The CyberWire Daily Briefing 08.19.14

Summary

By The CyberWire Staff

Observers note that ISIS/ISIL (a.k.a. the Caliphate) conducts information operations, but that its more aggressive cyber capabilities remain obscure. There's little mystery about its information operations: ISIS's favored social media platform, "The Dawn of Glad Tidings," communicates messages like "We will drown you in blood" (without signs of cognitive dissonance).

ISIS's opponents in the Assad regime's camp deploy more familiar capabilities: they've long served up RAT (remote access Trojan) campaigns.

Schneier evaluates al Qaeda encryption software, along with recent stories about its provenance.

Nextgov reports that some US Nuclear Regulatory Commission personnel were apparently successfully phished. A foreign intelligence service is suspected, but there's no attribution yet.

Australian security services find evidence of snooping in the foreign minister's phone. Sources say they know which country did it, but for now they're not saying.

Reports of BND surveillance produce a strong reaction (as expected) from the Turkish government.

The Community Health data breach (disclosed, note, in an 8-k filing with the SEC) is a curious one. It has the look and feel of conventional (if sophisticated) cyber crime (as Radware notes), but Mandiant attributes it to "APT 18," a Chinese group that normally probes the defense and aerospace sectors (and that's been associated with the Chinese government, although Mandiant stops short of direct attribution). CrowdStrike calls the group "Dynamite Panda," if you're keeping score, and connects it to hacks directed against human rights groups and the chemical industry.

The Supervalu data breach investigation proceeds. Observers have begun calling it "another Target."

Notes.

Today's issue includes events affecting Australia, China, Ecuador, France, Germany, Iran, Iraq, Ireland, Republic of Korea, Lebanon, Russia, Sweden, Syria, Turkey, Ukraine, United Arab Emirates, United Kingdom, United States

Selected Reading

Cyber Trends

How To Save The Net (Wired) It's impossible to overstate how much the Internet matters. It has forever altered how we share information and store it for safekeeping, how we communicate with political leaders, how we document atrocities and hold wrongdoers accountable, how we consume entertainment and create it, even how we meet others and maintain relationships. Our society is strengthened and made more democratic by the open access the Internet enables. But the Internet as we know it is at risk from a variety of threats ranging from cybercrime to its very infrastructure, which wasn't built to withstand the complications our dependence upon it causes

How to Save the Net: A CDC for Cybercrime (Wired) The Internet may be made up of software and hardware, but it is an ecosystem that depends on a key human value: trust. The networks and systems must be able to trust the information we are sending, and in turn we have to be able to trust the information we receive.

Data Breach Puts Focus on Beefed-Up Card Security (Wall Street Journal) A data breach that hit customers of nearly 1,000 grocery stores around the U.S. is likely to intensify a push by banks and retailers to introduce a new generation of credit cards designed to be more secure. A string of high-profile intrusions at retailers such as Target Inc. and Neiman Marcus Group and restaurant chain P.F. Chang's China Bistro Inc. had already kick-started a drive to roll out cards embedded with microchips, which

Why it is time to intensify employee education on phishing (CSO) Phishers are getting craftier at creating convincing email to dupe recipients

Survey: Healthcare lagging in information governance (FierceHealthIT) Healthcare organizations must improve their information governance (IG) practices, which are an "undeniable imperative," according to an American Health Information Management Association (AHIMA) white paper

Legislation, Policy and Regulation

Turkey Expresses Outrage at Reports of Routine Spying by Germany, a NATO Ally (New York Times) After angrily insisting for months that "friends don't spy," the German government struggled Monday to respond to news media reports that its intelligence services routinely spy on Turkey, a NATO ally, and inadvertently captured at least one conversation each involving Hillary Rodham Clinton when she was secretary of state and her successor, John Kerry

Iran Vows to Block All "Unlicensed" Websites (Global Voices) Last week, Iran's Ministry of Culture and Islamic Guidance announced that all news websites that do not obtain government-issued licenses will be blocked nationwide

Users should know what websites are blocked: Comms Department (ZDNet) Australians should be informed that the website they're trying to reach has been blocked by the government, according to talking points from the Department of Communications

Rogers: Cybercom Defending Networks, Nation (DoD News) U.S. Cyber Command continues to expand its capabilities and capacity, Navy Adm. Mike Rogers said Aug. 14

A first step in reining in the NSA (Los Angeles Times) A little more than a year after former National Security Agency contractor Edward Snowden revealed that the federal government was collecting and storing the telephone records of millions of Americans, Congress is poised to end the program and provide significant protection for a broad range of personal information sought by government investigators

How to Save the Net: Break Up the NSA (Wired) By treating the Internet as a giant surveillance platform, the NSA has betrayed the Internet and the world. It has subverted the products, protocols, and standards that we use to protect ourselves. It has left us all vulnerable — to foreign governments, to cybercriminals, to hackers. And it has transformed the Internet into a medium that no one can trust

