Ukraine's central bank warned of SWIFT risk in April. Palo Alto takes down Iran's Infy. Possible breach at Shriram Life Insurance. Conficker hits medical devices. Mass General patient info breached. NERC cyber standards take effect today.
Ukraine’s central bank flagged the risk of SWIFT-based funds-transfer fraud in April, Reuters reports. Confidential communication warned lenders to be on their guard and upgrade security.
Palo Alto Networks has taken down the infrastructure used by an Iranian group to spread Infy cyber-espionage tools, a welcome but probably temporary respite for those targeted.
The quality and provenance of the health insurance data DarkOverlord is selling in the RealDeal dark web souk remain controversial. InfoRiskToday reports another possible insurance breach, this one involving India’s Shriram Life Insurance. Third parties claim they’ve confirmed the incident; Uttar Pradesh police await the firm’s disclosure before they begin their own investigation.
Massachusetts General Hospital discloses a breach affecting 4300 patients. A third-party (a dental patient scheduling software vendor) is thought to be the origin of the breach, which affects records, not devices.
But medical devices are also under attack, in large part because of their potential to compromise sensitive patient information. TrapX Labs reports seeing a wave of IoT device hacks using the venerable Conficker worm.
Popular Russian social networking site Sprashivai (Infosecurity Magazine compares it to Yahoo! Answers) has been compromised. It’s using an injected iFrame to redirect users to the RIG exploit kit, which installs the SmokeLoader Trojan (typically associated with credential theft and click fraud).
Observers still believe Guccifer 2.0 (despite denials) is a denial-and-deception operation, but they also wonder why the Russians would bother.
The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) V5 standards go into effect today.
And a note to our readers: the CyberWire will not publish Monday, as we celebrate Independence Day. We'll be back as usual on Tuesday, July 5.
Notes.
Today's issue includes events affecting Australia, Brazil, China, European Union, India, Indonesia, Japan, Democratic Peoples Republic of Korea, Republic of Korea, Pakistan, Russia, Turkey, Ukraine, United Kingdom, and United States.
Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we'll hear from John Leiseboer of QuintessenceLabs on key management within a security framework. And we'll have two experts tell us about DevOps: eGlobalTech's Branko Primetica and Cybric's Mike Kail.
(Remember, we welcome reviews. Please consider reviewing our podcast on iTunes. Thanks.)
Cyber Attacks, Threats, and Vulnerabilities
Ukraine central bank flagged cyber-attack in April: memo (Reuters via Euronews) Ukraine’s central bank urged lenders in April to review security procedures, saying thieves had attempted to steal money from a Ukrainian bank using fraudulent SWIFT transfers, according to a confidential message obtained by Reuters
Researchers dismantle decade-long Iranian cyberespionage operation (CIO) The group infected more than 300 computers in 35 countries with information-stealing malware
Hacker puts more than 9M health care records up for sale on the dark web (FedScoop) "There is not enough evidence to determine whether or not the data was obtained using ransomware," OWL Cybersecurity's CEO says
Shriram Life Insurance Servers Hacked? (InfoRiskToday) Alleged hackers dump massive archive of critical data
Top Russian Site Exposes Millions to Info-Stealing Malware (Infosecurity Magazine) Sprashivai, a popular Russian Q&A and social networking site similar to Yahoo! Answers, has been compromised by an actor attempting to silently redirect users to the RIG Exploit Kit via an injected iFrame
DNC hacker Guccifer 2.0 denies Russian links and mocks security firms (CIO) The DNC breach included confidential files, including campaign, foreign policy documents
Over 100 DDoS botnets built using Linux malware for embedded devices (CSO) Default and hard-coded credentials have led to the compromise of thousands of Internet-of-Things devices
Over 100 Snooping Tor Nodes Have Been Spying on Dark Web Sites (Motherboard) Just like the internet generally, not all of the Tor network is safe. Sometimes, people set up malicious exit nodes—the part of the network where a user's traffic joins the rest of the normal web—in order to spy on what users are up to
Hackers: Ditch the malware, we're in... Just act like a normal network admin. *Whistles* (Register) Nmap in hand, they're soon working pwned systems like a boss - study
