
The CyberWire Daily Briefing for 4.30.2014
Secretary of State Kerry says the US intercepted Russian command-and-control calls to Russian agents in Ukraine.
Iran is again reported to be upgrading its cyber offensive capabilities, placing the US energy sector and (curiously) US state governments in its crosshairs.
The Internet Explorer zero day currently being exploited is widely viewed as auguring oblivion for Windows XP. It's also bad news for IE, at least until Microsoft comes up with a patch: the US and UK governments both advise users to stay away from IE. India's governmental and banking sectors are also worried.
The AOL breach means, analysts say, that you should treat all email from AOL accounts as guilty until proven innocent.
Google's Chrome is measured for its ability to detect Heartbleed holes and is found wanting: Chrome is "blind to 98% of potentially compromised certificates."
Several old pieces of malware are upgraded to more dangerous forms, illustrating again the relative efficiency of the black market and its criminal R&D community.
Siemens is patching Heartbleed in its ICS/SCADA products. Apple quietly fixes its leaky Developer Center. Mozilla updates Firefox, Thunderbird, and Seamonkey.
The Financial Times runs a series of thoughtful, disturbing articles on international cyber risks to critical infrastructure, with threats mounted by both state and non-state actors. One interesting conclusion: the need for businesses to undertake effective common defense apart from what protection governments give them, valuable as that may be. Energy sector cyber risk continues to draw attention from policy-makers (and industry worries about a regulatory monoculture).
Notes.
Today's issue includes events affecting Australia, France, India, Iran, Ireland, New Zealand, Russia, Ukraine, United Kingdom, and United States..
Cyber Attacks, Threats, and Vulnerabilities
Kerry: U.S. Taped Moscow's Calls to Its Ukraine Spies (Daily Beast) The secretary of state claimed in a private meeting that the U.S. intelligence community has recordings of pro-Russian forces being managed by government handlers in Moscow
Iran improves ability to pull off cyber-attacks on US, report finds (Christian Science Monitor) Hacking and cyber-spying on US energy firms over the past year point to Iran's growing capabilities, a cyber-security firm says. China and Russia are more serious threats, but Iran is closing the gap
Tracking the Clandestine Fox (Recorded Future) FireEye Research Labs reports targeted attacks using a new IE zero-day against defense and financial services. Early details on malware in the wild and threat actor behind it are slight. FireEye links to Pirpi provide an interesting clue, while Websense analysis of IE crashes points in a different direction
UK and US Governments urge users to give up on Internet Explorer (TechRadar) Microsoft has issued a warning about a newly discovered zero-day flaw in Internet Explorer, the first to be discovered after Windows XP reached end-of-life. The vulnerability is present in all versions of the software from Internet Explorer 6 (including 7, 8, 9, 10 and 11) and could allow for the remote execution of code if exploited
Indian government agencies and banking sector most vulnerable by IE flaw (tech2) A casual look at some of the most popular Indian government and banking websites will make it amply clear that Internet Explorer is their preferred web browser. This is thanks to the fact that IE is still one of the most used browsers despite stellar competition in the form of Firefox or Chrome
IE zero day is the first sign of the XPocalypse (PC World) Well, it took a bit longer than many security experts expected, but the first big security threat for Windows XP users has arrived. The zero day vulnerability will be quickly patched by Microsoft—for supported platforms at least. That means that this will be the first of many open wounds for Windows XP—known vulnerabilities left exposed because the OS is no longer supported by Microsoft
New IE Zero-Day Prompts More Calls to Ditch Windows XP (Dark Reading) Experts call for Windows XP users running IE to be mindful that they should upgrade to a new system supported by Microsoft
Nettement plus graves qu'Heartbleed… et pourtant tellement possibles : voilà à quoi pourraient ressembler les scénarios d'une webpocalypse (Atlantico) Le jour où une apocalypse du web se produira, les conséquences pourraient être sans appel: entre le cyber-terrorisme, régulièrement évoqué, et les patients hospitalisés coupés de tous leurs appareils, on compte également l'effondrement de marchés mondiaux. Des pans entiers de l'économie internationale ravagés, des morts, et potentiellement une guerre menée sur Internet. Car les causes d'une "fin du monde Internet" pourraient être multiples et les scénarios diversifiés
10 Ways to Protect Yourself From the Zero-Day IE Exploit (eWeek) It seems with each passing day, there's something else for Web users to worry about. Whether it's the prospect of government spying or plain old security issues, no one is safe from what's out there. That became abundantly clear recently when Microsoft revealed that a zero-day exploit is affecting Internet Explorer and wreaking havoc on some users' machines. What's worse, since the software giant is no longer patching Windows XP, finding a fix for that operating system is a pain. Still, there are ways for Windows users to safeguard themselves from the possible issues associated with the latest zero-day exploit
