The CyberWire Daily Briefing 04.28.14

Summary

By The CyberWire Staff

As the US levies sanctions against Russia for its actions in Ukraine, US officials warn American enterprises to expect some Russian cyber retaliation. (Latvia and Moldova are similarly wary, probably with even greater reason.) Russia clamps down on social media as it upgrades its cyber alert posture.

An investigation concludes that Chinese intelligence services pwned Australian parliamentary networks in 2011.

Recent cyber incidents in Turkey raise doubts among NATO allies of that country's cyber security.

Syrian hacktivists deface UNICEF New Zealand's site with calls for international intervention in Syria's civil war. Saudi cyber vandals go after a small California city. Both victims were apparently chosen as soft targets of opportunity.

Of more widespread concern is the weekend's disclosure that a Microsoft Internet Explorer zero-day is being exploited in the wild. FireEye, which discovered the campaign of targeted attacks (naming it "Clandestine Fox"), says the exploit bypasses both ASLR and DEP. All versions of Internet Explorer are affected; browsing to a compromised website renders a machine vulnerable to malware installation. There's no patch available yet, but a fix is in the works. Microsoft has issued a set of recommended interim workarounds.

Newly discovered Windows XP exploits may succeed in ending the OS's afterlife.

Security researchers explore Heartbleed's implications. ZDNet discusses an unrelated SSL/TLS vulnerability affecting iOS.

Phishers move to smaller ponds.

The Christian Science Monitor reports on alleged satcom vulnerabilities. US agencies increase threat information sharing with commercial aviation.

The University of Central Florida wins the National Collegiate Cyber Defense Competition.

Notes.

Today's issue includes events affecting Australia, Austria, Brazil, Canada, China, European Union, Germany, India, Ireland, Israel, Latvia, Moldova, NATO, Russia, Saudi Arabia, Syria, Taiwan, Turkey, United Arab Emirates, United States.

Selected Reading

Cyber Trends

As cyber attacks multiply, so do insurance policies that cover damages (Baltimore Business Journal) In the wake of high-profile security breaches that have affected major companies and universities, a growing number of firms are pushing a relatively new product for businesses: cyber security insurance

Survey: Enterprises Need Better Way to Share Threat Intelligence (eSecurity Planet) Only 30 percent of IT and IT security pros say they're satisfied or very satisfied with the way their organization obtains threat intelligence

FBI Warning Highlights Healthcare's Security Infancy (Dark Reading) Cyberattacks likely to increase against healthcare providers, FBI warns, and experts say it's no surprise since industry's security posture is about a decade behind that of the financial services sector

Opinion: Cyber threat is dire, says FBI official (Cincinnati.com) Have you been a victim? Hackers are stealing the personal data and credit card information of millions of individuals at a time. What used to be a rare event is becoming more common as businesses and government agencies scramble to protect sensitive data. Unfortunately, no one is immune from being a target, and the exposure of personal information is just one aspect of the cyber threat

AOL, Yahoo email problems show limits of email security (ZDNet) Two very large email providers decide to deal with phishing and other attacks by setting a harsh DMARC policy, causing a storm of bounce messages

Cyber firms look to move the electrical grid (Washington Post) At a keynote speech in Washington last month, former CIA director Leon Panetta warned that cyberspace is the "battlefield of the future." Hackers could trigger disruptions similar to those caused by Hurricane Sandy if they gain access to electricity grids, transportation systems or other networks, he said

Large firms hit by 69 percent of targeted cyber-attacks in India: Symantec (NDTV) Despite stepped up information security measures, businesses in India continue to be an attractive target for cybercriminals with as many as 69 percent targeted attacks being focused on large enterprises, a Symantec report said on Thursday

Cyber threat detection paramount, says SANS fellow (ComputerWeekly) Cyber threat prevention is ideal, but detection is a must, says Eric Cole, SANS Institute fellow, cyber defence curriculum lead and course author

