The CyberWire Daily Briefing for 3.7.2014
Events in Crimea escalate, kinetically, at least, with Ukraine alleging more Russian troop deployments as Crimea's rump-puppet parliament votes to join Russia. Some signs of cyber rioting break out, as anti-Putin hacktivists (perhaps operating independently) claim successful attacks on Russia's Rosoboronexport via a compromised Indian embassy network.
Indian media report a significant, long-standing penetration of that country's military networks.
Two major new cyber campaigns are reported. General Dynamics Fidelis reports that a criminal group, "STTEAM," is operating against oil and gas sector targets in the Middle East. (No further attribution is available, but Turkish words show up in the code.) Trend Micro discovers "Siesta" (so-called for its long periods of dormancy), a campaign directed against the energy, finance, security, defense, and healthcare sectors. Siesta is distributed via spearphishing of executives in targeted companies.
Two old campaigns remain active and dangerous: "Dexter" and "Project Hook" still endanger point-of-sale systems.
Apple's iOS is reported vulnerable to exploitation via malicious mobileconfig files.
Bitcoin exchange looting continues. Bitcoin aficionados protest that the flaws lie in the exchanges, not the cryptocurrency itself.
More cyber criminals are seen turning to extortion, as seen in Meetup's and Brand.com's experience. Expect threats of encryption, denial-of-service, and online reputational damage.
Cisco patches an authentication flaw in its routers. Microsoft will fix Internet Explorer zero-day CVE-2014-0322 on next week's Patch Tuesday.
Even as cyber security jobs open up, US students seem to fail at ideation: they're not seeing themselves in the field.
Charges dropped in the Barrett Brown hyperlink case.
Today's issue includes events affecting Azerbaijan, Colombia, Egypt, Ethiopia, European Union, Hungary, India, Iran, Italy, Kazakhstan, the Republic of Korea, Malaysia, Mexico, Morocco, Nigeria, Oman, Panama, Poland, Russia, Saudi Arabia, Sudan, Thailand, Turkey, the Ukraine, United Arab Emirates, United Kingdom, United States, and and Uzbekistan..
Cyber Attacks, Threats, and Vulnerabilities
The Ukraine crisis is not yet a cyber war, says Intel Security chief (The Inquirer) But will be if the countries' governments and critical infrastructure are targeted
Defining how a no-holds-barred Russia-Ukraine cyberwar would play out (ComputerWorld) From hacktivist defacements to Russian suppression of Ukrainian defense systems, a full-fledged cyber campaign could cause enormous collateral damage
U.S. Knew Of 'Imminent' Move In Crimea, Top Official Says (NPR) Senior U.S. officials were warned of imminent Russian military action in Crimea about a week before the troop movements that have sparked a major international crisis over Ukraine, the head of the Defense Intelligence Agency tells NPR
Ukraine crisis: CIA, not Pentagon, forecast Russian move — sources (Reuters via the Chicago Tribune) Until recently, collecting intelligence on Ukraine was a low priority for U.S. spy agencies, and as a result their reporting on recent developments was patchy, several current and former U.S. security officials said this week
Indian Embassy's Systems in Moscow Hacked to Target Rosoboronexport (Defense World) Indian embassy's network systems in Moscow were hacked to launch a cyber attack on Russian arms exporting agency, Rosoboronexport, if a claim by group calling itself the 'Russian Cyber Command' (RCC) is to be believed
Computers of armed forces and DRDO hacked (Economic Times) In a major security breach, around 50 computers belonging to the armed forces and the DRDO were hacked sometime back and classified files could have been compromised
Oil & Gas Firms Targeted In Web Server Hacks (Dark Reading) 'STTEAM' group also attacking Middle East state government sites, General Dynamics Fidelis says. A group of hackers who goes by the handle "STTEAM" has hit about a half-dozen oil and gas and government agencies in the Middle East using a mix of hacktivist, nation-state, and pure cybercrime techniques
Siesta cyber espionage campaign targets many industries (Help Net Security) Trend Micro researchers have uncovered yet another cyber espionage campaign targeting a wide variety of industries including energy, finance, security and defense, and healthcare. Dubbed "Siesta" on account of the periods of dormancy the delivered malware is ordered to enter at regular intervals, the campaign starts with malicious emails delivered to the target company's executives
Dexter, Project Hook POS Malware Campaigns Persist (Threatpost) Research this week makes it's clear that many attackers are still using point of sale malware, namely Dexter and Project Hook, in active attacks
Navy Hacking Blamed on Iran Tied to H-P Contract (Wall Street Journal) A major infiltration of a military network blamed on Iran was facilitated by a poorly written contract with computer-services provider Hewlett-Packard Co. HPQ, said people familiar with the matter
Apple iOS Vulnerable to Hidden Profile Attacks (InformationWeek) Unpatched flaw in iOS enables malicious profile users to secretly control devices and intercept data
Shedding New Light on Tor-based Malware (Threatpost) Alarm bells went off last August when spikes in Tor client downloads were traced to a large click-fraud and Bitcoin-mining botnet called Sefnit
