The CyberWire Daily Briefing 04.24.13

Summary

By The CyberWire Staff

The to-and-fro between Twitter's security team and the Syrian Electronic Army had a brief but significant effect on the stock market yesterday afternoon. The hacktivists briefly gained control of an Associated Press Twitter account and falsely tweeted that an explosion at the White House had injured US President Obama. Stock markets plunged briefly before the account was suspended and the report debunked, but the episode holds at least three lessons: securities markets are vulnerable to social media fraud, social media need better authentication and encryption, and hacktivist propaganda (in this case pro-Assad) can take surprising form with surprising effect.

Charles Schwab was also affected yesterday in an unrelated denial-of-service attack. Reddit discloses details of the DDoS attack it suffered earlier this month.

Another unpatched zero-day vulnerability appears in Java. Other known vulnerabilities turn up in exploit kits like CrimeBoss—users are again advised to patch Java. (Oracle is methodically working on a Java update it hopes will constitute a security renaissance for the product.)

The US Navy has discovered cyber vulnerabilities in the recently deployed Freedom-class Littoral Combat Ships.

Chinese cyber operations appear to be stirring again. FireEye discovers that Operation Beebus is still active and stealing drone technology, and that Gh0stRAT also remains in circulation. BAE reports that People's Liberation Army Unit 61398 has resumed cyber attacks. Whatever may be the case, Huawei has had enough of American official suspicion, and decides to exit the US market.

Microsoft reissues a fixed version of its flawed kernel-mode driver vulnerability patch.

Notes.

Today's issue includes events affecting Australia, Canada, China, European Union, Romania, Spain, Syria, United Kingdom, United States.

Selected Reading

Cyber Trends

Should Insiders Really Be Your Biggest Concern? (Dark Reading) Verizon's Data Breach Investigations Report shows that by volume of breach occurrences, external attackers cause problems the majority of the time

15.3 Percent of US PCs Have Unpatched Operating Systems (eSecurity Planet) The information comes from a series of Secunia Country Reports based on data from the company's Personal Software Inspector

Spy chiefs warn of increased cyber risks (Financial Times) Online security has moved to the top of both the political and corporate boardroom agendas in the past year, and there are dire warnings about the consequences of ignoring the threats posed by financially motivated criminals, state-sponsored industrial spies and politically motivated "hacktivists"

Global Cyber Tensions On The Rise (Security Debrief) Senior US intelligence officials, including Director of National Intelligence James Clapper and National Security Agency (NSA) Director, Army Gen. Keith Alexander, last month continued the cyberwar drumbeat with warnings to Congress that the US is

After China, Romania is Biggest Source of Data Theft Says Report (Wall Street Journal) Some 621 breaches were analyzed in more detail. The report also draws in data from Verizon's 19 partners on the report including the Danish Intelligence Service, Carnegie Mellon University, Deloitte and the U.S. Department of Homeland Security

90% of UK firms hit by cyber-attack last year (PC Pro) Nine in ten UK businesses suffered an online attack of some sort in the past year, government research has revealed. The Department for Business, Innovation and Skills (BIS) said 93% of large organisations and 87% of small businesses were targeted in

55% of net users use the same password for most, if not all, websites. When will they learn? (Naked Security) A study by Ofcom, the UK communications watchdog, has unearthed some appalling statistics which reveal just how badly the general public treat password security

Dangerous CSRF attacks up 132% (Help Net Security) FireHost has announced today its Q1 2013 web application attack statistics, detailing the type and number of the most dangerous cyberattacks blocked by the firewalls that protect its servers in the U.S. and Europe between January and March 2013. Compared with Q1 2012, the volume of Cross-Site Request Forgery (CSRF) attacks is up 132 percent at the end of Q1 2013. The CSRF attack measurement is part of FireHost's quarterly 'Superfecta' report

The importance of crowd-sourced threat intelligence (Help Net Security) Imperva analyzed real-world attack traffic against 60 web applications between January and March 2013 to identify common attack patterns. Businesses can reduce the risk of successful attacks against their organizations by identifying and blocking attack sources, payloads and tools that are found to target multiple websites or organizations. These attack sources made up a disproportionate amount of the overall traffic against enterprise organizations in the report, and can be identified only by analyzing crowd-sourced attack data from a broader community

CISPA row: Slurped citizen data is ENORMO HACK TARGET - infosec boss (The Register) The ability to identify common patterns in real-world attacks makes crowd-sourcing threat intelligence extremely useful, according to a study from security tools firm Imperva. The report arrives just as a privacy row rages over the new Cyber Intelligence Sharing and Protection Act (CISPA) law in the US. But the head of the security firm said the legislation could create several problems, not least of which was the equivalent of sticking a giant 'Hack Me' sign on the government's info stores

