The CyberWire Daily Briefing 02.07.13

Summary

By The CyberWire Staff

Microsoft and Symantec have taken down the Bamital botnet. Bamital had been a notorious enabler of click-fraud and identity-theft. More good news may be seen in the indictment of the Gozi Trojan's creators, which seems likely to put paid to Gozi. (Other botnets and Trojans will rise to take Bamital's and Gozi's place.)

The cyber attack on the US grocery chain Basha's, reported earlier this week, appears to have been an unusually capable assault on internal payment systems. It's prompted an international criminal investigation extending not only to Mexico and Canada, but to Europe as well.

The Nap Trojan's "sleep" calls are nothing new, but they help malware evade automated analysis.

A banking Trojan pretending to be Avast anti-virus software has appeared in Brazil. Social media are increasingly used by Jihadists (and so will attract increasing attention from intelligence services concerned about Jihad).

Anonymous claims both the "Wall Street data dump" and intrusion into the Federal Reserve. The latter points up problems with patching: updating software can become overwhelming, and patches are inevitably prioritized. At the Fed a lower-priority vulnerability was attacked.

The US administration's assertion of a right to preemptive cyber attack is seen as a shot across China's bow. The Chinese government is widely suspected in attacks on media organizations and drone technology manufacturers.

Barring Congressional action, US budget sequestration will arrive in little more than two weeks.

Valentine's Day approaches, and security specialists—hostile as always to trust—urge you to regard your significant other as...a threat.

Notes.

Today's issue includes events affecting Bulgaria, Brazil, Canada, China, Czech Republic, European Union, France, Italy, Japan, Mexico, United Kingdom, United States.

Selected Reading

Cyber Trends

Cyberwar Name Game a Dangerous Play (Threatpost) The term "cyberwar" is the "zero day" of security jargon; it's getting so that every bug is a zero day and every attack is hash-tagged cyberwar

Business Partners Give Hackers Easy Access to Secure Firms (Threatpost) As frequently targeted, high-value companies continue fortifying their defenses, FireEye researchers claim that attackers are increasingly setting their sights on the affiliated but not-as-well-protected third-party organizations that do business with them

Resistance to digital tracking will cause problems for internet economy (CSO) Consumers are seeking out new tools that allow them to remain "invisible." The internet economy could face turbulence in the future, according to analysts Ovum, due to digital consumers' reluctance to be tracked online. Ovum's Consumer Insights Survey reveals that 68 percent of the internet population across 11 countries would select a "do-not-track" (DNT) feature if it was easily available, suggesting a "data black hole" could soon open up under the Internet economy

Fear of government snooping hinders cloud adoption (Help Net Security) Almost half of IT experts are deterred from keeping sensitive data in the cloud because of fear of government intervention and possible legal action, according to Lieberman Software

Nearly a third of all computers are infected with malware (Help Net Security) PandaLabs released its annual security report which details an extremely interesting year of data theft, social networking attacks and cyber-warfare. The most devastating news? 31.98 percent of all

Cyber risk perceptions revealed (Help Net Security) A survey of perceptions about cyber risk found that among corporate executives, more are concerned about cyber threats than about other major business risks. More than 85% of the 258 decision-makers

Correlation between less malware and Convention on Cybercrime adherence, finds Microsoft research (FierceGovernmentIT) The rate of malware infections in signatory countries of the Council of Europe Convention on Cybercrime tends to be lower than otherwise expected, finds newly released research from Microsoft that examines links between policy and computer infections

Legislation, Policy and Regulation

EU's New Cybersecurity Directive Orders States To Set Up Emergency Response Teams, Better Risk Mgmt For Verticals (TechCrunch) With hacking and malware on the rise, Europe is cracking down on cybersecurity: today the European Commission, working with the High Representative of the Union for Foreign Affairs and Security Policy, is launching a new cybersecurity strategy along with a proposed directive on how to implement it (both embedded below). Among other things, the directive calls for each member state of the EU to set

Hacking, Privacy Laws: Time To Reboot (InformationWeek) Recent cases highlight serious flaws in current privacy and cyber abuse legislation, allowing prosecutors to wield a hammer when a stick will do.

