The CyberWire Daily Briefing 03.31.15

Summary

By The CyberWire Staff

Lebanon appears to be making its debut in offensive cyber operations. Check Point discovers an APT group it's calling "Volatile Cedar" whose targets appear to be mainly Israeli.

Israel receives other unwelcome attention, this from Anonymous, which promises an "electronic Holocaust" on April 7. The threat is virtual, not physical, but that doesn't moderate the threat's tasteless language. Perhaps one seeks message discipline from an anarchist collective in vain. Passcode describes the fragmentation of those wearing the Guy Fawkes mask: North Americans are increasingly out-of-step with other regions' Anonymous cells. (North Americans are also oddly sympathetic to Islamism.) And Sabu seems to have done lasting damage to the Americans' brand with the collective — others tend to suspect them of being snitches.

GitHub's still recovering from the denial-of-service attack it's sustained since last week, which looks ever more like a Chinese government operation against censorship-evasion tools. GreatFire sees the campaign as characteristic of efforts to sustain the Great Firewall, and Netresec publishes evidence of a man-on-the-side attack. Incapsula sees a DDoS trend: 20% of such attacks now come from anonymous proxies, up from 5% a year ago.

Attribution is notoriously difficult, and so is determining cyber value-at-risk. Many enterprises and users wildly underestimate their assets' value, and a growing pool of risk managers struggles to assess that value. The Wall Street Journal describes insurer Aetna's approach to the problem. Costs of protection are also tough to track: the US Defense Department (admittedly, they've got a lot to track) can't do it.

Notes.

Today's issue includes events affecting Australia, China, Estonia, European Union, Georgia, Germany, India, Iran, Israel, Democratic Peoples Republic of Korea, Latvia, Lebanon, Lithuania, Moldova, Netherlands, Pakistan, Qatar, Russia, Saudi Arabia, Singapore, Taiwan, Turkey, Ukraine, United Kingdom, United States

Selected Reading

Cyber Trends

DDoS losses potentially £100k an hour, survey shows (ComputerWeekly) Distributed denial-of-service (DDoS) attacks could expose 40% of businesses to losses of £100,000 or more an hour at peak times, a survey by communications and analysis firm Neustar has revealed

What's the Cost of a Cyberattack? (CFO) A flurry of attempts to model the risk of a corporate cyberattack hasn't provided many answers

You think you've nothing to steal? Hackers don't agree. (SC Magazine) The value to hackers of any single website is not widely understood

These companies and groups are most in danger of getting hacked (Business Insider) It's not just banks and retailers that get hacked. As we saw recently, even celebrities and movie studios can be targets

Firms miss out on insight as CEOs and information managers struggle to understand each other (Information Security Buzz) Iron Mountain study shows 89 per cent of UK business leaders don't fully understand what their records and information managers do

Negotiating with Cybercriminals: 30% of Security Professionals Say They Would Pay for the Return of Their Data (ThreatTrack Security) In weighing principle vs. negotiating with cybercriminals to recover stolen or encrypted data, 30% of U.S. security professionals have concluded that getting their data back is more important. Respondents at organizations already targeted by cyberextortionists are more than three times as likely to be willing to negotiate with cybercriminals and nearly twice as likely to recommend setting aside funds for that very purpose

The 'Internet of Things' will create a lot of security vulnerabilities — here are ways companies can start tackling these issues (Business Insider) Over the next five years, the number of Internet of Things devices will grow nearly tenfold — from 2.5 billion in 2014, to nearly 24 billion by 2019, according to BI Intelligence estimates

Most enterprise network teams now deal with security investigations (Help Net Security) 85 percent of enterprise network teams today are now involved with security investigations, indicating a major shift in the role of those teams within enterprises, according to Network Instruments

Legislation, Policy and Regulation

Australia Outlaws Warrant Canaries (Schneier on Security) In the US, certain types of warrants can come with gag orders preventing the recipient from disclosing the existence of warrant to anyone else. A warrant canary is basically a legal hack of that prohibition. Instead of saying "I just received a warrant with a gag order," the potential recipient keeps repeating "I have not received any warrants." If the recipient stops saying that, the rest of us are supposed to assume that he has been served one

China suspends rollout of controversial cyber rules (The Hill) China will suspend the rollout of new rules restricting Chinese banks' use of foreign information technology

Taiwan seeks stronger cyber security ties with U.S. to counter China threat (Reuters) Taiwan wants to join a major anti-hacking drill conducted by the United States to strengthen cyber security ties with its staunchest ally, its vice premier said on Monday, a move which would help safeguard against constant targeting by hackers in rival China

New industry paper recommends policymakers tread carefully in nurturing Internet of Things (FierceGovernmentIT) As policymakers seek to nurture greater Internet of Things development, they should address issues like competition, standards, spectrum, security and privacy, among others, in a collaborative manner across all market sectors, a new industry white paper says

