VK gets contacted (not in a good way). Lousy passwords abound. Vulnerabilities reported in social media, routers, hybrid SUVs. Industry notes.
As ISIS continues to devour its leaders, facing as it does increasing pressure, the Caliphate’s rivals in al Qaeda return to Twitter. Their message is the familiar call to jihad, albeit more pedantically put than ISIS would have framed it.
More than 100 million accounts from the Russo-centric social media platform VK (formerly Vkontakte) have been leaked and are now being hawked on the dark web. Following the past three weeks’ revelations concerning LinkedIn, Tumblr, and MySpace, the incident offers another reason to change passwords (and not reuse them).
Applicants for US visas are being phished by impostors serving up a remote-access Trojan (QRAT), F-Secure reports.
Researchers at Pen Test Partners demonstrate a proof-of-concept WiFi hack of the Mitsubishi Outlander hybrid SUV. They didn’t gain access to the car’s Controller Area Network (CAN), but what they got was disturbing enough that it moved Mitsubishi to advise customers to disable their Outlander’s WiFi until a firmware update is pushed to them.
The Angler exploit kit has grown more evasive, and incorporated Silverlight and Flash exploits into it toolset.
Google fixes eight critical and twenty-eight high-risk Android vulnerabilities in its June update.
Recent attacks circumstantially linked to Pakistan lend urgency to calls in India for establishment of a cyber command.
Hamburg’s Data Protection Commissioner has assessed fines for violations of Germany’s data protection laws.
In the US, the Justice Department has offered a Federal judge a second secret filing in the FBI’s investigation of former Secretary of State Hillary Clinton’s email practices.
Today's issue includes events affecting Bangladesh, European Union, Germany, India, Japan, Democratic Peoples Republic of Korea, Malaysia, New Zealand, Pakistan, Singapore, Sri Lanka, Switzerland, and United States.
Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day. This afternoon you'll hear our conversation with Raytheon's Dave Amsler who'll take us through the results of his company's study, just released, on why, when, and how companies engage with managed security services providers. And Dale Drew from our partners at Level 3 Communications tells us about the increase in malicious traffic they're observing in Latin America. (If you feel so inclined, please give us an iTunes review.)
Cyber Attacks, Threats, and Vulnerabilities
Senior al Qaeda religious official in Syria returns to social media (Long War Journal) A senior al Qaeda religious official in Syria has returned to social media in the past 24 hours after a prolonged absence. The jihadist known as Abu Sulayman al Muhajir launched a new Telegram channel and Twitter feed
Vulnerabilities in Facebook Chat and Messenger exploitable with basic HTML knowledge (Help Net Security) Check Point’s security research team has discovered vulnerabilities in Facebook’s standard online Chat function, and its separately downloaded Messenger app
Security experts find hacking backdoor to Facebook Messenger (Gold Coast Bulletin) Security experts today will reveal a major flaw in Facebook Messenger that is set to have major legal ramifications, including judicial decisions being sent back to the appeal court and commercial agreements sent into disarray
Fixing Message Duplication in Messenger on Android (Facebook) Not all of our learning comes from complex security bugs. Sometimes, even simple configuration issues can show us how to make our products more secure
100 milion VK accounts put up for sale (Help Net Security) Another “historic” mega breach has been revealed as someone who goes by the alias “Tessa88@exploit.im” has begun selling info tied to 100 milion VK accounts
Hackers breach social media accounts of Mark Zuckerberg and other celebrities (IDG via CSO) The compromises might be the result of recent data breaches from other websites that exposed user passwords
Password Re-user? Get Ready to Get Busy (KrebsOnSecurity) In the wake of megabreaches at some of the Internet’s most-recognized destinations, don’t be surprised if you receive password reset requests from numerous companies that didn’t experience a breach: Some big name companies — including Facebook and Netflix — are in the habit of combing through huge data leak troves for credentials that match those of their customers and then forcing a password reset for those users