Products, Services, and Solutions

First Ubuntu smartphones coming in October, Shuttleworth promises (Ars Technica) Timeline seems ambitious compared to Canonical's earlier statements. The first Ubuntu phones will be sold to customers in October of this year, Canonical founder Mark Shuttleworth reportedly told the Wall Street Journal. This timeline would be slightly ambitious compared to Canonical's previous statements. When unveiling Ubuntu for phones last month, Shuttleworth said he was aiming to get a phone out in the last quarter of 2013 or first quarter of 2014

Review: BlackBerry 10 is better, much better, late than never (Ars Technica) From Gestures to the Hub, BlackBerry 10 has won us over. But is it too late? Late last year, Samsung was the number one handset manufacturer on the Android side. Samsung and Apple accounted for 50 percent of the world's handset market share. BlackBerry, once the go-to business phone for just about every major company in the world, seemed to be tottering around on its last leg. As the company lost most of the world's smartphone market share, many looked BlackBerry's way and wondered what the Canada-based corporation was going to do to save itself

Encryption and key management at RSA 2013 demystified by Thales (Security Park) Thales, pioneer in information systems and communications security, will be showcasing its line of high assurance solutions for data protection and cyber

Cryptography super-group creates unbreakable encryption designed for mass market (Extreme Tech) Silent Circle is the closest thing to a super-group in the cryptography universe, and for months it has just been sitting. The public wondered what monster figures like Phil Zimmerman, creator of PGP and the modern cryptographic world, or John Callas, inventor of Apple's Whole Disk Encryption, could have up their sleeves. Teaming up with a number of Navy SEALs and other military professionals certainly added an element of intrigue, and an early call-encryption app was dismissed with little comment -- they must have something juicier in the pipe. Now, it turns out that the juice was actually quite simple: Silent Circle will offer a previously military-grade encryption service to the average smartphone user -- and to the military itself, of course

RedSeal 6.5 supports BYOD, SIEM and risk metrics (Help Net Security) RedSeal Networks released the latest version of the RedSeal Platform to protect companies and government agencies from attacks across the network. "In an ideal world, CISOs, CIOs, IT security directores

Aegis Bio: Encrypted USB 3.0 drive with biometric fingerprint access (Help Net Security) Apricorn announced the Aegis Bio 3.0, a software-free biometric USB 3.0 drive that safeguards data with secure fingerprint access and military grade 265-bit AES-XTS hardware encryption

Windows Phone Tops BlackBerry In U.S. (InformationWeek) Windows Phone sales exceeded BlackBerry sales in the U.S. during the fourth quarter of 2012, says Strategy Analytics

Kaspersky launches all-in-one security tool for SMBs (CSO) Kaspersky aims for its new product to consolidate and simplify computer security for small businesses. Companies have to manage security across a wide range of issues and threats. Operating systems and applications have to be patched and updated. Active monitoring needs to be in place to identify and block malware threats. Data needs to be protected to prevent exposure or compromise. Mobile devices and the A BYOD (bring your own device)A trend represent a new frontier of concerns

Technologies, Techniques, and Standards

Threat Intelligence Brings Dynamic Decisions To Risk Management (Dark Reading) As enterprises bring threat intelligence feeds into risk management equations, they could gain a greater fluidity in risk-based decision-making. If risk management is governed by the age-old risk equation--Risk= Threat x Vulnerability x Value Of An Asset--then it would follow that the accuracy of each of those attendant variables can make or break an enterprise's IT risk management practice. The security industry has done a lot to hone in on metrics that delineate the latter two--CVSS scoring and countless studies measuring the cost of breaches around specific IT assets have helped risk managers better get their arms around that particular part of the equation. The real sticking point has always been the problem of measuring and tracking the threats

