Blockchain platform attacked, working toward recovery. Dridex in SWIFT-related bank fraud? Guccifer 2.0 remains elusive; Wikileaks says more DNC documents are coming.
The DAO (Decentralised Anonymous Organisation) fund has been attacked, and public blockchain platform Ethereum has lost some $50 million in cryptocurrency. Funds stolen can’t be used for almost a month, and an attempted rollback will serve as a test case for blockchains’ self-healing abilities.
While most speculation about the Bangladesh Bank hack and other SWIFT-linked fraud have centered on North Korean Lazarus Group code found in the affected systems, the presence of Dridex leads others to suspect Russian gang involvement.
Guccifer 2.0 released Democratic Party donor lists late last week, and also emails purporting to show longstanding DNC preference for the party’s presumptive nominee. None of this is surprising. But Guccifer 2.0 insists he’s (she’s? they’re?) not the Russian government. There are clues in leaked material pointing to Russian speakers, but that needn’t mean the Russian government. There’s inevitable speculation that Guccifer 2.0 is a false flag for Russian intelligence services, and CrowdStrike has been standing by its attribution. Wikileaks says it’s received more compromised DNC documents.
Malwarebytes reviews the disappearance of the Angler exploit kit and its replacement by Neutrino.
In industry news, a Parliamentary committee in the UK suggests CEOs whose companies are hacked should have their pay docked. CRN reports that Tanium rejected acquisition bids from VMware and Palo Alto Networks. The Motley Fool thinks the two suitors FireEye rejected earlier this year were Symantec (which picked up Blue Coat instead) and Cisco (possibly).
Observers look into the failure to recognize the Orlando shooter as a threat.
A note to our readers: this Wednesday the CyberWire will be down in Laurel, Maryland, covering Cyber 7.0. Watch for our usual live-tweeting and special report on the proceedings.
Notes.
Today's issue includes events affecting Bangladesh, Denmark, Finland, Germany, India, Iraq, Kazakhstan, Democratic Peoples Republic of Korea, Republic of Korea, Moldova, Russia, Syria, United Kingdom, and United States.
Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day. Our expert segment today comes from the University of Maryland's Jonathan Katz, who discusses blockchain technology and the recent DAO/Ethereum hack. Our guest, Ryan Stolte, founder and CTO of Bay Dynamics, shares the results of his company's study of board members' increased focus on cyber security. (As always, we welcome iTunes reviews.)
And we're happy to note that our producer, Dave Bittner, appeared Friday on another podcast, the Grumpy Old Geeks. Tune in to hear him give the Geeks the cyber security word.
Cyber Attacks, Threats, and Vulnerabilities
The DAO is under attack, a third of its ether reserves stolen (Help Net Security) The DAO, a digital Decentralised Autonomous Organisation that has been set up to support projects related to Ethereum, a public blockchain platform that allows programmable transactions, has been hit by unknown attackers that are draining its ether (cryptocurrency) reserves
The DAO Falls Victim to Cyber Attack Leading Ethereum to Crash Over 20% (Finance Magnates) The event is still ongoing as hackers have already stolen over 3.5 million ETH from the DAO's coffers
Ethereum tries to recover after million-dollar hack (IT News) $67 million lifted from The DAO fund
Now Russian hackers are linked to bank cyber heists via Dridex malware (Computing) Not just the North Koreans targeting banks' SWIFT terminals, suggests report
A hacker claiming responsibility for the DNC hack has released new documents and is promising even more leaks (Business Insider) Days after the Democratic National Committee claimed its computer network had been breached by Russian hackers, a blog post published by someone calling themselves "Guccifer 2.0" has claimed responsibility, shared additional allegedly stolen documents, and promised to release even more information
Hilary Clinton Exposed by Hackers? (Inquisitr) Julian Assange says Wikileaks has enough evidence to 'proceed to indictment' as Guccifer 2.0 exposes DNC plot
CrowdStrike embarrassed after lone hacker claims that he – and not the Russian government – hacked the Democrats (Computing) Lone hacker claims responsibility for Democratic Party security breach - but security firm stands by its claims
