The CyberWire Daily Briefing 08.15.14
Russia-sympathizing hacktivists of Cyber Berkut claim responsibility for defacing Polish governmental and financial sites with images of the Holocaust. Poland's offense, according to Cyber Berkut, is "sponsoring fascism" in Ukraine at the behest of meddling Americans.
Russia's application of a strong hand to Internet censorship shows mixed success (witness the case of "Sergeant Selfie") but Ukraine's government seems ready to implement similarly restrictive policies.
Cyber rioting continues to shadow physical protest in Ferguson, Missouri, USA.
New Zealand's NCSC warns government agencies of an ongoing spearphishing campaign.
German researchers publish anti-surveillance software.
Lockheed Martin, long engaged against cyber espionage services seeking to penetrate its networks, reports that its familiar attackers seem to have, not disappeared, but gone quiet. Continued vigilance is in order.
Ransomware remains in the news. "Kovter" takes a retro approach — it doesn't encrypt your files, it just blackmails you directly in the old-fashioned way. Synolocker's controllers appear ready to move to a different form of crime, as they hold what amounts to a fire sale of encryption keys. Webroot warns of ZeroLocker's ascendance. And another extortion attempt (announcing itself as such) threatens to destroy its victims through "negative SEO."
The Gameover Zeus botnet continues its unwelcome rise from the dead.
Talk of automated cyber retaliation prompts Schneier to remind all of the difficulties of attribution.
Thycotic, hoping to gain insight into bad actors' motivation, surveys people who identify themselves as "hackers." The "hackers" mostly say they hack for artistic and altruistic reasons, not gain. (Tell it to Sabu.)
Today's issue includes events affecting Australia, Canada, China, European Union, Germany, Iran, Israel, Democratic Peoples Republic of Korea, New Zealand, Palestinian Territories, Russia, Ukraine, United Kingdom, and United States.
Cyber Attacks, Threats, and Vulnerabilities
Pro-Russia Ukrainian hackers just replaced Polish sites with images from a Holocaust slaughter (Quartz) The pro-Russia Ukrainian hacker group CyberBerkut brought down at least 37 Polish web sites in response to Polish criticism of Russian aggression in Eastern Ukraine. Sites affected include those of the president of Poland and the Warsaw Stock Exchange
Ukrainian hackers claim attack on Polish websites (AFP via Yahoo! News) Ukrainian hackers hostile to the government claimed Thursday to have launched a cyber attack against the websites of Poland's presidency and the Warsaw Stock Exchange''
Ukraine Government Offices bugged with Spyware by Russia (Hack Read) The computers of Ukrainian prime minister and those installed at the embassies of its Eastern Europe allies have been bugged by Snake, a spying tool associated with Moscow
The sad, strange saga of Russia's "Sergeant Selfie" (Ars Technica) After instant infamy for Instagram post inside Ukraine, soldier begs for WebMoney
Gaza and Crimea conflicts could have been predicted by monitoring cyber attacks (Telegraph) A surge in cyber attacks preceeded both the conflict in Ukraine and in Gaza, new research has found — leading to suggestions that the technique could be used to predict future fighting
Anonymous Takes on Ferguson, Continues Pattern of Targeting Police (HackSurfer) The fatal shooting of 18-year-old Michael Brown by police in Ferguson, Mo., has ignited outrage, sparking protests in the streets from citizens and online from the hacking collective Anonymous
'Anonymous' Twitter Feed Suspended During Ferguson Protests (NBC News) A Twitter account from online "hacktivist" group Anonymous was suspended on Thursday after it claimed to reveal the name of the police officer who shot unarmed teenager Michael Brown, setting off five nights of unrest in the suburb of Ferguson, Missouri. Sgt. Colby Dolly of the St. Louis County Police told NBC News that the person named by Anonymous was not the officer who shot Brown, nor was he a member of the St. Louis County Police Department
Spearphishing campaign targeting multiple government departments (New Zealand NCSC) The NCSC is aware of a current spearphishing campaign targeting a wide number of government sector employees. To the recipient, the spearphishing email appears to be sent from a legitimate but spoofed (i.e. using a forged sender address) email address. The NCSC recommends all government IT Security Managers advise employees not to follow the hyperlink contained in the body of the spearphishing email
The HACIENDA Program for Internet Colonization (Heise) Since the early days of TCP, port scanning has been used by computer saboteurs to locate vulnerable systems. In a new set of top secret documents seen by Heise, it is revealed that in 2009, the British spy agency GCHQ made port scans a "standard tool" to be applied against entire nations
Some Cyber Attackers Lie Low (SIGNAL) Some Cyber Attackers Lie Low August 14, 2014 By George I. Seffers E-mail About the Author Some of the hackers who have persistently attacked Lockheed Martin's networks have "gone quiet" in recent months, officials told reporters yesterday at an Arlington, Virginia, media summit hosted by the company's recently restructured Defense and Intelligence Solutions division. "We've seen a number of the adversaries — I wouldn't say they've disappeared — but they've gone quiet," said Darrell Durst, Lockheed Martin's vice president, cyber solutions. "I think we have been able to counter a number of the adversaries relative to our networks"
Kovter Blackmail Trojan Hunts for Victims as CryptoLocker Fades (CIO) Infections caused by the innovative Kovter police blackmail Trojan continued to surge between May and June, security firm Damballa has reported. Could old-style police ransom attacks, once seen as past it, be on their way back with a vengeance?
