The CyberWire Daily Briefing 04.18.14

Summary

By The CyberWire Staff

Digital certificates are being revoked at very high rates in response to the Heartbleed vulnerability, and that's exacting a toll on certificate-authority bandwidth. CloudFlare offers a preliminary look at costs associated with the bug. Mandiant reports successful exploitation of Heartbleed in the wild to circumvent VPN multi-factor authentication.

The scramble to find and close the vulnerability yields predictably spotty results, with early tool versions producing false negatives. But toolmakers (notably Nmap) update their products rapidly in response to feedback from independent testers. Tor is inspecting its entry and exit relays and has already blacklisted hundreds found vulnerable to Heartbleed.

An IOActive study reports big security issues with satellite communications networks: software weaknesses are said to place military operations and flight safety at risk.

A survey of security executives at RSA finds them interested in designing security around rigorously understood business risk.

Zurich Insurance and the Atlantic Council release a study of the "global interconnections of cyber risk," which should disabuse businesses of any lingering faith in legacy perimeter defenses.

George Mason University's Mercatus Center publishes a critical study of "rigid" US Government cyber policy that, the report claims, will make the Internet less robust and more vulnerable.

Germany-based Lavaboom offers a new secure email service whose marketing language, at least, is interesting for its post-Snowden sensibility.

A dark net search engine, "Grams," launches. It's accessible only through Tor (don't use it for evil).

Bugcrowd seeks to crowd-fund an OpenSSL audit.

Northrop Grumman urges cyber security legislation on the US Congress.

Notes.

Today's issue includes events affecting Argentina, Bahamas, Belarus, Bulgaria, China, France, Germany, India, Israel, Italy, Japan, Republic of Korea, Macedonia, Luxembourg, Romania, Russia, Saudi Arabia, Spain, Taiwan, Ukraine, United Kingdom, United States and Uruguay.

Selected Reading

Cyber Trends

Annual Survey Reveals Understanding Risk From a Business Perspective Is a Top Network Security Concern for Organizations (Broadway World) AlgoSec, the market leader for Network Security Policy Management, today announced the results of "The State of Network Security 2014: Attitudes and Opinions," a survey of 142 information security and network operations professionals, application owners and compliance officers conducted during the RSA Conference in February 2014. Results from the survey reveal that the biggest challenge for organizations is prioritizing, understanding and addressing vulnerabilities in a business context. Almost all respondents believe that business stakeholders should "own the risk" of their critical application

Beyond data breaches: global interconnections of cyber risk (Zurich and the Atlantic Council) The growing number and sophistication of cyber attacks is threatening to outstrip our efforts to increase resiliency against them

Tomorrow's Internet less resilient, says report (FierceGovernmentIT) The Internet of tomorrow will be less resilient, less available and not as robust as today's, warns a think tank and an insurance company

Report Slams Government's Cybersecurity Fix (Time) Despite warnings from security experts that the nation's critical infrastructure is vulnerable to cyber attacks, the report's authors lambast the government's "rigid" response to a threat they say is overblown

Despite Mobile, Cloud and Big Data, People Are the Biggest Security Weakness (InfoSecurity Magazine) As the volume of data generated within the enterprise workflow grows bigger each and every day, adopting a future-proof approach to information security will be increasingly imperative — and even more challenging

The Dirty Dozen Spampionship: Who's who in the global spam-sending league? (Naked Security) It's once again time for our quarterly Spampionship charts

Two Thirds of U.S. Companies Were Breached by SQL Injection Attacks in 2013 (eSecurity Planet) The average SQL injection breach took almost 140 days to discover, according to the Ponemon Institute

SQL Injection Cleanup Takes Two Months or More (Dark Reading) A new report highlights the prevalence and persistence of SQL injection attacks

Executive viewpoint: Mixed messages on software security (TechTarget) (ISC)² issued their Global Information Security Workforce Study during the RSA Conference in February; so when their own Security Congress 2013 event opened in Chicago this fall, they were looking for something fresh to say. The solution was a recut of the original data, focusing solely on the responses from the 1,634 respondents "with security executive titles"

M-Trends on the Importance of Rapid Detection and (M-Unition) Every year I look forward to reading the new M-Trends Report. It's a powerful summary of the lessons Mandiant learns from conducting incident response engagements for global clients. The report describes what our teams see in the field. It does not attempt to provide a statistically significant representation of the global population of incident response activity. Rather, it's our best effort to share what we think you should know, derived from first-hand experience at hundreds of clients in more than 30 industry sectors