Restarting Database Security (Dark Reading) Why companies ask for a database security program. "How do we put together a database security program?" That has been the most common database security question I've received in the past nine months. I've been surprised by the number of firms that have asked for my assistance with setting up a database security program -- mostly because large firms are the ones that already have parts of a program in place. More to the point, both large and midsize firms, which have at one time bought database security products and have some database security processes, see they have a problem. The motivation for today's post is not just to relay the trend, but why companies are asking the question

Are you losing system logging information (and don't know it)? (Internet Storm Center) How many administrators review log files in /var/log/*, but don't realize they may be losing possibly important (or even critical) information? In working with a commonly used IDS (Snort 2.9.x) on one of my test platforms (CentOS 6.3 64-bit inside of VirtualBox 4.2.6), I happened to notice a unusual line in /var/log/messages when snort initialized via startup script in /etc/init.d

Intel Network Card (82574L) Packet of Death (Internet Storm Center) An interesting blog post by Kristian Kielhofer describes how a specific SPI packet can "kill" an Intel Gigabit ethernet card. If a card is exposed to this traffic, the system has to be physically power cycled. A reboot will not recover the system

HTTP Range Header and Partial Downloads (Internet Storm Center) Last week, I was debugging the podcast access script, I came across some interesting behaviour regarding the "Range" header in HTTP requests. The purpose of the "Range" header is to allow for resumable downloads via HTTP. The client may ask the server to only sent a certain part of the page, instead of the entire response. Not all servers (or browsers) necessarily support this feature. The feature is very different from "Chunked encoding", another feature that can be used to break up a page, but not to break it up as demanded by the client

DMARC anti-phishing technology gains acceptance (CSO) The security framework for email has something to celebrate on its one-year anniversary. A technology aimed at blunting phishing attacks on organizations appears to be finally gaining steam a year after its introduction. Domain-based Message Authentication, Reporting and Conformance (DMARC) is a security framework that offers a way to identify phishing messages by standardizing how email receivers perform email authentication

How ADP and Facebook battle bad e-mail (CSO) Each day cyber-criminals around the world manage to unleash untold millions of spoofed e-mails that fake well-known brand names to try and fool victims that receive this fraudulent e-mail into opening malware attachments or visiting malware-laden websites. To fight this scourge, security managers at companies like Automatic Data Processing (ADP), and Facebook that want to protect e-mail users and their brand name ramp up defenses against phishing

Get Proactive About Protecting Your Computer (CSO) Unpatched software is an invitation for malware infection. Here's how to protect yourself. Malware is a widespread concern that costs consumers more than $2 billion and compromises millions of personal computers annually. It's a threat that evolves as quickly as our measures to remedy it

Security rules for social networks won't resolve breaches (ZDNet) Panda Security's Corrons added that increased regulation does not automatically lead to greater safety or guarantees that attacks will not happen

Marketplace

DoD Official: Odds Of Sequestration Happening 'Much Higher' Than Previously Thought (Defense News) After avoiding planning for automatic defense budget cuts throughout the fall, the Department of Defense (DoD) now sees the cuts as probable, and is rapidly preparing, a senior pentagon official said Feb. 6

The Latest On Effects Of Sequestration (Washington Post) Federal employees and agencies - as well as federal contractors and their employees - are in hurry-up-and-wait mode on sequestration, the threat of automatic cuts in many federal programs

Panetta Warns Of Dire Consequences To Military From Budget Cuts (New York Times) In the wake of President Obama's appeal to Congress to stave off across-the-board military and domestic spending cuts, Defense Secretary Leon E. Panetta warned Wednesday that reductions from the automatic cuts would curtail American naval operations in the western Pacific by as much as a third and force one-month furloughs for as many as 800,000 Defense Department civilian employees starting this spring

The Now and Next of NIE (SIGNAL Magazine) The U.S. Army is finalizing its official report on the Network Integration Evaluation 13.1 even as it prepares for the next iteration of the event and Capability Set 14. Soldiers are tweaking processes to make the exercises more valuable while working closer with industry to speed fielding as much as possible under tight acquisition regulations

