The CyberWire Daily Briefing 10.23.14

Summary

By The CyberWire Staff

ISIS stays on message, burnishing its image through varied information operations.

Local disputes give rise to cyber-rioting in the Balkans and the Caucasus.

Chinese cyber espionage continues apace, with Australian lawyers (whose networks after all contain significant client data, including sensitive business information) noticeably in the crosshairs. Subversion of iCloud in China also continues, and observers note that whoever's responsible has an appetite for login credentials.

"Pawn Storm," which Trend Micro calls "an active economic and political cyber-espionage operation," has a target list strongly suggestive of Russian security services as the guiding intelligence. Further investigation of "Energetic Bear" and "Dragonfly" leads some (like F-Secure) to conclude that pharma and biotech were at least as significant targets as energy, and that the cyber campaign's goal may have been preparation for large-scale economic disruption.

Windows zero-days CVE-2014-6352 and CVE-2014-4114 (Sandworm) continue to be exploited in the wild. (Microsoft has made a Fixit available, and HP urges everyone to install it.)

A new Koler worm variant infests Android systems, spreading by SMS.

Widespread malvertising on many networks — AOL and Yahoo among them — is distributing CryptoWall ransomware.

A remote code execution vulnerability is reported in Cisco's Ironport WSA Telnetd.

NIST issues its Federal cloud roadmap.

The judge presiding over alleged SilkRoad kingpin Ross Ulbricht's trial is subjected to unusually vicious darknet doxing whose stated goal is helping drug cartels to kill her and her family.

Baltimore artist Claire Girodie is commissioned to create a work of art for November's Women in Cyber Security reception.

Notes.

Today's issue includes events affecting Albania, Armenia, Australia, Azerbaijan, Belgium, Chile, China, European Union, Iraq, Poland, Russia, Serbia, Syria, Turkey, United Kingdom, United States

Selected Reading

Cyber Trends

Cyber Threats: Information vs. Intelligence (Dark Reading) Cyber threat intelligence or CTI is touted to be the next big thing in InfoSec. But does it narrow the security problem or compound it?

Open-Source Software Brings Bugs To Web Applications (Dark Reading) An average of eight severe security flaws from open-source and third-party code can be found in each web application, according to new findings from Veracode

Shellshock & Why EHRs Need Updating (InformationWeek) Nearly half of all security breaches occur in healthcare, and outdated medical records systems make data more vulnerable. An up-to-date EHR system can help solve security concerns, save money, and improve patient care

Think before you share that file (Help Net Security) It's hard to read through the news nowadays without stumbling upon some type of data breach or leak. Recently, Apple's iCloud service has been in the limelight, following the theft and distribution of celebrities' private photos

The Dawn of World War IV: America Under Cyber Attack (Huffington Post) Einstein was wrong. World War IV will not be fought with sticks or rocks. It will be fought with bits and bytes, Trojans and bots, APTs and zero-days — it's already started and we're already losing

Legislation, Policy and Regulation

EU group: NSA's 'balance' of security, privacy in surveillance sucks (Networkworld) Three SURVEILLE teams of EU-funded experts studied NSA mass surveillance techniques for the purpose of a counter-terrorism investigation and basically found the surveillance 'failed drastically in striking the correct balance between security and privacy'

SURVEILLE Paper Assessing Surveillance in the Context of Preventing a Terrorist Act (European Union via Just Security) SURVEILLE deliverable D2.8 continues the approach pioneered in SURVEILLE deliverable D2.6 for combining technical, legal and ethical assessments for the use of surveillance technology in realistic serious crime scenarios

Where's the NSA reform? Our view (USA TODAY) Despite outcry, government still collects your phone data

Pro-Privacy Senator Wyden on Fighting the NSA From Inside the System (Wired) Senator Ron Wyden thought he knew what was going on

Former NSA chief on cyber attacks: 'We've got to work together' (Fortune) Keith Alexander, the former director of the U.S. National Security Agency, says there ought to be fewer secrets between businesses and government agencies

Key Republican says cyber bill has 80 percent chance of passage (The Hill) House Homeland Security Committee Chairman Michael McCaul (R-Texas) says his cyber information sharing bill has an 80 percent chance of becoming law during Congress's lame-duck session

They're Tracking When You Turn Off the Lights (Wall Street Journal) Municipal Sensor Networks Measure Everything From Air Pollution to Pedestrian Traffic; Building 'a Fitbit for the City'

Mary McCord, Anita Singh, Luke Dembosky Appointed to Leadership Roles at DOJ's Security Org (ExecutiveGov) The U.S. Justice Department has appointed three new executives within the agency's national security division and renamed an internal program for coordinating counterterrorism initiatives