BYOD poses hurdles for data backup administrators (FierceMobileIT) The BYOD trend presents a challenge for data backup administrators because of the many mobile device types they must deal with and general intermittence when it comes to network connectivity

The internet of everything — bringing more risk to more places (Naked Security) The Internet of Things (IoT) is a ubiquitous buzz-phrase these days

Legislation, Policy and Regulation

Russia Orders Bloggers To 'Register'; Outlaws Anonymous Blogging, Continues Clampdown On Social Media (TechDirt) As we've reported, Russia has been steadily trying to bring the Internet under control with ever-more stringent measures. After tackling general Web sites through powers that allow them to be blocked more easily, it now seems to be the turn of the bloggers, as this report from the ITAR-TASS News Agency on a recently-approved law explains

Secret Shin Bet Unit at The Front Lines of Israel's Cyber-War (Arutz Sheva) Officials speak about the ISA's involvement in protecting Israel's cyberspace for the first time

Merkel under pressure to press Obama over NSA scandal (Press TV) A high-ranking German opposition politician has called on Chancellor Angela Merkel to urge US President Barack Obama, during her next week visit to the US, to destroy the file Merkel has in National Security Agency

Inclusive process (Deccan Herald) Although the Global Multistakeholder Meeting on the Future of Internet Governance (NETmundial) at Sao Paulo in Brazil concluded without concrete progress to show, it provides reason for satisfaction as it marks the beginning of constructive and inclusive conversations on questions of internet governance, right to privacy, surveillance

Canada Bought NSA Telecom Equipment To The Tune Of $50 Million-Plus: Report (Huffington Post) The federal government spent more than $50 million buying high-security communications technology from the U.S. National Security Agency, according to data unearthed by Vice magazine

White House look at how government, companies use big data finds potential for discrimination (AP via the Toledo Blade) A White House review of how the government and private sector use large sets of data has found that such information could be used to discriminate against Americans on issues such as housing and employment even as it makes their lives easier in many ways

Government, industry target air traffic cyber attacks (Federal Times) Several government agencies are partnering with commercial organizations, including airplane manufacturers, in a new information-sharing program designed to help thwart potential cyber attacks against the air traffic control system

Justice Department Names New CIO (InformationWeek) Joseph Klimavicz, who led IT, big data, and datacenter consolidation initiatives at NOAA, will assume the DoJ's CIO seat in May

Government surveillance hot topic at Legislature (Pueblo Chieftain) Colorado lawmakers are pushing several bills this year that seek to limit government surveillance — proposals that have gained momentum in the wake of revelations about federal collection of phone and email records

Products, Services, and Solutions

WhoIsConnectedSniffer — Network discovery tool that listens to network packets on your network (Kitploit) WhoIsConnectedSniffer is a network discovery tool that listens to network packets on your network adapter using a capture driver (WinpCap or MS network monitor) and accumulates a list of computer and devices currently connected to your network. WhoIsConnectedSniffer uses various protocols to detect the computers connected to your network, including ARP, UDP, DHCP, mDNS, and BROWSER

Raytheon enhances malicious insider threat and privileged user abuse detection with new SureView release (MarketWatch) Raytheon Company RTN +1.42% today announced the latest developments found in their new SureView™ release, which include new policy support features that enhance product capability for continuous monitoring and network auditing against insider threat and privileged user abuse

IBM sets eyes on hyperscale systems with Power processors (FierceCIO:TechWatch) IBM is aiming for a greater slice of the pie where hyperscale systems are concerned, and is looking to achieve this by widening the appeal of its Power server chips to compete with Intel's Xeon processors. This comes against a backdrop of decline in the traditional Unix market, and IBM wants to position Power for Web and analytics applications in large, scale-out data centers

Technologies, Techniques, and Standards

Working to accomplish compliance and security (Help Net Security) Organizations have until January 2015 to meet the new requirements of the PCI Data Security Standard version 3.0. Businesses need to ensure that compliance is cyclical and proactive rather than a report pulled together just before the auditor arrives. How can a business protect its infrastructure and data on multiple levels? This article discusses strategies that can help organizations more easily achieve and maintain PCI compliance

