The CyberWire Daily Briefing 08.04.15
RSA Security finds a large VPN service catering to Chinese APT actors. RSA calls the service "Terracotta" and claims that, while it runs some legitimate services, hacked Windows servers constitute most of its network. Deep Panda is said to be a customer.
The Etowah County Sherriff becomes the latest Mississippi basin victim of a Middle Eastern hacktivist. Kurdish hacker MuhmadEmad, known for anti-ISIS activities, goes after his northeastern Alabama target in an apparent protest against Turkish airstrikes against the Kurdish Peshmerga. (Etowah's Sherriff of course has nothing to do with any air campaign; he's simply a poorly protected target of opportunity.)
Anonymous downs several Taiwanese government websites because they object to a revised Kuomintang-sponsored high school curriculum Anonymous sees as wrongly emphasizing Taiwanese identity.
The recently upgraded RIG exploit kit is reported to have scored at least a million and a half infestations. SpiderLabs takes a look at RIG's architecture.
Community networking platform dubizzle, widely used in the Middle East, suffers a breach. Users are advised to protect themselves.
A Mac zero-day, effective against fully patched instances of OS X, is being actively exploited in the wild. The privilege-escalation bug derives from error-logging features recently added to OS X 10.10.
Those worried about transportation hacking can add electronic skateboards to the list of proven targets.
Yahoo finds and removes malvertising from its network. The malicious ads (discovered by Malwarebytes) had been active for nearly a week.
Observers wonder why big defense contractors exit cyber markets.
German suspends bloggers' treason inquiry.
Notes.
Today's issue includes events affecting Bahrain, China, Egypt, Germany, Japan, Jordan, Kenya, Kuwait, Malaysia, Oman, Qatar, Saudi Arabia, Singapore, Syria, Turkey, United Arab Emirates, United Kingdom, and United States.
Cyber Attacks, Threats, and Vulnerabilities
Researchers Uncover 'Terracotta' Chinese VPN Service Used by APT Crews for Cover (Threatpost) Building a business can be expensive and time-consuming, and owners will look for ways to save money wherever they can. Researchers from RSA Security have found a VPN provider in China that is taking this to an unusual extreme: hacking Windows servers around the world for use as VPN nodes on a network that is used as cover by some APT groups
Chinese VPN Service as Attack Platform? (KrebsOnSecurity) Hardly a week goes by without a news story about state-sponsored Chinese cyberspies breaking into Fortune 500 companies to steal intellectual property, personal data and other invaluable assets. Now, researchers say they've unearthed evidence that some of the same Chinese hackers also have been selling access to compromised computers within those companies to help perpetuate future breaches
Anti-ISIS Kurdish Hacker Targets Etowah County Sheriff's Office Website (HackRead) MuhmadEmad, a Kurdish hacker known for his anti-ISIS views is back in news and this time with yet another high-profile hack — The hack may not be a selected one but good enough to deliver the message
Anonymous Brings Down Taiwan Government Websites (HackRead) The online hacktivist Anonymous has shut down Taiwan government websites and has termed the act as "just the beginning" of a series of attacks
Web Attacks Employing Upgraded Crimeware Kit Hit 1.5 Million Users (Dark Reading) RIG 3.0 used to infect millions of Internet Explorer (IE) users worldwide — mostly via malvertising
RIG Reloaded — Examining the Architecture of RIG Exploit Kit 3.0 (SpiderLabs® Blog) A few months ago the RIG exploit kit took quite a hit when its source code was leaked by a disgruntled reseller. At the time we wrote a blog post detailing the inner workings of RIG's infrastructure and business model, comprised mainly of three layers: administration server, VDS and PROXY servers
Thousands of Dubizzle users told to change passwords after 'security breach' (The National) Thousands of dubizzle users have been told to change their passwords after a "security breach" compromised some information stored on the online company's database
0-day bug in fully patched OS X comes under active exploit to hijack Macs (Ars Technica) Privilege-escalation bug lets attackers infect Macs sans password
Thunderstrike 2 OS X Firmware Attack Self-Replicates to Peripherals (Threatpost) A new attack against Intel firmware running in Apple computers is expected to be unveiled at this week's Black Hat conference. The research is an extension of the Thunderstrike Mac OS X firmware bootkit disclosed this spring that enables the undetectable installation of malicious firmware that survives reboots and operating system reinstallations
Tripwire uncovers smart home hub zero-day vulnerabilities (SC Magazine) The security firm Tripwire reported that its Vulnerability and Exposure Research Team detected several zero-day vulnerabilities in three of the top-selling smart home hubs available on Amazon that could leave users open to a wide range of dangers