Products, Services, and Solutions

How Apple Pay security controls may mitigate payment card breaches (TechTarget) The newly launched Apple Pay mobile payment system could deliver the most secure shopping experience for U.S. customers yet, though it still may not be perfect

Duo Security announces U2F authentication support (ZDNet) U2F is Universal 2nd Factor, the first FIDO Alliance standard for two-factor authentication. The goal: simple systems to combat phishing and other credential breaches

3eTI's New Cyber Device Improves Security Of Critical Infrastructure (HS Today) As the world continues to become rapidly interconnected, organizations are struggling to develop new technologies fast enough to meet the constantly evolving security concerns accompanying the growth of the Internet of Things. With the vulnerabilities created by wider connectivity, critical infrastructure has become an increasingly attractive target for cyber attackers

ForeScout CounterACT Receives Five-star Rating in SC Magazine Group Test (MarketWatch) CounterACT named top NAC solution and 'Best Buy' for second year in a row

Technologies, Techniques, and Standards

Final NIST cloud roadmap sets 'action plans' for gov't cloud adoption (FierceGovernmentIT) The National Institute of Standards and technology Oct. 21 published a final version of its U.S. Government Cloud Computing Technology Roadmap

Special Publication 500-293: US Government Cloud Computing Technology Roadmap Volume I — High-Priority Requirements to Further USG Agency Cloud Computing Adoption (NIST) The National Institute of Standards and Technology (NIST), consistent with its mission, has a technology leadership role in support of United States Government (USG) secure and effective adoption of the Cloud Computing model to reduce costs and improve services. This role is described in the 2011 Federal Cloud Computing Strategy as "… a central one in defining and advancing standards, and collaborating with USG Agency CIOs, private sector experts, and international bodies to identify and reach consensus on cloud computing technology & standardization priorities"

In dot we trust: If you keep to this 124-page security rulebook, you can own yourname.trust (Register) Step 1: Don't get owned. Step 2: Use HTTPS. Step 3: … NCC Group has published a set of security standards that you'll have to follow if you want to operate a .trust website

INSA promoting dialogue on cyber threat intelligence with new white paper, blog, NIST RFI (INSA) Many senior executives and managers are not receiving the right type of cyber intelligence to efficiently and effectively inform their organizations' risk management processes, according to a new white paper published today by the Intelligence and National Security Alliance's Cyber Intelligence Task Force

Operational Cyber Intelligence (INSA) The third white paper in the "Levels Of Cyber Intelligence" series — While much attention has been paid to cyber attacks against organizations of all sizes and from across all sectors, there has been less discussion of how organizations can strengthen their risk management processes in such a diverse and evolving threat climate. Operational cyber intelligence encompasses an understanding of both tactical means — how cyber threats function to disrupt and/or degrade an organization's networks and cyber capabilities — and the broader strategic motivations of potential adversaries

Fight fire with fire: Using speed and sophistication to combat cyber attacks (IT Pro Portal) During a cyber attack, every second counts. While an attack can happen in an instant, it can take months to remove it from an organisation's infrastructure. For some organisations, there can be more attacks in one hour than a well-staffed security team can address in an entire day. That's a big problem

How to defend against brute-force router attacks from Sality malware (TechTarget) The Sality malware has reemerged with new capabilities: brute-forcing passwords on wireless access points. Enterprise threats expert Nick Lewis explains how to

Cloud Security: Shared Responsibility in Action (Trend Micro) Security in the cloud is a shared responsibility. I've written about this before, but with AWS re:Invent right around the corner, now is a good time to explore this idea further and see what the model looks like when applied in production

Marketplace

Cybersecurity Stock Directory Update for National Cyber Security Awareness Month (PR Newswire) Investorideas.com, a global news source covering leading sectors including cybersecurity releases its updated cybersecurity stock directory for investors following the sector in conjunction with National Cyber Security Awareness Month

A Closer Look at CloudFlare and Incapsula: Next Generation CDN Services (Smart Data Collective) Content delivery networks (CDNs) are online services that were traditionally used to help accelerate the distribution of web content and ensure business continuity

The "Soft and Chewy Centers" That Put Your Data at Risk (MIT Technology Review) A security startup called Illumio launching today has already signed up Yahoo and other large companies that need new ways to protect their data centers

Gartner Positions Wombat Security Technologies as "Leader" in Magic Quadrant for Security Awareness Computer-Based Training Vendors (MarketWired) Wombat Security Technologies (Wombat), a leading provider of cyber security awareness and training solutions, today announced Gartner, Inc. has positioned Wombat as a "Leader" in its 2014 Magic Quadrant for Security Awareness Computer-Based Training Vendors report

Cyber security firm Alert Logic opens in Cardiff (BBC) A US cyber security company is officially opening its European HQ in Cardiff, creating almost 130 jobs