Russian Hackers Targeted Hillary Clinton Campaign Google Accounts (Forbes) Hillary Clinton’s private email server has attracted the attention of foreign hackers and American regulators alike. But now her campaign crew’s Google email has been targeted by hackers thought to be working for the Russian government, security experts told FORBES today
Guest editorial: The DNC hack and dump is what cyberwar looks like (Ars Technica) Elections are critical infrastructure that should be hands-off for governments
Russian Sofacy group fingered for phishing attacks on the US government (Inquirer) Spear phished government department was plundered for content
False Flags: The Kremlin’s Hidden Cyber Hand (Observer) The Islamic State’s hacking army doesn’t actually work for ISIS—It’s part of the secret Russian online espionage effort against the West
A look at the Angler-less exploit kit scene (Malwarebytes Labs) For those tracking exploit kits, the disappearance of the Angler exploit kit last week was a major event. While a lot of questions remain, several clues pointed out that this was no ordinary break, and that something deeper was likely going on. After about ten days without Angler EK, we take a look at the exploit kit landscape
Acer to notify customers of online store data breach (Graham Cluley) Yet another security incident due to a third-party
GoToMyPC accounts hacked, all customer passwords reset (Graham Cluley) Remote access tool gets remotely accessed... by hackers
'It's High Noon': Blizzard authentication servers fall offline (CSO) Players reported authentication issues for more than an hour
Beware; Latest PayPal Phishing Scam Comes From Irish Government Email (Hack Read) Irish government emails used in latest paypal phishing scam — scammers are targeting your inbox with “your account will be limited” phishing scam with terrible English skills
Is the 'secret' chip in Intel CPUs really that dangerous? (Network World) There are a lot of ifs in this developer's argument
3 Top Email Security Concerns: CU InfoSecurity (CU Times) Three huge cybersecurity problems for credit unions center on email. That’s according to KnowBe4 CEO Stu Sjouwerman, who delivered the keynote address at the CU InfoSecurity 2016 conference in New Orleans
Security Patches, Mitigations, and Software Updates
Microsoft tests new tool to remove OEM crapware (Ars Technica) For Insiders, there's now an app to perform clean operating system installs
Cyber Trends
Hyperconverged infrastructure adoption is accelerating (Help Net Security) The hyperconverged infrastructure is increasingly being adopted by enterprise and midmarket companies to reduce data center costs and improve operational efficiency, according to a new report by ActualTech Media
Automation Needed to Beat Skills Challenge (InfoRiskToday) KPMG's Ramaswamy says focusing on people alone will not bridge skills gap
Cyber security vulnerabilities growing in India (Business Standard) Nearly eight in 10 information technology (IT) and C-suite business leaders experienced increased cyber attacks on their firms in 2015, indicating a rise of cyber security vulnerabilities in India, as highlighted by a study by The Economist Intelligence Unit. The study commissioned by cloud infrastructure and business mobility platform VMware Inc. The increasing cyber attack risks to Indian businesses can be judged from the fact that 33 per cent of the respondents surveyed expected to be targeted within 90 days - a number higher than the Asia-Pacific region
Marketplace
Telco bosses' salaries must take heat for cyber attacks, says MPs' TalkTalk enquiry (Register) CEO Dido Harding did say infosec was her responsibility
Keep an eye on Norway: Its startup scene is about to go huge (TechCrunch) I spent a lot of my formative years in Norway, and have been periodically checking in on the Norwegian startup scene
Sources: Tanium Rejected Acquisition Bids From VMware, Palo Alto, Vows To Stay Single (CRN) Red-hot security startup Tanium received acquisition bids from both VMware and Palo Alto Networks last fall, sources familiar with the offers told CRN
Palo Alto Networks Has Bottomed, Could Head to $140 (The Street) Even if a deal doesn't happen, the risk vs. reward in Palo Alto Networks has drastically improved
Instant Analysis: Who Tried To Buy FireEye Inc? (Motley Fool) Is this cybersecurity firm a hot buyout target?