Conficker Used in New Wave of Hospital IoT Device Attacks (Threatpost) Internet-connected medical devices such as MRI machines, CT scanners and dialysis pumps are increasingly being targeted by hacker seeking to steal patient medical records from hospitals. Attackers consider the devices soft digital targets, seldom guarded with same security as client PCs and servers within hospitals
Are hospital security standards putting patient safety at risk? (CSO) Is the need to secure patient data keeping healthcare facilities from focusing on patient safety? Ted Harrington from Independent Security Evaluators joins CSO to discuss how research finds hospitals are coming up short in safeguarding vulnerable medical devices
Massachusetts General Hospital data breach affects 4.3K patients (SC Magazine) Fingers are pointing at a third-party vendor as the culpable party behind the exposure of personally identifiable information of 4,300 patients of Massachusetts General Hospital (MGH)
Hackers are coming for your healthcare records -- here’s why (CSO) 1 in 13 patients will have their records stolen after a healthcare provider data breach
“Beaver Gang Counter” malware ejected from Play Store (Naked Security) Here’s another cautionary tale from Google Play. The good news is that the malware in this story has now been removed by Google; the website it used to collect stolen data is offline; and a cautious user would probably have avoided the app in the first place
Brazilians Migrate to Telegram, Cybercriminals Follow Suit (TrendLabs Security Intelligence Blog) Staple product offerings like online banking Trojans and tutorials for aspiring cybercriminals are still being peddled in the Brazilian underground market. While old crimeware remain the same, we observed that these young and brazen cybercriminals (two words that aptly describe the Brazilian cybercriminals of today), have switched communication platforms
This mobile Trojan from China fills your phone with porn apps (CSO) "Hummer" has become the world's biggest mobile Trojan threat
Skycure Report Finds at Least One iPhone in Every Large Enterprise Is Infected With Malware (MarketWired) Android devices are twice as likely to have malware as iOS devices
Kaspersky: Ransomware that encrypts is booming (Network World) Android mobile ransomware is on the rise, too
Why Twitter Can’t Even Protect Tech CEOs From Getting Hacked (BuzzFeed) Third-party authentication is still a security nightmare for Twitter
Some social engineering skills and Facebook will gift your account to hackers (Hack Read) Hacker sent fake passport to Facebook and hacks someone else’s account without even having access to victim’s email or password
It's not paranoia: Hackers can use your webcam to spy on you (Financial Review) Mark Zuckerberg of Facebook does it. So does FBI Director James Comey. Should you?
Turkish Hacker Defaces Arizona State Representatives and Legislature Sites (Hack Read) A football loving Turkish hacker defaced high-profile us government websites belonging to the State of Arizona, Arizona House of Representatives and Arizona Legislature
Fake-terror hides cyber attack (Courier) A Ballarat woman is warning residents not to be fooled by a highly sophisticated malware attack that draws people in through fake news reports claiming there has been a massacre in Ballarat
Security Patches, Mitigations, and Software Updates
Foxit Patches 12 Vulnerabilities in PDF Reader (Threatpost) Foxit patched a dozen vulnerabilities in its PDF reader software this week, more than half of which could allow an attacker to directly execute arbitrary code on vulnerable installations of the product
Cyber Trends
APT and why I don't like the term (SANS Internet Storm Center) In May 2015, I wrote a dairy describing a "SOC analyst pyramid." It describes the various types of activity SOC analysts encounter in their daily work. In the comments, someone stated I should've included the term "advanced persistent threat" (APT) in the pyramid. But APT is supposed to describe an adversary, not the activity
Almost One-Third of Cyber Security Professionals Surveyed Admit to Compromising Ethics to Pass Audits (Yahoo! Finance) Over-stretched IT security pros spend more time fire-fighting than doing meaningful security work
Encryption, wiretaps and the Feds: THE TRUTH (Register) New US report suggests fewer peeps are using crypto but it's probably the other way around
Most are unable to control user activity in their IT infrastructure (Help Net Security) A majority of organizations report that they lack visibility into their cloud infrastructure, file shares, user activity and mobile devices, greatly impacting data security and system uptime, according to Netwrix
As threats evolve, faster response times are essential (Help Net Security) Two thirds of respondents to a global survey by the Business Continuity Institute reported that they had experienced at least one cyber incident during the previous twelve months, and 15% reported they had experienced at least ten incidents during the same period
