The CyberWire Daily Briefing 04.29.14

Summary

By The CyberWire Staff

Defense One thinks Ukraine has already lost its cyber war with Russia. (But don't expect a cyber ceasefire short of peace breaking out.) Libyan hackers cyber-riot across the Egyptian border.

Beyond these ongoing conflicts in cyberspace, three major vulnerabilities are being exploited in the wild. The first, an Adobe Flash zero day, has a political dimension to it: the bug is being used to distribute malware through a watering hole established at a Syrian government site whose nominal purpose is to provide a vehicle for citizens to "complain about law and order issues." Windows users among Syrian dissidents are the first victims, but the effects aren't confined by citizenship or OS: anyone hitting infected sites is vulnerable, and OS X and Linux systems could also be compromised. Adobe has been quick to patch Flash.

The second zero day affects all current versions of Microsoft's Internet Explorer. The active campaign, "Clandestine Fox," is worrisome, and US-CERT advises all users to avoid Internet Explorer until it's patched. Microsoft has published mitigations and is working on a fix.

The third vulnerability, with its origin in an AOL data breach, has been exploited in very large spam campaigns (including "zombie spam" spoofing large numbers of discarded AOL addresses). AOL advises changing passwords.

ZDNet consults RAND's recent study and concludes that hackers often face little risk of prosecution. Gray- or black-market vulnerability sellers notably seem to go unprosecuted.

Insurers continue to see most cyber risk in the energy sector.

The White House talks vulnerability disclosure.

Notes.

Today's issue includes events affecting Brazil, China, Egypt, European Union, Ireland, Libya, Philippines, Russia, Ukraine, United Kingdom, United States.

Selected Reading

Cyber Trends

Hackonomics: The cost of getting caught (ZDNet) A recent RAND Corporation report on the cyber black market for exploits and zero days detailed a market where the fear of getting caught dictates economics. It left us wondering: What's the cost of getting caught?

How computer attackers have changed (Vasco Blog) In the mid-1980s, when computer malware first emerged, it was very different from how things are today

Business understanding is key to security, says Elsevier CISO (ComputerWeekly) Information security professionals must have a good understanding of the business they support, says David Cass, chief information security officer (CISO) for publishing firm Elsevier

Cyveillance Research Finds Rampant Instances of Rogue Mobile Apps and Malvertising on Third-Party Storefronts (Cyveillance) Although most businesses only authorize their mobile applications to be distributed on legitimate stores such as iTunes and GooglePlay, you can find thousands of rogue and unauthorized versions on third-party storefronts. But just how pervasive is this problem?

Cyber attacks in PH up in 2013, hackers more sophisticated (Interaksyon InfoTech) More online attacks were experienced last year in the Philippines compared to 2012 according to security software vendor Symantec

Security Breaches Costing UK Businesses 'Twice as Much' as Last Year (CBR) However, the number of reported attacks over the past year has actually fallen. UK businesses hit by a cyber-attack are being hit with double the financial pain compared to a year ago, a new survey has found

Legislation, Policy and Regulation

The Failures of Internet Governance (Dark Reading) Government snooping and cyber crime exacerbate the basic problem of having a world without borders living inside a world with many borders

Heartbleed: Understanding When We Disclose Cyber Vulnerabilities (Yuma News Now) When President Truman created the National Security Agency in 1952, its very existence was not publicly disclosed. Earlier this month, the NSA sent out a Tweet making clear that it did not know about the recently discovered vulnerability in OpenSSL known as Heartbleed

Fmr 'Perfect Partner' NSA Head: We're the 'only agency in Government that really listens' (Breitbart) On the Sunday debut of the HBO show "Last Week Tonight," Ret. Gen. Keith Alexander, the former director of the National Security Agency and head of U.S. Cyber Command made an appearance to discuss potential rebranding efforts for the National Security Agency with host John Oliver

Senate intelligence panel leaders draft cyber legislation (Washington Post) Members of the Senate Intelligence Committee are drafting cyber legislation that would enable companies to share threat data with federal agencies without fear of getting sued, officials said Monday

Privacy, National Security, and Mass Surveillance (Tripwire: the State of Security) National Security and Privacy in cyberspace can be perceived as opposites depending on the audience and perceptions. Understanding the foundational structure of each principle objectively can bring significant comprehension to opposite parties