Third cryptocurrency exchange becomes hacking victim, loses Bitcoin (ZDNet) Following Mt. Gox and Flexcoin, Poloniex has admitted to losing over 10 percent of customer funds due to cyberattacks
Bitcoin Heists Cause More Trouble (InformationWeek) Attackers continue to pummel bitcoin "banks," exchanges, and crypto-currency users themselves via malware that steals virtual wallets
Where have all the Bitcoins gone? (Naked Security) In the past, when we've covered anything that sounded even remotely like "Bitcoin trouble," we've ended up with well-meaning Bitcoin fans on our case. That's because many of, though not all, the Bitcoin troubles we have written about have really been troubles at the interface between Bitcoins and traditional currency
Newsweek Outting of Bitcoin's Satoshi Nakamoto Sparks Backlash (IEEE Spectrum) In an article published this morning by Newsweek, reporter Leah McGrath Goodman claims to have unmasked the elusive creator of the Bitcoin protocol. According to her story, the programmer, who for five years has been the subject of a high-stakes hacker manhunt, is a 64-year old, ailing Japanese American who loves model trains, deeply mistrusts the government and lives in the suburbs of Los Angeles. And his name really is Satoshi Nakamoto
Security pros see increase in Meetup-like DDoS extortion (CSO) Company refused to pay $300 ransom before being hit with attack
Brand.com blackmail, cyber attack shines light on cybercrime (Communities Digital News) In December, Brand.com president Mike Zammuto was the subject of a cyber attack. "One or more people sent us email demanding $500,000 in Bitcoin," said Zammuto. "They said that if we did not pay then that they would attack Brand.com and myself online and cause us to lose business"
Skype-based malware shows how 'peculiar' malicious code can be (NetworkWorld) ManTech's HBGary subsidiary found Skype-based malware 'hiding in plain sight' on customer's network
From Points A to Z: Examining a Random Phishing Email (CSO Salted Hash) Salted Hash examines a Phishing email, tracking the message to its source — a compromised school district — in an attempt to do some good, and maybe learn something
How cyber criminals beat email filters and web gateways (Computing) Cyber criminals can use clever psychological tricks to entice users to click on their malicious emails, and can be so adept at hiding their intentions that traditional email and gateway filtering fails to stop them
Free wi-fi hotspots pose data risk, Europol warns (BBC) Sensitive information should not be sent over public wi-fi hotspots, to avoid hackers stealing it, Europe's top cybercrime police officer has warned
Router Hack — What Happened And How To Fix It (Information Security Buzz) There have been quite a few news stories released over the past few days regarding a wide scale compromise of 300,000 Internet gateway devices
ComiXology requires all users to change passwords following breach (SC Magazine) Digital comics platform ComiXology is requiring all users to change their cryptographically protected passwords after an unauthorized individual gained access to a database of information
Hacker pranks San Francisco FBI using Google Maps exploit (San Francisco Bay Guardian) An ex-Marine turned hacker used his powers for good last week, exploiting a flaw in Google Maps to tap into phone calls from the FBI's San Francisco field office and the Secret Service
WARNING: Your Friends Are Not Naked In Videos; It's A Scam Spreading On Facebook (AllFacebook) Online security provider Bitdefender warned of yet another scam that is going viral on Facebook, involving nonexistent naked videos of users' friends
Oak Associates Funds Admits Data Breach (eSecurity Planet) Shareholders' names, addresses, e-mail addresses, phone numbers, Social Security numbers and account information may have been exposed
Security Patches, Mitigations, and Software Updates
Cisco Patches Authentication Flaw in Wireless Routers (Threatpost) There's a serious security flaw in some of Cisco's wireless routers that could allow a remote attacker to take complete control of the router. The bug is in a number of the Cisco small business routers, as well as a wireless VPN firewall
Microsoft will patch Internet Explorer 0-day flaw used in targeted attacks on March 11 (The Next Web) Microsoft today announced the latest Internet Explorer zero-day flaw (CVE-2014-0322) will be fixed on this month's Patch Tuesday. The patch will thus be released this Tuesday March 11 at approximately 10:00 AM PDT
There's No Real Difference Between Online Espionage and Online Attack (The Atlantic) You can't hack passively. Back when we first started getting reports of the Chinese breaking into U.S. computer networks for espionage purposes, we described it in some very strong language. We called the Chinese actions cyber-attacks. We sometimes even invoked the word cyberwar, and declared that a cyber-attack was an act of war
Baroness fires cyber attack warning (Yorkshire Post) Britain must be braced for a cyber attack aimed at crippling its military, industry and energy supplies during times of crisis, according to the former chairman of the Joint Intelligence Committee
