The state of DDoS and ransomware. Bogus Apple domains used in phishing. Banks warned to improve their security game. Singapore will cut government Internet access next year.
Akamai’s quarterly State of the Internet report sees a continuing rise in cheap-to-mount but disruptive DDoS attacks, many of them using stresser/booter-based botnets. Akamai also reports that account takeover attacks are particularly targeting financial and entertainment verticals.
Bogus Apple domains are the source of several phishing expeditions targeting users in the UK and China. FireEye says the phishers are after Apple IDs and passwords.
Victims of the Mount Gox cryptocurrency exchange collapse are being phished from the Kraken Exchange, Cyren warns.
Crysis crypto ransomware is overtaking both Locky and TeslaCrypt. ESET says Crysis is unusual in its indifference to file extensions.
Trend Micro warns that BlackShades ransomware also remains active.
Fortinet describes “Herbst,” apparently still in beta, but whose authors seem to be preparing for a ransomware campaign against German speakers (perhaps this fall).
The Facebook Messenger bug Check Point found is said to enable attackers to alter previously sent messages.
SecureWorks explains the recurrence of malware in cleaned systems: some malicious code exploits BITS, a native Windows tool used to retrieve updates.
As investigations into SWIFT-related fraudulent transfers proceed, US bank regulators, specifically those associated with the Federal Financial Institutions Examination Council (FFIEC), are warning financial institutions to pay attention to compliance, follow best security practices, and expect closer scrutiny.
In industry news, Fortinet buys SIEM shop AccelOps.
US Cyber Command finds retention more challenging than recruiting.
In a move to upgrade its security posture, Singapore will cut most civil servants’ workplace Internet access by May of next year.
Notes.
Today's issue includes events affecting Bangladesh, Brazil, China, Germany, India, Iran, Iraq, Israel, Democratic People's Republic of Korea, Mexico, Russia, Singapore, United Kingdom, and United States.
Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we welcome our newest research partner, Virginia Tech’s Hume Center. Charles Clancy, the Center's director, gives us an overview of his organization and its research interests. (Should you enjoy our podcast, please consider giving it an iTunes review.)
Cyber Attacks, Threats, and Vulnerabilities
Abu Azrael sends message from Fallujah (Threat Matrix) Iraqi Shiite militia commander and strongman Abu Azrael, or “father of the Angel of Death,” taped a message from Fallujah addressed to both the enemies and friends of Iran. The clip was posted by an Iranian hardline and pro-Islamic Revolutionary Guard Corps (IRGC) media outlet on June 4
FireEye uncovers phishing campaigns targeting Apple users (ZDNet) FireEye has reported a number of malicious phishing campaigns originating from phony Apple domains, targeting iCloud users in China and the United Kingdom
Phishing campaign steals bitcoins from Mt. Gox victims (SC Magazine) Cyren researchers spotted spam messages emanating from the Kraken exchange, which is leading the distribution of bitcoins recovered from the Mt. Gox collapse
Low-profile Crysis ransomware suddenly stealing the show (SC Magazine) Researchers have detected a sudden surge in attacks using Crysis ransomware, which encrypts virtually all file types, even those with no extension
Beyond TeslaCrypt: Crysis family lays claim to parts of its territory (WeLiveSecurity) It has been two weeks since ESET created a TeslaCrypt decryptor, which allows victims of the ransomware to get their files back. This came on the back of its developers ceasing operations. Since then, over 32,000 users around the globe have taken advantage of this opportunity and downloaded the tool
New BlackShades Ransomware Accepts Payments via Paypal, Has Hidden Messages for Security Researchers (Trend Micro Security News) A new ransomware variant has been discovered by a security researcher named “Jack” that encrypts data files and demands a ransom of $30 paid in bitcoins through Paypal. The ransomware, named BlackShades (detected by Trend Micro as CRYPSHED / Troldesh) a.k.a. SilentShades, is currently targeting English and Russian-speaking users
Cooking Up Autumn (Herbst) Ransomware (Fortinet) Fortiguard’s behaviour-based system designed to identify new malware has detected a German targeted ransomware. We named it Herbst, a German word which in English means Autumn