What Symantec's acquisition of Blue Coat says about the CASB market (Tech Target) Symantec’s surprise announcement this week that it had agreed to acquire Blue Coat Systems for a whopping $4.65 billion in cash led to much discussion about how the purchase will affect the beleaguered antivirus giant, which has experienced well-documented struggles and setbacks in recent years. But there’s been much less focus on Blue Coat — how the company arrived at this point, and how much its investments in cloud security, specifically the cloud access security broker space, have benefited Blue Coat
Is Symantec/Blue Coat Deal a Game-Changer? (InfoRiskToday) Security leaders expect new solutions to future threats
Microsoft acquires Wand Labs to boost chatbots, intelligence programs (Hindustan Times) Microsoft seems to be on an acquiring spree as the company on Friday said that it had acquired messaging app developer Wand Labs
Microsoft Targets 'Conversational Intelligence' in Latest Acquisition (CMS Wire) Microsoft is on a spending spree. Quick on the heels of its $26.2 billion LinkedIn acquisition, the Redmond, Wa.-based tech giant snapped up messaging app developer Wand Labs for an undisclosed sum
BluVector Takes Aim at Security Bug Hunting (eSecurity Planet) Former top IBM security exec, Kris Lovejoy, now president of BluVector by Acuity discusses what her new firm's tech is all about
Why IBM Stock Could Be Worth A Long-Shot Bet (Fortune) Big investors are avoiding it now, but that could pay off down the road
Did You Miss The Rally On CyberArk? (Seeking Alpha) CyberArk has bounced significantly off the February lows following a big Q1 beat. The privileged account security leader faces decelerating growth rates. The stock doesn't appear to provide reward commensurate with the risk of not meeting growth expectations
Elliott Breathes New Life Into LifeLock (Bloomberg) Activist shareholder Elliott Management just revealed that LifeLock is its latest tech target, increasing the security company's chances of becoming a takeover target as well
Israeli Cyber Security Firm Finds Niche Standing Guard Inside Computer Networks (Haaretz) 'It's easier to attack from the inside, and therefore it's more urgent to provide another layer of protection,' says CyberArk CEO Udi Mokady
Leidos CEO Roger Krone Focuses On People As Integration Of Lockheed Services Unit Approaches (Forbes) Reston, Virginia-based Leidos Holdings is preparing to double in size as it acquires the Information Systems & Global Solutions business of Lockheed Martin. Leidos Chairman and Chief Executive Officer Roger A. Krone is holding a series of “town halls” with the 16,000 Lockheed employees who will soon join his enterprise, and in laying out the logic of the coming combination, he has adopted a tone that stresses how central people are to the success of a solutions company
Accenture Acquires Maglan, Expands Security Services in Israel (BusinessWire) Acquisition widens Accenture’s capabilities in advanced offensive cyber simulation; vulnerability research, threat intelligence and malware analysis to help organizations actively combat cyber attacks and maximize their defensive capabilities
Accenture Opens Doors to Cybersecurity R&D Lab in Israel to Advance Security Innovations (BusinessWire) Newest Accenture Lab to focus on broad research in advanced threat intelligence, industrial internet security, cyber defense solutions
Raytheon to Hire More Than 140 In Pensacola as Part of $1 Billion Cyber Contract (Gulf Pulse) After having recently been awarded a $1 billion contract to protect the networks of dozens of federal agencies from cyber threats, Raytheon plans to hire more than 140 employees in Pensacola
Salient CRGT Opens New Offices in Tysons (Washington Exec) Fairfax, Va.-based Salient CRGT announced the opening of a 33,370 square foot facility in Tysons which includes two distinctive Agile Labs, an Innovation Center Technology Lab and a Talent Operations Center. This facility is located approximately 300 yards from the Tysons Metro Station
Products, Services, and Solutions
RiskLens Wins Best Cyber Risk Product at 2016 Operational Risk Awards (Yahoo! Finance) Recognition confirms RiskLens as the product leader in cyber risk quantification
Imagination increases security on MIPS processors (Electronics Weekly) Imagination Technologies has teamed up with Eindhoven chip security firm Intrinsic-ID to add a ‘physically un-cloneable function’ (PUF) to MIPS cores – initially the M5150 CPU – for authentication and anti-cloning