Qarallax RAT: Spying On US Visa Applicants (F-Secure: News from the Lab) Travelers applying for a US Visa in Switzerland were recently targeted by cyber-criminals linked to a malware called QRAT. Twitter user @hkashfi posted a Tweet saying that one of his friends received a file (US Travel Docs Information.jar) from someone posing as USTRAVELDOCS.COM support personnel using the Skype account ustravelidocs-switzerland (notice the “i” between “travel” and “docs”)
Flaws in Ubee router can facilitate attacks on connected networks (Help Net Security) Researchers have discovered five critical vulnerabilities in Ubee EVW3226, a VoIP cable modem router used by operators across Europe, which can be exploited to compromise the device
Widespread exploits evade protections enforced by Microsoft EMET (IDG via CSO) Companies should not rely on EMET to delay patching frequently attacked programs
Angler Exploit Kit Finds a Method to Escape Microsoft's EMET Security Toolkit (Softpedia) Method works using Flash and Silverlight exploits
TeamViewer: So sorry we blamed you after your PC was hacked (Register) 'Significant' number of people affected yet 'incredibly small' portion of users
Eset warns of 'tricky' DNS malware update (ITWire) A new version of the DNS Unlocker malware "can be tricky to defang" warns Eset
Researchers hack the Mitsubishi Outlander SUV, shut off alarm remotely (Help Net Security) Mitsubishi Outlander, a popular hybrid SUV sold around the world, can be easily broken into by attackers exploiting security weaknesses in the setup that allows the car to be remotely controlled via an app
789% year-over-year spike in malware and phishing (Help Net Security) An analysis of phishing email campaigns from the first three months of 2016 has seen a 6.3 million increase in raw numbers, due primarily to a ransomware upsurge against the last quarter of 2015. That is a 789% jump
Ransomware Goes After Manufacturing (eWeek) A Fortinet research report finds that manufacturers are increasingly under attack from ransomware as older vulnerabilities provide easy access
Researchers find a way to snoop on you through your phone’s vibration motor (TechCrunch) Cover up your webcam, disable microphone access and put on your tinfoil hat — but it won’t make any difference, because the Illuminati can get at you through your phone’s vibration motor now. Well, kind of, anyway. Your best defense? Talk in a high voice
What Businesses Can Learn from the SWIFT Cyber Attack (Huffington Post) Like bacteria that mutates in order to thrive against powerful antibiotics, threats in today’s cyber-environment are constantly changing to exploit new vulnerabilities. But just like antibiotics must evolve, our systems for protecting digital security - at personal, commercial and government levels - must change with the times and be equally active, robust, and innovative
Spooked by BB heist, Asian security summit works on cybersecurity (BusinessNews24bd) The South China Sea dispute and worries about North Korea dominated an Asian security summit at the weekend, but cybersecurity was also in focus as regional officials sought to improve coordination amid a rise in high-profile hacks
Dream Gallery 1.0 Cross Site Request Forgery (Packet Storm) Dream Gallery version 1.0 suffers from a cross site request forgery vulnerability
Report: Malware, stolen IDs top items for sale on dark web (FedScoop) To find the most popular items for sale, SurfWatch Labs monitored activity on five of the most prominent dark web marketplaces: AlphaBay, Dream Market, HANSA Market, Valhalla and TheRealDeal Market
Security Patches, Mitigations, and Software Updates
Android gets patches for serious flaws in hardware drivers and media server (IDG via CSO) Eight critical and 28 high-risk vulnerabilities were fixed in the June Android security update
Latest Android Security Bulletin Heavy on Critical Qualcomm Flaws (Threatpost) Google today pushed out its monthly Android patches, addressing what is becoming a monthly custom of a critical Mediaserver vulnerability, in addition to a half-dozen critical flaws in different Qualcomm drivers
Proactive threat hunting: Detect, isolate and eradicate (Help Net Security) Organizations worldwide wait until they fall victim to a damaging cyber attack before engaging a provider of managed security services, or MSS, according to Raytheon. Two-thirds of survey respondents indicated that not until there is a significant data loss from an IT security breach are their organizations motivated to engage a vendor