Facebook Messenger security flaw meant hackers could alter sent messages on Android (Fast Company) The exploit was discovered by Check Point and allowed hackers to alter previously sent messages, such as swapping out a benign link your friend sent you with a link that leads to a malicious site. The exploit only existed on Facebook Messenger for Android, which Facebook says has now been fixed
Android Trojan Hijacks Browsers to Redirect Users to Custom URLs (TWRIX) A previously discovered and highly dangerous Android trojan has received an update in the form of a module that allows it to inject the phone's Web browsers and intercept URLs, redirecting users to any link the crook wishes to
Malware exploits BITS to retain foothold on Windows systems (Help Net Security) If you’re sure that you have cleaned your system of malware, but you keep seeing malware-related network alerts, it’s possible that at some point you’ve been hit with malware that uses Windows’ BITS to schedule malicious downloads
Documents Show How Russia’s Troll Army Hit America (BuzzFeed) The adventures of Russian agents like The Ghost of Marius the Giraffe, Gay Turtle, and Ass — exposed for the first time
US warns banks on cyber threat after Bangladesh heist (Reuters via Interaksyon) U.S. regulators on Tuesday told banks to review cyber-security protections against fraudulent money transfers in the wake of revelations that a hacking group used such messages to steal $81 million from the Bangladesh central bank
Mark Zuckerberg and the $80 million stolen password (Recode) Research has found that people — even Facebook's CEO! — reuse passwords 31 percent of the time
VIDEO: Mark Zuckerberg's password choices are dadada-dumb! (Graham Cluley) Don't don't don't do do do dis dis dis
EXCLUSIVE: Global Banking System Infiltrated by Chinese Hackers (Epoch Times) Hackers employed by the Chinese state are making a profit selling access to breached banks to organized crime groups
Cyber Trends
Software as Weaponry in a Computer-Connected World (New York Times) The internet was created nearly 40 years ago by men — and a few women — who envisioned an “intergalactic network” where humans could pull data and computing resources from any mainframe in the world and in the process free up their minds from mundane and menial tasks
Cyber weapons are perfect weapons, says security expert Mikko Hypponen (ComputerWeekly) There is a lot of 'fog' surrounding cyber weapons and cyber war because there is no way of knowing the true capability of any country, says security expert Mikko Hypponen
Huge surge in ransomware shows 'no sign of stopping' (Computer Business Review) News: Criminal use of net infrastructure shot up 3500%
Retail, gaming industries hardest hit with web application and DDoS attacks (Akamai) Akamai published the Q1 2016 State of the Internet – Security Report, which provides a detailed view of the global cloud security threat landscape and in-depth analysis and insight into malicious activity
Big DDoS attacks reach record levels: Akamai (IT News) Done dirt cheap
Q1 2016 State of the Internet - Security Report (Akamai) DDoS and web application attack activity by vector. Analysis of repeat targets and DDoS as a diversion. Bot traffic analysis over 24 defined bot categories. DDoS spotlight: 100 Gbps+ mega attacks using increasingly simple attack vectors, Web application attack spotlight: Account Takeover (ATO) attacks targeting finance and entertainment sectors
Do companies take customers’ security seriously? (Help Net Security) 75 percent of adults in the UK would stop doing business with, or would cancel membership to, an organisation if it was hacked. This suggests, however, that a quarter would carry on using that company despite the security risk to both personal and financial information
IT Industry Falls Behind in Web Application Security (eWeek) Is security the price of innovation? The IT industry produces Web applications with far more vulnerabilities, and patches them far slower, than other companies
It takes 248 days for IT businesses to fix their software vulnerabilities (Help Net Security) Compiled using data collected from tens of thousands of websites, a new WhiteHat Security report reveals that the majority of web applications exhibit, on average, two or more serious vulnerabilities per application for every industry at any given point in time