Towards A Career Path in Cyberspace Operations for Army Officers (Small Wars Journal) In the past five years, the Department of Defense (DoD) recognized the emergence of cyberspace as an operational domain and created U.S. Cyber Command (USCYBERCOM). These events were the result of the realization that cyber operations are both a critical vulnerability and a massive opportunity. Within the Army, U.S. Army Cyber Command (ARCYBER) was created as the single command to conduct and oversee the Army's operations in cyberspace

Products, Services, and Solutions

Covertix Announces Partnership with Intapp to Enhance Law Firm Information Security (IT Business) Covertix, a cyber-security software provider announced today that it is partnering with Intapp, a global leader in legal software, to integrate Covertix SmartCipher document encryption technology with Intapp Wall Builder, the industry's most adopted confidentiality management product

Covertix and Younts Consulting Sign a Partner Agreement (Broadway World) Covertix, a cyber-security software provider announced today that it has signed a partner agreement with Younts Consulting to target law firms and corporate legal departments

Game On Hackers — See How Good You Are! (CSO) Application security firm Checkmarx has released a new game designed to help developers, coders and consumers improve their code security skills. Game of Hacks provides pieces of codes and challenges players to find the vulnerability as fast as possible

Alliance Key Manager Now Available on AWS Marketplace (Broadway World) Townsend Security, the encryption company, today announced Alliance Key Manager for Amazon Web Services (AWS) is available in AWS Marketplace. The solution helps organizations add additional layers of protection to their data

ReversingLabs extracts malicious files from network traffic (Help Net Security) ReversingLabs announced the N1000 Network File Threat Sensor appliance that employs Active Decomposition and Predictive Detection technologies to detect threats in files contained in email, web and file transfer traffic

New Release Yara 3.0 (SecTechno) Over this week a new version of Yara have been released. YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strings and a boolean expression which determine its logic

Technologies, Techniques, and Standards

FlowViewer (Sourceforge) FlowViewer is a web-based netflow data analysis tool

What's More Important Than Accountability? (Internet Governance Project) ICANN is now running two processes dealing with the accountability of its global Internet governance regime: 1) the IANA transition and 2) The "enhancing ICANN accountability and Governance process"

Association issues cybersecurity guide for hospital boards (Inside Cybersecurity) The American Hospital Association this week released a new member guide on the role of hospital and health system boards in managing cybersecurity risk and response

EHR fraud prevention: What providers and payers must know (FierceEMR) Simply using an electronic health record does not necessarily lead to billing fraud. But some of their functionalities, meant to create efficiencies, can lead to documentation that causes improper billing, as well as outright fraud

10 steps to an insider threat program (Federal Times) Since its inception, the Department of Homeland Security has invested significant time and resources into detecting and mitigating insider threats, integrating information from a variety of internal sources including the Office of the Chief Human Capital Officer, the Chief Information Security Officer, the CIO, CSO, and Internal Affairs at both the component and headquarters levels

Coder tries shaming apps and site owners into using HTTPS (Help Net Security) How can we force website owners and software developers to start using HTTPS? Coder Tony Webster believes shaming might be the right answer

Marketplace

Wary of the West, Russia and China Expand Trade in Computer Software (Moscow Times) As Russia's relations with the West spoil over Ukraine, the Kremlin has agreed to broaden software deliveries to China, with increased supplies of Chinese servers, storage systems and other IT products set to come the other way, Russian Communications and Mass Media Minister Nikolai Nikiforov said Monday

IBM Bolsters Security Wares With Lighthouse, Crossideas Acquisitions (IT Jungle) With a few notable exceptions, IBM does not like to make big bang acquisitions. Rather, the company prefers to buy smaller companies that are onto a niche and are poised to grow and could use the help of Big Blue's 140-country reach and massive salesforce and partner channel. The company has made two such small acquisitions in the security field in recent weeks

BlackBerry splits high-growth Internet of Things, cryptography and embedded software assets into new division (Smart Company) BlackBerry has split a number of its high growth businesses in fields such as the Internet of Things and its patent library into a new business unit called BlackBerry Technology Solutions (BTS)

Biz Break: Imperva names new CEO with history of acquisitions (San Jose Mercury News) Imperva replaces founder Shlomo Kramer as CEO with Anthony Bettencourt, who has led his last two companies through acquisitions

Security startup Lookout will add Boston office after naming local exec CEO (BetaBoston) Interesting string of events for Lookout, a San Francisco startup that focuses on security for mobile devices…In March, the company named former Verivue and Akamai executive Jim Dolce as CEO. Last week, the company added $150 million in new funding. And in October, the company plans to open its first U.S. office outside of the Bay Area, in downtown Boston

Startup Spotlight: CloudPassage's Software-defined Security (eSecurity Planet) As the software-defined data center becomes more common, enterprises are seeking security solutions that are abstracted from the underlying infrastructure