AOL Subscriber Data Stolen: You've Got Pwned (Dark Reading) Change passwords and security questions now, AOL warns subscribers. For everyone else, treat all emails from AOL addresses with suspicion
Google Chrome protection for Heartbleed-hacked sites called "completely broken" (Ars Technica) Report: Browser is "blind" to 98 percent of potentially compromised certificates
TDL4 rootkit can be modified to pwn any security product, Bromium researchers discover (TechWorld) Kernel mode menace not as unstable as assumed
Kuluoz malware spam (Pastebin) Kuluoz malware, fake USPS mail with link to download of ZIPfile, which includes an EXE with Word icon
Old Infostealer Resurfaces, Now Delivers Ransomware (Trend Micro Security Intelligence Blog) Sometime near the start of the year, we noticed that the old malware family TSPY_USTEAL resurfaced. This information stealing malware now includes new routines including malicious packers, obfuscation, and bundling ransomware
Vishing Attacks Targeting Dozens of Banks (Threatpost) A recent VoIP-based phishing campaign has been netting the payment card information of up to 250 Americans per day
Be on the Lookout: Odd DNS Traffic, Possible C&C Traffic (Internet Storm Center) We got an email from one of our readers, including an interesting port 53 packet. While Wireshark and TCPDump try to decode it as DNS, it is almost certainly not DNS
Hackers Can Mess With Traffic Lights to Jam Roads and Reroute Cars (Wired) The hacker in the Italian Job did it spectacularly. So did the fire sale team in Live Free or Die Hard. But can hackers really hijack traffic lights to cause gridlock and redirect cars? According to one researcher, parts of the vehicle traffic control system installed at major arteries in U.S. cities and the nation's capital are so poorly secured they can be manipulated to snarl traffic or force cars onto different streets
Volume of NTP Amplication Attacks Getting Louder (Threatpost) No security arena is better representative of the cat and mouse game between hackers and defenders than DDoS attacks and prevention/mitigation
DDoS trends: Attackers vary DDoS size to cloak other attacks (TechTarget) While huge distributed denial-of-service attacks driven by the NTP reflection technique have been behind a number of recent headline-grabbing incidents, a new report warns that midsize DDoS attacks are on the rise, and are being used to cloak more insidious enterprise attacks
'Dark Wallet' Is About to Make Bitcoin Money Laundering Easier Than Ever (Wired) Government regulators around the world have spent the last year scrambling to prevent bitcoin from becoming the currency of choice for money launderers and black marketeers. Now their worst fears may be about to materialize in a single piece of software
Employee Error Causes Data Breach at Insurance Broker (eSecurity Planet) Willis North America employees' names, e-mail addresses, birthdates and Social Security numbers were exposed
Security Patches, Mitigations, and Software Updates
Siemens Patches Heartbleed Bug in Industrial Products (Softpedia) The OpenSSL vulnerability known as the Heartbleed bug has impacted a large number of websites and services, including industrial products. Siemens, one of the affected organizations, has started rolling out updates to make sure its products are secure
Apple fixes hole that leaked employees' and developers' personal info (Naked Security) Apple quietly slipped its Developer Center offline on Sunday night for maintenance and, it turns out, to patch a serious security hole that let anybody access personal contact information for any registered Mac, iOS or Safari developer; every Apple Retail and corporate employee; and some key partners
Mozilla Releases Security Updates for Firefox, Thunderbird, and Seamonkey (US-CERT) The Mozilla Foundation has released security updates to address multiple vulnerabilities in Firefox, Thunderbird, and Seamonkey. Exploitation of these vulnerabilities may allow an attacker to obtain sensitive information, cause a denial-of-service condition, execute arbitrary code, conduct phishing attacks, conduct a man-in-the-middle attack, or operate with elevated privileges on an affected system
Firefox 29 is out — it's more secure, but does it *look* better, too? (Naked Security) Firefox 29 is out, in accordance with Mozilla's regular Tuesday-based 42 day update cycle
Cyber Trends
Cyber attacks on national targets grow (Financial Times) Experts worry that critical national infrastructure is insufficiently defended. Napoleon may have said that an army marches on its stomach. Today's fighting forces, though, depend just as much on electricity and telecommunications
Luck not enough to avoid cyber security catastrophe (Financial Times) It is March 2014 and London is under attack. The financial sector is suffering catastrophic computer failures. ATMs have stopped working. The stock exchange has put initial public offerings on hold because its computer systems are malfunctioning
