Hacktivism, or denial-and-deception? World-Check leak reported plugged. DarkOverlord's game. Another tech Twitter hack. LizardStressor herding CCTV bots.
Guccifer 2.0 resurfaces with an FAQ blog and lots of matey denials that he (she? they?) is a Russian sockpuppet, but few seem to be buying this story. SecureWorks sees the DNC hack as one aspect of a comprehensive espionage campaign against US targets likely to be of close interest to you-know-whom. ThreatConnect concludes Guccifer 2.0 is a denial-and-deception operation. Their evidence is admittedly circumstantial, and they consider just two possibilities (hacktivist vs. Russian organs), but their reasoning is interesting.
Researcher Chris Vickery reports that a 2014 version of Thompson-Reuters’ widely used World-Check data base of terrorist actors has leaked online. Thompson-Reuters says it’s “secured” the third-party source of the leak.
Motherboard thinks the (still unconfirmed, possibly genuine but possibly bogus) healthcare insurance data for sale on the dark web represent an attempt to “game the media” into aiding extortion. The DarkOverlord seems pleased with his promotion: “I have a reputation with this handle now. Another step accomplished. Every time I put a new listing up it gets reported without hesitation now.”
Occulus hasn’t appointed a new CEO. Their Twitter account was hacked to spread the hoax, latest in the ongoing series of tech-company hijackings.
LizardStresser is involved in assembling the large security camera botnet. The DDoS tool is expected to make further inroads into the IoT.
The Hard Rock Hotel and Casino Las Vegas and the fast-dining chain Noodles and Company both confirm they suffered data breaches.
Observers look at China’s control of its Internet and see surprising success.
A note to our readers: The CyberWire won't publish Monday as we celebrate Independence Day. We'll be back as usual on Tuesday, July 5, with both our daily news summary and our podcast.
Notes.
Today's issue includes events affecting Belgium, Canada, China, European Union, France, Germany, Iran, Kenya, Russia, Turkey, United Kingdom, and United States.
Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we'll hear from Level 3's Dale Drew on the seasonal nature of cyber attacks, and our guest Dan Pastor from Cytegic will update us on SWIFT-based funds-transfer frauds.
(We welcome reviews. Please consider putting on up on iTunes. We appreciate it.)
Cyber Attacks, Threats, and Vulnerabilities
Kremlin hackers and the Democratic National Committee: How deep is the rabbit-hole? (Register) US politicos a side project for spies, claims report
DNC Hacker Denies Russian Link, Says Attack Was His ‘Personal Project' (Motherboard) The hacker who claimed responsibility for the hack on the Democratic party is back online after a week of radio silence
FAQ from Guccifer 2.0 (Guccifer 2.0) Hello! I received lots of questions from journalists and other people who are interested in my doings. Many thanks to all of you, it’s a pleasure for me!
Shiny Object? Guccifer 2.0 and the DNC Breach (ThreatConnect) The Shiйy ФbjЭkt? ThreatConnect challenges Guccifer 2.0’s claimed attribution for the Democratic National Committee (DNC) breach
Global terror database World-Check leaked (Register) Thomson Reuters 'working furiously' to secure 2.2 million sensitive records
Terror-suspect database used by banks, governments, has been leaked (CSO) Thomson Reuters has secured the source of the leak
How a Hacker Is Gaming the Media to Extort His Victims (Motherboard) Over the past few days, millions of health care organisation records have been listed on the dark web. But rather than simply selling the data at a low price for a quick payday, this hacker is advertising it to extort the unnamed companies into paying money to protect their patients’ details
Hacker takes over Oculus CEO’s Twitter account, announces new CEO (TechCrunch) Oculus CEO Brendan Iribe had his Twitter account hacked Wednesday; the hacker took the opportunity to promptly announce a new CEO for the virtual reality company
Threat Report Reveals Every Large Enterprise Has Mobile Malware (Skycure) Malicious hackers are targeting big enterprises for spying, data theft, defamation and extortion, and they have figured out many creative ways to silently take control of the best surveillance and infiltration tool ever created – your smart phone. Skycure’s new Mobile Threat Intelligence Report focuses on mobile malware, found on 4% of all mobile devices. The report is based on worldwide data from Skycure’s massive crowd-sourced threat intelligence platform
Apocalypse: Ransomware which targets companies through insecure RDP (Emsisoft) Beyond a shadow of a doubt 2016 has been the year of the ransomware. So it comes as no surprise that new ransomware families are popping up on weekly basis
Ransomware Update: TeslaCrypt, Locky And An Ounce Of Prevention (Channel Partners) As if customers didn’t have enough to worry about when it comes to securing their devices and data, new and seemingly more bulletproof threats are emerging to give even the most confident among us reason to take notice. So what’s all the fuss about?
