The CyberWire Daily Briefing 08.14.15
The claimed ISIS doxing of US service members increasingly looks like so much gasconade — the Pentagon thinks it's mostly hooey.
Google continues to have a difficult week: MWR Labs exposes an Android sandbox escape vulnerability, and Exodus Intelligence demonstrates that Stagefright patching is at best incomplete. Google is expected to issue fixes as soon as possible.
The Internet Storm Center describes Adwind, a remote access Trojan delivered as the payload in botnet-served spam. Adwind appears to require user interaction for activation.
Windows 10 continues to worry users concerned about their privacy.
The Russian CyberVor mob may be back — at least, someone posing as CyberVor seems to have gained access to University of Miami networks.
The "OwnStar" car hack is said to be effective against BMWs and Mercedes as well as Chryslers.
Apple updates OS X Server, iOS, Safari, and Yosemite. Dropbox moves to two-factor authentication.
The electrical power sector remains bedeviled by thumb-drive-delivered malware.
Oracle's stern words about reverse engineering to hunt bugs reverberate. Bug bounties are well-known, and HP's Zero Day Initiative tells eSecurity Planet how they legitimately buy vulnerabilities.
Enterprises that hold a lot of customer data — law firms, government agencies, etc. — are increasingly skittish about the risk to which those data expose them. The cyber insurance market gropes toward ways of transferring some of that risk. Post-breach litigation is a growing problem: class-action suits are now the norm.
The US National Institute of Standards and Technology (NIST) invites comment on a draft report of international cyber standards.
Notes.
Today's issue includes events affecting China, Iran, Iraq, Israel, Lebanon, Russia, Syria, United Arab Emirates, United Kingdom, and United States.
Cyber Attacks, Threats, and Vulnerabilities
Israel Prevents Cyber Breach Into Its Defense Ministry Files (DefenseWorld) Israel has successfully prevented a cyber-breach after suspicious emails containing "malicious files" reached the defense ministry in the recent weeks
Pentagon scoffs at Islamic State list of private info of U.S. government, military personnel (Washington Times) The Pentagon is currently investigating the release of over 1,400 names, emails and passwords belonging to U.S. military, state and federal government personnel that was posted Tuesday on Twitter by a pro-Islamic State hacking group
Russian, Chinese hackers use nearly identical tactics on US (The Hill) Russian and Chinese cyber spies are using similar — and surprisingly simple — methods to hack their top U.S. targets
DarkComet RAT remains a popular Swiss army knife for attackers (FierceITSecurity) The DarkComet remote access tool is the Swiss army knife of RATs: It is a functional, versatile and reliable tool for attackers
Security researchers find flaws in Ethernet switches (Drives & Controls) Cyber-security researchers in the US say that they have found security flaws in industrial Ethernet switches and gateways which could be used to attack industrial control systems in industries ranging from manufacturing to power generation. They have found vulnerabilities in four makes of Ethernet switch, but say that similar problems could exist in other devices
Zero Day in Android's Google Admin App Can Bypass Sandbox (Threatpost) The Android security team at Google is having a busy month. First the Stagefright vulnerabilities surfaced last month just before Black Hat and now researchers at MWR Labs have released information on an unpatched vulnerability that allows an attacker to bypass the Android sandbox
Stagefright Patch Incomplete Leaving Android Devices Still Exposed (Threatpost) Google today released to open source a new patch for the infamous Stagefright vulnerability found in 950 million Android devices after researchers at Exodus Intelligence discovered the original patch was incomplete and Android devices remain exposed to attack
XSS flaw put Salesforce accounts at risk of hijacking (Tripwire: the State of Security) Security researchers have found a cross-site scripting (XSS) vulnerability on the Salesforce website, that could be exploited by malicious hackers to conduct phishing attacks and hijack the accounts of users
Adwind: another payload for botnet-based malspam (Internet Storm Center) Since mid-July 2015, I've noticed an increase in malicious spam (malspam) caught by my employer's spam filters with java archive (.jar file) attachments. These .jar files are most often identified as Adwind. Adwind is a Java-based remote access tool (RAT) used by malware authors to infect computers with backdoor access. There's no vulnerability involved. To infect a Windows computer, the user has to execute the malware by double-clicking on the .jar file
Windows 10 might be spying on you even after you tell it to stop (BGR) One of the main concerns with Microsoft's Windows 10 platform concerns privacy. The operating system has various features that need to access your private data to work properly. At the same time, Microsoft wants to deliver you better Bing search results and ads. In its defense, the company makes it clear in its terms of service that it's tracking you, and there are ways to stop all the tracking without compromising your Windows 10 experience. But what if the privacy-infringing settings you thought you just turned off aren't off?