Security Firms Don't Think Snowden's Leaks Have Dulled Their Tools (Motherboard) The corporate security industry isn't too concerned about the threats Edward Snowden's leaks posed to the National Security Agency's facade
Antivirus Users Want Low Impact, Good Detection, Survey Shows (PC Mag) Independent testing lab AV-Comparatives ran a survey last December asking site visitors just what they want to see in an antivirus product, what's most important to them in testing, and which information sources they trust. AV-Comparatives gave me a special link for my own post announcing this survey, which allowed them to supply me with figures for SecurityWatch readers, separate from the worldwide figures
Healthcare IT must adopt top security (European Hospital) With eavesdropping into secure systems brought sharply into focus as a result of revelations of monitoring by the US National Security Agency (NSA), a leading communication expert has warned that many hospitals across Europe need to take further steps to better protect the sensitive data stored on their healthcare IT systems
Security by design still not a reality, says security veteran (ComputerWeekly) In all the great technological innovation the world is seeing, security is still an afterthought, says Jarno Limnell, director of cyber security, Stonesoft, a McAfee Group Company
Spending on utilities' security will reach $8.4B this year, says Visiongain (FierceITSecurity) A renewed emphasis on the security of utilities infrastructure will spur $8.4 billion in security spending by companies and governments this year, predicts market research firm Visiongain
Cloud-based Security Solutions is an Emerging Trend in the Cyber Security Market in South Korea: TechNavio Report (FierceITSecurity) TechNavio, the independent London-based global research firm, today announced the publication of its research report on the Cyber Security Market in South Korea Market. The report finds cloud-based security solutions is an emerging trend in this market. The analysis is for the forecast period 2014-2018
CIO not the only one to blame for Target breach (ComputerWorld) Beth Jacob's resignation not surprising, but disappointing analysts say
Air Force needs support strategy for its six cyber weapons (Defense Systems) The Air Force is seeking support capabilities for the six cyber capabilities that have been approved for weapons system designations
Baltimore's software and IT industries are hiring (Baltimore Business Journal) Research Director-Looking at the list below, I think maybe it's not such a bad time to be a tech professional in the market for a job. Below are all the jobs mentioned to us in a recent survey of local software and IT consulting firms, when we asked each company if they're hiring in the next few months
American Career Aspirations Do Not Include Cybersecurity (InfoSecurity Magazine) The worldwide cybersecurity skills shortage is well-documented; and many countries have developed programs to fill the gap. These programs usually try to instill interest in schools, or tempt IT professionals into a career in security
Products, Services, and Solutions
Proofpoint Launches Anti-Malvertising Solution (SecurityWeek) Cloud-based security solutions provider Proofpoint has launched a new offering designed to combat malvertising
Avira Free Mac Security 18.104.22.168 Released (Softpedia) Avira has released a new update to its free antivirus software for OS X customers, Avira Free Mac Security 22.214.171.124, which packs equal doses of new features, enhancements, and fixes
Abacus Solutions Plays Key Role in Live Cybersecurity Simulation To Help Companies Understand the Threat Landscape (PRWeb) A report released this week details the large-scale cyber attack simulation that took place in Atlanta last week. The simulation, which was produced by the Technology Association of Georgia (TAG) and hosted by General James B. Butterworth, Adjunct General of the Georgia National Guard, exposed vulnerabilities companies have in protecting critical data, and in the real-time decision-making that happens during actual cyber attacks. Abacus Solutions Security Architect Jeff Jones played a key role as leader of one of the seven teams that attacked the fictitious business called The Logistics Company
Corero First Line of Defense Receives Two Info Security Global Excellence Awards (Wall Street Journal) Corero Network Security (LSE: CNS), a leading provider of First Line of Defense(R) security solutions, today announced that its DDoS Defense technology for the Enterprise was selected for two 2014 Info Security Global Excellence Awards. The Corero First Line of Defense solution received silver in the "Security Products and Solutions for Medium Enterprises" category and bronze in "Security Products for Finance and Banking"
Loaded and Locked: 3 Seriously Secure Cloud Storage Services (CIO) For the truly paranoid, storage that's encrypted from start to finish and accessible by no one else, ever
Air Force, Homeland Security step up to fight malware (Washington Times) New training kit to fend off attacks
Technologies, Techniques, and Standards
The password is dead: Next generation access management strategies (Help Net Security) If you follow the news, it's hard to miss all the breaches and stolen passwords offered for sale. The reality is that the method of processing passwords hasn't changed in the past 40 years, while attackers have become much more efficient.