Legislation, Policy and Regulation

Saudi Prince Bandar promised a victory he could not deliver (The National) A month into the Syrian uprising, a university lecturer from Damascus was arrested at a peaceful protest in the capital and, after the customary beating and a few days in prison, was ordered to sign a confession

Top 100 companies told to set up risk management committees (The Hindu) The Securities and Exchange Board of India has said that the top 100 companies must constitute risk management committees immediately, in line with its revised corporate governance norms

Northrop CEO urges Congress to pass cybersecurity legislation (Reuters) U.S. weapons maker Northrop Grumman Corp on Thursday urged U.S. lawmakers to enact cybersecurity legislation that would limit the liability of U.S. companies and enable them to take more decisive action to protect their computer networks

Products, Services, and Solutions

Secure email service Lavaboom launches (Help Net Security) Lavaboom, a German secure email service that aims to provide users with the most secure email account they will ever own (their words), will go into private beta around Easter

New 'Google' for the Dark Web Makes Buying Dope and Guns Easy (Wired) New search engine for the dark web is modeled after Google. The dark web just got a little less dark with the launch of a new search engine that lets you easily find illicit drugs and other contraband online

Boeing and Root9B Partner to Offer In-Depth Cybersecurity Training (The Wall Street Transcript) Boeing [NYSE: BA] is partnering with root9B to provide cybersecurity training and simulations that will help customers address rapidly evolving cyber threats

Technologies, Techniques, and Standards

DISA tests a move away from CAC (C4ISR Networks) The Defense Information Systems Agency is taking a first step away from the Defense Department's longtime security backbone, the common access card, with a small, early pilot exploring derived credentials

Report: Use Stage 3 to create a robust health data infrastructure (FierceHealthIT) Meaningful Use Stage 3 should embrace interoperability at its core to foster creation of a truly interoperable health data infrastructure, according to a report conducted by JASON, an independent group of scientists that advises the U.S. government on science and technology

A Robust Health Data Infrastructure (JASON: The Mitre Corporation) The promise of improving health care through the ready access and integration of health data has drawn significant national attention and federal investment. David Blumenthal (former National Coordinator for Health Information Technology) and Marilyn Tavenner (current Administrator for the Centers for Medicare & Medicaid Services, CMS) have characterized the situation well

Privacy attorney: Documentation for HIPAA audits must be meticulous (FierceHealthIT) With HIPAA audits this fall expected to be more narrow in focus, healthcare organizations and their business associates must ensure that their documentation is meticulous, according to Adam Green, a privacy attorney with Washington, D.C.-based law firm Davis Wright Tremaine

7 Things to Consider Before Implementing a Cloud Security Solution (PCQuest) Worried about security of your cloud apps and services? Then Cloud based SIEM technology is the answer. Here's what you need to know before choosing a solution based on this technology from a vendor

NIST cybersecurity framework analysis: Putting it to good use (TechTarget) We all know that our country's critical infrastructure is vitally important to our national defense and economy, as well as our ability to ensure that global economic transactions are not only sustained but also enhanced

How A Little Obscurity Can Bolster Security (Dark Reading) Most security professionals deride the idea of "security by obscurity." Is it time to re-evaluate the conventional wisdom?

Federal IT Security Policies Must Be User Friendly (InformationWeek) Federal agencies should choose security tools and policies that suit the productivity needs of their employees

Marketplace

Cyber warriors fought between the government and the security industry (Security Affairs) The demand for cyber security experts continues to raise, the US Government announced further investment to recruit new cyber talents with many difficulties

A simple cure for the cybersecurity skills shortage (CIO) An approach that has worked for centuries in all sorts of industries is just as applicable to the security field

Dallas-based FireHost raises $25 million in new capital (Dallas Morning News) Dallas-based FireHost has raised $25 million in new funding to fuel its business as a secure cloud provider as companies struggle with online threats

Former Virginia Sen. Chuck Robb to Chair MITRE's Board of Trustees (GovConWire) Chuck Robb, who served as Virginia's governor from 1982 to 1986 and two terms in the Senate, has been appointed chairman of the board of trustees at MITRE Corp