Cybergroup claims to hack some UM email accounts (Miami Herald) A hacker group that calls itself "CyberVor" has claimed to get into the email accounts of about 200 people connected to the University of Miami
The Dark Side of Steganography (IEEE Spectrum) The complicated mess of code in image, voice, video and even electrocardiogram data provide the perfect carrier for hidden messages. At the Network Security Group at Warsaw University of Technology, in Poland, Wojciech Mazurczyk disguises data the same way cybercriminals do in order to beat them at their own game
Ten scary hacks I saw at Black Hat and DEF CON (CSO) Security researchers and hackers gathered in Las Vegas over the past week to show off and learn about the latest vulnerabilities that affect devices and software that the world relies on every day. Black Hat and DEF CON, the world's top security conferences, did not disappoint
Smartwatch makers opt for simplicity over keeping user data safe, warns security firm Trend Micro (International Business Times) A leading computer research firm has criticised the poor security of some of the most popular smartwatches on sale today. Trend Micro says in a new report how the Apple Watch and smartwatches running Google's Android Wear are not as secure as they should be
OwnStar Wi-Fi attack now grabs BMW, Mercedes, and Chrysler cars' virtual keys (Ars Technica) Using SSL proxy, attack decrypts user data, allowing remote access to vehicle
The Summer Of Car Hacks Continues (Dark Reading) New research shows how SMS messages manipulating vulns in insurance dongles can kill brakes on cars
Clarifying the Hype Around Auto Cyber Threats (Huffington Post) I, like most Americans, have a love affair with the automobile. Give me an unlimited budget and I will quickly exceed it, purchasing pretty much every available car, truck and SUV on the market
Iranian hackers broke into what they thought was a Chevron gas pump — but it was a honeypot (Fusion) In the last few years, the so-called "Internet of Things" has gotten a reputation as "the Internet of Things That Can Be Hacked." This year alone, security researchers have hacked baby monitors, skateboards, rifles, and a Jeep — making it undriveable while it was going 70 miles per hour on a highway. One hacker possibly even hacked an airplane while it was in flight
Cyberflasher Airdrops rude images to victim's iPhone (Naked Security) Cyberflashing? Is there such a thing? Yes, there is, because a London woman recently made a complaint to the police over just such an incident
How to stop pervy pics popping up on your iPhone (We Live Security) In the old days, if a dirty old man wanted to shock and frighten a young woman he might lurk down a forest path, dressed only in a grubby raincoat, and flash his unmentionables at her before making his cowardly escape
Advanced Targeting — The Name of the Game (PhishLabs Blog) Business email compromise (BEC), spear phishing, and social engineering aren't just buzz words that have gained popularity in the security industry. These tactics have recently been employed by cybercriminals to get around the plethora of security controls deployed to protect organizations. Account takeover has evolved from using malware to compromise credentials and remotely using the victim's computer, to using social engineering schemes over email to fool legitimate users into performing wire transfers, such as the recent BEC attack on Ubiquiti that nearly cost the organization $46.7 million
Security Patches, Mitigations, and Software Updates
Apple Releases Security Updates for OS X Server, iOS, Safari, and Yosemite (US-CERT) Apple has released security updates for OS X Server, iOS, Safari, and Yosemite to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system
Dropbox adds support for FIDO U2F secure authentication (Help Net Security) Cloud storage giant Dropbox announced to its 400 million users that it supports FIDO U2F for strong two-factor authentication
Google flubs patch for Stagefright security bug in 950 million Androids (Register) Update flawed, new one needed for countless gadgets
LG, Motorola Detail Security Updates Following Android Stagefright Vulnerability (Gadgets.am) After the discovery of Stagefright vulnerability, Google and Samsung announced they would provide security patches to the Galaxy and Nexus range of mobile devices about once every month, starting with the Stagefright patch. Now, LG and Motorola are the latest to join the two firms confirming that they would too be taking the vulnerability seriously, and LG, besides issuing a patch, also says it will boost its security update frequency to a monthly basis