Chrome extensions easily disabled without user interaction (Help Net Security) Independent researcher Mathias Karlsson has discovered a vulnerability that can be exploited to disable Chrome extensions without user interaction
Operation Liberpy Collects More Than 2,000 Bots within Just Months (Spamfighter) A botnet of HTTP type used to log keystrokes that's dubbed Operation Liberpy and which has been filching data from end-users' computers since August 2014, hijacked over 2,000 PCs within just months, says ESET the security company
Cleaning up botnets takes years, if ever, to complete (IDG via CSO) In late 2008, a worm called Conficker began infecting millions of computers, startling the computer security community into action
Whatever Happened to tmUnblock.cgi ("Moon Worm") (Internet Storm Center) Last year, we wrote about the "Moon Worm", a bitcoin mining piece of malware that infected Linksys routers. Ever since then, I have seen lots and lots of hits to the vulnerable cgi script ("tmUnblock.cgi") in our honeypot logs. Just a quick graph of the volume
Hackers Can Seize Control of Electric Skateboards and Toss Riders (Wired) Richard "Richo" Healey was riding his electric skateboard toward an intersection in Melbourne, Australia, last year when suddenly the board cold-stopped beneath him and tossed him to the street. He couldn't control the board and couldn't figure out what was wrong. There was no obvious mechanical defect, so being a computer security engineer, his mind naturally flew to other scenarios: could he have been hacked?
Battery Attributes Can Be Used To Track Web Users (TechCrunch) A team of European security researchers has published a paper analyzing how the battery life of mobile devices could be used to track web browsing habits of Firefox users on Linux, using the HTML5 Battery Status API
Can you trust Tor's entry guards? (Naked Security) New research from MIT (Massachusetts Institute of Technology) shows how malicious Tor entry guards can strip away the Dark Web's anonymity features, exposing users and the hidden websites they visit
BitDefender classifies 'piracy monetisation' site Rightscorp as malware (SC Magazine) Peer‐to‐Peer (P2P) file sharing tracker initially condemned due to false positive
Bitdefender suffers data breach, customer records stolen (ZDNet) A hacker is demanding $15,000 in payment or they plan to release customer details online
Yahoo tackles large 'malvertising' campaign in its ad network (CSO) Yahoo said Monday it had removed malware from its advertising network, after malicious code there had gone undetected for at least six days
Malvertising attacks increasingly target mobile apps, says RiskIQ report (FierceMobileIT) Malvertising campaigns are increasingly targeting mobile apps, according to a new report from RiskIQ
Cyber-attack targets Donald Trump corporate network, Gawker.com posts old Trump cell number (Newser) Attack targets Trump website, Gawker posts old cell number
Health records of 5.5 million US patients accessed in MIE breach (Help Net Security) The Indiana Attorney General's Office has launched an investigating into the recent breach suffered by Medical Informatics Engineering (MIE) and its subsidiary NoMoreClipboard, which resulted in the potential compromise of personal and medical information of nearly 5.5 million US citizens (1.5 million Indiana residents and 3.9 million people in other states)
Attorney: Dakota Dunes clinic cyber attack affects data for more than 13,000 patients (Sioux City Journal) Siouxland Pain Clinic sent letters Friday to more than 13,000 patients that their medical and other personal information may have been exposed in a hacking attack, a lawyer for the clinic said Monday
US-CERT Warns of Continuous Exposure to Zero-Day Phishing Campaigns (Easy Solutions Blog) On August 1st, US-CERT published an advisory titled, "TA15-213A: Recent Email Phishing Campaigns — Mitigation and Response Recommendations". One of the vulnerabilities leveraged in these new phishing campaigns is a use-after-free (UAF) vulnerability in Adobe Flash (CVE-2015-5119). This vulnerability is particularly interesting because it was leaked as a result of the hack and subsequent dump of HackingTeam's email and source code. What is interesting here is not the existence of the vulnerability, but how this case underlines the massively asymmetric situation that defenders find themselves in
Synack States That Tracking Systems of High-Tier Satellite is Vulnerable to Hacking (Hacked) There is a possibility that hackers will attempt to break into information systems through systems for satellite tracking. The details will be discussed in a hacking prevention conference which is coming up soon