Former tech darling Sandvine regains some of its allure (Globe and Mail) For years, Sandvine Corp. was just another tech-world Next Big Thing that failed to live up to its hype. Now, the company finally looks poised to establish a dominant position in a promising sector

Microelectronics Technology Corporation Completes Acquisition of Bitcoin Cyber Currency Digital Mining Company (MarketWired via Yahoo! Finance) Microelectronics Technology Corporation (OTCQB: MELY), is pleased to announce the Company has completed the documentation required for the finalization of the acquisition of Digital Mining Corporation and its digital mining assets

Costs of Censorship Haunt 'Chinese Twitter' IPO (Wired) When shares of Chinese microblogging network Weibo — a.k.a. the Twitter of China — begin trading on the NASDAQ stock market today, investors will be calibrating their enthusiasm to account for the risk of future censorship by Chinese officials

Research and Development

Bugcrowd launches funding drive to audit OpenSSL (CSO) Bugcrowd, the bug bounty marketplace driven by crowdsouring, has launched a donation campaign in order to help pay for a security audit of OpenSSL. The hope is that such an audit will prevent another Heartbleed

Open Source Intelligence Offers Crystal Ball Capability (SIGNAL) Researchers working on behalf of the U.S. intelligence agencies can use reams of open source, anonymous data to foretell social turmoil such as disease outbreaks or international political unrest. Once fully developed, the capability to predict coming events may allow U.S. officials to more effectively respond to public health threats; to improve embassy security before an imminent attack; or to more quickly and effectively respond to humanitarian crises - See more at:

Security Patches, Mitigations, and Software Updates

Tor Begins Blacklisting Exit Nodes Vulnerable to Heartbleed (Threatpost) The Tor Project has begun blacklisting exit nodes vulnerable to the Heartbleed vulnerability in OpenSSL

Heartbleed and your SOHO wireless systems (Tripwire: the State of Security) Do you need to upgrade the firmware on your home or office wireless router to counter risks from the Heartbleed vulnerability? Before upgrading your routers firmware, you should check the support website of your router vendor to find out if your device is affected

Cyber Attacks, Threats, and Vulnerabilities

Heartbleed CRL Activity Spike Found (Internet Storm Center) It looks like, as I had suspected, the CRL activity numbers we have been seeing did not reflect the real volume caused by the OpenSSL Heartbleed bug

Certificate Revocations Shoot up in Wake of OpenSSL Heartbleed Bug (Threatpost) The after effects of the OpenSSL heartbleed vulnerability continue to spread through the technology industry, nearly two weeks after the details of the flaw were disclosed. One of the latest repercussions is a huge increase in the number of SSL certificates being revoked, as site owners and hosting providers go through the process of replacing vulnerable certificates

Heartbleed Bug Sends Bandwidth Costs Skyrocketing (Wired) The exposure of the Heartbleed vulnerability last week had a number of repercussions, one of which was to set off a mad scramble by companies to revoke the SSL certificates for their domains and services and obtain new ones. The total costs of Heartbleed are yet to be calculated, but CloudFlare has come up with some stunning numbers that give us an idea of the price of a serious bug like this one

Attackers Exploit the Heartbleed OpenSSL Vulnerability to Circumvent Multi-factor Authentication on VPNs (M-Unition) Less than a week since the public disclosure of the "Heartbleed" vulnerability, Mandiant incident responders have already identified successful attacks in the wild by targeted threat actors. The Heartbleed vulnerability (CVE-2014-0160), publicly disclosed on April 7th by security researchers Neel Mehta and Codenomicon is a buffer over-read bug in the Transport Layer Security (TLS) extension. The bug was present in a section of code responsible for providing "Heartbeat" notifications between a client and server. A working proof of concept of the exploit appeared on the Internet last week that allowed an attacker to obtain up to 64KB of random memory space per malformed heartbeat request.

