The CyberWire Daily Briefing for 5.2.2014

Cyber Attacks, Threats, and Vulnerabilities

Microsoft issues fix for IE zero-day flaw amid fresh attacks (ComputerWeekly) Microsoft has issued an emergency security update for all versions of its Internet Explorer browser. The update will patch a zero-day flaw reported on 26 April that has already been used in live attacks… Besides previously observed attacks against the defense and financial sectors, organisations in the government and energy sectors are also facing attack

Heartbleed Reaction Not All It Could Be Amongst General Population (Security Watch) "Heartbleed changes everything." That's something I heard said several times this week whilst at BSidesLondon and InfoSec and it should be true but, according to a Pew Research Center survey, it probably isn't

Heartbleed used to uncover data from cyber-criminals (BBC) The Heartbleed bug has turned cyber criminals from attackers into victims as researchers use it to grab material from chatrooms where they trade data

Serious security flaw in OAuth and OpenID discovered (CNET) Malicious attackers can use the 'Covert Redirect' vulnerability in the OAuth 2.0 and OpenID open-source login systems to steal your personal info as well as redirect you to unsafe sites

Bogus Facebook hacking tool dupes users (CSO) Symantec has seen another round of a ham-fisted but surprisingly successful attack that targets Facebook users hoping to break into their friends' accounts

DDoS attack from Facebook possible, but unlikely (CSO) Researcher shows a DDoS attack is possible from Facebook Notes, but experts say the technique pales in comparison to others used by attackers

London warbiking reveals worrying state of Wi-Fi security (Help Net Security) At Infosecurity Europe 2014, IT security company Sophos this week highlighted the worrying state of wireless security in the UK's capital city, when it sent security expert James Lyne and his computer-equipped bicycle onto the streets of London to test how safe homes, businesses, and even people on mobiles phones are from cyber criminals

Beware of "free Malwarebytes Anti-Malware 2.0" offers (Help Net Security) As soon as the release of a new version of Malwarebytes' popular AV solution has been announced, cyber crooks and scammers began exploiting the news

All About Windows Tech Support Scams (Webroot Threat Blog) Editors Notes: The purpose of this research was to see exactly how this scam is carried out, and the extent to which it is done. DO NOT TRY THIS AT HOME. We used a clean machine, off network, to monitor the activity of the scammer. Have you ever received a phone call from a tech support person claiming to be from Microsoft, and that your Windows based machine has been found to have a virus on it? These cold calls typically come from loud call centers, and are targeting the uninformed and naïve in hopes of gaining access to their individual machines, and ultimately the victim's credit cards

Multi-Brand French Phisher uses EDF Group for ID Theft (Cyber Crime and Doing Time) At the end of January last year, French power company EDF advised the public that they were seeing a significant rise in the number of phishing complaints they were receiving from their customers. An example story in English from The Connexion: EDF customers hit in 'phishing' scam, says that an EDF spokesperson said beginning in August of 2012 they were seeing 20,000 customers per month complaining about the phish and that in January 2013 it had risen to as many as 40,000 customers per month. As many as 200 to 300 new phishing sites per month were being created at that time. This week Malcovery is noticing that the EDF phish are back, with a twist

Kali Linux website hacked by The GreaT Team (eHacking News) When it comes to Security, No ONE is 100% Secure. Even the world most popular Security-related Linux provider Kali is no exception to this fact

Canadian ISPs 'boomerang routing' traffic through the snoopy US (Naked Security) You hit "send" in Ottawa. The email pops into your Winnipeg girlfriend's inbox. That's all nice and intra-Canadian and, hopefully, therefore protected by Canada's data privacy laws, right?

Hacking China's online games for profit: an interview with a Chinese hacker (Tech in Asia) "PW"—that's not his real name, obviously—has a secret life, kind of like a superhero (or perhaps a super-villain). By day, he's the young prodigy manager of a legitimate software company, the guy who graduated a top Guangzhou college with a triple major and landed a high position at a reputable software firm. The guy whose friends call him a computer god. By night—well, by whenever he feels like it really—he's a hacker, a member of a big hacker QQ group on China that produces all kinds of hacking tools and techniques

Security Patches, Mitigations, and Software Updates

Microsoft Security Bulletin MS14-021 — Critical: Security Update for Internet Explorer (2965111) (Microsoft Security Tech Center) This security update resolves a publicly disclosed vulnerability in Internet Explorer. The vulnerability could allow remote code execution if a user views a specially crafted webpage using an affected version of Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights

Microsoft updates IE against latest 0-day, updates also XP (Help Net Security) Microsoft has issued an out of band security update to patch the zero day vulnerability that affects all versions of Internet Explorer and is being actively exploited in the wild in targeted attacks seemingly directed against US-based defense and financial firms

After warning users off IE, what do the security watchdogs say now? (ZDNet) When news of the critical flaw in Internet Explorer broke last week, agencies across the world suggested users might opt for another browser. Now a patch has been released have they changed their tune?