Legit Tools Helping Attackers Hide Malicious Activity, Study Finds (Dark Reading) Malware often just used only for initial break-in, LightCyber report says
LizardStresser recruits an army of zombie webcams to launch DDoS attacks (Hot for Security) Do you have an internet-accessible webcam? If so, are you sure it is secured with a strong password and not still using the default password that it shipped with?
Always-on CCTVs with no effective security harnessed into massive, unstoppable botnet (BoingBoing) When security firm Sucuri investigated the source of a 50,000-request/second DDoS attack on a jewelry shop, they discovered to their surprise that the attacks originated on a botnet made of hacked 25,500+ CCTV cameras in 105 countries
Giant CCTV Camera Botnet Highlights IoT Security Threats (Techweek Europe) A botnet made up of more than 25,000 hacked security cameras spread around the world is being used to launch DDoS attacks, researchers say
There Are over 100 DDoS Botnets Based on Lizard Squad’s LizardStresser (Tirate Un Ping) Lizard Squad’s tool becomes very popular thanks to the millions of unsecured IoT devices ready for the taking
Rooting Hummer malware brings $500,000 per day to its creator (Help Net Security) Android malware with device rooting capabilities has been hitting Google Play for a while now, but for users third-party app stores the situation is even more dangerous
Easily exploitable LibreOffice flaw is a godsend for hackers (Help Net Security) A serious LibreOffice flaw can be easily exploited by attackers to deliver malware on computers running a vulnerable version of the popular free and open source office suite
Wormable flaws in Symantec products expose millions of computers to hacking (CSO) The flaws could have allowed hackers to execute malicious code on computers with no user interaction
Google Found Disastrous Symantec and Norton Vulnerabilities That Are 'As Bad As It Gets' (Fortune) An attacker’s unopened email is enough to compromise you
Phishing Campaign with Blurred Images (SANS Internet Storm Center) For a few days, I’m seeing a lot of phishing emails that try to steal credentials from victims. Well, nothing brand new but, this time, the scenario is quite different : The malicious email contains an HTML body with nice logos and texts pretending to be from a renowned company or service provider. There is a link that opens a page with a fake document but blurred with a popup login page on top of it. The victim is enticed to enter his/her credentials to read the document. I found samples for most of the well-known office documents. Here are some screenshots
Hacked: Private Messages From Dating Site ‘Muslim Match’ (Motherboard) Specialty dating site “Muslim Match” has been hacked. Nearly 150,000 user credentials and profiles have been posted online, as well as over half a million private messages between users
Saint John Development Corporation finds cyber attack damage (CBC) Group lost annual report, other data, part of wave of email attacks
Hard Rock Las Vegas, Noodle and Co. Confirm Hacks (Threatpost) If you’re one of the millions who rocked out at Hard Rock Hotel and Casino Las Vegas or slurped noodles at a Noodles & Company fast food chain in the past year, it’s time to get paranoid. Both companies announced this week separate breaches that include unauthorized access to credit card data
Noodles & Company Payment Data May Have Been Hacked (Fortune) Breach affects credit and debit cards used at just some locations
Another Popular YouTuber Lilly Singh’s Channel Hacked (Hack Read) Poodle Corp hackers have done it again — this time, the victim was Lilly Singh
Cyber Trends
Beyond the Password: The Future of Account Security (TeleSign) Commissioned by TeleSign and conducted by Lawless Research, “The Future of Account Security” report surveyed 600 security professionals across 15 industries in the U.S. and revealed that securing consumer accounts is a top concern for businesses
Passwords To Be Phased Out By 2025, Say InfoSec Pros (Dark Reading) Behavioral biometrics technology and two-factor authentication are on the rise as safer alternatives, according to a study
The Attribution Question: Does It Matter Who Attacked You? (Dark Reading) Everyone will ask whodunnit, but how can an organization put that information to practical use during disaster recovery and planning for the future?