Risks of working with untraceable documents (Help Net Security) An overwhelming majority of professionals are dealing with document-related productivity challenges associated with the inability to locate and track documents, control versions, efficiently complete reviews and approvals, and maintain information security, according to the BPI Network
Time, not technology, should be your cyber security weapon (Channelnomics) 2112 Group's Larry Walsh kicks off Channelnomics' cyber security conference
Big Data Breaches Shouldn’t be a Concern for Small Business (but They Still are) (Dataconomy) Big data breaches aren’t going away any time soon and the recent revelation that Russia’s criminal underworld is in possession of account data for 272.3 million people is a testament to that
Check Point Research Shows Corporate-Targeting Malware Families Continue to Grow, while African Countries Demonstrate Volatility in Threat Rankings (EIN) Check Point® Software Technologies Ltd. (NASDAQ: CHKP) (www.CheckPoint.com) has published its latest Threat Index for May 2016, revealing that the number of active global malware families increased by 15 percent in May 2016
Marketplace
Is One Researcher's Success at Finding Flaws Putting AV Future in Doubt? (eWeek) Security researcher Tavis Ormandy once again has found "many" holes in a security vendor's products—this time Symantec's antivirus tools—but that's not necessarily a bad thing
Symantec’s Woes Expose the Antivirus Industry’s Security Gaps (Wired) This week, Google security researcher Tavis Ormandy announced that he’d found numerous critical vulnerabilities in Symantec’s entire suite of anti-virus products. That’s 17 Symantec enterprise products in all, and eight Norton consumer and small-business products. The worst thing about Symantec’s woes? They’re just the latest in a long string of serious vulnerabilities uncovered in security software
As Outsourcing Grows, Asia Still Needs CISOs (InfoRiskToday) Zscaler's Scott Robertson on changing security leadership needs
Former FBI Deputy Director Timothy P. Murphy thinks cyber firms should focus on this big issue (Geektime) On a recent trip to Israel’s Cyber Week, Timothy P. Murphy explained how security startups can get noticed and what is lacking in the industry
Cyber Week in Tel Aviv explored the biggest trends in an exploding industry (Geektime) In one of the largest annual gatherings of cyber security professionals, major figures addressed the industry’s biggest challenges and areas for growth
FireEye: Recent Events Hint At Bright Future (Seeking Alpha) FireEye's recent management shift and reported buyout rejections hint at a hopeful future. Despite FireEye's large growth potential, the company is still facing many near-term difficulties. If FireEye is able to get its finances under control, the company has an extremely promising future in the fast-growing cyber security industry
Infoblox nommé le leader du marché du DNS (Global Security Magazine) Infoblox Inc. annonce la reconnaissance de son leadership sur le marché du DNS. Le rapport IDC révèle ainsi que la part de marché d’Infoblox a atteint près de 50 % en 2015 en ce qui concerne le DNS, le DHCP (le serveur/service délivrant des adresses IP aux ordinateurs), et les solutions de gestion des adresses IP (DDI)
This Mystery Investor Helped Push Cylance Into the 'Unicorn' Club (Fortune) And a big bank participated in the anti-virus startup’s $100 million funding round
Dell gets out of the Android business, and everything old is new again (Ars Technica) Company will stop updating Android tablets and focus on 2-in-1 Windows PCs
NCI Wins U.S. Cyber Command SAIC Subcontract (Defense Daily) NCI, Inc. was awarded an indefinite-delivery, indefinite-quantity (IDIQ) contract to provide cybersecurity services to U.S. Cyber Command as a subcontractor to Science Applications International Corp. [SAIC], NCI said Thursday
PhishLabs Recognized as One of the Best Places to Work (PR Rocket) Fast-growing, Charleston-based cybersecurity company is named a top employer in South Carolina
Tenable Network Security Names Stephen Riddick as General Counsel (BusinessWire) Riddick’s experience with high-growth and global companies to help Tenable scale to meet expanding market opportunities
Justin Dolly Joins Malwarebytes as the Company’s First Chief Information Security Officer (BusinessWire) Dolly brings proven security innovation and leadership to one of the fastest-growing companies in Silicon Valley
Products, Services, and Solutions
ThreatTrack Launches ThreatSecure Network Advanced Threat Defense Platform as a Managed Protection Service (PRNewswire) ThreatSecure as a Service™ offered through partnership with managed security services provider SecurView™