Microsoft's decision to patch Windows XP is a mistake (Ars Technica) There will always be one more emergency

Cyber Trends

Eugene Kaspersky: major cyberterrorist attack is only matter of time (The Guardian) Nations must be ready for a remote attack on critical infrastructure, including power and transport systems, says security expert

Cyber spies in disguise: Nation-state (SC Magazine) Espionage has been a fact of life for centuries, but with increased capabilities online, it's spread beyond a narrow core, reports James Hale

The Growing Risk (SC Magazine) Large-scale cyber espionage is not new — it is the methods behind it which are becoming more complex and sophisticated, reports Kate O'Flaherty. The ability to remain anonymous — or at least to raise doubt over the identity of the perpetrator — is seeing cyber attacks take increasing preference over physical means. One incident in March saw Ukraine reported to be under cyber attack following the initial physical takeover of the Autonomous Republic of Crimea

The Wild Cyber West (Townhall) The Bonnie and Clyde of cybercrime, Russia and China, are stepping up their game. In the May issue of Townhall Magazine, where this article originally appeared, Cortney O'Brien explains how U.S. businesses and the federal government are going to have to play better defense

Security industry 'very close' to losing cyber war — WatchGuard (CRN) Vendors must innovate faster or risk losing the everyday internet user, warns WatchGuard executive

In a world of complexity, focus on the basics (CSO) SANS keynote stresses collaboration to avoid 'drowning' in threat information and defensive tool overload

Study: Sensitive Info Is 'Readable' In Cloud (Dark Reading) Annual global survey from Thales reveals widespread uncertainty about cloud security and negative impacts on security posture

Security 'game changers' for forcing IT security pros to 'do things differently,' says SANS chief (FierceITSecurity ) There are five top security "game changers" that are going to "break the way we are doing security" and force IT security pros to "do things differently," explained John Pescatore, director of the SANS Institute, during a presentation at the SANS Security Leadership Summit being held here this week

Most Enterprises Lack Basic Assets to Fight Off Data Theft (eWeek) Many businesses believe cyber-security threats fall through the cracks of their companies' existing security systems, a survey finds

IoT security requirements will reshape enterprise IT security programs (Help Net Security) The power of objects in the Internet of Things (IoT) to change the state of environments — in addition to generating information — will cause chief information security officers (CISOs) to redefine the scope of their security efforts beyond present responsibilities, according to Gartner

FBI issues warning, EHRs vulnerable to cyber attack, theft (FierceGovernmentIT) The FBI is warning healthcare providers that lax cybersecurity standards will leave their computer systems more vulnerable to hackers as the industry transitions to electronic health records

IT downtime from attack or infrastructure failure can cost firms more than $1M per hour (FierceITSecurity) IT downtime caused by an attacker or non-malicious infrastructure failure can cost firms more than $1 million per hour, as well as increase data security risks, according to a survey of 283 IT professionals and end users by security firm Globalscape

IT sec pros surprisingly cavalier about mobile security best practices (Help Net Security) A flash poll conducted at Infosecurity Europe 2014 by Centrify Corporation has found that 94 per cent of IT security professionals use third party applications on their mobile devices for work, with 82 per cent using up to 10 apps

2014 Vormetric Insider Threat Report Shows Australian Organisations Facing Cyber Threat From Within (CMO) Vormetric, the leader in enterprise data security for physical, virtual and cloud environments, today announced the results from its first Australian Insider Threat Report

Marketplace

Born in the NSA: These former spies are starting companies of their own (VentureBeat) National Security Agency alumni are coming to a tech startup near you. Lots of them. America's largest intelligence agency found itself mired in scandal since contractor Edward Snowden stole and leaked some of its darkest secrets last year. But instead of concealing their backgrounds, many leaving the secretive NSA are proudly promoting their espionage backgrounds