Takai to leave Pentagon CIO post (C4ISR & Networks) Defense Department CIO Teri Takai is set to step down in the coming days, according to Pentagon officials

Intelligence Agencies Granting Fewer Security Clearances (Defense One) The number of new security clearances provided by the federal government — both initial clearances and renewals — has decreased by 9 percent since 2011, according to a new report

Government is now releasing your childrens' personal data to companies (CSO) Data on every school child in England is being made available to private companies by the government

Products, Services, and Solutions

UXC targets government and defence with new security tool (CRN) UXC has partnered with Senetas in the development of a security solution to be available to Australian government, defence and business clients

Splunk Releases New Virtualization Monitoring Tool (Database Trends and Applications) Splunk Inc., provider of real-time operational intelligence solution, is shipping a new version of its virtual environment reporting app, providing more operational visibility into virtualized environments. Version 3.1 of the Splunk App for VMware includes 200 out-of-the-box reports, the ability to identify outliers for real-time triage, and built-in correlation into storage systems including a direct drill-down into data from NetApp Data ONTAP

Cyber intelligence services reveal sensitive data firms are leaking online (Help Net Security) Cyber intelligence company Digital Shadows has launched SearchLight — a suite of managed cyber intelligence services designed to reveal sensitive data companies are leaking online and which hostile groups are targeting them

Know Your Suspect — Uncovering Hidden Evidence from Mobile Devices with Oxygen Forensics (Forensic Focus) Tatiana Pankova: Hello, everyone. Welcome to Forensic Focus webinar Analytics with Oxygen Forensic Suite. My name is Tatiana, and I'm Marketing Manager at Oxygen Forensics, and today I will tell you how to perform various forensic analytics tasks with our software, Oxygen Forensic Suite

Corero Network Security Calls on Internet Service Providers to Share the Responsibility in Stopping Known Malicious Traffic from Reaching Customers (MarketWatch) Company warns customers against connecting critical business infrastructures and applications to Internet feeds without DDoS and cyber threat protection

Verdasys to Showcase Advanced Data Protection for Endpoints at The U.S. Cyber Crime Conference 2014 in Leesburg, VA (Digital Journal) Verdasys, the leading provider of advanced data protection for endpoints for Global 2000 and mid-sized companies, will showcase its Digital Guardian solution at The U.S. Cyber Crime Conference April 28-May 2 at the National Conference Center, DC Metro Area

ISACA launches cybersecurity skills and certification program (Help Net Security) One in five IT security professionals say their enterprises have been the target of an advanced persistent threat (APT) yet 62 percent of organizations have not increased security training in 2014, according to the ISACA 2014 APT Survey. A separate study by Cisco estimates that close to 1,000,000 positions for security professionals remain unfilled

Microworld eScan Total Security Suite 14 review (IT Pro Portal) We were browsing the results of AV-Test's latest IS software evaluation — as you do — and noticed a name we hadn't seen before. eScan is an IS suite from Microworld, a company based in New Jersey, which has done very well over the last year or so in comparative tests

LockPath and iSIGHT Partners Announce Integration Partnership (Broadway World) LockPath, a leader of innovative governance, risk management and compliance (GRC) solutions today announce their integration with iSIGHT Partners, the leader in cyber threat intelligence. Through this partnership, joint customers will benefit from the integration of iSIGHT Partners' high fidelity cyber threat intelligence with LockPath's end-to-end information security data management capabilities

Exclusive Networks signs up Darktrace (Channel Pro) Exclusive Networks has signed a pan-EMEA distribution agreement with Darktrace to take the vendor's Behavioural Cyber Defence platform to market through a number of security integrators

Code analysis and app security testing simplified (Help Net Security) Quotium announced the release of Seeker Enterprise 3.0, whose innovative technology correlates application behavior with simulated hacker's attacks to pinpoint vulnerable code

AT&T Plans To Expand Its 4G LTE Network To The Wild Blue Yonder With Inflight Connectivity (TechCrunch) When I fly, I am afforded a few brief hours of sublime luxury when I'm not connected to the Internet — I live in Canada, you see, where in-flight Wi-Fi between our country and the U.S. still isn't all that normal. But one day soon, you won't be able to escape the web, even at 30,000 feet, no matter where you're flying from or to, and AT&T's newly announced

