What Guccifer 2.0 and the Bears were up to, hacking the DNC, and why you should care (trust us—you should). Attend ThreatConnect’s webinar to find out.
Twitter and Turkey's attempted coup. ISIS and former rivals announce target lists. US preps cyber ops against ISIS. Australia pursues cyber offensive capability. Ukrainian hacktivists claim action against Poland's MoD. More on Pokémon Go
news from the SINET Innovation Summit
The 2016 SINET Innovation Summit's sessions imparted considerable insight into government and industry perspectives on cyber security. As one would expect from a conference meeting in Manhattan, the venture capital and financial services sectors were particularly well represented, as were insurance and biotech. Our full report on the SINET Innovation Summit is linked below, but we would group the conference's key points into advice for CISOs and advice to start-ups.
To CISOs, the speakers and panelists would say, learn how to communicate about security issues in business language, which means above all to approach them and express them in terms of risk management. Boards are now very much alive to their responsibility for cybersecurity. It's no longer an issue to be bucked to audit committees, and they're ready to demand a high level of performance from CISOs. The advice from panelists (and speakers like Bay Dynamics CEO Feris Rifai) to CISOs who hope to exceed the notoriously short average tenure occupants of that job enjoy: understand that you're a risk manager, and talk to board in the language of business.
To start-ups, the advice from venture capitalists was equally direct: companies succeed if they can execute, if they're differentiated from the very large field of competitors, and if they have market space. Absent these, they fail, and entrepreneurs should bear in mind that their goal is creation of a sustainable business, not the raising of large amounts of capital. CISOs of large organizations that are customers of security start-ups seconded the point about differentiation. An early-stage company should have, and be able to demonstrate, that it solves problems in ways the competition cannot match. And both investors and customers emphasized that security is "a relationship business": they want to know a company's founders (because "talent attracts talent") and they value referrals from people they trust greatly (a solid recommendation gets you in the door; a cold call won't).
Our report on the 2016 SINET Innovation Summit may be found here. It's worth noting how SINET is expanding internationally. They've been to London, and they're headed for Australia. SINET61 will be convene in Sydney on September 13, 2016.
Turkey’s government put down an apparent coup d’état over the weekend. A purge of the judiciary and security forces is in progress as President Erdoğan reasserts authority. The incident was tracked on Twitter, which, ironically, given the government’s at best ambivalent policies with respect to social media, seems to have significantly contributed to the President’s ability to prevail over the attempt.
ISIS names more people as targets. Once-and-future ISIS opponent and Iraqi Shi’ite leader Moqtada al-Sadr suggests that US forces deploying to the region to fight ISIS will be considered “targets” by his “Peace Brigades.” Analysts wrestle with the difficulty of distinguished terrorists from the “simply deranged,” as the New York Times puts it. Some think “terrorist” is used too expansively; others argue that, given ISIS and similar groups’ calculated appeal to the disaffected, this is a distinction without a difference.
The US military limbers up cyberattack options against ISIS.
Australia embarks on development of extensive, avowed, cyber offensive capabilities.
A Ukrainian nationalist faction—anti-Russian but not happy about NATO, either—claims responsibility for a cyberattack on Poland’s Defense Ministry.
Ransomware continues its career through corporate networks, with Russian gang-controlled “Wildfire” representing a novel strain. But old variants of malware still comprise the dominant forms of malicious code in circulation: Conficker's #1, Sality's #2, but Hummingbad has risen into third place, as Check Point sees the leader board.
Pokémon Go now amounts to both a cyber-physical security phenomenon (and the latest chapter in the history of the madness of crowds).
Notes.
Today's issue includes events affecting Australia, Belgium, Djibouti, France, India, Indonesia, Iraq, Kenya, Poland, Russia, Syria, Thailand, Turkey, Ukraine, United Kingdom, and United States.
A note to our readers: This Friday we'll be in Detroit, for the first annual Billington Global Automotive Cybersecurity Summit. Watch for live-tweets from the event, and a full report published here next week.
Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day. Today our partners at Quintessence Labs are represented by John Leiseboer, who'll discuss the challenges of interoperability. We'll also be speaking with our guest, Deloitte’s Emily Mossburg, who'll give us an overview of her firm's latest cybersecurity report, "Beneath the Surface." (Remember, if you like our podcast, consider giving it an iTunes review. We appreciate the feedback.)
