ISIS online inspiration in Orlando. North Korean hacking campaign. Developments in criminal and legitimate cyber markets.
Investigation into the Orlando massacre continues, and the expected online spoor of jihadist radicalization surfaces. The inspiration ISIS provides online obviates most need for traditional command-and-control, and its success depends not at all on conventional post-modern promises of comfort, the good life, etc. The message is death, the promise transcendence.
Unusually repellent scammers have already opened false donation sites asking for Bitcoin on behalf of victims. Give warily and selectively.
A Kurdish hacktivist has (arguably unhelpfully) defaced Dell subdomains in Europe with messages denouncing the Turkish Republic and the Islamic State.
The North Korean hack of South Korean enterprises seems to have been a mixture of espionage and document destruction. Concerns that this was battlespace preparation for a wider, more serious attack, persist.
The Molerats Palestinian hacktivists, were discovered and identified when security firm ClearSky found that one of the Molerats malware developers had neglected to erase the properties of a Word document.
Developments in the cyber criminal market include an uptick in mobile app collusion (manipulation of several apps in an attack on smartphone users), new capabilities and targets for the Vawtrak banking Trojan, the apparent (and unexplained) fall from criminal favor of the Angler exploit kit (business has shifted to Neutrino), and a bear market in Windows zero-days.
Samsung fixes a takeover issue in its PCs.
Microsoft will patch later today.
Symantec’s acquisition of Blue Coat prompts M&A speculation about CyberArk, Check Point, FireEye, Imperva, and Proofpoint. ManTech is acquiring the computer network operations practice of Oceans Edge.
Notes.
Today's issue includes events affecting China, France, India, Iraq, Ireland, Israel, Democratic Peoples Republic of Korea, Republic of Korea, Kosovo, Netherlands, Palestinian Territories, Syria, Tunisia, Turkey, United Kingdom, and United States.
Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day. Today, Ben Yelin from the University of Maryland's Center for Health and Homeland Security discusses a recent ruling limiting the FBI’s ability to use hacking to gather evidence. And our guest, Zscaler's Deepen Desai gives us some insight into malicious Microsoft macros. (If you feel so inclined, please give us an iTunes review.)
Cyber Attacks, Threats, and Vulnerabilities
South Korea Says North Korea Hacked its Computers and Deleted Over 42,000 Documents (Inquisitr) South Korean police on Monday confirmed that North Korea has hacked into several of its computer networks
North Korean hackers stole wing designs for U.S. fighter jet, says Seoul (MarketWatch) Leaked design wasn’t sensitive, according to South Korean authorities
North Korea Allegedly Carries out Cyber-Attack Against South (TeleSur) South Korea allege that the cyber-attack could be an effort by its enemy, the DPRK, to lay the ground for a large-scale cyber attack
How the Cover Was Blown on Palestinian Hackers Spying Against Israel (Haaretz) Israeli cybersecurity company traced Gazan malware designer after he forgot to erase the properties on a Word document
Scammers have already started trying to exploit Orlando shooting for bitcoins (Ars Technica) Fake Twitter account for Pulse nightclub asks for "contributions" through scam site
The dynamics of mobile app collusion and malicious activities (Help Net Security) Mobile app collusion happens when cybercriminals manipulate two or more apps to orchestrate attacks on smartphone owners. McAfee Labs has observed such behavior across more than 5,000 versions of 21 apps designed to provide useful user services such as mobile video streaming, health monitoring, and travel planninging, and travel planning
Vawtrak banking Trojan shifts to new targets (Help Net Security) The Vawtrak banking Trojan (aka Snifula) is slowly but surely becoming a serious threat. With version 2, the malware has acquired the capability to target even more users, a modular architecture, and better obfuscation
The buyers aren't biting: Windows zero-day flaw price slashed (ZDNet) It looks like a willing buyer for the zero-day vulnerability is yet to come forward
Windows zero day devalued as supply and demand takes hold, experts speculate (SC Magazine) Market forces are beginning to have an effect on zero days, evidenced by a new drop in the price of a significant zero-day