How to Easily Check an Entire Windows Folder Using Many Different Antimalware Programs (Gizmo's Freeware) If you need to do security checks on entire folders with multiple antimalware programs, here's a tool for you. It's from Microsoft Sysinternals and is called Sigcheck

Passwords: Real-world issues, tips and alternatives (Help Net Security) Per Thorsheim is an independent information security adviser based in Norway. He is the founder and main organizer of PasswordsCon, the first and only international conference on passwords

Marketplace

Pentagon sees new risks to industrial base during current spending downturn (Federal News Radio) While the Pentagon and its suppliers have gone through plenty of Defense spending downturns before, they say this one is different and poses risks the earlier ones didn't, both for the companies themselves and for future military capabilities

Paul Zonneveld: Deloitte Continues Cybersecurity Expansion With Urgentis Buy (GovConWire) Deloitte has purchased Alberta, Canada-based cybersecurity firm Urgentis Digital Crisis Solutions Inc. for an undisclosed amount in a move to help clients respond to advanced malicious threats

Microsoft completes Nokia acquisition (ComputerWeekly) Microsoft has completed the acquisition of Nokia Devices and Services business. The deal will boost the company's Windows Phone business

America is in short supply of cyber experts (The Hill) The Target data breach could have been a story pulled from a heist movie, with the thief coming in through the airducts. Reports indicate the multi-billion dollar hack took place after the network credentials of a heating and air conditioning subcontractor paid to remotely monitor the temperature at Target stores was exploited. This is a plausible explanation — and is worrisome even if proved wrong

Red tape, 'tattoo-aversion' snarls government hiring of cybersecurity experts (Reuters via the Chicago Tribune) In the race to attract cybersecurity experts to protect the government's computer networks, the Department of Homeland Security has a handicap money can't fix

Snowden Boosts Non-U.S. Tech Vendors (Wall Street Journal) Companies based outside the United States are winning deals as a result of Edward Snowden's revelations of electronic espionage by the U.S. National Security Agency. "We're invited in deals we've never had before because we're not headquartered in the U.S.," said Raimund Genes, chief technology officer of security firm Trend Micro

Huawei denies threat to Taiwan's national security (WantChinaTimes) Huawei's global cyber security officer John Suffolk has urged Taiwanese officials and civilian telecommunications operators to obtain a deeper understanding of the Chinese phone maker and services provider's operations, hoping to work out a set of security norms together, writes our sister paper Want Daily

Why Bug Bounties Are The New Normal (Dark Reading) Bug bounties today are big business. Find out how crowdsourcing is changing the dynamics of independent security research and vulnerability disclosure

Research and Development

Your prints are all over your photos, say UAE scientists (The National) Few fields have been transformed by the march of digital technology in quite the way photography has been

Security Patches, Mitigations, and Software Updates

Vulnerability in Internet Explorer Could Allow Remote Code Execution (Microsoft Security TechCenter) Microsoft is aware of limited, targeted attacks that attempt to exploit a vulnerability in Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11

Mozilla to strengthen SSL certificate verification in Firefox (CSO) Mozilla plans to more strictly enforce industry best practices for SSL certificates in future versions of Firefox with a new certificate verification system

Report: Microsoft could update Windows 8 as often as twice a year (FierceCIO:TechWatch) Just updated to Windows 8.1 and enjoying the various tweaks, such as better keyboard and mouse integration on non-touchscreen equipped desktops and laptops? Get ready, then, because if the latest reports are true, it looks like Microsoft will be ramping up the update calendar even faster

Cyber Attacks, Threats, and Vulnerabilities

Officials Say Russian Hackers May Retaliate for Sanctions (Bloomberg BusinessWeek) U.S. officials and security specialists are warning that Russian hackers may respond to new sanctions by attacking the computer networks of U.S. banks and other companies