Cyber attack: How easy is it to take out a smart city? (New Scientist) When is a smart city not so smart? With cities worldwide racing to adopt technologies that automate services such as traffic control and street lighting, many aren't doing enough to protect against cyberattacks
Social Engineering: 6 commonly targeted data points that are poorly protected (CSO) Now in its sixth year, the Social Engineering village at DEF CON has always been an interesting location. Each year the village hosts talks and interactive lessons on human hacking, but the major draw is the Social Engineering Capture the Flag contest
Why the password hackers never trigger an account lockout (Graham Clulely) I was chatting with a particularly astute 15-year-old this weekend (we can call him Jack, just for fun) and the conversation turned to computer security
Hacking Team leaks: We're not out of the woods yet (Malay Mail) Citizens and civil advocates may be reeling from the revelations that various governments, including those of Malaysia and Singapore, were using spyware from Milan-based Hacking Team, whose customers also include some of the most repressive regimes in the world
Recent Cyberattacks Only the Beginning, as State Hackers Target Data on Americans (Epoch Times) There is a new trend in cyberattacks, and recent breaches that stole tens of millions of records on Americans are just the beginning as state hackers shift their targets
5 most vicious cyberattacks on global governments (Computer Business Review) After a hack on the German federal prosecutor's office, we review other damaging hits
Cyber Trends
Business resilience lacking in most firms, finds Accenture (ComputerWeekly) Nearly two-thirds of companies are hit by cyber attacks daily or weekly, yet only a quarter always incorporate measures in their technology and operating models to make them more resilient, a survey shows
Smart gadgets from guns to cars ripe for hacking (Business Insider) Hackers are not just after your computer: connected devices from cars to home security systems to sniper rifles are now targets for actors looking to steal or cause mischief
The leading cause of insider threats? Employee negligence (Help Net Security) Employee negligence, which may be caused by multitasking and working long hours, can result in insider threats and cost companies millions of dollars each year. It can cost a U.S. company as much as $1.5 million and Germany companies €1.6 million in time wasted responding to security incidents caused by human error, according to the Ponemon Institute
89 percent people are careless with security of work files on mobiles, reveals survey (Mobiletor) 89 percent of people don't worry about the security of the work files stored on their mobile phones, according to the results of a survey by Kaspersky Lab and B2B International
Is the digital double posing as you stealing your cash? (BBC) When we go online to tweet, post, like, email or chat we surrender small pieces of our identity as we do so — a surname here, a nickname there, the name of our favourite pet
What's the state of your software? (Help Net Security) Cybercrime is felt by businesses up and down the country, with the Information Security Breaches Survey (ISBS) reporting that 81 per cent of large and 60 per cent of small businesses in the UK suffered a cyber-breach in 2014
Marketplace
Why Don't Defense Contractors Do Cyber? (Real Clear Defense) For all but Raytheon, a whole new realm of conflict seems disinteresting to industry
In Snowden's wake, crypto-startups take root in Germany (Christian Science Monitor Passcode) Tech entrepreneurs are seizing on the new attention to digital privacy and finding customers around the world in search of more secure tools for online communication
Ziften Digs Deep for Security Visibility (eSecurity Planet) Fresh off a $24 million funding round, security startup debuts ZFlow technology to connect the dots of security incidents
NICE-Systems Ltd. (NICE — $64.56*) Breaking News: NICE Announces Another Smart Divestiture; Maintain Outperform (FBR Blue Matrix) This morning, NICE announced the sale of its physical security business unit for up to $100 million, on the heels of its announcement to divest its cyber and intelligence division in May 2015. Importantly, management updated FY15 guidance and expects the sale to be non-dilutive to earnings in 2016
Products, Services, and Solutions
Privacy Concerns Arise With Windows 10 Release (Legaltech News) 'Unlike Microsoft's promise, the company's new 45 page-long terms of service are not straightforward at all'
Windows 10: Microsoft assumes your consent in sharing your Wi-Fi, even if you don't use Windows 10 (Graham Cluley) Imagine this scenario. A friend visits your house, and wishes to use your Wi-Fi
Broken Windows Theory (Slate) Microsoft's Windows 10 is a privacy nightmare. Here's how to protect yourself
Windows 10 uses your bandwidth to help strangers download updates (Graham Cluley) Have you updated your computer to Windows 10 yet?
