The CyberWire Daily Briefing 07.31.15
news from CyberMontgomery
Yesterday's CyberMontgomery 2015 covered many topics of interest to the cyber sector, including risk management, CISO communication with boards, labor force development, STEM and STEAM education, what business-friendly tax and regulatory policies should look like, and what the industry's shift from communications security to cyber security has meant. We also heard an interesting account of the investigation into the Sony breach: it was more like looting than it was like a bank job, Norse told us. See the link below for a full report on the conference.
ISIS, embarrassed (and slightly impoverished) by the recent catphishing con job it sustained, continues its information operations over social media and other Internet outlets. Still, observers wonder whether celebration of lurid cruelty and calls to bring about the end of the world may have reached the point of diminishing returns.
Russian cyberespionage tools receive researchers' attention, and well-equipped criminal gangs continue work that country and the Near Abroad, especially Belarus and Ukraine. Some old kits (like Turla) get upgraded. In the US, DNI Clapper quietly calls for development of deterrence in cyberspace — he wishes to establish the "substance and psychology" of a deterrent — as FireEye characterizes relations among Russia, the US, China, and (a distant but not insignificant fourth) Iran as an online cold war.
Trend Micro reports on alternative modes of Stagefright exploitation.
Bitdefender reports sustaining a breach and receiving an extortion demand, but says the risk to customers is low.
The FBI says it's seeing a spike in denial-of-service extortion capers.
Researchers raise Internet-of-things goosebumps with reports of GM OnStar car vulnerabilities and a demonstration of a hacked "smart sniper rifle." Team Cymru and Control Global put such IoT worries in grim perspective, noting that of course hacks have real-world consequences, and that indeed control system cyber flaws have caused casualties.
In industry news, stock analysts of FireEye post-quarterly results provide a glimpse at how the markets view a cyber sector story stock.
The US Commerce Department responds — commendably — to criticism by pulling proposed Wassenaar rules for revision.
Today's issue includes events affecting Belarus, China, France, Iran, Iraq, Israel, Pakistan, Russia, Syria, Ukraine, United Kingdom, and United States.
Rockville: the latest from CyberMontgomery 2015
Report from CyberMontgomery 2015: OODA Loops, Risk Management, and Cybercrime as Cyberlooting (The CyberWire) CyberMontgomery 2015 met in Rockville, Maryland, yesterday. Sponsored by the Montgomery County Department of Economic Development and the Federal Business Council (FBC), the conference featured participation by industry, elected officials, Federal agency leaders, and academics. They discussed the evolution of cyber security, workforce development issues, technology development and transition, cyber risk management, threat intelligence and incident investigation, and the business climate necessary to foster innovation and development. We summarize the proceedings here
County conducts forum on cybersecurity (Montgomery County Sentinel) The Montgomery County Department of Economic Development and the Federal Business Council are hosting the second annual CyberMontgomery Forum on Thursday at the Universities at Shady Grove Conference Center
CyberMontgomery: the Center of Gravity (Federal Business Council) Cybersecurity will be a major growth engine in the region for many years to come. With solid federal government, industry and academic assets already in place in the region, there is still a need to bring them together so that they can coalesce and elevate the cyber ecosystem to a level of national prominence. CyberMontgomery Forum events will provide clear direction on finding business opportunities, contracting, forecasted demand areas, workforce development, recruiting & staffing, legal responsibilities for businesses, updates on technologies being developed in MoCo and summary updates regarding our NCCoE neighbors, federal civilian agencies and commercial sector leaders
Cyber Attacks, Threats, and Vulnerabilities
Three Chechen women 'conned Islamic State fighters out of thousands of pounds' (Telegraph) One of the women admits to seriously considering moving to Syria but backed out after hearing the experiences of others
Islamic State recruitment document seeks to provoke 'end of the world' (USA Today) An apparent Islamic State recruitment document found in Pakistan's lawless tribal lands reveals that the extremist group has grand ambitions of building a new terrorist army in Afghanistan and Pakistan, and triggering a war in India to provoke an Armageddon-like "end of the world"
Analysts: Islamic State's Explicit Media Gore May Backfire (Voice of America) Most major media houses have policies on how much carnage they will display in videos or pictures. When it comes to gruesome Islamic State videos, they generally draw the line before a murder occurs
Operation Potao Express: Analysis of a cyber-espionage toolkit (We Live Security) Attackers spying on high-value targets in Ukraine, Russia and Belarus, and their TrueCrypt-encrypted data
Turla: APT Group Gives Their Kernel Exploit a Makeover (Lastline Labs) The Turla malware family is part of one of the most sophisticated malware families seen in the wild today. Given that the APT group behind this malware is suspected to be state-sponsored, the sophistication of the malicious code comes at no surprise — just like the fact that we are still encountering new and updated variants