Realizing the Potential of the Internet of Things: Recommendations to Policy Makers 2015 (Telecommunications Industry Association) The future for telecommunications and the world economy lies with the Internet of Things (IoT). At its most basic, the "Internet of Things" is a label for an increasingly connected future in which regular, everyday items — from household appliances to cars to medical devices — are outfitted with sensors and connected to the Internet to share their data. Viewed more broadly, the Internet of Things will give rise to an entire ecosystem for interconnected devices, objects, systems, and data all working together. In this new world, most communications will be machine-to-machine (M2M), and there will be a continuous exchange of information between devices, sensors, computers, and networks

Why the House information-sharing bill could actually deter information sharing (Washington Post) The House Intelligence Committee has now adopted a manager's amendment to what it's now calling the "Protecting Cyber Networks Act." Predictably, privacy groups are already inveighing against it

Senate Dems wooed on cyber bill (The Hill) The Senate Intelligence Committee overwhelmingly approved a major cyber bill, but leaders still face a tough task: winning over critical Democrats

Customers deserve to know about data breaches quickly (Seattle Times) Time to update Washington's antiquated data-breach notification law

The Government Says It Has a Policy on Disclosing Zero-Days, But Where Are the Documents to Prove It? (EFF) We have known for some time that the U.S. intelligence and law enforcement community looks to find and exploit vulnerabilities in commercial software for surveillance purposes. As part of its reluctant, fitful transparency efforts after the Snowden leaks, the government has even officially acknowledged that it sometimes uses so-called zero-days

Why Cybersecurity Dollars do not add up at the Pentagon (Nextgov) For at least the past four years, the Pentagon has struggled to count up how much defense spending goes toward a "thing" called cybersecurity

Products, Services, and Solutions

Army wrestles with competing intel analysis software tools (World Magazine) The military acquisition system is supposed to provide the weapons, equipment, and tools service members need to defend the country. But when it wasn't agile enough to meet a critical and fast-changing intelligence analysis need during the height of the Iraq war, some Army Special Operations units turned to a popular and effective commercial data analysis tool, setting up a showdown in Congress over meeting the troops' needs and wants

iSIGHT Partners Enhances Intelligence Integration With New ThreatScape Software Development Kit and Browser Plugin (MarketWired) Enables pervasive access to world's leading cyber threat intelligence

NAC is back. And better than ever (Network World) We review 5 of the leading network access control products

G Data aktualisiert Antivirus, Internet Security und Total Protection (PC Welt) Das Bochumer Sicherheits-Unternehmen G Data hat seine drei Schutz-Lösungen für Privatanwender aktualisiert. Neu sind die Funktionen Browser Cleaner und USB Keyboard Guard

Tufin Automates Policy Orchestration for Palo Alto Networks Next-Generation Firewalls (PRNewswire) Tufin®, the leader in Security Policy Orchestration, today announced an integration with the Palo Alto Networks Next-Generation Firewall to help enterprises automate orchestration of their network security policies. This integration supports agile and risk-free policy modifications that are essential for enterprises to remain compliant and secure as networks become increasingly heterogeneous and dynamic. Tufin enables greater automation across complex, heterogeneous network and application environments

Die Cyberangriffe gezielt abwehren (Elektroteknik) Sie ist die Norm für die IT-Sicherheit: die IEC 63443. Das Konzept dahinter: Defense-in-Depth als Grundlage für eine erfolgreiche Verteidigungsstrategie. Diese setzt auf einen ganzheitlichen Ansatz zum Schutz von Produktionsanlagen

Ooredoo partners with Fortinet to offer security service (Telecompaper) Ooredoo has announced that Fortinet will be its preferred security partner. Under the managed security service provider (MSSP) agreement, Fortinet technology will be offered with Ooredoo business services, so that customers can deploy anti-spam services, firewalls, VPNs and anti-virus solutions without compromising the performance of their network

Coop Bank Denmark first to deploy Gemalto's unique bio-sourced contactless EMV cards (Globe Newswire via Nasdaq) Gemalto (Euronext NL0000400653 GTO), the world leader in digital security, announces that Coop Bank Denmark, part of the Coop retail group that is owned by its 1.4 million members, is deploying Gemalto's unique bio-sourced Optelio Contactless EMV cards

Technologies, Techniques, and Standards

Select Star from PCAP — Treating Packet Captures as Databases (Internet Storm Center) Have you ever had to work with a large packet capture, and after getting past the initial stage of being overwhelmed by a few million packets, find that are still a bit overwhelmed?