Technologies, Techniques, and Standards

SEC Requests Financial Firms' Security Details (Dark Reading) SEC asks 50 businesses for copies of their security policies, procedures, and controls in an effort to help the industry bolster cybersecurity protection

What Can Go Wrong When Firms Use Your IP Address Against Fraud (Forbes) All the worries stirred up by the Heartbleed security flaw highlight why it makes good sense to take precautions with personal data. But sometimes companies erect security barriers so high that they shut out even their own clients

Irony alert: When Facebook blocks a warning about a scam (Graham Cluley) For many years I have shared advice with other computer users about the threats which can spread across the internet

Decrypting IIS Passwords to Break Out of the DMZ: Part 2 (NetSPI) In my last blog I showed how to use native Windows tools to break out of DMZ networks by decrypting database connection strings in IIS web.config files, and using them to pivote through SQL Servers. If you're interested it can be found at Decrypting IIS Passwords to Break Out of the DMZ: Part 1. In this blog I'll cover how to decrypt application pool and virtual directory credentials stored in the IIS applicationHost.config file, and use them to pivot through services commonly available through the DMZ firewall. This should be interesting to administrators and penetration testers trying to gain a better understanding what the applicationHost.config does and its value to attackers

Biggest EU cyber security exercise taking place today (Help Net Security) Today European countries kick off the Cyber Europe 2014 (CE2014), a sophisticated cyber exercise, involving more than 600 security actors across Europe

Building a smarter defense with situational intelligence tools (TechTarget) In a digital economy that runs on speed, the difference between a thriving business and one that is just treading water comes down to how well — and how quickly — the organization adapts to change. The most successful companies turn to technology to drive innovation and to accelerate progress. Mobility, cloud computing and social media top the list of tools companies tap to create more accessible, engaging and responsive businesses

Using dynamic ARP inspection to stop sniffing attacks (TechTarget) Securing the network infrastructure has never been more important. Today, employees and co-workers access resources from many different locations ranging from the workplace and mobile networks to free Wi-Fi found at restaurants and other public locations. What's the one thing in common that all these technologies share? All make use of switches. Attackers can exploit switches if they're not properly secured with dynamic ARP inspection (DAI). One common exploit is sniffing. Sniffers can potentially allow an attacker to capture passwords, usernames or other types of sensitive information

Dealing with the Many Stages of Pen Test Result Grief Part 1 (SANS Blog: Penetration Testing) If you've done penetration testing for any length of time, I'm sure you've encountered it. You perform a beautiful penetration test — technically rigorous, focused on real business risk, all wrapped up with a solid report. You don't wanna brag, but you feel pretty darned proud of completing a job well done

Six infosec tips I learned from Game of Thrones (Help Net Security) In Westeros—the land of dark knights, backstabbing royals, dragons, wildings, wargs, red witches, and White Walkers—even the youngest ones have to learn basic self-defense if they're to have any hope of surviving the cruel fictional world imagined by A Game of Thrones (GOT) author, George R. R. Martin. And so too, must every CISO and security pro learn the latest information security best practices if they're to survive today's Internet threat landscape

Marketplace

One sector especially at risk for cyber attacks, new report says (Insurance Business America) The increasing importance of cyber risk insurance has been well-documented, but new information suggests one industry is more at risk of cyber attacks than any other. According to data from the Department of Homeland Security (DHS), more than 50% of investigated cyber incidents from October 2012 to May 2013 occurred within the energy sector

5 things you need to know about cybersecurity insurance (ComputerWorld) Cybersecurity insurance does mitigate some financial damage should you suffer an attack, but it's not a complete solution. Here are five things CIOs need to know

Meet Your Innovator: Randy Caldejon, nPulse Technologies (Charlottesville Tomorrow) What are you innovating on right now? We're developing network forensics technology to help solve a big data problem within the ﬁeld of cyber security; more speciﬁcally, incident response

Robert Carey Joins CSC to Lead Public Sector Cyber Business (GovConWire) Robert Carey, former principal deputy chief information officer at the Defense Department, has joined Computer Sciences Corp. (NYSE: CSC) as a vice president and general manager in the company's cybersecurity business line