Cyber security: business is in the front line (Financial Times) As many of the world's largest companies are beginning to realise, the threat to their margins, their brands and even their continued existence from cyber attacks is no longer an abstract risk they can ignore. Indeed, safeguarding the interests of the business community has become a critical national security issue for some of the west's biggest powers
Allied Cyber Forces? Yes Please. (Huffington Post) Often lost in the debate over surveillance and the actions of the National Security Agency is that cyber space is a potential battlefield where countries will vie for superiority just as they do with air, sea, and land. So it should be no shock to anyone that Defense Secretary Chuck Hagel recently announced that he was looking to expand cybersecurity cooperation with our Canadian and Mexican neighbors
Most IT pros lack confidence in their ability to manage security breaches (FierceITSecurity ) A disturbing 71 percent of IT professionals surveyed by EiQ Networks say they are either "not confident" in their security or "not at all prepared" to manage a potential security breach
Target breach, Heartbleed bug cause high anxiety among IT security pros (FierceITSecurity ) The massive data breach at Target, which exposed the payment account numbers of 40 million customers, and the Heartbleed bug, which makes two-thirds of websites vulnerable, have deprived IT pros of much needed sleep
Survey says most cyber attacks start from within (ABA Banking Journal) Financial information security a concern beyond banks
Only 1% of Q1 data breaches were "secure breaches" (Help Net Security) Of the 254 data breaches that occurred during the first quarter of 2014, only 1 percent were "secure breaches," i.e. breaches where strong encryption, key management, or authentication solutions protected the data from being used, SafeNet revealed at Infosecurity Europe 2014. Also, in Q1 we witnessed the theft of nearly 200 million records, which was an increase of 233 percent over the same time last year
Study: Cloud use growing among organizations, but security lags behind (SecurityInfoWatch) IT security expert says many organizations still reluctant to use encryption technology
Key security technologies can help cloud adoption (Help Net Security) The majority of companies are delaying deployment of cloud applications due to security and compliance concerns. Among the companies that have started to adopt cloud apps strategically, Bitglass found that Google is outpacing Microsoft in cloud-based email adoption
What The NSA PRISM Scandal Really Means for Cloud's Future (MSPmentor) Most businesses understand that boycotting the cloud in hopes of teaching the NSA a lesson and/or to better secure their data creates more problems (and expenses) than it solves. If you're a VAR or MSP that's either second guessing your decision to start selling cloud services or hesitant about getting started selling cloud services, here are a few thoughts to help put your mind at ease
UK and Ireland cyber attacks up 300% in 2013, says FireEye (ComputerWeekly) UK and Ireland (UKI) enterprises were hit by an average of more than 70 new infections a day in 2013, according to the latest regional threat report by security firm FireEye
How Target's Huge Hacking Could Finally Make Credit Cards Secure (Wired) Checkout counters in the U.S. are an embarrassing technological backwater compared to those in most other developed countries, but this may finally be coming to an end. All it took was somebody hacking 40 million credit and debit cards
Corporate Surveillance Really Is Out of Control (The Street) Corporations are invading your privacy in more invasive ways than either the National Security Agency or the U.S. government in general. Here's a bit of history to put it context
Marketplace
Consumers Ditch Their Breached Retailers, Banks and Doctors (Dark Reading) New survey shows how data breaches do affect some consumers' buying decisions
Splunk, Inc. (NASDAQ:SPLK): Expanding And Advancing To New Domains (US Trade Voice) Splunk, Inc. (NASDAQ:SPLK) is one of the leading provider of software platform, cloud services that help in enabling the organization to have operational intelligence and better capabilities
Wired Business Media Acquires Suits and Spooks Security Events (Broadway World) Wired Business Media, a leading provider of business-to-business (B2B) information to technology professionals around the world, announced that it has acquired the Suits and Spooks event series from Taia Global, Inc
ThreatTrack Security Appoints Gary Benedetti Vice President of Worldwide Sales (Providence Journal) ThreatTrack Security today announced the appointment of Gary Benedetti as vice president of worldwide sales. Benedetti has more than a decade of experience leading global sales operations for security vendors trying to stem the data breach epidemic, including his last three positions at Fidelis, Epok and e-Security
Mahaffee keeping a watch on cyberworld for Booz Allen Hamilton (Colorado Springs Gazette) Joseph Mahaffee wants to stay a step ahead of the world's cybercriminals — because that's his job
