The CyberWire Daily Briefing 11.20.14

Summary

By The CyberWire Staff

Malware and attack techniques undergo evolutionary changes, some driven by technology-push, others by demand-pull. The Citadel Trojan has branched from its roots in bank fraud attacks into theft of master passwords protecting password managers. ROVNIX is now being distributed by macro downloader (as is DRIDEX).

Attackers are looking for privileged access to networks more than they're attempting to install traditional malware, and CyberArk sees privilege abuse as a cross-industry trend in cyber attacks. The bottom seems to be falling out of the black market for paycard data and account credentials — supply has quickly outstripped demand — and Trend Micro thinks criminals are beginning to shift their attention to other targets, many of them in the Internet-of-things.

The NotCompatible Android Trojan gets "stealthier and more resilient," strengthening a two-year-old botnet (and in botnet terms that's venerable) threatening corporate networks.

This week's emergency Windows patch closes vulnerabilities being actively exploited in the wild. Google upgrades Android Lollipop against ASLR bypass. Drupal patches a denial-of-service vulnerability.

Trend season is upon us. Among those discerned are hardy evergreens "people aren't learning from security fails" and "expect data breaches during the holidays." Congressional deferral of US surveillance reform and the introduction or repurposing of privacy tools stoke the "encrypt-everything" and "watch-your-privacy" trends. Security professionals are sanguine about 2015 — CISO leadership and bigger budgets make them snort — but the medical sector is warned it's in hackers' crosshairs.

NATO and banking cyber exercises are expected to improve defensive readiness. UK police predict a cyber jihad against Western banks.

Notes.

Today's issue includes events affecting China, India, Indonesia, Israel, Kazakhstan, Kyrgyzstan, Russia, Tajikistan, United Kingdom, United States, Uzbekistan and Vietnam

Selected Reading

Cyber Trends

No Big Surprise: Security Lessons Fail to Hit Home (Bitdefender Business Insights) Despite years of data security failures, enterprises fail to heed the many lessons learned

Freedom Act Rejection Should Keep 'Encrypt Everything' Bandwagon Rolling (Threatpost) Barring another vote before the end of the calendar year and the current Congressional session, the USA FREEDOM Act is dead in the water until 2015 — and maybe even beyond

More Data Breaches Expected This Holiday Season (PYMNTS) Retailers are still trying to regain their footing from last year's massive data breaches. But as stores like Target and Neiman Marcus finally stabilize for the holidays, experts say 'tis the season for more — and more sophisticated — big hacks

Overwhelming optimism for information security in 2015 (Help Net Security) Expectations for data security next year are surprisingly optimistic given the harsh reality of 2014, which has been the worst year on record for data breaches, according to a new survey by ThreatTrack Security

Websense Warns Doctors to be on High Alert for 2015 Cyber Blitz (Infosecurity Magazine) Security experts have warned healthcare organizations to bolster their defenses against a tidal wave of online attacks in 2015 and added that Internet of Things devices could become a major threat vector

Asian mobiles the DDOS threat of 2015, security mob says (Register) Beware traffic from hacked Vietnam, India and Indonesia fondleslabs

Booz Allen Releases Annual Financial Services Cyber Trends for 2015 (MarketWatch) Wireless payment system risk, creation of "fusion centers" among likely developments in 2015

DDoS attacks continue to fall in size and frequency (Help Net Security) The newest up-and-coming countries of origin for DDoS attacks will be Vietnam, India and Indonesia in 2015, according to Black Lotus

SolarWinds Survey Reveals 84 Percent of IT Pros Rank Their Organizations' Security Above Average, Though 82 Percent Have Suffered From a Significant Attack (CNN Money) A lack of widespread adherence to best practices combined with the number of organizations that have suffered a significant attack potentially indicates a false sense of security

Pennsylvania's Department of Banking and Securities Identifies Digital Currencies as 'Top Emerging Threat to Investors' (Cointelegraph) The Pennsylvania Department of Banking and Securities, issued a note identifying the 'top emerging threats facing investors in 2015,' where the state agency warns investors of the risks associated with digital currencies

Legal Losing Its Grip Over Risk and Compliance (Wall Street Journal) A new survey from the Society of Corporate Compliance and Ethics and NYSE Governance Services offers more evidence that companies are increasingly making their compliance functions separate from legal