Chinese spies read Australian MPs' emails for a year (Haaretz) 2011 cyber attack effectively gave outside agencies control of the Australian parliament's entire system, Australian security sources say

Turkey's Cyber Vulnerability Raises NATO Concerns (Defense News) A flurry of cyberattacks that has deeply embarrassed the Turkish government in recent months has raised concerns among some NATO officials about vulnerabilities in the country's cyber defenses, diplomats and analysts said

Syrian hacker hacks and defaces UNICEF New Zealand Official blog for Free Syria (Hack Read) A Syrian hacker going with the handle of Dr.SHA6H has hacked and defaced the official blog of The United Nations Children's Fund (UNICEF) designated for New Zealand. Hacker left a deface page along with a message on hacked UNICEF blog, questioning governments of the world why they are not interfering in the ongoing civil war in Arab Republic

Official Website of City of Westminster, California hacked by Saudi Hackers (Hack Read) Two Saudi Arabian hackers going with the handle of NeT-DeViL and Dr-TaiGaR from Group Hp-Hack have hacked and defaced the official website of City of Westminster, California earlier today. Hackers uploaded a .txt file as a deface page along with a message, telling the City of Westminster California to go to hell

New Zero-Day Exploit targeting Internet Explorer Versions 9 through 11 Identified in Targeted Attacks (FireEye) FireEye Research Labs identified a new Internet Explorer (IE) zero-day exploit used in targeted attacks. The vulnerability affects IE6 through IE11, but the attack is targeting IE9 through IE11. This zero-day bypasses both ASLR and DEP. Microsoft has assigned CVE-2014-1776 to the vulnerability and released security advisory to track this issue. Threat actors are actively using this exploit in an ongoing campaign which we have named "Operation Clandestine Fox." However, for many reasons, we will not provide campaign details

Microsoft Warns of Attacks on IE Zero-Day (Krebs on Security) Microsoft is warning Internet Explorer users about active attacks that attempt to exploit a previously unknown security flaw in every supported version of IE. The vulnerability could be used to silently install malicious software without any help from users, save for perhaps merely browsing to a hacked or malicious site

New zero-day exploit attack sees Internet Explorer in the line of fire. No fix from Microsoft yet (Graham Cluley ) Watch out folks. A new zero-day vulnerability has been found in all versions of Internet Explorer, and is being actively exploited in targeted attacks according to security firm FireEye

Hackers may accomplish what Microsoft can't—kill off Windows XP (Quartz) Despite the fast growth of Google's Chrome web browser, Microsoft's Internet Explorer still has hundreds of millions of loyal users, and remains the most popular browser in the world for desktop computer use. But that lead could be in jeopardy after Microsoft said over the weekend that its browser is vulnerable to an attack that could allow hackers to install software on unsuspecting users' computers. Microsoft is working on a fix, and said it is only aware of "limited, targeted" attacks

Hackers find first post-retirement Windows XP-related vulnerability (NetworkWorld) Internet Explorer 6, 7 and 8 arent being exploited yet, but harbor a critical flaw

How I used Heartbleed to steal a site's private crypto key (Ars Technica) Extracting keys from unpatched servers requires skill, but it's eminently doable

Post-Heartbleed: What should you be doing about passwords? (F-Secure) The Heartbleed bug in OpenSSL hit hard this month, exposing millions of users, businesses and even some of the world's most famous websites, to the potential for data loss and painful privacy leaks

Looking beyond Heartbleed (CSO) I have a good idea what you spent the last week and a half doing: putting out Heartbleed fires. But don't stop now! Keep that momentum going for just a bit longer. Let me explain why

'Triple handshake' bug another big problem for TLS/SSL (ZDNet) Apple recently patched a vulnerability in SSL/TLS code in iOS and OS X. No, not Heartbleed, but one which is, in some ways, worse

