The CyberWire Daily Briefing 04.09.15
ISIS-sympathizing hackers take down another target-of-opportunity, French television network TV5Monde. Libya's Ansar al-Sharia takes a step toward aligning itself with the aspiring Caliphate (and the Libyan group's social media activity increasingly resembles that of ISIS).
Most observers finger Russian intelligence services in the long-running, long-investigated hacks of the US State Department and White House, but the White House itself declines any attribution as "not in our interest." (Diplomatic observers nonetheless see the US Administration dog-whistling an "I-know-what-you're-doing-online" warning in the direction of Moscow.) Russia officially denies any involvement, loyally seconded by the hardly disinterested journalists of Sputnik, who cite Kaspersky researchers on the virtual impossibility of attributing hacks to nations. (In fairness to Kaspersky, the company has long been very reticent with respect to attribution.) The White House says that, while no classified information was stolen, "sensitive" material was compromised.
Fox IT warns of a large-scale malvertising campaign that appears to be passing through a Google ad reseller. Heimdal warns of malice in Webpage Screenshot, a once popular app now removed from the Chrome store. ESET cautions against unexpected ZIP files that may contain the Waski malware downloader.
US-CERT alerts the public against the polymorphic downloaders of the AAEH family, and passes on the Network Time Foundation's NTP Project finding of vulnerabilities in the network time protocol daemon.
The White House hack raises investors' interest in cyber security stocks.
An Atlantic Council panel discusses the future of Iranian-US cyber conflict post-preliminary-nuclear-deal. (Watch the whole thing: cyberpeace isn't about to dawn.)
Notes.
Today's issue includes events affecting Australia, Austria, Bulgaria, China, France, India, Iran, Iraq, Israel, Japan, Democratic Peoples Republic of Korea, Republic of Korea, Libya, Netherlands, Russia, Singapore, Syria, Ukraine, and United States.
Cyber Attacks, Threats, and Vulnerabilities
Islamist hackers take French broadcaster TV5Monde off air (IDG via CSO) French-language TV network TV5Monde was hit by a crippling cyberattack Wednesday that disrupted broadcasting across its channels and also involved the hijacking of its website and social media accounts
Cyber attacks against TV stations aren't a new thing. Just ask CNN (Graham Cluley) Remember this from ten years ago?
Spiritual Leader of Libya's Biggest Jihadi Group Pledges Allegiance to ISIS (Newsweek) Ansar al-Sharia's propaganda is also beginning to resemble that of ISIS. Ansar al-Sharia, the top jihadi group in the civil war-torn country of Libya, has edged closer to pledging allegiance to ISIS after its spiritual leader and top judge, Abu Abdullah al-Libi, defected to the radical group, according to an audio message released by the terror group
Cyberattack on Israel fails to push country's buttons (Israel Hayom) Anonymous hacker group's attempt to electronically cripple Israeli cyber infrastructure fails. Major servers exercise recommended protection protocols, escape disruptions. Dozens of minor websites hacked, none reporting significant damage
Russian Paper Removes Article About Soldier Wounded In Ukraine (Radio Free Europe/Radio Liberty) Journalists at a Siberian newspaper say they spent three days using scissors to cut an article about a Russian soldier who was wounded fighting alongside pro-Russian rebels in Ukraine out of 50,000 copies of the publication
Russian Hackers Breached White House Via US State Department (Dark Reading) Attackers who recently breached the US State Department compromised an unclassified White House system by sending spearphishing messages from a hijacked State Department email account, officials say
Russian hackers executed the US State Department, White House network breaches (Help Net Security) The October 2014 breaches of some of the computer systems of the US State Department and the White House have been executed by Russian hackers, unnamed US officials familiar with the investigation told CNN reporters
WH: Hackers accessed 'sensitive' data but nothing confidential (The Hill) The White House on Wednesday acknowledged hackers had access to "sensitive" data during a breach last fall, but reiterated no confidential material was lifted and the networks were never damaged
Russia Didn't Carry Out White House Computer Hack, Peskov Says (Bloomberg) Russia rejected a report that its government had been involved in hacking a non-classified White House computer network
White House will not name those behind 2014 cyber attack (AFP via Economic Times) The White House said Wednesday it would not name those behind a cyber attack on official Washington targets last October, after reports blamed Russia
Identifying Hackers' Country of Origin is Impossible (Sputnik) The chief malware expert at Kaspersky Lab said that it is almost impossible to guess hackers' nationality. The hardest problem about finding the source of cyberattacks is attribution since a hacker's country of origin can only be guessed by clues in the malware code, the chief malware expert at Kaspersky Lab said Wednesday