Legislation, Policy and Regulation

China Terrorism Debate: Does the Internet Kill People? (Wall Street Journal) China's government says the dark side of the Internet was on full display in terror attacks over the past year — a train station knifing, a car that exploded near Beijing's Tiananmen Gate and other attacks on civilians — because it has evidence such activity is planned online

China ready to deepen int'l co-ops, uphold cyber security: Xi (Xinhua via China Development Gateway) China is ready to work with other countries to deepen international cooperation, respect sovereignty on the Internet and uphold cyber security, said President Xi Jinping in a message of congratulations on Wednesday

Top China official urges stronger Internet management (AFP via 7 News) A top Beijing official called for stronger management of the Internet Wednesday at a government-organised conference condemned by rights campaigners as a Chinese attempt to promote its online controls globally

Private Interests: Monitoring Central Asia (Privacy International) State surveillance has historically played a central and well-documented role in Central Asia. The region is characterised by authoritarian systems of governance wherein entrenched power elites exercise dominance over political and economic affairs. As technological means of conducting surveillance advance, Central Asian states are engaging in the wide-scale surveillance of the telecommunications, internet activity, and electronic devices of the civilian population in order to consolidate political control, silence dissent, and undermine the enjoyment of individuals' human rights

Cyber Security Summit: Maude praises UK cyber efforts, but says more is needed (IT Security Guru) National and international initiatives will help cyber crime efforts both in prevention and talent

US security chiefs: Cyber threats a potential game change (Turkish Weekly) "We think this is a threat that is moving, not at 40 or 50 miles per hour, but at 186,000 miles per second — the speed of light," FBI Director says

AP Exclusive: Before Snowden, a debate inside NSA (AP via KLTV 7) Years before Edward Snowden sparked a public outcry with the disclosure that the National Security Agency had been secretly collecting American telephone records, some NSA executives voiced strong objections to the program, current and former intelligence officials say. The program exceeded the agency's mandate to focus on foreign spying and would do little to stop terror plots, the executives argued

Renewed fears of terrorism keep NSA reform bill from clearing Senate (Bangor Daily News) In May, reacting to revelations of the National Security Agency's mass collection of Americans' phone records, members of the House of Representatives voted by a wide margin to end the program

Tech Reacts To The Demise Of Partial NSA Reform In The Senate (TechCrunch) The failure of the Senate to advance NSA reform in the current Congress isn't too popular with the technology community. The demise of the USA FREEDOM Act — a half-measure at best — in the Senate is another loss for the technology industry, which saw many of its leading companies repeatedly call for the bill's passage

Civil liberties groups vow to fight on after Senate kills NSA reform bill (Guardian) Stunned and dejected by the death of a bill to restrain National Security Agency surveillance, civil libertarian groups vowed to return to the daunting effort in the next Congress

New House Intel chief viewed NSA reform as unnecessary (The Hill) The incoming House Intelligence chairman believes the National Security Agency reforms the House passed earlier this year were largely unnecessary

Senator Al Franken Asks Uber's CEO Tough Questions On User Privacy (TechCrunch) Senator Al Franken, Chairman of the Subcommittee On Privacy, Technology, and the Law, has posted a public letter to Uber CEO Travis Kalanick in which he addresses many of the claims made over the past few days that the company has consistently compromised user privacy as a matter of course

Products, Services, and Solutions

New tool for spy victims to detect government surveillance (Amnesty) A new tool to enable journalists and human rights defenders to scan their computers for known surveillance spyware has been released today by Amnesty International and a coalition of human rights and technology organizations

How a Simple Note-Taking App Became the New Anti-Censorship Tool in China (Nextgov) Mainland Chinese readers may have found one way around China's tight grip over news and information about the pro-democracy protests that have swept Hong Kong for the last three weeks — a California-based app best known for its personal to-do lists, clipping web-pages, and sharing notes between coworkers

WhatsApp Launches New Security Initiative, And It's Got Ed Snowden's Endorsement (Modern Readers) You need not worry about your WhatsApp messages and whether they'll be compromised in another major hack attempt — they've been quietly protected with end-to-end encryption