Best-of-Class Collaboration Spells the End for Traditional Security Vendors (MarketWatch) Bay Dynamics®, the market leader in cyber risk predictive analytics, today announced a strategic technology alliance with Dtex Systems, a global insider threat protection company. The two companies will work together to streamline interoperability between their industry-leading solutions with the aim of solving broader enterprise security problems
Duo Security Enlists Neustar's IP Intelligence to Help Combat Identity Fraud (Benzinga) IP intelligence used to identify unauthorized users across devices and prematurely stop data breaches
Defending your network against APTs (Techgoondu) With cybersecurity on the agendas of corporate boardrooms today, the importance of securing critical data assets is now a strategic issue that is no longer just a matter for IT departments
Apple Watch can now receive password breach alerts from Dashlane (TechWorld) Supports one-tap password changing for 200 sites — but some big names are missing
Benseron Implements Comodo to Secure 20,000 POS Systems (Hospitality Technology) POS solutions innovator Benseron integrated technology from cybersecurity solutions provider the Comodo organization — specifically, its Comodo SecureBox containment technology — to help secure more than 20,000 Benseron point of sale units across the globe
Bit9 + Carbon Black Expands Industry's Most Open Threat Intelligence Solution (Nasdaq) New partnerships with AlienVault, BrightPoint Security, ThreatConnect, ThreatQuotient and ThreatStream bring joint customers the most open and comprehensive threat intelligence capabilities
Blue Coat Systems Launches Ecosystem for Sharing Endpoint Security Info (The VAR Guy) As security threats become more sophisticated and prevalent, companies are seeing the value in sharing information about threats instead of keeping it to themselves to help better protect the enterprise from unwanted intrusion
Menlo Security partners with Webroot in enterprise malware screening push (ZDNet) The partnership will expand the use of website isolation techniques to keep the enterprise safe from malware
Deloitte-Exelon Team to Help North American Utilities Implement NERC Cyber Defense Standards (ExecutiveBiz) Deloitte and public utility holder Exelon have forged a partnership to implement Critical Infrastructure Protection version 5 standards in an effort to protect North America?s bulk power system from potential cyber attacks
Facebook rolls out 'Security Checkup' tool to all desktop users (Naked Security) Facebook wants you all to have a safe experience on its social network, says Product Manager Melissa Luu-Van who, late last week, revealed how the Menlo Park firm was introducing a new security notification for its web-based users
Technologies, Techniques, and Standards
Succinct Reference To Key Airport Cybersecurity Threats/Attacks (Threat Brief) The Guidebook on Best Practices for Airport Security, produced under the auspices of the National Academies and the FAA, contains an interesting high level summary of key threat actions against airports. The list includes
Guidebook on Best Practices for Airport Cybersecurity (Transportation Research Board of the National Academies) Airports are vital national resources. They serve a key role in transportation of people and goods and in regional, national, and international commerce
Aligning Cyber Strategy to the Business (Tripwire: the State of Security) To quote Lewis Carrol, from Alice's Adventures in Wonderland: 'Would you tell me, please, which way I ought to go from here?' 'That depends a good deal on where you want to get to,' said the Cat. 'I don't much care where —' said Alice. 'Then it doesn't matter which way you go,' said the Cat
Automating Intelligence: Discovering Recent PlugX Campaigns Programmatically (Arbor Networks) One of the hardest things to do when you are receiving malware that have "anonymized" (e.g. name-is-hash) names or general samples that lack any indication of the infection vector is to determine the origin of the file and its intended target. Even harder is when you do not receive telemetry data from products that contains information about infected machines. To that end, I have been working on automating ways to help ASERT better understand the context around samples so we can answer question about what may have been targeted, why it was targeted and when it was targeted. This post will use the PlugX malware as an example (PlugX is well known and has had its various iterations analyzed many times), due in part to its ongoing activity and will focus on leveraging metadata from VirusTotal due to it being publicly accessible
Addressing the Continuing Challenges of Mobile Devices (Legaltech News) Organizations should develop a plan to tackle the data security, information retention, and e-discovery problems arising from mobile devices