Container Security Stepping Up to the Plate (ServerWatch) It's a measure of a technology platform's maturity when there's a widespread ecosystem of security software built around it
Russian banks using Gemalto OTPs, Infineon releases BLE design (Secure ID News) Gemalto supplies Russian banks with OTP tech
KDDI in Japan selects Gemalto’s Connected cars and IoT solution (Smart Card Alliance) Solution includes remote subscription management and embedded SIM
Exabeam Joins FireEye Cyber Security Coalition (MarketWired) Exabeam user and entity behavior analytics supports a leading ecosystem designed to increase customer security
Technologies, Techniques, and Standards
CIP V5 Transition Program (NERC) NERC is committed to protecting the bulk power system against cybersecurity compromises that could lead to misoperation or instability. On November 22, 2013, FERC approved Version 5 of the critical infrastructure protection cybersecurity standards (CIP Version 5), which represent significant progress in mitigating cyber risks to the bulk power system
xDedic: What to Do If Your RDP Server Was Pwned (InfoRiskToday) Advice on guarding against stolen credentials misuse and related risks
How to enhance protection of your surveillance system against cyber attacks (CSO) Find out if someone is looking in on you when you are looking out at them
How To Use Threat Intelligence Intelligently (Dark Reading) Sometimes it's about a beer, but it's mainly about being prepared before opening the threat intel floodgates
Analyze your data: Where is it and who has it? (Help Net Security) It is becoming widely recognized that “unknown” data leakage of PCI data, and more broadly other Personally Identifiable Information, within enterprises is the highest value target for the bad guys
4 Ways Companies Protect Their Data From Their Own Employees (Fortune) “Insider threat,” the phenomenon of employees going bad, has become a key focus of corporate security departments, as companies become increasingly aware of how much damage an angry staffer or contractor can do by stealing or leaking intellectual property or other confidential data
Setting up Two-Step Verification on your Amazon account (Naked Security) I admit I am not a fan of shopping, but if it has to be done, I vastly prefer to do it online. Nowadays the vast majority of my household purchases arrive in an Amazon box (apologies to my UPS delivery driver)
Is Your Agency’s Security Up To Scratch? (Bandt) If CSI Cyber and Mr Robot have taught us anything, it is that there are plenty of black hat hackers who are out to get big companies for little reason beyond maliciousness or personal gain, says this guest poster, marketer & producer with Five by Five Sydney, Louis Petrides
Vermont Guard gears up for major cyber exercise (Defense Systems) The Vermont National Guard is gearing up for a cyber exercise to test its cyber warriors and civilian agencies in various aspects of cyber defense and response in the event of an attack on critical infrastructure. And Vermont’s units are looking for a cyber range to help them prepare
Design and Innovation
How Oracle’s business as usual is threatening to kill Java (Ars Technica) Oracle's silence about Java EE has brought developer community distrust to a fever pitch
Research and Development
Liar, liar, email on fire: the security value of lie detecting algorithms (SC Magazine) Researchers have developed a method of identifying linguistic clues in electronic communications that could point to possible cases of deception. Could lie-detecting algorithms reduce the impact of phishing emails?
How online learning algorithms can help improve Android malware detection (Help Net Security) A group of researchers from Nanyang Technological University, Singapore, have created a novel solution for large-scale Android malware detection
Legislation, Policy, and Regulation
This is South Korea’s elite cyber army that fights North Korea (MarketWatch) Thirty new students are trained each year to defend South Korea from attacks by its communist enemy
China is crushing the U.S. in 'economic warfare' (CNN Money) As China has risen to become the world's No. 2 economy, it has repeatedly used its business and financial clout to get what it wants on the world stage, say foreign policy experts Robert Blackwill and Jennifer Harris
Islamic State applauds the British: ‘Brexit threatens the unity of Crusader Europe’ (Washington Post) Earlier this year, the Islamic State released a chilling video in which it directly threatened attacks on Britain
Cybercrime bill to give PTA power to censor Internet (Pakistan Today) The government’s new cyber crime bill may finally permit the Pakistan Telecommunication Authority (PTA) the authority to manage, remove or block content on the Internet