Google commits privacy seppuku at BT's request (A14) As I'm currently in temporary accommodation I have found myself without a permanent internet connection. 3G service in the area is pretty spotty, so I bit the bullet and ended up purchasing a single month BT Wifi pass, effectively piggy-backing a neighbours connection. I'm guessing they see very little of the £39 I paid

Dell improves security portfolio (IT-Online) Dell recently announced product integrations and innovation within its security portfolio that provide organisations with exceptional protection, and turn security into a business enabler

Hillstone Networks Certifies Next-Generation Firewall With Trend Micro Deep Discovery (Herald Online) Adaptive protection based on content analysis provides real-time targeted threat defense

Easy Solutions Unveils DMARC Compass (BusinessWire) Businesses can implement DMARC as a key component of end-to-end fraud management

TrapX Announces New Automatic Self-Service Module for Fast Deployments of TrapX DeceptionGrid™ (Marketwired) Module gives CISOs, CIOs, SOC managers and MSSPs unprecedented control over managing multiple instances of malware traps in their networks

Bitdefender Adware Removal Challenges Malwarebytes (tom's guide) Antivirus software maker Bitdefender has released a free adware-removal tool for Windows PCs. The Bitdefender Adware Removal Tool "eliminates annoying apps, adware, toolbars and other browser add-ons," claims a company press statement, but also "provides complete protection against malicious programs that can hijack computers"

Amazon now supports Android Wear but Bitdefender thinks its a virus (Inquirer) New app update causing false positives for virus checkers

WiFi Penetration Testing Tools (Ethical Hacking) WiFi or wireless penetration testing is an important aspect of any security audit project, organizations are facing serious threats from their insecure WiFi network. A compromised wifi puts the entire network at risks. Consider the recent darkhotel attack, where the top business executives were the target and the attacker were targeting them by hacking into the insecure hotel WiFI network. The moral of the story is that, "the organizations should include a WiFi penetration testing process in their regular security procedure"

Google open sources Firing Range, a test tool for web app security scanners (Help Net Security) Google has open source another security tool: it's called Firing Range, and it's an effective testing ground for a variety of automated web application security scanners

Technologies, Techniques, and Standards

Hackers to probe cyber crime defenses at British banks (Reuters) In the next few months hackers will try to penetrate the cyber defenses of Britain's major banks and steal information about millions of customers. But for once they'll be welcome

NATO launches largest cyber exercise to test its network security (SC Magazine) In an effort to test its defenses against cyberattacks and ensure it keeps pace with evolving threats, NATO launched a multinational cybersecurity exercise on its networks

When Your Organization is Under Attack, Minutes Count (McAfee Blog Central) In 2014, companies continued to be shaken out of their contented relationship with corporate security efforts. Retailers were hacked. Millions of emails were lifted. Thousands of Social Security numbers were stolen. Gone is the era of "set it and forget it" security, where enterprises use only default security settings. This epiphany, motivated by news headlines, has forced organizations into a mad dash for security solutions that meet their real-time needs

Four Steps To An Effective Targeted Attack Response (TrendLabs Security Intelligence Blog) For many organizations today, the question is no longer if they will fall victim to a targeted attack, but when. In such an event, how an organization responds will determine whether it becomes a serious event or if it stays a mere annoyance

How Splitting a Computer into Multiple Realities can Protect You from Hackers (Wired) Eight years ago, Polish hacker Joanna Rutkowska was experimenting with rootkits — tough-to-detect spyware that infects the deepest level of a computer's operating system — when she came up with a devious notion: What if, instead of putting spyware inside a victim's computer, you put the victim's computer inside the spyware?

Doxxing defense: Remove your personal info from data brokers (Computerworld) Don't want your home address or other personal info published to the world? This weekend, take an hour or two to make yourself a less visible target

"Big Data" Needs a Trip to the Security Chiropracter! (Internet Storm Center) When the fine folks at Portswigger updated Burp Suite last month to 1.6.07 (Nov 3), I was really glad to see NoSQL injection in the list of new features

Marketplace

Does cyber insurance help the CISO get a seat in the boardroom? (Help Net Security) CISOs and cyber security leaders have long struggled to gain a voice in the boardroom. Shut out of leadership meetings and strategic decision-making, IT security has often been seen as little more than a compliance-driven, check-the-box initiative that requires minimal continuous effort to maintain. Some CISOs simply serve as scapegoats, accepting blame when breaches occur and ignored when the horizon is clear