Five steps to secure data after a breach (Deccan Herald) It is common to see hackers attacking companies and government agencies whose computer systems and exposing the personal data of millions of people. It is nearly impossible to keep personal information safe from hackers. With that depressing knowledge in hand, there are a few steps consumers can take to make it harder for hackers to exploit your data
Antivirus alone won't save you. Here's how to do security better (ZDNet) A Google security research paper published last week detailed the best safety practices that hundreds of security experts recommend. Antivirus software wasn't at the top of the list
How experts stay safe at the Black Hat security conference (USA Today) Pen and paper instead of a laptop. Cash instead of credit cards. Face-to-face chats instead of cell phones. That's the drill for the most cautious at two big computer security conferences taking place this week in Las Vegas
Hackers are Powerless with Zero Knowledge (Infosecurity Magazine) Every day hackers are being equipped for their next attack, as more and more users are trusting organizations with their personal information online. But with zero knowledge, hackers can be rendered powerless, says Steve Watts
Advanced 365 offers top tips on how to reduce data security risk (Bobs Guide) Biometrics and tokenisation among key technologies to combat cybercrime for financial services sector
Harvard CISO shares 5 pearls of IT security wisdom (Network World) Harvard University Chief Information Security Officer shares best practices, discusses BYOD and Internet of Things
Design and Innovation
Why the time is ripe for security behaviour analytics (ComputerWeekly) Recent months have seen an uptick in annoucements by security suppliers around behavioural analytics, but what is driving this trend?
Academia
Winners Announced for 2015 U.S. Cyber Challenge Western Regional Competition (US Cyber Challenge) U.S. Cyber Challenge (USCC) is proud to announce the winners of this year's Western Regional Cyber Camp competition, which was hosted at Southern Utah University (SUU). Last Friday morning, following a week of demanding classroom instruction, over 40 participants competed in the "Capture the Flag" (CTF) competition. The "Capture the Flag" competition can be described as an interactive college final where teams are tested on skills that an information security professional should know thoroughly. The winners included Norman Lumdt, Eric Harashevsky and Nick Landers
UWF to hold cybersecurity camp (Pensacola News Journal) The University of West Florida Department of Computer Science and Center for Cybersecurity will host an Air Force Association CyberCamp from Aug. 4-8
IBM, RIT Team on Cyber-Security Training (eWeek) IBM extended its ongoing relationship with the Rochester Institute of Technology by partnering on a program to advance cyber-security education
Fort Gordon Connection: GRU prepares for first year of new Cyber Institute (WAGT26) With the recent news that Fort Gordon was chosen as the new headquarters for the US Army Cyber Command, the CSRA is not wasting any time preparing for the influx of people that it will bring along with it. And at Georgia Regents University, they're using this news to their advantage in a different way
Legislation, Policy, and Regulation
Kenya Needs to Invest in Innovation to Ensure Data Security, Says Ndemo (All Africa) Dr. Bitange Ndemo has emphasized on the need for the country to invest in innovation to ensure security of data and information
Cybersecurity Bill Faces Time Crunch as Recess Approaches (National Journal) Unless a deal is struck, amendments could slow the bill's progress and hinder its chances of passing before the end of the week
The Homeland Security Department Issues a Big Warning About the Senate's Cyber Bill (National Journal) DHS said Monday that the Senate's cyberinformation-sharing bill would "sweep away important privacy protections"
DHS Secretary OKs Bill to Monitor Federal Networks (Nextgov) An Obama administration top official has endorsed bipartisan legislation that would allow the Department of Homeland Security to surveil public Internet traffic on government networks
Data Breaches: Should Companies Collecting Personal Info Have Heightened Security? (Government Technology) As the nature of data breaches swiftly evolves from stolen PIN numbers to stolen identities, befuddled consumers and appalled industry insiders alike are raising questions about how institutions are protecting the data entrusted to them
Is hacking back a cyber-theft deterrent option? (FCW) A new report from the Hudson Institute on economic espionage in cyberspace reflects a shifting conversation in Washington from passive to proactive cyber defense — to the point of suggesting that an "Economic Warfare Command" be set up at the Treasury Department for using offensive coercion against adversaries
Government digital chief Mike Bracken announces he is leaving (ComputerWeekly) GDS director Mike Bracken is leaving government, and his unexpected departure will inevitably raise questions about the future of GDS