White House hackers accessed schedule of President Obama's whereabouts (Naked Security) Since the cyber intrusion into the White House was first discovered in October, the US government has said that ongoing cyber breaches into the president's executive office network — suspected to come via the US State Department's system — have only affected an unclassified system
White House battles cyberattacks on a daily basis (USA TODAY) The White House is under attack every day. Cyber attack. The methods change, and the suspects range from individual actors to governments like Russia, China, North Korea and Iran
Alleged White House hack highlights typical security failings, say experts (ComputerWeekly) The alleged penetration of sensitive White House computer networks highlights typical security failings, say information security experts
New Evasion Techniques Help AlienSpy RAT Spread Citadel Malware (Threatpost) Hackers have co-opted AlienSpy, a remote access tool, to deliver the Citadel banking Trojan and establish backdoors inside a number of critical infrastructure operations
Large malvertising campaign linked to potentially compromised Google ad reseller (Help Net Security) Dutch infosec firm Fox IT has spotted a lage scale malvertising campaign that seems to originate from Bulgarian Google ad reseller EngageLab
Security Alert: Webpage Screenshot Leaks Private Data For 1.2 Million Users (Heimdal Security Blog) Our malware labs have detected a popular extension in Google Chrome — Webpage Screenshot — that systematically collects your browsing details in order to sell them to a third party
Chrome extension collects browsing data, uses it for marketing (Ars Technica) Downloaded 1.2M times, "Webpage Screenshot" no longer available in Chrome Store
Waski downloader spreads banker Trojan targeting users worldwide (We Live Security) If you have recently received an unexpected email with a ZIP file attached, it could be a threat attempting to steal your banking login credentials. Its name is Waski and is detected by ESET as Win32/TrojanDownloader.Waski
A flawed ransomware encryptor (SecureList) In the middle of last year, my colleagues published a blogpost about a new generation of ransomware programs based on encryptor Trojans, and used the example of the Onion family (also known as CTB-Locker) to analyze how these programs work
Alert (TA15-098A) AAEH (US-CERT) AAEH is a family of polymorphic downloaders created with the primary purpose of downloading other malware, including password stealers, rootkits, fake antivirus, and ransomware. The United States Department of Homeland Security (DHS), in collaboration with Europol, the Federal Bureau of Investigation (FBI) and the Department of Justice (DOJ), released this Technical Alert to provide further information about the AAEH botnet, along with prevention and mitigation recommendations
Vulnerabilities Identified in Network Time Protocol Daemon (ntpd) (US-CERT) The Network Time Foundation's NTP Project has released an update addressing multiple vulnerabilities in ntpd. Exploitation of these vulnerabilities may allow an attacker to conduct a man-in-the-middle attack or cause a denial of service condition
The 10 Most Common Application Attacks in Action (IBM Security Intelligence) Nowadays, application development is moving more and more onto the Web. The Web hosts entire productivity suites such as Google Docs, calculators, email, storage, maps, weather and news — everything we need in our daily lives. Our mobile phones are useless without the Internet since nearly all mobile applications connect to the cloud, storing our pictures, usernames and passwords and private information. Even our home devices are now connecting to the Web, with Internet of Things platforms such as Wink that allow users to dim their house lights right from their mobile phone
Drug Pump's Security Flaw Lets Hackers Raise Dose Limits (Wired) When Billy Rios needed emergency surgery last summer after cerebral spinal fluid began leaking through his nose, he was only partly focused on his life-threatening condition. That's because Rios was distracted by the computerized drug-infusion pumps Stanford Medical Center used to administer medication to him and other patients. As a security researcher, Rios realized he'd purchased the same models of pumps months earlier on eBay in order to examine them for security flaws. As he watched the pump dose him with meds, all he could think about were the holes he'd found in one of the brands that made it susceptible to hacking
A Hacker's-Eye View of the Internet of Things (Re/code) Ever wonder what hackers think about the Internet of Things? Consider for a moment what someone with criminal intent might do with secret access to your Internet-connected garage door opener and it doesn't take long to imagine something bad
Linux Australia gets pwned, rooted, RATted and botted (Naked Security) Linux Australia had a bit of a nightmare Easter Weekend