MACH37™ Seeks Security Start-ups for Fall Cohort (Digital Journal) The MACH37™ Cyber Accelerator has officially opened the application period for its "F14" Fall Cohort, which will begin September 2, 2014 in its Herndon, Virginia headquarters. The program consists of an intense 90-day program in which the selected startups are coached in all aspects of creating a sustainable and successful business. Participants receive a $50,000 investment to develop and launch their ideas into the market

Splunk: A Good Way To Benefit From Big Data (Guru Focus) Splunk (SPLK), the company that provides software solutions that provide real-time operational intelligence, has lost 20% of its market capitalization this year. However, Splunk is a big data player and investors can count on the company to deliver in the long run. The company has entered into many partnerships with several leading companies and it could perform well in the future

Splunk: "A business can never have too much security" (ITProPortal) ITProPortal spoke to Splunk's security markets VP Haiyan Song at Infosecurity Europe 2014 about what's new in the security industry, and what the biggest frustrations are when dealing with security vendors

InfoSec 2014: High-Tech Bridge Democratises Access To Ethical Hacking (TechWeek Europe) The information security market is not fair towards SMBs, says CEO Ilia Kolochenko

How Eugene Kaspersky is on the front lines in the cyber-wars (MoneyWeek) With pressure for further sanctions on Russia mounting, you might expect the founder of the Kaspersky Lab — arguably "the biggest international Russian brand outside vodka" — to be feeling the heat, says The Daily Telegraph

NIKSUN: Ensuring Cybersecurity and Optimizing Network Performance (Silicon india) Increasing network complexity, growing obfuscation techniques, and exploding multimedia traffic volumes are bringing a host of next-generation problems from zero-day exploits, targeted malware and Advanced Persistent Threats (APT), to service level disruptions and Payment Card Industry (PCI) compliance issues. On a granular level, the nature and frequency of cyber attacks are fundamentally changing the cyber security landscape

Risco to protect World Cup stadium in Brazil (Bloomberg BusinessWeek) The Israeli national soccer team's was not good enough to qualify for the World Cup, but Israeli systems will run the security at one of new soccer stadiums that has been built in Brazil. Risco Group reported today that it has completed the implementation of command and control systems and advanced security systems at the Arena Patanal soccer stadium, which was built for the World Cup

Products, Services, and Solutions

AhnLab's MDS: A comprehensive approach to malware management (SC Magazine) AhnLab is no newcomer to the information security market — having been around since 1995. This offering, however, is relatively new. It is backed by a large global company with vast experience in many aspects of information security, cloud-based systems and on-premises tools. I have seen elements of this offering in many other anti-malware tools, though the hallmark of this one is that for every reason one buys individual gateways this tool has it — in one place and under a single pane of glass

CipherCloud Releases Free Cloud Discovery Solution for Enterprises (Talkin' Cloud) California-based cloud security specialist CipherCloud has unveiled CipherCloud for Cloud Discovery, solution that allows enterprises to analyze their cloud applications usage. In addition, enterprises can use CipherCloud for Cloud Discovery to evaluate a cloud application's risk factors and calculate the app's risk score

ManageEngine fortifies enterprise security log analytics (Help Net Security) ManageEngine announced the general availability of new features to its enterprise security log analytics portfolio. EventLog Analyzer, the security information and event management (SIEM) software, now offers complete user audit trails as well as the real-time event correlation and ISO 27001 reporting previously available in beta

Security analytics solution identifies attacks in historic data (Help Net Security) Arbor Networks is showcasing at Infosecurity Europe 2014 its Pravail Security Analytics, whose unique looping capability can be used to identify and establish an attack timeline for the recently disclosed and much discussed Heartbleed attacks

Sophos Cloud manages Windows, Mac and mobile devices (Help Net Security) At Infosecurity Europe 2014, Sophos announced the latest version of Sophos Cloud, the company's cloud-based solution for small- and mid-sized organisations seeking a simpler approach to IT security that still provides world-class protection

ThreatTrack Security Bolsters VIPRE Email Security for Exchange (Channelnomics) Cybersecurity firm ThreatTrack Security has debuted its latest version of VIPRE Email Security for Exchange, its enterprise e-mail security solution for Microsoft Exchange

App aims to turn Google Glass into a situational awareness tool (GCN) A new geospatial data collection and photo reporting app from security services firm BAE Systems will be available later this year for Google Glass, the company reported