CIOs Battle Worker Apathy Towards Lost or Stolen Mobile Phones (CIO) Like spoiled teenagers, American workers are telling their CIO that lost or stolen phones are simply not their fault, not their problem. Corporate data theft is no big deal. It's just a phone, they say. Besides, aren't you responsible for mobile data security? It's enough to make a CIO's blood boil
Survey: Centralized SSH security can help avoid high-profile breaches (TechTarget) Secure Shell keys used to protect machine-to-machine transactions are often going unmonitored by organizations, allowing hackers and insiders to use the unmanaged keys for malicious intent, according to a survey released by Cambridge, Mass.-based Forrester Research Inc
CSA to open source software defined perimeter "sometime this year" (Business Cloud) After a successful hackathon last week that saw its Software Defined Perimeter (SDP) network remain unbreached, the Cloud Security Alliance's (CSA) executive director Jim Reavis revealed that the organisation is on track to release an open source version of the framework "sometime this year"
New IT Security Survey Results — Top Reasons To Monitor Users (Dark Reading) BalaBit IT Security survey about use of privileged identity management (PIM) and privileged activity monitoring (PAM) technology
Research and Development
New technique targets C code to spot malware attacks (Help Net Security) Researchers from North Carolina State University have developed a new tool to detect and contain malware that attempts root exploits in Android devices. The tool improves on previous techniques by targeting code written in the C programming language — which is often used to create root exploit malware, whereas the bulk of Android applications are written in Java
Cryptographic obfuscation and 'unhackable' software (A Few Thoughts on Cryptographic Engineering) I have a thing for over-the-top cryptography headlines — mostly because I enjoy watching steam come out of researchers' ears when their work gets totally misrepresented. And although I've seen quite a few good ones, last week WIRED managed a doozy
A Cyber Army in Formation at South Korea's Hacker School (CSO) Many countries around the world are making large investments in cyber warfare from both an offensive and a defensive perspective. This is particularly true in emerging markets where finding parity in kinetic strength — tanks, submarines, ICBMs etc. — doesn' seem tenable, but where cyber can act as a great equalizer. South Korea is one such example
Norwich Ranked High as Cyber Security School (Northfield News) Norwich University was ranked second on a list of schools considered by security practitioners to be the best in the country for cybersecurity courses and degree programs
Publishers withdraw more than 120 gibberish papers (Nature) Conference proceedings removed from subscription databases after scientist reveals that they were computer-generated
Legislation, Policy, and Regulation
Privacy is in our blood, says NSA official (The Hill) Civil liberties are a top concern at the National Security Agency (NSA), the agency's new privacy chief said Thursday. "In their blood is [the] protection of your privacy," Rebecca Richards said Thursday, speaking at a privacy conference hosted by the International Association of Privacy Professionals
Four Federal Cyber Escapades to Watch for this Spring (Nextgov) The Obama administration's 2015 budget request hints at novel approaches to the cyber threat at civilian agencies and the Pentagon. Funding-related papers released on Tuesday to justify spending for congressional appropriators do not include the details. So, look for officials to color in the picture during House and Senate hearings in the weeks ahead
Scant detail so far on 'federal cyber campus' proposal (FierceGovIT) Details so far on a proposed "federal cyber campus" contained within the White House budget proposal are scarce, beyond a few offhand references
MeriTalk report discusses relationship between cybersecurity and big data (GSN) A new MeriTalk report, "Balancing the Cyber Big Data Equation," features information from 18 Federal IT and cybersecurity experts and highlights the importance of using intelligent analytics tools in federal IT to provide a secure network environment
Navy to Expand Information Dominance Capabilities (SIGNAL) The U.S. Navy is working to incorporate information dominance as a key part of its future warfighting tool kit. As a part of this ongoing effort, the sea service is standing up a new force dedicated to information dominance
California launches cyber-attack awareness campaign (FierceCIO) In response to growing IT security threats against government agencies, public corporations and private institutions, the State of California has launched a campaign to better educate organizations on the cyber security threats they face and steps they can take to better safeguard themselves
Litigation, Investigation, and Law Enforcement
Gen. Dempsey: NSA leaks will cost billions (AP via WAAY TV) The top U.S. military officer says it will take two years of study and billions of dollars to overcome the loss of security to military operations and tactics that were revealed in the massive stash of documents taken by former National Security Agency contractor Edward Snowden