OpenSSL Heartbleed bug sniff tools are 'BUGGY' — what becomes of the broken hearted? (The Register) Software that claims to detect the presence of OpenSSL's Heartbleed bug in servers, PCs and other gear may falsely report a system to be safe when users are actually in danger, according to a security consultancy

Firefox and Chrome Browser Extensions that Check for Heartbleed (Gizmo) The Heartbleed bug is a very nasty Internet problem that affects us all. Dealing with it is complex and not clear-cut at this time but one thing that many Internet users want to do is check sites to see which ones might still be subject to the bug

Tor anonymity network to shrink as a result of Heartbleed flaw (Tech World) The Tor Project banned 380 vulnerable entry and exit relays and is eyeing 1,000 more

American Funds urges password change to counter 'Heartbleed' bug (Reuters) American Funds, the No. 3 U.S. mutual fund family, advised some customers to change user names and passwords on Wednesday as the number of companies and people affected by the notorious "Heartbleed" bug grows

11 Heartbleed Facts: Vulnerability Discovery, Mitigation Continue (Dark Reading) Millions of websites, applications from Cisco and VMware, Google Play apps, as well as millions of Android devices are vulnerable — and the list keeps growing

How to Limit Heartbleed Risk Today (eSecurity Planet) What can you do to reduce your risk from Heartbleed? eSecurity Planet has got you covered

Crucial military satellite systems are vulnerable to hacking, experts say (The Guardian) Researchers have warned that military operations and flight-safety communications are being endangered by software weaknesses

A Wake-up Call for SATCOM Security (iOActive) Satellite Communications (SATCOM) play a vital role in the global telecommunications system. IOActive evaluated the security posture of the most widely deployed Inmarsat and Iridium SATCOM terminals. IOActive found that malicious actors could abuse all of the devices within the scope of this study. The vulnerabilities included what would appear to be backdoors, hardcoded credentials, undocumented and/or insecure protocols, and weak encryption algorithms. In addition to design flaws, IOActive also uncovered a number of features in the devices that clearly pose security risks

The dismal state of SATCOM security (Help Net Security) Satellite Communications (SATCOM) play a vital role in the global telecommunications system, but the security of the devices used leaves much to be desired, says Ruben Santamarta, principal security consultant with IOActive

Hewlett-Packard Virtual User Generator Emulation Admin Service Information Disclosure Vulnerability (Zero-Day Initiative) This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Virtual User Generator. Authentication is not required to exploit this vulnerability. The specific flaw exists within the exposed EmulationAdminSoapBinding web service. The issue lies in the handling of several methods resulting in the ability to read, write, and delete arbitrary files. An attacker can leverage this vulnerability to leak credential databases or execute code under the context of SYSTEM

iOS Malware Campaign "Unflod Baby Panda" (SektionEins) On 17th April 2014 a malware campaign targetting users of jailbroken iPhones has been discovered and discussed by reddit users. This malware appears to have Chinese origin and comes as a library called Unflod.dylib that hooks into all running processes of jailbroken iDevices and listens to outgoing SSL connections. From these connections it tries to steal the device's Apple-ID and corresponding password and sends them in plaintext to servers with IP addresses in control of US hosting companies for apparently Chinese customers

Fake Facebook Chat Verification Used for Spam (TrendLabs Security Intelligence Blog) Facebook users are once again the target of a malicious scheme—this time in the form of a notification about "Facebook Chat"

Phishers Recruit Home PCs (Dark Reading) Residential broadband machines spotted hosting phishing attacks

Phishing Campaign Targets World of Warcraft Players (eSecurity Planet) The e-mails ask recipients for their Battle.net user names, passwords, and answers to security questions

A Good Look at the Andromeda Botnet (Virus Bulletin via Fortinet Blog) Andromeda is a modular bot. The original bot simply consists of a loader, which downloads modules and updates from its C&C server during execution. The loader has both anti-VM and anti-debug features. It will inject into trusted processes to hide itself and then delete the original bot. The bot hibernates for a long time (from several days to months) between communications with its C&C server. As a result, it can be difficult to obtain information about network traffic between the infected system and the C&C

University Urology Acknowledges Insider Breach (eSecurity Planet) An administrative assistant provided patient names and addresses to a competing healthcare provider

Texas Cardiology Clinic Hacked (eSecurity Planet) More than 1,400 patients' names, addresses, phone numbers, Social Security numbers and medical records were exposed

Michaels says breach at its stores affected nearly 3M payment cards (IT World) Another 400,000 cards at subsidiary Aaron Brothers may have been affected

Litigation, Investigation, and Enforcement

Two justices say high court will likely rule on NSA programs (Reuters) Two members of the Supreme Court indicated on Thursday night that the court will ultimately have to decide the legality of National Security Agency surveillance activities