New threat intelligence report skewers industry confusion, charlatans (ZDNet) Are you getting threat intel — or just antivirus software? A government-backed report designs a framework for threat intelligence that can be scaled to different sectors, sizes of organization, and organizational goals

Threat Intelligence: Collecting, Analysing, Evaluating (Centre for the Protection of National Infrastructure) A diverse array of products and services, classed as Threat Intelligence, are available. To assist organisations with planning their approach to Threat Intelligence, CPNI and CERT-UK have commissioned work on this growing field

Hacking Back: Two Wrongs Don't Make A Right (Dark Reading) Here's the critical issue: Do you want to risk engaging your company in an ego-fueled war of revenge, or do you want to cut the bad guys off at the pass?

Lessons from the trenches of a cybercrisis rapid response team (Christian Science Monitor: Passcode) Many major security vendors have teams of professionals ready to aid companies under cyberattack. At IBM, calls to the hotline for its emergency response team dubbed 'Cyber 911' have tripled over the past year. Here's some advice from its team for businesses to protect themselves

Brocade NZ: SDN — definitions, benefits, and misconceptions (Reseller News) In the last 12-18 months, Software Defined Networks (SDN) has been much touted as a data centre saviour

ETSI to focus on Quantum Safe Cryptography (Telecom TV) European telecoms standards group ETSI has launched a new Industry Specification Group (ISG) that will focus on Quantum Safe Cryptography (QSC), in order to better safeguard the next generation of quantum computers against threats. At its first meeting last week, Mark Pecen of Approach Infinity was elected as the chairman

PCI Council updates penetration testing guidance for merchants (SC Magazine) The PCI Security Standards Council has released guidance to help merchants improve their system for regularly testing security controls and processes impacting payment card security

Securing The IT Supply Chain (TrendLabs Security Intelligence Blog) The security of an enterprise is not only dependent on the organization itself, but also on the security of their IT supply chain and contractors. These represent potential weak points into the security of any organization

Defending Cyber-Physical Systems from Attack Chains (Dark Reading) A strong defense against compromise involves three layers: hardening devices, securing communications, and monitoring behavior

Cyber what? (part 2 of 2) (CSO) An in-depth of examination of the terms "cyber war," "cyber terrorism," "cyber vandalism" and "cyber espionage"

Marketplace

Cybersecurity at Aetna Is a Matter of Business Risk (CIO Journal) Security breaches have become a daily fact of digital life, prompting some companies like insurance giant Aetna Inc.AET +1.09% to approach cybersecurity as just one more business risk that needs to be managed, much as they approach fluctuating currency prices or the threat of lawsuits

Cyberguards not keen to snitch on own countries (BDLive) The $71bn cybersecurity industry is fragmenting along geopolitical lines as firms chase after government contracts, share information with spy agencies, and market themselves as protectors against attacks by other nations

When Censorship Backfires: How Blue Coat Silenced A Security Researcher (Forbes) When security researchers are silenced by governments or private companies, it's often to the detriment of technology users of all ilks. Ignorance is certainly not bliss when it comes to digital vulnerabilities. It leaves systems open to attack and, consequently, people's data open to theft

5 keys to hiring security talent (CIO) Recruiting IT security professionals can be tough, unless you have a great elevator pitch, says an insurance company CIO

IBM Launches Major Internet Of Things Offensive (TechCrunch) IBM is wasting little time when it comes to the Internet of Things. The company outlined a major Internet of Things strategy tonight with a series of announcements that included a $3B investment to establish an Internet of Things unit inside of Big Blue along with a partnership with The Weather Company

Huawei is transforming from alleged cyber threat to household brand name (Quartz) The numbers: Net profit at the Chinese telecom company rose 32% to 27.9 billion yuan ($4.5 billion). The company expects about 10% annual growth in sales revenue over the next three to five years. It plans to spend about $60 million (paywall) on 5g technology this year, after ramping up research and development spending by almost a third last year to $6.6 billion

Security Standout Qualys Scans For Ways To Grow More (Investor's Business Daily via Nasdaq) Online security vendor Qualys is enhancing products and cross-selling more of its services to broaden and deepen a global customer base continuously more cognizant of intensifying cybersecurity threats, the company's CEO tells IBD

Force 3 Launches New Brand, Lays Stake as The Network Security Company (Benzinga) Longtime federal VAR hits refresh with new look and website

These BTech students crack the right codes (Times of India) Hacking means breaking into something, and ethical hacking is authorized breaking. Of late, the term 'hacker' comes with several negative connotations, but Kevin Singh always saw hacking as a challenge. "I always wanted to do something unconventional, which people are not much aware about," says the 21-year-old ethical hacker

Distil Networks Helps Companies Battle Bad Bots (Forbes) "I was working at a cloud security company and customers were asking for a way to identify real people versus bots on their websites. The company that I was with didn't tackle that problem. And so I tried to find something that would for those customers. The more I looked around, the more I realized there was a gap in the market for that service. So that's where things started in 2011," says Rami Essaid, co-founder and CEO of Distil Networks on his company's genesis