Remote users expose companies to cybercrime (Help Net Security) Results of new remote access security research show half of companies with a remote workforce had their websites compromised in 2012, over a third had passwords hacked, and twice as many companies with remote users were victims of SQL injection attacks

Trend Micro Q1 2013 Security Roundup Report Highlights Concerns over Zero-Day Vulnerabilities and Increasingly Destructive Attacks (Wall Street Journal) According to Trend Micro's (TYO: 4704; TSE: 4704) Q1 2013 Security Roundup Report, the company's researchers raised the alarm about zero-day vulnerabilities in addition to concerns about the recent concentrated attack in South Korea. Collectively, these events demonstrate that zero-day vulnerabilities remain a threat while attack innovations are growing in sophistication, intensity and severity

Experian Data Breach Resolution and the Ponemon Institute release new study on corporate data breach preparedness (IT News Online) Experian Data Breach Resolution and the Ponemon Institute today released a new study that finds that, despite the majority of companies experiencing or anticipating significant cost and business disruption due to a material data breach, they still struggle to take the proper measures to mitigate damage in the wake of an incident. The report, Is Your Company Ready for a Big Data Breach?, examines the consequences of data breach incidents and the steps taken to lessen future damage. Respondents include senior privacy and compliance professionals of organizations that experienced at least one data breach. The top three industries represented are retail, health and pharmaceuticals, and financial services

New Research From Qualys Underscores the Importance of Regular Scanning to Expedite Compliance (SYS-CON) Data Collected From More Than 5 Million Scans on Over 53 Million Hosts Across 12,000 Checks Over a Period of 12 Months

What are the top 5 trends in BYOD and mobile security? (AppsTech) Earlier this year the Cloud Security Alliance (CSA) cited data breaches and data loss as the most worrying aspects of cloud security for 2013

Global Vormetric Study Finds Adoption of New Technologies Surpasses Compliance as Driver for Organisations to Secure Data (MarketWatch) IT budgets increase amid growing concern about impact of data breaches on brand reputation. Vormetric, the leading data-centric security solution provider for physical, virtual and cloud environments, today announced the preliminary* findings of its "Protect What Matters - Data Security" research. The results, compiled from a global online survey of more than 450 respondents, details newer IT trends and data breaches as primary security drivers. The research also highlights that protecting brand reputation and observing security best practices should be organisation's primary motivators for data protection, while meeting compliance requirements also remains a major driver facing IT today

Legislation, Policy and Regulation

BYOD Lawsuits Loom as Work Gets Personal (CSO) Will BYOD lead to a rash of lawsuits from employees who feel violated? Or maybe a headline-grabbing, class-action lawsuit? Your company better make sure it has an explicit terms-of-use BYOD agreement. Here are ways companies can protect themselves

Wall Street pushes for exemptions in state social-media monitoring laws (CSO) Brokers and traders need to be able to keep tabs on non-personal social media chatter by their employees, FINRA says

Little Chance of CISPA Becoming Law (Decoded Science) The U.S. House of Representatives passed the latest version of the Cyber Intelligence Sharing and Protection Act (CISPA) on April 18, 2013. Introduced on February 3, 2013 as H.R. 624 by Rep. Mike Rogers (R-MI), the bill passed by a vote of 228-127

Products, Services, and Solutions

Twitter Is Testing Two-Factor Authentication Internally, And It Can't Come Soon Enough (TechCrunch) In what was a mind-boggling series of events in real time, one Associated Press hack and a false tweet about the White House sent the stock market into a momentary free fall. Twitter hopes to stop intrusions like that in the future by introducing a two-factor authentication process, Wired has learned. When this offering will be available to users is unknown. The company has been working on this at

The CAPER project unveils the first version of its platform for the prevention of organised crime (s21Sec) The European project CAPER (Collaborative information, Acquisition, Processing, Exploitation and Reporting for the prevention of organised crime), led by S21sec and which aims to build a common platform for the prevention of organised crime, has now reached its midpoint, having started in July 2011. In this fight against organised crime, software is being developed that enables the exchange and analysis of information sources among Law Enforcement Agencies

Websense fights cyber crime post Boston Marathon blasts (CSO) The Websense ThreatSeeker Network is blocking email-borne campaigns to avoid unsuspecting recipients going to malicious websites post events at Boston Marathon

'Obamaberry' Maker Extends Secure Mobile (Defense News) In secure mode, the phones will encrypt calls and data exchanges to the National Security Agency's Suite B standards, GD says. Of course, the fellow at the other end of the call also needs a secure phone. "This secure voice app is a new government