The formation of [Indonesian] national cyber agency (Antara News) The establishment of the National Cyber Agency, which began three years ago with the arrival of the Cyber Desk in the Coordinating Ministry for Political, Legal and Security Affairs (Kemenko Polhukam), is now rumored to have been cancelled
U.S. needs to publicly attribute cyberattacks, former House intel chair says (FedScoop) Former Michigan GOP Rep. Michael Rogers said it wasn't reasonable to expect private sector firms to defend against nation-state hackers, and the government should say so
Time is short to stop expansion of FBI hacking, senator says (CSO) 'Inaction is what Congress does best,' Wyden says
Clinton cyber agenda includes emphasis on federal acquisition policy (Inside Cybersecurity) Presumptive Democratic presidential nominee Hillary Clinton would strengthen cybersecurity by prioritizing enforcement of standards for federal networks and contractors, and increasing discovery of cyber vulnerabilities, according to Clinton's new technology and innovation agenda
Senate confirms new Navy Fleet Cyber commander (C4ISRNET) The Senate on June 29 confirmed Rear Adm. Michael Gilday as the next commander of the Navy’s 10th Fleet/Fleet Cyber Command and promotion to vice admiral, according to congressional records
Litigation, Investigation, and Law Enforcement
Facebook has funds frozen in Brazil in another WhatsApp encrypted data dispute (TechCrunch) Around $6 million in Facebook’s Brazilian bank account has been frozen on court order in another dispute about encrypted data involving local police authorities and Facebook-owned messaging app WhatsApp, according to the local Globo G1 news service
Top court green-lights surveillance of Japan's Muslims (AL Jazeera) Legal challenge to police profiling of North Asian country's Islamic population dismissed by Supreme Court
Google found not guilty of stuffing kids with tracking cookies (Naked Security) In the US, it’s illegal to gather the personal information of children under the age of 13 without informing parents and getting their permission
FBI seeking to prevent disclosure of information about Orlando shooting (Washington Post) In the wake of the horrific attack on the Pulse nightclub, the Justice Department initially released a redacted transcript of one of the shooter’s 911 calls. Although that decision was quickly reversed, the Justice Department is still seeking to prevent the disclosure of information related to the shooter’s contacts with local law enforcement during the attack and standoff with the police, including information that is supposed to be publicly available under Florida law
Top Clinton aide was “frustrated” with her boss’ e-mail practices (Ars Technica) Abedin pushed Clinton to use State e-mail after a missed call with foreign secretary
Lynch meeting with Bill Clinton creates firestorm for email case (The Hill) The private meeting between Attorney General Loretta Lynch and former President Bill Clinton has created a political firestorm, fueling criticism of the Justice Department’s investigation into Hillary Clinton’s private email server
No decision after hearing for UK man accused of hacking FBI, NASA (Ars Technica) US seeks extradition of Lauri Love, who is also accused of breaching the Fed
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
Cybercon 2016 (Washington, DC, USA, Nov 16, 2016) The forum for dialogue on strategy and innovation to secure defense and government networks, as well as private-sector networks that hold their sensitive data.
Upcoming Events
SANS Salt Lake City 2016 (Salt Lake City, Utah, USA , Jun 27 - Jul 2, 2016) We are pleased to invite you to SANS Salt Lake City 2016, June 27-July 2. Are you ready to immerse yourself in the most intense cyber training experience available anywhere? Do you need to become a more effective leader when implementing security improvements for your organization? Do you need a more in-depth knowledge of the theory and implementation of computer security, hacker tools and incident handling, advanced digital forensics, defending web apps, or ISC/SCADA? This new event has been planned to meet your needs. Start making your plans now to attend SANS Salt Lake City 2016!
ISS World South Africa (Johannesburg, South Africa, Jul 10 - 12, 2016) ISS World South Africa is the world's largest gathering of Southern Africa Law Enforcement, Intelligence and Homeland Security Analysts as well as Telecom Operators responsible for Lawful Interception, Hi-Tech Electronic Investigations and Network Intelligence Gathering. ISS World Programs present the methodologies and tools for Law Enforcement, Public Safety and Government Intelligence Communities in the fight against drug trafficking, cyber money laundering, human trafficking, terrorism and other criminal activities conducted over today's telecommunications network and the Internet.