Estonia and Raytheon Agree to Pursue Long-term Collaboration in Cybersecurity (PRNewswire) The Estonian Ministry of Defense and Raytheon Company (NYSE: RTN) have agreed to explore long-term collaboration in the area of cyber security

Instabill Has Joined Comodo PCI Complaince Program (Host Review) The Comodo organization, a global innovator and developer of cybersecurity solutions, today announced that Instabill, one of the industry's leading high risk merchant account providers for e-commerce and retail businesses, has joined the Comodo Painless PCI program

WatchGuard named Network Computing Awards Company of the Year 2015 (IT Web) WatchGuard Technologies, a global leader in multifunction security appliances, today announced it was named Company of the Year at the 2015 Network Computing Awards. The company also received Best Hardware Product of the Year award honours for its new multifunction firewall, the Firebox M440

Security Watch: FireEye appoints first ever Asia Pac president (CSO) FireEye has the appointment of Eric Hoh as their first President of Asia Pacific Japan region. He will oversee FireEye's business operations and sales across the Asia Pacific region. He is based at the company's regional headquarters in Singapore

Research and Development

DARPA's plan to make software security "the domain of machines" (Naked Security) The Defense Advanced Research Projects Agency (DARPA) is looking for a superhero who can take on one of the trickiest problems in computer security

New Privacy Pilot Federal Funding Opportunity (NSTIC Blogs) The NSTIC NPO has just announced a new funding opportunity with a special focus on privacy enhancing technologies. NSTIC is soliciting applications from eligible applicants to pilot privacy-enhancing technologies that embrace and advance the NSTIC vision and contribute to the maturity of the Identity Ecosystem the NSTIC envisions: promote secure, privacy-enhancing, and user-friendly ways to give individuals and organizations convenience in their online interactions

Security Patches, Mitigations, and Software Updates

Barracuda adds Android support in MDM platform (CSO) Barracuda Networks recently updated its mobile device management (MDM) solution. The free, cloud-based mobile device and mobile app management service now includes support for Android mobile devices as well as iOS

Cyber Attacks, Threats, and Vulnerabilities

Volatile Cedar APT Group First Operating out of Lebanon (Threatpost) An APT group with its sights on selective targets, most of those in Israel, has been using an elusive malware implant to steal data from groups with state and political interests

Op_Israel: Anonymous Threatens Israel with 'Electronic Holocaust' (HackRead) In a latest video footage from Anonymous, the notorious hacker group, a masked individual appears in a suit and delivers a well-structured statement announcing a possible attack on Israel's online servers on April 7

The great Anonymous divide (Christian Science Monitor: Passcode) While the Guy Fawkes masks associated with Anonymous are seen at youthful protests around the world, the hacktivist collective is far from being a unified global movement

Massive DDoS against GitHub continues (Help Net Security) Popular web-based Git repository hosting service GitHub has been battling a massive DDoS attack — the biggest they have ever experienced — for the last four days

Internet activists blame China for cyber-attack that brought down GitHub (Guardian) GitHub censorship project GreatFire alleges that China authorities redirected global web traffic to launch a massive denial of service attack on the website

Report: China hijacking computers worldwide to suppress information (The Hill) The Chinese government is co-opting millions of Internet users worldwide to launch cyberattacks, according to a report released Monday

China's Man-on-the-Side Attack on GitHub (Netresec) On March 27 The following message was posted on the official GitHub blog: "We are currently experiencing the largest DDoS (distributed denial of service) attack in github.com's history. The attack began around 2AM UTC on Thursday, March 26, and involves a wide combination of attack vectors. These include every vector we've seen in previous attacks as well as some sophisticated new techniques that use the web browsers of unsuspecting, uninvolved people to flood github.com with high levels of traffic. Based on reports we've received, we believe the intent of this attack is to convince us to remove a specific class of content." We have looked closer at this attack, and can conclude that China is using their active and passive network infrastructure in order to perform a man-on-the-side attack against GitHub

Anonymous proxies now used in a fifth of DDOS attacks (Ars Technica) The number of DDOS attacks using anonymous proxies has increased

Russian banks combat Tyupkin ATM malware gang (SC Magazine) Russian banks see Tyupkin ATM malware use rise in Russia and take steps to locate culprits

Threat Spotlight: Dyre/Dyreza: An Analysis to Discover the DGA (Cisco Blogs) Banking and sensitive financial information is a highly coveted target for attackers because of the high value and obvious financial implications. In the past year, a large amount of attention has been centered on Point of Sale (PoS) malware due to its major role in the compromise of several retailers. While PoS malware is a major concern, attackers have also realized that targeting individual end users is an effective method of harvesting other types of financial data. As a result, banking malware has become a prevalent category of malware that poses a major threat to users and organizations of all sizes. One of the more well known examples of banking malware is Zeus

Periscope's first privacy foul-up (Graham Cluley) Periscope, the live-streaming video app from Twitter, has had its first privacy goof — just days after launch