Tilera's TILE-Gx72 Processor Enables 100Gbps Cyber Security Performance (Wall Street Journal) Suricata was developed by the Open Information Security Foundation (OISF) which is funded and part of the Department of Homeland Security's Directorate for Science and Technology Homeland Open Security Technology (HOST) program, and by the

ForeScout and FireEye team for APT mitigation (Help Net Security) ForeScout and FireEye announced an integrated approach to dynamically mitigate APTs and zero-day attacks. According to FireEye's 2H2012 Advanced Threat Report, on average, a malware event occurs at

SafeNet releases first crypto hypervisor (Help Net Security) At a time when confidence in perimeter security is waning, and organizations are increasingly facing business pressure to adopt cloud strategies and consolidate their data center resources

Free Android mobile security app (Help Net Security) Android is an increasingly popular target for malware and SMiShing (SMS phishing). To help combat this growing threat, Sophos has introduced the latest version of its free Android security app, Sophos Mobile Security

HitmanPro 3.7.3 (PC Advisor) HitmanPro is a commercial antivirus tool with some handy free features, which could make a useful addition to your existing antivirus package.There's no need to install anything; just launch the program, click Next > Next and it will begin to scan your PC. This process only takes a few minutes, after which any suspicious files are uploaded to the HitmanPro servers, and analysed by multiple antivirus tools (Bitdefender, Emsisoft, G Data, IKARUS), before a final report is produced

OISG Group and Qualys Partner to Deliver Cloud IT Security and Compliance Solutions (Wall Street Journal) OISG Group, the UK's foremost technology solutions partner, and Qualys Inc., a pioneer and leading provider of cloud security and compliance solutions, today announced that OISG Group has become an authorised partner in Qualys' channel programme

13 WordPress Add-Ons That Mean Business (InformationWeek) Want to get more out of the WordPress Web publishing platform in areas like analytics, SEO and security

Apple's iCloud services again hit by global outage - AppleInsider (Apple Insider) The iCloud suite of services experienced an outage Tuesday morning, marking yet another period of downtime for Apple's cloud-based operations

Technologies, Techniques, and Standards

Here's a Good Reason to Encrypt Your Data (Wired Threat Level) There's many reasons to password-protect — or encrypt — one's digital data. Foremost among them is to protect it during a security breach. Another top reason to encrypt is to keep the government out of your hard drive

Agile Development isn't undisciplined, says panel of federal CIOs (FierceGovernmentIT) Some of the common criticisms against Agile Development--that it produces sloppy code, that documentation gets overlooked, that user development stories are cumbersome--are unfounded or the result of bad Agile implementations, a group of federal chief information officers said April 23. "It's perfectly acceptable that you went down one path and now you need to change and refactor," said Mark Schwartz, CIO of USCIS

Assess risk before you ascend to the cloud (CSO) Report cautions companies to weigh dangers and scrutinize safeguards before choosing cloud provider

10 Questions to Ask When Creating a Cybersecurity Plan for Your Business (Entrepreneur) Cybercriminals are increasingly preying on small businesses, which often lack the expertise and resources to adequately protect themselves. Last year, companies with one to 250 employees were the victims of more than 30 percent of all cyber attacks, according to Symantec's 2013 Internet Security Threat Report. That's a threefold increase since 2011

Infosec 2013: APTs are hard to defend against, but not impossible (SC Magazine UK) Speaking at the Infosecurity Europe exhibition in London, Brian Laing, director of marketing and products at AhnLab, said that security tools are "not meant

Marketplace

China's Huawei bails on the United States (Quartz) There's only so much abuse that a giant network equipment manufacturer repeatedly accused of threatening US national security can take. We are not interested in the US market any more," Huawei executive vice president Eric Xu said at the company's annual analyst summit on Wednesday, as reported by the Financial Times. "Don't get me wrong, I'd love to get into the U.S. market," Chief Technology Officer Li Sanqi added in an interview with IDG. "[But] we today face reality. We will focus on the rest of the world, which is reasonably big enough and is growing significantly"

Pentagon 2014 Budget Includes $5B for Cyber Warfare (ExecutiveGov) "When you look at the strategic landscape from our perspective, it's getting worse," Army Gen. Keith Alexander, head of Cyber Command and the National Security Agency, recently told Congress, according to the report. Michaels writes the Pentagon wants

Report: Army gives millions less to Fort Meade for daily operations (Capital Gazette) Mikulski's office asked for the comparison to ensure Fort Meade is funded adequately as it continues to grow as a center for cyber security and intelligence. Thousands of jobs have moved to the post in the last few years, and thousands more are

Lockheed Expects A Hit From Sequester (Washington Post) Bethesda-based Lockheed Martin forecast Tuesday that government budget cuts would wipe out $825 million of the company's anticipated revenue this year