White House Seeks Tech Innovation Fellows (InformationWeek) Program recruits innovators and entrepreneurs to work on "high impact" federal IT projects during six- to 12-month tours of duty

iGov Wins $500M For Special Operations IT Net (Govconwire) Department of Veterans Affairs.-based systems integrator iGov Technologies has won a $500 million contract to provide a tactical information technology network to U.S. Special Operations Command. The company will acquire, produce, design, integrate and deliver the Tactical Local Area Network Family of Systems, the Defense Department said Monday. iGov says TACLAN is built for

Twitter looking to hire two-factor authentication brains (Naked Security) Just a few days after Twitter reset passwords and revoked session tokens for 250,000 possibly hacked user accounts, the king of social media succinctness has apparently taken its first step toward two-factor authentication

Microsoft's $2B loan to Dell sign of turbulent times in PC biz (IT World) Unprecedented deal meets unprecedented flux in the personal computer industry, say analysts

The Existential Threat to Dell: Chromebooks (IEEE Spectrum) Go to your local Best Buy store and look at the computers. What's the most attractive offering? Surely it's the Chromebooks, at $249 for Samsung's and $199 for Acer's. And that--more than razor-thin margins due to no-name competitors; more than a PC market share that has slipped by a third in the past six years; more than the uncertain success of Windows 8; more than carrying $15 billion in debt--is the challenge faced by Dell Computer, the one-time leader in PCs, now a distant third, as it leaves NASDAQ for the comfy confines of private equity

Research and Development

Python gets a big data boost from DARPA (IT World) DARPA (the U.S. Defense Advanced Research Projects Agency) has awarded $3 million to software provider Continuum Analytics to help fund the development of Python's data processing and visualization capabilities for big data jobs

The flexible future of mobile devices (FierceMobileIT) A number of electronics firms are working on technology that would enable mobile device displays to bend, providing a more flexible experience for the mobile device user, whether at home or in the workplace

Security Patches, Mitigations, and Software Updates

When security tools fail (CSO) A bad update from Kaspersky drives home the point that security vendors are far from bullet proof. Beating Kaspersky over the head with my keyboard for making its customers' lives difficult with a bad update would probably get this blog a lot of traffic today. But then I'd be overlooking an important fact: Botched software updates are common in the IT vendor world, and security companies are just as vulnerable as everyone else

Barracuda Networks takes further steps to close backdoor access to its network gear (CSO) The company apologizes to customers for design decisions regarding remote support feature and investigates new ways to strengthen it. Barracuda Networks released a new update on Monday to further mitigate a security issue that could have allowed attackers to gain unauthorized access to some of its network security appliances through backdoor accounts originally intended for remote support. The company apologized to customers for its design decisions that led to this situation and promised to look into additional ways to strengthen the remote support functionality

Cyber Attacks, Threats, and Vulnerabilities

Microsoft, Symantec take down Bamital click-fraud botnet (CSO) The botnet infected as many as 8 million computers over the past two years, the companies said. Microsoft and Symantec have dismantled a botnet that took over millions of computers for criminal activities such as identity theft and click fraud. The Bamital botnet threatened the US$12.7 billion online advertising industry by generating fraudulent clicks on Internet ads, which fund many of the free online services available to consumers, the companies said

Gozi takedown big, but not likely to change threat landscape (CSO) With Gozi's masterminds indicted, the Trojan has probably run its course. But like with drug cartels, when one falls another rises up

Cyber Attack Floods Bulgarian Whistleblowing Site (Novinite.com) Cyber Attack Floods Bulgarian Whistleblowing Site: The site for investigative journalism

Bashas' still assessing scope of cyber attack (Mohave Valley News) The chain is a victim of a cyber attack by highly sophisticated criminals who gained access to parts of Bashas' systems to capture payment information, she said. The company managed to locate and remove the piece of malware that's never been seen