Cyber Trends
Internet of Everything opens new attack vectors for cybercriminals: Cisco (IT Business) The digital economy and the Internet of Everything (IoE) are inspiring new attack vectors and monetization schemes for cybercriminals that organizations will need to defend against, according to a new report from networking solutions vendor Cisco Systems
Bromium Black Hat Survey: Endpoint Risk Five Times Greater Than Network or Cloud (IT Business Net) Survey cites risk of cyber attacks on critical infrastructure; issues with Flash and security patching contribute to endpoint security risk
Power producers grapple with a thumb-sized scourge (E&E News) At a coal-fired power plant in Alabama last year, federal officials sat down with a security guard to discuss a serious breach of protocol
Business not keeping up with rapid changes in cyber attacks, says Proofpoint (ComputerWeekly) Most striking development in the first half of 2015 was a big shift from URL-based cyber attacks to attacks that rely on malicious document attachments
Impact and scope of fraud that crosses multiple industries (Help Net Security) 84 percent of fraud mitigation professionals interviewed by LexisNexis Risk Solutions see fraud that crosses multiple industries in their investigations
Marketplace
Mad World: The Truth About Bug Bounties (Dark Reading) What Oracle CSO Mary Ann Davidson doesn't get about modern security vulnerability disclosure
Exposing Facebook privacy flaw is a crime? Sure Seems Like It (HackRead) Aran Khanna, a Harvard student, was deprived of a chance to intern at Facebook after he exposed a critical privacy related flaw in the social network's Messenger service in one of his creations
HP on Legal Hacking and the Law (eSecurity Planet) HP's Zero Day Initiative buys a lot of security vulnerabilities from researchers — so how does it stay within the bounds of the law?
Ways to Engage Executives in Cyber Risk (Wall Street Journal) A survey of retail executives shows many retailers making progress toward strengthening their cyber risk management programs, though they, along with their peers in other industries, could still benefit from improved governance and engagement with business leaders.More business executives are starting to recognize that accountability for cyber risk cannot rest solely with the IT organization. The many high-profile breaches in recent years have shown business leaders that efforts to prevent, detect, respond to and recover from cyber incidents require the collective wisdom and authority of executives across a range of functions
Reducing Cyber-Risk Through Cyber-Insurance (Infosecurity Magazine) Matt Middleton-Leal weighs up the risk-reduction possibilities offered up by enterprise cyber-insurance
Heightened Risk of Cyberattacks Puts Pressure on Law Firms to Bolster Defenses (Legaltech News) Considering 80 of the 100 biggest law firms have been hacked since 2011, it stands to reason yours could be next
Stock Price May Not Tell the Whole Story About Security Breaches (IBM Security Intelligence) Data security breaches are larger and more spectacular than ever before. Just in the last year, companies suffering from major hacks have ranged from retailers and financial firms to entertainment conglomerates. The data stolen ran the gamut from tens of millions of customer accounts — complete with credit card information — to embarrassing remarks about celebrities in what were intended to be private email messages
3 stocks that make money on corporate cybercrime fear: UBS (Business News Network) Corporate spending on cybersecurity is on the rise as criminals find increasingly sophisticated methods to exploit vulnerable IT infrastructure. While the threat of cybercrime presents an ever-present risk to shareholders, investors in companies developing new and innovative ways of combating online threats are cashing in on the fear of getting hacked
Feds Expect to Spend at Least $500 Million on the Next Five Years of Data Breaches (National Journal) The government is preparing to hire contractors to deal with future breaches
Air Force seeks insider threat monitoring system (FierceGovernmentIT) The Air Force is seeking commercial information technology to help it better monitor its networks for insider threats. The product will be a key component to the development of its Insider Threat Program, according to a solicitation posted by the service Aug. 11