Cellcrypt Mobile for Secret™ Completes NIAP Mobility Evaluation (IT News Online) Cellcrypt, a leading provider of encrypted voice and messaging for smartphones and tablets, today announced that its Cellcrypt Mobile for Secret™ product has officially been listed as certified by the National Information Assurance Partnership (NIAP). As part of the Common Criteria evaluation, Cellcrypt selected Cygnacom Solutions, Inc. to perform the validation testing services that were reported to NIAP

Cyber Insurance Protection Availability is Growing (Live Insurance News) At a time in which the headlines involving businesses that have undergone data breaches and other digital attacks are becoming a regular occurrence, American International Group (AIG) has now announced that it will be joining the growing number of insurers that are offering cyber insurance protection

Facebook announces new 'Anonymous Login' for third party apps (Naked Security) Facebook's the company that's always been about keeping it real. Real identity. Real names. Real people

Yahoo is the latest company ignoring Web users' requests for privacy (Ars Technica) "Do Not Track" has largely been a failure

Police use new tool to source crowds for evidence (AP) An annual spring party in a Southern California beach town devolved into a riot last month when revelers turned violent, rocking cars, smashing windows and throwing rocks. Dozens were injured and about 50 people ended up in the hospital, including several police officers

Technologies, Techniques, and Standards

NIST Revises Guide to Use of Transport Layer Security (TLS) in Networks (Targeted News Service Via Acquire Media NewsEdge) Information Technology Laboratory, a sub-agency of the U.S. Department of Commerce's National Institute of Standards and Technology, issued the following news release: The National Institute of Standards and Technology (NIST) has released an update to a document that helps computer administrators maintain the security of information traveling across their networks

Guide to the UK government cyber essentials scheme (Help Net Security) The results of the latest cyber threat reports and surveys have denominated 2013 as the year of major breaches. The media naturally focuses on the big stories of massive data breaches or coordinated state attacks which leave in their wake a trail of lawsuits, customer data losses and political conflicts. However that's not the entire spectrum of the cyber security landscape, nor does it reflect the full damage of attacks in cyber space. The SME landscape has its own perils and it suffers just as much as the large corporate domain. The difference is you don't often hear about it

Cloud Security Alliance Releases Update to Software Defined Perimeter (SDP) (Broadway World) TheCloud Security Alliance(CSA), a not-for-profit organization which promotes the use of best practices for providing security assurance within cloud computing, today announced the release of two key documents related to the CSA's Software Defined Perimeter (SDP), an initiative to create the next generation network security architecture.The SDP Version 1.0 Implementation Specification and SDP Hackathon Results Report provide important updates on the SDP security framework and deployment in protecting application infrastructures from network-based attacks

Why your access control vendor needs to be familiar with DIACAP (GSN) As you may be aware, the Department of Defense Information Assurance Certification and Accreditation Process, better known as DIACAP, regulates the implementation of risk management for information systems. What you may not know is that not all DIACAP certifications are created equal. Understanding this accreditation process, how the certification is achieved and what it signifies — or working with an integration specialist who has this expertise — will help your agency make the best possible decision in choosing an access control or other security solution

iOS Application Security Part 34 — Tracing Method calls using Logify (Infosec Institute) In the previous articles, we have seen how applications like Snoop-it can trace method calls specific to the application at runtime. This is very important in deducing the flow of the application. The same process can be performed by using a perl script named Logify.pl that comes installed with Theos

Design and Innovation

Special operations forces' communication needs lead to innovation (C4ISR & Networks) Navy Seals, Army Rangers, Air Commandos, and other special operations forces (SOF) rely on network hardware and services to access fresh, accurate intelligence and situational awareness information, often under severe pressure in extreme situations and environments

Research and Development

Energy security firm receives patent for EV grid protection technology (Jerusalem Post) As the electric vehicle usage becomes increasingly popular around the world and cyber-attack vectors on energy networks expand, Nation-E said that it identified a grid weakness caused by the vehicle usage

Academia

Network segregation is the best solution for diverse university environments, say IT pros (FierceITSecurity) Network segregation is the best way to deal with the open environment of higher education while maintaining IT security, according to a panel of IT security pros from a number of New England universities at the SANS Institute Security Leadership Summit being held here this week

Fresh meat: a new search for cyber-defenders (Economist) In A hot and noisy bunker room a stone's throw from Downing Street, dozens of people battle a cyber-attack. Programmers huddle around screens, tracking down a virus that has frozen cash machines, online payments and stock flotations. A red-faced man in a suit harangues one sweating coder: "What can I tell the PM?"