Away from The Post, a pro-NSA counterdemonstration (Washington Post) On Monday, my Washington Post colleagues celebrated winning the Pulitzer Prize for public service along with the Guardian newspaper for their reporting on Edward Snowden's revelations about the National Security Agency. On Wednesday, Post columnist Marc Thiessen held a counterdemonstration

New York attorney general subpoenas high frequency trading firms (FierceFinanceIT) The office of New York Attorney General Eric Schneiderman sent subpoenas to six high-frequency trading firms as part of an investigation into whether certain participants in the market have unfair advantages over others

Clicking 'Like' can cancel your right to sue a company (Naked Security) Want to save 50 cents on your cereal? Better watch out. Downloading that coupon or even clicking "Like" on the cereal maker's Facebook page could cost you the right to sue the company, given the direction US companies are taking

Twitter parody account holder sought in police raid (Ars Technica) Authorities say Twitter impersonation carries maximum year jail term, $2,500 fine

Design and Innovation

Google's 10 Big Bets On The Future (InformationWeek) From Project Ara smartphones to solar-powered drones, these Google projects try to turn science fiction into reality. Look what's coming

What's Driving Google's Wild Moonshots? Desperation (Wired) A Google ad isn't worth as much as it used to be. In its quarterly earnings report yesterday, the company said the "cost per click" of an ad on the site dropped again, a years-long trend that shows no sign of reversing. The decline contributed to Google missing Wall Street's profit expectations. But it wasn't the only factor

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

CyberWest (Phoenix, Arizona, USA, May 13 - 14, 2014) Cyber threats affect all industry sectors and impact individuals, businesses and governments. From hacktivists to advanced persistent threats, conducting business on-line exposes individuals, corporations and Governments to a complex threat environment including hacktivists to trans-national crime organizations and advanced persistent threats. Join experts from government, industry and academia in discussing how we are making our future more secure.

2nd Annual Oil & Gas Cyber Security Conference (Houston, Texas, USA, July 15 - 17, 2014) This highly interactive, hands-on forum will break down each potential cyber threat specific to the oil and gas industry, as well as tackle key issues including managing communication between OT and IT networks and building a technologically sound incident response plan that will enhance the security and protection of ICS and SCADA networks.

Suits and Spooks San Francisco (, January 1, 1970) S3+: Surveillance, Security, Sovereignty and other Critical Issues. Not another hacker conference. Suits and Spooks is a unique gathering of experts, executives, operators, and policymakers who discuss hard challenges in a private setting over two days. CFP is now open. If you're interested in being a speaker at Suits and Spooks San Francisco, please send an email with your topic title, short abstract, and your bio by February 15th.

US News STEM Solutions: National Leadership Conference (, January 1, 1970) The STEM crisis in the United States demands solutions—and nowhere is the search more concentrated than at U.S. News STEM Solutions. Now in its third year, this premier national leadership conference is an outcome-focused forum for the entire network of experts, advocates and change-makers who are proactively working to fill jobs now and advance the future of the STEM workforce. More than a broad-based discussion of the issues, this year's conference will zero in on tangible results, real successes and collaborative strategies that are already moving the needle. If you have a vested interest in the development of the STEM pipeline, make your voice heard where it will have the most impact.

East Africa Banking and ICT Summit (Kampala, Uganda, April 25, 2014) The global event series for Banking and ICT Summit enters its third year. The summit will continue to provide delegates with technical & practical sessions, lectures and showcase for banking and ICT innovations, and unique networking opportunities.

National Collegiate Defense Cyber Competition (, January 1, 1970) Registration for the 2014 CCDC season is underway! Visit your region's website or contact your regional for registration and competition information.

InfoSecIndy (Indianapolis, Indiana, USA, April 26 - 27, 2014) Join us on April 26-27, 2014 in Indianapolis, Indiana for the premier Midwest Information Security and Digital Forensics Conference.

United States Cyber Crime Conference 2014 (, January 1, 1970) This is the only event of its kind that provides both hands-on digital forensics training and an interactive forum for cyber professionals to network. The conference covers the full spectrum of topics facing defenders as well as law enforcement responders. All aspects of computer crime will be covered, including intrusion investigations, cyber crime law, digital forensics, information assurance, along with research and development, and testing of digital forensic tools.