Insider Threat Program Solicitation Number: FA7014-15-R-5015 (Department of the Air Force via FedBizOpps) The Air Force District of Washington Contracting Directorate, 1500 West Perimeter Dr, Suite 2750, Andrews AFB, MD 20762, intends to procure an Insider Threat Program
East Bay cybersecurity unicorn ramps up expansion with reported $2.5 billion valuation (San Francisco Business Journal) With high-profile breaches affecting the IRS, the Office of Personnel Management, and even the adulterers' website Ashley Madison, it's no secret that cybersecurity is a critical issue for just about anyone responsible for personal data
This Startup Can Steal Data by Hacking Your Printer (Small Business Trends) With just a few tweaks, even your printer can be hacked to broadcast your personal, private data
Rapid7 seeks greater security collaboration with technology firms (ComputerWeekly) Rapid7 is working to promote better relations between the security community and the rapidly increasing number of de facto technology companies
Cybersquatter frenzy as Google becomes Alphabet without owning alphabet.com (Naked Security) Google's big announcement on Monday that it was creating a new holding company called Alphabet took the business world by surprise
Cryptzone Joins Cloud Security Alliance (Cryptzone) Network and data security provider to provide expertise to leading industry consortium
Imperva Appoints Gerri Elliott to Its Board of Directors (Nasdaq) Seasoned management executive brings experience at Microsoft, IBM and Juniper Networks to Imperva board
Technology Marketing Veteran Armen Najarian Joins ThreatMetrix as Chief Marketing Officer (Benzinga) Najarian brings deep B2B and technology marketing experience to executive role
Products, Services, and Solutions
Easy Solutions Opens New US Anti-Fraud Response Operation Center (ROCK) (BusinessWire) Facility to monitor up to 60 billion connections; offers proactive protection and in-depth intelligence of electronic fraud attacks
Comparing the top database security tools (TechTarget) Expert Ed Tittel examines the strengths and weaknesses of top-rated database security tools — from database activity monitoring to transparent database encryption — to help enterprises make the right purchasing decision
Lockheed to deploy security technologies at US airports and ports (Airport Technology) Lockheed Martin has received a contract from the Transportation Security Administration (TSA) to deploy security technologies at all airports and ports in the western region of the US
Technologies, Techniques, and Standards
NIST seeks comment on draft report for greater int'l cybersecurity standards development, use (FierceGovernmentIT) The National Institute of Standards and Technology is seeking public comment on a draft interagency report issued Aug. 10 that recommends the federal government enhance its coordination and participation in developing and using international cybersecurity standards
Interagency Report Advocates Support for International Cybersecurity Standardization (NIST Information Technology Laboratory) A new draft report by an interagency working group lays out objectives and recommendations for enhancing the U.S. government's coordination and participation in the development and use of international standards for cybersecurity. The report recommends the government make greater effort to coordinate the participation of its employees in international cybersecurity standards development to promote the cybersecurity and resiliency of U.S. information and communications systems and supporting infrastructures. These efforts should include increased training, collaborating with private industry and working to minimize risks to privacy
Responding in the 'golden hour' of a cyber attack (Security InfoWatch) User behavior analytics can help with detection of potential data breaches. By using custom algorithms, the divergence in behaviors between a normal user using her credentials and an attacker using the same credentials can be determined
The Anatomy of a Cyber Attack: Prevention, Response and Postmortem (Part 5 of 6) (Privacy Compliance & Data Security) This blog post is the fifth entry of a six series discussing the best practices relating to cyber security. The previous post discussed the important steps that a business should take to preserve evidence and information once a cyberattack has been identified. This post will discuss the individuals and organizations that should be notified once a cyberattack occurs. The four most important groups to contact are (1) individuals within the business, (2) law enforcement officials, (3) The Department of Homeland Security, and (4) other possible victim