Legislation, Policy, and Regulation

Obama, Merkel to meet at White House (USA TODAY) President Obama and German Chancellor Angela Merkel will meet Friday at the White House to discuss their common dispute with Russia, and their own dispute over U.S. intelligence gathering

NSA looms over Merkel-Obama visit (The Hill) German Chancellor Angela Merkel visits the White House on Friday for the first time since news broke that President Obama's spies had snooped on her phone

U.S. and Germany Fail to Reach a Deal on Spying (New York Times) The effort to remake the intelligence relationship between the United States and Germany after it was disclosed last year that the National Security Agency was tapping Chancellor Angela Merkel's cellphone has collapsed, according to German officials, who say there will be no broad intelligence sharing or "no-spy" agreement between the two countries when Ms. Merkel arrives at the White House on Friday

Snowden NSA Revelations Complicate European Privacy Law Reboot (Dark Reading) As European legislators work to rewrite privacy laws, one security expert says a full fix requires Europe to offer local alternatives to Google, Microsoft, and other US online services

Where is Canada's rage over digital surveillance? (The Star) Americans know their government is spying on them, thanks to Edward Snowden, but Canadians remain in the dark

Internet Party to pull plug on Govt spying (Voxy) The Internet Party will pull the plug on out-of-control Government spying by immediately repealing laws which have given the country's spy agency, the Government Communications Security Bureau (GCSB), unprecedented and chilling powers to snoop on Kiwis

China-Australia cyber relations: insights for a cooperative future (The Strategist) Having spent the last week in Beijing meeting with a range of think tanks, government officials and academics, I was struck by the importance our hosts placed upon the relationship with Australia. The concept used most frequently by the Chinese in relation to Australia was as 'the bridge' between China and the US

New NSA chief Michael Rogers: Agency has lost Americans' trust (Politico) The NSA has lost the trust of the American people as a result of the Edward Snowden leaks, and needs to be more transparent to gain it back, the NSA's new director said Wednesday in his first public comments since taking control of the embattled spy agency

Britain begged to be let into NSA spying scheme (Fudzilla) British spooks begged to be involved in National Security Agency's massive electronic spying efforts and lied about it to their superiors

White House seeks legal immunity for firms that hand over customer data (The Guardian) Obama administration asks legislators drafting NSA reforms to protect telecoms firms for complying with court orders, Guardian learns

Big Data: Seizing Opportunities, Preserving Values (Executive Office of the President ) We are living in the midst of a social, economic, and technological revolution. How we com-municate, socialize, spend leisure time, and conduct business has moved onto the Internet. The Internet has in turn moved into our phones, into devices spreading around our homes and cities, and into the factories that power the industrial economy. The resulting explosion of data and discovery is changing our world

Obama panel supports warrant requirement for e-mail, cloud content (Ars Technica) Congress has punted on issue for years. E-mail, cloud data to remain exposed

SEC likely to issue cybersecurity disclosure rules based on 2011 guidance (FierceITSecurity) Attorney says Target breach accelerated SEC's efforts in this area

FCC Chairman: Implement NIST Cybersecurity Framework So That We Don't Have To (DigitalCrazyTown) The Chairman of the Federal Communications Commission (FCC) Tom Wheeler today urged the cable industry to get moving on the implementation of the cybersecurity framework released by the National Institute of Standards and Technology (NIST) earlier this year. Speaking at the National Cable and Telecommunications Association (NCTA) annual conference here, Wheeler said that broadband networks are at a critical cybersecurity juncture and that the "more we learn about the challenges of cybersecurity and the costs of failure, the more apparent the importance of addressing it with best efforts, including yours"

Congressman Trashes Lieutenant General Who Could Become Military's Top Spy (Business Insider) The possible nomination of Lt. Gen. Mary A. Legere to the top position of the Defense Intelligence Agency is a seriously misguided move, according to one congressman

Litigation, Investigation, and Law Enforcement

German Government Won't Summon Snowden (Wall Street Journal) The German government is opposed to inviting whistleblower Edward Snowden to testify before a parliamentary committee investigating alleged data transgressions by the U.S. National Security Agency, a lawmaker for Chancellor Angela Merkel's party said Thursday. Roderich Kiesewetter signalled in a statement that Berlin would reject calls from opposition lawmakers to invite Mr. Snowden to testify before the committee

The race to bring NSA surveillance to the Supreme Court (The Verge) There are at least three pending cases against the agency with a shot at making it all the way