Fake Judicial Spam Leads to Backdoor with Fake Certificate Authority (TrendLabs Security Intelligence Blog) Recently, we've come across an interesting spam campaign aimed at French users. The campaign itself uses a well-crafted lure that is likely to catch the attention of its would-be victims. In addition, the malware used — the GootKit backdoor — contains several unusual technical characteristics. Both of these highlight how this campaign was quite well thought-out on the part of the attackers

Puush urges users to change passwords after cyber attack (SC Magazine) The screen sharing platform Puush was hit by a cyber attack this weekend that injected malware into a server. Users were prompted to uninstall the app and change important passwords that were stored on PCs as well as those saved in major browsers, such as Chrome and Firefox, after other users began tweeting Puush about suspicious activity

British Airways freezes some frequent-flyer accounts in wake of hack (Help Net Security) Tens of thousands of British Airways customers have had their frequent-flyer accounts temporarily frozen in the wake of a security breach

Cyber attack hits Fairleigh Dickinson; Rutgers works to restore internet service (NJ.com) As Rutgers University works to recover from a weekend cyber attack, Fairleigh Dickinson University officials confirm that a similar attack shut down the university's own computer network Saturday

Weekend of Internet Hack Attacks Underlines Vulnerability (Top Tech News) The recent spate of hack attacks on the IT systems of British Airways, GitHub, Slack and Rutgers University are all signs of the fast-changing nature of the Internet — and the growing number of people who are capable of launching attacks on it. And cybersecurity professionals worry that such incidents are only likely to become more common in years to come

Security Attacks via Malicious QR Codes (Infosec Institute) With the increasing use of smartphones, QR codes are becoming popular. Recently, WhatsApp launched its web version, which needs QR code scanning to access the web version of WhatsApp. So, many people now know what QR code is, but still more are unaware. It is very similar to a bar code we see in products, but it does not need a different reader

Android-Viren drohen aus Drittanbieter-Stores (Com!) Über 1,5 Millionen Schadprogramme für die Android-Plattform hat der deutsche Sicherheitsspezialist G Data im vergangenen Jahr entdeckt. Eine Vielzahl davon stammt aus alternativen Drittanbieter-Stores

These 4 countries are the biggest threats to US cybersecurity (Business Insider) Securing digital infrastructure is becoming more of a national priority, and intelligence agencies are taking notice

Ad Networks Ripe for Abuse via Malvertising (Threatpost) Dark corners of the Internet harbor trouble. They're supposed to. But what about when Yahoo, CNN.com, TMZ and other busy destination sites heave disaster upon visitors

Hacking Ships: Maritime Shipping Industry at Risk (Security Affairs) Modern maritime ships are considered a privileged target for hackers and pirates that are increasing their pressure on the Maritime Shipping Industry

Bulletin (SB15-089) Vulnerability Summary for the Week of March 23, 2015 (US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information

Academia

ACM, Infosys Foundation honour Stanford's Dan Boneh (NetIndian) Dan Boneh, professor of Computer Science and Electrical Engineering at Stanford University, has been chosen for the 2014 ACM-Infosys Foundation Award in the Computing Sciences for his contributions to the ground-breaking development of pairing-based cryptography and its application in identity-based encryption

Risk Management Careers For MBAs Swell As Boardrooms Home In On Hazards (Business Because) Industries are under growing pressure to manage risks. The complexity of today's risk environment means more companies are conducting risk management at board level

Litigation, Investigation, and Enforcement

Feds Demand Reddit Identify Users of a Dark-Web Drug Forum (Wired) Over the last year, Reddit's "dark net markets" discussion forum has grown into one of the central fixtures of the online drug scene. At any given moment, hundreds of redditors are browsing [Reddit], many brazenly discussing anonymous online sales on the open internet

Federal Agents Charged With Using Bitcoin To Launder Money (National Journal via Defense One) A former DEA official and a former Secret Service agent face charges over criminal activity that allegedly took place while the agents investigated the Silk Road website

SFO fined for BAE corruption case security blunder (Telegraph) 'Astounding' breach of confidentiality leads to £180,000 penalty

Human error lead to leak of world leaders' personal information (Help Net Security) Personal information, passport numbers and visa details of world leaders who attended the G20 summit in Brisbane, Australia, in November 2014, have been inadvertently leaked by an employee of the Australian Department of Immigration and Border Protection

EU countries should harmonize methods of investigation in fight against cybercrime (Baltic Course) On 25-27 March 2015, the European Police College (CEPOL) conference "Cybercrime — Strategic level" took place in Latvian Jurmala. The aim of the conference was to improve cooperation and harmonize the investigative methods among law enforcement authorities of the EU Member States, as well as to improve public and private partnership and cooperation with the Eastern Partnership countries and EU candidate countries for combat against cybercrime, reported BC th the Ministry of the Interior