Can military's satellite links be hacked? Cyber-security firm cites concerns. (Christian Science Monitor) Satellite communications terminals, including those used by the US military, are vulnerable, says IOActive, a cyber-security firm. SATCOM industry officials say the terminals are secure

Android users, beware: Simple wallpaper apps found to secretly mine bitcoin (BGR) Not long ago it was discovered that a couple of Google Play Store Android applications that were downloaded anywhere from one million to five million times had malicious code that covertly turned Android devices into silent Bitcoin miners. The malware managed to bypass Google's Play Store security, but they were not the only ones to include digital currency mining capabilities. A new report from security firm Lookout reveals that at least five other applications from Google's app store can also turn Android smartphones and tablets into miners

Phishing Finds a Bevy of New Hosts, Exploiting Open RDP Ports of Home PCs (Duo Security) A recent wave of phishing attacks reveal that attackers are now installing web server software on home computers and uploading numerous phishing pages that they link to in spam emails targeting financial institutions and payment services. But why? According to extensive research by Phishlabs, when phishing sites are identified, the hosting providers are often contacted to quickly take them down. With direct control over their servers and the power to shut them down over a breach of their terms of contract, hosts can curtail a phisher's attempts at stealing credentials. So by finding unsuspecting PC hosts, attackers can easily prolong the lifespan of their phishing operations

Salted Links: 28 April 2014 (Phishing Edition) (CSO Salted Links) Hook, line, and sinker — today's post focuses on Phishing

Kautilya v0.4.5 Released (Toolswatch) Kautilya is a toolkit which provides various payloads for Teensy device which may help in breaking in a computer. The toolkit is written in Ruby

Using Facebook Notes to DDoS any website (A Programmer's Blog) Facebook Notes allows users to include ‹img› tags. Whenever a ‹img› tag is used, Facebook crawls the image from the external server and caches it. Facebook will only cache the image once however using random get parameters the cache can be by-passed and the feature can be abused to cause a huge HTTP GET flood

Understanding The Top 5 Mobile Banking Trojans (PCMag SecurityWatch) SecurityWatch is no stranger to mobile malware, botnet attacks, and banking Trojans, but most people only have a hazy understanding of how those three look combined. What are some of the biggest mobile banking threats affecting users today?

Organized Crime Group Scams US Companies Out Of Millions (Dark Reading) Social engineering attack tricks companies into large wire transfers

Rex Mundi Hackers Blackmail Web Host AlfaNet (eSecurity Planet) The hackers threatened to publish 12,000 customers' data if the Web host didn't pay a ransom of 15,000 Euros

Stolen Laptop Exposes 733 Pennsylvania Patients' Data (eSecurity Planet) The laptop was password-protected, but doesn't appear to have been encrypted

Bulletin (SB14-118) Vulnerability Summary for the Week of April 21, 2014 (US-CERT Cyber Security Bulletin) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information

Academia

University of Central Florida wins 2014 Raytheon National Collegiate Cyber Defense Competition (MarketWatch) Rochester Institute of Technology and University of Alaska, Fairbanks round out the winning schools as government and commercial cyber experts test the skills of teams from across the country

Code.org to help 2 million students learn to program (Seattle Times) Apparently Code.org's successful "Hour of Code" event in December was just a warm-up act

Litigation, Investigation, and Enforcement

Judicial review of Facebook PRISM case to be heard this week (Irish Examiner) A judicial review brought by an Austrian student over the transfer of personal information by Facebook is to go ahead in the High Court in Dublin this week

A Phone Company Fought the NSA—And the NSA Won (National Journal) A surveillance court ordered the company to hand over its customers' data