Lawsuit by civil-liberties group seeks more secret court opinions about NSA surveillance (AP via the Minneapolis Star Tribune) The Obama administration has failed to turn over documents under public-records requests detailing still-secret court orders about the scope and legality of National Security Agency surveillance, according to a lawsuit filed Thursday in federal court

When the Evidence is on the Cell Phone (IEEE Spectrum) On Tuesday, the United States Supreme Court heard arguments in two cases in which information found on cell phones, obtained by searching those phones without a warrant, led to convictions: United States v. Wurie and Riley v. California. At issue is whether the Fourth Amendment's rules on unreasonable searches and seizures apply to cell phones

The Shaky Legal Foundation of NSA Surveillance on Americans (The Atlantic) What the final clause of the Fourth Amendment means in interpreting the government's rights

The FISA Court Has Only Denied an NSA Request Once in the Past 5 Years (Smithsonian) Only one of 8164 surveillance requests were denied by the court

Global press freedoms fall in wake of Snowden revelations (Ars Technica) Report underscores that deterioration of media rights is reaching open societies

Lives Destroyed by Identity Theft and Data Breaches (Canada Free Press) Identity thieves have victimized 12.6 million Americans in 2012 to the tune of nearly $21 billion. Eighteen percent of all Federal Trade Commission complaints received that year involved identity theft

Private investigator hit with £89,000 penalty (Information Commissioner's Office) A man who ran a company that tricked organisations into revealing personal details about customers has today been ordered to pay a total of £20,000 in fines and prosecution costs, as well as a confiscation order of over £69,000 at a hearing at Isleworth Crown Court

Philippines police and Interpol smash cyber extortion network (iNews China Daily) Philippine police, backed by Interpol, have arrested dozens of suspected members of an online extortion syndicate who duped hundreds of victims worldwide into exposing themselves in front of webcams, including a Scottish teenager who committed suicide after being blackmailed, officials said on Friday

For a complete running list of events, please visit the Event Tracker.

Upcoming Events

United States Cyber Crime Conference 2014 (, Jan 1, 1970) This is the only event of its kind that provides both hands-on digital forensics training and an interactive forum for cyber professionals to network. The conference covers the full spectrum of topics facing defenders as well as law enforcement responders. All aspects of computer crime will be covered, including intrusion investigations, cyber crime law, digital forensics, information assurance, along with research and development, and testing of digital forensic tools.

Infosecurity Europe 2014 (, Jan 1, 1970) Infosecurity Europe is Europe's number one Information Security event. Featuring over 350 exhibitors, the most diverse range of new products and services, an unrivalled education programme and over 12,000 visitors from every segment of the industry, it's the most important date in the calendar for Information Security professionals across Europe.

Cyber COMSEC and IT Day at Fort Huachuca (, Jan 1, 1970) This one-day vendor expo is a unique opportunity to demonstrate your products and services to military and civilian personnel at Fort Huachuca. Exhibitors will have a casual atmosphere to share ideas, concerns and build relationships with the men and women of Fort Huachuca.

STEM Café (Geneva, Illinois, USA, May 6, 2014) At the next STEM Café, Raimund Ege, associate professor in NIU's Department of Computer Science, will lead a lively discussion on how computer crime affects our everyday lives and what we can do to protect ourselves and our data. The event will take place from 6:30 to 8:30 p.m. Tuesday, May 6, at Claddagh Irish Pub, 1702 Commons Drive in Geneva.

cybergamut Technical Tuesday: Malware Reverse Engineering (Columbia, Maryland, USA, May 6, 2014) An introduction to the tools, workflows, and tricks of the trade to attack sophisticated malware by Dale Robson of CyberPoint. Industry standard cyber security products do a good job in blocking and defending against recognized or suspicious malware. Yet increasingly, advanced malware is customized to evade detection and remediation; and even those that are caught can have deeper and more dangerous capabilities. In order to truly understand the malware's capabilities and to assess its success in gaining access to an enterprise, cyber security professionals should reverse engineer the binary to expose its secrets. But organizations may forgo reverse engineering and rely on industry solutions to characterize and defend against the threat. Reverse engineering is done by exception and within the constraints of budget, time, and available professional talent, if it is done at all. However, reverse engineering malware can be an integral part of every security team's calculus. This session provides a technical review of the tools, workflows, and advanced analytic insight a senior reverse engineer brings to the fight.