Network defense must improve as hacking profession matures (GCN) Cybercrime is becoming a lucrative business, and the low cost of entry coupled with a potentially high return on investment has fueled the spread and sophistication of the hacking profession. And like any other business, it’s maturing as cybercriminals hone their skills and tools
Centrify Consumer Trust Survey (Centrify) The Corporate Cost of Compromised Credentials
Do You Have Vendors in These ‘Risky’ Countries? (Spend Matters) Procurement organizations working with suppliers in Brazil may be putting their companies at risk. A new report says companies operating in Brazil pose the highest cyber risks for vendors and business partners due to poor security practices
Marketplace
U.S. Cyber Command struggles to retain top cybersecurity talent (CIO) Top official in Defense Department's cybersecurity unit says organization is doing an ‘effective job’ at recruiting, but keeping up with the evolving threat landscape remains a challenge
Fortinet acquires security analytics firm AccelOps (ZDNet) AccelOps makes both cloud-based and on-premise software that correlates security and network data into a common view
Fed-friendly mobile cybersecurity firm Lookout scoops Microsoft investment (FedScoop) Lookout and Microsoft fused their leading mobility products into a single, fed-friendly platform that will be sold immediately
Why Shares of KEYW Holding Corp. Popped 29% in May (Motley Fool) Strong earnings had investors excited about cybersecurity last month
Raytheon Says $1 Billion Cyber Deal Confirmed After Protests (Bloomberg Technology) Company will keep contract that affects more than 100 agencies. DHS notified company of its decision last week, executive says
BAE Systems sets sights on Vietnam (IHS Jane's Defence Weekly) BAE Systems is undertaking a project to expand its understanding of Vietnam, with a view to potential market penetration. The move coincides with the United States' recent decision to lift its long-standing military embargo on the Southeast Asian count
Stopping Cyberattacks Before They Start (Innovate Long Island) Consider Uncle Sam an honorary cofounder of Code Dx Inc
Demand for Cryptzone’s Software-Defined Perimeter Solution Drives Company Expansion (Cryptzone) Company’s growth and market opportunity attracts accomplished industry veterans
Cylance® Chosen Among Industry's Best Companies on CNBC Disruptor 50 List (PRNewswire) Cylance's artificial intelligence approach to cybersecurity secures spot among the 50 Most Disruptive Private Companies
Jeremiah Grossman Plans Ransomware Battle at SentinelOne (Infosecurity Magazine) Security speaker and WhiteHat Security founder Jeremiah Grossman has confirmed a new position in which he has declared plans to battle the scourge of ransomware
Products, Services, and Solutions
Versasec Announces Partnership with IDpendant (Versasec) Distributor with expertise in smart cards and public key infrastructure joins Versasec Partner Network
WatchGuard Acquires Hexis HawkEye G to Deliver Holistic Network Security From the Network to the Endpoint (RealWire) Resulting technology integration will enable organisations to prevent, detect, correlate, and take action against threats
Microsoft, Lookout Team Up In Mobile Security (Dark Reading) Microsoft's EMS integration with Lookout aim to strengthen customer access policies
Victoria's Plurilock can identify a bad actor within a few keystrokes (Vancouver Sun) A biometric security system designed by a startup company from the University of Victoria has drawn the attention of one of the world’s biggest credit card firms, the Pentagon and the U.S. health care industry
Egnyte focuses on data governance and reshapes EFSS strategy with Protect release (CloudTech) Enterprise file sync and share (EFSS) firm Egnyte has announced the launch of Egnyte Protect, a product which aims to give IT and line of business greater control and visibility of their content both in the cloud and on-premise
Microsoft establishes its Cyber Security Center in India (Indian Express) Microsoft’s CSEC will combine company’s technical proficiency as well as cutting-edge tools and technology with cross-industry expertise to effectively reduce digital risks
NSFocus Launches Cloud Security Platform (Light Reading) NSFOCUS, a global network and application security provider, announced the launch of NSFOCUS Cloud, a world-wide cloud-deployed security platform. NSFOCUS Cloud provides customers with easy access to advanced security services and offers comprehensive, end-to-end protection from a single source when used in combination with NSFOCUS' on-premises equipment.