SynoLocker gang planning to move on? (Help Net Security) The crooks behind SynoLocker have made some changes to the website sporting the payment instructions. They are trying to spur more victims to pay up by saying that the website will be take offline soon and, once that happens, they will not be able to get the private keys needed to decrypt their files
ZeroLocker (Webroot Threat Blog) Recently in the news we saw FireEye and Fox-IT provide the ability to decrypt files encrypted by older crpytolocker variants. They used the command and control servers seized by the FBI during operation Tovar
Hello, this is an extortion email. (DEJANSEO) Over the years we have been a target of various negative SEO campaigns. This morning's email tops it all though. The sender doesn't beat around the bush and makes it very clear saying: "this is an extortion email"
NewGOZ malware sees 1,879 percent infection boom in July (V3) Infection rates of the latest Gameover Zeus malware variant "NewGoz" rose by 1,879 percent in July, despite efforts from law enforcement to shut down the criminal operation, according to security firm Arbor Networks
Gameover Zeus Botnet Rebuilds (Threatpost) It didn't take long for an updated version of GameOver Zeus to make some headway in rebuilding itself
The Impact of Poor Internet Hygiene (BankInfoSecurity) How user practices pave the way for botnets
Zero Days Explained (Rapid7) In today's Whiteboard Wednesday, Trey Ford, Global Security Strategist at Rapid7 will discuss zero days
The biggest iPhone security risk could be connecting one to a computer (CSO) Design quirks allow malware to be installed on iOS devices and cookies to be plucked from Facebook and Gmail apps
The Gyroscopes in Your Phone Could Let Apps Eavesdrop on Conversations (Wired) In the age of surveillance paranoia, most smartphone users know better than to give a random app or website permission to use their device's microphone. But researchers have found there's another, little-considered sensor in modern phones that can also listen in on their conversations. And it doesn't even need to ask
Thousands of computers open to eavesdropping and hijacking (Naked Security) There's a gaping hole in thousands of unsuspecting people's computers that lets any random internet passerby not only look over their shoulder but reach through to take over their systems. The hole is caused by a remote access tool: specifically, unsecured use of a product known as Virtual Network Computing (VNC)
Disqus WordPress plugin vulnerabilities (Help Net Security) During a penetration testing for a client, Australian based independent security consultant Nik Cubrilovic, discovered a couple of security issues within the very popular Disqus WordPress plugin. So far the plugin has been downloaded nearly 1.5 million times from the official Wordpress plugin repository
Blackphone goes to Def Con and gets hacked — sort of (Ars Technica) Over-the-air hacks of BlackBerry, others fly under radar; tweet on Blackphone hack doesn't
Fake Tor Project website delivers malware instead of anonymity (Help Net Security) A computer science student has discovered an almost perfect copy of The Tor Project's website, offering malware for download instead of the Tor Browser Bundle and collecting donations that should rightfully go to Tor developers
Stuxnet Exploits Still Alive & Well (Dark Reading) Exploits continue abusing a four-year-old bug used in the Stuxnet attack, Kaspersky Lab says
Suspicious Login Message Faked, Distributes Backdoor (TrendLabs Security Intelligence Blog) Legitimate services are often used by cybercriminals to try and make their attacks more convincing. Recently, I spotted attacks that used services and platforms like Google Drive and Dropbox in order to look less suspicious to unwary users
Wɑit! Stοp! Is that ℓιŋκ what it claims to be? (We Live Security) The human brain is a funny old thing, and remarkably smart. But sometimes it's too smart for its own good
Why contractors' home networks are a security threat (CSO) An informal poll at Black Hat finds contractors are the favorite target of hackers, followed by IT administrators
Internet Noise and Malicious Requests to a New Web Server (Lenny Zeltser on Information Security) I set up a brand new web server to see what type of connections it will receive. Since the server had no "production" purpose, all attempts to access it could be considered suspicious at best. Such requests are associated with scans, probes and other malicious activities that tend to blend into the background of web traffic. Here's what I observed
Ont. man records fake Microsoft phone scam as warning to others (Global News) When Orangeville, Ont., resident Joel Mantel answered his phone in the middle of dinner last week, he was in the mood for some fun
The Logic of Purposely Using Poor English in Scam Emails (NoVA Infosec) I am not sure of the original source of this graphic but it illustrates an interesting analysis of why scam emailers actually use bad English on purpose. The off kilter language serves as a simple method of filtering out the more highly desirable "gullible" marks from the rest of the crowd
Traffic To Hosting Companies Hijacked In Crypto Currency Heist (Dark Reading) Attacker likely a current or former ISP employee, researchers say
The Internet's Vulnerable Backbone (Slate) How cybercriminals hijacked the Web's architecture to mine bitcoins. Some Internet security problems can be fixed. Vulnerabilities like Heartbleed, for instance, may have massive reach and widespread impact, but they ultimately come down to a clear flaw that we can mend by rewriting code. It's a long, slow, painful process — but we know what needs to be done