New York: the latest from the SINET Innovation Summit
The SINET Innovation Summit: "Connecting Wall Street, Silicon Valley and the Beltway" (The CyberWire) The SINET Innovation Summit, which met in New York City last Thursday, offered advice for security entrepreneurs from experts in the Government, from investors, and from alpha customers. It also offered an opportunity for entrepreneurs to return some advice of their own
Cyber Attacks, Threats, and Vulnerabilities
Watching the Attempted Turkish Coup Unfold on Twitter (Wired) First came the images of bridges blocked by Turkish military, soldiers and trucks lining both byways over the Bosphorus in Istanbul. In America, Twitter exploded with speculation that something big was happening. Newspapers had nothing, and TV stations were mum as journalists on the ground scrambled to gather facts. Only Twitter, as is so often the case with breaking news, let the world know that tanks were rolling through street and jets were flying over cities
More than 300 state employees named as ISIS targets (Boston Herald) Federal and state authorities are watching closely for any threats to nearly 300 state employees named in an online post yesterday by United Cyber Caliphate, a cyber affiliate of ISIS
Iraqi Shi'ite cleric tells followers to target U.S. troops fighting Islamic State (Reuters) Powerful Shi'ite Muslim cleric Moqtada al-Sadr instructed his followers on Sunday to target U.S. troops deploying to Iraq as part of the military campaign against Islamic State
In the Age of ISIS, Who’s a Terrorist, and Who’s Simply Deranged? (New York Times) In December 2014, a middle-aged man driving a car in Dijon, France, mowed down more than a dozen pedestrians within 30 minutes, occasionally shouting Islamic slogans from his window
Ukrainian Nationalists Claim Cyberattack on Polish Defense Ministry (Defense News) A group of hackers that associates itself with the Ukrainian far-right political party Right Sector claims it has gained access to the servers of Poland’s Ministry of Defence, from where the group alleges to have collected classified information
Cyber attack brings down Thai government website (Thai Visa) A cyber attack by a Thai group opposed to the “Single Gateway” brought down a major government website yesterday
New Delilah Trojan Used to Blackmail Employees, Recruit Insiders (Softpedia) Crooks use trojan to turn workers to the Dark Side
Russian Devs Behind New WildFire Ransomware (Softpedia) WildFire ransomware wave currently hitting the Netherlands
Corporate Sector Is On Radar Of Crypto Malware: Kaspersky (CXO Today) The business segment is becoming a more and more attractive target for cipher-malware developers. According to a Kaspersky Lab report based on Kaspersky Security Network (KSN) data, every 10th Cypto-Ransomware attack is aimed at Corporate users
Ubuntu forums hacked (Register) Ubuntu maker Canonical says that its Linux distro's user forums have been hacked, and the usernames, IP addresses, and email addresses of roughly 2 million users have been swiped
Flaw in vBulletin add-on leads to Ubuntu Forums database breach (CSO) Hackers stole 2 million usernames and associated email addresses, but no passwords
Steemit Suffered Minor Cyber Attack, Bittrex Suspended Steem Transactions (Finance Magnates) Hacking attacks on cryptocurrency related ventures do not seem to ever slow down
HTTP Proxy Header Vulnerability ("httpoxy") (SANS Internet Storm Center) "HTTPoxy" refers to an older vulnerability in how web applications use the HTTP "Proxy" header incorrectly. The vulnerability was first described in 2001 in libwww-perl, but has survived detection in other languages and plugins until now. The vulnerability can be found in some popular implementations, but is not affecting the vast majority of web applications
Mobile Malware Threat Grows As HummingBad Infection Reaches 85m (TechWeek Europe) Depressing reading as active malware families grow and HummingBad infects 85 million Android devices
Compromised Joomla sites are foisting ransomware on visitors (Help Net Security) Administrators of WP and Joomla sites would do well to check for specific fake analytics code injected into their properties, as a ransomware delivery campaign taking advantage of vulnerable sites has been going strong for over a month now