The quest for security clearances (Capital Gazette) We are home to agencies protecting our national security on the intelligence ... employers that you are clearable, aware of the security clearance process

Northrop to Demo DARPA Navigation System on Android (GovConWire) Northrop Grumman (NYSE: NOC) has won an 18-month contract to demonstrate an open architecture navigation system on an Android mobile device for the Defense Advanced Research Projects Agency. Under the follow-on contract, the company will aim to present the system's scalability across different types of systems and its plug-and-play features, Northrop said Monday

CenturyLink Wins Potential $750M DISA Fiber Optic Net IDIQ (GovConWire) CenturyLink (NYSE: CTL) has won a potential $750 million contract from the Defense Information Systems Agency to install a fiber-optic network for connecting the Defense Department's supercomputers and researchers. DISA's defense information technology contracting organization awarded the Defense Research and Engineering Network III contract as a potential 10-year indefinite-delivery/indefinite-quantity contract, CenturyLink said Tuesday. CenturyLink will

GAO: States misusing wireless Enhanced 911 implementation funds (FierceMobileHealthcare) Over the past decade, states have made significant progress in implementing wireless Enhanced 911 (E911), concludes a Government Accountability Office report. But some states, auditors say, are dipping into E911 implementation funds and using the money for other purposes

NBC terrorism analysts need more transparency (Salon) Compared to the near-hysterical reporting on Fox and the mistake-prone efforts at CNN, the handling of the Boston Marathon attack and investigation by NBC (and sister cable channel MSNBC) was straightforward and subdued -- thanks in large part to its experienced reporting team and in-house national security analyst, Michael Leiter. Leiter, who started at NBC last fall, is the former director of the National Counter Terrorism Center (NCTC), the inter-agency situation room in Northern Virginia where the U.S. government synchronizes all of its intelligence analysis. During the week, he was a constant presence on both NBC and MSNBC, providing extensive details about what was likely unfolding on the ground

IBM, CA swallow app development platforms (itWorldCanada) UrbanCode and Nolio have been bought by the IT leaders as lifecycle software development platforms assume greater importance

Ionic Security Gets $9.4 Million (eSecurity Planet) The company says the funds will be used to expand its engineering team, accelerate enterprise sales, and increase awareness of its Fusion platform

Whit Diffie Among SafeLogic's First Board of Advisors (PR Web) Whitfield Diffie is best known for his work in the early 1970's, pioneering dual-key cryptography. Before his 1976 paper New Directions in Cryptography, written with Martin Hellman, encryption technology was the sole domain of government entities

Research and Development

Eye-Tracking Software Goes Mobile (IEEE Spectrum) Umoove aims to bring hands-free control to phones and tablets

Apple invention creates a secure device-to-device network with just a picture (Apple Insider) Apple on Tuesday was granted patent rights to a novel data transfer invention that allows one device to use its built-in camera to take a picture of a second device, and extract a digital handshake key from the image to setup a secure connection

Security Patches, Mitigations, and Software Updates

Java's Security Renaissance Begins (Dark Reading) Oracle's decision to delay Java 8 to ensure security is done right is a significant step--but challenges remain for the troubled platform

Microsoft Security Bulletin MS13-036 - Important (Microsoft Technet) Vulnerabilities in Kernel-Mode Driver Could Allow Elevation Of Privilege (2829996). This security update resolves three privately reported vulnerabilities and one publicly disclosed vulnerability in Microsoft Windows. The most severe of these vulnerabilities could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit the most severe vulnerabilities

Cyber Attacks, Threats, and Vulnerabilities

AP Twitter Account Hacked (HuffingtonPost) The Associated Press' Twitter account was hacked on Tuesday. Just after 1:00 p.m., the news organization tweeted: "Breaking: Two Explosions in the White House and Barack Obama is injured." The message spread quickly, with Twitter users immediately wondering if the account had been hacked. The Associated Press' corporate communications account clarified the tweet was fake minutes later

'Proudly pro-Assad': the group behind Twitter hacks (Sydney Morning Herald) It sounds like it could be the name of a band you might hear on Triple J, but Syrian Electronic Army is a real online threat, as media organisations and universities across the world are discovering. The latest target of the online militant group, which describes itself as "proudly pro-Assad", is US media group The Associated Press. Its Twitter feed was hacked to tell AP's millions of followers that there had been two explosions in the White House, leaving President Barack Obama injured

How the Syrian Electronic Army hacked the AP—and who are these guys, anyway? (Quartz) It's just a couple of hours after the AP's Twitter account was hacked, sending markets into a tizzy with a false report of violence at the White House. But we already know, through tidbits offered by the AP itself, how it happened