Trustlook Mobile Security Powers Popular New GO Security App (Marketwired) Mobile security innovator's intelligent, cloud-based technology continues to transform the security industry
Ixia’s ThreatARMOR Improves Security Tool Efficiency of Large-Scale Enterprise Data Centers at 10Gb Network Speeds (BusinessWire) Turn-key threat intelligence gateway filters traffic from malicious IP addresses at line speed, boosting efficiency and performance of security and visibility tools
Proofpoint Delivers Threat Context into Splunk Software (GlobeNewswire) Multiple technology integrations enable Proofpoint email and social media context to be easily ingested into Splunk’s analytics-driven security platform
WISeKey brings blockchain to cybersecurity with WISeID (EconoTimes) WISeKey International Holding Ltd, a leading cybersecurity company, has released WISeID – a special edition of the Digital Identification and cyber-resilience app that integrates blockchain technology
ReSec Technologies Extends Cybersecurity Protection to Microsoft® Office 365™, Gmail™ and Other Cloud Email Services (PRNewswire) Dynamic cloud deployment adds support for popular cloud-based webmail platforms, so enterprises can add new efficient services without compromising security
New BitSight solution identifies security concerns stemming from third and fourth parties (GSN) BitSight Technologies, the standard in Security Ratings, today announced BitSight Discover for Enterprises, a new cloud offering that builds on its already powerful Risk Aggregation solution
Technologies, Techniques, and Standards
Threat Intelligence: When Straw Houses Don’t Suffice Against Big Wolves (Recorded Future) The following interview is with Chris Stouff and is from our Threat Intelligence Thought Leadership Series. Chris is manager of security incident response and forensics at Armor. What drives interest in threat intelligence in your community? What hole in your world does it fill?
How to configure your Chromebook for ultimate security (PCWorld via CSO) Chrome OS is already tops at security, but with a few extra tweaks you can ensure the gates are even more secure
Can you spot a strong password? (Naked Security) Security sophisticates tend to be plenty cynical about “typical users” – especially when it comes to choosing strong passwords. But, according to computer security researchers at CyLab, Carnegie Mellon’s Security and Privacy Institute, ordinary users aren’t quite as dumb as advertised. And their misunderstandings fall into just four specific categories. That’s actually a pretty manageable amount of education
Turning Zero-Day into D-Day for Cybersecurity Threats (IT Business Edge) "Zero-day" is a term used to describe the culprit behind many of the security breaches we hear about almost daily in the news. But what exactly does it mean? Zero-day — the first or "zeroth" day — refers to the point in time a security hole in code is revealed to hackers or cybersecurity professionals (e.g., a developer, researcher, software programmer)
Darth Vader, Hacking, and Healthy Competition: IDeFense Puts IDF Cyber Security on the Map (Israel Defense Forces) Led by the Cyber Defense Division, teams from across the IDF, national security community, the civilian sector, and international delegations went head-to-head in a Star Wars-themed hacking competition in Tel Aviv. To win, our soldiers (and their competitors) need to think like the enemy
Entfernen Fast Email Checker adware- Wie zu entfernen Fast Email Checker adware (Entfernen Von Spyware) Entfernen Fast Email Checker: Wie man Löschen Fast Email Checker
Design and Innovation
Lock It Up: Top 5 Mobile Security Issues Your App Must Avoid (Business.com) Mobile security risks have currently exceeded computer security risks. A fact recognized by large IT security companies such as Arxan, IBM, or NowSecure
Why the Economic Payoff From Technology Is So Elusive (New York Times) Your smartphone allows you to get almost instantaneous answers to the most obscure questions. It also allows you to waste hours scrolling through Facebook or looking for the latest deals on Amazon
Research and Development
IARPA exploring deceptive cyber defenses (Federal Times) Intelligence work is often as much about gathering information as it is about disseminating misinformation. To that end, the Intelligence Advanced Research Projects Activity (IARPA) is looking for innovative solutions around deceptive cyber defenses
Advanced game theory goes to work for homeland security (GCN) Game theory is not new to government. It has been used by intelligence agencies for more than 20 years to analyze events around the globe and to make predictions about future events
FourQ on FPGA: New Hardware Speed Records for Elliptic Curve Cryptography over Large Prime Characteristic Fields (Microsoft Research) We present fast and compact implementations of FourQ (ASIACRYPT 2015) on field-programmable gate arrays (FPGAs), and demonstrate, for the first time, the high efficiency of this new elliptic curve on reconfigurable hardware
Legislation, Policy, and Regulation