Twitter Says Its Servers Were Not Breached (Dark Reading) Account details leaked are from other hacked websites, claims the social media tool
Tell us, evil phisherfolk: What's wrong with Angler Exploit Kit? (Register) It's just been upgraded and everything
Self-Service Password Reset & Social Engineering: A Match Made In Hell (Dark Reading) A sad tale of how hackers compromised a CEO's corporate account by trolling Facebook and LInkedin for answers to six common authentication questions. (And how to avoid that happening to you)
Phishing, Facebook, And The Enterprise: The Love Triangle That Hurts Us Most (Cyberint) The phishing phenomenon is a recurring, almost daily, mention in major publications -- (BBC, Engadget Business Wire, the list goes on…) “even my dad knows what it is”, writes Palo Alto blog’s Kate Taylor
Dell France, Ireland, Netherlands and UK Subdomains Hacked (HackRead) The Kurdish defacer is known for defacing high-profile website with messages against the so-called Islamic State and the Republic of Turkey
Greenwich University target of revenge hack; results in huge data breach (HackRead) Brief: Greenwich University has suffered a massive data breach in what looks like a revenge hack — the unknown hacker stole entire database and leaked it on the dark web
Wendy’s Credit Card Breach Worse Than Earlier Thought (Dark Reading) Breach took place in two waves, cannot rule out there aren't others, says the fast food chain
ATM Insert Skimmers In Action (KrebsOnSecurity) KrebsOnSecurity has featured several recent posts on “insert skimmers,” ATM skimming devices made to fit snugly and invisibly inside a cash machine’s card acceptance slot. I’m revisiting the subject again because I’ve recently acquired how-to videos produced by two different insert skimmer peddlers, and these silent movies show a great deal more than words can tell about how insert skimmers do their dirty work
Cytegic Special Intelligence Update: UEFA Euro 2016 Cyber Threat Landscape (Cytegic) The following report represents the most interesting and active cyber-trends that DyTA analyzed in advance of the UEFA Euro 2016 tournament in France, which starts June 10th and runs through July 10th. As part of our research, we have analyzed key trends around similar major sporting events over the past 12-18 months that display consistent, repeatable trends and patterns
Security Patches, Mitigations, and Software Updates
Update your buggy Samsung PC bloatware to plug privilege bug (Register) Malicious DLL can lead to pwnage
Samsung Fixes Another Device Takeover Issue in Its Driver Update Tool (Softpedia) Samsung engineers patch their bloatware once again
Marketplace
Boards ready to fire over bad security reporting (CSO) A lack of communication could lead to job loss
3 Tips for Improving Communications with Top Management (Dark Reading) Here are some steps security managers can take to deliver the information the executive suite needs to make better decisions on cyber security
12 Tips for Securing Cyber Insurance Coverage (Dark Reading) As cyber insurance grows more available and popular it is also becoming increasingly complex and confusing. Our slideshow offers guidelines on how to get insurance, get decent coverage, and avoid limitations in coverage
Symantec To Buy Blue Coat; Are CyberArk, Imperva, Proofpoint Next? (Investor's Business Daily) No. 3 cybersecurity firm Symantec (SYMC) could overtake rivals Check Point Software Technology (CHKP) and Palo Alto Networks (PANW) in terms of market cap, thanks to its $4.65 billion plan to acquire privately held Blue Coat Systems, a cloud security firm
FireEye Inc (FEYE) grows cautious as Symantec Corporation acquires Blue Coat (Country Caller) FireEye Inc was unsuccessful in merging with Symantec Corporation upon growth concerns, earlier this year
The Most Disapointing Thing About FireEye Inc's New CEO (Motley Fool) The rapidly growing cybersecurity firm is about to make a major change in management. Here's why that's disappointing for some investors
ManTech Buys Cyber Network Operations Practice Of Oceans Edge (CRN) U.S. government powerhouse ManTech has purchased a vulnerability research, development and analysis capabilities business unit to bolster its cyberintelligence practice
Will This Company Ever Buy CyberArk Software? (Motley Fool) Should Check Point consider buying CyberArk before the stock rebounds?