Securonix Appoints Former Bank of America Executive as Chief Scientist to Further Advance the Use of Machine Learning for Cyber and Insider Threat Detection (MarketWired) Securonix today announced the appointment of Igor Baikalov as Chief Scientist to lead the research and analytics division at Securonix

Security Patches, Mitigations, and Software Updates

Microsoft misses Windows bug, hackers slip past patch (Computerworld) Last week's security update 'not robust enough,' say researchers who co-reported flaw

Windows Update drivers bricking USB serial chips beloved of hardware hackers (Ars Technica) The move to combat counterfeit chips leaves hobbyists stuck in the middle

Apple to stop SSL 3.0 support for push notifications soon (IDG via CSO) Apple will stop support next week for an encryption protocol found to contain a severe vulnerability, the company said on Wednesday

Cyber Attacks, Threats, and Vulnerabilities

The Islamic State's media warfare (al Monitor) When Abu Bakr al-Baghadi, the Islamic State's (IS) leader and self-styled caliph, appeared July 4 for the first time in Mosul, a symbolic venue was chosen by those who manage the media strategy of the world's most wanted terrorist group

The Cyber-Attacks And Fears Of Cyber-War To Come (In Serbia) Following the drone and flag incident that plagued what should have been a friendly and peaceful football match, the majority of Serbian news media websites were the victims of a direct distributed denial-of-service (DDoS) attack by hackers apparently working for Albanian interests, causing all but one such media website and associated servers to go offline for hours before being restored

Websites of Azerbaijani Embassies Hacked by Armenian Hackers (HackRead) Armenian hackers from Monte Melkonian Cyber Army (MMCA) are back in action with yet another high-profile hack. This time the group has hacked and defaced the official website of Azerbaijan Association of judges of specialized courts, Azerbaijan Bank training Center, Azerbaijan embassy in Belgium and Poland

Chinese APT groups targeting Australian lawyers (Register) Have a bit of sympathy, people: lawyers hold YOUR data and juicy stuff about big deals

iCloud users in China under attack. But who could be after their passwords? (We Live Security) Earlier this week, an organisation that monitors internet censorship in China reported what appears to have been a concerted effort to steal the login credentials of Apple iCloud users

Operation Pawn Storm: The Red in SEDNIT (TrendLabs Security Intelligence Blog) Pawn Storm is an active economic and political cyber-espionage operation targeting a wide range of entities, mostly those related to the military, governments, and media

Pharmaceuticals, Not Energy, May Have Been True Target Of Dragonfly, Energetic Bear (Dark Reading) New research says the compromised companies were suppliers for OEMs that served pharma and biotech

Malware directs stolen documents to Google Drive (Help Net Security) Researchers have uncovered a new type of information-stealing malware that is apparently used in campaigns targeting government agencies and can syphon files from compromised computers to Google Drive

Vulnerability in Microsoft OLE Could Allow Remote Code Execution (Microsoft Security Tech Center) Microsoft is aware of a vulnerability affecting all supported releases of Microsoft Windows, excluding Windows Server 2003. The vulnerability could allow remote code execution if a user opens a specially crafted Microsoft Office file that contains an OLE object. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. The attack requires user interaction to succeed on Windows clients with a default configuration, as User Account Control (UAC) is enabled and a consent prompt is displayed

Attackers Exploiting Windows OLE Zero Day Vulnerability (Threatpost) Attackers are using a zero day vulnerability in nearly all supported versions of Windows in a series of targeted attacks. The flaw is in the OLE technology in Windows and can be used for remote code execution is a targeted user opens a rigged Office file

CVE-2014-6352 OLE packager vulnerability and a failed patch for SandWorm (HP) A few days ago, Microsoft disclosed a new vulnerability related to the Microsoft Office OLE object (CVE-2014-6352) that looks like a variant of the SandWorm vulnerability (CVE-2014-4114). While the original vulnerability was patched with MS14-060, Microsoft has released a FixIt for this new vulnerability - and we recommend you install it to protect yourself from this attack

New CVE-2014-4114 Attacks Seen One Week After Fix (TrendLabs Security Intelligence Blog) Despite the availability of fixes related to the Sandworm vulnerability (CVE-2014-4114), we are still seeing new attacks related to this flaw. These attacks contain a new routine that could prevent detection

Koler worm spreads via SMS, holds phones for ransom (Help Net Security) A new variant of the Android malware Koler now spreads by text message and holds infected users' phones hostage until a ransom is paid

Hackers have violated ticketing system based on NFC in Chile (Security Affairs) Unknowns have hacked the NFC based electronic payment system used in Chile, the "Tarjeta BIP!", spreading an Android hack that allows users to re-charge cards for free