Research and Development

Research unveils improved method to let computers know you are human (Help Net Security) CAPTCHA services that require users to recognize and type in static distorted characters may be a method of the past, according to studies published by researchers at the University of Alabama at Birmingham

Human cryptography the key to online voting (The Australian) Human-powered cryptographic protocols could be used to secure online transactions and electronic voting following a new research project

MoD sponsors cyber defence automation competition (ComputerWeekly) The Ministry of Defence (MoD) has announced £2m in sponsorship for a competition to find innovative ways of automating cyber defences

Security Patches, Mitigations, and Software Updates

Microsoft pulls August Windows update after crashes (PC World) Microsoft has pulled the links to its August update for Windows 8.1 and recommends users uninstall it

Microsoft Releases Hotfix for Recent Internet Explorer Speed Issues (MaximumPC) When a Microsoft exec revealed that company currently has no plans of porting Internet Explorer over to Android and iOS during a Reddit Ask Me Anything (AMA) session, we were left scratching our heads as to why that might be. Here's a possible explanation: It could be that the Internet Explorer team is too busy fixing IE for Windows to build entirely new versions of the browser

Microsoft Investigating Faulty Patch Causing Blue Screen Of Death (CRN) Microsoft is investigating a potentially faulty Windows security update that is causing some systems to crash, and is removing the download links to the updates until it can determine what is causing the error

Theories for Unreliable Microsoft Patches (Windows IT Pro) If you're just waking up to the work week and just now realizing there was a lot of patching news over the weekend, I'd like to personally apologize for it. Patch Tuesdays leading to Unpatch Mondays are never a good thing, but that's what Microsoft is suggesting in a couple cases. If you have no idea what I'm talking about, read through the following to catch up

Cyber Attacks, Threats, and Vulnerabilities

The ISIS cyber threat — a great unknown (C4ISR & Networks) Back in 2009, during his detention at Camp Bucca in Iraq, Abu Bakr al-Baghdadi, the ISIS leader said, "I'll see you guys in New York"

Islamic State message: "We will drown all of you in blood" (USA Today) The Islamic State militant group sends a message to the United States via social media saying "we will drown all of you in blood"

Syrian Hackers Ramp Up RAT Attacks (Infosecurity Magazine) Security researchers have uncovered evidence of escalating cyber attacks emanating from Syria which use tried and tested techniques to download remote access trojans (RATs) onto victim PCs

The Security of al Qaeda Encryption Software (Schneier on Security) The web intelligence firm Recorded Future has posted two stories about how al Qaeda is using new encryption software in response to the Snowden disclosures. NPR picked up the story a week later

Exclusive: Nuke Regulator Hacked by Suspected Foreign Powers (Nextgov) Nuclear Regulatory Commission computers within the past three years were successfully hacked by foreigners twice and also by an unidentifiable individual, according to an internal investigation

Bishop latest hacking casualty in global game of phones (ZDNet) Australian Foreign Minister Julie Bishop is the latest in a string of high profile politicians to be targeted by suspected state-sponsored phone hackers, having her smartphone seized by local intelligence officials after a two-week international sojourn

Community Health says data stolen in cyber attack from China (Reuters via Yahoo! News) Community Health Systems Inc , one of the biggest U.S. hospital groups, said on Monday it was the victim of a cyber attack from China, resulting in the theft of Social Security numbers and other personal data belonging to 4.5 million patients

Community Health Systems blames China for recent data breach (CSO) CHS says that Mandiant blames China

Form 8-K: Current Report Pursuant to Section 13 or 15(d) of the Securities Exchange Act of 1934 August 18, 2014 (Community Health Systems, Inc.) In July 2014, Community Health Systems, Inc. (the "Company") confirmed that its computer network was the target of an external, criminal cyber attack that the Company believes occurred in April and June, 2014. The Company and its forensic expert, Mandiant (a FireEye Company), believe the attacker was an "Advanced Persistent Threat" group originating from China who used highly sophisticated malware and technology to attack the Company's systems

British spy agency scanned for vulnerable systems in 32 countries, German paper reveals (CSO) Heise Online reveals top-secret details about the GCHQ's 'Hacienda' program

Android ransomware masquerades as Symantec mobile AV (Help Net Security) A new piece of Android ransomware is doing rounds, and is tricking users into installing it by posing as a legitimate AV app

New TorrentLocker Ransomware Uses CryptoLocker and CryptoWall Components (Softpedia) An active phishing campaign that is probably targeting Australian users has been spotted by security researchers to drop a new type of ransomware, which contains elements from CryptoLocker and CryptoWall but with a totally different underlying code

Massive 300Gbps DDoS attack on media firm fuelled by unpatched server flaw (Computerworld) Supermicro IPMI flaw used to create huge botnet, says VeriSign