Henrik Dam Joins Procera Networks; Advances Mobile Solutions (MarketWatch) Former Ericsson executive brings years of mobile expertise to Procera's mobile strategy

SE Solutions Continues to Invest with New Vice President, Cybersecurity (Fort Mill Times) Strategic Enterprise Solutions, Inc. (SE Solutions) continues to invest in business development in a difficult market with the addition of Daniel Barber as its Vice President of Cybersecurity. Mr. Barber will be spearheading the company's cybersecurity practice, which focuses on information assurance, risk management, continuous monitoring & ongoing authorization requirements, cyber defense and intelligence integration, program support services for cyber missions

Target names new CIO to oversee technology, security (Reuters) Target Corp (TGT.N) on Tuesday said it has appointed a new Chief Information Officer, Bob DeRodes, to oversee the discount retailer's technology team, operations and data security enhancements

Mozilla offers $10,000 for bugs in its new cert verification library (Help Net Security) In the wake of the recent discoveries of the Heartbleed OpenSSL bug and the SSL "gotofail" bug, Mozilla has announced a new and topical bug bounty program: it offers $10,000 to any researcher that discovers and responsibly reports critical security flaws in a new certificate verification library that will soon be implemented in the company's products

US cloud security firm builds datacentre in Cardiff for EMEA expansion (ComputerWeekly) US cloud security company Alert Logic — whose cloud clients include AWS, Azure, Rackspace, Google and SunGard — is building a datacentre and security operations centre in Cardiff as part of its Europe, Middle East and Africa (EMEA) expansion strategy

Ukraine Tech Firms Seek Work Amid Turmoil (InformationWeek) Lezgro, a 50-person IT outsourcing firm, urges Western companies to move IT work from Russia to Ukraine to take advantage of country's tech talent

The internet's biggest companies are breaking themselves into small pieces (Quartz) Facebook is falling apart. On purpose

Security Patches, Mitigations, and Software Updates

Not to be outdone by Microsoft, Adobe announces zero-day exploit patch for Flash (Naked Security) Hot on the heels of Microsoft's Internet Explorer (IE) zero-day announcement comes an Adobe bulletin about a zero-day in Flash

Google Boosts Encryption In Chrome For Android (InformationWeek) Users of Chrome on Android devices should see improved speed and security

Cyber Attacks, Threats, and Vulnerabilities

Why Ukraine Has Already Lost The Cyberwar, Too (Defense One) Don't wait for cyberwar between Ukraine and Russia to break out ahead of the actual shooting. Ukraine already lost that, too. Russia may have unfettered access into the Ukrainian telecommunication systems according to several experts. It's access that Russia can use to watch Ukrainian opposition leadership, or, in the event of an escalation in the conflict, possibly cut off telecommunications within Ukraine

Egyptian Ministry of Information Website Hacked by Libyan Hackers (HackRead) The official website of Egyptian Ministry of Information has been hacked and defaced by hackers from a group going with the handle of Libyan Cyber Army

Kaspersky Lab discovered and blocked zero-day vulnerability in Adobe Flash Player (Kaspersky Lab) Kaspersky Lab's heuristic detection protection subsystem has successfully blocked attacks via a zero-day vulnerability in Adobe Flash software. Kaspersky Lab researchers discovered this loophole, which was targeted by exploits distributed via a legitimate government website created to collect public complaints about breaches of the law in the Middle Eastern country

Flash Zero Day Used to Target Victims in Syria (Threatpost) A couple days after Microsoft warned users about a new vulnerability in Internet Explorer that's being used in targeted attacks, Adobe on Monday said that researchers have discovered a zero day in Flash, as well, which attackers are using to target victims in Syria through a watering hole attack on a compromised Syrian government site

Zero-day Flash bug under active attack in Windows threatens OS X, Linux too (Ars Technica) Adobe issues emergency update for exploits targeting Syrian dissidents

Adobe Update Nixes Flash Player Zero Day (Krebs on Security) Adobe Systems Inc. has shipped an emergency security update to fix a critical flaw in its Flash Player software that is currently being exploited in active attacks. The exploits so far appears to target Microsoft Windows users, but updates also are available for Mac and Linux versions of Flash