Menlo Security's Breakthrough Isolation Platform Named Grand Prize Winner Best of Show at Interop Japan (PRNewswlre) As malware and ransomware threats dominate the enterprise IT agenda, hot start-up Menlo Security delivers a game-changing cloud product
Technologies, Techniques, and Standards
DHS Hacker Warnings Will Soon Carry Reputation Scores (Nextgov) The Homeland Security Department will soon rate the trustworthiness of tip-offs about hacking groups it receives from outside sources before sharing them with other agencies and industry
Why a global threat sharing program is vital to protect global infrastructure (TechCrunch) We live in a time where the global sharing of threat intelligence is not only possible; it’s vital to the security of our global infrastructure, and the public and private sectors have been working tirelessly to create these programs
The Gamble Behind Cyber Threat Intelligence Sharing (Dark Reading) In theory, sharing threat intel makes sense. But in cybersecurity you're not dealing with known individuals, you're dealing with anonymous adversaries capable of rapid change
Smart Grid Initiative Can Help Thwart Hackers (MeriTalk) An initiative is underway at the Energy Department’s National Renewable Energy Laboratory (NREL) aiming to prevent hackers from gaining control of parts of the nation’s power grid, or Industrial Control System (ICS)
How to hack a bank (Business Insider) Tom was trying to hack a bank
How Hired Hackers Got “Complete Control” Of Palantir (BuzzFeed) Palantir hired a cybersecurity firm last year to test its digital defenses. A confidential report shows how the pro hackers were able to dominate the tech company’s network
Here's What You Should Take Away From that 'Palantir Hacked!' Story (Fortune) Penetration testers almost always win
5 things you should know about password managers (IDG via CSO) Tools such as Last Pass and Dashlane can save you a lot of headaches
Using Your Password Manager to Monitor Data Leaks (SANS Internet Storm Center) I wrote this diary while waiting for my flight back to home. Last week, SANSFIRE was held in Washington where I met some ISC handlers. I did not pay too much attention to the security news but I faced an interesting story. Recently, a data leak affected LinkedIn and a friend of mine had a chance to have access to the data (o.a. decrypted passwords)
Inside a phishing attack (CSO) A potential victim tries to turn the tables on a spear phisher
Turbulent labor market gives rise to economic espionage (Midland Reporter-Telegram) Laying off workers amid the oil and gas downturn — or any industry downturn — is bad enough for both the employer and the employee
Time to Get Quick on Your Feet: Navigating the Network Security Minefield (Infosecurity Magazine) Cyber-space is the land of opportunity for hacktivists, terrorists, and criminals motivated to wreak havoc, commit fraud, steal information, or take down corporations and governments. They can hide out in the dark web, geographically removed from the scene of their crimes, launching automated attacks on thousands of targets knowing a fraction will succeed
Cyber-secure in Suffolk (Suffolk News Herald) Joint Staff hosts huge electronic exercise
Wi-Fi and connected devices increase security risks (IT Brief) Access to the internet provides people in develop and developing countries the opportunity to increase their economic growth, improve their social mobility and computer literacy as well as enrich their education prospects
How to assess your stakeholder matrix as part of a cloud security strategy (Help Net Security) Running your organization in the cloud has many benefits: cost savings, efficiency gains, and the flexibility to scale, to name a few, along with some security drawbacks. This is where companies often encounter roadblocks to cloud adoption. On-premise security is traditionally defined by the tools that are used but this approach falls short in the cloud, where fragmented point solutions that may check boxes around security and compliance, create a security dissonance
Insider Risk and the Need for Context-Aware Security (InfoRiskToday) Micro Focus' Gurusiddaiah on unified approach to identity and access
Rethink network security outside the box (Help Net Security) Preventing bad guys from compromising an organization has historically been executed based on a basic concept: establish a perimeter, and control who and what goes in and out. This concept has stood the test of time. In medieval days, guards depended on moats. In the digital age, IT professionals deploy firewalls. Simple, right?