DDoS extortion attacks on the rise (IT Web) 'Pay up or we'll take your Web site down', so goes the adage that usually accompanies ransom-based cyber attacks, says Bryan Hamman of Arbor Networks. While digital ransom attacks come in various types and forms, Distributed Denial of Service (DDoS) attacks are top of the list of methods used by attackers to force money from targeted companies

Supervalu says it was breached — is it the next Target? (Naked Security) US retailer Supervalu is warning customers that an intrusion of its network may have resulted in the theft of credit and debit card numbers from up to 200 of its stores

Alert (TA14-212A) Backoff Point-of-Sale Malware (US-CERT) This advisory was prepared in collaboration with the National Cybersecurity and Communications Integration Center (NCCIC), United States Secret Service (USSS), Financial Sector Information Sharing and Analysis Center (FS-ISAC), and Trustwave Spiderlabs, a trusted partner under contract with the USSS. The purpose of this release is to provide relevant and actionable technical indicators for network defense

Boffins find hundreds of thousands of woefully insecure IoT devices (The Register) Eeewww! Thousands of connected contraptions share firmware

Beware: A Factory Reset Doesn't Actually Delete Your Android's Data (Tripwire: The State of Security) Android devices are popular targets for cybercriminals using malicious malware in order to access users' sensitive information. Now, researchers have unveiled another red flag for Android users and the security of their data

Ebola Fear Being Used to Steal Passwords: Symantec (NDTV) As news of the Ebola epidemic in West Africa gathers interest globally, a group of cyber criminals have been using the disease to steal passwords via emails

Army criminal investigators warn of romance scammers pretending to be troops (Colorado Springs Gazette) You've met the soldier of your dreams online. It's true love, even if they need a little cash. That's no GI, the Army's Criminal Investigation Command says. It's a scam

Bulletin (SB14-230) Vulnerability Summary for the Week of August 11, 2014 (US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information

Academia

Preparing Kids for Cyber Jobs and Cyber Warfare (Fiscal Times) In April of this year, high school students from Iowa gathered at the Hilton Coliseum in Ames to match wits in a new kind of competition. They weren't testing their knowledge on traditional subjects like geography or history; they were competing at a computer "hackathon" to see who could code like a pro

CIOs need to nurture raw IT talent to power the future economy (ComputerWeekly) Each year, with the publication of A-level results, hundreds of thousands of school leavers embark on a journey that ultimately fuels the talent pool feeding the UK economy

Cultivating IT Talent (ComputerWeekly) Training school leavers could help organisations develop the IT skills they require and fill the growing skills gap

UNO receives $300K grant for cyber security training (New Orleans City Business) Vassil Roussev, a University of New Orleans computer science professor, has received a two-year $300,000 grant from the National Science Foundation to offer students cutting-edge training in the field of cyber security

Keeping college networks secure (Help Net Security) Morris Altman is the Director of Network Services and Internet Security Officer at Queens College, a senior college of the City University of New York. Queens College is the third largest university system in the US in terms of enrolment, with a faculty and staff of 5,000 and student population of nearly 20,000

Litigation, Investigation, and Enforcement

US won't release Russian MP's son being held on PoS hacking charges (Naked Security) A US federal court on Friday refused to release a Russian man arrested in the Maldives under suspicion of rigging retail point of sale (PoS) systems to rip off credit card details

2.1 Million Stolen Credit Card Numbers Found on Seleznev's Laptop, Bail Denied (Softpedia) During a bail hearing on Friday for Roman Valerevich Seleznev, prosecutors revealed that a laptop computer containing 2.1 million stolen credit card numbers was seized from the defendant

Former chiefs of S.Korean cyber command charged with political intervention (Xinhua via the Shanghai Daily) Two former chiefs of South Korean cyber command were charged with being involved in posting political comments online before the presidential election and general election in 2012, Seoul's Defense Ministry said Tuesday

National journalist held in Iran for 'security issues' (The National) Iran's judiciary said on Monday that Yeganeh Salehi, a foreign correspondent for The National, is being held for "security issues"

Worries mount over law enforcement using technology to disrupt protests amid Ferguson unrest (FierceHomelandSecurity) While the use of military-style tactics and equipment to quash protests in Ferguson, Mo., last week drew widespread concern about police infringing on First Amendment rights, some civil liberties advocates are increasingly concerned about software that law enforcement could potentially exploit to thwart protests as well

FBI tightening use of national security letters after extensive review, but typo problem persists (FierceHomelandSecurity) The FBI has made notable strides in bringing its practices around national security letters more into compliance with the law, but not when it comes to typographical errors, says a new report from the Justice Department's inspector general

Irish Credit Unions Accused of Using Stolen Data to Find Customers (Infosecurity Magazine) Irish credit unions have come under fire after allegations that they hired private investigators to illegally obtain government-held data on their customers

Raytheon wins £224m from Home Office over e-Borders cancellation (ComputerWeekly) A tribunal has found the Home Office unlawfully terminated a contract with Raytheon Systems Limited (RSL) over its e-Borders programme