IT professionals spend a lot of time ignoring security alerts (IT Pro Portal) Alert fatigue, lack of relevant skills and complexities at endpoint agent deployment are the most common headaches business have when adopting cloud solutions, it was said
European Orgs Not Prepared for Next Cyber-Attack (Infosecurity Magazine) The majority of European companies are failing to prepare themselves for the next cyber-attack, according to new research from operational intelligence software platform provider Splunk
Marketplace
Recalibrating Cybersecurity Spending Projections (Dark Reading) How big and how fast will the cybersecurity market grow in five years? Inquiring minds want to know
How To Bridge The Cyber Insurance Gap (Dark Reading) CISOs and insurance executives must unite and create more defined terminology and expectations for cyber insurance
Failure to protect data a costly business (ITWire) Businesses already suffering the economic impact of data loss for failing to protect their data are unprepared for new, emerging threats to the security of their data, and it comes at a huge cost
Intel Spin-Out Would Boost Imperva, Proofpoint (Barron's) A potential sale of Intel Security would cause disruption. Imperva and Proofpoint are two favorites in security
Deloitte revenue soars to $1.53bn (Australian) Deloitte will pursue further acquisitions in the cloud computing and design sectors to further beef up its technology capacity after reporting a 15 per cent increase in revenue to a record $1.53 billion
Cylance, Sophos Trade Heated Words, With A Reseller Partner Caught In The Middle (CRN) A war of words between Cylance and Sophos that began last week continues to escalate, with both sides now accusing the other of throwing their mutual reseller partner under the bus
Cylance® Attracts Top Industry Executives (Sys-Con Media) As company eclipses 1,000 customers, Cylance adds top-flight executives to help drive global expansion and continued innovation
Hexadite Strengthens Executive Team and Establishes Boston Headquarters (BusinessWire) Cybersecurity company plants roots in Boston and appoints experienced sales and marketing VPs amid growing demand for security orchestration and automation
FireEye Only Cyber Security Company Named to 2016 List of 50 Smartest Companies by MIT Technology Review (MarketWired) Annual list honors companies that combine innovative technology to create new opportunities
Products, Services, and Solutions
Versasec vSEC:CMS 4.5 Smart Card Lifecycle Management Solution Offers Remote (Verasec) Security devise management, new interfaces, and Yubikey token support new version boasts management enhancements, customizable features
E8 Security Joins Intel Security Innovation Alliance (MarketWired) Faster identification and response to insider threats, and increased return on existing security investment
A New Security Card the Size and Thickness of a Credit Card That Uses Biometrics for Safeguarding Buildings, Networks and Identity by SmartMetric (Marketwired) SmartMetric, Inc. (OTCQB: SMME) -- SmartMetric, the creator of the biometric credit card that has a built inside the card, powerful fingerprint scanner, is using the same biometric card based technology to bring enhanced portable biometric technology to the security and identity market
SandBlast Protects Customers from Widespread Cerber Ransomware Attack (Check Point) Starting at 6:44am UTC on June 22nd, Avanan, a partner of Check Point, detected a large-scale ransomware attack against its Cloud Security Platform customers across multiple companies. We believe this attack was only detected by SandBlast – Check Point’s Zero Day Protection solution
Swimlane Automated Security Operations Platform Wins 2016 MongoDB Innovation Award (PRNewswire) Swimlane, a developer of cybersecurity automation solutions, today announced that it has won the 2016 MongoDB Innovation Award in the "Securing the Enterprise Category"
Carbon Black's Detection eXchange puts humans back into threat sharing (ComputerWorld) Threat sharing needs more work. Carbon Black thinks the answer lies in a different kind of intel
Cloud Harmonics Expands Training and Channel Services for Palo Alto Networks Security Platform (PRNewswire) Comprehensive channel program helps partners grow their business with added endpoint security training and support for partners
State-of-the-art intelligence centre aims to thwart cyber attacks (Montreal Gazette) The huge “threat detection” screen at the front of the Montreal Cyber Intelligence Centre is ablaze with blinking lights, but none of the eight or so Deloitte employees manning the restricted centre seem particularly alarmed. Cyber attacks are routine for this gang of cybersecurity specialists, who try to keep the world safe from Internet thugs while hunkered down in their state-of-the art facility in downtown Montreal