IARPA gets new director (C4ISR & Networks) Jason Matheny, director of the Office for Anticipating Surprise at the Intelligence Advanced Research Projects Activity, has been picked to take over as director of IARPA, according to an announcement from the Office of the Director of National Intelligence issued Aug. 3. The appointment is effective immediately
Litigation, Investigation, and Law Enforcement
German Officials Suspend Treason Inquiry of Bloggers, but Public Still Seethes (New York Times) Not since the reunification has Germany raised serious allegations of treason against a journalist, so it shocked many here when two leading digital rights bloggers found themselves under official investigation on that charge for publishing secret government documents
Bitcoin Exchange Founder Arrested in Japan for Alleged System Manipulation (Legaltech News) Mark Karpelès allegedly used Mt. Gox's systems to inflate the company's worth on the lead up to bankruptcy
MLB, Tour de France Breaches Provide Cybersecurity Warnings for Sports Organizations (Legaltech News) Stopping data breaches in sports organizations begins with trade secret education, says cybersecurity expert and former DOJ prosecutor Peter Toren
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
SANS Institute: Information Security Training (Las Vegas, Nevada, USA, Sep 12 - 21, 2015) Information security training in Las Vegas from SANS Institute, the global leader in information security training. At SANS Network Security 2015, SANS offers more than 40 hands-on, immersion-style security training courses taught by real-world practitioners. The site of SANS Network Security 2015, September 12 - 21, is Caesars Palace, the majestic Las Vegas hotel
Data Breach Investigation Summit (Dallas, Texas, USA, Sep 21 - 26, 2015) Data Breaches are occurring at an alarming rate and increasing in their scope, frequency and impact and they don't discriminate by industry, geography or organization size. When a breach occurs, organizations, agencies and individuals need to learn how to more effectively, identify/detect that the breach has occurred, respond to the breach in an effective and timely manner, investigate the breach, and prevent/defend the organization from future breaches
Cyber Defense San Diego 2015 (San Diego, California, USA, Oct 19 - 24, 2015) Cyber security training in San Diego CA from SANS Institute, the global leader in Information Security training. SANS Cyber Defense San Diego 2015 features hands-on, immersion-style training courses for security professionals at all levels. Many of these security courses have Certifications that are aligned with DoD Directive 8570/8140 and most courses at this event are associated with GIAC Certifications. SANS delivers unparalleled security training with world-class Instructors
NICE 2015 Conference and Expo (San Diego, California, USA, Nov 3 - 4, 2015) Cybersecurity has emerged as one of the leading creators of jobs and opportunity for all economic sectors. The demand for cybersecurity positions in both the public and private sector is large and growing, but the talent pool of cybersecurity workers is not yet able to keep up. The NICE 2015 Conference and Expo features thought leaders from education, government, industry and non-profits who are addressing the cybersecurity education, training, and workforce needs of the nation
Pen Test Hackfest Summit & Training (Alexandria, Virgina, USA, Nov 16 - 23, 2015) SANS Pen Test Hackfest Training Event and Summit is coming back to Washington DC, bigger and better than ever! The Hackfest is an ideal way to learn offensive techniques so you can better defend your environment. Whether you are a penetration tester, a forensics specialist, or defender, the techniques covered at the Hackfest represent the latest and most powerful attacks every organization needs to thwart
SANS Institute: Information Security Training (Las Vegas, Nevada, USA, Sep 12 - 21, 2015) Information security training in Las Vegas from SANS Institute, the global leader in information security training. At SANS Network Security 2015, SANS offers more than 40 hands-on, immersion-style security training courses taught by real-world practitioners. The site of SANS Network Security 2015, September 12 - 21, is Caesars Palace, the majestic Las Vegas hotel
SANS Institute: Information Security Training (Las Vegas, Nevada, USA, Sep 12 - 21, 2015) Information security training in Las Vegas from SANS Institute, the global leader in information security training. At SANS Network Security 2015, SANS offers more than 40 hands-on, immersion-style security training courses taught by real-world practitioners. The site of SANS Network Security 2015, September 12 - 21, is Caesars Palace, the majestic Las Vegas hotel