Can top-tier security manufacturers keep smaller competitors at bay? (Security Info) The security market's steady growth won't be changing any time soon. What is changing is the way the market is divided up between tiers of manufacturers. For a long time, customers could choose between name-brand products, mid-market and new entrants

How to Profit from Cyber Pain (Fox Business) One of my key investment themes has been Safety & Security, which touches on personal safety as well as security for companies, schools and other institutions, including the government. Given the confluence of several factors including the near-unquenchable thirst for mobile connectivity, social media and the Cloud along with the bring-your-own-device (BYOD) trend, one of the growing pain points that we all face is cyber attacks

FireEye Fastest Growing Advanced Cybersecurity Company in North America on Deloitte's 2014 Technology Fast 500™ (CNN Money) Attributes revenue growth of over 9,700 percent from 2009 to 2013 to growing demand for new approach in battle against escalating cyber threats

Cloud Security Vendor CensorNet Acquired by Industry Veterans (PRNewswire) Acquisition will accelerate product development and seize the market opportunity for next generation cloud security offering

Menlo Security Raises $10.5 Million to End Malware Threat (eWeek) The stealthy startup has some big promises and a big-name investor to back it up

Battelle, ID Quantique Create New Quantum-Safe Security Working Group to Counter Threat of Quantum Computers (Marketwired) Pair will join International Cloud Security Alliance as a platform for new quantum-safe security working group

Elastica Appoints Former Palo Alto Networks, Qualys and Bromium Executives to Lead Sales and Channels (Marketwired) Security industry veterans bringing decades of experience in leading sales teams and go-to-market innovation to accelerate Elastica's mission of solving the cloud security problem

Research and Development

Hewlett Foundation lays out MEELLIONS on security (Register) The Hewlett Foundation has found US$45m in its other jacket, and has anointed three lucky US universities to spend on security research

Security Patches, Mitigations, and Software Updates

Unscheduled Windows update kills critical security bug under active attack (Ars Technica) Bug gives untrusted users control over sensitive Windows domain controllers. Microsoft has released an unscheduled update to patch a critical security hole that is being actively exploited to hack Windows-based servers

Nasty Securiy Bug Fixed in Android Lollipop 5.0 (Threatpost) There is a vulnerability in Android versions below 5.0 that could allow an attacker to bypass ASLR and run arbitrary code on a target device under certain circumstances. The bug was fixed in Lollipop, the newest version of the mobile OS, released earlier this week

Drupal Patches Denial of Service Vulnerability; Details Disclosed (Threatpost) Details on a patched denial of service vulnerability in the open source Drupal content management system have been disclosed

Yahoo Will Soon Become The Default Search Engine In Firefox (TechCrunch) Starting in December, Firefox will use Yahoo as its default search engine in the United States on mobile and desktop. As a part of this five-year deal, Yahoo will also launch a new search experience for Firefox users in the U.S., which should go live at the same time Firefox makes the switch away from Google

Cyber Attacks, Threats, and Vulnerabilities

Citadel Variant Targets Password Managers (Threatpost) The Citadel Trojan has once again branched out beyond its roots as banking malware and is now targeting the master passwords guarding major password management products

ROVNIX Infects Systems with Password-Protected Macros (TrendLabs Security Intelligence Blog) We recently found that the malware family ROVNIX is capable of being distributed via macro downloader. This malware technique was previously seen in the DRIDEX malware, which was notable for using the same routines. DRIDEX is also known as the successor of the banking malware CRIDEX

Attackers trading malware for privilege (CSO) Access is everything to most criminals

Credit cards are passé; cyber criminals set their sights higher (The Hindu Business Line) Prices of people's stolen credentials in the cyber underground have drastically come down. According to a new report by cyber security solutions firm Trend Micro, the average price of credit card details has dropped to $1 from $3 in 2014. Facebook credentials are down to $100 from $200 and Gmail details have dropped from $217 to $100. This, experts say, is because of the tremendous increase in supply

Sophisticated Android-based botnet a danger to enterprise networks (Help Net Security) A new, more sophisticated and more stealthy version of the NotCompatible Android Trojan continues to strengthen one of the most long-lived and advanced mobile botnets ever to exist (since mid-2012)