Kirtland AFB — Cyber Security Seminar & Information Technology Expo (Albuquerque, New Mexico, USA, May 7, 2014) Join FBC and the Armed Forces Communications & Electronics Association (AFCEA)-Albuquerque Chapter for the Cyber Security Seminar & Information Technology Expo set to take place at Kirtland Air Force Base. This is the only yearly event officially sponsored by AFCEA at Kirtland AFB. The goal of this expo is to stimulate exchanges of information between industry partners and Kirtland AFB Information Management Officers', Information Technology personnel, Contracting Officers' as well as end-users, developers, scientists, researchers and project managers in the areas of cyber security and information technology.

US Secret Service Cybersecurity Awareness Day (Washington, DC, May 8, 2014) This Cybersecurity event will be the first of its kind at the USSS. There will be 2-3 opportunities for participating companies to present a 1/2 hour presentation on a Cybersecurity topic of concern to the agency. In addition, this event will be widely attended by the majority of personnel at the USSS HQ building. Attendance is expected to be over 300 for the event.

SANS Security West (, Jan 1, 1970) SANS Security West will arm information security professionals with the necessary insight to prepare their organization for today and the future. Attendees will have the opportunity to advance their information security skill set by learning innovative ideas and techniques to fend off today's most challenging cyber threats as well as emerging threats.

HackMiami 2014 (Miami Beach, Florida, USA, May 9 - 11, 2014) The HackMiami 2014 Hackers Conference seeks to bring together the brightest minds within the information security industry and the digital underground. This conference will showcase cutting edge tools, techniques, and methodologies that are at the forefront of the global threat landscape.

Eurocrypt 2014 (, Jan 1, 1970) Eurocrypt 2014 is the 33rd Annual International Conference on the Theory and Applications of Cryptographic Techniques. It is devoted to all aspects of cryptology.

ISPEC 2014 (Fujian, China, May 12 - 14, 2014) The ISPEC conference series is an established forum that brings together researchers and practitioners to provide a confluence of new information security technologies, including their applications and their integration with IT systems in various vertical sectors.

CyberWest (Phoenix, Arizona, USA, May 13 - 14, 2014) Cyber threats affect all industry sectors and impact individuals, businesses and governments. From hacktivists to advanced persistent threats, conducting business on-line exposes individuals, corporations and Governments to a complex threat environment including hacktivists to trans-national crime organizations and advanced persistent threats. Join experts from government, industry and academia in discussing how we are making our future more secure.

GovSec 2014 (Washington, DC, USA, May 13 - 14, 2014) GovSec is the nation's premier event for Government, Homeland Security, and Law Enforcement professionals looking for proven strategies and cost effective technology so they can achieve their mission of protecting our critical infrastructures, key assets, communities and the nation.

Cyber Security for National Defense Symposium (, Jan 1, 1970) DSI's Cyber Security for National Defense Symposium is designed as an educational and training "Town Hall" forum, where thought leaders and key policy-makers across military and civilian organizations can come together for actionable discussions and debate. The symposium will focus on increasing the security and resiliency of the Nation's critical networks, operating freely in the Cyber Domain, and the protection of infrastructure in support of national defense and homeland Security.

FOSE Conference (Washington, DC, USA, May 13 - 15, 2014) Spend 1 day or 3 days at the FOSE conference and leave with actionable information, covering a broad spectrum of trending topics including: Cybersecurity, Cloud and Virtualization, Mobile Government, Big Data and Business Intelligence, Project Management, Procurement and Acquisition and more. (free-of-charge for government personnel).

INFILTRATE (, Jan 1, 1970) INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Groundbreaking researchers focused on the latest technical issues will demonstrate techniques that you cannot find elsewhere. INFILTRATE is the single-most important event for those who are focused on the technical aspects of offensive security issues, for example, computer and network exploitation, vulnerability discovery, and rootkit and trojan covert protocols. INFILTRATE eschews policy and high-level presentations in favor of just hard-core thought-provoking technical meat.

Security BSides Denver 2014 (Denver, Colorado, USA, May 16, 2014) Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening.

Security Start-up Speed Lunch NYC (New York, New York, USA, May 19, 2014) Our goal for this inaugural event is to connect the most promising security startups in the world with decision-makers at aerospace, asset-management, banking, communications, defense, energy, healthcare, government, technology and transportation sector companies in a novel way: the speed lunch.