WYSIWYG Editors Could be an Avenue for XSS Attacks, Warns Researcher (Tripwire: the State of Security) Many websites have a WYSIWYG editor. You may not even realise that you are using one, but — if you think about it — chances are that many of the sites that you visit allow you make forum posts, publish blog entries, post private messages, update wiki entries, submit support tickets, create signatures or leave comments

Massive malvertising campaign on Yahoo, AOL and other sites delivers ransomware (IDG via CSO) Malicious advertisements made their way last week to almost two dozen popular websites and used browser-based exploits to infect computers with CryptoWall, a nasty file-encrypting ransomware program

Alert (TA14-295A) Crypto Ransomware (US-CERT) Ransomware is a type of malicious software (malware) that infects a computer and restricts access to it until a ransom is paid to unlock it. This Alert is the result of Canadian Cyber Incident Response Centre (CCIRC) analysis in coordination with the United States Department of Homeland Security (DHS) to provide further information about crypto ransomware

Cisco Ironport WSA telnetd Remote Code Execution (Packet Storm) The Cisco Ironport WSA virtual appliances are vulnerable to an old FreeBSD telnetd encryption Key ID buffer overflow which allows remote attackers to execute arbitrary code. Cisco WSA Virtual appliances have the vulnerable telnetd daemon enabled by default

telnetd rulez: Cisco Ironport WSA Telnetd Remote Code Execution Vulnerability (Internet Storm Center) We received the following vulnerability advisory for a remote code execution vuln identified and reported in Cisco's Ironport WSA Telnetd

Insecure Protocol Puts 1.2M SOHO Devices At Risk (Dark Reading) Enterprises should take care to prohibit NAT-PMP traffic on untrusted network interfaces

Hostile Subdomain Takeover using Heroku/Github/Desk + more (Detectify (h/t Team Cymru)) Hackers can claim subdomains with the help of external services. This attack is practically non-traceable, and affects at least 17 large service providers and multiple domains are affected

Spam Campaign Taking Advantage of Ebola Scare May Lead To Malware Infections (Trustwave SpiderLabs) Cybercriminals have inevitably taken advantage of the publicization of the Ebola virus in the news for several months. We've spotted a couple of malicious spam samples that reference the Ebola virus in the last week. The image below shows an example of one such e-mail purporting to be from the World Health Organization

U.S. government probes medical devices for possible cyber flaws (Reuters) The U.S. Department of Homeland Security is investigating about two dozen cases of suspected cybersecurity flaws in medical devices and hospital equipment that officials fear could be exploited by hackers, a senior official at the agency told Reuters

April 911 Outage Affected 3.5 Percent of U.S. Population (Threatpost) In the early hours of April 10, a series of errors led to a massive, multi-state outage in the emergency call management centers (ECMCs) that handle 911 calls in seven geographically dispersed states. The incident originated at an obscure but critical call routing hub in Englewood, Colo., and ended up knocking out the emergency communication infrastructure for more than 11 million citizens

Litigation, Investigation, and Enforcement

Judge in Silk Road case gets threatened on Darknet (Ars Technica) "I hope some drug cartel that lost money will murder this lady and her family"

Documentary 'Citizenfour' tracks Edward Snowden's surveillance disclosures (San Jose Mercury News) Many documentaries aim to kick-start environmental movements, reverse death sentences or change legislative policy. But few come with the kind of ambition of the Edward Snowden film "Citizenfour," a movie of grand scope that tells an intimate, personal story about the weighty issue of government surveillance of U.S. citizens

Edward Snowden Said Targeted Surveillance Could've Prevented the Boston Marathon Bombings (BostInno) In a streamed interview at Harvard, Snowden explains how mass surveillance inadvertently led to tragedy

From one in the know: Snowden is a traitor and likely ‘agent of Vladimir Putin’ (World Tribune) Charlie Speight is a retired executive from the National Security Agency, which he joined in 1975. During his time at the NSA, he was a National Intelligence Officer, analyst, watch officer, operational staff officer, interagency liaison, senior editor in the Strategic Communications Directorate, and communications officer for the NSA Director

Hacked and ashamed? C'mon, Brits ? report that cybercrime (Register) Gov.uk campaign: Consumer security led to '£670m losses'

FDA computer network vulnerable to data breaches (FierceHealthIT) Systems don't enforce account lockout, error messages reveal sensitive information and more

Penetration Test of the Food and Drug Administration's Computer Network (Department of Health and Human Services Office of the Inspector General) This report provides an overview of the results of our penetration test of the Food and Drug Administration's (FDA) computer network. It does not include specific details of the vulnerabilities that we identified because of the sensitive nature of the information. We provided more detailed information and recommendations to FDA so that it could address the issues we identified

VA: Hackers Never Siphoned Data out of its Systems (Nextgov) The Department of Veterans Affairs' computer networks and systems remain under constant threat — including from attacks by foreign actors — but no data has been "exfiltrated" as a result of attacks, Stephen Warren, the department's chief information officer said at a media roundtable yesterday

