The CyberWire Daily Briefing 04.10.15
French authorities urge media vigilance as the investigation into the TV5Monde hack continues. This is more a francophone story than a narrowly French one: TV5Monde serves French-speaking Europe and Canada, too. The scare-quotes Deutsche Welle puts around "IS" suggest the difficulty of attributing hacktivism: sympathizers often act without direction, and the Islamic State's claim to statehood is in itself shaky. Ars Technica observes a password-bearing sticky note in the background during a TV5Monde interview, which suggests a low-tech entry into the network's network was possible.
Recorded Future is seeing an uptick in anti-ISIS cyber vigilantism. It's clustered around #OpAntiISIS.
Krebs warns against China's "Great Cannon" — a program that diverts unencrypted web traffic for diversion into denial-of-service campaigns like the one that clogged GitHub a week ago.
Banking Trojans circulate around the Dyre Wolf gang.
Cyphort finds online fora compromised to serve up the Fiesta exploit kit.
White Lodging warns of a point-of-sale infection at Sheraton and Marriott hotels. Cylance offers more bad news for travellers: hotel Wi-Fi is even worse than you probably suspected.
Level 3 Communication and Cisco cooperate to slow down SSHPsychos (a.k.a. Group 93) responsible for SSH brute-force attacks.
Securities market regulators in both India and New York State tell financial institutions to up their cyber security game or face regulatory help. The New Yorkers are particularly concerned about third-party risks.
An international operation led by Dutch police with the cooperation of Europol and the FBI sinkhole the Beebone polymorphic botnet (the AAEH of US-CERT's recent warning).
Today's issue includes events affecting Australia, Canada, China, Czech Republic, European Union, France, India, Iraq, Netherlands, Nigeria, Russia, Saudi Arabia, Syria, United Arab Emirates, United Kingdom, and United States.
Cyber Attacks, Threats, and Vulnerabilities
France urges vigilance after 'IS' hack TV5 Monde (Deutsche Welle) Paris has warned media outlets to be vigilant after a cyber attack took TV5 Monde off air. Hackers claiming allegiance to the "Islamic State" (IS) blacked out channels on the French global television network
French media groups to hold emergency meeting after Isis cyber-attack (Guardian) Culture minister calls talks after television network TV5Monde is taken over by individuals claiming to belong to Islamic State
Probe into cyber attack on French TV network (Andalou Agency) Breach claimed by group affiliated with Daesh called CyberCaliphate
Hacked French network exposed its own passwords during TV interview (Ars Technica) Post-it note on wall revealed network's passwords for YouTube, Instagram
French Broadcaster TV5 Monde Recovers After Hacking (New York Times) The French television broadcaster TV5 Monde was back on the air on Thursday, a day after hackers claiming to support the Islamic State militant group carried out a wide-ranging cyberattack on the network
French TV5Monde network cyber attack the latest in destructive trend in system intrusions (ComputerWeekly) The cyber attack on French television network TV5Monde is the latest in a growing list of destructive incursions from a wide range of attackers
Investigating Cyber Vigilantes in #OpAntiISIS (Recorded Future) Cyber vigilantism against pro-ISIS social media accounts and terrorist forums are gaining momentum, moving beyond standard DDoS tactics to bounties and release of alleged personal information
Don't Be Fodder for China's 'Great Cannon' (KrebsOnSecurity) China has been actively diverting unencrypted Web traffic destined for its top online search service — Baidu.com — so that some visitors from outside of the country were unwittingly enlisted in a novel and unsettling series of denial-of-service attacks aimed at sidelining sites that distribute anti-censorship tools, according to research released this week
122 online forums compromised to redirect visitors to Fiesta exploit kit (Help Net Security) Over a hundred forum websites have been compromised and injected with code that redirects users to sites hosting the Fiesta exploit kit, Cyphort researchers have found
Deadly combination of Upatre and Dyre Trojans still actively targeting users (Help Net Security) Upatre (or Waski) is a downloader Trojan that has lately become the malware of choice for cyber crooks to deliver additional, more dangerous malware on users' computers
The Banking Trojan Emotet: Detailed Analysis (Secure List) In the summer of 2014, the company Trend Micro announced the detection of a new threat - the banking Trojan Emotet. The description indicated that the malware could steal bank account details by intercepting traffic. We call this modification version 1
PoS System Compromise Suspected at Marriott, Sheraton Locations (Softpedia) A new payment system breach is currently being investigated by hotel management company White Lodging at 10 of its properties across the United States
Don't Use Hotel Wi-Fi Unless You Want to Be Hacked, a Security Firm Reports (Yahoo! Travel) Do not use hotel Wi-Fi
Adventures in PoSeidon genealogy: Tracking a malware family tree (HP Blogs) In late March, Cisco blogged about an interesting case of Point-of-Sale (PoS) malware. Reading through their description, I couldn't help but notice that the core exfiltration malware module named by Cisco, FindStr, is in its sixth and possibly even seventh incarnation. Could it be that there are other versions of that PoS malware which didn't make it to be famous?