Department of Justice and the Office of the Director of National Intelligence Announce the Publication of Additional Foreign Intelligence Surveillance Court Fillings, Opinions and Orders Regarding Collection Under Section 501 of the Foreign Intelligence Surveillance Act (IC on the Record) On January 3, 2014, the Director of National Intelligence declassified and disclosed publically that the U.S. government had filed an application with the Foreign Intelligence Surveillance Court seeking renewal of the authority to collect telephony metadata in bulk, and that the FISC renewed that authority. The Office of the Director of National Intelligence also announced that the Administration was undertaking a declassification review of the FISC's January 3 Primary Order. On February 12, 2014, and following a declassification review by the Executive Branch, the FISC released in redacted form the previously classified January 3 Primary Order it had issued in Docket Number BR 14-01, along with a number of other documents

Wickham: Edward Snowden plays a pawn for Putin (Reno Gazette-Journal) Coming off of his cameo appearance in Russian President Valdimir Putin's recently televised news conference, Edward Snowden's biggest problem is not how U.S. government officials view him. It is how he sees himself

Hillary Clinton: Edward Snowden's Leaks Helped Terrorists (National Journal) She is "puzzled" and found it "odd" that Snowden fled the country

Barrett Brown's Plea Agreement Unsealed (eSecurity Planet) Brown pled guilty to three charges that could result in a prison term of up to eight and a half years

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

STEM Café (Geneva, Illinois, USA, May 6, 2014) At the next STEM Café, Raimund Ege, associate professor in NIU's Department of Computer Science, will lead a lively discussion on how computer crime affects our everyday lives and what we can do to protect ourselves and our data. The event will take place from 6:30 to 8:30 p.m. Tuesday, May 6, at Claddagh Irish Pub, 1702 Commons Drive in Geneva.

United States Cyber Crime Conference 2014 (, January 1, 1970) This is the only event of its kind that provides both hands-on digital forensics training and an interactive forum for cyber professionals to network. The conference covers the full spectrum of topics facing defenders as well as law enforcement responders. All aspects of computer crime will be covered, including intrusion investigations, cyber crime law, digital forensics, information assurance, along with research and development, and testing of digital forensic tools.

Infosecurity Europe 2014 (, January 1, 1970) Infosecurity Europe is Europe's number one Information Security event. Featuring over 350 exhibitors, the most diverse range of new products and services, an unrivalled education programme and over 12,000 visitors from every segment of the industry, it's the most important date in the calendar for Information Security professionals across Europe.

Cyber COMSEC and IT Day at Fort Huachuca (, January 1, 1970) This one-day vendor expo is a unique opportunity to demonstrate your products and services to military and civilian personnel at Fort Huachuca. Exhibitors will have a casual atmosphere to share ideas, concerns and build relationships with the men and women of Fort Huachuca.

cybergamut Technical Tuesday: Malware Reverse Engineering (Columbia, Maryland, USA, May 6, 2014) An introduction to the tools, workflows, and tricks of the trade to attack sophisticated malware by Dale Robson of CyberPoint. Industry standard cyber security products do a good job in blocking and defending against recognized or suspicious malware. Yet increasingly, advanced malware is customized to evade detection and remediation; and even those that are caught can have deeper and more dangerous capabilities. In order to truly understand the malware's capabilities and to assess its success in gaining access to an enterprise, cyber security professionals should reverse engineer the binary to expose its secrets. But organizations may forgo reverse engineering and rely on industry solutions to characterize and defend against the threat. Reverse engineering is done by exception and within the constraints of budget, time, and available professional talent, if it is done at all. However, reverse engineering malware can be an integral part of every security team's calculus. This session provides a technical review of the tools, workflows, and advanced analytic insight a senior reverse engineer brings to the fight.

Kirtland AFB — Cyber Security Seminar & Information Technology Expo (Albuquerque, New Mexico, USA, May 7, 2014) Join FBC and the Armed Forces Communications & Electronics Association (AFCEA)-Albuquerque Chapter for the Cyber Security Seminar & Information Technology Expo set to take place at Kirtland Air Force Base. This is the only yearly event officially sponsored by AFCEA at Kirtland AFB. The goal of this expo is to stimulate exchanges of information between industry partners and Kirtland AFB Information Management Officers', Information Technology personnel, Contracting Officers' as well as end-users, developers, scientists, researchers and project managers in the areas of cyber security and information technology.