Infosecurity Europe 2014 (, January 1, 1970) Infosecurity Europe is Europe's number one Information Security event. Featuring over 350 exhibitors, the most diverse range of new products and services, an unrivalled education programme and over 12,000 visitors from every segment of the industry, it's the most important date in the calendar for Information Security professionals across Europe.

Cyber COMSEC and IT Day at Fort Huachuca (, January 1, 1970) This one-day vendor expo is a unique opportunity to demonstrate your products and services to military and civilian personnel at Fort Huachuca. Exhibitors will have a casual atmosphere to share ideas, concerns and build relationships with the men and women of Fort Huachuca.

Kirtland AFB — Cyber Security Seminar & Information Technology Expo (Albuquerque, New Mexico, USA, May 7, 2014) Join FBC and the Armed Forces Communications & Electronics Association (AFCEA)-Albuquerque Chapter for the Cyber Security Seminar & Information Technology Expo set to take place at Kirtland Air Force Base. This is the only yearly event officially sponsored by AFCEA at Kirtland AFB. The goal of this expo is to stimulate exchanges of information between industry partners and Kirtland AFB Information Management Officers', Information Technology personnel, Contracting Officers' as well as end-users, developers, scientists, researchers and project managers in the areas of cyber security and information technology.

US Secret Service Cybersecurity Awareness Day (Washington, DC, May 8, 2014) This Cybersecurity event will be the first of its kind at the USSS. There will be 2-3 opportunities for participating companies to present a 1/2 hour presentation on a Cybersecurity topic of concern to the agency. In addition, this event will be widely attended by the majority of personnel at the USSS HQ building. Attendance is expected to be over 300 for the event.

SANS Security West (, January 1, 1970) SANS Security West will arm information security professionals with the necessary insight to prepare their organization for today and the future. Attendees will have the opportunity to advance their information security skill set by learning innovative ideas and techniques to fend off today's most challenging cyber threats as well as emerging threats.

HackMiami 2014 (Miami Beach, Florida, USA, May 9 - 11, 2014) The HackMiami 2014 Hackers Conference seeks to bring together the brightest minds within the information security industry and the digital underground. This conference will showcase cutting edge tools, techniques, and methodologies that are at the forefront of the global threat landscape.

Eurocrypt 2014 (, January 1, 1970) Eurocrypt 2014 is the 33rd Annual International Conference on the Theory and Applications of Cryptographic Techniques. It is devoted to all aspects of cryptology.

ISPEC 2014 (Fujian, China, May 12 - 14, 2014) The ISPEC conference series is an established forum that brings together researchers and practitioners to provide a confluence of new information security technologies, including their applications and their integration with IT systems in various vertical sectors.

GovSec 2014 (Washington, DC, USA, May 13 - 14, 2014) GovSec is the nation's premier event for Government, Homeland Security, and Law Enforcement professionals looking for proven strategies and cost effective technology so they can achieve their mission of protecting our critical infrastructures, key assets, communities and the nation.

Cyber Security for National Defense Symposium (, January 1, 1970) DSI's Cyber Security for National Defense Symposium is designed as an educational and training "Town Hall" forum, where thought leaders and key policy-makers across military and civilian organizations can come together for actionable discussions and debate. The symposium will focus on increasing the security and resiliency of the Nation's critical networks, operating freely in the Cyber Domain, and the protection of infrastructure in support of national defense and homeland Security.

FOSE Conference (Washington, DC, USA, May 13 - 15, 2014) Spend 1 day or 3 days at the FOSE conference and leave with actionable information, covering a broad spectrum of trending topics including: Cybersecurity, Cloud and Virtualization, Mobile Government, Big Data and Business Intelligence, Project Management, Procurement and Acquisition and more. (free-of-charge for government personnel).

INFILTRATE (, January 1, 1970) INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Groundbreaking researchers focused on the latest technical issues will demonstrate techniques that you cannot find elsewhere. INFILTRATE is the single-most important event for those who are focused on the technical aspects of offensive security issues, for example, computer and network exploitation, vulnerability discovery, and rootkit and trojan covert protocols. INFILTRATE eschews policy and high-level presentations in favor of just hard-core thought-provoking technical meat.

Security BSides Denver 2014 (Denver, Colorado, USA, May 16, 2014) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening.

