The CyberWire Daily Briefing for 4.1.2014
Internet censorship in Turkey (whose elections have wrapped up) and anti-regime hacktivism in Syria (whose civil war continues) affect Middle Eastern cyberspace. Scammers of uncertain provenance are using Syrian troubles as phishbait for their marks' personal information.
Other scammers cut sympathy for Ukraine into phishbait. Claims by AnonymousUkraine to have stolen 800 million credit cards receive skeptical scrutiny.
Webroot, taking the commonplace "ecosystem" metaphor with refreshing seriousness, points out the security danger of a cyber monoculture (and suggests this lies at the root of recent WordPress issues).
McAfee thinks there's a chance the recent iOS update may kill jailbreaking.
ComputerWeekly warns businesses to beware of "advanced evasion techniques," a fancy term for hackers' steadily improving obfuscation game. Dark Reading points out that Target was actually better prepared to fend off an attack than most other retailers. Both stories suggest two (largely) unmet needs: better threat intelligence (with the glare of war filtered) and improved automation for watchstanding and reverse engineering. Booz Allen sees a role for incentives in fostering information sharing. Microsoft researchers look to advanced sandboxing.
In industry news, Lockheed Martin announces its next cyber move, adding CyberPoint to its Cyber Security Alliance. Huawei promises to upgrade security against cyber espionage. Many companies address a shortage of cyber labor by growing their own talent. Early internship and mentorship are expected to help, as is support of STEM education. (So, from another angle, would improved automation.)
The EU and Brazil seek to bypass the US with a new undersea cable.
Notes.
Today's issue includes events affecting Australia, Brazil, China, European Union, India, Israel, Japan, Republic of Korea, Kuwait, Saudi Arabia, Syria, Turkey, Ukraine, United Kingdom, and United States..
Cyber Attacks, Threats, and Vulnerabilities
Turkey Hijacking IP addresses for popular Global DNS providers (BGPMon) At BGPmon we see numerous BGP hijacks every single day, some are interesting because of the size and scale of the hijack or as we've seen today because of the targeted hijacked prefixes. It all started last weekend when the Turkish president ordered the censorship of twitter.com. This started with a block of twitter by returning false twitter IP addresses by Turk Telekom DNS servers. Soon users in Turkey discovered that changing DNS providers to Google DNS or OpenDNS was a good method of bypassing the censorship. But as of around 9am UTC today (Saturday March 29) this changed when Turk Telekom started to hijack the IP address for popular free and open DNS providers such as Google's 8.8.8.8, OpenDNS' 208.67.222.222 and Level3's 4.2.2.2
Kuwait's Ministry of Internal Affairs Website Hacked: hacker demands interference in Syria (HackRead) The official website belonging to the Ministry of Internal Affairs of Kuwait was hacked and defaced on 26th March, 2014 by unknown hackers but reading the message on site shows they are Anti Syrian President Bashar Al Assad. Hackers left a deface page along with a message, asking Kuwaiti government and other Middle Eastern countries
Spammers use fake petitions to gather information (Alert Africa) Spammers are using the recent news about the US arming Syria rebels to trick Internet users into handing over their personal details
Bitdefender says that Scammers Exploiting Ukraine Crisis via Bogus Online Scams (Spamfighter) Security firm Bitdefender has revealed that cybercriminals are seeking assistance from kind-hearted victims with bogus distress emails for vacationers who are allegedly held up in Ukraine
Hackers Claim Data Theft on 800 Million Cards — But Is It True? (American Banker) Cybersecurity officials are still sizing up how much truth, if any, there is in a hacker group's claim that it stole data on hundreds of millions of U.S. card accounts
cmd.so Synology Scanner Also Found on Routers (Internet Storm Center) Yesterday, we talked about a scanner looking for Synology devices that was running on a ARM CPU equipped DVR. Looking at a few other sources of these scans, we did see a couple that didn't originate from similar DVRs. The first guess was that the scan originated from a device that was sitting behind a NAT gateway and wasn't exposed. At this point, it could have been "anything", even a good old infected Windows PC
Android Hacking and Security, Part 2: Content Provider Leakage (InfoSec Institute) In the previous article, we discussed how an attacker exploits vulnerable Activity Components and ways to secure them. In this article, we will discuss "Content Provider Leakage"
How a hacked password can unlock a Tesla car (Graham Cluley) A luxury Tesla Model S car, which (when maxed out with options and bells-and-whistles) is worth over $100,000. You wouldn't really expect the only thing to prevent a thief from unlocking it to be a simple six character password would you?