UAE- EFS Facilities Services acquires SecurePlus (Khaleej Times) EFS Facilities Services, a regional leader in delivering integrated facilities management services across the Middle East, Africa, South Asia and Turkey, announced on Sunday the acquisition of SecurePlus, a UAE-based security services provider established in 2005
Recorded Future aligns with other threat intelligence vendors (Network World) The goal is faster, smarter incident responses
AI-based cybersecurity startup reaches $1B valuation (CIO Dive) Cylance announced it successfully raised $100 million in Series D funding. The latest round places Cylance in the 'unicorn' club of young companies with $1 billion valuations. The company’s CylancePROTECT product uses artificial intelligence to predict how cybercriminals can attack networks
Can SourceForge win developers’ trust back? (Help Net Security) SourceForge is under new ownership and management (again!), and their plan is to return the service to its former glory
From Hacking into NASA to having his own TV Show, the Journey of Walter O’Brien (HackRead) Walter O’Brien is a well-known name in the world of computer and cyber security. Although he is famous today as the founder and CEO of Scorpion Computer Services and the executive producer of the hit CBS show Scorpion, Walter was well-known far before that
Farsight Security Wins 2016 Red Herring Top 100 North America Award (Marketwired) Farsight Security announced today that it has been selected as a 2016 Red Herring Top 100 North America Winner. This important industry award honors the year's leading private companies in the United States and Canada
Wombat Security Selected as a 2016 Red Herring Top 100 North America Winner (Marketwired) Wombat Security Technologies ("Wombat"), the leading provider of SaaS-based cyber security awareness and training solutions, today announced that it has been selected as a winner of Red Herring's Top 100 North America award, a prestigious list recognizing the leading private companies from the North American business region that celebrates startups' innovations and technologies across their respective industries
Salesforce.com Appoints Trey Ford As Security Head (CXOtoday News Desk) Computer hacking expert, Trey Ford will be joining Salesforce.com as head of trust starting Monday. He will be a part of the company’s Heroku unit and will address its cyber security and reliability related requirements
Thycotic Strengthens Executive Team with Addition of Recognized Chief Financial Officer and Executive Director of Federal Sales (PRNewswire) Hiring of Kathy Moore and A.J. Narula continues momentum as fastest growing privileged account security company
Products, Services, and Solutions
Tenable Network Security Unveils New Solution for Measuring Security Assurance at Gartner Security & Risk Management Summit 2016 (BusinessWire) Tenable gives CISOs the right tools to continuously measure security program effectiveness, identify gaps and take decisive action against cyber threats in mobile, cloud or on-premises environments
Recorded Future Announces Breakthrough in All-Source Analysis at Gartner Security & Risk Management Summit 2016 (PR Newswire) Security teams analyze threats with speed and confidence by combining real-time threat intelligence from Recorded Future, Palo Alto Networks, Resilient, and FireEye
Ixia Transforms Development Lifecycle for Software Developers (Ixia) New Ixia Developer solution reduces development risks and costs; speeds time to deployment
VMWare Beefs Up Security, Workspace ONE, Acquires Arkin (Marketwired via Channel Partners) VMware, Inc. (NYSE: VMW), a global leader in cloud infrastructure and business mobility, today announced five leading cloud access security broker (CASB) leaders have joined the Mobile Security Alliance. The addition of Blue Coat Systems, Inc., CloudLock, Netskope, Palo Alto Networks and Skyhigh Networks adds to the growing support from security industry leaders for the VMware AirWatch® Enterprise Mobility Management™ (EMM) platform to collaboratively solve the challenge of mobile and cloud security
Qualys Announces Security Assessment Questionnaire Service (SAQ) Release 2.0 (Qualys) Cloud-based solution orchestrates IT audits with automated validation to dramatically simplify third-party and vendor risk assessment
Qualys Extends its Cloud-based Security and Compliance Platform to Support Microsoft Azure (Qualys) New Azure-certified virtual scanner appliance allows organizations to assess their Azure cloud security and compliance posture from their Qualys console
Background check company reads your private Facebook data to profile you (Naked Security) Background checks and credit reports are routine when applying for a job or an apartment
SecureWorks Counter Threat Platform Brings New Security Layer to Customer Workloads on AWS with Expanded Monitoring Capabilities (BusinessWire) Organizations can add security bolstered by threat intelligence as they pursue the potential of cloud computing and hybrid IT
MobileIron Provides Mobile Security for Munich Airport (PRNewswire) Mobile enterprise security leader MobileIron (NASDAQ: MOBL) ensures that Munich Airport employees can safely use the organization's growing number of applications on their mobile devices. The focus of the mobile initiative is securely mobilizing intranet and SAP processes
Machine learning could help companies react faster to ransomware (IDG via CSO) Exabeam uses machine learning, behavior analytics to help companies contain ransomware infections
Technologies, Techniques, and Standards
Panel Reaches Preliminary Agreement on Airliner Cybersecurity Standards (Wall Street Journal) Proposals include cockpit alerts in event that critical safety systems are hacked
LockPath Joins American National Standards Institute to Provide ISO Content (Marketwired via Quotenet) LockPath, a leader in governance, risk management and compliance (GRC) solutions, today announced its membership in the American National Standards Institute (ANSI), the official U.S. representative to the International Organization for Standardization (ISO)
PCI DSS 3.2: The evolution continues (CSO) The security standard for the payment card industry remains controversial, but even critics have welcomed some of the new requirements – especially expanded multi-factor authentication
How to make security analytics work for your organization (CSO) Find out how to best configure security analytics so they drive meaningful and actionable insights for your organization.