Group Behind SSH Brute Force Attacks Slowed Down (Threatpost) A criminal group whose actions have at times been responsible for one-third of the Internet's SSH traffic — most of it in the form of SSH brute force attacks — has been cut off from a portion of the Internet. While not a botnet takedown in the traditional sense, networking providers Level 3 Communication and Cisco have blocked traffic emanating from two address blocks used by the group, and the companies said they will continue to do so as the group migrates to new netblocks
Threat Spotlight: SSHPsychos (Cisco Blogs) Talos has been monitoring a persistent threat for quite some time, a group we refer to as SSHPsychos or Group 93. This group is well known for creating significant amounts of scanning traffic across the Internet. Although our research efforts help inform and protect Cisco customers globally, sometimes it is our relationships that can multiply this impact. Today Cisco and Level 3 Communications took action to help ensure a significantly larger portion of the Internet is also protected
Cyber-crypto-criminal-cock-up. Little money and (probably) embarrassed (Register) Ransomware coding fail foils fraudsters
Chilling cyber cut (Saudi Gazette) Computer users face hard choice: Pay ransom or lose files
The Kill Chain: Now With Pastebin (Internet Storm Center) I have yet another maldoc sample. They still keep coming, these malicious Word and Excel documents with VBA macros designed to download a trojan. Each day they are slightly different, and sometimes I see something worth sharing
Beware: 'Halifax Classic' Phishing Mail (Malwarebytes Unpacked) Your banking website is dead, long live the banking website!
Scammers deliver malware via fake Steam game pages (Help Net Security) Aside from being regularly targeted with phishing scams, fake giveaways leading to online surveys, and having malware pushed on them via Steam chat, gamers using the popular gaming platform are now also in danger of downloading malicious software masquerading as legitimate games from specially set-up Steam game pages
LG's split screen software allegedly undermines your PC's security (Network World) LG's split screen software allegedly disables the Windows User Account Control feature, meaning everything unwisely runs with full administrative privileges
Hidden backdoor API to root privileges in Apple OS X (TrueSec) The Admin framework in Apple OS X contains a hidden backdoor API to root privileges. It's been there for several years (at least since 2011), I found it in October 2014 and it can be exploited to escalate privileges to root from any user account in the system
Can Your New MacBook's USB-C Port Be Hacked? You Bet. (Yahoo! Tech) The new Apple MacBook has a number of innovative features, but perhaps the most striking is that it has just one data port: a single USB Type-C port that is also used as the power connector
The mobile "security gap" — Pinterest and Yammer the latest gappy apps (Naked Security') We've written before about the "security gap" between desktop and mobile apps
Apple Leaves CNNIC Root in iOS, OSX Certificate Trust Lists (Threatpost) When it was revealed late last month that a Chinese certificate authority had allowed an intermediate CA to issue unauthorized certificates for some Google domains, both Google and Mozilla reacted quickly and dropped trust in CNNIC altogether, Apple has kept the root certificates in its trusted store for both iOS and OSX
Security Patches, Mitigations, and Software Updates
iOS 8.3 fixes dozens of security vulnerabilities (ZDNet) A slew of security fixes were wrapped into Apple's latest operating system update
Latest version of OS X closes Backdoor-like bug that gives attackers root (Ars Technica) Privilege escalation bug remains active in versions prior to Yosemite