An example of the malicious emails sometimes sent to the ISC handler addresses (Internet Storm Center) Part of being an ISC handler is reviewing the emails sent to our various email distros. Because these email addresses are publicly-known, we receive a lot of spam. Occasionally, we get more malicious messages. This malicious spam often provides malware samples to examine
At least 750 ambulance patients at risk after Philadelphia FD breach (SC Magazine) Billing information from at least 750 ambulance patients may be at risk after a breach, the Philadelphia Fire Department said
Kendall Jenner has her Twitter hacked, and rude things are said about Justin Bieber (We Live Security) When a celebrity starts to post crazy things on Twitter there are a small number of possibilities
Security Patches, Mitigations, and Software Updates
Apple fixes loads of security holes in OS X, iOS, Apple TV, Safari (Naked Security) Apple's latest tranche of updates has shipped
Using Office 365 at work? It's dangerous to go alone! Take this… (Register) Microsoft touts new weapon to fend off Exchange email exploiters
Microsoft Security Essentials review — latest results highlight plight of out-of-date Windows machines (Expert Reviews) Utterly outclassed when installed on a poorly-maintained computer, but an effective tool if you keep your machine updated
New Tor version fixes issues that can crash hidden services and clients (Help Net Security) Two new versions of the Tor anonymity software have been released on Tuesday, with fixes for two security issues that can be exploited to crash hidden services and clients visiting them
After School app grows up after child safety criticisms (Naked Security) Anonymous social media apps aimed at youngsters are kind of like their teenage target market: they like to think of themselves as edgy
Cyber Trends
How data breaches break down by state and sector (CSO) The number of data breaches since 2005 are sliced and diced by state and sector, but nobody should be really surprised by the results
Marketplace
Cybersecurity Stocks In Focus After White House Security Breach (TheStreet) A number of cybersecurity stocks are moving higher this morning after media reports indicated that hackers infiltrated the White House's computer system
Don't Miss These Top Hacker-Beating Tech Stocks (Investor's Business Daily) It doesn't matter what industry you're in when it comes to cybertheft. Health insurer Anthem (NYSE:ANTM) earlier this year became the latest data breach victim, joining JPMorgan Chase (NYSE:JPM), Target (NYSE:TGT) and other high-profile targets
Should FireEye Inc. Be Worried About Palo Alto Networks? (Motley Fool) Cyber security is big business — and it's expected to get even bigger. Research company Markets and Markets expects the demand for cyber security products to swell to around $156 billion in 2019, up from about $95 billion last year
Cyber security and the importance of investing and innovating (South Coast Today) As digital threats against the United States from criminals, terrorists and state actors continue to loom large, our ability to fight back is not measuring up. This grim assessment was delivered by Adm. Michael Rogers, who heads both the U.S. military's Cyber Command and the National Security Agency (NSA), before the U.S. Senate Armed Services Committee late last month
Singtel acquisition of Trustwave shows its managed security ambitions (Networks Asia) In a move to improve its portfolio of security services, Singtel has signed an agreement to acquire a 98% equity interest in US- based managed security services provider (mssp) Trustwave. This US$810 million (S$1.1 billion) deal will see Trustwave Chairman and CEO, Robert J McCullen, holding the balance 2% equity interest
SIGINT engineering and signal processing company bought by CACI (Military Embedded Systems) CACI International Inc. officials announced that the company has acquired LTC Engineering Associates, Inc., in Sarasota, Fla., which provides digital signals processing, cybersecurity, software engineering, signals intelligence (SIGINT), and communications intelligence (COMINT) to the intelligence and Department of Defense (DoD) communities
Damballa opens office in Japan (Atlanta Business Chronicle) Damballa Inc. expanded into Japan with a new office in Tokyo that houses a manager, sales support and partners
CSA to hold hackathon featuring $10,000 prize (Help Net Security) The Cloud Security Alliance (CSA) will hold its third Hackathon at the RSA Conference 2015 in San Francisco, to continue to test the CSA Software Defined Perimeter Specification V.1. A top prize of $10,000 is available to the first participant to gain access to a password provided account
Welsh: Future hot jobs for airmen in cyber, drones (Air Force Times) Want to be a part of the Air Force of the future? Be ready to fly drones, or learn to hack. The hottest future jobs for the Air Force will follow the increasing need for cyber forces and the insatiable need for surveillance, Chief of Staff Gen. Mark Welsh said Wednesday
CloudPassage names new chief marketing officer (Financial News) CloudPassage said it has selected Mitch Bishop as its chief marketing officer (CMO)
Products, Services, and Solutions