Stocks gyrate wildly after fake terror tweet (USA TODAY) Wall Street suffered a mini flash crash Tuesday after investors reacted to a phony Tweet on the Associated Press' Twitter account that said the White House had been bombed and the president was injured

Associated Press Twitter hack spreads fake White House bomb story, pushes down Dow Jones (Naked Security) With just under two million followers, AP's Twitter account has a wide reach, and is influential. Influential enough, it seems, that a false rumour from the AP feed can have a visible affect on the stock market

AP Twitter hack prompts fresh look at cybersecurity needs (CSO) Two-step identity verification and analysis of user trends could prevent future attacks, experts say. Getting hacked on Twitter is fast becoming a rite of passage for big corporations, but Tuesday's attack on the Associated Press could be a tipping point and shows that social networks must do more to keep their users safe, security experts said

AP Twitter Hijacking Proves Need for Better Authentication, Encryption (CSO) Stock markets briefly went into a tailspin after the AP's Twitter account was hijacked and used to broadcast this false message: "Breaking: Two Explosions in the White House and Barack Obama is injured"

Beware Twitter "password check" sites - there are fakes, and there are fake fakes! (Naked Security) After a widely publicised hack or data breach, you'll often find "password check" sites springing up. Some of them are legitimate, but other password check sites are as bogus as they sound on the surface

Cyber attack briefly shutters Charles Schwab website (Reuters) A cyber attack shut down Charles Schwab Corp's website and mobile applications for nearly two hours on Tuesday but no client data or account information was compromised, a spokesman for the brokerage said

Yet another unpatched security hole found in Java (Naked Security) Just last week you were congratulating yourself for patching your computer against a Java security hole. Now another zero-day unpatched vulnerability has been found in Oracle's widely used software

Exploit for recently patched Java flaw added to CrimeBoss exploit kit (Help Net Security) If you are still using Java, you insist on updating in manually and you haven't gotten around to installing the latest Critical Patch Update released a week ago, you are advised to do it now

Cyber Vulnerabilities Found In Navy's Newest Warship: Official (Reuters) The computer network on the U.S. Navy's newest class of coastal warships showed vulnerabilities in Navy cybersecurity tests, but the issues were not severe enough to prevent an eight-month deployment to Singapore, a Navy official said on Tuesday

Reddit was downed by record DDoS attack, motive is unknown (Help Net Security) In order to relieve the curiosity of the huge Reddit community, systems administrator Jason Harvey has shared some details about the DDoS attack that recently hit the popular social news site

More malware discovered from drone cyberattacks (CSO) Despite the exposure of the cyberespionage, Operation Beebus is still active, although its infrastructure has changed. Researchers following a cyberespionage campaign apparently bent on stealing drone-related technology secrets have found additional malware related to the targeted attacks. FireEye researchers have been tracking so-called "Operation Beebus" for months, but only last week reported the connection to unmanned aircraft often used in spying. Drones have also been used by the Obama administration to assassinate leaders of the Al-Qaeda terrorist group

FireEye finds Gh0stRAT cyberespionage campaigns continue (CSO) Many advanced persistent threat attacks use the malware, believed to have been developed in China. A well-known cyber-spying tool called Gh0st RAT is still being employed in stealthy malware attacks, according to a new report from security firm FireEye

Chinese Hacking Suspects 'Back In Business' (Key 103 Manchester) A group of Chinese hackers suspected of being behind a cyber-attack on the New York Times earlier this year may be restarting their campaign. BAE Systems, the defence contractor, says it has unearthed evidence that indicates the group is active for the

Wireless hack attacks target critical infrastructure (Help Net Security) Critical infrastructure control systems are at risk from wireless attacks carried out over Software Defined Radio (SDR), according to Digital Assurance. Critical network control systems such as SCADA (Supervisory Control And Data Acquisition), Building Management Systems (BMS) and PLCs (Programmable Logic Controllers) all use a proprietary wireless technology which could potentially be hacked using SDR equipment and a PC. The specialist data communicated by these systems could be intercepted, captured and replayed to suspend service and cause widespread disruption

More "BadNews" for Android: New malicious apps found in Google Play (Ars Technica) BadNews, as the malicious ad network library is called, has been included in at least 35 different apps that were available on Google servers for download, researchers from antivirus provider Bitdefender said Monday. As Ars reported last week, figures

5 Signs Your Android Smartphone Is Infected With Malware (ReadWrite) Android malware seems to be spreading at a dizzying pace. In the second half of 2012 alone, Bitdefender found that Android malware spiked 292% from the first half of the year

2013 First Quarter Zero-Day Vulnerabilities (Symantec Connect) In the first quarter of 2013, we spotted quite a few zero-day vulnerabilities affecting Oracle Java, Adobe Flash, Adobe Reader, and Microsoft Internet Explorer being exploited in the wild. This blog discusses the details of these zero-days exploited to spread malware in the first quarter of 2013