U.S.: Stop using Internet Explorer until security holes are fixed (Reuters via the Chicago Tribune) The U.S. Department of Homeland Security advised computer users to consider using alternatives to Microsoft Corp's Internet Explorer browser until the company fixes a security flaw that hackers have used to launch attacks

Microsoft Internet Explorer Zero Day Exploit Threatens 26% of Web Users (The Mac Observer) A new zero day exploit targeting Microsoft's Internet Explorer Web browser has been discovered that has the potential to be particularly nasty because it affects every IE user. The security flaw impacts IE 6 and newer — which accounts for about 26 percent of all Web browser use — and can let hackers run arbitrary code on victim's computers

How to beat hackers exploiting the latest IE zero-day bug (CSO) Until a Microsoft patch is released, companies' options range from disabling Adobe Flash Player and downloading a Microsoft toolkit to segmenting the corporate network, experts say

AOL breach confirmed, bigger than initially thought (Help Net Security) Recent spam emails apparently sent from AOL email addresses and hawking diet products are a direct consequence of a breach of the company's networks and systems, AOL has confirmed on Monday

AOL investigates cyber attack, says user data compromised (Reuters) AOL Inc on Monday urged its tens of millions of email account holders to change their passwords and security questions after a cyber attack compromised about 2 percent of its accounts

AOL hack causes zombie spam (CNNMoney) Whether or not you use AOL, a recently exposed mass hack of the company's network promises trouble for everybody

XSS bug in popular Chinese site exploited to launch DDoS attack (Help Net Security) DDoS mitigation firm Incapsula has put a stop to the speculations that the video content provider whose vulnerable website was misused to launch a DDoS attack was YouTube, and has revealed that it was actually Sohu.com, currently the 27th most visited website in the world

Click-Fraud Sefnit Variant Shuns Tor for SSH (Threatpost) Facebook security researchers discovered a new variant of the Sefnit click-fraud malware. Unlike previous versions that used Tor for communication, this one uses SSH over port 443

Hacker claim about bug in post-Heartbleed OpenSSL encryption likely a scam (PCWorld) Security experts have expressed doubts about a hacker claim that there's a new vulnerability in the patched version of OpenSSL, the widely used cryptographic library repaired in early April

Phones are giving away your location, regardless of your privacy settings (Quartz) Sensors in your phone that collect seemingly harmless data could leave you vulnerable to cyber attack, according to new research. And saying no to apps that ask for your location is not enough to prevent the tracking of your device

Cyber criminals continue to target Android smartphones (ComputerWeekly) Nearly all new mobile threats in the first quarter of this year targeted Android users, latest research shows

Hacked Baby Monitor: Security Experts Warn 'Change Your Password' After Cameras Compromised (Huffington Post) Security experts have warned parents to change the default password on their baby monitor cameras after new reports of hackers accessing the cameras

Johns Hopkins University confirms Social Security numbers were exposed (WBAL) Numbers accidentally left on server. Johns Hopkins University is offering thousands of its graduate students credit monitoring and identity protection services as the school confirms the students' Social Security numbers were exposed

Where Are Database Threats Today? (eSecurity Planet) Amichai Shulman, CTO of Imperva, explains why SQL injection is not a database threat and discusses the current state of Oracle database patching

Academia

More help needed to expand tech education (Boston Globe) Ariela Schear is a high school student who loves math and is as tech savvy as they come, texting and e-mailing all the time

Litigation, Investigation, and Enforcement

Brazil's coppers don't know what internet freedom means: New law already in trouble (TechEye) It seems that Brazil's coppers have not received the memo about the country's much trumpeted internet privacy law

US judge: our digital search warrants apply ANYWHERE (The Register) Azure looking less lovely as Microsoft ordered to hand over e-mails held in Dublin

Infosec 2014: Cyber safety will take joint effort, says top EU cyber cop (ComputerWeekly) Cyber safety can be achieved only through the joint efforts of all stakeholders, not just law enforcement, says Troels Oerting, head of Europol's European Cybercrime Centre (EC3)