Gartner Names Sqrrl in 2014 "Cool Vendors" Report (Digital Journal) Sqrrl, the company that develops the most secure, scalable, and flexible NoSQL database software for powering real-time big data applications, today announced it has been named as one of four "Cool Vendors" in Database Management Systems (DBMS) 2014ⁱ report by Gartner, Inc., the world's leading information technology research and advisory company
Products, Services, and Solutions
Pwnie Express Partners with South Korean INSEC Security, Extends Reach in Asia Pacific (Digital Journal) Pwnie Express, the only company to assess wired and wireless network security in remote locations on demand, today announced its partnership with INSEC Security, a leading South Korean cyber security solutions provider specializing in vulnerability assessments, ethical hacking, penetration testing, and forensics
Security-oriented Blackphone specifications published (Help Net Security) SGP Technologies SA, the Switzerland-based joint venture of Silent Circle and Geeksphone behind Blackphone, announced the specifications of its eagerly awaited privacy-minded handset
Hashcat-Utils v1.0 Released (ToolsWatch) Hashcat-utils are a set of small utilities that are useful in advanced password cracking. They all are packed into multiple stand-alone binaries
Cyveillance Launches New Service To Help Organizations Beyond Fortune 500 To Monitor Social Media And Other Online Sources For Security And Compliance Risks (Broadway World) Cyveillance, the leading provider of cyber intelligence solutions, today announced the launch of its Social Media Watch service
A hybrid approach to web app security assessment (Help Net Security) High-Tech Bridge is introducing its hybrid web application security assessment SaaS, ImmuniWeb for the first time ever to visitors at Infosecurity Europe 2014
Defacement mitigator for cybersecurity protection (Help Net Security) At Infosecurity Europe 2014, Foresight released Defacement Mitigator, the first cloud-based web security solution that provides full defacement mitigation and protection to government, academic, religious, financial services, and other organizations targeted by cyber hacktivists
Radware Delivers Its Strongest DDoS Mitigation Capabilities for Network Attacks (Wall Street Journal) Radware® (Nasdaq:RDWR), a leading provider of application delivery and application security solutions for virtual and cloud data centers, today announced the latest version of DefensePro® — a real-time, behavioral based attack mitigation device that protects enterprise infrastructures against emerging cyber attacks. The latest release underscores Radware's commitment to delivering a holistic network security architecture through its Attack Mitigation Network (AMN)
Seccuris Partners with ChoiceTel to Offer OneStone Managed Security Solution (PRWeb) Security provider, Seccuris Inc., announced it has formed a strategic partnership with ChoiceTel, a leading telecommunications consulting and management company. ChoiceTel will provide Seccuris managed security services, including the OneStone™ Information Assurance Portal, to ChoiceTel clients in the United States through its ChoiceCyber division
CipherCloud Announces Cloud Discovery Solution, Latest Addition to Fast Growing Portfolio (Broadway World) CipherCloud, the leader in cloud information protection, has expanded its Discover, Protect, Monitor platform with CipherCloud for Cloud Discovery. This free solution enables enterprises to have real-time and granular visibility into all the cloud applications in use across their organization by employees
LogRhythm and ForeScout Team to Enhance Continuous Intelligence, Big Data Analytics and Threat Mitigation (MarketWatch) LogRhythm, the security intelligence company, and ForeScout Technologies , Inc., the leading provider of pervasive network security solutions for Global 2000 enterprises and government organizations, today announced a partnership and planned technology integration between the LogRhythm and ForeScout CounterACT™ platforms
Cloaq, The Anonymous Social App That Doesn't Require An Email Or Phone Number, Goes Live (TechCrunch) On the same day that anonymous social sharing app Secret is officially crossing the pond to launch in the U.K., Ireland, Australia and New Zealand, another new anonymous app called Cloaq is making its App Store debut. The app, previously detailed here, hopes to differentiate itself in the space by being even more secret (if that's possible!) by not requiring any personal information
Google Stops Mining Education Gmail And Google Apps Accounts For Ad Targeting (TechCrunch) Google will no longer scan student and teacher Gmail messages or use data from Apps for Education for advertising purposes, the company told the WSJ today. The move comes after Google's use of data from its education products came under fire by students and others during a court case last year that claimed the scanning violated user privacy rights
Technologies, Techniques, and Standards
How to Securely Erase Removable Media Using Windows 7 (The Security Skeptic) In a companion post, How to Securely Erase Removable Media Using Mac OS X, I explain how physical loss, theft or improper disposal of laptops or removable drives is the most common data breach of electronic personal health information. Personal identifying or health data disclosure are too frequent outcomes of leaving our data on laptops or drives we lose, discard, or sell. Several ways exist to protect these data: encryption, data destruction, archival, or secure erasure