From Russia With Love: A Slew of New Hacker Capabilities and Services (Dark Reading) A review of the Russian underground by Trend Micro reveals it to be the world's most sophisticated
MMS Not the Only Attack Vector for "Stagefright" (TrendLabs Security Intelligence Blog) Earlier this week Zimperium zLabs revealed an Android vulnerability which could be used to install malware on a device via a simple multimedia message. This vulnerability, now known as Stagefright, has gained a lot of attention for the potential attacks it can cause. Stagefright makes it possible, for example, for an attacker to install a spyware app in a targets phone without their knowledge just by sending an MMS
Hacker steals Bitdefender customer log-in credentials, attempts blackmail (IDG via CSO) A hacker extracted customer log-in credentials from a server owned by Bitdefender that hosted the cloud-based management dashboards for its small and medium-size business clients
FBI Warns of Increase in DDoS Extortion Scams (Threatpost) Online scammers constantly are looking for new ways to reach into the pockets of potential victims, and the FBI says it is seeing an increase in the number of companies being targeted by scammers threatening to launch DDoS attacks if they don't pay a ransom
Hackers Can Disable a Sniper Rifle — Or Change Its Target (Wired) Put a computer on a sniper rifle, and it can turn the most amateur shooter into a world-class marksman. But add a wireless connection to that computer-aided weapon, and you may find that your smart gun suddenly seems to have a mind of its own — and a very different idea of the target
Is OnStar still susceptible to remote hack attacks? (Fox News) Fiat Chrysler announced last week that it is recalling 1.4 million vehicles after a team of independent cybersecurity specialists hacked into the company's Uconnect telematics system over a public cellular network and took control of a number of critical functions — including the brakes, transmission and steering — of a Jeep Cherokee
How to hack, track and unlock a GM car via OnStar (Graham Cluley) If you're the owner of a GM vehicle equipped with the OnStar system that is supposed to "keep you safe, connected and ready for the road ahead", then there is a new security concern which you need to know about
Real-World Ramifications of Cyber Attacks (Team Cymru) And so, ladies and gentlemen, it has finally happened. The Internet-of-Things has risen up, Skynet style, and we are doomed. This much prophesied event finally came to pass with reports of hackers disabling cars from miles away, and altering rifle trajectories. At last, it seems, the crossover has been made from the digital world to the physical one; the end is nigh
Security Patches, Mitigations, and Software Updates
Cisco ASR 1000 Series Aggregation Services Routers Fragmented Packet Denial of Service Vulnerability (Cisco Security Advisory) A vulnerability in the code handling the reassembly of fragmented IP version 4 (IPv4) or IP version 6 (IPv6) packets of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a crash of the Embedded Services Processor (ESP) processing the packet
Yes, Adobe Flash is a mess, but don't forget to patch Reader (FierceITSecurity) Security flaws in Adobe Flash have been reported on a lot lately, but unpatched vulnerabilities in Adobe Reader are also a major security concern for IT departments, according to a report by vulnerability intelligence firm Secunia
Windows 10: You might be wise to wait before upgrading (Graham Cluley) Windows 10 was released this week, to much fanfare
Viruses or worms haven't killed anyone or destroyed equipment — control system cyber incidents have (Control Global) The prevailing feeling about why there has been so little focus on securing control systems is that it isn't real. What I constantly hear is "once there is a real control system cyber incident I will spend the time and money to address the problem". Unfortunately, there have been already been many very significant control system cyber incidents. However, for various reasons, almost none have been identified as cyber
Most Major Financial Hacks Completely Covered Up (Dark Reading) Lieberman Software survey reveals most companies are persistently targeted by cyber attacks and the public only finds out about a small portion of security breaches
Do APIs Pose a Security Risk? (eSecurity Planet) APIs offer a new and powerful attack vector for hackers. Fortunately, API management products can help organizations boost their API security
Country Reports (Secunia) The Secunia Country Reports tell you how much vulnerable software is present on private PCs in your country, plus a few extra, interesting facts
Global Leaders in Malware and Malicious C2 Traffic (CloudTweaks) Nearly half of all malware threats in the past three months originated in the US, while both the US and China are global leaders when it comes to malicious command and control (C2) traffic
Black Hat Is About Cybersecurity People and Processes (Network World) Cybersecurity professionals attending Black Hat can gain in-depth knowledge about good guys, bad guys, and everyone in between
Intel, Cisco pushing for enhanced security communication, integration (TechTarget) Vendors, such as Intel and Cisco, are hoping to pave the way for a security ecosystem in which applications communicate threat intelligence amongst each other. Will it work?