List of products affected by the vulnerable Broadcom UPnP stack (Help Net Security) Recently, DefenseCode researchers have uncovered a high-risk Broadcom UPnP stack remote root vulnerability. The vulnerability is located within the wanipc and wanppp modules of the Broadcom UPnP stack

'Sleeper' malware like Nap Trojan nothing new (CSO) New malware uses common technique to avoid automated analysis, security experts say. Some malware designers hope to catch their victims unaware, or "sleeping." The makers of the Trojan Nap hope to snare them by having their creation go to sleep itself. But several security experts say that is nothing new. They criticized a blog post earlier this week by FireEye security researchers Abhishek Singh and Ali Islam, who said they had discovered "a stealthy malware that employs extended sleep calls to evade automated analysis systems (AAS) capturing its behavior"

Examining the Nap malicious downloader (Help Net Security) We recently encountered a stealthy malware that employs extended sleep calls to evade automated analysis systems capturing its behavior. It further makes use of the fast flux technique in order to

Banking Trojan posing as Avast AV (Help Net Security) A banking Trojan masquerading as the popular free AV solution from Avast has been spotted on computers of Brazilian users, reports Kaspersky Lab Expert Dmitry Bestuzhev. The malware is delivered

Report: Social media a growing means of communication for jihadists (FierceGovernmentIT) Jihadists are increasingly turning to social media sites to exchange ideas and publicize their beliefs, according to a new report from the New America Foundation. "It is only a matter of time before terrorists begin routinely using Twitter, Instagram, and other services in ongoing operations," says the report. "We have already seen this in a limited manner from al-Shabaab, which tweets its #JihadDispatches on recent battles"

Anonymous Claims Wall Street Data Dump (InformationWeek) Hacktivist group publishes 4,000 passwords as part of Operation Last Resort campaign seeking revenge for the treatment of Internet activist Aaron Swartz

Fed hack highlights software patching problem (CSO) With more updates than many can get to in a timely manner, organizations prioritize fixes based on a software's importance. The recent hack of a Federal Reserve's website highlights an ongoing problem many organizations face in trying to keep software up to date with security patches, experts says. The Fed acknowledged on Tuesday that hackers stole non-critical information. The Anonymous group OpLastResort claimed responsibility for the break-in, which occurred on Sunday night. The group claimed the personal data of 4,000 bank executives was taken

Boffins 'crack' HTTPS encryption in Lucky Thirteen attack (Naked Security) The security of web transactions is again in the spotlight as a pair of UK cryptographers take aim at TLS. Like 2011's much-talked-about BEAST attack, it has a groovy name: Lucky Thirteen

Researchers devise new attack techniques against SSL (CSO) The new 'Lucky Thirteen' attacks can be used to decrypt SSL/TLS and DTLS data if certain conditions are met. The developers of many SSL libraries are releasing patches for a vulnerability that could potentially be exploited to recover plaintext information, such as browser authentication cookies, from encrypted communications. The patching effort follows the discovery of new ways to attack SSL, TLS and DTLS implementations that use cipher-block-chaining (CBC) mode encryption. The new attack methods were developed by researchers Nadhem J. AlFardan and Kenneth G. Paterson at the University of London's Royal Holloway College

Vulnerability Lets Hackers Control Building Locks, Electricity, Elevators and More (Wired Threat Level) A critical vulnerability discovered in an industrial control system used widely by the military, hospitals and others would allow attackers to remotely control access systems, elevators, electricity and boiler systems, video surveillance cameras,

Japan foreign ministry says PC leaked docs to external server (CSO) The ministry said that it is investigating, but none of the leaked documents contained classified information

Popular Site Speedtest.net Compromised by Exploit…Drive-By STOPPED by Invincea (Invincea) Cisco recently reported that the highest concentration of online security threats are in fact legitimate destinations visited by mass audiences. As if to underscore that point, we accidentally discovered an exploit on Speedtest.net, a site used by mass audiences to test their connection speed to the Internet. Now to be clear, Speedtest.net did not put this exploit up. Rather, speedtest.net is a victim of being exploited; but in turn their website was used to exploit countless others. As of this writing, Speedtest.net has rectified the issue, so they are safe to visit