Hundreds of police investigated over social media misuse (The Week) One officer tried to befriend a victim on Facebook while others sent racist or homophobic messages

Assange to leave Ecuador embassy 'soon' (Computerworld via CSO) Wikileaks founder has been living at the embassy building in the UK since June 2012 to avoid extradition to Sweden

Arrest over Twitter parody of mayor wasn't "unreasonable," Peoria says (Ars Technica) "We took every step in accordance with the law," city's attorney says

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

NYIT Cyber Security Conference (New York, New York, USA, September 18, 2014) Presented by NYIT's School of Engineering and Computing Sciences, this conference will address a broad range of pressing topics including privacy; innovations in enterprise security; systems security and the Internet of things; mobile security; the protection of critical infrastructure, organizations, and individuals against cyberattacks; and cybersecurity research and education frontiers. Keynote speeches by Robert Bigman, CEO 2BSecure LLC, Former Chief Information Security Officer, Central Intelligence Agency and Phyllis Schneck, Ph.D., Deputy Under Secretary for Cybersecurity, U.S. Department of Homeland Security

Journal of Law and Cyber Warfare First Annual Cyber Warfare One Day Symposium (New York, New York, USA, November 6, 2014) The Journal of Law and Cyber Warfare is proud to present the First Annual Cyber Warfare One Day Symposium. Join us as senior lawyers, technology chiefs, government officials, and academics discuss the current threat of cyber security and how it is affecting US corporations. CLE credit is available on certain panels

upcoming Events

SANS Cyber Defense Summit and Training (Nashville, Tennessee, USA, August 13 - 20, 2014) The SANS Institute's Cyber Defense Summit will be paired with intensive pre-summit hands-on information security training (August 13-18). This event marks the first time that SANS will conduct a training event and Summit that brings together cyber defense practitioners focused on defensive tactics as opposed to offensive approaches to thwart cyber attackers and prevent intrusions.

Resilience Week (Denver, Colorado, USA, August 19 - 21, 2014) Symposia dedicated to promising research in resilient systems that will protect critical cyber-physical infrastructures from unexpected and malicious threats—securing our way of life.

AFCEA Technology & Cyber Day (Tinker AFB, Oklahoma, USA, August 21, 2014) The Armed Forces Communications & Electronics Association (AFCEA) — Oklahoma City Chapter will once again host the 10th Annual Information Technology & Cyber Security Day at Tinker AFB. This is the only event of its kind held at Tinker AFB each year. This annual event allows exhibitors the opportunity to network with key information technology, cyber security, communications, engineering, contracting personnel and decision makers at Tinker AFB. Over 250 attendees participated in the 2013 event and we expect the same level of attendance in 2014.

c0c0n: International Information Security and Hacking Conference (, January 1, 1970) c0c0n, previously known as Cyber Safe, is an annual event conducted as part of the International Information Security Day. The Information Security Research Association along with Matriux Security Community is organizing a 2 day International Security and Hacking Conference titled c0c0n 2014, as part of Information Security Day 2014. c0c0n 2013 was supported by the Kerala Police and we expect the same this year too. Various technical, non-technical, legal and community events are organized as part of the program. c0c0n 2014 is scheduled on 22, 23 Aug 2014.

Build IT Break IT Fix IT: Build IT (Online, August 28, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security contest aims to teach students to write more secure programs. The contest evaluates participants' abilities to develop secure and efficient programs. The contest is broken up into three rounds that take place over consecutive weekends. During the Build It round, builders write software that implements the system prescribed by the contest. In the Break It round, breakers find as many flaws as possible in the Build It implementations submitted by other teams. During the Fix It round, builders attempt to fix any problems in their Build It submissions that were identified by other breaker teams. Each round will respectively start on August 28th, September 4th, and September 12th

The Hackers Conference (New Delhi, India, August 30, 2014) The Hackers Conference is an unique event, where the best of minds in the hacking world, leaders in the information security industry and the cyber community along with policymakers and government representatives on cyber security meet face-to-face to join their efforts to cooperate in addressing the most topical issues of the Internet Security space. This is the third edition of the Conference. Following the huge success of the conference last year the current edition of the conference brings back to you all the knowledge, all the fun in a better, grander way.

SEACRYPT 2013 (Vienna, Austria, September 2 - 4, 2014) The purpose of SECRYPT 2014, the International Conference on Security and Cryptography, is to bring together researchers, mathematicians, engineers and practitioners interested on security aspects related to information and communication. Theoretical and practical advances in the fields of cryptography and coding are a key factor in the growth of data communications, data networks and distributed computing. In addition to the mathematical theory and practice of cryptography and coding, SECRYPT also focuses on other aspects of information systems and network security, including applications in the scope of the knowledge society in general and information systems development in particular, especially in the context of e-business, internet and global enterprises. Papers are due April 15, 2014.