NZ dodges cyber attack bullet (New Zealand Herald) New Zealand is one of the least affected countries in Asia Pacific when it comes to cyber attacks, but harmful software is circulating around the globe in massive numbers
Transforming cybersecurity challenges into new opportunities (Star) Predicting the future is a challenging task. But as the world enters a new digital era, most of us would agree that cybersecurity is on the cusp of exponential growth, driven by the Internet of Things (IoT) and mobile communication
Why Boards Need To Get Smart About Cyber Innovation -- Now (Forbes) Ariel Evans is an American Israeli cybersecurity expert, entrepreneur and business developer. Evans is the go-to person in Israel that connects cyber startup companies to funding and business development opportunities
Nearly Half of Organizations Unsure if Cyber Insurance will Payout for Evolving Email Attacks (BusinessWire) New Mimecast research highlights 45% of organizations unaware if their cyber insurance will cover new social engineering attacks
Bain readies cyber security firm Blue Coat for IPO (Computer Business Review) The company plans to pay off debt and invest in new products
Mobile security startup Zimperium scores $25 million (VentureBeat) Zimperium, the security company behind a mobile and in-app protection service, announced today that it has raised a $25 million investment led by Warburg Pincus
NTT Announce Formation of MSSP (Infosecurity Magazine) NTT has announced the formation of NTT Security Corporation, a specialized security company to deliver Managed Security Services (MSS) and specialized security expertise
VAR formerly known as Integralis gets another makeover (Channel Web) NTT Com Security, the pan-European security VAR formerly known as Integralis, is being folded into a brand new security outfit formed by its Japanese parent NTT
Raytheon Hits 52-Week High on Investments, Foreign Sales (Zacks) Shares of Raytheon Company (RTN - Analyst Report) scaled a new 52-week high of $133.98 on Jun 3, before closing a little lower at $133.86. With a market cap of around $39.75 billion, the company has seen its shares gain roughly 8.7% in the past one year, outperforming the 2.7% gain of the S&P 500 over the same period
Can CyberArk Keep Growing Its Revenues And Stock At 45%? (Forbes) I tend to avoid investing in individual stocks since I can’t figure out what makes them go up and down
Armorway Announces $2.5 Million in Seed Round Funding for Pioneering Artificial and Prescriptive Intelligence Enterprise Initiatives (StreetInsider) AI Innovator also named as Red Herring North American Top 100 Finalist
How Does Palantir Make Money? (Palantir) Palantir sells software to government agencies and corporations that want to analyze vast data sets to solve complex problems
Help us find Washington’s next tech innovators: Week three (Washington Post) For the third year running, Capital Business is teaming up with the Northern Virginia Technology Council to find promising product innovations
Resignations at Cisco hint at an internal power struggle for CEO Chuck Robbins (Recode) The four executives who ran Cisco's unusual "spin-in" strategy quit today
SentinelOne hires prominent cyber-security expert Jeremiah Grossman (Reuters) Security software maker SentinelOne said on Monday that it has hired prominent cyber-security expert Jeremiah Grossman, who last month left WhiteHat Security which he founded 15 years ago
CYREN Expands Executive Team with Vice President of Global Cloud Operations (PRNewswire) CYREN (NASDAQ: CYRN) today announced that Hesham Eassa has joined the company as vice president of global cloud operations
Products, Services, and Solutions
Trustwave and CounterTack Team to Reduce Impact of Data Breaches (Trustwave) Alliance expands portfolio of Trustwave managed security services worldwide, brings endpoint detection and response capabilities to Asia-Pacific market through Singtel
Telia Carrier and Ericsson sign global IoT backbone agreement (PRNewswire) As the Internet of Things (IoT) ecosystem continues to evolve, Telia Carrier and Ericsson have signed an agreement that highlights the critical role international carriers have to play. Telia Carrier will provide backhaul and interconnect solutions to Ericsson's Device Connection Platform via a dedicated IoT backbone