Leader of Team Digi7al sentenced today to serve twenty-four months in federal prison (Office of Inadequate Security) Daniel Trenton Krueger, one of two leaders of the computer hacking group known as Team Digi7al, was sentenced today to serve twenty-four months in federal prison for hacking the U.S. Navy, National Geospatial-Intelligence Agency, and over 50 public and private computer systems, U.S. Attorney Danny C. Williams Sr. announced

NOAA National Weather Service Employee Indicted for Allegedly Downloading Restricted Government Files (FBI Cinncinnati Division) Xiafen "Sherry" Chen, 59, of Wilmington, Ohio, was indicted in U.S. District Court for allegedly accessing restricted U.S. Government files. Chen is a hydrologist currently employed at the National Oceanic and Atmospheric Administration's (NOAA) facility located in Wilmington, Ohio

Seattleland: 'Kidnapped' Russian Hacker Facing New Charges (Seattle Weekly) On the humid morning of July 5, 30-year-old Roman Seleznev was passing through security screening at Malé International Airport in the Maldives, about 400 miles southwest of India in the Indian Ocean, when he was asked to step out of the line

Design and Innovation

Baltimore Artist, Claire Girodie, Selected to Create New Work for Inaugural Women in Cyber Security Event (Maryland Art Place) Maryland Art Place (MAP), one of the State's leading support organizations for emerging and mid-career artists, announced today that Baltimore artist Claire Girodie was selected for a special commission. Girodie will be creating a new work of art for CyberPoint International's inaugural Women in Cyber Security reception, to be held on November 12th, 2014 in Baltimore's Inner Harbor. Bringing together women from across the region and all different points on the career spectrum, the reception is aimed at creating connections among those working in the academic, government, business and technical arenas of cyber security

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

2014 ICS Cyber Security Conference (, January 1, 1970) The 14th ICS Cyber Security Conference (sometimes known as "Weisscon") will be held October 20-23, 2014 at Georgia Tech in Atlanta, GA. Cyber Security is becoming a critical infrastructure issue with implications that go far beyond the plant fence. Plant engineers, corporate officers, insurance company executives and more will be handling cyber security issues in the coming years. This conference is essential attendance for people in the manufacturing or utility environment.

Secure 2014 (Warsaw, Poland, October 21 - 23, 2014) NASK and CERT-Polska offer this conference on telecommunications and IT security. Speakers from government, industry, and universities around the world will offer insights into research, policy, and security trends

Hack.lu 2014 (Dommeldange, Luxembourg, October 21 - 24, 2014) Hack.lu is an open convention/conference where people can discuss about computer security, privacy, information technology and its cultural/technical implication on society

ISSA International Conference (Orlando, Florida, USA, October 22 - 23, 2014) Join us for solution oriented, proactive and innovative sessions focused on security as a vital part of the business.

ToorCon San Diego (San Diego, California, USA, October 22 - 26, 2014) For hackers like you, because what could possibly go wrong?

DOE Germantown Cybersecurity Awareness Day (Germantown, Maryland, USA, October 23, 2014) The Department of Energy Germantown Building will be hosting a Cyber Security Awareness Day featuring a technology expo. DoE will be looking for a wide range of cyber security industry experts to showcase their latest technologies. Reaching the professional community within this location can be extremely challenging and this event will provide a great opportunity to provide product demonstrations to this hard-to-reach group, as well as position your company's information to the Department of Energy

Library of Congress Cybersecurity Awareness Expo (Washington, DC, USA, October 23, 2014) The Library of Congress (LOC)is hosting its annual cyber security awareness days during October and the exposition is an important part of their education and outreach effort to industry

NASA Glenn Research Center Cyber Security Expo (Cleveland, Ohio, USA, October 23, 2014) In recognition of National Cyber Security Awareness Month, an Awareness Day event will be held at Glenn Research Center in Cleveland, Ohio. This event will provide participants with information and resources on today's vulnerabilities, incidents, and security threats, as well as how to protect against them. Live demos and informational booths by top vendors will give participants a look at current trends in cyber security. Exhibitors will have the opportunity to network with government personnel and industry partners to discuss critical issues

2014 Omaha Cyber Security Event (Omaha, Nebraska, USA, October 23, 2014) Better Business Bureau and its partners present a panel discussion on how to stay safe online — it's our shared responsibility! Learn the risks, how to spot potential problems and how our online actions impact our safety. Panelists include professionals from the: US Secret Service, FBI, National Cyber Security Alliance and Nebraska Sate Information Office