Managed DDoS WordPress-targeting, XML-RPC API abusing service, spotted in the wild (Webroot Threat Blog) With WordPress continuing to lead the CMS market segment, with the biggest proportion of market share, cybercriminals are actively capitalizing on the monocultural insecurities posed by this trend, in an attempt to monetize the ubiquitous (for the cybercrime ecosystem) TTPs (tactics, techniques and procedures). Despite actively seeking new and 'innovative' ways to abuse this trend, cybercriminals are also relying on good old fashioned reconnaissance and 'hitlist' building tactics, in an attempt to achieve an efficiency-oriented 'malicious economies of scale' type of fraudulent/malicious process. We've recently spotted a managed WordPress installations-targeting, XML-RPC API abusing type of DDos (Denial of Service) attack service
Security Patches, Mitigations, and Software Updates
Apple Could Kill Jailbreaking with Latest Update 0 (McAfee Blog Central) The latest iteration of Apple's iOS platform, iOS 7.1, launched on March 10 with an updated look and new features, as well as some key improvements to the security of the operating system. For this, you can thank hackers. Or, more specifically, you can thank the hackers who help people jailbreak their device
Cyber Trends
No grand strategy for cyberspace operations necessary (FierceGovernmentIT) Anyone lamenting today's lack of a cyber war grand strategist — someone "with great vision who will declare to the world what great power lies therein" — overlooks the properties of cyberspace, writes a Rand scientist in a paper
Business counts cost of cyber attackers' secret weapon (ComputerWeekly) Businesses around the world are counting the cost of failing to defend against advanced evasion techniques (AETs), a report reveals
The Convergence of Performance & Security for Next-Gen Monitoring (LinkedIn) Information assurance includes protection of the integrity, availability, authenticity, non-repudiation and confidentiality of data. Cyber security is at the center of data protection as well as business continuity. However, one cannot lose focus on how this all rolls up to business productivity and workflows (business process) within an organization
Homeland Security director says firms must be aware of internal cyber attacks (Irish Times) A Belfast conference was told of the need for more focus on the threat from within
Securities & Exchange Commission (SEC) Holds Cybersecurity Roundtable Client Alert (National Law Review) On Wednesday, March 26, 2014, the Securities and Exchange Commission conducted a roundtable discussion on cybersecurity and the issues and challenges cyber-threats present for public companies, exchanges, and market participants. The roundtable consisted of four separate panel discussions and included participants from the SEC, Treasury, the National Security Council, the Department of Commerce, and the Department of Homeland Security, as well as data security experts and representatives of public market participants and broker-dealers
Be Careful Beating Up Target (Dark Reading) Target was actually better prepared than most retailers. The real problem lies with the current state of industry threat intelligence and IR practices
How Remote Monitoring Adds Value from Afar (Security Magazine) Remote monitoring services in intelligent buildings will continue to grow in usage during the next few years
Marketplace
Lockheed Martin Adds CyberPoint to Cyber Security Alliance (MarketWatch) Lockheed Martin LMT +1.68% today welcomed CyberPoint International into its Alliance, adding their deep technical expertise, innovative solutions, and easy-to-use products to address the advanced persistent threats faced by every global government and commercial organization
EventTracker Enters Strategic Partnership With Altaware (PR-Inside) EventTracker, a leading provider of award-winning SIEM solutions, today announced that Altaware, a California-based security and networking provider, has joined the Solutions Partner Program. Altaware will provide and manage EventTracker's comprehensive suite of log management and SIEM solutions which offer security, operational, and regulatory compliance monitoring
1776 Partnership with Booz Allen Hamilton Melds Consulting Strategy and Entrepreneurial Talent to Address Contemporary Challenges (MarketWatch) 1776 and Booz Allen today announced a strategic partnership to mesh their complementary resources and abilities to address global-scale challenges impacting the way people live and work. The 1776/Booz Allen partnership will help government and commercial organizations build cultures of innovation and entrepreneurship; create new and distinctive products and services; and provide market access to enable high-promising startups to scale