Singapore public servants' computers to have no Internet access from May next year (Straits Times) The move is aimed at plugging potential leaks from work e-mail and shared documents amid heightened security threats
India, US will sign pact to enhance cyberspace collaboration (First Post) Ushering in a new era of collaboration in the cybersphere, India and the US will sign a framework for the bilateral cyber relationship between the two countries within the next two months
Homeland Security Committee to weigh DHS cyber reorganization (The Hill) The House Homeland Security Committee on Wednesday will mark up legislation by Chairman Michael McCaul (R-Texas) to reorganize how the Department of Homeland Security (DHS) protects critical infrastructure from digital threats
White House opposes Pentagon CIO reorg in defense bill (FedScoop) The provision creating a new post, the assistant secretary of defense for information — who would be the CIO and top policy official for cyber — is one of more than a dozen in the bill OMB opposes
King Pushes for Bill Aimed at Preventing Power Grid Cyber Attack (Maine Public Broadcasting) Maine U.S. Sen. Angus King is co-sponsoring a bill that would seek a way to prevent the kind of cyber attack that blacked out part of Ukraine last December. King described the incident in a speech on the Senate floor
Senate Dem calls for cybersecurity 'militia' (Washington Examiner) A Democratic senator on Monday called for the creation of a cybersecurity "militia" that would help the U.S. shore up its cybersecurity posture, even if it means recruiting people who don't measure up to traditional military recruiting standards
Litigation, Investigation, and Law Enforcement
Akamai-oh-my: Network biz coughs up $650k over China bribes rap (Register) SEC settles case over alleged payoffs in Middle Kingdom
Snowden Claims 'Deceptive' NSA Still Has Proof He Tried to Raise Surveillance Concerns (VICE) On June 4, VICE News published more than 800 pages of declassified NSA documents that shed new light on the contentious issue of whether Edward Snowden raised concerns about the agency's surveillance programs while he still worked there. Since then, Snowden has alleged there's additional evidence that has not yet been made public
Report finds sweeping flaws with visa partners (The Hill) More than one-third of countries participating in a program allowing their citizens to enter the United States without visas are failing to live up to requirements for sharing information about suspected terrorists and criminals
F.B.I. Steps Up Use of Stings in ISIS Cases (New York Times) The F.B.I. has significantly increased its use of stings in terrorism cases, employing agents and informants to pose as jihadists, bomb makers, gun dealers or online “friends” in hundreds of investigations into Americans suspected of supporting the Islamic State, records and interviews show
FBI chief: Flirting with terrorism is a way to 'get yourself locked up' (Star Tribune) But chief James Comey said the agency still has hundreds of investigations underway
California man gets 12 years for attempting to join Islamic State (Washington Examiner) After attempting to join the Islamic State and providing the terrorist group with material support, a California man has been sentenced to 12 years in prison, in addition to 25 years of supervised release, according to reports
Justice Dept. granted limited immunity to staffer in Clinton email probe (Washington Post) Attorneys for a former State Department staffer who helped set up Hillary Clinton’s private email server said Tuesday that he was granted limited immunity by federal prosecutors in an ongoing Justice Department investigation and not shielded from prosecution in connection with other matters
FBI Reveals 'Additional Details' About Clinton Email Probe in Secret Declaration (VICE) The FBI is seeking permission to file a second, secret declaration in US District Court in Washington, DC describing its search for documents related to the bureau's probe of Hillary Clinton's use of a private email server during her tenure as secretary of state
FBI refuses to release emails about its Clinton email investigation (Washington Examiner) FBI officials refused to release a pair of emails between investigators and employees at the Department of State, telling a federal judge Monday evening that revealing any details about the correspondence could "compromise" its investigation
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
ISS World Europe (Prague, Czech Republic, Jun 7 - 9, 2016) ISS World Europe is the world's largest gathering of regional law enforcement, intelligence and homeland security analysts as well as telecom operators responsible for lawful interception, hi-tech electronic investigations and cyber intelligence gathering. ISS World programs present the methodologies and tools for law enforcement, public safety and government intelligence communities in the fight against drug trafficking, cyber money laundering, human trafficking, terrorism and other criminal activities conducted over today's telecommunications network and the internet.