Review: Anonabox or InvizBox, which Tor router better anonymizes online life? (Ars Technica) Intended to provide simple Internet privacy, two Tor routers take much different paths
HardSploit: Dedicated hardware pentesting tool (Help Net Security) As Internet of Things adoption is gaining momentum, and we hear time and time again that making it secure will be the biggest challenge, French IT security consultancy Opale Security has come out with a plan for a tool that will allow auditors to audit IoT and industrial device, SCADA systems and basic electronic products used in everyday life
NSA Clears Hypori Platform to Manage Classified Mobile Govt Data (ExecutiveGov) The National Security Agency has approved a Hypori cloud environment application to help defense agencies manage and secure mobile information over classified networks
ThreatStream Joins Forces with HITRUST to Speed Detection of Cyber Threats Targeting Healthcare Industry (InsuranceNewsNet) ThreatStream®, the leading provider of an enterprise-class threat intelligence platform, today announced a groundbreaking partnership with Health Information Trust Alliance (HITRUST), the leader in information risk management supporting the healthcare industry. Through this partnership, HITRUST is offering the HITRUST Cyber Threat XChange (CTX), powered by ThreatStream, a service that streamlines cyber threat information sharing and significantly accelerates detection of and response to cyber threats targeted at the healthcare industry
OPSWAT Announces New Malware Analysis Tool in Metascan Online (PRWeb) Statistics page aids in analysis of top threats and their detection rates
Splunk to be backbone for critical F-35 system (Washington Technology) Splunk is lending a big hand to Lockheed Martin's F-35 Lightning II program thanks to a subcontract that the company won to watch over some of the fighter's most critical systems
Clearswift Recognized for Adaptive Data Loss Prevention on Cybersecurity 500 List (BusinessWire) Data loss prevention provider ranked highest among competing technologies
Technologies, Techniques, and Standards
'Let's Encrypt' Will Try To Secure The Internet (InformationWeek) The Linux Foundation has lined up financial support for a group producing an easier way to encrypt Web site and mobile device traffic
Tokenization would not have prevented most retail breaches (CSO) Tokenization would not have helped in the majority of retail breaches over the past two years
Guide outlines specifications of smart card-based PACS (Help Net Security) Smart cards are increasingly accepted as the credential of choice for securely authenticating identity, determining appropriate levels of information access and controlling physical access
Solving the Right Problem: Stop Adversaries, Not Just Their Tools (Dark Reading) A malware-centric strategy is mere child's play against today's sophisticated adversaries. Here's why
Five Steps for Managing Cyberthreats in the Health Care Industry (Wall Street Journal) New information technologies and innovative business models are transforming the health care industry in several ways. The industry is beginning to focus on creating seamless interoperability among organizations, greater efficiencies in the delivery of care and increased consumer engagement through access to electronic health records and use of mobile health devices and apps
Four Essential Building Blocks of Cyber Security (SecurityWeek) Despite increased investments in preventive security measures, many organizations are losing the war against cyber criminals
Proactive Security Strategies Dramatically Improve Security Effectiveness (Dark Matters) A new study from Accenture and the Ponemon Institute confirms that companies that employ proactive security strategies realized a greater return on security investments than companies who depend on more traditional approaches to securing their networks
What’s next for your awareness program? (CSO) When I talk to CISOs or security awareness professionals, I frequently hear the same frustration about the results of their awareness programs. The supposed awareness programs have been a place for a year or more, and they have not yielded noticeable results, and in many cases seem almost useless, as user created incidents seem to continue to increase. When I ask them to describe their programs, what I get are descriptions of components of an awareness program and not a program itself. They describe computer-based training (CBT), and sometimes phishing simulations
Design and Innovation
Chip Fingerprinting Scheme Could Secure IoT Devices Against Malware (IEEE Spectrum) With the coming Internet of Things (IoT) in mind, Mitsubishi Electric, Ritsumeikan University, and the Japan Science and Technology Agency have developed a security scheme that can be used to identify individual logic chips by their "fingerprints." The scheme provides a means of preventing device spoofing, as well as a way to authenticate embedded software running on networked devices and so prevent malicious programs from being introduced
Research and Development
Can the Military Make a Prediction Machine? (Defense One) The planet is awash in open, free data. Can military-funded research turn it into a crystal ball?