China's Huawei vows security after alleged US hacks (AFP via NDTV) Chinese telecommunications equipment giant Huawei on Monday pledged to protect cyber security, following reports this month that a US government agency had been secretly tapping the company's networks
Navy Taps CACI, Honeywell, Serco for Electronic Surveillance Systems Support (GovConWire) CACI International (NYSE: CACI), Honeywell (NYSE: HON) and Serco Inc. will compete for task orders to perform technical support and related services for U.S. Navy electronic surveillance systems under a set of potential three-year contracts
CyberSecurity Shortage Threatens Rapid Tech Boom (BestTechie) With the rapid development of technology and the increased connectivity of all things, aka, the Internet of things, one area that is falling drastically behind is cybersecurity. In fact, there is shortage of nearly one million skilled security professionals worldwide, according to Cisco's 2014 Annual Security Report
Security Solutions Provider Seccuris Opens New Office in Austin (Digital Journal) Seccuris Inc., the leader in Enterprise Security Architecture and Information Assurance Integration, announced that it opened a new office in Austin, Texas. This move is part of the company's plan to expand its operations across North America
Eric Hess, Former First Advantage COO, Joins KeyPoint as Chief Executive (GovConWire) Eric Hess, formerly chief operating officer at background screening services firm First Advantage Corp., has joined investigative services contractor KeyPoint Government Solutions as CEO
Jericho Systems CEO Brynn Mow Appointed to Texas eHealth Alliance Board of Directors (Broadway World) Jericho Systems Corporation, developers of patented technology for data privacy and externalized access control, announced that its CEO, Brynn Mow, has been appointed to the Texas eHealth Alliance (TeHA) Board of Directors
Products, Services, and Solutions
Allianz launches cyber risk insurance product (Financial Standard) Allianz Global Corporate & Specialty (AGCS) has launched a cyber risk insurance product to counter the growing threat to security faced by Australian businesses
Raytheon Launches Updated Govt Cyber Monitoring Software; Steven Hawkins Comments (ExecutiveBiz) Raytheon has refreshed its cybersecurity software product that is intended to help federal agencies safeguard networks from insider threats and manage data privacy at the same time
ATM of the future: No cards, no buttons (ZDNet) Diebold has deployed the first of a completely different kind of ATM. The device has a minimal user interface; instead the customer uses a smartphone app
Pompem — Exploit Finder (Kitploit) Pompem is an open source tool, which is designed to automate the search for exploits in major databases. Developed in Python, has a system of advanced search, thus facilitating the work of pentesters and ethical hackers. In its current version, performs searches in databases
FolderChangesView — Monitor files changes on Windows (Kitploit) FolderChangesView is a simple tool that monitors the folder or disk drive that you choose and lists every filename that is being modified, created, or deleted while the folder is being monitored
LinkedIn warns of Sell Hack browser plugin that claims to reveal hidden email addresses (Graham Cluley) A browser extension called "Sell Hack" is creating something of a storm, after claiming it can reveal the hidden email addresses of LinkedIn users
Dropbox says it isn't poking around in our stuff (Naked Security) "We don't look at the files in your private folders and are committed to keeping your stuff safe", the company said in the wake of an internet freakout sparked by a user finding himself unable to share copyrighted content. Time to relax, or time to consider encrypting your files before they get to
Rebunking Google's Glass "myth" debunking (Naked Security) Google's published a listicle about what it says are the Top 10 Glass Myths. Here's Naked Security's security- and privacy-centric view of some of those "myths"
Wickr Spreads Its 'Leave No Trace' Messaging (Dark Reading) Privacy-conscious messaging technology now offered to other social media, messaging providers
Technologies, Techniques, and Standards