Long-running Android botnet evolves, could pose threat to corporate networks (CSO) An Android Trojan program that's behind one of the longest running multipurpose mobile botnets has been updated to become stealthier and more resilient

A new critical flaw affects Android OS except Lollipop (Security Affairs) The security researcher Jann Horn discovered a privilege escalation flaw that affects Android OS devices except the Lollipop version

Breached webcam and baby monitor site flagged by watchdogs (BBC) The public is being warned about a website containing thousands of live feeds to baby monitors, stand-alone webcams and CCTV systems

Hackers claim BitTorrent Sync should not be used for sensitive data (Network World) Hackito Ergo Sum hackers conducted a security and privacy analysis of the BitTorrent Sync program and allege that it is not so secure or private, and should not be used for sensitive data

VMware: "It's not a vulnerability, mmkkkayyy" (KoreLogic Blog) During a recent review of the VMWare Workstation application, I discovered a method that allows any member of the __vmware__ group to extract arbitrary sections of kernel memory. When you consider the fact that members of this group are not required to already have administrative privileges, this suddenly becomes a significant vulnerability in the sense that it implies that otherwise unprivileged users now have the means to extract and subsequently use/abuse sensitive data like process-level tokens, encryption keys, etc. Needless to say, this poses a significant security risk to any organization that allows unprivileged users to operate virtual machines by way of the __vmware__ group

Today's Top 5 Malware Threats (eSecurity Planet) To fight malware, security teams must understand it. Here are five especially nasty forms of malware

Cyber attack hallmarks identified in cross-industry report (ComputerWeekly) Privileged account abuse is common to all targeted cyber attacks, a CyberArk report that collates input from across the cyber security and forensics industry has revealed

New Research Shows One Third of Retail Breaches Originated From Third-Party Vulnerabilities (IT Business Net) BitSight analyzes security performance of nation's 300 largest retailers to find an industry still under attack

'Naked Woman Eaten by Shark' Video Scam on Facebook Installs Malware on PC. (HackRead) You can call them hackers or cybercriminals, but fact is that they are genius in an evil way. In a new attempt to earn some bucks and to play with people's feeling, a new video scam has went viral on Facebook claiming to show a naked woman being attacked and eaten by a giant shark

ConnectOne Bank: "We notified customers about hacking incident" (Record) ConnectOne Bank said late Monday that it has notified its customers that an individual customer's business account was hacked in what the Englewood Cliffs-based lender is describing as an isolated incident

Litigation, Investigation, and Enforcement

Police chief warns of pending Jihadist cyber-attack threat to UK/US banks (Stack) Adrian Leppard, commissioner for the City of London police, has warned that banks in the U.K. and the U.S. are highly likely to be targeted for cyber-attacks by Jihadist concerns in the near future

The Quandary of Shutting Down Jihadist Social Media Sites (HS Today) The recent surge in killings of police and civilians in Britain, Canada, and the United States by clearly radicalized Muslims

Intel to work with Europol on fighting cybercrime (CSO) An agreement between Intel's McAfee security branch and European law enforcement will allow the two to work on joint operations to fight cybercrime

This is how Google is dealing with 'right to be forgotten' requests (IT World) We will hear next week what the EU data protection authorities think of Google's methods

Goldman Fires Two Bankers After Getting Secret Fed Documents (Bloomberg) Goldman Sachs Group Inc. (GS) dismissed two bankers after one of them allegedly brought secret documents from the Federal Reserve Bank of New York into the firm

How the Dark Web's New Favorite Drug Market Is Profiting From Silk Road 2's Demise (Wired) When a major law enforcement crackdown killed the Silk Road 2 earlier this month, it scattered the Dark Web's drug dealers. But one new and improved crypto market is welcoming and profiting from those refugees: an appropriately named website called Evolution

IG: DHS Struggles to Manage Privacy (GovInfoSecurity) Report says those without 'need to know' gain access to PII

Cybersecurity remains top-five challenge for Justice Department, IG says (FierceGovernmentIT) As cyber threats, attacks and espionage escalate against the United States, the Justice Department needs to make sure it's properly addressing these issues in a coordinated manner and sharing critical information with industry, among other measures, the inspector general said