5 Ways to Defuse Data Threat from Departing Employees (eSecurity Planet) Departing employees who take sensitive data with them present a huge security threat. Protection begins with data discovery and classification
Design and Innovation
Patterns Of Attack Offer Exponentially More Insight Than ‘Indicators’ (Carbon Black in Dark Reading) In the cyberworld, patterns of attack provide investigators with context and the precise sequence of events as a cybercrime unfolds
Research and Development
The NSA Wants To Spy On Thermostats, Refrigerators, and Pacemakers (Popular Mechanics) Security cameras, thermostats, and even pacemaker data may be used by the security agency
Academia
Cybersecurity Boot Camp Highlights Workforce Development in Illinois & Nationwide (US Cyber Challenge) Nation’s elite cybersecurity talent participate in US Cyber Challenge program at Moraine Valley Community College
The Citadel receives recognition from National Security Agency (Palmetto Business Daily) The National Security Agency (NSA) and Department of Homeland Security (DHS) recently honored South Carolina's The Citadel as a National Center of Academic Excellence in Cyber Defense Education (CAE-CDE)
Legislation, Policy, and Regulation
China, US Hold Talks to Bridge Cybersecurity Differences (AP via ABC News) Chinese and American officials said Tuesday they're committed to bridging their differences on cybersecurity and moving to implement recent agreements, as they held talks amid complaints over China-based hacking operations that the U.S. says may have already cost U.S. companies tens of billions of dollar
House Homeland Security Committee Approves Slew of Cybersecurity Proposals; Moves for the Creation of New Cybersecurity Agency (Cyber Security Caucus) The U.S. House of Representatives Homeland Security Committee approved four cyber-security related bills on Wednesday, including one which could create a new federal cybersecurity agency. Most significantly, the Committee unanimously approved H.R. 5390 – a bill which aims to transform the Department of Homeland Security (DHS) National Protection and Programs Directorate (NPPD) into a full-blown operational agency. The proposed Cybersecurity and Infrastructure Protection Agency would “realign and streamline” federal cybersecurity initiatives, and implement the Cybersecurity Information Sharing Act (CISA), which passed in December
Whistleblowers in defense deserve better, say lawmakers (McClatchyDC) A bipartisan group of lawmakers is urging a government watchdog to tackle what it describes as “persistent, systemic” problems with the handling of defense and intelligence whistleblowers
Presidential Candidates Told to Prioritize Internet Freedom (Motherboard) A coalition of leading public interest and civil rights groups on Monday released an internet policy platform designed to pressure the 2016 presidential candidates into prioritizing online free speech, access, privacy, and openness
Litigation, Investigation, and Law Enforcement
Mounting ISIS Battlefield Losses May Spur More 'Lone Wolf' Attacks: US (Military.com) President Barack Obama echoed Monday the U.S. military and State Department warnings that mounting battlefield losses for ISIS could lead to "distraction" terror attacks like the mass shooting that occurred in Orlando over the weekend
Are There Any More ‘Lone Wolves’ in the Age of the Islamic State? (Foreign Policy) The gunman who slaughtered innocents in Orlando didn’t need any specific orders from Islamic State commanders. The group’s hateful ideology was enough
Islamic State shows it can still inspire violence as it emphasizes attacks abroad (Washington Post) In its early expansion phase, the Islamic State called on Muslims across the world to join its ranks in Syria, urging not only fighters but also doctors and engineers to take part in what it billed as the historic restoration of the caliphate
FBI Director Says Orlando Massacre Gunman Had 'Strong indications of Radicalization' (VICE News) FBI Director James B. Comey said Monday there are "strong indications of radicalization" of the gunman in Sunday's massacre of 49 people at a gay club in Orlando due "at least, in some part, by the internet"
A Mass Shooter 'Pledges Allegiance' To ISIS. What Does This Mean? (NPR) The Orlando nightclub killings mark the third time in just over a year an attacker has claimed allegiance to the Islamic State, a group that has aggressively advocated for such lone wolf attacks
How Did the FBI Miss Omar Mateen? (Foreign Policy) Law enforcement did all it could, but post-9/11 restrictions on “probable cause” limit the FBI’s ability to investigate would-be terrorists