IBM MaaS360 Answers the Call for Secure Chat in the Enterprise (IBM Security Intelligence) Organizations that have begun to embrace it know it best: Since its inception, bring-your-own-device (BYOD) has been the have-it-your-way approach to cut costs and achieve mobile productivity in the enterprise
Technologies, Techniques, and Standards
How to Keep Calm and Mitigate a 470 Gbps DDoS Attack (Imperva Incapsula) On June 14, Imperva Incapsula mitigated a 470 gigabits per second (Gbps) distributed denial of service (DDoS) attack—the largest assault in our records to date
Watch out for these 4 types of cyber attacks (Pensacola News Journal) It turns out that despite all the hackers in the world and technological mischief flying around cyberspace at any given minute, the biggest threat to a company, large or small, is you
DevNation Live Blog: Cryptography: What every application developer needs to know (Red Hat) Cryptography is something that technical folks either get excited over or completely tune out. There does not seem to be much of a middle ground. That said, cryptography is such an essential component of modern life that without it, the Internet and many, many companies would crumble
How CISOs can work with the C-suite to define the cybersecurity risk level (Help Net Security) Defining the cybersecurity risk level for any organization should be a collaborative effort that balances the need for risk mitigation with fiscal responsibility. Although the CISO is primarily focused on cybersecurity, the ultimate goal is to run a successful business. As a result, the CISCO will be reliant on the cooperation of their C-Suite colleagues to strike the right balance between operational business needs and security to derive a successful outcome
How to keep criminal hackers from ruining your vacation (Christian Science Monitor Passcode) Following basic security measures, like leaving extra devices at home and avoiding public Wi-Fi, could be enough to protect your information while you're traveling
How to Prevent Identity Theft in 20 Essential Steps (Heimdal Security) Do you know how to prevent identity theft attempts? Let’s get this clear first: identity theft is the illegal use of someone’s personal information
Research and Development
OptioLabs Awarded Patent for Innovative Mobile Security Technology (Optio Labs) US Patent US9363670 relates to systems and methods for restricting access to network resources via in-location access point protocol
Legislation, Policy, and Regulation
New Russian law to force service providers to decrypt encrypted comms (Help Net Security) An extremely wide-ranging anti-terrorism law has been passed last week by the lower house of the Russian Federal Assembly (i.e. parliament), and it is widely expected to pass the upper house without a hitch and be signed into law by president Putin within the next few weeks
The Man Who Nailed Jello to the Wall (Foreign Policy) Westerners said the web could never be controlled. Lu Wei, China's departing internet czar, proved them all wrong
State to double penalties for cyber crimes in proposed law (Star) Persons using the Internet to spread hate, hack into a protected computer system or intercept communication face a penalty of up to Sh20 million or 20 years jail or both in a proposed law. This is double the Sh10 million or 10-year jail term under section 25 of the Kenya Information and Communications (Amendment) Act 2013, for unauthorised access to a computer system with an intent to commit a crime
Brexit security implications: Major, and only starting to unfold (Help Net Security) Brexit security implicationsThe Brexit shock continues to reverberate throughout the global economic and policy worlds. Despite protests against the referendum’s results being cancelled due to concerns of violence, hundreds of protesters demonstrated outside the House of Parliament earlier this week
Frexit Is Coming (Foreign Policy) Britain's departure meant the end of an era. France's departure would mean the end of the EU
EU Data Sharing to China Under the Privacy Scanner (LIFARS) A group of European Members of Parliament (MEPs) have sought formal questioning of European Union data sharing mechanisms with China
Opinion: Chinese cyberespionage is down. That's a win for Obama's diplomacy (Christian Science Monitor Passcode) Almost a year after a historic deal between Beijing and Washington to curtail cyberespionage, reports indicate digital attacks from China are fewer but more sophisticated