Defending Critical Infrastructure Without Air Gaps And Stopgap Security (Dark Reading) Traditional IT security solutions need modifications to successfully defend critical infrastructure on tomorrow's cyber battlefields
The Security Of Devices Connected To The Internet Of Things Keeps Degrading (iTechPost) According to reports, the security of devices connected to the Internet of Things degrades over time. The connected home devices might come securely enough when you buy them off the shell, but this situation would not last for long. Tech firms have warned that the Internet of Things security is not strong enough
Enterprises are Analyzing Lots of Internal Cybersecurity Data (Network World) Enterprise organizations collect, process, and analyze a wide variety of cybersecurity data, and there is no end in sight
Uncovering the Truth about Six Big Data Security Analytics Myths (IT Business Edge) Cyber threats are becoming extremely sophisticated, as evidenced by the many high-profile breaches over the last few years. Organizations are confronting a new reality where they must accept that they are likely to be impacted, despite their best attempts to keep these threats out altogether. They need quicker and better ways to discover, investigate and remediate these threats. Marrying Big Data with machine learning can help address this challenge by providing security professionals with the Big Data security analytics (BDSA) they need to thwart the bad guys
Are Your Trade Secrets Safe? (Employment Law Navigator) A few years back, we had a client — a manufacturing business — that decided to sue an ex-employee for stealing its trade secrets. Our client had developed a process that was unique. Using this process, it was able to manufacture certain products in a very fast and cost-effective way, keeping its prices lower and its profits higher than its competition. The ex-employee went to work for a competitor and, according to our client, shared his knowledge of the secret process with his new employer
Design and Innovation
The Noise Around You Could Strengthen Your Passwords (Wired) Last year after nude photos apparently stolen from various celebrities' iCloud accounts began circulating on Reddit, Apple responded by telling people to enable a feature called "two-factor authentication"
Redefining security visualization with Hollywood UI design (Help Net Security) Most security interfaces today leave a lot to be desired, and many security pros are gaming enthusiasts, accustomed to a sharp and engaging virtual world
Research and Development
Presidential advisors recommend 8 new focus areas for IT research and development (FierceGovernmentIT) In an Aug. 7 report to the White House, the President's Council of Advisors on Science and Technology, or PCAST, recommended the federal government overhaul the way it categorizes information technology research and development spending
Academia
UAE universities fight back against cybercrime (The National) A rise in cybercrimes has forced universities to launch counterattacks
Georgia Regents getting serious about cyber (Atlanta Business Journal) The University System of Georgia should step up efforts to train students for jobs in cybersecurity, an administrator with Georgia Regents University (GRU) told members of the system's Board of Regents Wednesday
Legislation, Policy, and Regulation
A Foreign Diplomat Just Taught America How to Win the War of Ideas (War on the Rocks) It is conventional wisdom in Washington that the United States is losing the "war of ideas" to the Islamic State, Hamas, Hezbollah, Iran, al Qaeda, and even the Taliban. All those forces of entropy and intolerance that practice and support terrorism are somehow proving superior at messaging to the country with Madison Avenue advertising, Silicon Valley innovation, Hollywood image-making, the 24-hour news cycle, and permanent political campaigning
NTIA seeks public comments on 2 Internet governance transition-related proposals (FierceGovernmentIT) The National Telecommunications and Information Administration is seeking public feedback on two connected proposals that would shift control of the Internet's Domain Name System from the U.S. government to a multistakeholder community