Report: Snowden hired Espionage Act expert (The Hill) Edward Snowden retained a well-known lawyer last summer who has previously defended people charged under the Espionage Act, The New York Times reported Tuesday. The former National Security Agency contractor hired Plato Cacheris, based in Washington, sources told the Times. He was brought on try to work on a plea deal for Snowden with federal U.S. prosecutors

Hillary Clinton's Unreliable Statements on Whistleblowing (The Atlantic) Her remarks on Edward Snowden give Democrats a preview of the misinformation they can expect if they make her their standard-bearer

Design and Innovation

The Branding of a Bug: How Heartbleed Became a Household Name (Bloomberg) In the world of marketing, Heartbleed was a bloody masterpiece

Wearable technology privacy and security issues (Help Net Security) In this interview, Dominic Storey, EMEA Technical Director at Cisco, talks about the security attacks wearable devices are susceptible to at the moment, how security should be implemented for such devices, and much more

The Next Big Thing You Missed: Why eBay, Not Google, Could Save Automated Translation (Wired) The problem with the world wide web is that it isn't exactly worldwide. For many users, their internet doesn't really extend beyond the borders of their particular country, and in most cases, this is simply a problem of language

Q&A: Security Through Storytelling (InfoSecurity Magazine) The Analogies Project is a not-for-profit created to improve communications in information security. Founder, Bruce Hallas, tells Eleanor Dallaway why storytelling is key to Board buy-in

60 Minutes shocked to find 8-inch floppies drive nuclear deterrent (Ars Technica) Air Force says archaic systems aid cyber security of Minuteman missiles

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

United Nations Interregional Crime and Justice Research Institute Cyber Threats Workshop (Turin, Italy, June 27 - 29, 2014) The United Nations Interregional Crime and Justice Research Institute (UNICRI) is organizing a series of workshops and short courses within the framework of the UNICRI Journalism and Public Information Programme, a unique international programme tailored for journalists, chief information officers and students who want to specialize in public information and journalism. The programme aims at deepening knowledge of emerging security threats.

United States Cyber Crime Conference 2014 (, January 1, 1970) This is the only event of its kind that provides both hands-on digital forensics training and an interactive forum for cyber professionals to network. The conference covers the full spectrum of topics facing defenders as well as law enforcement responders. All aspects of computer crime will be covered, including intrusion investigations, cyber crime law, digital forensics, information assurance, along with research and development, and testing of digital forensic tools.

Infosecurity Europe 2014 (, January 1, 1970) Infosecurity Europe is Europe's number one Information Security event. Featuring over 350 exhibitors, the most diverse range of new products and services, an unrivalled education programme and over 12,000 visitors from every segment of the industry, it's the most important date in the calendar for Information Security professionals across Europe.

Cyber COMSEC and IT Day at Fort Huachuca (, January 1, 1970) This one-day vendor expo is a unique opportunity to demonstrate your products and services to military and civilian personnel at Fort Huachuca. Exhibitors will have a casual atmosphere to share ideas, concerns and build relationships with the men and women of Fort Huachuca.

STEM Café (Geneva, Illinois, USA, May 6, 2014) At the next STEM Café, Raimund Ege, associate professor in NIU's Department of Computer Science, will lead a lively discussion on how computer crime affects our everyday lives and what we can do to protect ourselves and our data. The event will take place from 6:30 to 8:30 p.m. Tuesday, May 6, at Claddagh Irish Pub, 1702 Commons Drive in Geneva.

cybergamut Technical Tuesday: Malware Reverse Engineering (Columbia, Maryland, USA, May 6, 2014) An introduction to the tools, workflows, and tricks of the trade to attack sophisticated malware by Dale Robson of CyberPoint. Industry standard cyber security products do a good job in blocking and defending against recognized or suspicious malware. Yet increasingly, advanced malware is customized to evade detection and remediation; and even those that are caught can have deeper and more dangerous capabilities. In order to truly understand the malware's capabilities and to assess its success in gaining access to an enterprise, cyber security professionals should reverse engineer the binary to expose its secrets. But organizations may forgo reverse engineering and rely on industry solutions to characterize and defend against the threat. Reverse engineering is done by exception and within the constraints of budget, time, and available professional talent, if it is done at all. However, reverse engineering malware can be an integral part of every security team's calculus. This session provides a technical review of the tools, workflows, and advanced analytic insight a senior reverse engineer brings to the fight.