Even Congress Is Slamming That Crummy Crypto Bill (Wired) Since Senators Richard Burr and Diane Feinstein released their long-awaited legislation to address the conflict between encryption software makers and law enforcement last April, it’s made about as much progress as a TI-82 calculator trying to crack a 2048-bit PGP key. The bill, which required all crypto tools to offer some way for a warrant-holding FBI agent to access encrypted information, was roundly reviled by the technology and privacy communities, and quickly lost momentum in DC, too. Now the Burr-Feinstein proposal has received its most definitive rejection yet, and this time the call is coming from inside the House
Carlin: U.S. is looking to unite on cyber deterrence (Defense Systems) Deterring cyber threats is a team sport. Government officials from the White House to individual agencies have been peddling the notion that a cyber deterrence strategy involves the whole of government and the response to a cyber incident might not necessarily occur in cyberspace
Loading…. Obama’s Cyber Executive Order Remains Unused (Daily Signal) In April 2015, President Obama signed Executive Order 13964, “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities”
Rethinking the Doctrine of Homeland Security – Reflections on Orlando (Lawfare) Almost everything we think we know about homeland security is outdated
FTC Closes 70 Percent of Data Breach Investigations, Weighing PCI-DSS Standard (https://wp.me/p3AjUX-uWW) The Federal Trade Commission doesn’t investigate every reported breach, but when it comes to prosecuting data security cases it has an impressive 70 percent closure rate, according to agency officials
Litigation, Investigation, and Law Enforcement
Why Isn’t ISIS Claiming the Istanbul Airport Bombing? (Foreign Policy) Because the Islamic State is trying to keep Turkey's focus on the Kurds -- and to do all it can to undermine Erdogan
CIA chief Brennan looks at Turkish attack and sees a warning for Americans (Yahoo! News) Four hours after three suicide bombers killed at least 41 people and wounded hundreds more at Istanbul’s Ataturk airport, CIA Director John Brennan said the attacks bore the grim hallmarks of ISIS and warned that the fanatically violent Islamic terrorist group wants to conduct similar large-scale attacks in the United States
5 held for planning attacks on Indian religious, other sites (Washington Post) India’s federal investigative agency has arrested five people for allegedly collecting weapons and explosive materials to attack religious sites and sensitive government building in various parts of the country. During questioning late Wednesday, the suspects revealed that they were being guided by an online handler suspected to be based in Iraq or Syria, the National Investigation Agency said in a statement, adding it’s looking into their possible links with the Islamic State group
ISIS in the Twin Cities (City Journal) What the national media missed about an important terrorism trial
DOJ: States, Terrorists Team With Organized Crime Outfits to Commit Cyber Theft (USNI News) As law enforcement, the intelligence community and the private sector work more closely together to bring cyber attackers to ground, a senior Justice Department official said some nations and terrorist groups are marrying with organized crime to continue stealing what they want
Facebook wins privacy case, can track any Belgian it wants (Facebook) Doesn't matter if Internet users are logged into Facebook or not
ACLU lawsuit challenges US computer hacking law (CSO) The Computer Fraud and Abuse Act limits online discrimination research, the group says
Researchers Sue the Government Over Computer Hacking Law (Wired) In the age of big data analytics, the proprietary algorithms web sites use to determine what data to display to visitors have the potential to illegally discriminate against users. This is particularly troublesome when it comes to employment and real estate sites, which could prevent users from having a fair crack at jobs and housing simply by failing to display certain listings to them based on their race or gender
Microsoft to share cyber threat info with BTRC (Daily Star) The government will get forecasts about cyber threat from tech giant Microsoft from now on. Bangladesh Telecommunication Regulatory Commission (BTRC) and Microsoft Corporation will sign a Memorandum of Understanding in this regard tomorrow afternoon, said Tarana Halim, stare minister for the telecommunication
New analysis shows 160 emails missing from Clinton’s disclosure to State (Washington Post) As Hillary Clinton tries to put to rest the controversy over her private email server that has dogged her presidential campaign, she has repeatedly cited her willingness to make her work correspondence public as evidence that she has nothing to hide
