 2013) Welcome to Appsec USA 2013, New York - a world class software security conference for developers, auditors, risk managers, and entrepreneurs, bringing you the world's top speakers, the most relevant security topics and an unbeatable atmosphere. Hosted by OWASP.
IT Forum Expo/Black Hat Regional Summit (, Jan 1, 1970) Black Hat Regional Summit will introduce a mix of local in-region experts and researchers from around the globe, discussing the latest trends in information security with an audience of peers. The sessions will provide candid insight and education for IT security professionals.
2nd Annual East Africa IT and Cyber Security Convention 2013 (Nairobi, Kenya, Nov 28 - 29, 2013) The 2nd Annual East Africa IT and Cyber Security Convention 2013 will bring together leading Cyber and IT Security experts who will provide key insights into critical cybersecurity issues surrounding cyber networks, mobile, and IT infrastructures. Enhancing the security, resiliency, and reliability of the nation's cyber and communications infrastructure is a challenge that must be met, attend the East Africa Cyber Security and IT Security Convention 2013 that will equip you with a comprehensive range of clarifications and solutions.