Forget Emojis, Security is the Real Reason You Should Update to OS X 10.10.3 (Intego Blog) OS X users — it's time to patch your computers
MitM, DoS bugs in Network Time Protocol squashed (Help Net Security) Two vulnerabilities affecting Network Time Protocol (NTP), which is used for synchronizing clocks of computer systems, have been patched and made available in the latest version of the protocol daemon (ntpd-4.2.8p2)
WP Super Cache Cross-Site Scripting (XSS) Vulnerability (US-CERT) WP Super Cache, a WordPress plugin, contains a persistent XSS vulnerability in versions prior to 1.4.4. Exploitation of this vulnerability could allow a remote attacker to take control of the affected system. Users and administrators are encouraged to review the WP Super Cache Changelog for more information and update to version 1.4.4 if affected
Global tensions increase cyber threat (Financial Times) Geopolitical risks used to be something that only companies with a global presence had to worry about. But in cyberspace, any connected modern business is vulnerable
BitSight CEO on Nation-State Attacks (GovInfoSecurity) Shaun McConnon says security preparedness falls short
Third of global firms have no response to cyberattack (Computer Business Review) Research from RSA Security shows alarming complacency
Insider Threats: Focus On The User, Not The Data (Dark Reading) Global cybersecurity spending will hit almost $77 billion in 2015, so why are there more high-profile leaks than ever?
Security Sense: Hacking Ain't Hacking (WIndowsITPro) Did you see that 5 year old who hacked the Xbox One last year? No really, he totally hacked it, broke right through all the parental controls (incidentally, how proud is his dad that clip?!) and got unfettered access to the games he wanted to play
Cybercrime gets easier, attribution gets harder (Help Net Security) Threat actors are gaining capabilities through the adoption of cutting-edge tools instead of technical expertise, according to Websense. Redirect chains, code recycling and a host of other techniques are allowing these actors to remain anonymous, making attribution time consuming, difficult and ultimately unreliable
Botnet activity inside organisations predicts likelihood of future data breach (TechWorld) Those with highest activity 2.2 times more likely to have been breached
Utilities And Education The Most Bot-Infested Sectors (Dark Reading) The more bots in-house, the more a company is likely to have reported a data breach, BitSight report finds
Security failing to keep pace with cloud technology adoption, report finds (Cloud Tech) Cloud service providers (CSPs) can no longer treat security as a luxurious add-on, and customers have to ensure their providers take care of the issue, a new report asserts
Cloud computing to boost data centre security market (Computer Business Review) Asia-Pacific market is expected to see highest growth of 16.6%
Former security service experts launch cyber start-ups (Financial Times) These days, cyber security entrepreneurs are more likely to be just out of the intelligence services than straight out of college
Manny Medina calls cyber-security 'fantastic opportunity' for South Florida (SunSentinel) Cyber-security is both the biggest threat and opportunity in our economy, and one that could help position South Florida as a technology hub, says tech leader Manny Medina
Colorado offers money for 903 new jobs — and may land Accuvant HQ (Denver Business Journal) Colorado Economic Development Commission members approved $14.5 million in incentives Thursday to attract as many as 903 new jobs to the state