GOP senator: Kerry 'downplaying' foreign cyber threat (The Hill) Sen. Ben Sasse (R-Neb.) is accusing Secretary of State John Kerry of downplaying the seriousness of overseas cyberattacks, a day after Kerry acknowledged Chinese and Russian spies are "very likely" reading his emails
Deep Dive into Crypto "Exceptional Access" Mandates: Effective or Constitutional — Pick One (Electronic Frontier Foundation) Readers of these pages will be familiar with the debate going on between government officials and technologists around the world about law enforcement's perceived need to access the content of any and all encrypted communications
Federal CFO: Getting Ahead of Emerging Cyberthreats (Wall Street Journal) Some of the biggest adversaries in the cyber ecosystem are well-funded organized crime and nation-states operating on a global scale. These threat actors are increasingly targeting financial information and using sophisticated technologies to breach networks undetected, says Mike Marshall, a Deloitte Advisory director at Deloitte & Touche LLP, where he supports the Federal National Security Sector practice. He describes considerations for what federal CFOs can do to help protect their agency's financial data from cyber thieves; how to employ a proactive, outside-looking-in approach to network security; and measure ROI on their cybersecurity investment
IRS: No taxes on credit monitoring after breach (The Hill) The IRS made it clear Thursday that it wouldn't count free credit monitoring offered to victims of data breaches as taxable income
Army Reserve Pursuing Partnerships with Silicon Valley (National Defense) In April, Defense Secretary Ash Carter announced a new initiative to encourage the Defense Department and Silicon Valley to work more closely together. Reservists are now playing a key role putting this effort together, a senior Army official said Aug. 13.
Does the US need a 'See something, say something' campaign for cyber? (Nextgov) The federal government must play team leader in upping the country's cybersecurity game, according to a new study
Litigation, Investigation, and Law Enforcement
Square will absorb its customers' liability for fraud during EMV shift (Ars Technica) Payments processing company is trying to get small businesses on board with changes
Experian sued for allegedly selling information to identity thief (Legal Newsline) A top credit score reporter is being sued for allegedly selling personal information to an identity thief
Managing post-data breach litigation just got harder (Lexology) Data breaches are messy stuff, no doubt about that. They consume a huge amount of corporate resources, damage a company's goodwill and can cost a lot of money. No real news there. And while the technological challenges in preventing, and responding to, data breaches are ever-changing — fueling the booming cybersecurity industry — the corporate response to a data breach is fairly standardized. Basic steps include (not necessarily in this order)
Official: Clinton 'inner circle' may have stripped email classification markings (Fox News) The latest revelations about top secret information traversing Hillary Clinton's private email server have triggered accusations that someone in her "inner circle" likely stripped the classification markings, illegally
Why Hillary's Wiping Her E-mail Server Clean Matters More than It Might Seem (National Review) Hillary's homebrew server has been wiped blank. Long live Hillary's hosted server
Cybersecurity expert: Here's how the GOP could 'have a field day' with Hillary Clinton's email scandal (Business Insider) The FBI is now in possession of the private email server Hillary Clinton used for work-related correspondences while she served as secretary of state during the first term of the Obama administration
Scandal Exposes Hillary's Disregard For Security (Investor's Business Daily) Scandal: Thanks to the State Department's release of Hillary Clinton emails, we now know she was more interested in how to permanently delete her emails than in protecting highly classified national security secrets
Cyberheist Victim Trades Smokes for Cash (KredsOnSecurity) Earlier this month, KrebsOnSecurity featured the exclusive story of a Russian organized cybercrime gang that stole more than $100 million from small to mid-sized businesses with the help of phantom corporations on the border with China. Today, we'll look at the stranger-than-fiction true tale of an American firm that lost $197,000 in a remarkably similar 2013 cyberheist, only to later recover most of the money after allegedly plying Chinese authorities with a carton of cigarettes and a hefty bounty for their trouble