In Orlando, as in Fort Hood, FBI might have missed signs (Austin American Statesman) As they did eight years earlier in the Fort Hood shootings, federal investigators looking into Orlando, Fla., nightclub shooter Omar Mateen cleared a terrorism suspect who went on to commit mass murder
Orlando gunman who pledged loyalty to ISIS was ‘homegrown’ extremist radicalized online, Obama says (Washington Post) President Obama said the gunman who opened fire in a nightclub here Sunday appeared to be motivated by extremist propaganda online, while saying that investigators delving into the attacker’s background have not found anything linking him with radical groups
Was Orlando Shooter Omar Mateen Inspired by This Bank-Robbing Ex-Marine? (Daily Beast) He was the Blind Sheikh’s personal bodyguard, son of prominent Brooklyn citizens, from a strong military family. Authorities say he also radicalized and inspired men like Omar Mateen
Omar Mateen may not have understood the difference between ISIS, al-Qaeda and Hezbollah (Wahington Post) In the early hours of Sunday morning, Omar Mateen killed at least 49 people during an attack on the popular gay nightclub Pulse in Orlando. During the attack, Mateen placed a 911 call and told the operator that his actions were motivated by his hardcore Islamist beliefs. However, Mateen's comments about Islam suggested that while his viewpoints were no doubt extreme, they were also confused, perhaps even incoherent
Orlando Shooting Revives a Fight Over 'Islamic' Label (ABC News) As news of the nightclub shooting in Orlando spread, Donald Trump revived the debate over what to call acts of violence by people inspired or directed by extremist groups like the Islamic State
The Psychology Of Modern Terrorism: What Drives Radicalization At Home (NPR) What draws people to terrorism? What propels them to commit mass murder? We asked these questions back in December after a self-radicalized couple shot and killed 14 people and wounded 22 others in San Bernadino, California. This past weekend, the carnage continued
Why Jihadists Fight (Foreign Policy) Tunisia is supposed to be the success story of the Arab Spring — so why are so many of its young men flocking to the Islamic State?
Guilty plea set in Islamic State hack of US military info (AP) A Kosovo citizen is scheduled to enter a guilty plea on charges that he hacked computers to expose U.S. service members' personal data on behalf of the Islamic State group
Yes Hillary, the FBI’s Investigation Is Criminal (Observer) Persuading a compliant media to rebrand an investigation as an inquiry doesn't lessen its threat to her ambitions
A Texas Jury’s Guilty Verdict Should Worry IT Admins (Wired) If you're a systems administrator working in the United States, a recent decision from 12 Texan jurors should give you a moment of pause before you next hit the delete key
Identity thief who said he was too smart to catch gets caught (Naked Security) Tony Michael Canterberry, a 32-year-old Alabama man who declined to meet with police as they investigated two cases of identity theft because he claimed to be too smart to be captured, has been captured
Soon, Maharashtra govt will roll out mobile cyber vans to curb crime (DNA India) The mobile cyber vans will have policemen trained as computer forensic examiners for efficient collection of data
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
cybergamut Technical Tuesday: SS7, SWIFT, and Checking: Closed Network Evolution and Exploitation (Elkridge, Maryland, Calverton, Jun 21, 2016) A recent 60 Minutes article on extracting mobile phone information from the SS7 telephone carrier signaling network crystalized some thoughts I’ve had for a while on the evolution of closed networks over time and the security implications of opening closed networks. This talk examines that issue using three case studies: the SS7 demonstration, the recent theft of $81 million dollars from the New York Central Reserve Bank belonging to the Central Bank of Bangladesh using the SWIFT network, and the enormous but generally unremarked shift about 10 years ago from the paper check to digitized check information as a negotiable instrument for moving money between bank accounts. All three involve complex networks with both “real world” and digital network dimensions, and illustrate how authentication and trust design decisions (explicit or implicit) made when a network is first created can lead to exploitation opportunities as that network and the way it’s used evolves over time. Jeff Kuhn of Amches, Inc. will present the topic.