CEIC 2014 (Las Vegas, Nevada, USA, May 19 - 22, 2014) It's no exaggeration to say that CEIC is the biggest digital-investigations conference of its kind and the only one to offer hands-on lab sessions and training for practical skills development. From sessions on acquiring evidence from mobile devices to international e-discovery to cyber security intelligence, there's simply no other training or seminar series available that packs so much relevant and practical information from so many expert speakers into a single four-day period.

The Device Developers' Conference: Bristol (Bristol, England, UK, May 20, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn about the latest tools, technologies and techniques for the successful development of leading edge electronic products and systems.

Mobile Network Security in Europe (London, England, UK, May 21, 2014) Following on from two successful events in the United States, this first Light Reading conference on Mobile Network Security in Europe will again focus on the key role of the network in safeguarding the mobile carrier's network assets while protecting its customers from security attacks. The conference will also consider the case for distributing and coordinating security strategies across the end-user device, the mobile network, and the cloud as carriers look to prevent attackers from triggering outages and degradations or from stealing sensitive customer information.

Positive Hack Days (, Jan 1, 1970) Positive Hack Days is the international venue for the unification of progressive forces of the IT industry. It is about innovators interested in information security problems; it is fresh blood and bright eyes, the atmosphere of a huge research ground, communication between people sharing the same views and their opponents, minimum formalities and maximum practice.

Georgetown Law: Cybersecurity Law Institute (, Jan 1, 1970) A day does not go by where cybersecurity is not in the news. In fact, according to a recent national survey conducted by FTI Consulting, cybersecurity is the number one issue on the minds of general counsels of American companies. Last year's inaugural Cybersecurity Law Institute received positive reviews for its unique simulation approach that prepared attendees on actions to take if their company faced a cyber-attack.

NSA Mobile Technology Forum (MTF) 2014 (, Jan 1, 1970) The Mobile Technologies Forum is an annual event that attracts SIGINT, Information Assurance, HUMINT, Federal Law Enforcement, Counterintelligence and Government personnel from the United States, Australia, Canada, New Zealand, and United Kingdom focused in mobile technologies. Those companies who specialize in both current and future mobile features and equipment or have efforts that benefit NSA's efforts should participate as a commercial vendor; conference attendance is limited to government employees.

CyberMontgomery Forum: Center of Gravity (Rockville, Maryland, USA, May 22, 2014) Cybersecurity will be a major growth engine in the region for many years to come. With solid federal government, industry and academic assets already in place in the region, there is still a need to bring them together so that they can coalesce and elevate the cyber ecosystem to a level of national prominence. CyberMontgomery Forum events will provide clear direction on finding business opportunities, contracting, forecasted demand areas, workforce development, recruiting & staffing, legal responsibilities for businesses, updates on technologies being developed in MoCo and summary updates regarding our NCCoE neighbors, federal civilian agencies and commercial sector leaders.

Cyber Risk Summit (Washington, DC, USA, May 22, 2014) This one-day leadership conference will provide a discussion forum for business executives, insurance companies and policymakers on more effective private and public responses to cyber risk management. Topics to be discussed by expert speakers will include state and federal regulatory and legislative initiatives, efforts to develop a common cyber security framework, the threats from cyber espionage and terrorism, and the development of public and private mechanisms to finance and transfer losses from cyber events.

The Device Developers' Conference: Cambridge (Cambridge, England, UK, May 22, 2014) The Device Developers' Conference is an annual UK event for the developers of intelligent systems and devices. The objective is to provide an event that provides engineers with an opportunity to learn about the latest tools, technologies and techniques for the successful development of leading edge electronic products and systems.

Fort Meade Technology Expo (, Jan 1, 1970) The Ft. Meade Technology Expo is a one-day event held at the Officers' Club (Club Meade) on base. Industry vendors will have the unique opportunity to showcase their products and services to personnel that may otherwise be unattainable.

CANSEC (, Jan 1, 1970) CANSEC is Canada's foremost defence tradeshow. A two-day event, CANSEC will feature 120,000 square feet of indoor exhibits by Canada's leading edge defence companies, as well as an outdoor static display. This tradeshow targets a wide audience of customers that includes Government agencies and departments with an interest in the defence sector.

Hack in The Box Security Conference (HITBSecConf) Amsterdam (, Jan 1, 1970) HITBSecConf Amsterdam is a gathering of network security professionals and enthusiasts who come from all corners of the globe to discuss the next generation of attacks and defense techniques. This is not an event you come to for 'security 101' talks or marketing hype. We cover stuff that hasn't made it into the news — yet. Potential security issues coming our way in the next 12 months.