What's quality got to do, got to do with it? (CSO Salted Hash) At the CSO40 conference next week, I'll be speaking on ISO 9001 and its application to information security. But what does ISO 9001, an international standard of quality management, have to do with information security? Answer: Lots
How the Channel Can Help Companies Bridge the Windows XP Security Gap 0 (McAfee Blog Central) With just one week to go until Windows XP is scheduled for official End of Life (EOL) on April 8, it's clear that many businesses will be at risk of data loss if action is not taken now. Almost a third of the world's machines are still running Windows XP, and many of these businesses are in need of security consultancy and advice to help mitigate risk past the looming April 8 deadline
Why You Need to Measure the Right Things in Your Incident Reporting Process to Improve Your Security Culture (CSO Salted Hash) In the drive to cultivate a security culture, start by engaging people and using the right measurements to learn, inform, and grow
Creating an intelligent "sandbox" for coordinated malware eradication (Microsoft Malware Protection Center) Hello from China where I am presenting on coordinated malware eradication at the 2014 PC Security Labs Information Security Conference. Coordinated malware eradication was also the topic of my last blog. I said the antimalware ecosystem must begin to work with new types of partners if we are going to move from the current state of uncoordinated malware disruption, to a state of coordinated malware eradication
Out in the Open: How to Protect Your Secrets From Nosey Android Apps (Wired) When you install an app on your phone, it often spreads its tentacles into other various parts of the device. Sometimes, it taps into the hardware that identifies your location. Others, it grabs data from your address book
Part 2: Protecting patient data in the cloud (Government Health IT) As we discussed in Part I of this series, encryption plays a vital role in healthcare IT security, but not everyone understands the ins and outs. In Part I of our articles on encryption, we talked about the methods that do and don't meet HIPAA encryption requirements. Today we're going to focus on the other more critical components of encryption: selecting an appropriate algorithm/method, managing the keys used in the encryption process, encrypting data in transit and encryption verification
Cryptolocker ransomware protection: A new reason for old advice (TechTarget) The key to Cryptolocker ransomware protection is having a good backup plan in place. Find out why this malware needs to be taken seriously
Design and Innovation
Connecting Private Innovation and National Security (SIGNAL Magazine) A new effort hopes to improve relationships between nontraditional performers and government agencies. Tandem NSI is designed to connect the dots and create transparency, ultimately accelerating the D.C. region's position as a technology center
Research and Development
Researchers: RSA Adopted Second Tool That Might Have Helped NSA Surveillance (Dark Reading) RSA adopted a technology extension for secure websites that may have allowed faster cracking of RSA's flawed Dual Elliptic Curve
Academia
Northrop Grumman Awards Scholarships to CyberPatriot VI Winning Teams (MarketWatch) Helping tomorrow's cyber defenders further their education, Northrop Grumman Corporation NOC -.00% this weekend awarded nearly $50,000 in scholarships to students on the winning teams of the CyberPatriot VI National Finals Competition
Teenager wins cyber security competition (Acumin) The title of UK Cyber Security Champion has been awarded to a student, after he managed to fend off opponents in a contest that put the entrants' defence skills to the test. Nineteen-year-old Will Shackleton from the University of Cambridge
No three-month course can teach you how to code (Quartz) Organizations such as Codecademy, the Flatiron School, and General Assembly regularly get lauded for churning out legions of seemingly qualified engineers. The latest came in a recent Wall Street Journal article headlined, "Have Liberal Arts Degree, Will Code." Student X took Course Y and in a mere three months became an amazing developer now working for SuperStartup earning a salary far above the national average. How can you not love that story?
Legislation, Policy, and Regulation
Transatlantic cables will bypass USA to avoid NSA spying (Naked Security) EU says "A new fibre-optic submarine cable, connecting Latin America directly with Europe" will "enhance data protection". Is NSA evasion really the reason for new undersea cable projects wrapping around the globe?