High-Priority Information Technology Needs for Law Enforcement (RAND) This study reports on strategic planning activities supporting the National Institute of Justice (NIJ) in the area of information technology, collecting and analyzing data on law enforcement needs and offering potential solutions through technology assessment studies, extensive outreach and liaison activities, and subject matter expert panels. Strategic planning will help NIJ make the best investments to leverage its limited funds and help the range of technology developers supporting law enforcement better understand the law enforcement community's needs and priorities. By looking across the top-ranking needs, the authors identified 11 crosscutting themes in total. These themes are further grouped into three overarching keynotes — a broad need to improve the law enforcement community's knowledge of technology and practices, a broad need to improve the sharing and use of law enforcement-relevant information, and a broad need to conduct research, development, testing, and evaluation on a range of topics. The latter category includes research on both the "nonmateriel" side of technology, including policy and practices, and more traditional technical development

Game store swatted, nearly became complicit in inciting police response (Ars Technica) Received phony call encouraging employees to shut blinds, shout about weapons

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

2015 Synergy Forum (Tysons Corner, Virginia, USA, April 30, 2015) The 2015 Synergy Forum brings together government and industry practitioners driving our collective technology futures. This event is multi-disciplinary, examining the emerging fusion of physical and digital worlds. The event topics include: Big Data, Cyber Security, Internet of Things, Mobility, Strategy and Technology. Attending this event would be beneficial to: Policy-makers, architects, program managers, influencers in the federal government and the most forward thinking engineers, architects and innovators in the DC ecosystem

NCCOE Speaker Series: The Cyber Danger: Problems of Strategic Adaptation (Rockville, Maryland, USA, May 20, 2015) Lucas Kello (Senior Lecturer in International Relations / Director of Cyber Studies Program, Oxford University, and Associate of the Science, Technology & Public Policy Program, Belfer Center for Science & International Affairs, Harvard University, Kennedy School of Government) will deliver the keynote address. The contemporary world confronts an enormous cyber threat. The U.S. intelligence community rates this threat higher than global terrorism. It warns of the severity of the damage a cyber attack could produce. Yet there is no consensus among scholars and decision makers on how to characterize the strategic instability of cyber interactions or on what to do about it. The range of conceivable cyber conflict is poorly understood. It is unclear how conventional security mechanisms such as deterrence and collective defense apply to this phenomenon. Principles of cyber defense and cyber offense remain rudimentary. The growth of cyber arsenals, in short, is outpacing the design of doctrines to limit their risks. This presentation will review problems of strategic adaptation to current cyber realities, applying insights from technological revolutions in previous eras

DefCamp6 (Bucharest, Romania, November 19 - 20, 2015) Why DefCamp? Because it's the most important conference on Hacking & Information Security in Central Eastern Europe, bringing hands-on talks about the latest research and practices from the INFOSEC field, gathering under the same roof security specialists, entrepreneurs and developers, managers from both private and public sector

Disrupt London 2015 (London, England, UK, December 7 - 8, 2015) TechCrunch Disrupt is one of the most anticipated technology conferences of the year. Join us at this iconic startup and thought leadership event in London on December 7 and 8. What happens at Disrupt? We start each day with panels and one-on-one discussions featuring TechCrunch writers and editors, special guest speakers, leading venture capitalists and fascinating entrepreneurs addressing the most important topics facing today's tech landscape. Each afternoon, we host the Startup Battlefield competition which culminates in six finalists taking the stage at the end of the event for a shot at winning the Disrupt Cup

upcoming Events

Automotive Cyber Security Summit (Detroit, Michigan, USA, March 30 - April 1, 2015) The debut Automotive Cyber Security Summit will bring together CTOs, CSOs, Engineers and IT professionals from GM, KIA, Nissan, Bosch, Qualcomm and more for three days of case studies, workshops, panel discussions and networking sessions

Insider Threat Symposium & Expo (Laurel, Maryland, USA, March 31, 2015) The National Insider Threat Special Interest Group (NITSIG) announced that it will hold FREE 1 day Insider Threat Symposium & Expo (ITS&E) on March 31, 2015 in Laurel, Maryland. The symposium is exclusively focused on insider threat awareness, insider threat program development and implementation and insider threat risk mitigation.The ITS&E will provide attendees with access to a broad network of security professionals to collaborate with on insider threat risks, insider threat detection, insider threat risk mitigation strategies and insider threat program development, implementation and management. The expo will include vendors that have proven technologies and services for insider threat risk mitigation

Kansas City Secure World (Kansas City, Missouri, USA, April 1, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry experts on many diverse topics such as: Risk Mitigation, Malware Detection, Digital Forensics, Cloud Security, Privacy, Big Data, PCI Compliance, Security Metrics, Encryption, Mobile Device Management, Incident Response, and much more. James Beeson (CISO, GE Capital Americas) will deliver the keynote