Engility: Formerly Unattractive Spin-Off Transformed With Recent Acquisition (Seeking Alpha) Government service contracting is generally a good business with high barriers to entry and attractive financial characteristics. Engility's acquisition of TASC will reduce its exposure to the defense end-market and increase its presence in the well-funded intelligence end-market. The target price implies 20% upside, based on assumptions of a 10.5 times forward EV/EBITDA and an estimated 2016 EBITDA of $250 million
Denver Startup ProtectWise Uses Cloud to Create Safety in Numbers (Xconomy) It's a truism in the computer security world that the bad guys have gained the upper hand. Just think about all the major security breaches over the past few years for evidence
Niara Closes $20m in Series B Funding to Deliver Big Data Security Analytics (Marketwired) Niara, a stealth security analytics company, today announced it has closed a $20 million Series B financing round led by Venrock, with additional participants including New Enterprise Associates (NEA) and Index Ventures
'Aggressive' Check Point takes a swing at rivals (CRN) UK 'competitive attack' schemes will be designed to cover the cost of resellers that port business to Check Point
SafeNet's government contracting spinoff is moving offices, adding staff (Baltimore Business Journal) SafeNet Assured Technologies is moving into a new office and hiring after being spun off from its parent company, SafeNet Inc
Fortinet Wins 'Network Security Vendor of the Year' Honour at Network World Middle East Awards 2015 (Zawya) Fortinet® (NASDAQ: FTNT) — a global leader in high-performance cyber security, today announced that it has been honored with the 2015 Network Security Vendor of the Year award by Network World Middle East magazine. The award was presented at the exclusive Network World Middle East Magazine Awards Gala, held at the Jumeirah Beach Hotel, Dubai on March 23, 2015
Products, Services, and Solutions
LifeJourney Partners with CyberTech on STEM Mentoring Platform (THE Journal) LifeJourney has partnered with CyberTech in an effort to bring its STEM career platform to more schools
Blue Coat Enhances Security for Dominant Cyber Espionage Attack Vector (Digital Journal) Blue Coat Systems, Inc., a leader in enterprise security, today announced the addition of Mail Threat Defense to its portfolio of Advanced Threat Defense (ATD) solutions. With the addition of mail threat defense, Blue Coat provides in-depth protection against the common trifecta of attack vectors — web, email and network — for unparalleled defense against advanced threats across the enterprise
Kaspersky begins to offer Kaspersky DDoS Protection to Middle East businesses (CPI Financial) To help businesses address the growing threat of Distributed-Denial-of-Service (DDoS) attacks, Kaspersky Lab starts providing in the Middle East its Kaspersky DDoS Protection — a new solution designed to protect online services against DDoS attacks. Kaspersky Lab's extensive expertise in cyber-threats and its experience in successfully combating them, as well as its bespoke intelligent technologies, enables the solution to handle DDoS attacks of any size and complexity
Using Accelerators to Close the Real-Time Intelligence Gap (CTO Vision) Today's data-intensive analytic platforms offer a dizzying amount of data, originating from sensors, markets, social media, the Internet of Things, and countless other sources. All this data can cause a significant delay in decision-making. Organizations must stop relying on historical and batch analysis for timely, informed, actionable decisions, and begin pushing analysis and alerting closer to the data collection point to gain useful insights
How to avoid having your company’s files cyber kidnapped? (Panda Security) Over the last few years we have seen how ransomware infections have increased exponentially. Until now we have alerted mostly home users, but what happens when companies are the target?