China hopes U.S. matches words with policy on cybersecurity (Reuters via the Star) China's Foreign Ministry on Monday it welcomed comments by the U.S. defence chief saying the United States would exercise restraint in using the military in cyberspace, but added Beijing hoped Washington would match its words with actual policy
Tribute in US-China cybersecurity relations (The Strategist) Documents leaked by Edward Snowden last week appear to show that the National Security Agency (NSA) has secretly tapped into the networks of Chinese telecommunications company Huawei Technologies. Meanwhile, on the sidelines of the 2014 Nuclear Security Summit in Hague, Presidents Obama and Xi were vowing to cooperate on cybersecurity. These simultaneous events reveal the contradictory behaviour of major powers when it comes to their relations in cyberspace
CERT UK finally launches to counter cyber threats (SC Magazine) The UK government finally launched its first national computer emergency response team, CERT-UK, in London today
Pentagon Aiding Allies on Computer Security From Gulf to Asia (Bloomberg Businessweek) The Pentagon is working with a dozen countries, including allies in the Persian Gulf region and east Asia, to bolster the cybersecurity of their militaries and build a collective defense against attacks
NSA chief's legacy is shaped by big data, for better and worse (Los Angeles Times) In nearly nine years as head of the nation's largest intelligence agency, Gen. Keith Alexander presided over a vast expansion of digital spying, acquiring information in a volume his predecessors would have found unimaginable
Rubio fears 'unilaterally disarming' the NSA (MSNBC) It's been about a week since the Obama White House sketched out sweeping changes to U.S. surveillance policy, including an end to the National Security Agency's bulk data collection. For the most part, the political fight that often hangs over these questions related to national security has been extremely muted
What I Told the NSA (Huffington Post) Because of my service on the President's Review Group last fall, which made recommendations to the president about NSA surveillance and related issues, the NSA invited me to speak today to the NSA staff at the NSA headquarters in Fort Meade, Maryland, about my work on the Review Group and my perceptions of the NSA. Here, in brief, is what I told them
McConnell: Laws and policies 'have not kept pace' with cyber threats (FCW) When former Director of National Intelligence Mike McConnell briefed Henry Kissinger about cyber security several years ago, Kissinger had one word: Gutenberg
Cyberwars: Will The Pentagon's Plan For Defeating Insider Attacks Work? (Forbes) Last week Secretary of Defense Chuck Hagel gave his first major speech on cybersecurity in a live broadcast from the National Security Agency. Hagel detailed the impressive progress his department has made in coping with a rising tide of network attacks, describing how thousands of newly-trained specialists will enhance the nation's ability "to deter aggression in cyber space, deny adversaries their objectives, and defend the nation from cyber attacks that threaten our national security." However, in a curious omission, Secretary Hagel made no mention of plans for dealing with the kind of insider attacks perpetrated by former NSA contract employee Edward Snowden
Two Indians in Global Commission on Web Governance (Outlook) Two Indians are among 25 internationally recognised experts named to assist a global body in identifying and prioritising web governance and Internet policy-related issues
DHS grant to fund Nevada cybersecurity efforts (Watchdog.org) U.S. taxpayer dollars are being spent to beef up state cybersecurity efforts, despite the lack of a dedicated Department of Homeland Security cybersecurity grant program to help state and local operators comply with a new set of security expectations
Google Glass recording without permission could become illegal in Australia (Naked Security) The country's considering an overhaul of privacy laws that could make it illegal to record private conversations or activities without consent via Google Glass or similar wearable technologies
Porn site age-check law demanded by UK media watchdog (Naked Security) A video-on-demand watchdog in the UK — whose government seems to have its knickers in a permanent twist over children potentially accessing internet porn — is demanding an age-check law for porn sites
Litigation, Investigation, and Law Enforcement
A Letter to our Valued Customers from Trustwave's CEO Robert McCullen (Trustwave) Dear Customers and Business Partners, As some of you may know, Trustwave was recently named as a defendant in lawsuits relating to the data security breach that affected Target stores in late 2013