Preemptive cyberattack disclosure a warning to China (CSO) Diplomatic efforts have failed to sway China to agree to curtail attacks before they escalate into a cyberwar

Chinese malware targeted US drone secrets, security firm alleges (CSO) 'Beebus' campaign took big interest in small UAV companies. A series of highly-targeted malware attacks detected a year ago are almost certainly part of a longstanding and determined Chinese campaign to steal industrial secrets from US companies working in the field of UAVs (Unmanned Aerial Vehicles), security firm FireEye has claimed

More Data On Attackers, But Attribution Still Dodgy (Dark Reading) Identifying the groups behind attacks is still a dicey proposition, but security firms are collecting more information on attackers' techniques and their infrastructure. Following the compromise of The New York Times' network, Mandiant--the company that responded to the incident and conducted the forensics analysis--collected enough evidence to identify the attacker. Yet, "identify" is a loaded word in the field of digital forensics and the name that the company had for the perpetrators came down to an internal designation: APT group 12

China is still hacking the Wall Street Journal, claims Rupert Murdoch (Naked Security) Rupert Murdoch claims that the Wall Street Journal is still being troubled by hackers, after a week of Chinese hacking revelations

Shame on Symantec for throwing NYT under the bus (CSO Salted Hash) In this guest post, Nick Selby, partner, Enterprise Security, at N4Struct, Inc., takes Symantec to task for it's "shameful" response to the NYT attacks…Last week, the New York Times courageously reported details [1] of how it had been the victims of a Chinese nation-state sponsored industrial espionage campaign. We should applaud The Times for being so forthright about its experience. All too often, victims are hesitant to discuss such matters for fear that they will lose customers or incur liability, but the Times seems to have done pretty much everything right in terms of disclosure. It listened to its partners, and escalated its counter-hacker game appropriately. It sought help from federal law enforcement

Everyone's afraid of Chinese hackers, when they should really be afraid of their significant others (Quartz) It's not just disgraced politicians and careless celebrities any more: Real people are having naked photos of themselves pop up online. Some 13% of American adults have had personal data posted online without their permission, and around half of those were smutty photos. That's according to an unnerving study on relationships and online privacy done by cyber-security company McAfee. One reason that should give everyone pause is the approach of Valentine's Day on Feb. 14. Apparently, the way to say "I love you" is increasingly with a racy selfie--just over one-third of the study's respondents are planning on showing skin and hitting send. (And that's just the people who plan these things enough in advance to tell McAfee about it--and presumably line up some ambient lighting.) Even when not feeling festive, half of respondents said they send risque photos or videos of themselves to their partners and friends

Academia

U.K. Students Not Lining Up To Study IT (InformationWeek) New figures show sharp decline in the number of British teenagers taking up IT as a subject. The government says it has a solution, but will it come too late

Litigation, Investigation, and Enforcement

Is IP Theft Ever OK? (eSecurity Planet) New Symantec-sponsored study finds that a surprising number of employees steal confidential information with little remorse. Employees enjoy access to a whole lot of confidential information as part of their day-to-day jobs. What happens to that information when an employee leaves a company? According to a new global survey

Cyber attack on Ariz. stores leads to international investigation (Arizona Daily Star) Pinal County sheriff's detectives are working with state law enforcement officials and the FBI on an investigation into a cyber attack on security systems in chain stores, including some in Arizona, has led to an international fraud investigation

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

North American ICS & SCADA Summit (Lake Buena Vista, Florida, USA, February 6 - 15, 2013) The Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset owning and operating organizations along with control systems and security vendors who have innovative solutions for improving security. Along with government and research leaders, they are coming together to learn and discuss the newest and most challenging cyber security risks to control systems and the most effective defenses.