Cytegic, Inc. Announces Partnership With Sixgill Ltd. to Incorporate Darknet Sources Into Its Intelligence Machine (MarketWired) Cytegic DyTA platform to include Sixgill Darknet feed to enhance intelligence
Intertrust Technologies Integrates Advanced Security Cores from Rambus Cryptography Research Division to Protect Digital Content Delivery to Consumer Devices (Rambus) CryptoFirewall™ core enhances ExpressPlay™ and gives content providers access to higher levels of security
IBM teams with TI on 'silicon tokens' to authenticate the Internet of Things (ZDNet) IBM has announced a new cloud-based 'silicon token' authentication service to manage the identity of embedded devices from cradle to grave
Barracuda Networks Unveils MSP Partner Program (MSPMentor) Barracuda Networks (CUDA) is extending its Barracuda NG Firewall and Barracuda Backup partner offerings to managed service providers (MSPs) by enabling them to transition customers from on-premise to cloud security and storage solutions
Technologies, Techniques, and Standards
The need for end-user visibility in a Bring Your Own Anything environment (Help Net Security) Mobiles, tablets, PCs, applications, cloud services — employees are increasingly bringing non-company devices into their organizations and connecting them to everything they need to do their jobs. As this phenomenon clearly goes way beyond devices alone, I'd suggest that the oft-used acronym BYOD is no longer sufficient, and should perhaps be replaced with BYO* — bring your own anything and everything
Securing high-risk, third-party relationships (Help Net Security) High-profile attacks reveal that malicious hackers target third-party vendors and supply chain partners as a backdoor into their primary target, according to CyberArk Software
Developing a mobile security strategy in banking and financial services (Networks Asia) The rise of enterprise mobility and mobile finance malware means organizations, especially those in the banking and financial services sector, have to adapt and redefine security for the mobile economy of today, which is moving into an era of mobile banking and mobile transactions
Protect and detect to prevent the lateral attacker (IT Security Guru) Tracking attackers and preventing their lateral movement across your network will help you better protect against persistent attacks
Decrypting WebLogic Passwords (NetSPI Blog) The following blog walks through part of a recent penetration test and the the decryption process for WebLogic passwords that came out of it
Watermarks used to track data through Dark Web to Russia, Nigeria (CSO) How far does stolen data get before a breach is detected? That's the question Bitglass asked — and answered — in a recent experiment
The Bitglass "Where's Your Data?" Experiment (Bitglass SaaS Guardians Blog) 783. That's the total number of reported breaches involving stolen data that occured in 2014 alone
Built-in security enables cyber resilience (GCN) Software quality does not happen by accident; neither does security
Design and Innovation
IBM peers into Numenta machine intelligence approach (Phys.org) Are we nowhere near the limits to which machines can make sense out of raw data? Some scientists would say that today's programmed computers cannot match a computer approach using biological learning principles for next steps in achieving machine intelligence. Enter Numenta. The premise of Numenta is that the brain is the best example of an intelligent system and provides a roadmap for building intelligent machines. The "machine intelligence" company is in the business of promoting its computational framework based on principles of the brain along with a software suite
The battle to beat password security threats (Financial Times) Setting up an online account is easy: your user name is usually your email address, you then choose a password, deal with a few security questions, perhaps respond to a verification email, and your account is ready to use
Research and Development
DARPA Rolls Out Research Initiative on Adaptive Software Systems (ExecutiveGov) The Defense Advanced Research Projects Agency has kicked off a four-year initiative to determine the tools and processes needed to design software that does not need reprogramming for up to 100 years
First national CyberCenturion Final to be held in the home of Colossus (Citiblog) Aspiring young cyber security professionals will compete in the first final of the CyberCenturion competition in the home of Colossus, The National Museum of Computing (TNMOC) on April 17
Students, Police Partner to Raise Awareness of Internet Dangers (Government Technology) The program is a student-driven initiative aimed at students and parents, and targets social media and other internet safety practices
Legislation, Policy, and Regulation
Microsoft to provide source code to security agency (Prague Post) New agreement is intended to help defend 'Czech cybernetic space'