Build IT Break IT Fix IT: Break IT (Online, September 4, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security contest aims to teach students to write more secure programs. The contest evaluates participants' abilities to develop secure and efficient programs. The contest is broken up into three rounds that take place over consecutive weekends. During the Build It round, builders write software that implements the system prescribed by the contest. In the Break It round, breakers find as many flaws as possible in the Build It implementations submitted by other teams. During the Fix It round, builders attempt to fix any problems in their Build It submissions that were identified by other breaker teams. Each round will respectively start on August 28th, September 4th, and September 12th

Security B-Sides Cape Breton (Sydney, Nova Scotia, Canada, September 5, 2014) Security B-Sides Cape Breton is an open platform that gives security experts, enthusiasts, and industry professionals the opportunity to share ideas, insights, and develop longstanding relationships with others in the community. It is a rare opportunity to directly connect and create trusted relationships with key members of the community.

BalCCon2k14: Balkan Computer Congress (Novi Sad, Serbia, September 5 - 7, 2014) The Balkan Computer Congress is an international hacker conference organized by LUGoNS — Linux Users Group of Novi Sad and Wau Holland Foundation from Hamburg and Berlin. It is the second conference taking place in the Balkans, where some 20 years ago people were at war with each other. Now the BalCCon brings together hackers, hacktivists and computer enthusiasts from this area and they are joined by fellow hackers from all over the world. This event emphasizes the role of hacking as a mean of peaceful cooperation and international understanding. The program consist of numerous presentations, workshops and lectures about information, privacy, technology, programming, free software and socio-political issues. One part of the congress will be dedicated to hacking, project and hacks

Ground Zero Summit, Sri Lanka (Colombo, Sri Lanka, September 9 - 10, 2014) Ground Zero Summit 2014, Colombo will be a unique gathering of Cyber Security Researchers, Hackers, CERTs, Corporates and Government officials to discuss latest hacks, exploits, research and cyber threats. Sri Lanka is now transitioning from being a developing economy to Global economy with blooming telecommunications, insurance, banking, tourism and information technology services. Sri Lanka will be exposed to cyber threats similar to India thus, a synergy between Indian and Sri Lankan Cyber Security Communities will be beneficial for both countries in combating the threats to their information security

Detroit SecureWorld (Detroit, Michigan, USA, September 9 - 10, 2014) Two days of cyber security education and networking. Earn 12-16 CPE credits, network with industry peers, and take advantage of more than sixty educational events. Over the past decade SecureWorld has emerged as one of North America's most vital cyber-security conference, providing globally relevant education, training and networking for cyber-security professionals on a regional level. SecureWorld provides more content and facilitates more professional connections than any other event in the cyber-security industry. Established in 2002, SecureWorld offers many different continuing professional education sessions over two days in 14 cities throughout the United States.

Cyber Attack Against Payment Processes Exercise 1 (Online, September 9 - 10, 2014) FS-ISAC, the Financial Services Information Sharing and Analysis Center will conduct its fifth annual simulated cyber security exercise related to payment processes used by banks, community institutions, credit unions and associated financial services organizations. Over a two day period this fall, hundreds of security, risk and IT professionals will experience a highly realistic set of scenarios in a safe environment in order to practice and improve their response to cyber incidents. The teams are encouraged to involve multiple parts of their organizations, from IT and security to payments experts to communications teams to line of business leaders and executive teams. The simulation is known as CAPP or Cyber Attack Against Payment Processes

AFCEA TechNet Augusta 2014: Achieving Force 2025 Through Signals and Cyber (Augusta, Georgia, USA, September 9 - 11, 2014) The overall theme of TechNet Augusta 2014 is "Achieving Force 2025 Through Signals and Cyber." The overall focus is on Army ground forces, including Joint component interface, other Department of Defense Organizations, Inter-Agency, Industry, and Academia. Presentations, panels, and track sessions will highlight empowerment of Soldiers on the battlefield through training, different methodologies for connecting through enhanced technology, and command and control functions to enable the U.S. Armed Forces to dominate the battlefield. Government, industry, and academia speakers will address a broad range of topics and focus on the importance of the network, security issues, and training to enable operational forces to modernize and be ready to meet emerging challenges in 2025 and beyond.