Threat Hunting & Incident Response Summit 2016 (New Orleans, Louisiana, USA, Apr 12 - 13, 2016) The Threat Hunting & Incident Response Summit 2016 focuses on specific hunting and incident response techniques and capabilities that can be used to identify, contain, and eliminate adversaries targeting your networks. Attend this summit to learn these skills directly from incident response and detection experts who are uncovering and stopping the most recent, sophisticated, and dangerous attacks against organizations
Upcoming Events
Black Hat USA (Las Vegas, Nevada, USA, Aug 1 - 6, 2015) Black Hat — built by and for the global InfoSec community — returns to Las Vegas for its 18th year. This six day event begins with four days of intense Trainings for security practitioners of all levels (August 1-4) followed by the two-day main event including over 100 independently selected Briefings, Business Hall, Arsenal, Pwnie Awards, and more (August 5-6)
BSides Las Vegas (Las Vegas, Nevada, USA, Aug 4 - 5, 2015) BSides Las Vegas is an Information/Security conference that's different. We're a 100% volunteer organized event, put on by and for the community, and we truly strive to keep information free. There is no charge to the public to attend BSidesLV. Our costs are covered by our generous donors and sponsors, who share our vision of free dissemination of information. The conversations are getting more potent and the "TALK AT YOU" conferences are starting to realize they have to change. BSidesLV is making this happen by shaking-up the format
Defcon 23 (Las Vegas, Nevada, USA, Aug 4 - 7, 2015) DEF CON has been a part of the hacker community for over two decades. See the organization's website for more information
3rd Annual Psyber Behavioral Analysis Symposium (Fort Meade, Maryland, USA, Aug 11, 2015) The 3rd Annual Psyber Behavioral Analysis Symposium is hosted by the NSA/CSS Threat Operations Center and the FBI Behavioral Analysis Unit-2/Cyber Behavioral Analysis Center. The goal of the Symposium is to provide U.S. and Second Party Intelligence Communities (IC) a forum to present and collaborate on Human Science-based projects and research. This event attracts a multi-disciplinary government audience from across the IC and Second Party Partner organizations
USENIX Security (Washington, D.C., USA, Aug 12 - 14, 2015) The USENIX Security Symposium reunites researchers, practitioners, system administrators, system programmers, and others specialists interested in the latest advances in the security and privacy of computer systems and networks
5th Annual Cyber Security Training & Technology Forum (CSTTF) (Colorado Springs, Colorado, USA, Aug 19 - 20, 2015) The Information Systems Security Association (ISSA) Colorado Springs Chapter and FBC, Inc. will once again co-host the 5th Annual Cyber Security Training & Technology Forum (CSTTF). CSTTF 2015 will bring together cyber experts from the DoD, federal government, business, research, and academia to address a variety of current cyber topics
Decepticon 2015 (Cambridge, England, UK, Aug 24 - 26, 2015) Decepticon brings together researchers and practitioners in the detection and prevention of deception. Previously, deception research has been fragmented across conferences in many different disciplines, sub-disciplines and countries. To cover the great diversity of approaches to deception research, our scientific committee has members covering several domains
AFCEA OKC Technology & Cyber Security Day (Oklahoma City, Oklahoma, USA, Aug 27, 2015) FBC and the Armed Forces Communications & Electronics Association (AFCEA) Oklahoma City Chapter will be partnering once again to host the annual Technology Day & "Scholarship" Golf Tournament at Tinker AFB. This is the only Technology Day held at Tinker AFB each year. The annual Technology Day allows exhibitors the opportunity to have access to information technology, communications, cyber, engineering, and contracting personnel at Tinker AFB. Over 300 attendees participated in the 2014 Technology Day and we expect the same level of attendance in 2015
Power Grid Cyber Security Exchange 2015 (San Diego, California, USA, Aug 30 - Sep 1, 2015) The Power Grid Cyber Security Exchange will take a deep dive into the cyber security strategies, innovative approaches and strategic planning necessary to balance the competing priorities of today's technology and information security executives. This program is tailored to utility executives and industry stakeholders that are responsible for addressing threat intelligence, analysis and monitoring; network architecture; and cyber incident response
2015 HTCIA International Conference & Training Expo (Orlando, Florida, USA, Aug 30 - Sep 2, 2015) Bringing together experts from all over the world to share their latest research and techniques related to cybersecurity, incident response and computer forensics
ICFP 2015 (Vancouver, British Columbia, Canada, Aug 31 - Sep 2, 2015) ICFP 2015 provides a forum for researchers and developers to hear about the latest work on the design, implementations, principles, and uses of functional programming. The conference covers the entire spectrum of work, from practice to theory, including its peripheries