Insider Threat Program Development Training (Washington, DC, USA, Mar 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC. For a limited time the training is being offered at a discounted rate of $795. The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained a substantial number of organizations and has become the "Go To Company" for Insider Threat Program Development Training
SINET Innovation Summit 2016 (New York, New York, USA, Jul 14, 2016) “Connecting Wall Street, Silicon Valley and the Beltway.“ SINET Innovation Summit connects America’s three most powerful epicenters and evangelizes the importance of industry, government and academic collaboration on joint research initiatives. The opportunity to bring practitioners and theory together to discuss fundamental Cybersecurity challenges is critical to the advancement of innovation in the Cybersecurity domain. This summit is designed to reinvigorate public-private partnership efforts and increase relationships that foster the sharing of information and joint collaboration on Cybersecurity research projects
Insider Threat Program Development Training (Washington, DC, USA, Mar 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC. For a limited time the training is being offered at a discounted rate of $795. The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained a substantial number of organizations and has become the "Go To Company" for Insider Threat Program Development Training
CyberSec 2016 (New York, New York, USA, Jul 19, 2016) Ask any bank CEO in the U.S. what keeps them up at night and cybersecurity is bound to be in the top five. Maybe even no. 1. And while the threat matrix is evolving rapidly, along with the regulatory demands, so are the technology tools available to help meet them. This one-day conference will take a big-picture look at the threats facing banks today and tomorrow, and offer insights on how to combat them.
Nominations are now open: National Cyber Security Hall of Fame (Baltimore, Maryland, USA (nominations submitted online), Jul 20, 2016) The Cyber Security Hall of Fame "Respect the Past - Protect the Future" accepts nominations from companies and organizations that are engaged in, and committed to, the growth of the cyber security industry. Each of the nominators can submit nominations in the following categories or combination of categories: Technology, Policy, Public Awareness, Education, and Business.
Insider Threat Program Development Training (Washington, DC, USA, Mar 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC. For a limited time the training is being offered at a discounted rate of $795. The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained a substantial number of organizations and has become the "Go To Company" for Insider Threat Program Development Training
Billington Global Automotive Cybersecurity Summit (Detroit, Michigan, USA, Jul 22, 2016) Billington Cybersecurity, an independent conference company focused exclusively on cybersecurity seminars, announces the first global summit that brings together the most senior government and industry experts to examine cyber security in the automotive industry. The Chairman and CEO of General Motors, Mary Barra, U.S. Transportation Secretary Anthony Foxx, U.S. Senator Gary C. Peters and Lyft CEO and Co-Founder Logan Green will discuss industry and government insights on automotive cybersecurity.
Community College Cyber Summit (3CS) (Pittsburgh, Pennsylvania, USA, Jul 22 - 24, 2016) The third annual Community College Cyber Summit (3CS) is organized and produced by six Advanced Technological Education (ATE) centers funded by the National Science Foundation (NSF) and involved in cybersecurity. 3CS meets the perceived need for a national academic conference that focuses exclusively on cybersecurity education at the community college level. Faculty, administrators, and other stakeholders in community college cybersecurity education are invited and encouraged to attend
SANS ICS Security Summit & Training — Houston 2016 (Houston, Texas, USA, Jul 25 - 30, 2016) SANS has joined forces with industry leaders and experts to strengthen the cybersecurity of Industrial Control Systems (ICS). The initiative is turning ICS cybersecurity around by equipping both security professionals and control system engineers with the security awareness, work-specific knowledge, and hands-on technical skills they need to secure automation and control system technology. Register now for these ICS skills based courses.
SANS San Jose 2016 (San Jose, California, USA , Jul 25 - 30, 2016) Information security training is coming to Silicon Valley from SANS Institute, the global leader in information security training. At SANS San Jose 2016, July 25-30, 2016, choose from 7 hands-on, immersion-style cybersecurity training courses taught by real-world practitioners. We will see you at The Westin San Jose, located in the heart of downtown San Jose. Now is the time to improve your information security skills. SANS San Jose 2016 features comprehensive hands-on technical training from some of the best instructors in the industry and includes several courses that will prepare you or your technical staff for DoD 8570 and GIAC approved certification exams. Start making your plans to attend now!
AfricaHackOn (Nairobi, Kenya, Jul 28 - 29, 2016) What began as a casual meet up for information security professionals has become one of the formidable forces in the profession. That group is the AfricaHackOn. Housed under its parent umbrella, Euclid Consultancy Ltd, AH as fondly known, has traversed all odds to becoming a leading venture in raising awareness on matters affecting cyber security and also grooming upcoming talent into the job market. We have been poised to becoming a one stop shop for talent and resources in a field greatly short staffed.