SSCC 174 - Who says law enforcement isn't tackling cybercrime? (Naked Security) Here's our latest security podcast, featuring Sophos experts and Naked Security writers Chester Wisniewski and Paul Ducklin

Design and Innovation

Machine Learning: A Solution to Today's Security Threats & One Step Closer to AI (Dark Reading) Algorithms can identify threats that have been missed by traditional security mechanisms

The Benefits of Software-Defined Security (Information Security Buzz) At Gartner's Security & Risk Management Summit, analysts identified 2014's Top 10 Technologies for Information Security. They singled out software-defined security as a trend to watch, stating that because its "impact on security will be transformational"

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

Cyber Security Summit: DC Metro Area (Tysons Corner, Virginia, USA, June 3, 2015) The Cyber Security Summit provides an exclusive business environment to meet with Senior Executives who are seeking innovative solutions to protect their business & critical infrastructure. Delegates at the Cyber Security Summit are prequalified based on their willingness to meet with Solution Providers and proven ability to purchase products and services

Cyber Security Summit: New York (New York, New York, USA, September 17, 2015) The Cyber Security Summit provides an exclusive business environment to meet with Senior Executives who are seeking innovative solutions to protect their business & critical infrastructure. Delegates at the Cyber Security Summit are prequalified based on their willingness to meet with Solution Providers and proven ability to purchase products and services

Cyber Security Summit: Boston (Boston, Massachusetts, USA, October 9, 2015) The Cyber Security Summit provides an exclusive business environment to meet with Senior Executives who are seeking innovative solutions to protect their business & critical infrastructure. Delegates at the Cyber Security Summit are prequalified based on their willingness to meet with Solution Providers and proven ability to purchase products and services

upcoming Events

Deepsec 2014 (Vienna, Austria, November 18 - 21, 2014) DeepSec is an annual European two-day in-depth conference on computer, network, and application security. This is a non-product, non-vendor-biased conference event. Our aim is to present the best research and experience from the fields' leading experts.

Maintaining Robust Grid Cybersecurity in Expanding Smart Grid Markets (Washington, DC, USA, November 20, 2014) This roundtable will explore how cybersecurity has become an integral component, not just an afterthought, of the critical infrastructure and the energy industry

EDSC 2014 (Seattle, Washington, USA, November 20 - 21, 2014) EDSC is a security conference focusing on embedded systems, hardware, and anything behind the silicon curtain. Embedded testing is a rapidly expanding area of the security industry staying current is important for engineers, researchers, and testers alike. EDSC will bring the top thought leaders in the embedded security field together for two days to share knowledge, techniques, and research.

Cyber Security World Conference 2014 (New York, New York, USA, November 21, 2014) Welcome to Cyber Security World Conference 2014 where renowned information security authorities and innovative service providers will bring their latest thinking to hundreds of senior executives focused on protecting today's enterprises. Cyber security experts will discuss topics such as protecting individuals and companies against cyber-attacks, biometrics as the future of security, risks brought by mobile computing, and protecting corporate and national infrastructure against foreign attacks

Ethiopia Banking and ICT Summit (Addis Ababa, Ethiopia, November 21, 2014) he one day summit is designed to highlight the key Investment opportunities especially in the Banking & ICT Sectors. As an emerging economic capital for the region, Ethiopia is leading the way in industrial growth, international trade and global integration for sub-Saharan Africa as a whole.

BSidesVienna (Vienna, Austria, November 22, 2014) BSidesVienna will open it's doors again in 2014. Be part of it and stay tuned

BSidesToronto (Toronto, Ontario, Canada, November 22, 2014) This year the conference is bigger, better, faster and…well, still one day in length but, we have an awesome line up. And no I'm not just paying "lip service"

DefCamp5 (Bucharest, Romania, November 25 - 29, 2014) DefCamp is the most important conference on Hacking & Information Security in Central Eastern Europe. The goal is bringing hands-on talks about latest research and practices from the INFOSEC field, gathering under the same roof security specialists, entrepreneurs, academic, private and public sectors