Stanford's password policy shuns one-size-fits-all security (Ars Technica) University relaxes hated character complexity as password length increases
CTO takes on cyberthreats with hybrid security built on risk profiling (TechTarget) When it comes to cybersecurity, an IT leader appears to have only three choices
To Defend Against Cyber Attack, Test Your Defenses (Metropolitan Corporate Counsel) The Editor interviews Paul Luehr, Managing Director of Stroz Friedberg, LLC. Editor: Please give our readers a brief overview of your professional background. Luehr: I am managing director and chief privacy officer for Stroz Friedberg. I started my legal career at the Federal Trade Commission, where I chaired the Internet Coordinating Committee and was one of the early folks on the Internet as a regulator
What Not To Do In a Cyberattack (Dark Reading) How to keep calm and avoid common mistakes in an incident response operation
Why you need more than daily practice to be good at incident response (CSO) Move past constant reaction with an evidence-driven approach to improve incident response and the entire protection cycle
Reducing Cyber-Attack Response Times (GovInfoSecurity) As cyber-attacks become more common, organizations must devise new ways to shorten response times and lessen the impact, says Paul Nguyen of CSG Invotas
Research and Development
NSA launches 'lablets' tech initiative with major U.S. universities (Venture Beat) The National Security Agency is coming to a university near you. The agency has launched an initiative to strengthen contacts between tech-heavy U.S. American colleges and universities. The project will coordinate academic collaboration to best protect Internet infrastructure. Already, the NSA has awarded funds and resources to Carnegie Mellon University, the University of Illinois Urbana-Champaign, the University of Maryland, and the University of North Carolina to set up so-called "lablets" on their campuses
Academia
Providence Career and Technical Academy offers R.I.'s first high school pre-engineering course (Providence Journal) There is a quiet hum in Jesus Garcia Galvez's classroom. Students, some of them working in pairs, are designing skateboards on a software program called SolidWorks
Students connect with tech (Livingston Daily) The Eastern Michigan University Information Assurance Program hosted girls in middle school and high school at the third Cyber Security in the 21st Century: Digital Divas Conference this month in Ypsilanti. Brighton High School took 20 students from its digital multimedia program to the conference, where they took part in hands-on learning about simulation, animation and gaming, along with interior design using engineering and computer-aided design
Got hackers? Web worries draw 150 to Bucks college (Bucks County Courier Times) "Stop. Think. Connect." was the advice from Homeland Security's Cybersecurity Division. Bob Leipholtz, of Northampton, had a better idea. "I'm going back to the cave"
Legislation, Policy, and Regulation
H.R. 4499: Privacy and Civil Liberties Oversight Enhancement Act (Govtrack) A bill to require reports submitted to Congress under the Foreign Intelligence Surveillance Act of 1978 to also be submitted to the Privacy and Civil Liberties Oversight Board. This Act may be cited as the "Privacy and Civil Liberties Oversight Enhancement Act"
HASC Bill 'Fully' Supports Military Cyber Activities (Defense News) A US House Armed Services subcommittee on Tuesday released legislation that would require Pentagon officials to conduct several sweeping reviews of military intelligence programs
Congress Considers Cyber Attack On Power Grid A 'Pressing Domestic Security' Issue (The Inquisitir) Power grid vulnerability is finally being heralded as a "pressing domestic security" concern in Congress. Current Congressional discussions appear to primarily be focusing on the threat of a cyber attack on the power grid, but the movement is still viewed as a step in the right direction by enlightened lawmakers and informed Americans alike. Tech expert Adam Crain once felt that it would be virtually impossible for cyber hackers to tap into power grid computer networks and cause a problem due to the "heightened vigilance over cybersecurity" in the United States. When Cain realized that he was wrong, he admitted the error
DOE releases cyber procurement guidelines (FCW) The Energy Department has issued procurement guidelines for building cybersecurity protections into the design and manufacturing of energy delivery systems
Industry stresses flexibility on cyber acquisition rules (FCW) An association of communications and network services providers told GSA that any rules aimed at establishing contractor cybersecurity baselines to protect government acquisitions should tread carefully to avoid stifling innovation
White House explains 'disciplined, rigorous' NSA policy (The Hill) The Obama administration is offering more details about a new policy shift for the way spies treat software glitches and bugs they come across