FOCUS 14: Empowering the Connected World (Las Vegas, Nevada, USA, October 26 - 27, 2014) FOCUS will offer you a unique opportunity to learn directly from other McAfee users. Hear real-world scenarios from McAfee customers and learn how they maintain the highest standards of security while reducing costs, streamlining processes, and driving efficiencies in the daily administration of their networks and systems. Network with security peers who share your challenges, concerns and issues, and learn more about their own success strategies

Cybergamut Tech Tuesday: Software-Defined Networking Security (Columbia, Maryland, USA, October 28, 2014) Security-Defined Routing combines cyber analytics and SDN to protect the network: SDR technology assists organizations in scaling the delivery of network traffic to analytic security applications. When incidents are detected, changing the network forwarding tables through SDR techniques can provide an immediate remediation to network attacks, while automating the delivery of suspect traffic for transaction monitoring and archiving data for regulatory compliance and advance troubleshooting

Securing the Social Space (Baltimore, Maryland, USA, October 28, 2014) New technologies enabling greater connectivity bring with them new frontiers for cyber security. This Tech Talk program will offer a new twist on the cyber security conversation. We'll begin by exploring new trends and exciting emerging tools in social with Kelsey Reck, Founder & CEO of Harbor Social, then we'll shift to two approaches to the same problem: addressing risk brought about by these new trends and tools. ZeroFOX social risk management and RedOwl will look at internal risks within employee communication shedding light on the "digital exhaust trail." This one is guaranteed to inspire and enlighten! Include Promo Code "Social102814" and you get the Member Rate on registration, thereby saving $20

USDA Cyber Security Symposium and Expo 2014 (Washington, DC, USA, October 28 - 29, 2014) The Summit will provide participants with information and resources on today's vulnerabilities, incidents, security lifecycle, risks and mitigations; it will also identify ways to work together and build a solid security foundation program to meet future challenges and trends in cyber security. The Cybersecurity Expo, running in conjunction to the Summit, will provide live demos and informational booths focused around the summit topics

Cyber Security and IT Day at Fort Carson (Colorado Springs, Colorado, USA, October 28, 2014) The Information Systems Security Association (ISSA) Colorado Springs Chapter ill once again host the 5th Annual Cyber Security & Information Technology Days set to take place at Fort Carson on Tuesday, October 28, 2014 and at Peterson AFB on Wednesday, October 29, 2014. Both events are being conducted in October to coincide with National Cyber Security Awareness Month as a way to encourage collaboration between local military personnel and industry partners. Government and Industry experts will be on hand to brief attendees on the latest trends, best practices and remediation strategies, in the cyber security field. These one day forums will offer Cyber Security & Information Technology personnel a unique, local opportunity to get up-to-date informaton on rapidly evolving security security challenges

Cyber Security and IT Days at Peterson AFB (Colorado Springs, Colorado, USA, October 29, 2014) The Information Systems Security Association (ISSA) Colorado Springs Chapter will once again host the 5th Annual Cyber Security & Information Technology Days. Government and Industry experts will be on hand to brief attendees on the latest trends, best practices and remediation strategies, in the cyber security field. These one day forums will offer Cyber Security and Information Technology personnel a unique, local opportunity to get up-to-date informaton on rapidly evolving security security challenges

Dallas SecureWorld (Dallas, Texas, USA, October 29 - 30, 2014) Offering two days of cyber security education. Earn 12-16 CPE credits, network with industry peers, and take advantage of more than sixty educational events. Over the past decade SecureWorld has emerged as one of North America's most vital cyber-security conference, providing globally relevant education, training and networking for cyber-security professionals on a regional level. SecureWorld provides more content and facilitates more professional connections than any other event in the cyber-security industry. Established in 2002, SecureWorld offers many different continuing professional education sessions over two days in 14 cities throughout the United States.

Cyber Job Fair (Baltimore, Maryland, USA, October 29, 2014) ClearedJobs.Net is partnering with CyberMaryland to present the Cyber Job Fair at the CyberMaryland 2014 conference. The Cyber Job Fair is a hiring event for cleared and non-cleared cybersecurity professionals held the first day of the conference

CyberMaryland 2014 (Baltimore, Maryland, USA, October 29 - 30, 2014) Entrepreneurs, investors, academia and government will convene in Maryland — the nation's epicenter for cybersecurity for the fourth annual CyberMaryland Conference.

ekoparty Security Conference 10th edition (Buenos Aires, Argentina, October 29 - 31, 2014) ekoparty — Electronic Knock Out Party — Security Conference, is a one of a kind event in South America; an annual security conference held in Buenos Aires, where security specialists from all over Latin America (and beyond) have the chance to get involved with state-of-art techniques, vulnerabilities, and tools in a relaxed environment never seen before.

Cyber Risk Summit (Washington, DC, USA, May 22, 2014) This one-day leadership conference will provide a discussion forum for business executives, insurance companies and policymakers on more effective private and public responses to cyber risk management. Topics to be discussed by expert speakers will include state and federal regulatory and legislative initiatives, efforts to develop a common cyber security framework, the threats from cyber espionage and terrorism, and the development of public and private mechanisms to finance and transfer losses from cyber events.