Cyber Insurance and Corporate Governance: Facing New Threats (Brooklyn, New York, USA, April 2, 2015) Peter D. Hancock, president and CEO of AIG, will lead a discussion of the ways in which the insurance industry is adapting to account for threats to the most valuable — and vulnerable — assets companies around the world possess: intellectual property and, in many cases, the sensitive personal information of millions

Coast Guard Intelligence Industry Day (Chantilly, Virginia, USA, April 2, 2015) With a blended focus of defense, homeland security, law enforcement, criminal investigations, intelligence and cyber issues, Coast Guard Intelligence is aggressively looking to collaborate with partners and stakeholders in support of mission of execution. This event will be Coast Guard Intelligence's most significant and inclusive outreach event of the year.

Centers for Medicare and Medicaid Services (CMS) CISO Security & Privacy Forum (Woodlawn, Maryland, USA, April 7, 2015) The CISO Security & Privacy Forum is hosted by the Information Security Privacy Group (ISPG) at CMS. The Vision for ISPG is to provide leadership to CMS in managing information security and privacy risks appropriate for evolving cyber threats. The Mission is to enable the safe use of sensitive and privacy data while servicing the healthcare needs of the nation. The format for this event will include briefings from government and industry. Our featured speaker is from the Interagency OPSEC Support Staff and will present on "TRASHINT: Dumpster Diving", a very popular topic which teaches attendees how one person's trash can be another person's treasure

10th Annual Cyber and Information Security Research Conference (Oak Ridge, Tennessee, USA, April 7 - 9, 2015) Cyberspace is fundamental to our national prosperity, as it has become critical to commerce, research, education, and government. Realizing the benefits of this shared environment requires that we are able to properly balance the risks and rewards, understand and communicate threats to security and privacy, and rapidly adapt any resulting approach to a changing adversarial environment. The 10th Annual Cyber and Information Security Research Conference at Oak Ridge National Laboratory in Oak Ridge, Tennessee will bring together cyber security researchers, program managers, decision makers, security vendors, and practitioners to discuss many challenging tasks and novel solutions pertaining to cyber security

Cyber Risk Wednesday: The future of Iranian cyber threat (Washington, DC, USA, April 8, 2015) Join the Atlantic Council's Cyber Statecraft Initiative on April 8, from 4:00 p.m. to 5:30 p.m. for a panel discussion on the Iranian cyber threat and the potential for a drastic escalation of cyber conflicts between Iran and the West. Few other events have so far dominated 2015 as the P5+1 negotiations to limit Iranian nuclear capabilities. Against the backdrop of the negotiations, it is likely that Iran, Israel, and the United States are gathering their strength for a renewal of cyber conflict of the past several years. The confrontations include attacks both from Iran, such as disruption of the US banking sector and against Gulf energy companies, and against Iran, such as Stuxnet and the Wiper worm. Should the talks fail, what are the chances of an escalating cyber conflict?

Cyber Threats Masterclass (Turin, Italy, April 9 - 11, 2015) The United Nations Interregional Crime and Justice Research Institute (UNICRI) is organizing two new courses on emerging threats towards states and citizens with the aim of promoting an in-depth knowledge of specific issues such as cyber crimes and crimes against the environment. The courses are tailored to journalists and chief information officers, as well as those who want to specialize in this area, offering a unique opportunity to network with renowned international experts

InfoSec Southwest 2015 (Austin, Texas, USA, April 10 - 12, 2015) InfoSec Southwest is an annual information security and hacking conference held in Austin, Texas, one of the most interesting and beautiful cities in the United States. By addressing a broad scope of subject-matter, InfoSec Southwest is intended to both provide a comprehensive and valuable forum to all participants as well as fill a gap for our local attendees left by the other few conferences held here in Texas which are all focused on a narrower scope of subject matter or a narrower slice of audience demographic

Cybergamut Tech Tuesday: Tor and the Deep Dark Web (Elkridge, Maryland, USA, April 14, 2015) This talk will explore the use of Tor and how it relates to garnering useful intelligence. Distinguishing attribution or valuable intelligence from limited event data is difficult. Leveraging external threat data can be helpful in evaluating intelligence but how do you identify relevance? Created as a means of protecting the privacy and anonymity of its users, Tor — the managed network of private computers leveraged by criminal elements to minimize the risk of surveillance and capture — is being exploited by the most technically proficient, aggressive, and organized of criminal syndicates

NIST IT Security Day (Gaithersburg, Maryland, USA, April 8, 2014) The Office of the Chief Information Officer, OCIO, is hosting NIST IT Security Day as a means to heighten awareness for all NIST users on the many aspects of operational information technology security and networking at home and in the office. This event's objective is to educate users on IT security and related topics. The event will feature guest speakers on general and technical IT security topics and tutorials on internal services and products.