Blue Coat Bows Endpoint Intelligence Ecosystem (Infosecurity Magazine) Blue Coat Systems has kicked off its Alliance Ecosystem of Endpoint Detection and Response (EDR), with founding members Bit9 + Carbon Black, Countertack, Digital Guardian, Guidance Software, Promisec and Tripwire
Cyber-boom or cyber-bubble? (Economist) Internet security has become a bigger export earner than arms
NICE-Systems Ltd. (NICE — $63.04*) Raise Price Target Delivers Good June Results, Raises FY15 Bottom-Line (FBR Blue Matrix) This morning, NICE reported good 2Q (June) results, with the top and bottom lines coming in ahead of consensus. Importantly, management left top-line guidance for 2015 unchanged despite foreign currency headwinds, while the bottom line was raised above
FireEye down 4% in spite of Q2 beat, solid guidance/billings; CFO leaving (Seeking Alpha) Along with its Q2 results, FireEye (NASDAQ:FEYE) announces CFO Michael Sheridan is leaving to become the CFO of a private tech company in "an unrelated industry." Finance VP Frank Verdecanna will serve as interim CFO while the company looks for Sheridan's successor
FireEye's (FEYE) CEO Dave DeWalt on Q2 2015 Results — Earnings Call Transcript (Seeking Alpha) Good day, everyone, and welcome to the FireEye Second Quarter 2015 Earnings Results Conference Call. This call is being recorded. With us today from the company is the Chairman and Chief Executive Officer Dave DeWalt; Chief Financial Officer, Michael Sheridan; and the Vice President of Investor Relations Kate Patterson
FireEye Now Has More Upside Than Ever (Seeking Alpha) FEYE reported a very strong quarter, but high expectations prevented the stock from trading higher. Contrary to popular belief, FEYE is not that expensive, not compared to industry leader PANW. In fact, FEYE is much cheaper today than it was just a couple months ago, thereby creating the opportunity for large gains over the next 16 months
FireEye, Inc. (FEYE — $47.76*) Company Update Delivers Solid June Results, In-Line Product Misses (FBR Blue Matrix) Last night, July 30, FireEye delivered another solid quarter (June), handily beating the Street on the all-important billings number and on both the top and bottom lines, while in-line product revenue might disappoint some bulls. In conjunction with the release, the company also announced the resignation of its CFO, Michael Sheridan, a non-event in our view as CEO David DeWalt remains the face of FireEye on the Street
Strong ARM scoops up Sansa to boost IoT security (Register) Chipmaker adds Israeli company's bolt-on protection to its bulging armoured sack
Blue Coat Plants Stake In Cloud Access Security Brokerage Market With Perspecsys Acquisition (CRN) Blue Coat acquired cloud security startup Perspecsys Thursday, a move the security vendor said would position partners to grab major share in the "massive" opportunity it sees around cloud access security brokerage
The FBI can't hire enough cyber specialists because it doesn't pay enough (Reuters via Business Insider) The FBI is struggling to attract computer scientists to its cybersecurity program mainly due to low pay, a report by the U.S. Department of Justice showed, highlighting weaknesses in a flagship initiative to tackle growing cyber threats
Verizon strike on pension, health care possible (Asbury Park Press) Time is ticking down as negotiations between Verizon and its employees' unions continue
ERPScan was selected as an Emerging security vendor by CRN three years in a row (ERPScan) ERPScan Inc. was selected as an 'Emerging Vendor' 2015 by UBM Tech Channel's CRN Magazine
Products, Services, and Solutions
What Businesses Need to Know About Windows 10 Security (PC Magazine) Windows 10 has a lot of security features built-in for businesses, but they aren't all ready out of the box yet
The new Microsoft browser has brand new security issues (Kim Kommando) Yesterday's release of Microsoft's Windows 10 saw Microsoft introduce a new browser to replace the aging Internet Explorer. Called Microsoft Edge, it's supposed to be faster and more secure than its predecessor. However, according to several tech reviews that came out in the hours since its release, cyberattacks are still very possible on Edge
TaaSera NetTrust Turns Security Information and Event Management Systems (SIEM) into a Powerful Preemptive Breach Detection Engine (PRNewswire) TaaSera's Preemptive Breach Detection System integrates operational intelligence and machine data solutions to improve security monitoring efforts
CyberX introduces industrial threat intelligence platform (Financial News) CyberX said it has launched its Industrial Threat Intelligence Platform, to enable utilities to identify threats to operations, by providing up-to-date research results and discoveries
Endpoint security firm SentinelOne challenges traditional anti-virus software (Network World) Tests show SentinelOne's behavior-based security performs as well as signature-based software