Academia
Top Performers of Cyber Quests to be Invited to Summer Cyber Camps Hosted by U.S. Cyber Challenge (US Cyber Challenge) The U.S. Cyber Challenge (USCC), a program of the Center for Internet Security (CIS), announces the opening day of the qualifying Cyber Quests competition — an annual online contest for cybersecurity enthusiasts who will compete against their peers across the country for an invitation to one of several Cyber Camps being offered this summer
Legislation, Policy, and Regulation
The future of the Iranian cyberthreat (Christian Science Monitor Passcode) Iran's interim nuclear deal with the P5+1 negotiators has been hailed at the White House and greeted with ambivalence in the halls of Congress. But how it impacts Iran in cyberspace remains to be seen. Iranian cyberconfrontations have been among the world's most explosive in recent years, including both attacks from Iran, such as disruption of the US banking sector and against Gulf energy companies, and against Iran, such as Stuxnet and the Wiper worm
Create framework to fight cyber attacks on markets: Sebi (Economic Times) To protect the securities market from cyber-crimes, India's capital market regulator on Wednesday said there is a need to put in place a framework of regulation
Cyberattack Shows That China Isn't Content to Censor Its Own Internet (Slate) The Chinese government has increased its Internet censorship and propaganda recently, cracking down on wife-swapping and one-night-stand stories and releasing a digital collection of the president's collected sayings, dubbed "Xi's Little Red App." Around the same time, San Francisco-based GitHub was hit with a five-day denial-of-service attack that slowed computer programmers' work across the world. The timing doesn't seem to be a coincidence
Seoul, Washington, Tokyo to hold security meeting next week (Korea Times) Korea and Japan are expected to hold a trilateral security meeting with the United States next week although Tokyo's recent territorial claims over Dokdo have worsened ties between the two neighbors
US, Japan near cyber defense agreement (The Hill) The U.S. and Japan are close to striking a bargain on bilateral defense rules that would bolster joint efforts to defend cyberspace
Is Russia More Powerful Than China in Cyberspace? (The Diplomat) Recent intrusions by Russian hackers indicate that Moscow's cyber espionage activities are expanding
Obama to Putin: Stop Hacking Me (Daily Beast) The U.S. is calling out Russia for a "dramatic rise" in cyber espionage against America. It's part of a veiled threat to the Kremlin: We know what you're doing online
Rand Paul's Ties to the Surveillance State (Bloomberg View) Few national politicians have the credibility of Senator Rand Paul when it comes to the issue of privacy. In his stemwinder Tuesday to kick off his presidential campaign against what he called the "Washington Machine," the Kentucky ophthalmologist promised to end the government's dragnet collection of telephone metadata from U.S. citizens
It's Taking Nearly a Decade To Upgrade the Pentagon's Internet (Defense One) Defense Department IT officials are still using a technology transition plan that doesn't even reflect the role of U.S. Cyber Command, which launched in 2009
Litigation, Investigation, and Law Enforcement
U.S. secretly tracked billions of calls for decades (USA TODAY) A USA TODAY investigation revealed that a secret program collecting phone call data for international calls started in 1992. The U.S. government started keeping secret records of Americans' international telephone calls nearly a decade before the Sept. 11 terrorist attacks, harvesting billions of calls in a program that provided a blueprint for the far broader National Security Agency surveillance that followed
Snowden's Leaks Forced the DEA To End Its Own Mass Surveillance Program (Defense One) By exposing the NSA's spying programs, fugitive leaker Edward Snowden forced the Justice Department to shut down a separate phone-surveillance operation
Facebook faces privacy class action suit in Austria (ComputerWeekly) Austrian law graduate and privacy campaigner Max Schrems is leading a 25,000-strong class action lawsuit in Vienna against Facebook for allegedly breaching European privacy laws
Cyber pedophile operation nets 4 arrests (WTVR CBS 6) Authorities said four suspected pedophiles have been arrested after an undercover cyber operation in Spotsylvania County
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
California Cybersecurity Task Force Quarterly Meeting (Walnut Creek, California, USA, Jan 20, 2015) The California Cyber Security Task Force serves as an advisory body to California's senior government administration in matters pertaining to Cyber Security. Quarterly Cybersecurity Task Force meetings address State and Federal cyber legislation; provide updates on Task Force efforts to improve California's cyber workforce and education; promulgate critical information to enhance California's cyber awareness and preparedness; discuss state advances in cybersecurity and digital forensics; and grant residents an opportunity to share cyber information and innovation