iguaz.io Unveils Worlds First Virtualized Data Services Architecture (News Channel 10) iguaz.io, the disruptive company challenging the status quo for big data, the Internet of Things (IoT) and cloud-native applications, today unveiled its vision and architecture for revolutionizing data services for both private and public clouds. This new architecture makes data services and big data tools consumable for mainstream enterprises that have been unable to harness them because of their complexity and internal IT skills gaps
0patch: Microscopic cures for big security holes (Help Net Security) Software vulnerabilities are one of today’s most significant information security issues. Disclosing high profile vulnerabilities has become tremendously rewarding, to the point that some vendors are devising marketing campaigns that include a logo and a catchy name, regardless of the seriousness of the flaw
Rambus and Movimento Team to Deliver Personalized Security for Automotive (BusinessWire) Integrated solution provides highly secure over-the-air vehicle updates
Exclusive Networks makes security policy play with Tufin (ChannelBiz) New offering to resellers dovetails nicely with other products from the likes of Fortinet and Palo Alto Networks
MainOne, Radware partner on managed security services (Telecompaper) MainOne and Radware, a provider of cyber-security and application delivery products, are offering an outsourced Managed Security Service to enterprises and service providers
Technologies, Techniques, and Standards
How Many Layers Does Your Email Security Need? (Dark Reading) At least one more layer than the attacker can defeat. Here's how to improve your odds by turning on little-used or newer capabilities to block email-targeted malware
Top Security To-Dos For The Entertainment Industry (Dark Reading) 'The biz' has unique security needs. And it isn't only about preventing 'the next Sony'
3 ways CIOs can protect users against cyber attacks (CIO) Cyber attacks in the recent past have been causing huge losses in revenues for enterprise and also for individuals transacting online. While there have been technology developments to secure the web, the loopholes are many still, for the hackers to exploit. Mobile banking apps have been the latest hunting ground for many cyber criminals
The Cyber Threat: Cybercom Trains for Infrastructure Attack as Power Companies Play Down Threat to Grid (Washington Free Beacon) Cyber Guard war games simulate major cyber attack
Design and Innovation
DNS security can be improved with cookies, suggest IETF boffins (Register) For message authentication, not for tracking. Promise!
Research and Development
US Spies Are Building Software to Spot Your Suspicious Behavior In Live Video (Defense One) The program is called Deep Intermodal Video Analytics—or DIVA—and it seeks to locate shooters and terrorists before they strike
Surprisingly efficient snail brains could help make robots smarter (Engadget) Snails use two brain cells to make "complex decisions"... about whether to eat or not
Pathway To The New Era of Quantum Computing (CTOvision) The world of computing has witnessed seismic advancements since the invention of the electronic calculator in the 1960s. The past few years in information processing have been especially transformational
Legislation, Policy, and Regulation
New Indian Cyber Command Urged Following Recent Attacks (Defense News) Amid media reports of a suspected cyberattack by a Pakistan-based group targeting the Indian government, some officials and analysts here are calling for progress on a proposed tri-service command on cybersecurity that is still pending approval by the Ministry of Defense
Opinion: Is your data really safer in Europe? (Christian Science Monitor Passcode) The European privacy watchdog's rebuke of the EU-US data transfer deal known as Privacy Shield should prompt reforms on both sides of the Atlantic. In the meantime, we’d rather our data reside in the US, subject to publicly available legal frameworks, judicial oversight, and a strong tradition of civil society watchdogs
FBI wants access to Internet browser history without a warrant in terrorism and spy cases (Washington Post) The Obama administration is seeking to amend surveillance law to give the FBI explicit authority to access a person’s Internet browser history and other electronic data without a warrant in terrorism and spy cases
Cyberattacks threaten Main Street’s bottom line but Congress can make a difference (The Hill) The coffee you bought from your neighborhood barista. The handmade table you purchased online from a craftsman in New England. The new haircut you got from your local beauty salon