Security Start-up Speed Lunch NYC (New York, New York, USA, May 19, 2014) Our goal for this inaugural event is to connect the most promising security startups in the world with decision-makers at aerospace, asset-management, banking, communications, defense, energy, healthcare, government, technology and transportation sector companies in a novel way: the speed lunch.

CEIC 2014 (Las Vegas, Nevada, USA, May 19 - 22, 2014) It's no exaggeration to say that CEIC is the biggest digital-investigations conference of its kind and the only one to offer hands-on lab sessions and training for practical skills development. From sessions on acquiring evidence from mobile devices to international e-discovery to cyber security intelligence, there's simply no other training or seminar series available that packs so much relevant and practical information from so many expert speakers into a single four-day period.

The Device Developers' Conference: Bristol (Bristol, England, UK, May 20, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn about the latest tools, technologies and techniques for the successful development of leading edge electronic products and systems.

Positive Hack Days (, January 1, 1970) Positive Hack Days is the international venue for the unification of progressive forces of the IT industry. It is about innovators interested in information security problems; it is fresh blood and bright eyes, the atmosphere of a huge research ground, communication between people sharing the same views and their opponents, minimum formalities and maximum practice.

Georgetown Law: Cybersecurity Law Institute (, January 1, 1970) A day does not go by where cybersecurity is not in the news. In fact, according to a recent national survey conducted by FTI Consulting, cybersecurity is the number one issue on the minds of general counsels of American companies. Last year's inaugural Cybersecurity Law Institute received positive reviews for its unique simulation approach that prepared attendees on actions to take if their company faced a cyber-attack.

NSA Mobile Technology Forum (MTF) 2014 (, January 1, 1970) The Mobile Technologies Forum is an annual event that attracts SIGINT, Information Assurance, HUMINT, Federal Law Enforcement, Counterintelligence and Government personnel from the United States, Australia, Canada, New Zealand, and United Kingdom focused in mobile technologies. Those companies who specialize in both current and future mobile features and equipment or have efforts that benefit NSA's efforts should participate as a commercial vendor; conference attendance is limited to government employees.

CyberMontgomery Forum: Center of Gravity (Rockville, Maryland, USA, May 22, 2014) Cybersecurity will be a major growth engine in the region for many years to come. With solid federal government, industry and academic assets already in place in the region, there is still a need to bring them together so that they can coalesce and elevate the cyber ecosystem to a level of national prominence. CyberMontgomery Forum events will provide clear direction on finding business opportunities, contracting, forecasted demand areas, workforce development, recruiting & staffing, legal responsibilities for businesses, updates on technologies being developed in MoCo and summary updates regarding our NCCoE neighbors, federal civilian agencies and commercial sector leaders.

Cyber Risk Summit (Washington, DC, USA, May 22, 2014) This one-day leadership conference will provide a discussion forum for business executives, insurance companies and policymakers on more effective private and public responses to cyber risk management. Topics to be discussed by expert speakers will include state and federal regulatory and legislative initiatives, efforts to develop a common cyber security framework, the threats from cyber espionage and terrorism, and the development of public and private mechanisms to finance and transfer losses from cyber events.

The Device Developers' Conference: Cambridge (Cambridge, England, UK, May 22, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn about the latest tools, technologies and techniques for the successful development of leading edge electronic products and systems.

Fort Meade Technology Expo (, January 1, 1970) The Ft. Meade Technology Expo is a one-day event held at the Officers' Club (Club Meade) on base. Industry vendors will have the unique opportunity to showcase their products and services to personnel that may otherwise be unattainable.

CANSEC (, January 1, 1970) CANSEC is Canada's foremost defence tradeshow. A two-day event, CANSEC will feature 120,000 square feet of indoor exhibits by Canada's leading edge defence companies, as well as an outdoor static display. This tradeshow targets a wide audience of customers that includes Government agencies and departments with an interest in the defence sector.

Hack in The Box Security Conference (HITBSecConf) Amsterdam (, January 1, 1970) HITBSecConf Amsterdam is a gathering of network security professionals and enthusiasts who come from all corners of the globe to discuss the next generation of attacks and defense techniques. This is not an event you come to for 'security 101' talks or marketing hype. We cover stuff that hasn't made it into the news — yet. Potential security issues coming our way in the next 12 months.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.