Just for show: 11 theatrical security measures that don't make your systems safer (CSO) The term "security theater" was coined to describe the array of security measures at U.S. airports -- taking off shoes, patting down children and the elderly -- that project an image of toughness without making commercial aviation any safer. But the man who came up with the phrase is famous cybersecurity expert Bruce Schneier, and it could just as easily apply to a number of common tech security measures. We talked to an array of tech experts to discover what security technologies are often just for show
Design and Innovation
Trooly is using machine learning to judge trustworthiness from digital footprints (TechCrunch) Trust greases the wheels of the sharing economy, paving the way for transactions to take place between total strangers. But figuring out who is trustworthy and who is not remains a sticky bottleneck for digital businesses wanting to scale faster. Meanwhile the consequences for customers when startups screw up these risk calculations can be very unpleasant indeed
Research and Development
Suppressing Extremist Speech: There’s an Algorithm for That! (Foreign Policy) A GOP operative and an academic are teaming up to go after the Islamic State online, but Silicon Valley isn’t buying it
Academia
Keyboard warriors: South Korea trains new frontline in decades-old war with North (Reuters) In one college major at Seoul's elite Korea University, the courses are known only by number, and students keep their identities a secret from outsiders
Help stop hackers with new cyber security course (Register-Herald) In today’s world, security attacks in the cyber world are more common than ever. Hackers seeking personal, professional and financial information are using the Internet to harm others for their own benefit. Now with a new online associate’s degree program at Valley College, students can obtain skills necessary to apply for jobs in the cybersecurity industry
18-year-old hacker honored at Pentagon (Stars and Stripes) On Monday, 18-year-old David Dworken graduated from high school. By Friday, he was honored by Secretary of Defense Ash Carter at the Pentagon
Legislation, Policy, and Regulation
UK surveillance bill under fire as data security risk (TechCrunch) A 2015 data breach of UK ISP TalkTalk should serve as a warning to the government that its proposed new surveillance legislation risks creating vulnerable pools of data that could be exploited by hackers, a parliamentary committee has warned
U.S. Cyber Command Chief on What Threats to Fear the Most (Wall Street Journal) Lt. Gen. James McLaughlin talks about attacks from ISIS, Russia and China
What Are The Important Cyber Conflict Questions (and Answers)? (Lawfare) As I mentioned earlier, this past week I was privileged to attend a conference on the State of the Field in the study of Cyber Conflict sponsored by the Columbia School of International and Public Affairs and the Cyber-Conflict Studies Association
Warfare 2.0 (Business Standard) US needs lifehack to streamline cyber defences
Ex-White House cyber officials call for new rules on security flaws (Reuters) Two former Obama cyber-security officials say the federal government should be barred from paying for hacking techniques while agreeing to keep them secret, as the FBI did to crack the iPhone wielded by one of the shooters in the San Bernardino killings
Spying on citizens more widespread in US than China, claims presidential candidate Gary Johnson (International Business Times) Domestic surveillance in the United States is worse than China, according to Libertarian presidential nominee Gary Johnson – a fierce critic of the National Security Agency (NSA) and supporter of exiled whistleblower Edward Snowden
Zukunft: Coast Guard Welcomes Whole-Of-Government Intelligence, Collaboration (USNI News) The Coast Guard’s current success in its drug and human trafficking missions, as well as future success in its heavy icebreaker program, rest in a whole-of-government approach, the commandant said earlier this week
The Pentagon's controversial plan to hire military leaders off the street (Military Times) Defense Secretary Ash Carter wants to open the door for more “lateral entry” into the military's upper ranks, clearing the way for lifelong civilians with vital skills and strong résumés to enter the officer corps as high as the O-6 paygrade
Litigation, Investigation, and Law Enforcement
Attorney general: Government to release some 911 calls with Orlando shooter (Washington Post) Attorney General Loretta Lynch said Sunday that authorities will release redacted transcripts on Monday of the phone calls between Orlando shooter Omar Mateen and police during the attack
Yes, Omar Mateen pledged allegiance to terrorist groups but the Obama admin. won’t let you see the transcript (Twitchy) On “Meet the Press” Sunday, Attorney General Loretta Lynch told Chuck Todd that only partial transcripts of Orlando terrorist Omar Mateen’s calls with law enforcement will be released. All of his “pledges of allegiance to terrorist groups”? Yeah — you don’t get to read or hear those