Sen. Whitehouse proposes cyber IG for civilian agencies (FCW) An overarching inspector general for cybersecurity would attract top-notch talent, according to Sen. Sheldon Whitehouse (D-R.I.). There should be a single inspector general charged with auditing cybersecurity practices across federal civilian networks, according to Sen. Sheldon Whitehouse (D-R.I.). That approach would be a dramatic shift from the current practice of having each agency's IG office handle information security probes
President's Commentary: First and Foremost, Educate for Cyber (SIGNAL) When we closely examine U.S. cybersecurity policy, one point stands out. Many in the public, industry and government are not well-educated or informed about the causes and effects of our cybersecurity failings or their remedies. These knowledge gaps differ among and within each sector, but cumulatively they add up to the vulnerable state of affairs that defines securing our national cyberspace. Policy must be continually assessed, focused and adjusted to meet the needs of this dynamic domain
Three Years Later: How Snowden Helped the U.S. Intelligence Community (Lawfare) Three years ago today, The Guardian published the first story based on the huge archive of documents that that Edward Snowden stole from the National Security Agency while working as an NSA contractor. Then-Attorney General Holder’s Justice Department quickly charged Snowden with felonies for theft of government property and mishandling classified information. Last week, however, Holder praised Snowden. “I think that he actually performed a public service by raising the debate that we engaged in and by the changes that we made,” Holder said
Litigation, Investigation, and Law Enforcement
FBI offers second secret filing in Clinton email suit (Politico) The FBI is offering a federal judge a second secret glimpse into the investigation into Hillary Clinton's private email server
Senior State Dept. officer, now Iran deal coordinator, deposed about Clinton email (Washington Post) A senior State Department official who oversaw executive operations during Hillary Clinton’s tenure as secretary from 2009 to 2013 told lawyers in a civil lawsuit that he was aware of her private email server, but had no reason to think it was used for government business, according to a transcript released Monday
State Dept. would need 75 years to compile Clinton emails (The Hill) The State Department said it would take 75 years for the release of emails from top aides to Hillary Clinton while she was serving as secretary of State
Hamburg DPA Assesses Fines for Non-Compliance with German Data Protection Law (Jenner & Block) As threatened earlier this year, the Hamburg Data Protection Commissioner Johannes Caspar has announced enforcement actions against a handful of multinational companies for non-compliance with German data protection law
Why legal departments begrudge the cloud (CSO) Legal professionals are by their nature a skeptical and cautious lot, but the sharp rise in cloud-based applications being used by enterprises and law firms, as well as recent high-profile law firm security breaches, has many legal professionals reticent about entering cloud engagements
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
CyberTexas (San Antonio, Texas, USA, Aug 23 - 24, 2016) CyberTexas was established to provide expanded access to security developments and resources located in Texas; provide an ongoing platform for the education and skill development of cyber professionals & job creation; build strong relationships with other U.S. and International geographies focused on cyber ecosystem development; bring national and international resources to the region to showcase Texas-based cyber assets; identify and encourage business opportunities within and outside of Texas; and create long-term value for the cyber security ecosystem of San Antonio and the State of Texas.
BSides Canberra (Canberra, Australia, Mar 17 - 18, 2017) BSidesCbr is a conference designed to advance the body of Information Security knowledge, by providing an annual, two day, open forum for discussion and debate for security engineers and their affiliates. We produce a conference that is a source of education, collaboration, and continued conversation for information technologists and those associated with this field. The technical and academic presentations at BSidesCbr are given in the spirit of peer review and advanced knowledge dissemination. This allows the field of Information Security to grow in breadth and depth, and continue in its pursuit of highly advanced scientifically based knowledge.