US Secret Service Cybersecurity Awareness Day (Washington, DC, May 8, 2014) This Cybersecurity event will be the first of its kind at the USSS. There will be 2-3 opportunities for participating companies to present a 1/2 hour presentation on a Cybersecurity topic of concern to the agency. In addition, this event will be widely attended by the majority of personnel at the USSS HQ building. Attendance is expected to be over 300 for the event.

SANS Security West (, January 1, 1970) SANS Security West will arm information security professionals with the necessary insight to prepare their organization for today and the future. Attendees will have the opportunity to advance their information security skill set by learning innovative ideas and techniques to fend off today's most challenging cyber threats as well as emerging threats.

HackMiami 2014 (Miami Beach, Florida, USA, May 9 - 11, 2014) The HackMiami 2014 Hackers Conference seeks to bring together the brightest minds within the information security industry and the digital underground. This conference will showcase cutting edge tools, techniques, and methodologies that are at the forefront of the global threat landscape.

Eurocrypt 2014 (, January 1, 1970) Eurocrypt 2014 is the 33rd Annual International Conference on the Theory and Applications of Cryptographic Techniques. It is devoted to all aspects of cryptology.

ISPEC 2014 (Fujian, China, May 12 - 14, 2014) The ISPEC conference series is an established forum that brings together researchers and practitioners to provide a confluence of new information security technologies, including their applications and their integration with IT systems in various vertical sectors.

CyberWest (Phoenix, Arizona, USA, May 13 - 14, 2014) Cyber threats affect all industry sectors and impact individuals, businesses and governments. From hacktivists to advanced persistent threats, conducting business on-line exposes individuals, corporations and Governments to a complex threat environment including hacktivists to trans-national crime organizations and advanced persistent threats. Join experts from government, industry and academia in discussing how we are making our future more secure.

GovSec 2014 (Washington, DC, USA, May 13 - 14, 2014) GovSec is the nation's premier event for Government, Homeland Security, and Law Enforcement professionals looking for proven strategies and cost effective technology so they can achieve their mission of protecting our critical infrastructures, key assets, communities and the nation.

Cyber Security for National Defense Symposium (, January 1, 1970) DSI's Cyber Security for National Defense Symposium is designed as an educational and training "Town Hall" forum, where thought leaders and key policy-makers across military and civilian organizations can come together for actionable discussions and debate. The symposium will focus on increasing the security and resiliency of the Nation's critical networks, operating freely in the Cyber Domain, and the protection of infrastructure in support of national defense and homeland Security.

FOSE Conference (Washington, DC, USA, May 13 - 15, 2014) Spend 1 day or 3 days at the FOSE conference and leave with actionable information, covering a broad spectrum of trending topics including: Cybersecurity, Cloud and Virtualization, Mobile Government, Big Data and Business Intelligence, Project Management, Procurement and Acquisition and more. (free-of-charge for government personnel).

INFILTRATE (, January 1, 1970) INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Groundbreaking researchers focused on the latest technical issues will demonstrate techniques that you cannot find elsewhere. INFILTRATE is the single-most important event for those who are focused on the technical aspects of offensive security issues, for example, computer and network exploitation, vulnerability discovery, and rootkit and trojan covert protocols. INFILTRATE eschews policy and high-level presentations in favor of just hard-core thought-provoking technical meat.

Security BSides Denver 2014 (Denver, Colorado, USA, May 16, 2014) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening.

Security Start-up Speed Lunch NYC (New York, New York, USA, May 19, 2014) Our goal for this inaugural event is to connect the most promising security startups in the world with decision-makers at aerospace, asset-management, banking, communications, defense, energy, healthcare, government, technology and transportation sector companies in a novel way: the speed lunch.