Ex-OCR adviser offers HIPAA auditing tips (FierceHealthIT) Attorney David Holtzman, former senior adviser at the U.S. Department of Health & Human Services Office for Civil Rights, expects OCR will begin its HIPAA audit program in April, and says it's important for providers to be prepared from all angles
The Judge Who Said No to the NSA (American Lawyer) When Judge Richard Leon took on the NSA over its collection of phone data, it wasn't the first time he had questioned government's antiterrorism tactics
Two People Arrested for Hacking into KT Corp, Stealing Details of 12M Users (Softpedia) South Korean police have arrested a couple of individuals suspected of hacking into the systems of KT Corp, one of the country's largest telecom companies
Barrett Brown hyperlink charges dropped (Naked Security) Barrett BrownThe US government has moved to drop several charges against journalist and activist Barrett Brown that could have had far-reaching consequences for all users of the web
For a complete running list of events, please visit the Event Tracker.
CyberBiz Summit (Linthicum, Maryland, USA, Mar 28, 2014) Learn first-hand how to get your cyber business started, how to raise capital, and what to do to make it happen. Join us for four informative sessions, networking and breakfast at the BWI Westin on Friday, March 28th.
The Device Developers' Conference: Bristol (Bristol, England, UK, May 20, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn about the latest tools, technologies and techniques for the successful development of leading edge electronic products and systems.
The Device Developers' Conference: Cambridge (Cambridge, England, UK, May 22, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn about the latest tools, technologies and techniques for the successful development of leading edge electronic products and systems.
The Device Developers' Conference: Manchester (Manchester, England, UK, Jun 3, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn about the latest tools, technologies and techniques for the successful development of leading edge electronic products and systems.
The Device Developers' Conference: Scotland (Uphall, Scotland, UK, Jun 5, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn about the latest tools, technologies and techniques for the successful development of leading edge electronic products and systems.
Global Summit on Computer and Information Technology (, Jan 1, 1970) The summit is hosting multiple conferences in different areas of Computer & Information Technology. CIT is a major platform for researchers and industry practitioners from different fields of computer and information technology promising multidisciplinary exchanges in computer and information technology. We are attracting many high quality research papers spanning over the various aspects of information technology, computing science and computer engineering. Such research highlights foundational work that strives to push beyond limits of existing computer technologies, including experimental efforts, innovative systems, and investigations that identify weaknesses in existing IT services.
Reducing the Nation's Cyber Risk: White House Insights on the President's Critical Infrastructure Framework (New York, New York, USA, Mar 11, 2014) The Fordham School of Professional and Continuing Studies and the Fordham Computer and Information Science Department present this informative panel, open and free to the public.
cybergamut Technical Tuesday: Virtualization Technologies in Cyberwarfare (Columbia, Maryland, USA, Mar 11, 2014) Virtualization is often talked about in the context of cloud computing, cost savings and enterprise environments. In this talk, Jason Syversen of Siege Technologies will introduce Intel, AMD and ARM virtualization architectures and describe novel approaches to implementing virtualization technology / hypervisors for offensive and defensive cyber security applications. Case studies will be presented for malware detection, reverse engineering, code protection, security testing, stealthy code and other applications.
Nuclear Regulatory Commission ISSO Security Workshop (, Jan 1, 1970) Exhibitors will have the opportunity to showcase cutting-edge products and services available in today's market. All companies specializing in products and services that would benefit the NRC workforce are encouraged to exhibit at this one-day expo. Topics of the workshop and of high interest to attendees include: computer security policy, standards and guidance, cybersecurity, FISMA compliance, and training updates.
ICS Summit 2014 (Lake Buena Vista, Florida, US, Mar 17 - 18, 2014) The 9th Annual North American ICS Security Summit brings together the program managers, control systems engineers, IT security professionals and critical infrastructure protection specialists from asset owning and operating organizations along with control systems and security vendors who have innovative solutions for improving security.