Cyber Security Summit: Industrial Sector & Governments (Prague, Czech Republic, April 14 - 15, 2015) Cyber Security Summit Europe — Industrial Sector & Governments brings together cyber security experts who will share their skills and know-how needed to address highly topical issues such as state-sponsored cyber-attacks and SCADA Security Assessment

Cyber Security Summit: Financial Services (Prague, Czech Republic, April 14 - 15, 2015) Cyber Security Summit Europe — Financial Services brings together cyber security experts across the financial sector to discuss topical security vulnerabilities as well as bring forward effective strategies and solutions to effectively mitigate them

INTERPOL World 2015 (Singapore, April 14 - 16, 2015) INTERPOL World is a new biennial international security trade event which will bring police and other law enforcement agencies together with security solution providers and security professionals from around the world to identify future challenges and propose and build innovative solutions

Mid-Atlantic ISSA Security Conference 2015 (Gaithersburg, Maryland, USA, April 15, 2015) Meeting at the NIST campus, this all-day event, jointly hosted by the ISSA Baltimore, DC, and Northern Virginia chapters, will have 3 concurrent tracks of security professionals discussing the current state of various information security topics. The cost is $150 per person, including breakfast and lunch; pre-registration is required in order to get onto the NIST campus

Symantec Government Symposium: Secure Government: Manage, Mitigate, Mobilize (Washington, DC, USA, April 15, 2015) The annual Symantec Government Symposium is a one-day event attracting 1,500 government IT security and management professionals. The event is designed to facilitate peer-to-peer dialogue on the challenges facing today's government leaders. This year, former FBI Director Robert Mueller will deliver the keynote address, and the program will also feature sessions on CDM, risk management, security intelligence, secure app management, cyber legislative priorities, and much more. The theme of the 2015 Symposium is "Secure Government: Manage, Mitigate, Mobilize"

Proposer's Day Conference for the Scientific advances to Continuous Insider Threat Evaluation (SCITE) program (Washington, DC, area, April 16, 2015) The Intelligence Advanced Research Projects Activity (IARPA) will host a Proposers' Day conference for the Scientific advances to Continuous Insider Threat Evaluation (SCITE) program, in anticipation of the release of a new solicitation in support of the program. The purpose of the conference will be to provide introductory information on SCITE and the research problems that the program aims to address, to respond to questions from potential proposers, and to provide a forum for potential proposers to present their capabilities and identify potential team partners

IIT Cyber Forensics and Security Conference and Expo (Wheaton, Illinois, USA, April 17, 2015) All are invited to participate in this multi-track, technical conference that attracts more than 200 professionals, 50 speakers, 20 sponsors, for an intensive one and a half day schedule that includes discussion and debate over forensics, security, data/information governance, cyber crime and security, ethical hacking, eDiscovery, cloud forensics, steganography, policy and compliance, privacy, wireless security, cloud computing, identity theft, and more

RSA Conference 2015 (San Francisco, California, USA, April 20 - 24, 2015) Don't miss this opportunity to join thousands of industry professionals at the premier information security event of 2015

Australian Cyber Security Centre Conference (Canberra, Australia, April 22 - 23, 2015) The Australian Cyber Security Centre (ACSC) will be hosting its first cyber security conference in 2015. We are bringing leading cyber security experts from Australia and abroad to share their expertise. This will be your first chance to experience the unique collaboration of the ACSC. Over 700 attendees from the national and international ICT community are expected to attend

Security Forum 2015 (Hagenberg im Mühlkreis, Austria, April 22 - 23, 2015) The Security Forum is the annual IT security conference in Hagenberg that addresses current issues in this domain. Visitors are offered technical as well as management-oriented talks by representatives of business, research and public service

CyberTexas / CyberIOT (San Antonio, Texas, USA, April 23 - 24, 2015) CyberIOT — Securing the Internet of Things. As more everyday devices become connected to the internet, the need for securing those items becomes critical. CyberTexas will explore the intersection of cyber security and the internet of things'

Defensive Cyberspace Operations & Intelligence Conference & Exhibition (Washington, DC, USA, April 27 - 28, 2015) The 5th Annual Defensive Cyberspace Operations & Intelligence (DCOI) conference & exhibition is an Israeli-American partnership promoting the extraordinary developments in the technological, intelligence and policy-making domains of cyberspace. It will be held on April 27-28; the first day will consist of panels and exhibition at the Ronald Reagan Building and International Trade Center, and the second will hold workshops, exhibition and seminars at the George Washington University

INTEROP Las Vegas (Las Vegas, Nevada, USA, April 27 - May 1, 2015) Attend Interop Las Vegas, the leading independent technology conference and expo designed to inspire, inform, and connect the world's IT community. In 2015, look for all new programs, networking opportunities, and classes that will help you set your organization's IT action plan

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.