Kirtland AFB — Cyber Security Seminar & Information Technology Expo (Albuquerque, New Mexico, USA, May 7, 2014) Join FBC and the Armed Forces Communications & Electronics Association (AFCEA)-Albuquerque Chapter for the Cyber Security Seminar & Information Technology Expo set to take place at Kirtland Air Force Base. This is the only yearly event officially sponsored by AFCEA at Kirtland AFB. The goal of this expo is to stimulate exchanges of information between industry partners and Kirtland AFB Information Management Officers', Information Technology personnel, Contracting Officers' as well as end-users, developers, scientists, researchers and project managers in the areas of cyber security and information technology.

US Secret Service Cybersecurity Awareness Day (Washington, DC, May 8, 2014) This Cybersecurity event will be the first of its kind at the USSS. There will be 2-3 opportunities for participating companies to present a 1/2 hour presentation on a Cybersecurity topic of concern to the agency. In addition, this event will be widely attended by the majority of personnel at the USSS HQ building. Attendance is expected to be over 300 for the event.

SANS Security West (, January 1, 1970) SANS Security West will arm information security professionals with the necessary insight to prepare their organization for today and the future. Attendees will have the opportunity to advance their information security skill set by learning innovative ideas and techniques to fend off today's most challenging cyber threats as well as emerging threats.

HackMiami 2014 (Miami Beach, Florida, USA, May 9 - 11, 2014) The HackMiami 2014 Hackers Conference seeks to bring together the brightest minds within the information security industry and the digital underground. This conference will showcase cutting edge tools, techniques, and methodologies that are at the forefront of the global threat landscape.

Eurocrypt 2014 (, January 1, 1970) Eurocrypt 2014 is the 33rd Annual International Conference on the Theory and Applications of Cryptographic Techniques. It is devoted to all aspects of cryptology.

ISPEC 2014 (Fujian, China, May 12 - 14, 2014) The ISPEC conference series is an established forum that brings together researchers and practitioners to provide a confluence of new information security technologies, including their applications and their integration with IT systems in various vertical sectors.

CyberWest (Phoenix, Arizona, USA, May 13 - 14, 2014) Cyber threats affect all industry sectors and impact individuals, businesses and governments. From hacktivists to advanced persistent threats, conducting business on-line exposes individuals, corporations and Governments to a complex threat environment including hacktivists to trans-national crime organizations and advanced persistent threats. Join experts from government, industry and academia in discussing how we are making our future more secure.

GovSec 2014 (Washington, DC, USA, May 13 - 14, 2014) GovSec is the nation's premier event for Government, Homeland Security, and Law Enforcement professionals looking for proven strategies and cost effective technology so they can achieve their mission of protecting our critical infrastructures, key assets, communities and the nation.

Cyber Security for National Defense Symposium (, January 1, 1970) DSI's Cyber Security for National Defense Symposium is designed as an educational and training "Town Hall" forum, where thought leaders and key policy-makers across military and civilian organizations can come together for actionable discussions and debate. The symposium will focus on increasing the security and resiliency of the Nation's critical networks, operating freely in the Cyber Domain, and the protection of infrastructure in support of national defense and homeland Security.

FOSE Conference (Washington, DC, USA, May 13 - 15, 2014) Spend 1 day or 3 days at the FOSE conference and leave with actionable information, covering a broad spectrum of trending topics including: Cybersecurity, Cloud and Virtualization, Mobile Government, Big Data and Business Intelligence, Project Management, Procurement and Acquisition and more. (free-of-charge for government personnel).

INFILTRATE (, January 1, 1970) INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Groundbreaking researchers focused on the latest technical issues will demonstrate techniques that you cannot find elsewhere. INFILTRATE is the single-most important event for those who are focused on the technical aspects of offensive security issues, for example, computer and network exploitation, vulnerability discovery, and rootkit and trojan covert protocols. INFILTRATE eschews policy and high-level presentations in favor of just hard-core thought-provoking technical meat.

Security BSides Denver 2014 (Denver, Colorado, USA, May 16, 2014) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening.