Security Patches, Mitigations, and Software Updates
But as long as you don't read PDFs or surf the web, don't worry, everything's fine (FierceITSecurity) Happy Tuesday, everyone. Please patch all systems having anything to do with the web
Apple Safari for OS X gets "click-to-own" security holes patched (Naked Security) Apple has just updated its Safari browser
About the security content of Safari 6.1.6 and Safari 7.0.6 (Apple Support) This document describes the security content of Safari 6.1.6 and Safari 7.0.6
Urgent! Adobe Users Told to Patch Reader and Acrobat Against Zero-day Attacks (Lumension) Adobe has warned computer users to update their installations of Adobe Reader and Acrobat as a matter of urgency, after it was discovered that malicious hackers were exploiting a critical zero-day vulnerability in targeted attacks
PHP 5.3.29 is available, PHP 5.3 reaching end of life (Internet Storm Center) The PHP development team announces the immediate availability of PHP 5.3.29. This release marks the end of life of the PHP 5.3 series. Future releases of this series are not planned. All PHP 5.3 users are encouraged to upgrade to the current stable version of PHP 5.5 or previous stable version of PHP 5.4, which are supported till at least 2016 and 2015 respectively
Google Adds Warnings About Deceptive Software To Safe Browsing Service (Threatpost) The Google Safe Browsing service has become an integral part of most of the major browsers, integrating malware alerts, warnings about malicious Web sites and suspicious content. The company has been expanding the capabilities of the service steadily over the last few years, and now Google is adding warnings about deceptive software to the service
86% of hackers don't worry about repercussions (Help Net Security) Thycotic announced the results of a survey of 127 self-identified hackers at Black Hat USA 2014. The survey found that 86% of hackers are confident they will never face repercussions for their activities. In a double-edged sword conundrum, 88% of respondents also believe their own personally identifiable information (PII) is at risk of online theft
Kaspersky: Malware was the most common cause of data loss incidents (CIOL) 21 percent of manufacturers suffered a loss of intellectual property (IP) within the past year
CSIS's Lewis: Biggest cyber risks stem from governments, not non-state actors (Inside Cybersecurity) Foreign governments — not non-state entities — pose the greatest cyber risks amid continuing low-level conflict in cyberspace, Jim Lewis of the Center for Strategic and International Studies said Thursday, noting Hezbollah is the only potential exception
In wake of hacks, incident response efforts weak in enterprise (ZDNet) Only 9 percent say they have a handle on the issue, according to SANS Institute survey
Wearing Your Tech on Your Sleeve (TrendLabs Security Intelligence Blog) Sartorial decisions and technology are often considered two separate, distinct items. However, the surge of wearable "smart" devices has blurred the line between the two. Nowadays, it is common to see people accessorized in pieces of equipment that complement their day-to-day activities
Lack of security awareness reason for high number of cybercrime victims (Trend Micro: Simply Security) Recent studies claim nearly 50 percent of adult Internet users have acquired a virus or had online accounts hacked at some point in time. And the reason for such a high number of cybercrime victims is simple: lack of awareness
Cybersecurity And The National Association Of Corporate Directors (Metropolitan Corporate Counsel) Editor: Why is cybersecurity a current area of focus for NACD? Bew: Cybersecurity and cyber breaches are no longer emerging issues. The headlines about breaches in both the public and private sectors have put the issue on every organization's agenda, whether large or small, whatever the industry and whether the organization is public, private or nonprofit
NRF IT Security Council Educates, Advocates To Combat Data Theft (Business Solutions) Data breeches at large chain stores have spurred technology leaders to form the National Retail Federation (NRF) IT Security Council
Cyber Insurance (Infosec Institute) Cyber insurance coverage has been available on the market for a decade, but only recently companies have been seeing a significant growth — sales of cyber insurance in 2013 escalated 30 percent in comparison with 2012, according to the Global Head of Professional Liability for AIG Tracie Grella
Microsoft's strategy on identity management aimed squarely at cloud-based services (NetworkWorld) Microsoft's strategy for providing customers with identity management options is increasingly reliant on cloud-based methods of authentication and access control for provisioning of Windows-based mobile devices as well as Apple iOS and Google Android devices
CloudFlare's CEO On Expanding In Key Markets Like China And Brazil (TechCrunch) As Web security startup CloudFlare grows internationally, it plans to take a slow and steady approach to dealing with the challenges of expanding in key markets like China and Brazil. In a discussion with TechCrunch senior editor Jonathan Shieber this week at TechCrunch Beijing (organized with TechNode), CloudFlare co-founder and CEO Matthew Prince talked about dealing with laws and regulations in different countries and the challenges of finding a partner in China, its second-largest market
Cisco cutting 6,000 jobs; industry total now at 'great recession' level (FierceCIO) As had been rumored this week, Cisco announced major layoffs yesterday, with 6,000 jobs expected to be cut over the next 12 months. The news comes in the wake of a series of major layoff announcements throughout the tech industry, with job cuts now rivaling the numbers at the beginning of the recession in 2009