President Obama steps up the fight against cyber threats (Financial Times) When President Obama stepped up to the podium to give his annual State of the Union speech in January, he gave cyber security experts a glimmer of hope that their fears of massive harm were finally being considered as a great threat to the nation
House Set to Move Major Cybersecurity Bill This Month (National Journal) Early vote could be good news for advocates still hoping for NSA reform this summer
Lobbyists for Spies Appointed To Oversee Spying (Intercept) Who's keeping watch of the National Security Agency? In Congress, the answer in more and more cases is that the job is going to former lobbyists for NSA contractors and other intelligence community insiders
Wall Street watchdog weighs new cyber rules (The Hill) Wall Street's top watchdog is calling on banks to boost their oversight of cybersecurity at outside firms they work with, or face new regulations
NYDFS Report Shows Need to Tighten Cyber Security at Banks' Third-Party Vendors (New York State Department of Financial Services) Benjamin M. Lawsky, Superintendent of the New York State Department of Financial Services (NYDFS), released a report warning banks that insufficient security at third-party vendors could provide a backdoor for hackers to gain access to critical systems and pilfer sensitive financial information
Sebi to step up cyber security in markets (DNA India) The Securities and Exchange Board of India (Sebi), which is mandated to regulate the entire gamut of capital markets in the country, has expanded the ambit of its Technical Advisory Committee (TAC) to include cyber security of the markets
Pentagon Says It Is Moving to Protect Its Cyber Flanks (Foreign Policy) Officials in charge of buying guns and butter for the Department of Defense have decided — only seven years after Chinese hackers infiltrated the F-35 program — that it's about time to make cybersecurity a core requirement for all weapons systems
Does cyber corps merit its own service branch? (Navy Times) Defense Secretary Ash Carter raised eyebrows during his recent visit to the U.S. Cyber Command headquarters in Maryland when he suggested that the cyber corps may ultimately become its own service branch
Litigation, Investigation, and Law Enforcement
Police Shut Europe Computer Network Enabling Theft, Extortion (BloombergBusiness) European and U.S. police shut down a computer network on Wednesday used by cybercriminals to facilitate the theft of banking passwords and extortion which had eluded security companies and law enforcement for years
Polymorphic Beebone botnet sinkholed in international police operation (Help Net Security) On April 8, a global operation targeted the Beebone (also known as AAEH) botnet, a polymorphic downloader bot which installs various forms of malware on victims' computers
International operation mounted to counter Beebone Botnet (eHacking News) A multinational task-force comprising of European Cybercrime Centre (EC3) and the Joint Cybercrime Action Taskforce (J-CAT), the FBI and led by Dutch National High Tech Crime Unit was recently set up to target the Beebone (AAEH) botnet, a downloader virus that cripples a computers defenses by downloading various malwares on a PC
DEA sued over "suspicionless" mass surveillance of Americans' phone records (Naked Security) The US Drug Enforcement Administration (DEA) was secretly monitoring Americans' international phone calls for decades but gave it up when Snowden revelations hit the fan, USA Today revealed on Wednesday
Want to See Domestic Spying's Future? Follow the Drug War (Wired) The NSA isn't the only three-letter agency that's been quietly collecting Americans' data on a mind-boggling scale. The country learned this week that the Drug Enforcement Agency spied on all of us first, and with even fewer privacy protections by some measures. But if anyone is surprised that the DEA's mass surveillance programs have been just as aggressive as the NSA's, they shouldn't be. The early targets that signal shifts in America's domestic surveillance techniques aren't activists and political dissidents, as some privacy advocates argue — or terrorists, as national security hawks would claim. They're drug dealers
ISPs ordered to hand over names and addresses of illegal file sharers (Naked Security) Australian internet service providers (ISPs) have been ordered to hand over names, emails and residential addresses of people who've allegedly pirated the movie The Dallas Buyers Club
FCC reviews Verizon use of tracking 'supercookie' (The Hill) The Federal Communications Commission is reviewing whether Verizon's use of a tracking "supercookie" runs up against its consumer privacy and data security rules
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