ATMiA US Conference 2013 (Scottsdale, Arizona, US, February 19 - 21, 2013) A conference devoted to the design of ATMs, and the future of the ATM industry.

Cybergamut Technical Tuesday: Cloud Security (, January 1, 1970) Dr. Susie Cole of Exceptional Software Strategies will discuss cloud security..

#BSidesBOS (Cambridge, Massachusetts, USA, February 23, 2013) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening..

RSA USA 2013 (San Francisco, California, USA, February 25 - March 1, 2013) RSA Conference continually evolves program offerings to meet the ever-changing needs of our delegates in the dynamic infosec industry.

Nullcon Goa 2013 (Bogmallo Beach Resort, Goa, India, February 26 - March 2, 2013) An international information security conference that will feature speakers and training. Topics include security and politics, vulnerability elimination, Android hacking, SCADA and smart grid penetration testing, and more.

NRO Winter Way Forward Conference (Chantilly, Virginia, USA, February 28, 2013) This annual event will provide an increased awareness, understanding and support among the IT workforce by focusing on the NRO IT Way-Forward in terms of the NRO IT Sub-Portfolio Roadmaps. Exhibitors will gain valuable networking time with conference attendees and all NRO personnel.

TechMentor Orlando 2013 (Orland, Florida, USA, March 4 - 8, 2013) Celebrating 15 years of educational events for the IT community, TechMentor is returning to Orlando, Florida, March 4-8, for 5 days of information-packed sessions and workshops. Surrounded by your fellow IT professionals, you will receive immediately usable education that will keep you relevant in the workforce. TechMentor track topics include:Windows PowerShell and AutomationCisco and Networking Infrastructure Windows Server Management Windows Client Management Cloud and Virtualization Identity, Access Management and Security Performance Tuning and Troubleshooting Mobility and BYOD Messaging and Collaboration.

Business Insurance Risk Management Summit (New York City, New York, USA, March 5 - 6, 2013) The annual Risk Management Summit, now in it its fourth year, provides attendees with focused insight via specific, timely general sessions and strategic, thought-provoking discussions with peers and industry leaders.

CanSecWest 2013 (Vancouver, British Columbia, Canada, March 6 - 8, 2013) CanSecWest, the world's most advanced conference focusing on applied digital security, is about bringing the industry luminaries together in a relaxed environment which promotes collaboration and social networking. The conference lasts for three days and features a single track of thought provoking presentations, each prepared by an experienced professional and talented educator who is at the cutting edge of his or her field. We give preference to new and innovative material, highlighting important, emergent technologies, techniques, or best industry practices. It will feature a bigger, enhanced Pwn2own.

e-Crime Congress 2013 (London, England, March 12 - 13, 2013) The e-Crime Congress is designed to meet the needs of key stakeholders and decision makers who are responsible for designing and coordinating information security and risk management strategy, safeguarding digital assets and sensitive information, protecting customers, defending against internal or external threats and responding to incidents.

CTIN Digital Forensics Conference (Seattle, Washington, USA, March 13 - 15, 2013) Speakers include experts and published authors in the field of digital forensics and cybersecurity. Topics include; Mobile Device Forensics, Internet Forensics, Physical Memory Analysis, Open Source Tools, Data Carving, Registry Forensics, Placing the Suspect Behind the Keyboard, Triage and Live Forensics CDs, and more.

IT Security Entrepreneurs' Forum (ITSEF 2013) (Palo Alto, California, USA, March 19 - 20, 2013) Supported by the U.S. Department of Homeland Security, Office of Science and Technology, ITSEF 2013 aims to connect the ecosystem of the entrepreneur: industry, government, and academia. The conference will advance innovation, lead change and build trusted global collaboration models between the public and private sectors to defeat Cybersecurity threats.

The Future of Cyber Security 2013 (London, England, UK, March 21, 2013) Cyber Security and the Citizen 2013 is a one-day conference and exhibition for senior decision-makers of central and local government organisations, NGOs and major private sector enterprises.