ISS World Europe (Prague, Czech Republic, Jun 7 - 9, 2016) ISS World Europe is the world's largest gathering of regional law enforcement, intelligence and homeland security analysts as well as telecom operators responsible for lawful interception, hi-tech electronic investigations and cyber intelligence gathering. ISS World programs present the methodologies and tools for law enforcement, public safety and government intelligence communities in the fight against drug trafficking, cyber money laundering, human trafficking, terrorism and other criminal activities conducted over today's telecommunications network and the internet.
Data Breach & Fraud Prevention Summit Asia (Mumbai, India, Jun 8, 2016) ISMG’s Data Breach & Fraud Prevention Summit Asia – Mumbai is a one-day event that will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach to looking at the data breach threat that impacts all industries. Whether you are forming opinions on how to view the recent global Apple Vs. FBI debate, want to learn more about the breach incidents, or just look forward to networking with your peers on cybersecurity challenges, we are confident you will gain tremendous insight throughout the event. CyberWire readers can use the discount promo code "CW20" when registering with email@example.com to receive 20% off the conference price.
New York State Cyber Security Conference (Albany, New York, USA, Jun 8 - 9, 2016) June 8-9 marks the 19th Annual New York State Cyber Security Conference and 11th Annual Symposium on Information Assurance (ASIA) and we invite you to join us for this nationally recognized event. The event takes place in Albany, New York and is cohosted by the New York State Office of Information Technology Services, the University at Albany's School of Business, and The New York State Forum, Inc. This conference offers something for everyone -- whether you're an end user, IT professional, government employee, or business owner.
LegalSEC Summit 2016 (Baltimore, Maryland, USA, Jun 9 - 10, 2016) Whatever your role in security, there’s something here for you! Hear from experts who will share their experiences related to information security, and develop takeaways to use in your organization. The target audience for ILTA’s LegalSEC Summit is legal technology professionals at every level and general counsel who touch legal security in their law firm or law department and want to learn more and connect with peers.
SecureWorld Portland (Portland, Oregon, USA, Jun 9, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
Cybersecurity and Financial Services: Understanding the Risks (San Diego, California, USA, Jun 9, 2016) Join San Diego's KCD PR for a conversation on a hot topic for every business operating in the Fintech and Financial Services space: Cybersecurity. The nature of cybersecurity breaches is continuously changing and requires companies to be relentlessly vigilant in not only preventing these attacks, but also in managing them and properly communicating with key stakeholders when they do occur. The webinar panel features renowned financial cybersecurity luminaries including FICO's Chief Analytics Officer; the SVP/GM of FIS, a member of the Fortune 500 and the world's largest global provider of banking and payments technologies; as well as the CIO of Advisor Group, home of one of the largest networks of independent broker-dealers in the US with nearly 6,000 affiliated advisors. Together, they'll discuss all sides of the cybersecurity issue and outline best practices to leverage when faced with these kinds of financial threats.
SIFMA Cyber Law Seminar (New York, New York, USA, Jun 9, 2016) During this full-day program attorneys and compliance professionals will gain insights and regulatory perspectives on cybersecurity law as well as strategies for how to take an active and valuable role in their firm’s cyber defense plan. Steve Bunnell, Department of Homeland Security, and Richard Jacobs, Federal Bureau of Investigation NY Branch, will provide keynote remarks.
Cleared Job Fair (Tysons Corner, Virginia, USA, Jun 9, 2016) ClearedJobs.net connects you with cleared facilities employers, including Federal Acquisition Strategies, Firebird Analytical Solutions & Technologies, Leidos, PAE, TRIAEM, Commonwealth Computer Research, Inc., Syntera and more. Receive free professional resume reviews during the job fair, as well as the latest informaiton on security clearance reinvestigations. Positions employers are seeking to fill include jobs in cyber security, intel, information security, help desk personnel, network operations engineers, systems engineers, software development and engineering, program and project management, system administration, database administration, financial management, and many other trades. For professionals with an active or current security clearance only.