Upcoming Events
10th Annual Cyber and Information Security Research Conference (Oak Ridge, Tennessee, USA, Apr 7 - 9, 2015) Cyberspace is fundamental to our national prosperity, as it has become critical to commerce, research, education, and government. Realizing the benefits of this shared environment requires that we are able to properly balance the risks and rewards, understand and communicate threats to security and privacy, and rapidly adapt any resulting approach to a changing adversarial environment. The 10th Annual Cyber and Information Security Research Conference at Oak Ridge National Laboratory in Oak Ridge, Tennessee will bring together cyber security researchers, program managers, decision makers, security vendors, and practitioners to discuss many challenging tasks and novel solutions pertaining to cyber security
Cyber Threats Masterclass (Turin, Italy, Apr 9 - 11, 2015) The United Nations Interregional Crime and Justice Research Institute (UNICRI) is organizing two new courses on emerging threats towards states and citizens with the aim of promoting an in-depth knowledge of specific issues such as cyber crimes and crimes against the environment. The courses are tailored to journalists and chief information officers, as well as those who want to specialize in this area, offering a unique opportunity to network with renowned international experts
InfoSec Southwest 2015 (Austin, Texas, USA, Apr 10 - 12, 2015) InfoSec Southwest is an annual information security and hacking conference held in Austin, Texas, one of the most interesting and beautiful cities in the United States. By addressing a broad scope of subject-matter, InfoSec Southwest is intended to both provide a comprehensive and valuable forum to all participants as well as fill a gap for our local attendees left by the other few conferences held here in Texas which are all focused on a narrower scope of subject matter or a narrower slice of audience demographic
NIST IT Security Day (Gaithersburg, Maryland, USA, Apr 8, 2014) The Office of the Chief Information Officer, OCIO, is hosting NIST IT Security Day as a means to heighten awareness for all NIST users on the many aspects of operational information technology security and networking at home and in the office. This event's objective is to educate users on IT security and related topics. The event will feature guest speakers on general and technical IT security topics and tutorials on internal services and products.
Cybergamut Tech Tuesday: Tor and the Deep Dark Web (Elkridge, Maryland, USA, Apr 14, 2015) This talk will explore the use of Tor and how it relates to garnering useful intelligence. Distinguishing attribution or valuable intelligence from limited event data is difficult. Leveraging external threat data can be helpful in evaluating intelligence but how do you identify relevance? Created as a means of protecting the privacy and anonymity of its users, Tor — the managed network of private computers leveraged by criminal elements to minimize the risk of surveillance and capture — is being exploited by the most technically proficient, aggressive, and organized of criminal syndicates
Cyber Security Summit: Industrial Sector & Governments (Prague, Czech Republic, Apr 14 - 15, 2015) Cyber Security Summit Europe — Industrial Sector & Governments brings together cyber security experts who will share their skills and know-how needed to address highly topical issues such as state-sponsored cyber-attacks and SCADA Security Assessment
Cyber Security Summit: Fnancial Services (Prague, Czech Republic, Apr 14 - 15, 2015) Cyber Security Summit Europe — Financial Services brings together cyber security experts across the financial sector to discuss topical security vulnerabilities as well as bring forward effective strategies and solutions to effectively mitigate them
INTERPOL World 2015 (Singapore, Apr 14 - 16, 2015) INTERPOL World is a new biennial international security trade event which will bring police and other law enforcement agencies together with security solution providers and security professionals from around the world to identify future challenges and propose and build innovative solutions
Mid-Atlantic ISSA Security Conference 2015 (Gaithersburg, Maryland, USA, Apr 15, 2015) Meeting at the NIST campus, this all-day event, jointly hosted by the ISSA Baltimore, DC, and Northern Virginia chapters, will have 3 concurrent tracks of security professionals discussing the current state of various information security topics. The cost is $150 per person, including breakfast and lunch; pre-registration is required in order to get onto the NIST campus