Senior Executive Cyber Security Conference (Baltimore, Maryland, USA, October 30 - November 1, 2014) North Star Group, LLC and the Johns Hopkins University's Whiting School of Engineering and Information Security Institute sponsor this senior executive focused cyber security conference.This event is designed for non-technical and technical executives who seek to gain a deeper understanding of not just the technical aspects of data breach prevention, but also the important role that insurance, crisis management, legal and human resources play. Speakers include Dr. Ed Schlesinger, Dean of Johns Hopkins University's Whiting School of Engineering, Dr. Andy Ozment, Assistant Secretary of the Office of Cybersecurity and Communications, Department of Homeland Security, and Mr. Eric Joost, Chief Operating Officer, Willis North America

FS-ISAC EU Summit 2014 (London, England, UK, November 3 - 5, 2014) The Financial Services Information Sharing and Analysis Center (FS-ISAC), is a non-profit association comprised of financial institution members, that is dedicated to protecting the global financial services sector from physical and cyber threats that impact the resilience, integrity and stability of member institutions through dissemination of trusted and timely information. Its EU Summit will feature sessions of interest to both security professionals and the financial sector

POC2014 (Seoul, Republic of Korea, November 4 - 7, 2014) POC (Power of Community) started in 2006 and has been organized by Korean hackers & security experts. It is an international security & hacking conference in Korea. POC doesn't pursue money. POC concentrates on technical and creative discussion and shows real hacking and security. POC wears both black hat and white hat. POC will share knowledge for the sake of the power of community. POC believes that the power of community will make the world safer.

Open Source Digital Forensics Conference 2014 (Herndon, Virginia, USA, November 5, 2014) This conference focuses on tools and techniques that are open source and (typically) free to use. It is a one day event with short talks packed with information. There are both tool developers and users in attendance, and this is a unique opportunity to learn about new tools and provide feedback

Bay Area SecureWorld (Santa Clara, California, November 5, 2014) A day of cyber security education. Earn 6-8 CPE credits, network with industry peers, and take advantage of more than thirty educational events. Over the past decade SecureWorld has emerged as one of North America's most vital cyber-security conference, providing globally relevant education, training and networking for cyber-security professionals on a regional level. SecureWorld provides more content and facilitates more professional connections than any other event in the cyber-security industry. Established in 2002, SecureWorld offers many different continuing professional education sessions over two days in 14 cities throughout the United States.

Managing BYOD & Enterprise Mobility USA 2014 (San Francisco, California, USA, November 5 - 6, 2014) The Managing BYOD & Mobility USA 2014 conference will provide a unique networking platform, bringing together top executives from USA and beyond. They come together not only to address mobility challenges and set the precautions framework, but most importantly to provide the necessary tools, insights and methodological steps for constructing a successful mobility policy. These policies will fulfill the BYOD prophecy of increased productivity, employee satisfaction, cost savings and corporate competitive advantage

Journal of Law and Cyber Warfare First Annual Cyber Warfare One Day Symposium (New York, New York, USA, November 6, 2014) The Journal of Law and Cyber Warfare is proud to present the First Annual Cyber Warfare One Day Symposium. Join us as senior lawyers, technology chiefs, government officials, and academics discuss the current threat of cyber security and how it is affecting US corporations. CLE credit is available on certain panels

RiseCON 2014 (Rosario, Santa Fe, Argentina, November 6 - 7, 2014) Rosario Information Security Conference: es el primer y mayor evento de seguridad informática y hacking realizado en la ciudad de Rosario, con nivel y trascendencia internacional

Israel HLS 2014 (Tel Aviv, Israel, November 9 - 12, 2014) The third International Conference on Homeland Security will bring together government officials, public authorities, and HLS industry leaders from around the world to share their knowledge and experience. They will participate in high-level discussions on securing the safety of citizens and protecting critical infrastructure and property, and explore Israel's advanced HLS technologies and systems.

Critical Infrastructure Cyber Community (C3) Voluntary Program Meeting (San Diego, California, USA, October 13, 2014) Join stakeholders from across the cyber community to discuss building a cyber risk management program, using DHS resources, and to learn how organizations of all sizes are using the Cybersecurity Framework

i-Society 2014 (London, England, UK, November 10 - 12, 2014) i-Society 2014 is a global knowledge-enriched collaborative effort that has its roots from both academia and industry. The conference covers a wide spectrum of topics that relate to information society, which includes technical and non-technical research areas.