Nominations are now open: National Cyber Security Hall of Fame (Baltimore, Maryland, USA (nominations submitted online), Jul 20, 2016) The Cyber Security Hall of Fame "Respect the Past - Protect the Future" accepts nominations from companies and organizations that are engaged in, and committed to, the growth of the cyber security industry. Each of the nominators can submit nominations in the following categories or combination of categories: Technology, Policy, Public Awareness, Education, and Business.
Upcoming Events
SANSFIRE 2016 (Washington, DC, USA , Jun 11 - 18, 2016) For more than 10 years, the Internet Storm Center has been providing free analysis and warning to our community. SANSFIRE 2016 is our annual "ISC Powered" event. Evening talks tap into the expertise behind our daily postings, podcasts, and data collection efforts focusing on current trends and actual relevant threats. The strength of the Internet Storm Center is its group of handlers, who are cyber security practitioners tasked with securing real networks just like you. This is your chance to meet some of them in person.
4th International Conference on Cybercrime and Computer Forensics (ICCCF) (Vancouver, British Columbia, Canada, Jun 12 - 14, 2016) For the past four years, APATAS has organized the International Cybercrime and Computer Forensics conference at various locations throughout Asia. In 2016, our 4th annual ICCCF is moving for the first time to Simon Fraser University’s Harbour Centre campus and Centre for Dialogue at downtown Vancouver, Canada. North America has been a pioneer in cybercrime research, policy and practice since the mid-1980s. As expected, we have witnessed increasing technological developments in both personal computing and in smart-phone and wireless devices that have had an impact on how technology-enabled crimes have been committed in the Asia Pacific region and beyond. One of the key approaches to understanding such crime is through research and incorporating the outcome of research into policy and practice. The 4th Annual ICCCF 2016 Vancouver, BC, Canada therefore focuses its discussion on ‘Cybercrime: Linking Research, Policy, and Practice.’
Show Me Con (St. Charles, Missouri, USA, Jun 13 - 14, 2016) SHOWMECON. The name says it all. Known as the Show Me State, Missouri is home to St. Louis-based ethical hacking firm, Parameter Security, and security training company, Hacker University. Together, they are bringing you a one-of-a-kind event that will Show You the State of security from a unique perspective — the hacker?s viewpoint
CISO DC (Washington, DC, USA, Jun 14, 2016) Tactics and best practices for taking on enterprise IT security threats. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more.
Cyber Security Opportunities in Turkey Webinar (Online, Jun 14, 2016) As in other countries, Turkey is a target of high profile attacks in the public and private sectors. Instability from neighboring countries increases their risk. Since 2014 Turkey is working on a cyber security plan which includes not only government but private sector and NGOs as well. Per Cisco's 2014 Security Report, attacks occur in ICS-SCADA, web servers and malwares-6% respectively, applications-31%, infrastructure-18%, and end-users-9%.Topics include: industry drivers, trends, and key players. Open Q&A session at the conclusion of presentations. Confirmed speakers: Alper Cem Yilmaz, Founder, and Jade Y. Simsek, Mrktg Specialist, CrypTech. Learn about the Cyber Security Market in Turkey with the objective of finding sales opportunities. Turkey's Transportation, Maritime Affairs and Communications Ministry formed SOME (Cyber Incident Response Teams)for protection of cyber attacks.
The Security Culture Conference 2016 (Oslo, Norway, Jun 14 - 15, 2016) The Security Culture Conference 2016 is the leading, global conference discussing how to build, measure and maintain security culture in organizations. The conference is a part of the Security Culture Framework Community, and draws professionals from around the world to meet, share and learn about security culture.