Pokémon GO hype: First lockscreen tries to catch the trend (We Live Security) ESET has discovered the first ever fake lockscreen app on Google Play, named Pokemon GO Ultimate. As its characteristics suggest, it deliberately locks the screen right after the app is started, forcing the user to restart the device. Unfortunately, in many cases a reboot is not available because the activity of the malicious app overlays all the other apps as well as system windows. The user needs to restart the device either by pulling out the battery or using Android Device Manager. After reboot, it runs in the background hidden from the victim, silently clicking on porn ads online
Beware the fake Pokémon Go apps (TechCrunch) Earlier this month, the first Pokémon Go malware was spotted in the wild, but the app was not much of a threat to users as it never made it into the official Google Play store for download
Have you read Pokémon GO’s Terms of Service? You might want to (Help Net Security) As Pokémon GO becomes available in more and more countries, and is enthusiastically embraced by an increasingly larger number of users, we’re witnessing a wide array of dangers that go hand in hand with playing it
Pokemon GO servers back up after cyber attack (Fansided) Pokemon GO launched in 26 new countries today. The game servers also suffered through a possible cyber attack. A few hours after all this excitement, the game may be on the road to recovery
OurMine claims credit for attack on Pokemon Go servers (TechCrunch) Having trouble logging in to Pokemon Go this weekend? You’re not alone
PokemonGo Servers Go Offline; PoodleCorp Claims Responsibility (Hack Read) PokemonGo servers went offline earlier today and PoodleCorp hacking group claimed they were behind the attack
Pokemon Go players go mad as rare Pokemon appears in park (Telegraph) Bizarre footage shows hundreds of frenzied-looking people gathered at a park in downtown Washington in order to catch a rare Pokemon
‘Pokémon Go’ Is Invading America’s Military Sites (Motherboard) Pokémon Go has invaded America. Since launching on July 6, the free augmented reality game has prompted millions of users to explore places they ordinarily wouldn’t. That includes US military installations
Research Report: Tracking Seven Year's Evolution of the Enfal RAT (Verint) Read this exclusive research report to discover: first-ever disclosure of Enfal’s C2 communication protocols, in-depth analysis of advanced encryption and obfuscation techniques, full visibility into attack campaign, including list of victims, [and] global dispersion of Enfal’s operations from 2008-2015
KeyBase Keylogger Shuts Down, Author Says He'll Help Police Investigations (Softpedia) Crooks still using the keylogger in their campaigns
New Keylogger on the Block (Virus Bull) KeyBase is a trending payload in several of today’s malware groups. In fact, we have seen evidence that all of the Office exploit kits (MWI, AK-1, AK-2, DL-1 and DL-2) have been used to distribute it
Security firm clarifies power-station 'SCADA' malware claim (Register) It's not the next Stuxnet, says SentinelOne, it's just very naughty code
UK Rail Hit By Four Cyberattacks In One Year (InformationWeek) No disruption to rail network caused, hackers appear to be nation-states, says cybersecurity firm Darktrace
Car hacking: why cyber crime is a real threat (Telegraph) t’s 2020 and, as you start your premium family saloon for the morning commute, something is wrong. The 20in touchscreen is dead. Suddenly it flickers into life but instead of the usual map there’s a message: “Your car’s computer has been locked. We control your data, brakes and steering. To unlock your computer you’re obliged to pay a fine of $200”
Credit unions should beware of common cyber attack techniques (Credit Union Insight) Cyber criminals are continually evolving and perfecting their techniques to infiltrate systems and gather data for their own financial gain. By understanding fraudsters’ preferred strategies of attack, community financial institutions (FIs) can be more proactive with their fraud prevention strategies
Famous iPhone Hacker ‘Geohot’ Demos a Simple Computer Hack (iPhone Canada) George Hotz, the hacker known for unlocking the iPhone, rooting the PS3, and developing technology for self driving vehicles, has demonstrated a simple hack in a video produced by Viceland