The White House and Zero Day Sleight of Hand (Threatpost) The White House wants you to know that it did not know about the OpenSSL Heartbleed vulnerability before you did. The White House also wants you to know that administration officials don't think stockpiling zero days isn't necessarily good for national security. That's all well and good, except that it mostly doesn't matter
Litigation, Investigation, and Law Enforcement
The Challenge of Collaborating with Law Enforcement Agencies to Stop Cybercrime (Trend Micro Security Intelligence Blog) The promise of easy money remains the biggest motivation for cybercrime today. Cybercriminals thus make it their main objective to steal information that would lead them to the money, like online banking information. Once stolen, the information can be used to transfer funds illegally from victims' accounts
Terrorists have changed methods since Snowden leaks: UK official (Reuters via the Chicago Tribune) Terrorists have substantially changed their methods of communication since leaks by former U.S. intelligence operative Edward Snowden, hindering intelligence agencies' efforts to track them, a senior British security official said on Tuesday
NSA leaker Snowden hires 'well-known Washington attorney' in the hopes of cutting a plea deal to bring him back from Moscow (Daily Mail) One year after National Security Agency leaker Edward Snowden retained the services of a well-known Washington defense lawyer in hopes of reaching a plea deal with federal prosecutors, negotiations remain in the early stages with no agreement on the horizon
Commerce cybersecurity detection, prevention lacking, says IG (FierceGovernmentIT) Several bureaus within the Commerce Department lack adequate capabilities to detect and stop cyber attacks in a timely manner, according to a recent security audit released by the inspector general's office
Ex-Navy lingust pleads guilty in secret documents case (Politico) A former Navy contract linguist accused of removing classified documents from a secure space at a base in Bahrain pled guilty Friday to a misdemeanor charge of taking classified documents without authority
Bitcoin traders agree to settlement in Mt. Gox class-action suit (CSO) Plans call to revive Mt. Gox as 'New Gox'
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
United States Cyber Crime Conference 2014 (, Jan 1, 1970) This is the only event of its kind that provides both hands-on digital forensics training and an interactive forum for cyber professionals to network. The conference covers the full spectrum of topics facing defenders as well as law enforcement responders. All aspects of computer crime will be covered, including intrusion investigations, cyber crime law, digital forensics, information assurance, along with research and development, and testing of digital forensic tools.
Infosecurity Europe 2014 (, Jan 1, 1970) Infosecurity Europe is Europe's number one Information Security event. Featuring over 350 exhibitors, the most diverse range of new products and services, an unrivalled education programme and over 12,000 visitors from every segment of the industry, it's the most important date in the calendar for Information Security professionals across Europe.
Cyber COMSEC and IT Day at Fort Huachuca (, Jan 1, 1970) This one-day vendor expo is a unique opportunity to demonstrate your products and services to military and civilian personnel at Fort Huachuca. Exhibitors will have a casual atmosphere to share ideas, concerns and build relationships with the men and women of Fort Huachuca.
STEM Café (Geneva, Illinois, USA, May 6, 2014) At the next STEM Café, Raimund Ege, associate professor in NIU's Department of Computer Science, will lead a lively discussion on how computer crime affects our everyday lives and what we can do to protect ourselves and our data. The event will take place from 6:30 to 8:30 p.m. Tuesday, May 6, at Claddagh Irish Pub, 1702 Commons Drive in Geneva.
cybergamut Technical Tuesday: Malware Reverse Engineering (Columbia, Maryland, USA, May 6, 2014) An introduction to the tools, workflows, and tricks of the trade to attack sophisticated malware by Dale Robson of CyberPoint. Industry standard cyber security products do a good job in blocking and defending against recognized or suspicious malware. Yet increasingly, advanced malware is customized to evade detection and remediation; and even those that are caught can have deeper and more dangerous capabilities. In order to truly understand the malware's capabilities and to assess its success in gaining access to an enterprise, cyber security professionals should reverse engineer the binary to expose its secrets. But organizations may forgo reverse engineering and rely on industry solutions to characterize and defend against the threat. Reverse engineering is done by exception and within the constraints of budget, time, and available professional talent, if it is done at all. However, reverse engineering malware can be an integral part of every security team's calculus. This session provides a technical review of the tools, workflows, and advanced analytic insight a senior reverse engineer brings to the fight.