LogRhythm Security Intelligence: Threat intelligence services overview (TechTarget) In this threat intelligence service overview, Expert Ed Tittel looks at the LogRhythm Security Intelligence threat intelligence platform, designed for simple setup and ease of use
Startup 'Stealth Worker' Matches Businesses With Security Talent (Dark Reading) New online service helps businesses looking for part-time security professionals fill specific job needs
Technologies, Techniques, and Standards
How to Inform Your Customers of a Data Breach (LIFARS) Data Security at Risk with New Payment TechnologyData breaches are a fairly regular occurrence these days. Celebrities, billion-dollar corporations, and even governments are targeted by malicious hackers for various cybercrimes. Data breaches that result in the theft of information are often among the most damaging of cybercrimes and are as real a threat as any faced by companies and firms
When a cyber attack hits: Who's in charge? (Healthcare IT News) It takes a combination of specialties to handle a data security incident in a way that fully protects the organization
Banks balance security and workflow when encrypting in the cloud (CSO) Financial institutions using different kinds of encryption depending on security and workflow requirements
How to Prevent Data Breaches with Phishing Detection (Cyveillance) We read so much in the news these days about the financial cost, brand erosion, and reputation damage that comes with data breaches at companies both large and small. In the midst of all the activity to make sure that your assets are as impenetrable as possible, people sometimes forget that one of the leading causes of breaches is a successful phishing attack against a company's employees
Why IoT standards might not really matter for enterprises (FierceMobileIT) With all the talk about connected refrigerators, light bulbs, thermostats and garage doors, the mass market would be forgiven for thinking that consumer companies developed the concept of the Internet of Things. But only in the last five years or so has the technology made its way into the consumer realm
Design and Innovation
Crypto activists announce vision for Tor exit relay in every library (Ars Technica) "Librarians see the value as soon as you say 'privacy protecting technology'"
DHS, NSA Designated Walden University As A National Center Of Academic Excellence In Cyber Defense Education (Homeland Security Today) Walden University has been designated by the National Security Agency (NSA) and Department of Homeland Security (DHS) as a National Center of Academic Excellence (CAE) in Cyber Defense Education through the 2019 academic year
How one school district is monitoring social media of students and teachers (Naked Security) Florida school district monitoring social media of students and teachers
Legislation, Policy, and Regulation
Commerce Dept. Caves on Security Export Rules (TechNewsWorld) Some proposed federal rules on the export of security tools created a tumult in cybersecurity circles — a tumult that's pushed the rules into limbo
Unusual Re-Do of US Wassenaar Rules Applauded (Threatpost) In spite of self-congratulatory pats on the back from several corners of the security world, this week's decision from the Commerce Department's Bureau of Industry and Security (BIS) to rewrite the proposed U.S. implementation of the Wassenaar Arrangement rules was an expected outcome — albeit an unusual one
Cyber Insecurity: West eyes Dr Strangelove tactics in cyber wars (Financial Times) James Clapper, the Obama administration's director of national intelligence, is not given to slips of the tongue
Online 'Cold War' heating up between China, U.S. and Russia, FireEye CEO says (MarketWatch) FireEye Inc. CEO Dave DeWalt is a veteran of the cybersecurity industry, having led McAfee through its acquisition by Intel Corp. INTC, -0.17% and he sees a stark reality in the dark realm of online attacks
Encrypted Communication Endorsed By Ex-National Security Bosses In Surprise Editorial (International Business Times) Three former members of the U.S. national security establishment have called for the use of encrypted digital communications, a stance that puts them at odds with President Obama and the current administration. They're encryption endorsement, which came in the form of a Washington Post editorial, comes amid a year-long standoff between the FBI and the technology industry over a possible law that would effectively force Silicon Valley to insert surveillance capabilities into consumer products
Former US national security officials back end-to-end encryption (Engadget) Three former US national security officials have given their support to end-to-end encryption and criticised claims that the government should have backdoor access or "duplicate" decryption keys. Mike McConnell, a former director of the National Security Agency and director of national intelligence, Michael Chertoff, a former homeland security secretary, and William Lynn, a former deputy defense secretary voiced their approval