Data Breach & Fraud Prevention Summit Asia (Mumbai, India, Jun 8, 2016) ISMG’s Data Breach & Fraud Prevention Summit Asia – Mumbai is a one-day event that will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach to looking at the data breach threat that impacts all industries. Whether you are forming opinions on how to view the recent global Apple Vs. FBI debate, want to learn more about the breach incidents, or just look forward to networking with your peers on cybersecurity challenges, we are confident you will gain tremendous insight throughout the event. CyberWire readers can use the discount promo code "CW20" when registering with dbfpmumbai@ismgcorp.com to receive 20% off the conference price.
New York State Cyber Security Conference (Albany, New York, USA, Jun 8 - 9, 2016) June 8-9 marks the 19th Annual New York State Cyber Security Conference and 11th Annual Symposium on Information Assurance (ASIA) and we invite you to join us for this nationally recognized event. The event takes place in Albany, New York and is cohosted by the New York State Office of Information Technology Services, the University at Albany's School of Business, and The New York State Forum, Inc. This conference offers something for everyone -- whether you're an end user, IT professional, government employee, or business owner.
LegalSEC Summit 2016 (Baltimore, Maryland, USA, Jun 9 - 10, 2016) Whatever your role in security, there’s something here for you! Hear from experts who will share their experiences related to information security, and develop takeaways to use in your organization. The target audience for ILTA’s LegalSEC Summit is legal technology professionals at every level and general counsel who touch legal security in their law firm or law department and want to learn more and connect with peers.
SecureWorld Portland (Portland, Oregon, USA, Jun 9, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
Cybersecurity and Financial Services: Understanding the Risks (San Diego, California, USA, Jun 9, 2016) Join San Diego's KCD PR for a conversation on a hot topic for every business operating in the Fintech and Financial Services space: Cybersecurity. The nature of cybersecurity breaches is continuously changing and requires companies to be relentlessly vigilant in not only preventing these attacks, but also in managing them and properly communicating with key stakeholders when they do occur. The webinar panel features renowned financial cybersecurity luminaries including FICO's Chief Analytics Officer; the SVP/GM of FIS, a member of the Fortune 500 and the world's largest global provider of banking and payments technologies; as well as the CIO of Advisor Group, home of one of the largest networks of independent broker-dealers in the US with nearly 6,000 affiliated advisors. Together, they'll discuss all sides of the cybersecurity issue and outline best practices to leverage when faced with these kinds of financial threats.
SIFMA Cyber Law Seminar (New York, New York, USA, Jun 9, 2016) During this full-day program attorneys and compliance professionals will gain insights and regulatory perspectives on cybersecurity law as well as strategies for how to take an active and valuable role in their firm’s cyber defense plan. Steve Bunnell, Department of Homeland Security, and Richard Jacobs, Federal Bureau of Investigation NY Branch, will provide keynote remarks.
Cleared Job Fair (Tysons Corner, Virginia, USA, Jun 9, 2016) ClearedJobs.net connects you with cleared facilities employers, including Federal Acquisition Strategies, Firebird Analytical Solutions & Technologies, Leidos, PAE, TRIAEM, Commonwealth Computer Research, Inc., Syntera and more. Receive free professional resume reviews during the job fair, as well as the latest informaiton on security clearance reinvestigations. Positions employers are seeking to fill include jobs in cyber security, intel, information security, help desk personnel, network operations engineers, systems engineers, software development and engineering, program and project management, system administration, database administration, financial management, and many other trades. For professionals with an active or current security clearance only.