CEIC 2014 (Las Vegas, Nevada, USA, May 19 - 22, 2014) It's no exaggeration to say that CEIC is the biggest digital-investigations conference of its kind and the only one to offer hands-on lab sessions and training for practical skills development. From sessions on acquiring evidence from mobile devices to international e-discovery to cyber security intelligence, there's simply no other training or seminar series available that packs so much relevant and practical information from so many expert speakers into a single four-day period.

The Device Developers' Conference: Bristol (Bristol, England, UK, May 20, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn about the latest tools, technologies and techniques for the successful development of leading edge electronic products and systems.

Positive Hack Days (, January 1, 1970) Positive Hack Days is the international venue for the unification of progressive forces of the IT industry. It is about innovators interested in information security problems; it is fresh blood and bright eyes, the atmosphere of a huge research ground, communication between people sharing the same views and their opponents, minimum formalities and maximum practice.

Georgetown Law: Cybersecurity Law Institute (, January 1, 1970) A day does not go by where cybersecurity is not in the news. In fact, according to a recent national survey conducted by FTI Consulting, cybersecurity is the number one issue on the minds of general counsels of American companies. Last year's inaugural Cybersecurity Law Institute received positive reviews for its unique simulation approach that prepared attendees on actions to take if their company faced a cyber-attack.

NSA Mobile Technology Forum (MTF) 2014 (, January 1, 1970) The Mobile Technologies Forum is an annual event that attracts SIGINT, Information Assurance, HUMINT, Federal Law Enforcement, Counterintelligence and Government personnel from the United States, Australia, Canada, New Zealand, and United Kingdom focused in mobile technologies. Those companies who specialize in both current and future mobile features and equipment or have efforts that benefit NSA's efforts should participate as a commercial vendor; conference attendance is limited to government employees.

CyberMontgomery Forum: Center of Gravity (Rockville, Maryland, USA, May 22, 2014) Cybersecurity will be a major growth engine in the region for many years to come. With solid federal government, industry and academic assets already in place in the region, there is still a need to bring them together so that they can coalesce and elevate the cyber ecosystem to a level of national prominence. CyberMontgomery Forum events will provide clear direction on finding business opportunities, contracting, forecasted demand areas, workforce development, recruiting & staffing, legal responsibilities for businesses, updates on technologies being developed in MoCo and summary updates regarding our NCCoE neighbors, federal civilian agencies and commercial sector leaders.

Cyber Risk Summit (Washington, DC, USA, May 22, 2014) This one-day leadership conference will provide a discussion forum for business executives, insurance companies and policymakers on more effective private and public responses to cyber risk management. Topics to be discussed by expert speakers will include state and federal regulatory and legislative initiatives, efforts to develop a common cyber security framework, the threats from cyber espionage and terrorism, and the development of public and private mechanisms to finance and transfer losses from cyber events.

The Device Developers' Conference: Cambridge (Cambridge, England, UK, May 22, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn about the latest tools, technologies and techniques for the successful development of leading edge electronic products and systems.

Fort Meade Technology Expo (, January 1, 1970) The Ft. Meade Technology Expo is a one-day event held at the Officers' Club (Club Meade) on base. Industry vendors will have the unique opportunity to showcase their products and services to personnel that may otherwise be unattainable.

CANSEC (, January 1, 1970) CANSEC is Canada's foremost defence tradeshow. A two-day event, CANSEC will feature 120,000 square feet of indoor exhibits by Canada's leading edge defence companies, as well as an outdoor static display. This tradeshow targets a wide audience of customers that includes Government agencies and departments with an interest in the defence sector.

Hack in The Box Security Conference (HITBSecConf) Amsterdam (, January 1, 1970) HITBSecConf Amsterdam is a gathering of network security professionals and enthusiasts who come from all corners of the globe to discuss the next generation of attacks and defense techniques. This is not an event you come to for 'security 101' talks or marketing hype. We cover stuff that hasn't made it into the news — yet. Potential security issues coming our way in the next 12 months.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.