Kirtland AFB — Cyber Security Seminar & Information Technology Expo (Albuquerque, New Mexico, USA, May 7, 2014) Join FBC and the Armed Forces Communications & Electronics Association (AFCEA)-Albuquerque Chapter for the Cyber Security Seminar & Information Technology Expo set to take place at Kirtland Air Force Base. This is the only yearly event officially sponsored by AFCEA at Kirtland AFB. The goal of this expo is to stimulate exchanges of information between industry partners and Kirtland AFB Information Management Officers', Information Technology personnel, Contracting Officers' as well as end-users, developers, scientists, researchers and project managers in the areas of cyber security and information technology.
US Secret Service Cybersecurity Awareness Day (Washington, DC, May 8, 2014) This Cybersecurity event will be the first of its kind at the USSS. There will be 2-3 opportunities for participating companies to present a 1/2 hour presentation on a Cybersecurity topic of concern to the agency. In addition, this event will be widely attended by the majority of personnel at the USSS HQ building. Attendance is expected to be over 300 for the event.
SANS Security West (, Jan 1, 1970) SANS Security West will arm information security professionals with the necessary insight to prepare their organization for today and the future. Attendees will have the opportunity to advance their information security skill set by learning innovative ideas and techniques to fend off today's most challenging cyber threats as well as emerging threats.
HackMiami 2014 (Miami Beach, Florida, USA, May 9 - 11, 2014) The HackMiami 2014 Hackers Conference seeks to bring together the brightest minds within the information security industry and the digital underground. This conference will showcase cutting edge tools, techniques, and methodologies that are at the forefront of the global threat landscape.
Eurocrypt 2014 (, Jan 1, 1970) Eurocrypt 2014 is the 33rd Annual International Conference on the Theory and Applications of Cryptographic Techniques. It is devoted to all aspects of cryptology.
ISPEC 2014 (Fujian, China, May 12 - 14, 2014) The ISPEC conference series is an established forum that brings together researchers and practitioners to provide a confluence of new information security technologies, including their applications and their integration with IT systems in various vertical sectors.
CyberWest (Phoenix, Arizona, USA, May 13 - 14, 2014) Cyber threats affect all industry sectors and impact individuals, businesses and governments. From hacktivists to advanced persistent threats, conducting business on-line exposes individuals, corporations and Governments to a complex threat environment including hacktivists to trans-national crime organizations and advanced persistent threats. Join experts from government, industry and academia in discussing how we are making our future more secure.
GovSec 2014 (Washington, DC, USA, May 13 - 14, 2014) GovSec is the nation's premier event for Government, Homeland Security, and Law Enforcement professionals looking for proven strategies and cost effective technology so they can achieve their mission of protecting our critical infrastructures, key assets, communities and the nation.
Cyber Security for National Defense Symposium (, Jan 1, 1970) DSI's Cyber Security for National Defense Symposium is designed as an educational and training "Town Hall" forum, where thought leaders and key policy-makers across military and civilian organizations can come together for actionable discussions and debate. The symposium will focus on increasing the security and resiliency of the Nation's critical networks, operating freely in the Cyber Domain, and the protection of infrastructure in support of national defense and homeland Security.
FOSE Conference (Washington, DC, USA, May 13 - 15, 2014) Spend 1 day or 3 days at the FOSE conference and leave with actionable information, covering a broad spectrum of trending topics including: Cybersecurity, Cloud and Virtualization, Mobile Government, Big Data and Business Intelligence, Project Management, Procurement and Acquisition and more. (free-of-charge for government personnel).
INFILTRATE (, Jan 1, 1970) INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Groundbreaking researchers focused on the latest technical issues will demonstrate techniques that you cannot find elsewhere. INFILTRATE is the single-most important event for those who are focused on the technical aspects of offensive security issues, for example, computer and network exploitation, vulnerability discovery, and rootkit and trojan covert protocols. INFILTRATE eschews policy and high-level presentations in favor of just hard-core thought-provoking technical meat.