Symantec Government Symposium: Secure Government: Manage, Mitigate, Mobilize (Washington, DC, USA, Apr 15, 2015) The annual Symantec Government Symposium is a one-day event attracting 1,500 government IT security and management professionals. The event is designed to facilitate peer-to-peer dialogue on the challenges facing today's government leaders. This year, former FBI Director Robert Mueller will deliver the keynote address, and the program will also feature sessions on CDM, risk management, security intelligence, secure app management, cyber legislative priorities, and much more. The theme of the 2015 Symposium is "Secure Government: Manage, Mitigate, Mobilize"
Proposer's Day Conference for the Scientific advances to Continuous Insider Threat Evaluation (SCITE) program (Washington, DC, area, Apr 16, 2015) The Intelligence Advanced Research Projects Activity (IARPA) will host a Proposers' Day conference for the Scientific advances to Continuous Insider Threat Evaluation (SCITE) program, in anticipation of the release of a new solicitation in support of the program. The purpose of the conference will be to provide introductory information on SCITE and the research problems that the program aims to address, to respond to questions from potential proposers, and to provide a forum for potential proposers to present their capabilities and identify potential team partners
IIT Cyber Forensics and Security Conference and Expo (Wheaton, Illinois, USA, Apr 17, 2015) All are invited to participate in this multi-track, technical conference that attracts more than 200 professionals, 50 speakers, 20 sponsors, for an intensive one and a half day schedule that includes discussion and debate over forensics, security, data/information governance, cyber crime and security, ethical hacking, eDiscovery, cloud forensics, steganography, policy and compliance, privacy, wireless security, cloud computing, identity theft, and more
RSA Conference 2015 (San Francisco, California, USA, Apr 20 - 24, 2015) Don't miss this opportunity to join thousands of industry professionals at the premier information security event of 2015
Australian Cyber Security Centre Conference (Canberra, Australia, Apr 22 - 23, 2015) The Australian Cyber Security Centre (ACSC) will be hosting its first cyber security conference in 2015. We are bringing leading cyber security experts from Australia and abroad to share their expertise. This will be your first chance to experience the unique collaboration of the ACSC. Over 700 attendees from the national and international ICT community are expected to attend
Security Forum 2015 (Hagenberg im Mühlkreis, Austria, Apr 22 - 23, 2015) The Security Forum is the annual IT security conference in Hagenberg that addresses current issues in this domain. Visitors are offered technical as well as management-oriented talks by representatives of business, research and public service
CyberTexas / CyberIOT (San Antonio, Texas, USA, Apr 23 - 24, 2015) CyberIOT — Securing the Internet of Things. As more everyday devices become connected to the internet, the need for securing those items becomes critical. CyberTexas will explore the intersection of cyber security and the internet of things'
Defensive Cyberspace Operations & Intelligence Conference & Exhibition (Washington, DC, USA, Apr 27 - 28, 2015) The 5th Annual Defensive Cyberspace Operations & Intelligence (DCOI) conference & exhibition is an Israeli-American partnership promoting the extraordinary developments in the technological, intelligence and policy-making domains of cyberspace. It will be held on April 27-28; the first day will consist of panels and exhibition at the Ronald Reagan Building and International Trade Center, and the second will hold workshops, exhibition and seminars at the George Washington University
INTEROP Las Vegas (Las Vegas, Nevada, USA, Apr 27 - May 1, 2015) Attend Interop Las Vegas, the leading independent technology conference and expo designed to inspire, inform, and connect the world's IT community. In 2015, look for all new programs, networking opportunities, and classes that will help you set your organization's IT action plan
2015 Synergy Forum (Tysons Corner, Virginia, USA, Apr 30, 2015) The 2015 Synergy Forum brings together government and industry practitioners driving our collective technology futures. This event is multi-disciplinary, examining the emerging fusion of physical and digital worlds. The event topics include: Big Data, Cyber Security, Internet of Things, Mobility, Strategy and Technology. Attending this event would be beneficial to: Policy-makers, architects, program managers, influencers in the federal government and the most forward thinking engineers, architects and innovators in the DC ecosystem