AFCEA Belvoir Industry Days 2013 (National Harbor, Maryland, USA, April 2 - 3, 2013) The purpose of this event is to inform the IT community about the recent successes and the forward-thinking opportunities that the Department of Defense and the Department of the Army have developed.

CSO40 (Braselton, Georgia, USA, April 2 - 3, 2013) The CSO40 Security Confab + Awards will honor and share the critical viewpoints of today's leading CSOs, CISOs and security executives at the nation's leading CSO thought leadership conference.

Cloud Connect Silicon Valley (Santa Clara, California, USA, April 2 - 5, 2013) Cloud Connect returns to Silicon Valley, April 2-5, 2013, for four days of lectures, panels, tutorials and roundtable discussions on a comprehensive selection of cloud topics taught by leading industry experts.

An Evening in Cyberspace: Supporting Tomorrow's Cybersecurity Leaders (National Harbor, Maryland, USA, April 6, 2013) UMUC is pleased to present An Evening in Cyberspace: Supporting Tomorrow's Cybersecurity Leaders. Join us for this special black-tie event to support the next generation of cybersecurity students. The evening will feature a reception, dinner, keynote and entertainment.

Cyber 1.3 (, January 1, 1970) Maj. Gen. Suzanne Vautrinot, USAF, commander, 24th Air Force, and commander, Air Force Network Operations, will discuss the global strategic implications that relate to the cyber domain at the Space Foundation national conference Cyber 1.3, to be held Monday, April 8th, at The Broadmoor Hotel in Colorado Springs, Colorado. Cyber 1.3 is a full-day conference that takes place immediately before the official opening of the 29th National Space Symposium. The conference includes a networking breakfast, a luncheon and concludes with a networking reception, co-sponsored by General Dynamics Advanced Information Systems. Government Executive Media Group is a Cyber 1.3 media co-sponsor.

INFILTRATE 2013 (Miami, Florida, USA, April 11 - 12, 2013) INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Researchers focused on the latest technical issues will demonstrate techniques that you cannot find elsewhere.

Information Tech Expo Series - Hawaii (Oahu, Hawaii, USA, April 12 - 19, 2013) This 6-series showcase will feature stops at 5 DoD locations and 1 Intel Center on the island of Oahu. Celebrating 20 years of these expos is a true testament to the government and military's readiness to learn from and work with industry partners. .

InfoSec World Conference & Expo 2013 (Orlando, Florida, USA, April 15 - 17, 2013) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen your security without restricting your business.

Infosec Southwest 2013 (Austin, Texas, USA, April 19 - 21, 2013) InfoSec Southwest is intended to be a general security and hacking conference with no specific industry or topical focus. As such, nearly all topics (other than vendor pitches) are fair game and the attending audience is expected to span all demographics.

23rd Annual Government Procurement Conference (Washington, DC, USA, April 25, 2013) This unique one-day event attracts more than 3,000 participants representing government agencies, prime contractors and small businesses from around the country. Participating companies are able to network with procurement officials from federal, state and local government agencies under one roof.

Consumerization of IT in the Enterprise Conference and Expo (San Francisco, California, USA, June 2 - 4, 2013) From smartphones to mobile apps, social software and 4G networks, the wave of innovation in the consumer space is transforming the way companies do business, both inside and outside of the enterprise. Over two and a half action packed days, CITE 2013 will bring together IT and business executives, venture capitalists and other practitioners to showcase leading efforts and teach others how to make the most of this transformation.

25th Annual FIRST Conference (Bangkok, Thailand, June 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.

SECRYPT 2013 (Reykjavik, Iceland, July 29 - 31, 2013) The 10th International Conference on Security and Cryptography (SECRYPT 2013) will take place from 29 to 31 July 2013 in Reykjavik, Iceland…The conference will focus on information systems and network security, including applications within the scope of knowledge society in general and information systems development in particular, especially in the context of e-business, internet and global enterprises. It will bring together researchers, mathematicians, engineers and practitioners interested in security aspects related to information and communication.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.