Rio 2016: The world is watching, especially hackers (Help Net Security) Rio 2016 scamsWhen each nation’s best athletes compete at the Olympic Games, one city seemingly becomes the center of the universe. And while we look on closely—captivated by the event’s grandeur and its participants’ incredible skills—threat actors do the same, only for entirely different reasons
Hacker Selling Entire US Voters’ Registration Records on Dark Net (Hack Read) A hacker is selling US voters’ registration records on the dark net and looks like the U.S. Election Assistance Commission (EAC) has no clue
Hackers Selling Terrorist Database on Dark Web, Claiming its ‘Proven Legit’ (Hack Read) Hackers are selling Thomson Reuters world-check terrorist database on dark net — they claim the database is proven legit
Matrimonial Matching Site Shadi.com Hacked; Data Dumped Online (Hack Read) Shadi.com is the latest victim of the hacking spree against Muslim dating and matrimonial websites
University of Nairobi's cyber-attack contained, says CA (Standard) A cyber-attack on the University of Nairobi's social media sites has been contained
Is Twitter success of Trump and Clinton propped up by botnets and fake followers? (TechRepublic) Trump and Clinton have one thing in common: a massive contingent of zombie Twitter followers. The data suggests large numbers of followers may have been purchased
Security Patches, Mitigations, and Software Updates
Since you love Flash so much, Adobe now has TWO versions for you (Register) Which one is the secure one, you ask? Ha ha, you crack us up
Microsoft’s Windows RT security patch also stops you from loading Linux (Liliputing) It was big news when Microsoft announced it was working on a version of Windows that would run on tablets with ARM-based processors… but by the time Windows RT actually launched it was a lot less exciting. Devices like the Microsoft Surface and Surface 2 couldn’t run desktop Windows apps and weren’t significantly cheaper than Intel Atom-powered tablets running the full version of Windows, and they didn’t even get better battery life
Microsoft Edge will become faster and more secure thanks to new experimental features (Windows Report) Microsoft is planning to turn Edge into the fastest and most secure browser out there and is experimenting with some new features to achieve this goal
Cyber Trends
Demand for cloud data encryption creates CASB market growth (Help Net Security) The global cloud access security brokers market will expand at a CAGR of 16.7% during the period between 2016 and 2024, according to a new report by Transparency Market Research. The overall market was worth US$3,371.4 mn in 2015 and is expected to reach a valuation of US$13,218.5 mn by 2024
Security teams should focus on attacks ‘that matter’ (IT Pro Portal) A new survey by Countercept by MWR InfoSecurity highlights all the frustrations IT security experts are experiencing, as they’re trying their best to protect their company’s assets and employees
Marketplace
DCM Ventures Snags $770M, and Three Security Firms Raise Millions (Xconomy) This year could be the richest fundraising period for venture capital firms since 2000, according to Thomson Reuters figures so far. Menlo, Park, CA-based DCM Ventures did its bit this week to keep up the pace
Entrepreneur in £10m swoop for hacking team (Sunday Times) One of the northwest’s best-known entrepreneurs has splashed out about £10m on a cyber-security venture that helps businesses repel hackers
Symantec remains #1 in worldwide security software market share report (Security Brief) The results for Gartner's worldwide security software market share report are in and Symantec remains on top
Struggling Symantec stays ahead of the pack as security spending grow (Reseller News) Symantec steals a march on Intel as IBM makes ground
Fortinet: Ahead Of The Curve (Seeking Alpha) Fortinet's recently introduced Security Fabric architecture should allow the company to further differentiate itself from its competitors. While Fortinet has been growing at a robust rate, the company has also been spending a great deal to maintain such growth. Fortinet is well-positioned to increase market share despite growing competitive threats
Better Buy: Palo Alto Networks Inc. or Fortinet Inc.? (Motley Fool) Which of these out-of-favor firewall providers is a better long-term investment?