SANSFIRE 2016 (Washington, DC, USA , Jun 11 - 18, 2016) For more than 10 years, the Internet Storm Center has been providing free analysis and warning to our community. SANSFIRE 2016 is our annual "ISC Powered" event. Evening talks tap into the expertise behind our daily postings, podcasts, and data collection efforts focusing on current trends and actual relevant threats. The strength of the Internet Storm Center is its group of handlers, who are cyber security practitioners tasked with securing real networks just like you. This is your chance to meet some of them in person.
4th International Conference on Cybercrime and Computer Forensics (ICCCF) (Vancouver, British Columbia, Canada, Jun 12 - 14, 2016) For the past four years, APATAS has organized the International Cybercrime and Computer Forensics conference at various locations throughout Asia. In 2016, our 4th annual ICCCF is moving for the first time to Simon Fraser University’s Harbour Centre campus and Centre for Dialogue at downtown Vancouver, Canada. North America has been a pioneer in cybercrime research, policy and practice since the mid-1980s. As expected, we have witnessed increasing technological developments in both personal computing and in smart-phone and wireless devices that have had an impact on how technology-enabled crimes have been committed in the Asia Pacific region and beyond. One of the key approaches to understanding such crime is through research and incorporating the outcome of research into policy and practice. The 4th Annual ICCCF 2016 Vancouver, BC, Canada therefore focuses its discussion on ‘Cybercrime: Linking Research, Policy, and Practice.’
Show Me Con (St. Charles, Missouri, USA, Jun 13 - 14, 2016) SHOWMECON. The name says it all. Known as the Show Me State, Missouri is home to St. Louis-based ethical hacking firm, Parameter Security, and security training company, Hacker University. Together, they are bringing you a one-of-a-kind event that will Show You the State of security from a unique perspective — the hacker?s viewpoint
CISO DC (Washington, DC, USA, Jun 14, 2016) Tactics and best practices for taking on enterprise IT security threats. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more.
Cyber Security Opportunities in Turkey Webinar (Online, Jun 14, 2016) As in other countries, Turkey is a target of high profile attacks in the public and private sectors. Instability from neighboring countries increases their risk. Since 2014 Turkey is working on a cyber security plan which includes not only government but private sector and NGOs as well. Per Cisco's 2014 Security Report, attacks occur in ICS-SCADA, web servers and malwares-6% respectively, applications-31%, infrastructure-18%, and end-users-9%.Topics include: industry drivers, trends, and key players. Open Q&A session at the conclusion of presentations. Confirmed speakers: Alper Cem Yilmaz, Founder, and Jade Y. Simsek, Mrktg Specialist, CrypTech. Learn about the Cyber Security Market in Turkey with the objective of finding sales opportunities. Turkey's Transportation, Maritime Affairs and Communications Ministry formed SOME (Cyber Incident Response Teams)for protection of cyber attacks.
The Security Culture Conference 2016 (Oslo, Norway, Jun 14 - 15, 2016) The Security Culture Conference 2016 is the leading, global conference discussing how to build, measure and maintain security culture in organizations. The conference is a part of the Security Culture Framework Community, and draws professionals from around the world to meet, share and learn about security culture.
TECHEXPO Top Secret Hiring Event (Baltimore, Maryland, USA, Jun 15, 2016) Security-cleared professionals are invited to interview for new career opportunities on Wednesday, June 15 at the BWI Marriott in Baltimore, MD. Hot job opportunities are available in Cyber Security, Intelligence, Defense and IT. Hiring managers will be onsite to fill open positions from companies including BAE Systems, CACI, Deloitte, CGI, Prosync, OnyxPoint, ShoreIT Solutions, Varen Technologies and many more.