Why Didn’t the FBI Stop Omar Mateen? (Politico) The face of terrorism is changing. And critics say the bureau has been too slow to catch on
How Does the FBI Watch List Work? And Could It Have Prevented Orlando? (Wired) Of all the details investigators have uncovered about Orlando terrorist Omar Mateen, perhaps the most infuriating is the fact that he spent 10 months on a government watch list, yet had no trouble buying an assault rifle and a handgun
Orlando Shows the Limits of Facebook’s Terror Policing (Wired) Both leading up to and during his deadly assault on Orlando night club Pulse, Omar Mateen accessed his Facebook account. He posted threatening status updates, and searched for key words relating to the tragedy, according to a Senate committee head briefed by law enforcement. Now, that Senator wants to know if Mateen’s social media activity could have been used to prevent the attack
The FBI’s Growing Surveillance Gap (Politico) There are more homegrown jihadists than the feds can actually watch. And not everyone likes what the FBI is doing instead
Attorney general: Silent on Clinton email case with Obama (AP) Attorney General Loretta Lynch said Sunday she doesn't believe the FBI's investigation into Hillary Clinton's private email server has been compromised by President Barack Obama's endorsement of Clinton in the 2016 White House race
The Lawyers Who Could Take Down Hillary Clinton’s Campaign (Daily Beast) To Team Clinton, they’re ‘everything wrong with our politics.’ In conservative circles, they’re heroes—and maybe the best positioned to dig up dirt that could poison Hillary 2016
Silk Road Prosecutors Argue Ross Ulbricht Doesn’t Deserve a New Trial (Wired) Five full months have passed since the defense team for Silk Road creator Ross Ulbricht launched their appeal for a new trial
Ross Ulbricht created Silk Road and deserved life sentence, DOJ argues (Ars Technica) Prosecutors file their lengthy reply to Ulbricht's January 2016 appeal
Fraud & Cybersecurity: The Growing Linkages (InfoRiskToday) NPCI's Bharat Panchal on the interconnectedness of security and fraud
Breach Notification: The Legal Implications (InfoRiskToday) Supreme Court advocate Pavan Duggal on India's challenges
Catching up with the guy who stole Half-Life 2’s source code, 10 years later (Ars Technica) From Death by Video Game: can you love a game so much you must take its sequel?
‘Operation Broken Heart’ nets 126 arrests, 29 in Fort Bend (Katy Rancher) Houston area authorities have used multiple operations to track down child predators and increase the public’s vigilance in recent months
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, Aug 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained over one hundred fifty organizations and has become the "go-to company" for Insider Threat Program Development Training.
Upcoming Events
2016 CyberWeek (Tel Aviv, Israel, Jun 19 - 23, 2016) The conference, held jointly by the Blavatnik Interdisciplinary Cyber Research Center (ICRC), the Yuval Ne'eman Workshop for Science, Technology and Security, the Israeli National Cyber Bureau, Prime Minister's Office and Tel Aviv University, in collaboration with the Ministry of Foreign Affairs, will bring together high level international cyber experts, policy-makers, academia and researchers, security officials and foreign diplomats, attracting many participants from around the world for an exchange of knowledge, methods and ideas evolving field of cyber.
National Insider Threat Special Interest Group - South FL Chapter Kickoff Meeting (Palm Beach, Florida, USA, Jun 21, 2016) The National Insider Threat Special Interest Group (NITSIG) is excited to announce the establishment of a South Florida Chapter. Presentations and discussions will be provided by Insider Threat Defense, Inc. and the FBI. The meeting will focus on: how to recognize potential insider threat problems, employee behavioral indicators of concern, and strategies for insider threat risk mitigation.
cybergamut Technical Tuesday: SS7, SWIFT, and Checking: Closed Network Evolution and Exploitation (Elkridge, Maryland, Calverton, Jun 21, 2016) A recent 60 Minutes article on extracting mobile phone information from the SS7 telephone carrier signaling network crystalized some thoughts I’ve had for a while on the evolution of closed networks over time and the security implications of opening closed networks. This talk examines that issue using three case studies: the SS7 demonstration, the recent theft of $81 million dollars from the New York Central Reserve Bank belonging to the Central Bank of Bangladesh using the SWIFT network, and the enormous but generally unremarked shift about 10 years ago from the paper check to digitized check information as a negotiable instrument for moving money between bank accounts. All three involve complex networks with both “real world” and digital network dimensions, and illustrate how authentication and trust design decisions (explicit or implicit) made when a network is first created can lead to exploitation opportunities as that network and the way it’s used evolves over time. Jeff Kuhn of Amches, Inc. will present the topic.