Aide said Clinton didn't want emails accessible to 'anybody' (AP) Longtime Hillary Clinton aide Huma Abedin said in a legal proceeding that Clinton did not want the State Department emails that she sent and received on her private computer server to be accessible to "anybody," according to transcripts released Wednesday. Her comments provided new insights into the highly unusual decision by the presumptive Democratic presidential candidate to operate a private email server in her basement to conduct government business as secretary of state
Hillary Clinton's email story continues to get harder and harder to believe (Washington Post via Alaska Dispatch News) On Monday night, the Associated Press published a piece noting the release of an additional 165 pages of emails Hillary Clinton sent from her private email address while serving as secretary of state. These were emails that had never been previously released and only were made public because of a court order in response to a request from a conservative group
ZTE wins extended reprieve from US export ban (Telecomasia) ZTE has won an extended reprieve from the US export restrictions imposed on the vendor for allegedly violating sanctions on trading with Iran
Man arrested after Twitter threats are made against U.S. senators (Washington Post) A federal judge has banned a Virginia man from using Twitter after he was charged with making threats directed at Republican senators and other members of Congress using the social media platform
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
Black Hat USA (Las Vegas, Nevada, USA, Aug 1 - 6, 2015) Black Hat — built by and for the global InfoSec community — returns to Las Vegas for its 18th year. This six day event begins with four days of intense Trainings for security practitioners of all levels (August 1-4) followed by the two-day main event including over 100 independently selected Briefings, Business Hall, Arsenal, Pwnie Awards, and more (August 5-6)
Upcoming Events
SANS Salt Lake City 2016 (Salt Lake City, Utah, USA , Jun 27 - Jul 2, 2016) We are pleased to invite you to SANS Salt Lake City 2016, June 27-July 2. Are you ready to immerse yourself in the most intense cyber training experience available anywhere? Do you need to become a more effective leader when implementing security improvements for your organization? Do you need a more in-depth knowledge of the theory and implementation of computer security, hacker tools and incident handling, advanced digital forensics, defending web apps, or ISC/SCADA? This new event has been planned to meet your needs. Start making your plans now to attend SANS Salt Lake City 2016!
CyberTech (Beverly Hills, California, USA, Jun 30, 2016) Since 2014, CyberTech has served as one of the largest cyber solutions events around the globe. From Tel Aviv, to Singapore and Toronto, CyberTech is one of the most popular networking events for industry leaders and government decision-makers on cybersecurity, technology, innovation and investment. CyberTech Tel Aviv, the largest cyber solutions event outside of the U.S., features over 12,000 participants annually from over 50 nations, including hundreds of exhibiting companies and startups from around the globe.
DC / Metro Cyber Security Summit (Washington, DC, USA, Jun 30, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. This educational and informational forum will focus on educating attendees on how to best protect highly vulnerable business applications and critical infrastructure. Attendees will have the opportunity to meet the nation’s leading solution providers and discover the latest products and services for enterprise cyber defense.
TECHEXPO Cyber Security Hiring Event (Tysons Corner, Virgina, USA, Jun 30, 2016) Cyber security professionals are invited to interview face-to-face with employers including The CIA, Deloitte, Intel Security, Northrop Grumman, Lockheed Martin, Deloitte, Vencore and many more. Hundreds of career opportunities are available in cyber security that need to be filled immediately. Bring copies of your resume with you and interview in person, representing yourself better than any online application ever could.
ISS World South Africa (Johannesburg, South Africa, Jul 10 - 12, 2016) ISS World South Africa is the world's largest gathering of Southern Africa Law Enforcement, Intelligence and Homeland Security Analysts as well as Telecom Operators responsible for Lawful Interception, Hi-Tech Electronic Investigations and Network Intelligence Gathering. ISS World Programs present the methodologies and tools for Law Enforcement, Public Safety and Government Intelligence Communities in the fight against drug trafficking, cyber money laundering, human trafficking, terrorism and other criminal activities conducted over today's telecommunications network and the Internet.