Litigation, Investigation, and Enforcement

Caught in the System, Ex-Hacker Is Stalked by His Past (Wired Threat Level) Early last week, before the suspects were identified in the Boston Marathon bombings, a U.S. probation officer and his supervisor visited the Manhattan apartment of programmer Stephen Watt with a question: Did Watt happen to know anything about the attack? "He said, 'We want to ask you about this Boston thing. I think you know what we're talking about. I'm talking about the attacks,'" Watt recalls. "Then he said, 'If you know any rumors that you heard about beforehand or even afterwards, please [tell us] through your lawyer'"

Australia charges man claiming to be LulzSec leader (CSO) The man is an IT professional who had access to sensitive information, Australian Federal Police said. Australia has charged a 24-year-old man who allegedly defaced a government website earlier this month and claims to be the leader of LulzSec, a rogue inactive hacking group. The man, from Point Clare about 50 miles north of Sydney, was charged with two counts of unauthorized modification of data and one count of unauthorized access. He could face up to 12 years in prison if convicted, according to the Australian Federal Police (AFP)

Reuters fires social media editor accused of collaborating with Anonymous (Help Net Security) Matthew Keys, the former web producer for a Tribune Company-owned television station that was recently charged with providing Anonymous with log-in credentials for a computer server

Former employee charged with installing backdoors on 2,700 Hostgator servers (FierceCIO: TechWatch) A former system administrator from popular web hosting company Hostgator has been arrested for unauthorized computer access using a backdoor that he secretly installed before getting fired. Eric Gunnar Grisse, 29, managed to access the network using the login credentials in a SSH key file that he stole from Hostgator, before accessing the backdoor for "root" access to the compromised servers

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

Recent Advances in Reverse Engineering (RARE) (San Francisco, California, USA, June 1 - 2, 2013) The goal of the rare conference is to provide a venue where people interested in the analysis of binary programs can speak to one another directly, and to form a common language outside of their respective hyper-specialized, individual niches.

RSA Conference Asia Pacific 2013 (Singapore, June 5 - 6, 2013) Join your fellow information security professionals at the inaugural RSA Conference Asia Pacific, where we'll be discussing security issues from both a global and Asia Pacific perspective. Delegates will be able to attend keynote sessions presented by leading information security industry experts and guest speakers, and choose from approximately 50 sessions.

Mobile Device Security for Defense and Government (Alexandria, Virginia, USA, April 23 - 24, 2013) This Defense Strategies Institute conference addresses the challenges of operating mobile devices in networks whose security is mission critical. The symposium's overall theme will focus on DOD's plan to maximize the potential uses of mobile devices. Within specific key areas: wireless infrastructure, mobile devices and mobile applications. The thought leadership and community goal of this event is to advance flexible and secure mobile devices to benefit the warfighter and keep pace with changing technology.

Infosecurity Europe (London, England, UK, April 23 - 25, 2013) Europe's number one Information Security event. Featuring over 350 exhibitors, the most diverse range of new products and services, an unrivalled education programme and over 12,000 visitors from every segment of the industry, it's the most important date in the calendar for Information Security professionals across Europe.

23rd Annual Government Procurement Conference (Washington, DC, USA, April 25, 2013) This unique one-day event attracts more than 3,000 participants representing government agencies, prime contractors and small businesses from around the country. Participating companies are able to network with procurement officials from federal, state and local government agencies under one roof.

cybergamut CompTIA Security+Certification Boot Camp Training Program (Baltimore, Maryland, USA, April 29 - May 2, 2013) Security+ certification training delivers a foundational proficiency in the network security arena. Security+ Certified Professionals are better able and positioned to support small and medium-sized organizations that are at increased risk of cyber crime and other forms of security-related threats. Security+ certified professionals may now apply the CompTIA Security+ certification towards the Microsoft MCSA and MCSE Security certifications.

TechExpo Cyber Security Hiring Event (Columbia, Maryland, USA, April 30, 2013) A hiring event for experienced cyber security professionals, with many leading companies in attendance and interviewing on-the-spot. Learn from the distinguished speakers' panel, details of which will be forthcoming on the event site. All job-seekers should be US citizens with cyber security or IT experience. A security clearance is not required, but preferred.

INSA Leadership Dinner Featuring Betty Sapp, Director, NRO (Reston, Virginia, USA, April 25, 2013) - This leadership dinner will feature a keynote address from Betty Sapp, Director of the National Reconnaissance Office highlighting her focus on innovation at the NRO and for the Intelligence Community. Registration will open on Thursday, March 14 and will close Thursday, April 18.