Security Start-up Speed Lunch NYC (New York, New York, USA, May 19, 2014) Our goal for this inaugural event is to connect the most promising security startups in the world with decision-makers at aerospace, asset-management, banking, communications, defense, energy, healthcare, government, technology and transportation sector companies in a novel way: the speed lunch.

CEIC 2014 (Las Vegas, Nevada, USA, May 19 - 22, 2014) It's no exaggeration to say that CEIC is the biggest digital-investigations conference of its kind and the only one to offer hands-on lab sessions and training for practical skills development. From sessions on acquiring evidence from mobile devices to international e-discovery to cyber security intelligence, there's simply no other training or seminar series available that packs so much relevant and practical information from so many expert speakers into a single four-day period.

The Device Developers' Conference: Bristol (Bristol, England, UK, May 20, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn about the latest tools, technologies and techniques for the successful development of leading edge electronic products and systems.

Positive Hack Days (, January 1, 1970) Positive Hack Days is the international venue for the unification of progressive forces of the IT industry. It is about innovators interested in information security problems; it is fresh blood and bright eyes, the atmosphere of a huge research ground, communication between people sharing the same views and their opponents, minimum formalities and maximum practice.

Georgetown Law: Cybersecurity Law Institute (, January 1, 1970) A day does not go by where cybersecurity is not in the news. In fact, according to a recent national survey conducted by FTI Consulting, cybersecurity is the number one issue on the minds of general counsels of American companies. Last year's inaugural Cybersecurity Law Institute received positive reviews for its unique simulation approach that prepared attendees on actions to take if their company faced a cyber-attack.

NSA Mobile Technology Forum (MTF) 2014 (, January 1, 1970) The Mobile Technologies Forum is an annual event that attracts SIGINT, Information Assurance, HUMINT, Federal Law Enforcement, Counterintelligence and Government personnel from the United States, Australia, Canada, New Zealand, and United Kingdom focused in mobile technologies. Those companies who specialize in both current and future mobile features and equipment or have efforts that benefit NSA's efforts should participate as a commercial vendor; conference attendance is limited to government employees.

CyberMontgomery Forum: Center of Gravity (Rockville, Maryland, USA, May 22, 2014) Cybersecurity will be a major growth engine in the region for many years to come. With solid federal government, industry and academic assets already in place in the region, there is still a need to bring them together so that they can coalesce and elevate the cyber ecosystem to a level of national prominence. CyberMontgomery Forum events will provide clear direction on finding business opportunities, contracting, forecasted demand areas, workforce development, recruiting & staffing, legal responsibilities for businesses, updates on technologies being developed in MoCo and summary updates regarding our NCCoE neighbors, federal civilian agencies and commercial sector leaders.

Cyber Risk Summit (Washington, DC, USA, May 22, 2014) This one-day leadership conference will provide a discussion forum for business executives, insurance companies and policymakers on more effective private and public responses to cyber risk management. Topics to be discussed by expert speakers will include state and federal regulatory and legislative initiatives, efforts to develop a common cyber security framework, the threats from cyber espionage and terrorism, and the development of public and private mechanisms to finance and transfer losses from cyber events.

The Device Developers' Conference: Cambridge (Cambridge, England, UK, May 22, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn about the latest tools, technologies and techniques for the successful development of leading edge electronic products and systems.

Fort Meade Technology Expo (, January 1, 1970) The Ft. Meade Technology Expo is a one-day event held at the Officers' Club (Club Meade) on base. Industry vendors will have the unique opportunity to showcase their products and services to personnel that may otherwise be unattainable.

CANSEC (, January 1, 1970) CANSEC is Canada's foremost defence tradeshow. A two-day event, CANSEC will feature 120,000 square feet of indoor exhibits by Canada's leading edge defence companies, as well as an outdoor static display. This tradeshow targets a wide audience of customers that includes Government agencies and departments with an interest in the defence sector.

Hack in The Box Security Conference (HITBSecConf) Amsterdam (, January 1, 1970) HITBSecConf Amsterdam is a gathering of network security professionals and enthusiasts who come from all corners of the globe to discuss the next generation of attacks and defense techniques. This is not an event you come to for 'security 101' talks or marketing hype. We cover stuff that hasn't made it into the news — yet. Potential security issues coming our way in the next 12 months.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.