Cloud Identity Summit 2015 (La Jolla, California, USA, Jun 8 - 11, 2015) Enterprises large and small are looking to the cloud to replace legacy applications and virtualize their existing data center environments. In each case, security technology vendors need to manage the unique requirements of multi-tenant SaaS applications as well as the infrastructure requirements of complex deployments that rely on public and private cloud requirements. Unlike broad-based conferences or hacking conventions, CIS is focused and intense with three days of content-packed tracks in an environment deliberately structured to maintain the face-to-face interactions that often lead to big moments. The conference offers sessions that will benefit beginners in the industry, as well as those seeking to expand their skill set as an experienced user
TRUSTe Internet of Things Privacy Summit 2015 (Menlo Park, California, USA, Jun 17, 2015) The Second IoT Privacy Summit will be held on June 17th 2015 and focus on practical solutions to the privacy challenges of the Internet of Things with multiple case studies, workshops and panel presentations bringing together the whole privacy IoT ecosystem from technologists, product engineers and data scientists to privacy practitioners, regulators, and academics for a day of discussion, insight and practical take-aways
Cyber Threats Masterclass (Turin, Italy, Apr 9 - 11, 2015) The United Nations Interregional Crime and Justice Research Institute (UNICRI) is organizing two new courses on emerging threats towards states and citizens with the aim of promoting an in-depth knowledge of specific issues such as cyber crimes and crimes against the environment. The courses are tailored to journalists and chief information officers, as well as those who want to specialize in this area, offering a unique opportunity to network with renowned international experts
InfoSec Southwest 2015 (Austin, Texas, USA, Apr 10 - 12, 2015) InfoSec Southwest is an annual information security and hacking conference held in Austin, Texas, one of the most interesting and beautiful cities in the United States. By addressing a broad scope of subject-matter, InfoSec Southwest is intended to both provide a comprehensive and valuable forum to all participants as well as fill a gap for our local attendees left by the other few conferences held here in Texas which are all focused on a narrower scope of subject matter or a narrower slice of audience demographic
NIST IT Security Day (Gaithersburg, Maryland, USA, Apr 8, 2014) The Office of the Chief Information Officer, OCIO, is hosting NIST IT Security Day as a means to heighten awareness for all NIST users on the many aspects of operational information technology security and networking at home and in the office. This event's objective is to educate users on IT security and related topics. The event will feature guest speakers on general and technical IT security topics and tutorials on internal services and products.
Cybergamut Tech Tuesday: Tor and the Deep Dark Web (Elkridge, Maryland, USA, Apr 14, 2015) This talk will explore the use of Tor and how it relates to garnering useful intelligence. Distinguishing attribution or valuable intelligence from limited event data is difficult. Leveraging external threat data can be helpful in evaluating intelligence but how do you identify relevance? Created as a means of protecting the privacy and anonymity of its users, Tor — the managed network of private computers leveraged by criminal elements to minimize the risk of surveillance and capture — is being exploited by the most technically proficient, aggressive, and organized of criminal syndicates
Cyber Security Summit: Industrial Sector & Governments (Prague, Czech Republic, Apr 14 - 15, 2015) Cyber Security Summit Europe — Industrial Sector & Governments brings together cyber security experts who will share their skills and know-how needed to address highly topical issues such as state-sponsored cyber-attacks and SCADA Security Assessment
Cyber Security Summit: Fnancial Services (Prague, Czech Republic, Apr 14 - 15, 2015) Cyber Security Summit Europe — Financial Services brings together cyber security experts across the financial sector to discuss topical security vulnerabilities as well as bring forward effective strategies and solutions to effectively mitigate them
INTERPOL World 2015 (Singapore, Apr 14 - 16, 2015) INTERPOL World is a new biennial international security trade event which will bring police and other law enforcement agencies together with security solution providers and security professionals from around the world to identify future challenges and propose and build innovative solutions
Mid-Atlantic ISSA Security Conference 2015 (Gaithersburg, Maryland, USA, Apr 15, 2015) Meeting at the NIST campus, this all-day event, jointly hosted by the ISSA Baltimore, DC, and Northern Virginia chapters, will have 3 concurrent tracks of security professionals discussing the current state of various information security topics. The cost is $150 per person, including breakfast and lunch; pre-registration is required in order to get onto the NIST campus