Products, Services, and Solutions
DOSarrest Adds New DDoS Protection Node in Singapore (MarketWired) DOSarrest Internet Security announced today that they have expanded their DDoS protection cloud into Asia, with a new DDoS mitigation node in Singapore. The new node will work in conjunction with their existing nodes in New York, Los Angeles and London and will have the same connectivity as the others, including multiple 10 Gb/Sec uplinks to multiple carriers
Bromium and Scalar Partner to Provide Next-generation Endpoint Protection (Bromium) Scalar delivers Bromium to combat cyber attacks; makes top security solution available to Canadian customers
Bromium and The Herjavec Group Partner to Deliver Innovative Endpoint Protection (Bromium) Most advanced security solution now available to Canadian customers
Syniverse and Telus team on secure credit card purchases abroad (Finextra) Syniverse and Telus are optimising the mobile experience to deliver even more peace of mind to customers that make credit card purchases while travelling
AirPatrol ZoneDefense 5 Allows Automatic Changes for Mobile Device Security Based on Location (App Developer Magazine) AirPatrol is offering a new add-in for its ZoneDefense 5 mobile device security platform that will allow organizations using the Enterprise Mobility Management suite from VMware's AirWatch to automatically switch security policies of smartphones and tablets based on the device's owner and location
The automated threat mitigation tool helping to beat Big Data security blues (ZDNet) Hexadite hopes to make automated security palatable to even the most outsourcing-cautious
Continuous monitoring for your perimeter (Help Net Security) Qualys Continuous Monitoring is a next-generation cloud service that gives you the ability to identify threats and unexpected changes in your Internet perimeter before they turn into breaches. With it, you can track what happens within Internet-facing devices throughout your DMZs and cloud environments — anywhere in the world
Technologies, Techniques, and Standards
TUM researchers develop defense software "TCP Stealth" (Technische Universität München) Today, a group of journalists has reported the existence of the "Hacienda" spy program. According to this report, five western intelligence agencies are using the Hacienda software to identify vulnerable servers across the world in order to control them and use them for their own purposes. Scientists at the Technische Universität München (TUM) have developed free software that can help prevent this kind of identification and thus the subsequent capture of systems
It's time for PGP to die, says … no, not the NSA — a US crypto prof (The Register) 'We've come a long way since the 1990s, but PGP mostly hasn't'
Is your encryption getting out of control? (Help Net Security) 2014 marks the 25th anniversary of the creation of the World Wide Web. From its earliest beginnings, users have demanded security for their sensitive information and web sites have universally responded by supporting encryption protocols such as SSL/TLS to encrypt data as it moved across the wires
Why Patching Makes My Heart Bleed (Dark Reading) Heartbleed was a simple mistake that was allowed to propagate through "business as usual" patching cycles and change management. It could easily happen again
A portable router that conceals your Internet traffic (Ars Technica) Def Con presentation unveils OPSEC tool for the rest of us — some assembly required
7 Places to Check for Signs of a Targeted Attack in Your Network (TrendLabs Security Intelligence Blog) Targeted attacks are designed to circumvent existing policies and solutions within the target network, thus making their detection a big challenge. As we've stressed in our previous entry about common misconceptions about targeted attacks, there is no one-size-fits-all solution against it; enterprises need to arm themselves with protection that can provide sensors where needed, as well as IT personnel equipped enough to recognize anomalies within the network and to act accordingly
AppLocker Event Logs with OSSEC 2.8 (Internet Storm Center) In a previous post, Monitoring Windows Networks Using Syslog, I discussed using syslog to send the event logs to a SIEM. This post covers another technique for collecting event log data for analysis
Before Getting Rid of Your Old Printer, Say "Goodbye" to Lingering Data (HackSurfer) In the security business, there's a lot of talk about protecting your smartphones and computers from malware and viruses, as well as loss and theft. It makes sense. Most of us use our smartphones and computers on a daily basis and keep important information on them like passwords, user names, and credit card numbers. But there are other devices that hold sensitive data that we don't really talk about. For example, printers
Password confessions of a security expert (ITProPortal) I have a confession. It's hard to admit, and I know it might make me a bit of a social pariah and an outcast in the industry I work in but I need to get this off my chest: I used a single password for many online services *deep breath* for a long time
What Businesses Can Learn from Public Safety Analytics (Data Informed) Big data, at its core, is an optimist's game. Using surveys and numbers, we hope to learn why someone buys a certain shaving cream, or one car over another — and then to turn that knowledge into dollars. In this scrutiny, we are imagining ourselves at our most reasonable, our most profitable. But to best understand human behavior, should commerce look at our most destructive acts, too?