Why the fear over ubiquitous data encryption is overblown (Washington Post) More than three years ago, as former national security officials, we penned an op-ed to raise awareness among the public, the business community and Congress of the serious threat to the nation's well-being posed by the massive theft of intellectual property, technology and business information by the Chinese government through cyberexploitation. Today, we write again to raise the level of thinking and debate about ubiquitous encryption to protect information from exploitation
Despite rumors, Senate cyber bill still stuck (The Hill) Senate Republican leaders late Wednesday shot down rumblings that a stalled cyber bill may be back on the table
White House to Seek Comment for Government Contractor Cybersecurity Regulations (Legaltech News) The White House is seeking to increase clarity in government contracts, especially as threats against government agencies and their partners have grown
Request for Comments on Improving Cybersecurity Protections in Federal Acquisitions (Federal Register) OMB's Office of E-Government & Information Technology (E-Gov) is seeking public comment on draft guidance to improve cybersecurity protections in Federal acquisitions
For DOD, building the cyber force is a team game (Derfense Systems) The Defense Department is still in the relatively nascent stages of building its cyber mission force, but it has made some progress in recruitment, training and defining roles. In some ways, it has come down to team building
ITA official tracks data for cyber insights (FCW) The proliferation of data at the Defense Department via mobile devices and other means has made perimeter-focused defense an outdated notion, according to Thomas Sasala, chief technology officer at the Army's Information Technology Agency
Litigation, Investigation, and Law Enforcement
What's considered 'classified' is a judgment call (Times-Union) Democratic presidential candidate Hillary Rodham Clinton is under scrutiny over whether she sent or received classified information on unsecured email when she was secretary of state. The inspector general of the U.S. intelligence community recently alerted the Justice Department about classified information included improperly on email that went through a home server Clinton used in lieu of the official State Department email system
Neiman Marcus case a reminder to check your cyber coverage (CSO) It's a decision that should send major corporations to double-check their cyberinsurance
Google Appealing French Order to Apply ‘Right to be Forgotten’ Worldwide (Legaltech News) "We believe that no one country should have the authority to control what content someone in a second country can access," says Peter Fleischer, Google's global privacy counsel
ISPs: Net neutrality rules are illegal because Internet access uses computers (Ars Technica) If it uses "computer processing," it isn't telecommunications, ISPs argue
Two charged in 2011 cyber breach at Michaels retailer (Business Insurance) Two southern Californians were criminally charged over their alleged roles in a conspiracy to steal 94,000 credit and debit card numbers from Michaels Stores Inc. customers in a prominent 2011 cyber attack affecting the largest U.S. arts and crafts retailer
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
Mid-Atlantic Security Conference (Gaithersburg, Maryland, USA, Sep 1, 2015) The conference is brought to you by Information Systems Security Association's Baltimore, NOVA, and National Capital Chapters. Join us for a full day of training on cybersecurity topics by industry leaders, hands-on workshops, and a Capture the Flag event and receive a certificate for 7 CPEs toward your professional certifications
2015 Cyber Security Exchange (Orlando, Florida, USA, Dec 6 - 8, 2015) This dynamic, three-day event will provide Cyber Security executives with valuable insights to reach their full potential by exploring security leadership strategies, heightened data privacy concerns, the ever-changing advanced threat landscape, efficient identity access management and more
PragueCrunch IV: The Enpraguening (Prague, Czech Republic, Jul 31, 2015) Here it comes, Central Europe: PragueCrunch IV! This annual celebration of all things startup is coming to your town on Friday, July 31, 2015 from 7:00 PM to 11:00 PM (CEST). We'll be holding the event on the terrace at Střelecký Ostrov. If you've been to any of the previous events you'll know it's a good time
Black Hat USA (Las Vegas, Nevada, USA, Aug 1 - 6, 2015) Black Hat — built by and for the global InfoSec community — returns to Las Vegas for its 18th year. This six day event begins with four days of intense Trainings for security practitioners of all levels (August 1-4) followed by the two-day main event including over 100 independently selected Briefings, Business Hall, Arsenal, Pwnie Awards, and more (August 5-6)