Seattle SecureWorld (Seattle, Washington, USA, November 12 - 13, 2014) Offering two days of cyber security education. Earn 12-16 CPE credits, network with industry peers, and take advantage of more than sixty educational events. Over the past decade SecureWorld has emerged as one of North America's most vital cyber-security conference, providing globally relevant education, training and networking for cyber-security professionals on a regional level. SecureWorld provides more content and facilitates more professional connections than any other event in the cyber-security industry. Established in 2002, SecureWorld offers many different continuing professional education sessions over two days in 14 cities throughout the United States.

AVAR 2014 (, January 1, 1970) The 17th Association of anti-Virus Asia Researchers International Conference: Security Down Under. Topics will include case studies of targeted attacks, real-life attack demonstrations, web-inject attacks/code insertion attacks, man-in-the-browser attacks, targeted advanced persistent threats, dedicated advanced evasion techniques, and mitigations to all of these. The conference will also take up identification and investigation of targeted threats, how to spot targeted attacks in collections, COINTEL (counter intelligence) on determined adversaries (e.g, detecting the attacker, running honeypots, etc.), mobile malware, and security policies.

ZeroNights 2014 (Moscow, Russia, November 13 - 14, 2014) ZeroNights is an international conference dedicated to the practical side of information security. It will show new attack methods and threats, showcase new possibilities of attack and defense, and suggest out-of-the-box security solutions. ZeroNights gathers experts, infosecurity practitioners, analysts, and hackers from all over the world

Cyber Security Awareness Week Conference (New York, New York, USA, November 13 - 15, 2014) Get ready for CSAW: the largest student-run cyber security event in the nation, with a research conference that attracts some of the biggest names in the industry, and a career fair with an impressive list of corporate partners. It's a weekend of competitions, keynote talks and cyber security events, designed to prepare best-performing students with the skills and knowledge to shape the future of the industry

Ground Zero Summit, India (New Dehli, India, November 13 - 16, 2014) Ground Zero Summit (GOS) 2014 in its second year promises to be Asia's largest Information Security gathering and proposes to be the ultimate platform for showcasing researches and sharing knowledge in the field of cyber security. GOS rationale: The increasing volume and complexity of cyber threats - including phishing scams, data theft, and online vulnerabilities, demand that we remain vigilant about securing our systems and information. Enterprises and governments worldwide are grappling the grim reality of data and critical systems being exploited. This summits aims at addressing these new forms of cyber attack and formulate solutions

Deepsec 2014 (Vienna, Austria, November 18 - 21, 2014) DeepSec is an annual European two-day in-depth conference on computer, network, and application security. This is a non-product, non-vendor-biased conference event. Our aim is to present the best research and experience from the fields' leading experts.

BugCON (Mexico City, Mexico, November 19, 2014) BugCON Security Conference is hardcore technical conference focused on the technical side of the security. Running since 2008 BugCON is the oldest forum where researchers, students and professionals shows their latest research and projects

International Cyber Warfare and Security Conference (Ankara, Turkey, November 19 - 20, 2014) In-depth discussions will cover: new emerging threats and challenges on cyber warfare, the policy of leading cyber nations in cyber warfare and security, legal aspects of cyber warfare, industrial perspective in cyber warfare and security, new trends, new developments, technologies and solutions, and the next generation of cyber attacks—mapping the future threat environment.

EDSC 2014 (Seattle, Washington, USA, November 20 - 21, 2014) EDSC is a security conference focusing on embedded systems, hardware, and anything behind the silicon curtain. Embedded testing is a rapidly expanding area of the security industry staying current is important for engineers, researchers, and testers alike. EDSC will bring the top thought leaders in the embedded security field together for two days to share knowledge, techniques, and research.

Cyber Security World Conference 2014 (New York, New York, USA, November 21, 2014) Welcome to Cyber Security World Conference 2014 where renowned information security authorities and innovative service providers will bring their latest thinking to hundreds of senior executives focused on protecting today's enterprises. Cyber security experts will discuss topics such as protecting individuals and companies against cyber-attacks, biometrics as the future of security, risks brought by mobile computing, and protecting corporate and national infrastructure against foreign attacks

Ethiopia Banking and ICT Summit (Addis Ababa, Ethiopia, November 21, 2014) he one day summit is designed to highlight the key Investment opportunities especially in the Banking & ICT Sectors. As an emerging economic capital for the region, Ethiopia is leading the way in industrial growth, international trade and global integration for sub-Saharan Africa as a whole.

BSidesVienna (Vienna, Austria, November 22, 2014) BSidesVienna will open it's doors again in 2014. Be part of it and stay tuned

DefCamp5 (Bucharest, Romania, November 25 - 29, 2014) DefCamp is the most important conference on Hacking & Information Security in Central Eastern Europe. The goal is bringing hands-on talks about latest research and practices from the INFOSEC field, gathering under the same roof security specialists, entrepreneurs, academic, private and public sectors

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.