2016 CyberWeek (Tel Aviv, Israel, Jun 19 - 23, 2016) The conference, held jointly by the Blavatnik Interdisciplinary Cyber Research Center (ICRC), the Yuval Ne'eman Workshop for Science, Technology and Security, the Israeli National Cyber Bureau, Prime Minister's Office and Tel Aviv University, in collaboration with the Ministry of Foreign Affairs, will bring together high level international cyber experts, policy-makers, academia and researchers, security officials and foreign diplomats, attracting many participants from around the world for an exchange of knowledge, methods and ideas evolving field of cyber.
National Insider Threat Special Interest Group - South FL Chapter Kickoff Meeting (Palm Beach, Florida, USA, Jun 21, 2016) The National Insider Threat Special Interest Group (NITSIG) is excited to announce the establishment of a South Florida Chapter. Presentations and discussions will be provided by Insider Threat Defense, Inc. and the FBI. The meeting will focus on: how to recognize potential insider threat problems, employee behavioral indicators of concern, and strategies for insider threat risk mitigation.
Cyber Security for Critical Assets LATAM (Rio de Janeiro, Brazil, Jun 21 - 22, 2016) Cyber-attacks on critical infrastructure have become an increasing threat for Latin American governments and companies within the oil and gas, chemical and energy sectors. Although the attack frequency is increasing, companies are still reluctant to develop strategies to fight them. As cyber-attacks grow in sophistication, frequency and intensity, these companies are increasingly becoming high profile targets. The Cyber Security for Critical Assets LATAM Summit aims to bring together the key players involved in Cyber Security and defending critical infrastructure against the ever growing threat of attacks. The conference will connect process control and corporate IT senior level professionals, allowing them to discuss challenges, share experiences and investigate best practice guidelines. This in turn will lead to the building of robust policies and standards that will protect the future of LATAM’s critical assets.
Cyber 7.0 (Laurel, Maryland, USA, Jun 22, 2016) Cyber 7.0 delves into the cyber threat to the nation’s critical infrastructure—transportation, health care, utilities, and energy, to name a few. How can government and industry work together to battle the threats to personal and public safety? For the seventh year, regional cyber experts, small entrepreneurs, large businesses, and government organizations come together to discuss, connect, and strategize. Be a part of the solution. Sponsor, exhibit, attend.
Security of Things World (Berlin, Germany, Jun 27 - 28, 2016) Security. Privacy. Connected Devices. Exploring Security and the Internet of Things. A world class event focused on the next information security revolution. Be part of Security of Things World in June in Berlin to tailor your proposition to respond to the security concerns that preoccupy enterprise customers today and find pragmatic solutions to the most common security threats.
SANS Salt Lake City 2016 (Salt Lake City, Utah, USA , Jun 27 - Jul 2, 2016) We are pleased to invite you to SANS Salt Lake City 2016, June 27-July 2. Are you ready to immerse yourself in the most intense cyber training experience available anywhere? Do you need to become a more effective leader when implementing security improvements for your organization? Do you need a more in-depth knowledge of the theory and implementation of computer security, hacker tools and incident handling, advanced digital forensics, defending web apps, or ISC/SCADA? This new event has been planned to meet your needs. Start making your plans now to attend SANS Salt Lake City 2016!
DC / Metro Cyber Security Summit (Washington, DC, USA, Jun 30, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. This educational and informational forum will focus on educating attendees on how to best protect highly vulnerable business applications and critical infrastructure. Attendees will have the opportunity to meet the nation’s leading solution providers and discover the latest products and services for enterprise cyber defense.
TECHEXPO Cyber Security Hiring Event (Tysons Corner, Virgina, USA, Jun 30, 2016) Cyber security professionals are invited to interview face-to-face with employers including The CIA, Deloitte, Intel Security, Northrop Grumman, Lockheed Martin, Deloitte, Vencore and many more. Hundreds of career opportunities are available in cyber security that need to be filled immediately. Bring copies of your resume with you and interview in person, representing yourself better than any online application ever could.