27th Annual Federal Information Systems Security Educators' Association (FISSEA) Conference (, Jan 1, 1970) The 27th Annual Federal Information Systems Security Educators' Association (FISSEA) Conference will be held at the National Institute of Standards and Technology on March 18-20, 2014, exhibits will be on display March 19 only. This year's theme "Partners in Performance: Shaping the Future of Cybersecurity Awareness, Education, and Training" will focus on developing a better understanding of current information systems/cybersecurity projects, emerging trends, and initiatives. Through numerous high quality sessions, approximately 200 attendees will learn new ways to improve their IT security program and practical solutions to training problems while earning Continuing Professional Education (CPE) credits. The vendor fair gives attendees a tactical look at the products and services available to meet their professional goals.
Suits and Spooks Singapore (, Jan 1, 1970) Our first international Suits and Spooks conference will be held in Singapore with a visit to Malaysia on March 20-21, 2014. The focus will be on how multi-national corporations can profitably operate in a globally hostile environment that consists of foreign intelligence collection, mercenary hacker crews, insider threats, and supply chain/vendor vulnerabilities. Our international list of speakers will discuss who the threat actors are, what they're after, and best practices to mitigate the risks.
MCT-Congress: Going Mobile with Clinical Trials (Edinburgh, Scotland, UK, Mar 20 - 21, 2014) It is almost inevitable that mHealth solutions will be adopted across healthcare systems worldwide over the next decade. What is less clear is the impact that mobile solutions are having and could have on the clinical research process.
Cyber Security for Energy & Utilities (, Jan 1, 1970) Following the rapid evolution of the cyber and digital world, IT Security Directors, Information Security Directors, Chief Security Officers, Chief Information Officers and many more will gather at the 3rd Edition of Cyber Security for Energy & Utilities conference taking place from 23 -26 March 2014 at The Westin Golf Resort in Abu Dhabi, UAE.
Veritas 2014 (, Jan 1, 1970) At Veritas 2014, hear directly from the big data experts in top tier retail finance who are now implementing strategy and starting to yield real commercial value. Experts dedicated to Big Data in the sector will show you how the right approaches can lead to far-reaching results in business model innovation, risk mitigation and identifying new revenue streams. See how Veritas 2014 will help you develop your big data implementation strategy.
Black Hat Asia (, Jan 1, 1970) Black Hat is returning to Asia for the first time since 2008, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days--two days of deeply technical hands-on Trainings, followed by two days of the latest research and vulnerability disclosures at our Briefings.
SEC Cybersecurity Roundtable (Washington, DC, USA, Mar 26, 2014) The Securities and Exchange Commission today announced that it will host a roundtable next month to discuss cybersecurity and the issues and challenges it raises for market participants and public companies, and how they are addressing those concerns.
Cyber Security Management for Oil and Gas (, Jan 1, 1970) Attend to gain cutting-edge information from oil and gas cyber security experts on: Using the very latest in intelligence techniques to find and neutralize the newest threats in time. Preventing security breaches while ensuring your employees, social media and mobile devices operate effectively. Implementing best practices in order to achieve and maintain SCADA and other key systems security. How a "critical infrastructure" designation would impact different aspects of oil and gas cyber security management.
ISSA Colorado Springs — Cyber Focus Day (Colorado Springs, Colorado, USA, Mar 27, 2014) Join us for the Information Systems Security Association (ISSA) — Colorado Springs Chapter — Cyber Focus Day set to take on Thursday, March 27, 2014 at Colorado Technical University (CTU).
Corporate Counter-Terrorism: the Role of Private Companies in National Security (Washington, DC, USA, Mar 28, 2014) The 2014 American University Business Law Review Symposium will address the growing role of corporate America in governmental counter-terrorism programs, including the bulk metadata and PRISM surveillance initiatives. John Carlin, Assistant Attorney General for National Security, will deliver the keynote. Other speakers will include current and senior officials from the Justice Department, National Security Agency, Office of the Director of National Intelligence, FBI, DHS, Google, and Microsoft.
SyScan 2014 (Singapore, Mar 31 - Apr 4, 2014) SyScan is a deep knowledge technical security conference. It is the aspiration of SyScan to congregate in Asia the best security experts in their various fields, to share their research, discovery and experience with all security enthusiasts in Asia.
Interop Conference (, Jan 1, 1970) Interop Conference sessions help you find actionable solutions to your current IT headaches and plan for future developments.