Build IT Break IT Fix IT: Fix IT (Online, September 12, 2014) The Build it Break it Fix it security contest is a new security-oriented programming contest held by the Maryland Cybersecurity Center, Cyberpoint, and Trail of Bits. The Build it Break it Fix it security contest aims to teach students to write more secure programs. The contest evaluates participants' abilities to develop secure and efficient programs. The contest is broken up into three rounds that take place over consecutive weekends. During the Build It round, builders write software that implements the system prescribed by the contest. In the Break It round, breakers find as many flaws as possible in the Build It implementations submitted by other teams. During the Fix It round, builders attempt to fix any problems in their Build It submissions that were identified by other breaker teams. Each round will respectively start on August 28th, September 4th, and September 12th

Suits and Spooks London (London, England, UK, September 12, 2014) On September 12th, in London's South bank neighborhood of Southwork, approximately 50 former intelligence officials, corporate executives, and security practitioners from the U.S. and the EU will gather at the top floor auditorium of the Blue Fin building, just behind the Tate Modern museum in Central London to discuss present and future threats to global critical infrastructure and how best to mitigate them. It will be closed to the press and held under the Chatham House Rule

NOPcon Security Conference (Istanbul, Turkey, September 16, 2014) NOPcon is a non-profit hacker conference. It is the only geek-friendly conference without sales pitches in Turkey. The conference aims to learn and exchange ideas and experiences between security researchers, consultants and developers

5th Annual Billington Cybersecurity Summit (Washington, DC, USA, September 16, 2014) The 5th Annual Billington Cybersecurity Summit, a leading conference produced by Billington CyberSecurity, will feature an all-star cast of cybersecurity speakers including Admiral Michael Rogers, Commander, U.S. Cyber Command and Director, National Security Agency/Chief, Central Security Service. This leading summit also will feature Michael Daniel, Special Assistant to the President and Cybersecurity Coordinator, The White House; David DeWalt, Chairman and Chief Executive Officer, FireEye; Dr. Phyllis Schneck, Deputy Under Secretary for Cybersecurity, NPPD, Department of Homeland Security, along with over twenty-five other distinguished speakers. Along with increasing awareness on the most pressing cybersecurity topics, one of the primary goals of this summit is to enhance networking. Thus, three new features have been added to this year's summit: 1. Cybersecurity Interactive Roundtable Sessions: These tables will enable attendees to exchange experiences and information regarding all of the dire cybersecurity topics. 2. One-on-One Meetings: These intimate encounters with the cybersecurity experts will allow your questions to be answered in a personalized manner. 3. Multiple Tracks: Several, concurrent tracks will be offered at this summit in order for a more thorough education about cybersecurity in the healthcare, finance and energy sectors, about continuous monitoring and insider threats

SINET Global Summit (London, England, UK, September 16 - 17, 2014) "Advancing Global Collaboration and Innovation." Global Summit focuses on building international public-private partnerships that will improve the protection of our respective homeland's critical infrastructures, national security and economic interests. The Global Summit's objective is to build and maintain international communities of interest and trust that foster vital information sharing, broad awareness and the application of our nation's most innovative technologies to enable a safer and more secure homeland for the United States, United Kingdom and our trusted allies. The US Department of Homeland Security Science & Technology Directorate supports this event along with Her Majesty's Government (HMG) as the UK representative.

Cyber Attack Against Payment Processes Exercise 2 (Online, September 16 - 17, 2014) FS-ISAC, the Financial Services Information Sharing and Analysis Center will conduct its fifth annual simulated cyber security exercise related to payment processes used by banks, community institutions, credit unions and associated financial services organizations. Over a two day period this fall, hundreds of security, risk and IT professionals will experience a highly realistic set of scenarios in a safe environment in order to practice and improve their response to cyber incidents. The teams are encouraged to involve multiple parts of their organizations, from IT and security to payments experts to communications teams to line of business leaders and executive teams. The simulation is known as CAPP or Cyber Attack Against Payment Processes

Global Identity Summit (Tampa, Florida, USA, September 16 - 18, 2014) The Global Identity Summit is focused on identity management solutions for corporate, defense and homeland security communities. This conference and associated exhibition bring together a distinctive, yet broad comprehensive look at the identity management capabilities, challenges and solutions in the topic areas of: Biometrics, Radio-Frequency Identification, Mobile, Cyber, Smart Card Technologies, and Big Data.

Fraud Summit Toronto (Toronto, Ontario, Canada, September 17, 2014) From account takeover to payment card fraud and the emerging mobile threatscape, the ISMG Fraud Summit series is where thought-leaders meet to exchange insights on today's top schemes and the technology solutions designed to stop them.

Defense Intelligence Agency (DIA)/National Intelligence University (NIU) Open House (Washington, DC, USA, September 17, 2014) On September 17, 2014, the National Intelligence University (NIU) will hold a Tech Expo as part of its annual "NIU OUTREACH DAY" in the Tighe Lobby of DIA Headquarters on Joint Base Bolling-Anacostia. This Tech Expo will be open to all personnel within the DIA Headquarters as well as the 600+ students and faculty of NIU. Several of the 'schools' within DIA are expected to participate with their own exhibitions, including: School of Intelligence Studies, School of Science and Technology Intelligence, Center for Strategic Intelligence Research and Center for International Engagement and the John T. Hughes Library.