Research and Development
7 futuristic authentication systems DARPA is funding (IT World) From analyzing the way you walk to your heartbeat, these password killers could be here soon
Hackers in demand to fight cyber-attacks (Yomiuri Shimbun) Confusing the word "hacker," which usually refers to individuals with expert computer and networking talents, with "cracker," referring to those who use such skills for illegal activities, is considered a major reason why there was little demand in Japan to foster more individuals that have expert computer and information security knowledge
Time To Broaden CompSci Curriculum Beyond STEM (Dark Reading) Having a visual arts background may not be the traditional path for a career in infosec, but it's a skill that makes me no less effective in analyzing malware patterns — and often faster
Academy introduces computer network security major (AFNS) Even as the U.S. Air Force Academy has reduced the number of majors it offers recently, it has instituted a new program aimed at helping the Air Force fly, fight and win in cyberspace
Legislation, Policy, and Regulation
In the Fight Against Russia, Ukraine Flirts with Kremlinesque Internet Censorship (Global Voices) A new draft law in Ukraine threatened to empower the government to shut down media outlets and block websites in the name of national security. The law, which passed its first reading in parliament yesterday, has exasperated local journalists, civil society figures, and the international community. The outrage grew so loud that today deputies agreed to remove and soften most of the censorship measures, but proposed moving some of them to existing media laws to achieve some measure of control over dissenting media outlets
US defense contractors still waiting for breach notification rules (Help Net Security) US Department of Defense contractors will have to wait until September 24 to see what specific rules they will be required to follow when it comes to the reporting of computer breaches to the DoD
Rogers sets course for a new era at NSA (FedScoop) There may be more tales yet to come from Edward Snowden, arguably the most wanted man in the world, but Adm. Michael Rogers will be damned if he'll allow one man and a handful of journalists to write the final chapter in the National Security Agency's storied history
Schneier: Cyber-retaliation like that exposed by Snowden report a bad idea (CSO) It's too hard to know for sure who's behind attacks, he says
Privacy group calls for halt of EU-US Safe Harbour agreement (ComputerWeekly) A US consumer protection and privacy organisation has called for the suspension of the EU-US Safe Harbour agreement covering the transfer of citizens' data from Europe to the US
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
Safeguarding Health Information: Building Assurance through HIPAA Security - 2014 (Washington, DC, USA, Sep 23 - 24, 2014) The conference will explore the current health information technology security landscape and the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. This event will highlight the present state of health information security, and practical strategies, tips and techniques for implementing the HIPAA Security Rule. The Security Rule sets federal standards to protect the confidentiality, integrity and availability of electronic protected health information by requiring HIPAA covered entities and their business associates to implement and maintain administrative, physical and technical safeguards
Hack.lu 2014 (arc Hotel Alvisse, Luxembourg, Oct 21 - 24, 2014) Hack.lu is an open convention/conference where people can discuss about computer security, privacy, information technology and its cultural/technical implication on society
SANS Cyber Defense Summit and Training (Nashville, Tennessee, USA, Aug 13 - 20, 2014) The SANS Institute's Cyber Defense Summit will be paired with intensive pre-summit hands-on information security training (August 13-18). This event marks the first time that SANS will conduct a training event and Summit that brings together cyber defense practitioners focused on defensive tactics as opposed to offensive approaches to thwart cyber attackers and prevent intrusions.
Resilience Week (Denver, Colorado, USA, Aug 19 - 21, 2014) Symposia dedicated to promising research in resilient systems that will protect critical cyber-physical infrastructures from unexpected and malicious threats—securing our way of life.
AFCEA Technology & Cyber Day (Tinker AFB, Oklahoma, USA, Aug 21, 2014) The Armed Forces Communications & Electronics Association (AFCEA) — Oklahoma City Chapter will once again host the 10th Annual Information Technology & Cyber Security Day at Tinker AFB. This is the only event of its kind held at Tinker AFB each year. This annual event allows exhibitors the opportunity to network with key information technology, cyber security, communications, engineering, contracting personnel and decision makers at Tinker AFB. Over 250 attendees participated in the 2013 event and we expect the same level of attendance in 2014.
c0c0n: International Information Security and Hacking Conference (, Jan 1, 1970) c0c0n, previously known as Cyber Safe, is an annual event conducted as part of the International Information Security Day. The Information Security Research Association along with Matriux Security Community is organizing a 2 day International Security and Hacking Conference titled c0c0n 2014, as part of Information Security Day 2014. c0c0n 2013 was supported by the Kerala Police and we expect the same this year too. Various technical, non-technical, legal and community events are organized as part of the program. c0c0n 2014 is scheduled on 22, 23 Aug 2014.