SANSFIRE 2016 (Washington, DC, USA , Jun 11 - 18, 2016) For more than 10 years, the Internet Storm Center has been providing free analysis and warning to our community. SANSFIRE 2016 is our annual "ISC Powered" event. Evening talks tap into the expertise behind our daily postings, podcasts, and data collection efforts focusing on current trends and actual relevant threats. The strength of the Internet Storm Center is its group of handlers, who are cyber security practitioners tasked with securing real networks just like you. This is your chance to meet some of them in person.
4th International Conference on Cybercrime and Computer Forensics (ICCCF) (Vancouver, British Columbia, Canada, Jun 12 - 14, 2016) For the past four years, APATAS has organized the International Cybercrime and Computer Forensics conference at various locations throughout Asia. In 2016, our 4th annual ICCCF is moving for the first time to Simon Fraser University’s Harbour Centre campus and Centre for Dialogue at downtown Vancouver, Canada. North America has been a pioneer in cybercrime research, policy and practice since the mid-1980s. As expected, we have witnessed increasing technological developments in both personal computing and in smart-phone and wireless devices that have had an impact on how technology-enabled crimes have been committed in the Asia Pacific region and beyond. One of the key approaches to understanding such crime is through research and incorporating the outcome of research into policy and practice. The 4th Annual ICCCF 2016 Vancouver, BC, Canada therefore focuses its discussion on ‘Cybercrime: Linking Research, Policy, and Practice.’
Show Me Con (St. Charles, Missouri, USA, Jun 13 - 14, 2016) SHOWMECON. The name says it all. Known as the Show Me State, Missouri is home to St. Louis-based ethical hacking firm, Parameter Security, and security training company, Hacker University. Together, they are bringing you a one-of-a-kind event that will Show You the State of security from a unique perspective — the hacker?s viewpoint
CISO DC (Washington, DC, USA, Jun 14, 2016) Tactics and best practices for taking on enterprise IT security threats. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more.
Cyber Security Opportunities in Turkey Webinar (Online, Jun 14, 2016) As in other countries, Turkey is a target of high profile attacks in the public and private sectors. Instability from neighboring countries increases their risk. Since 2014 Turkey is working on a cyber security plan which includes not only government but private sector and NGOs as well. Per Cisco's 2014 Security Report, attacks occur in ICS-SCADA, web servers and malwares-6% respectively, applications-31%, infrastructure-18%, and end-users-9%.Topics include: industry drivers, trends, and key players. Open Q&A session at the conclusion of presentations. Confirmed speakers: Alper Cem Yilmaz, Founder, and Jade Y. Simsek, Mrktg Specialist, CrypTech. Learn about the Cyber Security Market in Turkey with the objective of finding sales opportunities. Turkey's Transportation, Maritime Affairs and Communications Ministry formed SOME (Cyber Incident Response Teams)for protection of cyber attacks.
The Security Culture Conference 2016 (Oslo, Norway, Jun 14 - 15, 2016) The Security Culture Conference 2016 is the leading, global conference discussing how to build, measure and maintain security culture in organizations. The conference is a part of the Security Culture Framework Community, and draws professionals from around the world to meet, share and learn about security culture.
TECHEXPO Top Secret Hiring Event (Baltimore, Maryland, USA, Jun 15, 2016) Security-cleared professionals are invited to interview for new career opportunities on Wednesday, June 15 at the BWI Marriott in Baltimore, MD. Hot job opportunities are available in Cyber Security, Intelligence, Defense and IT. Hiring managers will be onsite to fill open positions from companies including BAE Systems, CACI, Deloitte, CGI, Prosync, OnyxPoint, ShoreIT Solutions, Varen Technologies and many more.