ISSA CISO Forum: Third Party Oversight (Las Vegas, Nevada, USA, Aug 2 - 3, 2015) The CISO Executive Forum is a peer-to-peer event. The unique strength of this event is that members can feel free to share concerns, successes, and feedback in a peer only environment. Membership is by invitation only and subject to approval. Membership criteria will act as a guideline for approval. Invitations can be made by a CISO Members or ISSA Management. Guest, renewing, and new members are all subject to approval
BSides Las Vegas (Las Vegas, Nevada, USA, Aug 4 - 5, 2015) BSides Las Vegas is an Information/Security conference that's different. We're a 100% volunteer organized event, put on by and for the community, and we truly strive to keep information free. There is no charge to the public to attend BSidesLV. Our costs are covered by our generous donors and sponsors, who share our vision of free dissemination of information. The conversations are getting more potent and the "TALK AT YOU" conferences are starting to realize they have to change. BSidesLV is making this happen by shaking-up the format
Defcon 23 (Las Vegas, Nevada, USA, Aug 4 - 7, 2015) DEF CON has been a part of the hacker community for over two decades. See the organization's website for more information
3rd Annual Psyber Behavioral Analysis Symposium (Fort Meade, Maryland, USA, Aug 11, 2015) The 3rd Annual Psyber Behavioral Analysis Symposium is hosted by the NSA/CSS Threat Operations Center and the FBI Behavioral Analysis Unit-2/Cyber Behavioral Analysis Center. The goal of the Symposium is to provide U.S. and Second Party Intelligence Communities (IC) a forum to present and collaborate on Human Science-based projects and research. This event attracts a multi-disciplinary government audience from across the IC and Second Party Partner organizations
USENIX Security (Washington, D.C., USA, Aug 12 - 14, 2015) The USENIX Security Symposium reunites researchers, practitioners, system administrators, system programmers, and others specialists interested in the latest advances in the security and privacy of computer systems and networks
5th Annual Cyber Security Training & Technology Forum (CSTTF) (Colorado Springs, Colorado, USA, Aug 19 - 20, 2015) The Information Systems Security Association (ISSA) Colorado Springs Chapter and FBC, Inc. will once again co-host the 5th Annual Cyber Security Training & Technology Forum (CSTTF). CSTTF 2015 will bring together cyber experts from the DoD, federal government, business, research, and academia to address a variety of current cyber topics
Decepticon 2015 (Cambridge, England, UK, Aug 24 - 26, 2015) Decepticon brings together researchers and practitioners in the detection and prevention of deception. Previously, deception research has been fragmented across conferences in many different disciplines, sub-disciplines and countries. To cover the great diversity of approaches to deception research, our scientific committee has members covering several domains
AFCEA OKC Technology & Cyber Security Day (Oklahoma City, Oklahoma, USA, Aug 27, 2015) FBC and the Armed Forces Communications & Electronics Association (AFCEA) Oklahoma City Chapter will be partnering once again to host the annual Technology Day & "Scholarship" Golf Tournament at Tinker AFB. This is the only Technology Day held at Tinker AFB each year. The annual Technology Day allows exhibitors the opportunity to have access to information technology, communications, cyber, engineering, and contracting personnel at Tinker AFB. Over 300 attendees participated in the 2014 Technology Day and we expect the same level of attendance in 2015
Power Grid Cyber Security Exchange 2015 (San Diego, California, USA, Aug 30 - Sep 1, 2015) The Power Grid Cyber Security Exchange will take a deep dive into the cyber security strategies, innovative approaches and strategic planning necessary to balance the competing priorities of today's technology and information security executives. This program is tailored to utility executives and industry stakeholders that are responsible for addressing threat intelligence, analysis and monitoring; network architecture; and cyber incident response
2015 HTCIA International Conference & Training Expo (Orlando, Florida, USA, Aug 30 - Sep 2, 2015) Bringing together experts from all over the world to share their latest research and techniques related to cybersecurity, incident response and computer forensics
ICFP 2015 (Vancouver, British Columbia, Canada, Aug 31 - Sep 2, 2015) ICFP 2015 provides a forum for researchers and developers to hear about the latest work on the design, implementations, principles, and uses of functional programming. The conference covers the entire spectrum of work, from practice to theory, including its peripheries