Cybergamut Tech Tuesday: Receiver Operating Characteristic (ROC) statistics and their successful use in medical studies, Nigerian scams, and APT detection (Columbia, Maryland, USA, December 2, 2014) Receiver Operating Characteristic (ROC) statistics have been a practical tool in the field of clinical medicine for more than 50 years, an area where stakes can be very high and test results are understood to be inherently uncertain. ROC statistics and that half-century body of knowledge also usefully inform networked system security across a range of activities including system design, analytics tuning, and operational tactics. This discussion first introduces ROC statistics in the context of clinical medicine, uses those concepts to explain why you can shortly expect a very well written Nigerian scam email, and then examines how ROC statistics can be used for practical improvements to networked system defense against Advanced Persistent Threat activity

5th Annual Raytheon Cyber Security Summit: "The Unassailable Enterprise" (Reston, Virginia, USA, December 2 - 3, 2014) We invite commercial and government entities to attend the 5th Annual Cyber Security Summit where we will explore the "unassailable enterprise" in 2014 and beyond. We bring together some of the most acclaimed cyber security experts and thought leaders in the industry to explore all aspects of cyber security

Healthcare Cyber Security Summit 2014 (San Francisco, California, USA, December 3 - 10, 2014) SANS is teaming up with the National Health Information Sharing & Analysis Center (NH-ISAC) to offer the 2nd Annual Healthcare Cyber Security Summit

SINET 16 (Washington, DC, USA, December 3 - 4, 2014) Innovative solutions frequently come from new and emerging companies. Each year, SINET invites sixteen innovative Cybersecurity companies to present their technology solutions to a select audience of prominent builders, buyers, investors and researchers. Our goal is to provide entrepreneurs from around the world an opportunity to increase awareness of their Cybersecurity products and solutions to US Federal Governmental agencies and commercial enterprises, key investors and venture capitalists. Applications close August 29, 2014

SINET Showcase (, January 1, 1970) "Highlighting and Advancing Innovation." Showcase provides a platform to identify and highlight "best-of-class" security companies that are addressing industry and government's most pressing needs and requirements. The chosen SINET 16 Innovators present their technological solutions to representatives from the ecosystem of the entrepreneur: venture capital, investment banking, system integration, academia, science, legal, policy, private industry and executives from the Federal Government, including civilian, intelligence and military professionals. Showcase's objective is to increase awareness of innovative solutions that may lead to an investment in, or the purchase of, advanced technologies that will help secure our nation's critical infrastructure and command-and-control systems.

Tax Incentives for Cybersecurity Businesses (Elkridge, Maryland, USA, December 9, 2014) Learn the details and take the opportunity to ask questions of leading experts on how to apply for tax credits (including cyber, research, security clearance, and secured space tax credits) and get the latest details on the Maryland Small Business Financing Authority's newest program for small businesses looking for investment dollars

International Conference for Internet Technology and Secured Transactions 2014 (London, England, UK, December 8 - 10, 2014) The ICITST is an international refereed conference dedicated to the advancement of the theory and practical implementation of secured Internet transactions and to fostering discussions on information technology evolution

(ISC)² Security Congress EMEA (London, England, UK, December 8 - 10, 2014) Building on the experience of the US-based (ISC)² Security Congress, now in its fourth year, (ISC)² Security Congress EMEA will offer a complementary and unique opportunity within the Europe Middle East and Africa region to participate in a comprehensive education program — over five focused tracks — and to connect with fellow colleagues in their international professional community. The themes are: Governance, Risk & Compliance; Mobile Security; Human Factor; Architecture; Data Security

ACSAC 30: Annual Computer Security Applications Conference (New Orleans, Louisiana, USA, December 8 - 12, 2014) ACSAC is more than just high quality, peer-reviewed research (though our 2013 acceptance rate was barely 19%). Our comprehensive program also includes training, case studies, panels, workshops, posters, and works-in-progress. Our speakers, presenters and instructors are experts involved in applied security work and research. Collectively, we explore practical solutions for computer security challenges across all phases of the system life cycle. ACSAC highlights the overall threat landscape, latest hacks and exploits, and the best prevention and defense innovations

ICFPT 2014 (Shanghai, China, December 10 - 12, 2014) ICFPT is the premier conference in the Asia-Pacific region on field-programmable technologies including reconfigurable computing devices and systems containing such components. Field-programmable devices promise the flexibility of software with the performance of hardware

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.