Build IT Break IT Fix IT: Build IT (Online, Aug 28, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security contest aims to teach students to write more secure programs. The contest evaluates participants' abilities to develop secure and efficient programs. The contest is broken up into three rounds that take place over consecutive weekends. During the Build It round, builders write software that implements the system prescribed by the contest. In the Break It round, breakers find as many flaws as possible in the Build It implementations submitted by other teams. During the Fix It round, builders attempt to fix any problems in their Build It submissions that were identified by other breaker teams. Each round will respectively start on August 28th, September 4th, and September 12th
The Hackers Conference (New Delhi, India, Aug 30, 2014) The Hackers Conference is an unique event, where the best of minds in the hacking world, leaders in the information security industry and the cyber community along with policymakers and government representatives on cyber security meet face-to-face to join their efforts to cooperate in addressing the most topical issues of the Internet Security space. This is the third edition of the Conference. Following the huge success of the conference last year the current edition of the conference brings back to you all the knowledge, all the fun in a better, grander way.
SEACRYPT 2013 (Vienna, Austria, Sep 2 - 4, 2014) The purpose of SECRYPT 2014, the International Conference on Security and Cryptography, is to bring together researchers, mathematicians, engineers and practitioners interested on security aspects related to information and communication. Theoretical and practical advances in the fields of cryptography and coding are a key factor in the growth of data communications, data networks and distributed computing. In addition to the mathematical theory and practice of cryptography and coding, SECRYPT also focuses on other aspects of information systems and network security, including applications in the scope of the knowledge society in general and information systems development in particular, especially in the context of e-business, internet and global enterprises. Papers are due April 15, 2014.
Build IT Break IT Fix IT: Break IT (Online, Sep 4, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security contest aims to teach students to write more secure programs. The contest evaluates participants' abilities to develop secure and efficient programs. The contest is broken up into three rounds that take place over consecutive weekends. During the Build It round, builders write software that implements the system prescribed by the contest. In the Break It round, breakers find as many flaws as possible in the Build It implementations submitted by other teams. During the Fix It round, builders attempt to fix any problems in their Build It submissions that were identified by other breaker teams. Each round will respectively start on August 28th, September 4th, and September 12th
Security B-Sides Cape Breton (Sydney, Nova Scotia, Canada, Sep 5, 2014) Security B-Sides Cape Breton is an open platform that gives security experts, enthusiasts, and industry professionals the opportunity to share ideas, insights, and develop longstanding relationships with others in the community. It is a rare opportunity to directly connect and create trusted relationships with key members of the community.
BalCCon2k14: Balkan Computer Congress (Novi Sad, Serbia, Sep 5 - 7, 2014) The Balkan Computer Congress is an international hacker conference organized by LUGoNS — Linux Users Group of Novi Sad and Wau Holland Foundation from Hamburg and Berlin. It is the second conference taking place in the Balkans, where some 20 years ago people were at war with each other. Now the BalCCon brings together hackers, hacktivists and computer enthusiasts from this area and they are joined by fellow hackers from all over the world. This event emphasizes the role of hacking as a mean of peaceful cooperation and international understanding. The program consist of numerous presentations, workshops and lectures about information, privacy, technology, programming, free software and socio-political issues. One part of the congress will be dedicated to hacking, project and hacks
Ground Zero Summit, Sri Lanka (Colombo, Sri Lanka, Sep 9 - 10, 2014) Ground Zero Summit 2014, Colombo will be a unique gathering of Cyber Security Researchers, Hackers, CERTs, Corporates and Government officials to discuss latest hacks, exploits, research and cyber threats. Sri Lanka is now transitioning from being a developing economy to Global economy with blooming telecommunications, insurance, banking, tourism and information technology services. Sri Lanka will be exposed to cyber threats similar to India thus, a synergy between Indian and Sri Lankan Cyber Security Communities will be beneficial for both countries in combating the threats to their information security
Detroit SecureWorld (Detroit, Michigan, USA, Sep 9 - 10, 2014) Two days of cyber security education and networking. Earn 12-16 CPE credits, network with industry peers, and take advantage of more than sixty educational events. Over the past decade SecureWorld has emerged as one of North America's most vital cyber-security conference, providing globally relevant education, training and networking for cyber-security professionals on a regional level. SecureWorld provides more content and facilitates more professional connections than any other event in the cyber-security industry. Established in 2002, SecureWorld offers many different continuing professional education sessions over two days in 14 cities throughout the United States.