Cloud Security Alliance Congress 2014 (, January 1, 1970) This year, the CSA and the International Association of Privacy Professionals (IAPP) are combining their Congress US and Privacy Academy events into a conference in the heart of Silicon Valley that will offer attendees eighty sessions to choose from covering all aspects of privacy and cloud security. Nowhere else will cloud, IT and privacy professionals be able to meet and learn from each other, and gain visibility to practical, implementable solutions delivered by leading industry experts. Together the conferences will broaden the educational and networking opportunities available to both IAPP and CSA members. Proposals for speakers are due February 21, 2014.

CSA Congress 2014 & IAPP Privacy Academy 2014 (San Jose, California, USA, September 17 - 19, 2014) This year, the CSA and the International Association of Privacy Professionals (IAPP) are combining their Congress US and Privacy Academy events into a conference in the heart of Silicon Valley. This conference will offer attendees more than eighty sessions to choose from covering all aspects of privacy and cloud security.

Ft. Meade Technology Expo (Fort Meade, Maryland, USA, September 18, 2014) The Ft. Meade Technology Expo is a one-day event held at the Officers' Club (Club Meade) on base. Industry vendors will have the unique opportunity to showcase their products and services to personnel that may otherwise be unattainable. The target audience will be comprised of personnel from the ARMY, the newly headquartered DISA (Defense Information Systems Agency), DMA (Defense Media Activity), DINFOS (Defense Information School), and Ft. Meade's various military personnel. All of the above groups and military units around the base will receive promotions for this event.

The 2014 Cyber Security Summit (New York, New York, USA, September 18, 2014) The Cyber Security Summit, an exclusive conference series sponsored by The Wall Street Journal, has announced their second annual event in New York City. The event will connect C-Level & Senior Executives responsible for protecting their companies' critical infrastructures with cutting-edge technology providers and renowned information security experts. This informational forum will focus on educating attendees on how to best protect their highly vulnerable business applications and intellectual property. Attendees will have the opportunity to meet the nation's leading solution providers and discover the latest products and services for enterprise cyber defense

Dutch Open Hackathon (Amsterdam, the Netherlands, September 20 - 21, 2014) Join leading Dutch companies, during a 30-hour hackathon, as they open up APIs and technologies. Work together and develop new applications and drive global innovation

St. Louis SecureWorld (, January 1, 1970) Offering two days of cyber security education. Earn 12-16 CPE credits, network with industry peers, and take advantage of more than sixty educational events. Over the past decade SecureWorld has emerged as one of North America's most vital cyber-security conference, providing globally relevant education, training and networking for cyber-security professionals on a regional level. SecureWorld provides more content and facilitates more professional connections than any other event in the cyber-security industry. Established in 2002, SecureWorld offers many different continuing professional education sessions over two days in 14 cities throughout the United States.

Rock Stars of Cybersecurity (Austin, Texas, USA, September 24, 2014) The unprecedented Target breach and NSA spying scandal have put cybersecurity in the global spotlight. With cyberattacks on the rise, it is now even more important to learn how to identify weaknesses and protect company infrastructure from incursions. At the Rock Stars of Cybersecurity conference, well-respected cybersecurity authorities from leading companies will deliver case studies and actionable advice that you can immediately put to use.

VB2014 (, January 1, 1970) Over its 24-year history, the VB conference has become a major highlight of the IT security calendar, with many of its regular attendees citing it as the security event of the year. The conference provides a focus for the industry, representing an opportunity for experts in the field to share their research interests, discuss methods and technologies and set new standards, as well as meet with - and learn from - those who put their technologies into practice in the real world.

DerbyCon 4.0 (Louisville, Kentucky, USA, September 24 - 28, 2014) Welcome to DerbyCon 4.0 — "Family Rootz". This is the place where security professionals from all over the world come to hang out. DerbyCon 4.0 will be held September 24-28th, 2014. DerbyCon 2013 pulled in over 2,000 people with an amazing speaker lineup and a family-like feel. We've listened to your feedback and plan on making this conference even better this year

BruCON 2014 (Ghent, Belgium, September 25 - 26, 2014) BruCON is an annual security and hacker conference providing two days of an interesting atmosphere for open discussions of critical infosec issues, privacy, information technology and its cultural/technical implications on society. Organized in Belgium, BruCON offers a high quality line up of speakers, security challenges and interesting workshops. BruCON is a conference by and for the security and hacker community.

ROOTCON 8 (, January 1, 1970) ROOTCON is the first hacking convention in the Philippines. A hacker conference and not a seminar, training or a workshop. It will feature the following tracks: advanced HTTP header security analysis, browser extension malware extend cybercrime capabilities, new techniques: email-based threat and attacks, shellcode exploit analysis: tips and tricks, the Necurs rootkit, social engineering: hacking the mind, an hacking your way to ROOTCON.

INTEROP (New York, New York, USA, September 29 - October 3, 2014) Interop returns to New York with practical and visionary conference sessions designed to help you accelerate your career. This year's conference tracks include: Applications, Business of IT, Cloud Connect Summit, Collaboration, Infrastructure, Mobility, Risk Management & Security, and Software-Defined Networking (SDN)

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.