2016 CyberWeek (Tel Aviv, Israel, Jun 19 - 23, 2016) The conference, held jointly by the Blavatnik Interdisciplinary Cyber Research Center (ICRC), the Yuval Ne'eman Workshop for Science, Technology and Security, the Israeli National Cyber Bureau, Prime Minister's Office and Tel Aviv University, in collaboration with the Ministry of Foreign Affairs, will bring together high level international cyber experts, policy-makers, academia and researchers, security officials and foreign diplomats, attracting many participants from around the world for an exchange of knowledge, methods and ideas evolving field of cyber.
National Insider Threat Special Interest Group - South FL Chapter Kickoff Meeting (Palm Beach, Florida, USA, Jun 21, 2016) The National Insider Threat Special Interest Group (NITSIG) is excited to announce the establishment of a South Florida Chapter. Presentations and discussions will be provided by Insider Threat Defense, Inc. and the FBI. The meeting will focus on: how to recognize potential insider threat problems, employee behavioral indicators of concern, and strategies for insider threat risk mitigation.
Cyber Security for Critical Assets LATAM (Rio de Janeiro, Brazil, Jun 21 - 22, 2016) Cyber-attacks on critical infrastructure have become an increasing threat for Latin American governments and companies within the oil and gas, chemical and energy sectors. Although the attack frequency is increasing, companies are still reluctant to develop strategies to fight them. As cyber-attacks grow in sophistication, frequency and intensity, these companies are increasingly becoming high profile targets. The Cyber Security for Critical Assets LATAM Summit aims to bring together the key players involved in Cyber Security and defending critical infrastructure against the ever growing threat of attacks. The conference will connect process control and corporate IT senior level professionals, allowing them to discuss challenges, share experiences and investigate best practice guidelines. This in turn will lead to the building of robust policies and standards that will protect the future of LATAM’s critical assets.
Cyber 7.0 (Laurel, Maryland, USA, Jun 22, 2016) Cyber 7.0 delves into the cyber threat to the nation’s critical infrastructure—transportation, health care, utilities, and energy, to name a few. How can government and industry work together to battle the threats to personal and public safety? For the seventh year, regional cyber experts, small entrepreneurs, large businesses, and government organizations come together to discuss, connect, and strategize. Be a part of the solution. Sponsor, exhibit, attend.
Security of Things World (Berlin, Germany, Jun 27 - 28, 2016) Security. Privacy. Connected Devices. Exploring Security and the Internet of Things. A world class event focused on the next information security revolution. Be part of Security of Things World in June in Berlin to tailor your proposition to respond to the security concerns that preoccupy enterprise customers today and find pragmatic solutions to the most common security threats.
SANS Salt Lake City 2016 (Salt Lake City, Utah, USA , Jun 27 - Jul 2, 2016) We are pleased to invite you to SANS Salt Lake City 2016, June 27-July 2. Are you ready to immerse yourself in the most intense cyber training experience available anywhere? Do you need to become a more effective leader when implementing security improvements for your organization? Do you need a more in-depth knowledge of the theory and implementation of computer security, hacker tools and incident handling, advanced digital forensics, defending web apps, or ISC/SCADA? This new event has been planned to meet your needs. Start making your plans now to attend SANS Salt Lake City 2016!
DC / Metro Cyber Security Summit (Washington, DC, USA, Jun 30, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. This educational and informational forum will focus on educating attendees on how to best protect highly vulnerable business applications and critical infrastructure. Attendees will have the opportunity to meet the nation’s leading solution providers and discover the latest products and services for enterprise cyber defense.
TECHEXPO Cyber Security Hiring Event (Tysons Corner, Virgina, USA, Jun 30, 2016) Cyber security professionals are invited to interview face-to-face with employers including The CIA, Deloitte, Intel Security, Northrop Grumman, Lockheed Martin, Deloitte, Vencore and many more. Hundreds of career opportunities are available in cyber security that need to be filled immediately. Bring copies of your resume with you and interview in person, representing yourself better than any online application ever could.