Symposium on Cybersecurity & Information Assurance (Teaneck, New Jersey, USA, May 1, 2013) Fairleigh Dickinson University's Center for Cybersecurity and Information Assurance is pleased to announce its inaugural Symposium on Cybersecurity and Information Assurance to be held on May 1, 2013 in the Wilson Auditorium of the Metropolitan campus. This forum will gather top security professionals from government, industry, and academia to present the current state of cybersecurity affecting our daily lives. The symposium will raise the awareness of attendees about the cyber threats and some of the remedial measures. Among the various facets of this evolving area, focus will be on topics such as Survivability in Cyberspace, Security Pattern Usage in Software Development Lifecycle (SDLC), Network Security Service Implementation issues, and Thinking with a Security Mindset.

Critical Security Controls International Summit (London, England, UK, May 1 - 2, 2013) The SANS Institute will be hosting the Critical Security Controls International Summit in London from May 1st to May 2nd at the London Hilton on Park Lane hotel. The Summit focuses on the Critical Security Controls that the British government's Center for the Protection of National Infrastructure describes as the "baseline of high-priority information security measures and controls that can be applied across an organization in order to improve its cyber defense.

INSA Leadership Dinner with NGA Director Letitia Long (McLean, Virginia, USA, May 2, 2013) NGA At the Crossroads - Visualizing the Future. Join INSA and NGA Director Letitia Long as she shares her vision for transforming NGA and GeoInt in innovative ways that more effectively put the power of data and visual knowledge in the hands of users.

Interop Las Vegas (Las Vegas, Nevada, USA, May 6 - 10, 2013) Attend Interop Las Vegas, May 6-10, and attend the most thorough training on Apple deployment at the NEW Mac & iOS IT Conference. Join us in Las Vegas for access to 125+ workshops and conference classes, 350+ exhibiting companies and the latest technology.

The Computer Forensics Show (New York City, New York, USA, May 8 - 9, 2013) For IT and business executives responsible for creating, implementing, and managing a proactive and comprehensive IT strategy for information security, risk management, compliance, and business continuity management. An understanding of risk and the application of risk assessment methodology is essential to being able to create a secure computing environment. (Co-located with ASIS New York City Security Conference and Expo.)

ASIS 23rd New York City Security Conference and Expo (New York City, New York, USA, May 8 - 9, 2013) Join more than 2,500 professionals in the Big Apple for the largest annual conference in the Northeast for security management and law enforcement professionals. This exciting event will focus on key challenges facing practitioners and organizations in the public and private sectors.(Co-located with the Computer Forensics Show.)

CyberSecurity UAE Summit 2013 (Dubai, UAE, May 13 - 14, 2013) Review developments, strategies and best practice in global cyber security. Assess the nature of the latest threats being faced and the impact of these upon your organisation. Discuss the most promising cyber security technologies in the marketplace. Assess the trends to watch in global cyber security. International Case Studies: Discover the best practice in protecting your organisation from cyber-attack.

GovSec (Washington, DC, USA, May 13 - 15, 2013) GovSec is the nation's premier event for Government, Homeland Security, and Law Enforcement professionals looking for proven strategies and cost effective technology so they can achieve their mission of protecting our communities, critical infrastructures, and key assets. The conference includes sessions devoted to cyber security.

cybergamut Technical Tuesday: Identifying TLS/SSL Encrypted Network Exploitation Activity Using Traffic Externals (Columbia, Maryland, USA, May 14, 2013) Jeff Kuhn of CACI describes recently completed CACI research using adaptive data analytics to distinguish encrypted exploitation activity from legitimate network traffic based on traffic externals in a real world environment.

Thriving in the Post-Sequestration GovCon Era (McLean, Virginia, USA, May 14, 2013) The Potomac Officers Club is hosting a summit for GovCon executives and government leaders to collaborate and share ideas on how to navigate a new era involving sequestration. At least five speakers, each experts in the intersection between the public and private sector, will discuss what is to come after the automatic budget cuts known as sequestration dissipate. Confirmed speakers include: Frank Kendall (Defense Undersecretary for Acquisition, Technology and logistics), Robert Hale (Defense Department Comptroller), Jim McAleese (founder of McAleese & Associates), Pierre Chao (managing partner and co-founder of Renaissance Strategic Advisors), and Stephen Fuller (George Mason University professor and director at the Center for Regional Analysis).

FOSE (Washington, DC, May 14 - 16, 2013) FOSE is the premier event for government technology professionals interested in innovative, effective tools and solutions allowing you and your agency or organization to advance your mission. From IT managers and buyers to CIOs and other technology management professionals, FOSE has the right products, people and solutions for you in one very accessible location.