Symantec Government Symposium: Secure Government: Manage, Mitigate, Mobilize (Washington, DC, USA, Apr 15, 2015) The annual Symantec Government Symposium is a one-day event attracting 1,500 government IT security and management professionals. The event is designed to facilitate peer-to-peer dialogue on the challenges facing today's government leaders. This year, former FBI Director Robert Mueller will deliver the keynote address, and the program will also feature sessions on CDM, risk management, security intelligence, secure app management, cyber legislative priorities, and much more. The theme of the 2015 Symposium is "Secure Government: Manage, Mitigate, Mobilize"
Proposer's Day Conference for the Scientific advances to Continuous Insider Threat Evaluation (SCITE) program (Washington, DC, area, Apr 16, 2015) The Intelligence Advanced Research Projects Activity (IARPA) will host a Proposers' Day conference for the Scientific advances to Continuous Insider Threat Evaluation (SCITE) program, in anticipation of the release of a new solicitation in support of the program. The purpose of the conference will be to provide introductory information on SCITE and the research problems that the program aims to address, to respond to questions from potential proposers, and to provide a forum for potential proposers to present their capabilities and identify potential team partners
IIT Cyber Forensics and Security Conference and Expo (Wheaton, Illinois, USA, Apr 17, 2015) All are invited to participate in this multi-track, technical conference that attracts more than 200 professionals, 50 speakers, 20 sponsors, for an intensive one and a half day schedule that includes discussion and debate over forensics, security, data/information governance, cyber crime and security, ethical hacking, eDiscovery, cloud forensics, steganography, policy and compliance, privacy, wireless security, cloud computing, identity theft, and more
RSA Conference 2015 (San Francisco, California, USA, Apr 20 - 24, 2015) Don't miss this opportunity to join thousands of industry professionals at the premier information security event of 2015
Australian Cyber Security Centre Conference (Canberra, Australia, Apr 22 - 23, 2015) The Australian Cyber Security Centre (ACSC) will be hosting its first cyber security conference in 2015. We are bringing leading cyber security experts from Australia and abroad to share their expertise. This will be your first chance to experience the unique collaboration of the ACSC. Over 700 attendees from the national and international ICT community are expected to attend
Security Forum 2015 (Hagenberg im Mühlkreis, Austria, Apr 22 - 23, 2015) The Security Forum is the annual IT security conference in Hagenberg that addresses current issues in this domain. Visitors are offered technical as well as management-oriented talks by representatives of business, research and public service
CyberTexas / CyberIOT (San Antonio, Texas, USA, Apr 23 - 24, 2015) CyberIOT — Securing the Internet of Things. As more everyday devices become connected to the internet, the need for securing those items becomes critical. CyberTexas will explore the intersection of cyber security and the internet of things'
Defensive Cyberspace Operations & Intelligence Conference & Exhibition (Washington, DC, USA, Apr 27 - 28, 2015) The 5th Annual Defensive Cyberspace Operations & Intelligence (DCOI) conference & exhibition is an Israeli-American partnership promoting the extraordinary developments in the technological, intelligence and policy-making domains of cyberspace. It will be held on April 27-28; the first day will consist of panels and exhibition at the Ronald Reagan Building and International Trade Center, and the second will hold workshops, exhibition and seminars at the George Washington University
INTEROP Las Vegas (Las Vegas, Nevada, USA, Apr 27 - May 1, 2015) Attend Interop Las Vegas, the leading independent technology conference and expo designed to inspire, inform, and connect the world's IT community. In 2015, look for all new programs, networking opportunities, and classes that will help you set your organization's IT action plan
2015 Synergy Forum (Tysons Corner, Virginia, USA, Apr 30, 2015) The 2015 Synergy Forum brings together government and industry practitioners driving our collective technology futures. This event is multi-disciplinary, examining the emerging fusion of physical and digital worlds. The event topics include: Big Data, Cyber Security, Internet of Things, Mobility, Strategy and Technology. Attending this event would be beneficial to: Policy-makers, architects, program managers, influencers in the federal government and the most forward thinking engineers, architects and innovators in the DC ecosystem