Cyber Attack Against Payment Processes Exercise 1 (Online, Sep 9 - 10, 2014) FS-ISAC, the Financial Services Information Sharing and Analysis Center will conduct its fifth annual simulated cyber security exercise related to payment processes used by banks, community institutions, credit unions and associated financial services organizations. Over a two day period this fall, hundreds of security, risk and IT professionals will experience a highly realistic set of scenarios in a safe environment in order to practice and improve their response to cyber incidents. The teams are encouraged to involve multiple parts of their organizations, from IT and security to payments experts to communications teams to line of business leaders and executive teams. The simulation is known as CAPP or Cyber Attack Against Payment Processes
AFCEA TechNet Augusta 2014: Achieving Force 2025 Through Signals and Cyber (Augusta, Georgia, USA, Sep 9 - 11, 2014) The overall theme of TechNet Augusta 2014 is "Achieving Force 2025 Through Signals and Cyber." The overall focus is on Army ground forces, including Joint component interface, other Department of Defense Organizations, Inter-Agency, Industry, and Academia. Presentations, panels, and track sessions will highlight empowerment of Soldiers on the battlefield through training, different methodologies for connecting through enhanced technology, and command and control functions to enable the U.S. Armed Forces to dominate the battlefield. Government, industry, and academia speakers will address a broad range of topics and focus on the importance of the network, security issues, and training to enable operational forces to modernize and be ready to meet emerging challenges in 2025 and beyond.
Build IT Break IT Fix IT: Fix IT (Online, Sep 12, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security contest aims to teach students to write more secure programs. The contest evaluates participants' abilities to develop secure and efficient programs. The contest is broken up into three rounds that take place over consecutive weekends. During the Build It round, builders write software that implements the system prescribed by the contest. In the Break It round, breakers find as many flaws as possible in the Build It implementations submitted by other teams. During the Fix It round, builders attempt to fix any problems in their Build It submissions that were identified by other breaker teams. Each round will respectively start on August 28th, September 4th, and September 12th
Suits and Spooks London (London, England, UK, Sep 12, 2014) On September 12th, in London's South bank neighborhood of Southwork, approximately 50 former intelligence officials, corporate executives, and security practitioners from the U.S. and the EU will gather at the top floor auditorium of the Blue Fin building, just behind the Tate Modern museum in Central London to discuss present and future threats to global critical infrastructure and how best to mitigate them. It will be closed to the press and held under the Chatham House Rule
NOPcon Security Conference (Istanbul, Turkey, Sep 16, 2014) NOPcon is a non-profit hacker conference. It is the only geek-friendly conference without sales pitches in Turkey. The conference aims to learn and exchange ideas and experiences between security researchers, consultants and developers
SINET Global Summit (London, England, UK, Sep 16 - 17, 2014) "Advancing Global Collaboration and Innovation." Global Summit focuses on building international public-private partnerships that will improve the protection of our respective homeland's critical infrastructures, national security and economic interests. The Global Summit's objective is to build and maintain international communities of interest and trust that foster vital information sharing, broad awareness and the application of our nation's most innovative technologies to enable a safer and more secure homeland for the United States, United Kingdom and our trusted allies. The US Department of Homeland Security Science & Technology Directorate supports this event along with Her Majesty's Government (HMG) as the UK representative.
Cyber Attack Against Payment Processes Exercise 2 (Online, Sep 16 - 17, 2014) FS-ISAC, the Financial Services Information Sharing and Analysis Center will conduct its fifth annual simulated cyber security exercise related to payment processes used by banks, community institutions, credit unions and associated financial services organizations. Over a two day period this fall, hundreds of security, risk and IT professionals will experience a highly realistic set of scenarios in a safe environment in order to practice and improve their response to cyber incidents. The teams are encouraged to involve multiple parts of their organizations, from IT and security to payments experts to communications teams to line of business leaders and executive teams. The simulation is known as CAPP or Cyber Attack Against Payment Processes
Global Identity Summit (Tampa, Florida, USA, Sep 16 - 18, 2014) The Global Identity Summit is focused on identity management solutions for corporate, defense and homeland security communities. This conference and associated exhibition bring together a distinctive, yet broad comprehensive look at the identity management capabilities, challenges and solutions in the topic areas of: Biometrics, Radio-Frequency Identification, Mobile, Cyber, Smart Card Technologies, and Big Data.
Fraud Summit Toronto (Toronto, Ontario, Canada, Sep 17, 2014) From account takeover to payment card fraud and the emerging mobile threatscape, the ISMG Fraud Summit series is where thought-leaders meet to exchange insights on today's top schemes and the technology solutions designed to stop them.
Defense Intelligence Agency (DIA)/National Intelligence University (NIU) Open House (Washington, DC, USA, Sep 17, 2014) On September 17, 2014, the National Intelligence University (NIU) will hold a Tech Expo as part of its annual "NIU OUTREACH DAY" in the Tighe Lobby of DIA Headquarters on Joint Base Bolling-Anacostia. This Tech Expo will be open to all personnel within the DIA Headquarters as well as the 600+ students and faculty of NIU. Several of the 'schools' within DIA are expected to participate with their own exhibitions, including: School of Intelligence Studies, School of Science and Technology Intelligence, Center for Strategic Intelligence Research and Center for International Engagement and the John T. Hughes Library.