7th Annual INSA IC Industry Day (Springfield, Virginia, USA, May 15, 2013) This annual event is held at the TS/SCI level in cooperation with ODNI as a comprehensive forum for IC leaders to relate their budget priorities to industry. The theme of this year's IC industry day is Intelligence Program Priorities in a Budget Constrained Environment and will feature keynote addresses from DNI James Clapper, Dr. Roger Mason, ODNI, and Letitia Long, Director, NGA. Registration opens Wednesday, March 27.

Hack Miami (Miami, Florida, USA, May 17 - 19, 2013) The HackMiami 2013 Hackers Conference seeks to bring together the brightest minds within the information security industry and the digital underground. This conference will showcase cutting edge tools, techniques, and methodologies that are at the forefront of the global threatscape.

CEIC 2013 (Orlando, Florida, USA, May 19 - 22, 2013) The largest digital-investigations conference of its kind and the only one to offer hands-on lab sessions for practical skills development. CEIC offers relevant and practical information from expert speakers. It will be of interest to anyone interested in cyber forensics and e-discovery. Former Director of Central Intelligence Michael Hayden will deliver the keynote.

IEEE Symposium on Security and Privacy (San Francisco, California, USA, May 19 - 22, 2013) Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for the presentation of developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field. Papers offer novel research contributions in any aspect of computer security or electronic privacy. Papers may represent advances in the theory, design, implementation, analysis, or empirical evaluation of secure systems, either for general use or for specific application domains. (Co-located with the IWCC and Web 2.0 Security and Privacy.)

International Workshop on Cyber Crime (IWCC) (San Francisco, California, USA, May 24, 2013) The aim of this workshop is to bring together the research accomplishments provided by the researchers from academia and the industry. The other goal is to show the latest research results in the field of digital forensics and to present the development of tools and techniques which assist the investigation process of potentially illegal cyber activity. We encourage prospective authors to submit related distinguished research papers on the subject of both: theoretical approaches and practical case reviews. (Co-located with the IEEE Symposium on Security and Privacy.)

Web 2.0 Security and Privacy (San Francisco, California, USA, May 24, 2013) The goal of this one-day workshop is to bring together researchers and practitioners from academia and industry to focus on understanding Web 2.0 security and privacy issues, and to establish new collaborations in these areas. (Co-located with the IEEE Symposium on Security and Privacy.)

Maryland/DC Celebration of International Trade (Linthicum, Maryland, USA, May 21, 2013) Join Maryland exporters and international business experts as they celebrate International Trade Week. Hosted by the Maryland/DC District Export Council this event is a content rich celebration of international trade. Participate in expert discussions lead by manufacturers, legal, financial, transportation and industry experts as well as government leaders in eight vertical tracks for a total of 24 highly interactive 90 minute sessions.

IEEE-Cyber 2013 (Nanjing, China, May 26 - 29, 2013) This conference will cover cyber physical systems, cyber control and automation, cyber robotics, and the Internet of things.

Cyber Security @ CeBIT (Sydney, New South Wales, Australia, May 28 - 30, 2013) The Cyber Security Conference will serve as a platform where all those involved in securing and governing ICT within an organisation can discuss the newest challenges and strategies. The event is a must-attend for CIOs, CSOs, CISOs, Chief Risk Officers, Heads of Governance and Compliance and IT Directors. It is predicted that security service spending in Asia-Pacific will reach $7 billion in 2015, so ensure that you are investing in the best technologies for your business by joining us at the Cyber Security Conference on 28 May 2013 and hearing from leading financial institutions, retailers, airlines, telecoms companies and government.

Private Sector Crossovers: Protecting People, Property and Information (, January 1, 1970) With its annual cyber conference on May 29, the Howard County Chamber of Commerce and its GovConnects initiative will offer expert speakers on cyber security and efforts to protect government agencies and private industry. There will be opportunities for informal networking and formal, targeted match-ups for businesses interested in making connections with government contractors and agencies.

Cyber Security for the Chemical Industry (Franfurt, Hessen, Germany, May 29 - 30, 2013) It is becoming increasingly more important than ever to be aware of the latest cyber threats, and equipped to protect your company from them. In addition to physical security, these industries are faced with the ever-increasing risk of cyber attacks to their DCS and SCADA infrastructure networks as well as their R&D networks. These attacks can have a costly affect not only on profits, but also corporate reputation.

DGI Cyber Security Conference & Expo (Washington, DC, 2013, May 30, 2013) Data security threats continue to increase in number and sophistication. The growing use of collaborative technologies - from mobile devices and social media to virtualization and cloud computing - will continue to be one of the most significant factors impacting the security landscape. For these reasons, the federal government has increased efforts to minimize and prevent cyber security attacks, and will continue to place significant focus on securing the nation's cyber infrastructure.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.