Security BSides Denver 2014 (Denver, Colorado, USA, May 16, 2014) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening.
Security Start-up Speed Lunch NYC (New York, New York, USA, May 19, 2014) Our goal for this inaugural event is to connect the most promising security startups in the world with decision-makers at aerospace, asset-management, banking, communications, defense, energy, healthcare, government, technology and transportation sector companies in a novel way: the speed lunch.
CEIC 2014 (Las Vegas, Nevada, USA, May 19 - 22, 2014) It's no exaggeration to say that CEIC is the biggest digital-investigations conference of its kind and the only one to offer hands-on lab sessions and training for practical skills development. From sessions on acquiring evidence from mobile devices to international e-discovery to cyber security intelligence, there's simply no other training or seminar series available that packs so much relevant and practical information from so many expert speakers into a single four-day period.
The Device Developers' Conference: Bristol (Bristol, England, UK, May 20, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn about the latest tools, technologies and techniques for the successful development of leading edge electronic products and systems.
Positive Hack Days (, Jan 1, 1970) Positive Hack Days is the international venue for the unification of progressive forces of the IT industry. It is about innovators interested in information security problems; it is fresh blood and bright eyes, the atmosphere of a huge research ground, communication between people sharing the same views and their opponents, minimum formalities and maximum practice.
Georgetown Law: Cybersecurity Law Institute (, Jan 1, 1970) A day does not go by where cybersecurity is not in the news. In fact, according to a recent national survey conducted by FTI Consulting, cybersecurity is the number one issue on the minds of general counsels of American companies. Last year's inaugural Cybersecurity Law Institute received positive reviews for its unique simulation approach that prepared attendees on actions to take if their company faced a cyber-attack.
NSA Mobile Technology Forum (MTF) 2014 (, Jan 1, 1970) The Mobile Technologies Forum is an annual event that attracts SIGINT, Information Assurance, HUMINT, Federal Law Enforcement, Counterintelligence and Government personnel from the United States, Australia, Canada, New Zealand, and United Kingdom focused in mobile technologies. Those companies who specialize in both current and future mobile features and equipment or have efforts that benefit NSA's efforts should participate as a commercial vendor; conference attendance is limited to government employees.
CyberMontgomery Forum: Center of Gravity (Rockville, Maryland, USA, May 22, 2014) Cybersecurity will be a major growth engine in the region for many years to come. With solid federal government, industry and academic assets already in place in the region, there is still a need to bring them together so that they can coalesce and elevate the cyber ecosystem to a level of national prominence. CyberMontgomery Forum events will provide clear direction on finding business opportunities, contracting, forecasted demand areas, workforce development, recruiting & staffing, legal responsibilities for businesses, updates on technologies being developed in MoCo and summary updates regarding our NCCoE neighbors, federal civilian agencies and commercial sector leaders.
Cyber Risk Summit (Washington, DC, USA, May 22, 2014) This one-day leadership conference will provide a discussion forum for business executives, insurance companies and policymakers on more effective private and public responses to cyber risk management. Topics to be discussed by expert speakers will include state and federal regulatory and legislative initiatives, efforts to develop a common cyber security framework, the threats from cyber espionage and terrorism, and the development of public and private mechanisms to finance and transfer losses from cyber events.
The Device Developers' Conference: Cambridge (Cambridge, England, UK, May 22, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn about the latest tools, technologies and techniques for the successful development of leading edge electronic products and systems.
Fort Meade Technology Expo (, Jan 1, 1970) The Ft. Meade Technology Expo is a one-day event held at the Officers' Club (Club Meade) on base. Industry vendors will have the unique opportunity to showcase their products and services to personnel that may otherwise be unattainable.
CANSEC (, Jan 1, 1970) CANSEC is Canada's foremost defence tradeshow. A two-day event, CANSEC will feature 120,000 square feet of indoor exhibits by Canada's leading edge defence companies, as well as an outdoor static display. This tradeshow targets a wide audience of customers that includes Government agencies and departments with an interest in the defence sector.
Hack in The Box Security Conference (HITBSecConf) Amsterdam (, Jan 1, 1970) HITBSecConf Amsterdam is a gathering of network security professionals and enthusiasts who come from all corners of the globe to discuss the next generation of attacks and defense techniques. This is not an event you come to for 'security 101' talks or marketing hype. We cover stuff that hasn't made it into the news — yet. Potential security issues coming our way in the next 12 months.