Baseball Hacking Scandal? It's Just Business as Usual (Corporate Counsel) Sports fans look at their favorite professional teams and see athletes. Hackers look at sports teams and see data. So, when news broke in June that the U.S. Department of Justice is investigating the St. Louis Cardinals' front-office personnel for allegedly hacking into an internal network of the Houston Astros, attorneys who deal with trade secret theft were hardly surprised
FTC Charges Data Brokers in Personal Data Scam (Legaltech News) Commission says two payday loan information brokers sold customer PII to scammers, who used the details to steal more than $7 million
Craigslist sex ad used for 'retribution' against FBI agent, Feds say (Naked Security) A man has been charged with posting a fake Craigslist advert that invited men to have sex with an FBI agent and his wife and which included the agent's phone number and address
Brooklyn man pleads guilty to aiding terrorists, prosecutors say (Newsday) An Albanian national and Brooklyn resident who pleaded guilty to aiding terrorists bent on attacking the United States has been sentenced to 16 years in prison, federal prosecutors said, but they added that the defendant will likely appeal the government's use of the most critical evidence against him
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
USENIX Security (Washington, D.C., USA, Aug 12 - 14, 2015) The USENIX Security Symposium reunites researchers, practitioners, system administrators, system programmers, and others specialists interested in the latest advances in the security and privacy of computer systems and networks
5th Annual Cyber Security Training & Technology Forum (CSTTF) (Colorado Springs, Colorado, USA, Aug 19 - 20, 2015) The Information Systems Security Association (ISSA) Colorado Springs Chapter and FBC, Inc. will once again co-host the 5th Annual Cyber Security Training & Technology Forum (CSTTF). CSTTF 2015 will bring together cyber experts from the DoD, federal government, business, research, and academia to address a variety of current cyber topics
Decepticon 2015 (Cambridge, England, UK, Aug 24 - 26, 2015) Decepticon brings together researchers and practitioners in the detection and prevention of deception. Previously, deception research has been fragmented across conferences in many different disciplines, sub-disciplines and countries. To cover the great diversity of approaches to deception research, our scientific committee has members covering several domains
AFCEA OKC Technology & Cyber Security Day (Oklahoma City, Oklahoma, USA, Aug 27, 2015) FBC and the Armed Forces Communications & Electronics Association (AFCEA) Oklahoma City Chapter will be partnering once again to host the annual Technology Day & "Scholarship" Golf Tournament at Tinker AFB. This is the only Technology Day held at Tinker AFB each year. The annual Technology Day allows exhibitors the opportunity to have access to information technology, communications, cyber, engineering, and contracting personnel at Tinker AFB. Over 300 attendees participated in the 2014 Technology Day and we expect the same level of attendance in 2015
Power Grid Cyber Security Exchange 2015 (San Diego, California, USA, Aug 30 - Sep 1, 2015) The Power Grid Cyber Security Exchange will take a deep dive into the cyber security strategies, innovative approaches and strategic planning necessary to balance the competing priorities of today's technology and information security executives. This program is tailored to utility executives and industry stakeholders that are responsible for addressing threat intelligence, analysis and monitoring; network architecture; and cyber incident response
2015 HTCIA International Conference & Training Expo (Orlando, Florida, USA, Aug 30 - Sep 2, 2015) Bringing together experts from all over the world to share their latest research and techniques related to cybersecurity, incident response and computer forensics
ICFP 2015 (Vancouver, British Columbia, Canada, Aug 31 - Sep 2, 2015) ICFP 2015 provides a forum for researchers and developers to hear about the latest work on the design, implementations, principles, and uses of functional programming. The conference covers the entire spectrum of work, from practice to theory, including its peripheries