Cyber Security for Critical Assets LATAM (Rio de Janeiro, Brazil, Jun 21 - 22, 2016) Cyber-attacks on critical infrastructure have become an increasing threat for Latin American governments and companies within the oil and gas, chemical and energy sectors. Although the attack frequency is increasing, companies are still reluctant to develop strategies to fight them. As cyber-attacks grow in sophistication, frequency and intensity, these companies are increasingly becoming high profile targets. The Cyber Security for Critical Assets LATAM Summit aims to bring together the key players involved in Cyber Security and defending critical infrastructure against the ever growing threat of attacks. The conference will connect process control and corporate IT senior level professionals, allowing them to discuss challenges, share experiences and investigate best practice guidelines. This in turn will lead to the building of robust policies and standards that will protect the future of LATAM’s critical assets.
Cyber 7.0 (Laurel, Maryland, USA, Jun 22, 2016) Cyber 7.0 delves into the cyber threat to the nation’s critical infrastructure—transportation, health care, utilities, and energy, to name a few. How can government and industry work together to battle the threats to personal and public safety? For the seventh year, regional cyber experts, small entrepreneurs, large businesses, and government organizations come together to discuss, connect, and strategize. Be a part of the solution. Sponsor, exhibit, attend.
Security of Things World (Berlin, Germany, Jun 27 - 28, 2016) Security. Privacy. Connected Devices. Exploring Security and the Internet of Things. A world class event focused on the next information security revolution. Be part of Security of Things World in June in Berlin to tailor your proposition to respond to the security concerns that preoccupy enterprise customers today and find pragmatic solutions to the most common security threats.
SANS Salt Lake City 2016 (Salt Lake City, Utah, USA , Jun 27 - Jul 2, 2016) We are pleased to invite you to SANS Salt Lake City 2016, June 27-July 2. Are you ready to immerse yourself in the most intense cyber training experience available anywhere? Do you need to become a more effective leader when implementing security improvements for your organization? Do you need a more in-depth knowledge of the theory and implementation of computer security, hacker tools and incident handling, advanced digital forensics, defending web apps, or ISC/SCADA? This new event has been planned to meet your needs. Start making your plans now to attend SANS Salt Lake City 2016!
DC / Metro Cyber Security Summit (Washington, DC, USA, Jun 30, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. This educational and informational forum will focus on educating attendees on how to best protect highly vulnerable business applications and critical infrastructure. Attendees will have the opportunity to meet the nation’s leading solution providers and discover the latest products and services for enterprise cyber defense.
TECHEXPO Cyber Security Hiring Event (Tysons Corner, Virgina, USA, Jun 30, 2016) Cyber security professionals are invited to interview face-to-face with employers including The CIA, Deloitte, Intel Security, Northrop Grumman, Lockheed Martin, Deloitte, Vencore and many more. Hundreds of career opportunities are available in cyber security that need to be filled immediately. Bring copies of your resume with you and interview in person, representing yourself better than any online application ever could.
ISS World South Africa (Johannesburg, South Africa, Jul 10 - 12, 2016) ISS World South Africa is the world's largest gathering of Southern Africa Law Enforcement, Intelligence and Homeland Security Analysts as well as Telecom Operators responsible for Lawful Interception, Hi-Tech Electronic Investigations and Network Intelligence Gathering. ISS World Programs present the methodologies and tools for Law Enforcement, Public Safety and Government Intelligence Communities in the fight against drug trafficking, cyber money laundering, human trafficking, terrorism and other criminal activities conducted over today's telecommunications network and the Internet.