Cloud Security Alliance Congress 2014 (, Jan 1, 1970) This year, the CSA and the International Association of Privacy Professionals (IAPP) are combining their Congress US and Privacy Academy events into a conference in the heart of Silicon Valley that will offer attendees eighty sessions to choose from covering all aspects of privacy and cloud security. Nowhere else will cloud, IT and privacy professionals be able to meet and learn from each other, and gain visibility to practical, implementable solutions delivered by leading industry experts. Together the conferences will broaden the educational and networking opportunities available to both IAPP and CSA members. Proposals for speakers are due February 21, 2014.
CSA Congress 2014 & IAPP Privacy Academy 2014 (San Jose, California, USA, Sep 17 - 19, 2014) This year, the CSA and the International Association of Privacy Professionals (IAPP) are combining their Congress US and Privacy Academy events into a conference in the heart of Silicon Valley. This conference will offer attendees more than eighty sessions to choose from covering all aspects of privacy and cloud security.
Ft. Meade Technology Expo (Fort Meade, Maryland, USA, Sep 18, 2014) The Ft. Meade Technology Expo is a one-day event held at the Officers' Club (Club Meade) on base. Industry vendors will have the unique opportunity to showcase their products and services to personnel that may otherwise be unattainable. The target audience will be comprised of personnel from the ARMY, the newly headquartered DISA (Defense Information Systems Agency), DMA (Defense Media Activity), DINFOS (Defense Information School), and Ft. Meade's various military personnel. All of the above groups and military units around the base will receive promotions for this event.
The 2014 Cyber Security Summit (New York, New York, USA, Sep 18, 2014) The Cyber Security Summit, an exclusive conference series sponsored by The Wall Street Journal, has announced their second annual event in New York City. The event will connect C-Level & Senior Executives responsible for protecting their companies' critical infrastructures with cutting-edge technology providers and renowned information security experts. This informational forum will focus on educating attendees on how to best protect their highly vulnerable business applications and intellectual property. Attendees will have the opportunity to meet the nation's leading solution providers and discover the latest products and services for enterprise cyber defense
Dutch Open Hackathon (Amsterdam, the Netherlands, Sep 20 - 21, 2014) Join leading Dutch companies, during a 30-hour hackathon, as they open up APIs and technologies. Work together and develop new applications and drive global innovation
St. Louis SecureWorld (, Jan 1, 1970) Offering two days of cyber security education. Earn 12-16 CPE credits, network with industry peers, and take advantage of more than sixty educational events. Over the past decade SecureWorld has emerged as one of North America's most vital cyber-security conference, providing globally relevant education, training and networking for cyber-security professionals on a regional level. SecureWorld provides more content and facilitates more professional connections than any other event in the cyber-security industry. Established in 2002, SecureWorld offers many different continuing professional education sessions over two days in 14 cities throughout the United States.
Rock Stars of Cybersecurity (Austin, Texas, USA, Sep 24, 2014) The unprecedented Target breach and NSA spying scandal have put cybersecurity in the global spotlight. With cyberattacks on the rise, it is now even more important to learn how to identify weaknesses and protect company infrastructure from incursions. At the Rock Stars of Cybersecurity conference, well-respected cybersecurity authorities from leading companies will deliver case studies and actionable advice that you can immediately put to use.
VB2014 (, Jan 1, 1970) Over its 24-year history, the VB conference has become a major highlight of the IT security calendar, with many of its regular attendees citing it as the security event of the year. The conference provides a focus for the industry, representing an opportunity for experts in the field to share their research interests, discuss methods and technologies and set new standards, as well as meet with - and learn from - those who put their technologies into practice in the real world.
DerbyCon 4.0 (Louisville, Kentucky, USA, Sep 24 - 28, 2014) Welcome to DerbyCon 4.0 — "Family Rootz". This is the place where security professionals from all over the world come to hang out. DerbyCon 4.0 will be held September 24-28th, 2014. DerbyCon 2013 pulled in over 2,000 people with an amazing speaker lineup and a family-like feel. We've listened to your feedback and plan on making this conference even better this year
BruCON 2014 (Ghent, Belgium, Sep 25 - 26, 2014) BruCON is an annual security and hacker conference providing two days of an interesting atmosphere for open discussions of critical infosec issues, privacy, information technology and its cultural/technical implications on society. Organized in Belgium, BruCON offers a high quality line up of speakers, security challenges and interesting workshops. BruCON is a conference by and for the security and hacker community.
ROOTCON 8 (, Jan 1, 1970) ROOTCON is the first hacking convention in the Philippines. A hacker conference and not a seminar, training or a workshop. It will feature the following tracks: advanced HTTP header security analysis, browser extension malware extend cybercrime capabilities, new techniques: email-based threat and attacks, shellcode exploit analysis: tips and tricks, the Necurs rootkit, social engineering: hacking the mind, an hacking your way to ROOTCON.
INTEROP (New York, New York, USA, Sep 29 - Oct 3, 2014) Interop returns to New York with practical and visionary conference sessions designed to help you accelerate your career. This year's conference tracks include: Applications, Business of IT, Cloud Connect Summit, Collaboration, Infrastructure, Mobility, Risk Management & Security, and Software-Defined Networking (SDN)