Insider Threat Program Development Training (Washington, DC, USA, Mar 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC. For a limited time the training is being offered at a discounted rate of $795. The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained a substantial number of organizations and has become the "Go To Company" for Insider Threat Program Development Training
SINET Innovation Summit 2016 (New York, New York, USA, Jul 14, 2016) “Connecting Wall Street, Silicon Valley and the Beltway.“ SINET Innovation Summit connects America’s three most powerful epicenters and evangelizes the importance of industry, government and academic collaboration on joint research initiatives. The opportunity to bring practitioners and theory together to discuss fundamental Cybersecurity challenges is critical to the advancement of innovation in the Cybersecurity domain. This summit is designed to reinvigorate public-private partnership efforts and increase relationships that foster the sharing of information and joint collaboration on Cybersecurity research projects
Insider Threat Program Development Training (Washington, DC, USA, Mar 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC. For a limited time the training is being offered at a discounted rate of $795. The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained a substantial number of organizations and has become the "Go To Company" for Insider Threat Program Development Training
CyberSec 2016 (New York, New York, USA, Jul 19, 2016) Ask any bank CEO in the U.S. what keeps them up at night and cybersecurity is bound to be in the top five. Maybe even no. 1. And while the threat matrix is evolving rapidly, along with the regulatory demands, so are the technology tools available to help meet them. This one-day conference will take a big-picture look at the threats facing banks today and tomorrow, and offer insights on how to combat them.
Nominations are now open: National Cyber Security Hall of Fame (Baltimore, Maryland, USA (nominations submitted online), Jul 20, 2016) The Cyber Security Hall of Fame "Respect the Past - Protect the Future" accepts nominations from companies and organizations that are engaged in, and committed to, the growth of the cyber security industry. Each of the nominators can submit nominations in the following categories or combination of categories: Technology, Policy, Public Awareness, Education, and Business.
Insider Threat Program Development Training (Washington, DC, USA, Mar 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC. For a limited time the training is being offered at a discounted rate of $795. The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained a substantial number of organizations and has become the "Go To Company" for Insider Threat Program Development Training
Billington Global Automotive Cybersecurity Summit (Detroit, Michigan, USA, Jul 22, 2016) Billington Cybersecurity, an independent conference company focused exclusively on cybersecurity seminars, announces the first global summit that brings together the most senior government and industry experts to examine cyber security in the automotive industry. The Chairman and CEO of General Motors, Mary Barra, U.S. Transportation Secretary Anthony Foxx, U.S. Senator Gary C. Peters and Lyft CEO and Co-Founder Logan Green will discuss industry and government insights on automotive cybersecurity.
Community College Cyber Summit (3CS) (Pittsburgh, Pennsylvania, USA, Jul 22 - 24, 2016) The third annual Community College Cyber Summit (3CS) is organized and produced by six Advanced Technological Education (ATE) centers funded by the National Science Foundation (NSF) and involved in cybersecurity. 3CS meets the perceived need for a national academic conference that focuses exclusively on cybersecurity education at the community college level. Faculty, administrators, and other stakeholders in community college cybersecurity education are invited and encouraged to attend
SANS ICS Security Summit & Training — Houston 2016 (Houston, Texas, USA, Jul 25 - 30, 2016) SANS has joined forces with industry leaders and experts to strengthen the cybersecurity of Industrial Control Systems (ICS). The initiative is turning ICS cybersecurity around by equipping both security professionals and control system engineers with the security awareness, work-specific knowledge, and hands-on technical skills they need to secure automation and control system technology. Register now for these ICS skills based courses.
SANS San Jose 2016 (San Jose, California, USA , Jul 25 - 30, 2016) Information security training is coming to Silicon Valley from SANS Institute, the global leader in information security training. At SANS San Jose 2016, July 25-30, 2016, choose from 7 hands-on, immersion-style cybersecurity training courses taught by real-world practitioners. We will see you at The Westin San Jose, located in the heart of downtown San Jose. Now is the time to improve your information security skills. SANS San Jose 2016 features comprehensive hands-on technical training from some of the best instructors in the industry and includes several courses that will prepare you or your technical staff for DoD 8570 and GIAC approved certification exams. Start making your plans to attend now!
AfricaHackOn (Nairobi, Kenya, Jul 28 - 29, 2016) What began as a casual meet up for information security professionals has become one of the formidable forces in the profession. That group is the AfricaHackOn. Housed under its parent umbrella, Euclid Consultancy Ltd, AH as fondly known, has traversed all odds to becoming a leading venture in raising awareness on matters affecting cyber security and also grooming upcoming talent into the job market. We have been poised to becoming a one stop shop for talent and resources in a field greatly short staffed.