Expert witnesses exempted from DOJ encryption rules for years (FierceGovernmentIT ) Expert witnesses and litigation consultants hired by U.S. attorney's offices received waivers lasting more than three years that exempted them from laptop encryption rules meant to protect Justice Department information
U.S. top court considers patent protections for software (Reuters) The U.S. Supreme Court will on Monday delve into the hotly contested question of when software is eligible for patent protection
How the Aaron Swartz Case Unfolded (Boston Globe) Aaron Swartz, a brilliant young programmer and political activist, lurked on the Massachusetts Institute of Technology campus for more than three months in late 2010 and the early days of 2011, allegedly downloading 4.8 million articles from an academic journal archive called JSTOR as the university and the archive tried to stop him. After MIT sought help from the police, Swartz was arrested and charged with federal computer crimes that could have put him in jail for years. He committed suicide in January 2013
What's behind Albuquerque police shooting protest and cyber attack? (Los Angeles Times) What started as a peaceful protest over Albuquerque police involvement in a series of fatal shootings escalated into what the mayor called "mayhem" as cops and demonstrators clashed on Sunday. While tensions have been building for a while in the New Mexico city, the latest confrontation illustrates the continuing power of the Web and Internet groups to move beyond electrons into the streets, highlighting how the politics of protest has changed. Here is a primer to the issues
U.S. Is Weighing Release of a Spy for the Israelis (New York Times) The Obama administration is discussing the release of an American convicted of spying for Israel more than a quarter of a century ago, American officials said Monday, as it struggles to avert a collapse in peace talks between Israel and the Palestinians
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
Interop Conference (, Jan 1, 1970) Interop Conference sessions help you find actionable solutions to your current IT headaches and plan for future developments.
SyScan 2014 (Singapore, Mar 31 - Apr 4, 2014) SyScan is a deep knowledge technical security conference. It is the aspiration of SyScan to congregate in Asia the best security experts in their various fields, to share their research, discovery and experience with all security enthusiasts in Asia.
InfoSec World Conference & Expo 2014 (, Jan 1, 1970) With the primary objective of providing top-notch education to all levels of information security and IT auditing professionals, InfoSec World delivers practical sessions that give you the tools to strengthen your security without restricting your business.
NIST IT Security Day (Gaithersburg, Maryland, USA, Apr 8, 2014) The Office of the Chief Information Officer, OCIO, is hosting NIST IT Security Day as a means to heighten awareness for all NIST users on the many aspects of operational information technology security and networking at home and in the office. This event's objective is to educate users on IT security and related topics. The event will feature guest speakers on general and technical IT security topics and tutorials on internal services and products.
IT Security Entrepreneurs Forum (ITSEF) 2014 (, Jan 1, 1970) IT Security Entrepreneurs Forum (ITSEF) is SINET's flagship event, designed to bridge the gap between the Federal Government and private industry. ITSEF brings unique value to the Cybersecurity community by providing a venue where entrepreneurs can meet and interact directly with top government agency and industry officials in an open and collaborative environment. This SINET community of interest and trust facilitates broadened awareness of the government's challenges, needs, and its future direction regarding Cybersecurity, while shining a spotlight on the entrepreneurs and their innovative technologies that are helping to address and solve today and tomorrow's security challenges.
Defensive Cyberspace Operations & Intelligence Conference (, Jan 1, 1970) Two days of presentations, workshops, training, and networking on defensive operations and intelligence activities in cyberspace. Speakers from government, universities, and industry will share their insights with participants.
SOURCE (, Jan 1, 1970) The purpose of SOURCE Conference is to bridge the gap between technical excellence and business acumen within the security industry. SOURCE fosters a community of learning where business and security professionals come together to gain knowledge and skills, network with peers, and advance their careers and professional development. SOURCE enables individuals, teams, and organizations to leverage information to improve decision-making, optimize performance, and achieve business objectives.