Insider Threat Program Development Training (Washington, DC, USA, Mar 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC. For a limited time the training is being offered at a discounted rate of $795. The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained a substantial number of organizations and has become the "Go To Company" for Insider Threat Program Development Training
SINET Innovation Summit 2016 (New York, New York, USA, Jul 14, 2016) “Connecting Wall Street, Silicon Valley and the Beltway.“ SINET Innovation Summit connects America’s three most powerful epicenters and evangelizes the importance of industry, government and academic collaboration on joint research initiatives. The opportunity to bring practitioners and theory together to discuss fundamental Cybersecurity challenges is critical to the advancement of innovation in the Cybersecurity domain. This summit is designed to reinvigorate public-private partnership efforts and increase relationships that foster the sharing of information and joint collaboration on Cybersecurity research projects
Insider Threat Program Development Training (Washington, DC, USA, Mar 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC. For a limited time the training is being offered at a discounted rate of $795. The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained a substantial number of organizations and has become the "Go To Company" for Insider Threat Program Development Training
CyberSec 2016 (New York, New York, USA, Jul 19, 2016) Ask any bank CEO in the U.S. what keeps them up at night and cybersecurity is bound to be in the top five. Maybe even no. 1. And while the threat matrix is evolving rapidly, along with the regulatory demands, so are the technology tools available to help meet them. This one-day conference will take a big-picture look at the threats facing banks today and tomorrow, and offer insights on how to combat them.
Nominations are now open: National Cyber Security Hall of Fame (Baltimore, Maryland, USA (nominations submitted online), Jul 20, 2016) The Cyber Security Hall of Fame "Respect the Past - Protect the Future" accepts nominations from companies and organizations that are engaged in, and committed to, the growth of the cyber security industry. Each of the nominators can submit nominations in the following categories or combination of categories: Technology, Policy, Public Awareness, Education, and Business.
Insider Threat Program Development Training (Washington, DC, USA, Mar 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC. For a limited time the training is being offered at a discounted rate of $795. The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained a substantial number of organizations and has become the "Go To Company" for Insider Threat Program Development Training
Billington Global Automotive Cybersecurity Summit (Detroit, Michigan, USA, Jul 22, 2016) Billington Cybersecurity, an independent conference company focused exclusively on cybersecurity seminars, announces the first global summit that brings together the most senior government and industry experts to examine cyber security in the automotive industry. The Chairman and CEO of General Motors, Mary Barra, U.S. Transportation Secretary Anthony Foxx, U.S. Senator Gary C. Peters and Lyft CEO and Co-Founder Logan Green will discuss industry and government insights on automotive cybersecurity.
Community College Cyber Summit (3CS) (Pittsburgh, Pennsylvania, USA, Jul 22 - 24, 2016) The third annual Community College Cyber Summit (3CS) is organized and produced by six Advanced Technological Education (ATE) centers funded by the National Science Foundation (NSF) and involved in cybersecurity. 3CS meets the perceived need for a national academic conference that focuses exclusively on cybersecurity education at the community college level. Faculty, administrators, and other stakeholders in community college cybersecurity education are invited and encouraged to attend
SANS ICS Security Summit & Training — Houston 2016 (Houston, Texas, USA, Jul 25 - 30, 2016) SANS has joined forces with industry leaders and experts to strengthen the cybersecurity of Industrial Control Systems (ICS). The initiative is turning ICS cybersecurity around by equipping both security professionals and control system engineers with the security awareness, work-specific knowledge, and hands-on technical skills they need to secure automation and control system technology. Register now for these ICS skills based courses.
SANS San Jose 2016 (San Jose, California, USA , Jul 25 - 30, 2016) Information security training is coming to Silicon Valley from SANS Institute, the global leader in information security training. At SANS San Jose 2016, July 25-30, 2016, choose from 7 hands-on, immersion-style cybersecurity training courses taught by real-world practitioners. We will see you at The Westin San Jose, located in the heart of downtown San Jose. Now is the time to improve your information security skills. SANS San Jose 2016 features comprehensive hands-on technical training from some of the best instructors in the industry and includes several courses that will prepare you or your technical staff for DoD 8570 and GIAC approved certification exams. Start making your plans to attend now!
AfricaHackOn (Nairobi, Kenya, Jul 28 - 29, 2016) What began as a casual meet up for information security professionals has become one of the formidable forces in the profession. That group is the AfricaHackOn. Housed under its parent umbrella, Euclid Consultancy Ltd, AH as fondly known, has traversed all odds to becoming a leading venture in raising awareness on matters affecting cyber security and also grooming upcoming talent into the job market. We have been poised to becoming a one stop shop for talent and resources in a field greatly short staffed.