TECHEXPO Top Secret Hiring Event (Baltimore, Maryland, USA, Jun 15, 2016) Security-cleared professionals are invited to interview for new career opportunities on Wednesday, June 15 at the BWI Marriott in Baltimore, MD. Hot job opportunities are available in Cyber Security, Intelligence, Defense and IT. Hiring managers will be onsite to fill open positions from companies including BAE Systems, CACI, Deloitte, CGI, Prosync, OnyxPoint, ShoreIT Solutions, Varen Technologies and many more.
2016 CyberWeek (Tel Aviv, Israel, Jun 19 - 23, 2016) The conference, held jointly by the Blavatnik Interdisciplinary Cyber Research Center (ICRC), the Yuval Ne'eman Workshop for Science, Technology and Security, the Israeli National Cyber Bureau, Prime Minister's Office and Tel Aviv University, in collaboration with the Ministry of Foreign Affairs, will bring together high level international cyber experts, policy-makers, academia and researchers, security officials and foreign diplomats, attracting many participants from around the world for an exchange of knowledge, methods and ideas evolving field of cyber.
National Insider Threat Special Interest Group - South FL Chapter Kickoff Meeting (Palm Beach, Florida, USA, Jun 21, 2016) The National Insider Threat Special Interest Group (NITSIG) is excited to announce the establishment of a South Florida Chapter. Presentations and discussions will be provided by Insider Threat Defense, Inc. and the FBI. The meeting will focus on: how to recognize potential insider threat problems, employee behavioral indicators of concern, and strategies for insider threat risk mitigation.
Cyber Security for Critical Assets LATAM (Rio de Janeiro, Brazil, Jun 21 - 22, 2016) Cyber-attacks on critical infrastructure have become an increasing threat for Latin American governments and companies within the oil and gas, chemical and energy sectors. Although the attack frequency is increasing, companies are still reluctant to develop strategies to fight them. As cyber-attacks grow in sophistication, frequency and intensity, these companies are increasingly becoming high profile targets. The Cyber Security for Critical Assets LATAM Summit aims to bring together the key players involved in Cyber Security and defending critical infrastructure against the ever growing threat of attacks. The conference will connect process control and corporate IT senior level professionals, allowing them to discuss challenges, share experiences and investigate best practice guidelines. This in turn will lead to the building of robust policies and standards that will protect the future of LATAM’s critical assets.
Cyber 7.0 (Laurel, Maryland, USA, Jun 22, 2016) Cyber 7.0 delves into the cyber threat to the nation’s critical infrastructure—transportation, health care, utilities, and energy, to name a few. How can government and industry work together to battle the threats to personal and public safety? For the seventh year, regional cyber experts, small entrepreneurs, large businesses, and government organizations come together to discuss, connect, and strategize. Be a part of the solution. Sponsor, exhibit, attend.
Security of Things World (Berlin, Germany, Jun 27 - 28, 2016) Security. Privacy. Connected Devices. Exploring Security and the Internet of Things. A world class event focused on the next information security revolution. Be part of Security of Things World in June in Berlin to tailor your proposition to respond to the security concerns that preoccupy enterprise customers today and find pragmatic solutions to the most common security threats.
SANS Salt Lake City 2016 (Salt Lake City, Utah, USA , Jun 27 - Jul 2, 2016) We are pleased to invite you to SANS Salt Lake City 2016, June 27-July 2. Are you ready to immerse yourself in the most intense cyber training experience available anywhere? Do you need to become a more effective leader when implementing security improvements for your organization? Do you need a more in-depth knowledge of the theory and implementation of computer security, hacker tools and incident handling, advanced digital forensics, defending web apps, or ISC/SCADA? This new event has been planned to meet your needs. Start making your plans now to attend SANS Salt Lake City 2016!
DC / Metro Cyber Security Summit (Washington, DC, USA, Jun 30, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. This educational and informational forum will focus on educating attendees on how to best protect highly vulnerable business applications and critical infrastructure. Attendees will have the opportunity to meet the nation’s leading solution providers and discover the latest products and services for enterprise cyber defense.
TECHEXPO Cyber Security Hiring Event (Tysons Corner, Virgina, USA, Jun 30, 2016) Cyber security professionals are invited to interview face-to-face with employers including The CIA, Deloitte, Intel Security, Northrop Grumman, Lockheed Martin, Deloitte, Vencore and many more. Hundreds of career opportunities are available in cyber security that need to be filled immediately. Bring copies of your resume with you and interview in person, representing yourself better than any online application ever could.