2014 GovCon Cyber Summit (McLean, Virginia, USA, Apr 9, 2014) The U.S. Computer Emergency Readiness Team (US-CERT) noted that last year federal networks saw a substantial increase in hacking incidents, with 48,000 attacks reported by agencies. In recognition of this fact, and to help emphasize the importance of a secure framework, the Obama administration released the Cybersecurity Cross-Agency Priority (CAP) Goal to help agencies improve secure performance through network consolidation, strong identity management, and continuous monitoring. Agencies are implementing new procedures and technologies to shore up defenses before it's too late, and it's clear that the federal government is not going to stop in their increased efforts to minimize and prevent cyber security attacks. Bottom line, the federal government will continue to place significant focus on securing the nation's cyber infrastructure and it's having an impact on the entire GovCon community.
Women in Cybersecurity Conference (Nashville, Tennessee, USA, Apr 11 - 12, 2014) WiCyS is an effort to bring together women (students/faculty/researchers/professionals) in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring. Any individual or organization interested in recruitment/retention of women in this field and/or diversification of their cybersecurity workforce is especially encouraged to get involved.
NSA Procurement in today's business arena (Elkridge, Maryland, USA, Apr 16, 2014) An opportunity to gain inside perspective on market trends in NSA Procurement. The guest speaker will be William Reybold, National Security Agency's Deputy Senior Acquisition Executive (SAE), who manages all Agency procurements, from off-the -shelf supplies to developing and deploying large, highly technical, and complex new system. He is directly accountable for delivery of all major systems acquisitions and includes as part of the organization, the NSA Contacting Group.
Suits and Spooks San Francisco (, Jan 1, 1970) S3+: Surveillance, Security, Sovereignty and other Critical Issues. Not another hacker conference. Suits and Spooks is a unique gathering of experts, executives, operators, and policymakers who discuss hard challenges in a private setting over two days. CFP is now open. If you're interested in being a speaker at Suits and Spooks San Francisco, please send an email with your topic title, short abstract, and your bio by February 15th.
US News STEM Solutions: National Leadership Conference (, Jan 1, 1970) The STEM crisis in the United States demands solutions—and nowhere is the search more concentrated than at U.S. News STEM Solutions. Now in its third year, this premier national leadership conference is an outcome-focused forum for the entire network of experts, advocates and change-makers who are proactively working to fill jobs now and advance the future of the STEM workforce. More than a broad-based discussion of the issues, this year's conference will zero in on tangible results, real successes and collaborative strategies that are already moving the needle. If you have a vested interest in the development of the STEM pipeline, make your voice heard where it will have the most impact.
East Africa Banking and ICT Summit (Kampala, Uganda, Apr 25, 2014) The global event series for Banking and ICT Summit enters its third year. The summit will continue to provide delegates with technical & practical sessions, lectures and showcase for banking and ICT innovations, and unique networking opportunities.
National Collegiate Defense Cyber Competition (, Jan 1, 1970) Registration for the 2014 CCDC season is underway! Visit your region's website or contact your regional for registration and competition information.
InfoSecIndy (Indianapolis, Indiana, USA, Apr 26 - 27, 2014) Join us on April 26-27, 2014 in Indianapolis, Indiana for the premier Midwest Information Security and Digital Forensics Conference.
United States Cyber Crime Conference 2014 (, Jan 1, 1970) This is the only event of its kind that provides both hands-on digital forensics training and an interactive forum for cyber professionals to network. The conference covers the full spectrum of topics facing defenders as well as law enforcement responders. All aspects of computer crime will be covered, including intrusion investigations, cyber crime law, digital forensics, information assurance, along with research and development, and testing of digital forensic tools.
Infosecurity Europe 2014 (, Jan 1, 1970) Infosecurity Europe is Europe's number one Information Security event. Featuring over 350 exhibitors, the most diverse range of new products and services, an unrivalled education programme and over 12,000 visitors from every segment of the industry, it's the most important date in the calendar for Information Security professionals across Europe.