1 Good Reason for FireEye's Sluggish Revenue Growth (Motley Fool) Customers are buying fewer appliances but more subscriptions and services
BAE Systems partners with SWIFT to bolster hacker intel (Register) Team says it has already sniffed malware-flingers
FireEye promotes two top guns for ANZ roles (Tech Day Channel Life) Cybersecurity firm FireEye has appointed Richard Metcalfe as its regional director for Australia and New Zealand, in a promotion that has seen him promoted from sales manager after just six months
Products, Services, and Solutions
Developing a digital fortress against online identity theft (South Australia Lead) A digital security network that claims to be better than Blockchain at protecting online transactions and preventing identity theft is preparing for launch
Bricata Announces the Release of ProAccel Version 2.1 (Benzinga) Software architecture improvements set the stage for multi-engine threat detection
Microsoft’s Security Essentials last in real-world safe browsing test (Myce) Microsoft Security Essentials scored the lowest protection rate in a monthly antivirus test from well known antivirus test lab AV-Comparatives. The antivirus software is one of the most popular free antivirus solutions but takes the last place in a test that should indicate how well antivirus products protect users against malicious links
Sophos Unifies Edge, Endpoint Threat Management in Security Package (eWeek) Sophos has melded together the best features of their end point security systems with the acquired intellectual property of firewall vendors Astaro and Cyberoam
Manifold Technology blends speed and security (Bankless Times) Chris Finan has had to wrestle with the most pressing cybersecurity issues affecting the United States. The Obama administration’s former cybersecurity director, Mr. Finan is one of the founders of Manifold Technology, providers of a high-performance blockchain as part of Microsoft’s Business-as-a-Service suite and to institutions like RBC, where Manifold helps improve their rewards program through instantaneous account synchronization across the settlement process
Security Companies Take of Challenge of Stopping Ransomware (In Cyber News) A number of companies have added features to their security solutions to better detect and prevent ransomware. Here's a look at what they are doing
Xura's Signaling Fraud Management Solution Goes Broader, Deeper and Faster into the Network (Stock Transcript) Xura, Inc. (NASDAQ: MESG), a leading provider of digital communications services, today announces the latest enhancements to its world-class signaling security solutions, providing operators with the broadest, deepest and fastest response to controlling vulnerabilities across any signaling network
Technologies, Techniques, and Standards
Tech leaders challenged daily to sort through a crush of new security apps (CSO) An escalating race between good-guy developers building new security tools and bad-guy hackers launching new threats means IT has a whole pile of security apps to sift through. Here’s advice for evaluating the options
Setting up two-factor authentication on eBay: harder than it should be (Naked Security) We’ve been doing a series of posts about setting up two-factor authentication (2FA) on a variety of sites that you may use every day
Adopting Deception to Control the Attack Narrative (InfoRisk Today) Smokescreen Technologies' Hidayatullah on tools and techniques to get you started
How to Be a Wartime CISO (InfoRisk Today) Axa's CISO Deodhar on addressing emerging threats with comprehensive strategy
Share Services and Security Can Follow (IBM Security Intelligence) Sharing IT operations between government departments is gaining steam after a recent effort by the administration to encourage this collaboration. The powers that be think departments can share services and profit from it
An Inside Look at a Cybercom Dress Rehearsal (Nextgov) During a recent hack attack drill, Cyber Command troops botched an attempt to stop compromised energy machinery from leaking oil -- and that was the intention, the Pentagon says
US Army Moves To Improve Electronic-Warfare Tactics (Defense News) The US Army doesn’t need the Russians to jam its electronic equipment when it can do so itself, according to the Army's Electronic Warfare Division chief
What executives should know before sharing on social media (Business Insider) According to the Australian Bureau of Statistics, of the 9.2 million short-term resident departures from Australia last year, ‘business’ was the third most frequently cited reason for travel
Design and Innovation
Could Blockchain Help Boost Cashless Transactions in India? (InfoRisk Today) RBI appoints group to study the role the technology could play
Research and Development
Researchers detect malware in TLS connections without decrypting traffic (SC Magazine) Security researchers discovered a way to detect and block malware in Transport Layer Security (TLS) connections without decrypting the traffic
Can we find a quantum-resistant algorithm before it’s too late? (Computerworld) Quantum computers could one day decrypt everything
Academia
Winners Announced for U.S. Cyber Challenge Competition in Delaware with Remarks by Senator Carper (US Cyber Challenge) In the wake of Tuesday’s release of the Federal Cybersecurity Workforce Strategy, the visual this morning of hackers collaborating in teams as they participated in the U.S. Cyber Challenge (USCC) Capture-the-Flag (CTF) competition would prove that the country is heading in the right direction. As the Federal Government voices the importance of a strong cybersecurity workforce for our county, U.S. Cyber Challenge is on the ground floor, actively identifying these skilled individuals, building upon their skill-sets and verifying their abilities in competitions like the one today. The winners for today’s competition are Nicholas Bruno of New Jersey, Chase Lucas of Florida, Louis Tomczak of Delaware, and Nathan Wray of Pennsylvania
Cyber safety: Keeping kids safe online (Business Times) Through positive reinforcement tactics, parents and educators can make a difference and help to stem the rise of cyber bullying
Legislation, Policy, and Regulation
Government prepares to boost offensive cyber capability (Computerworld) Want to be a hacker? The government is hiring. The Australian Signals Directorate has commenced a recruitment campaign that will help boost the government’s offensive and defensive cyber capabilities
Call for government, industry to share more on cybersecurity threats (ITWire) The federal government and industry have been urged to work together to share information on cyber security threats and attacks to counter the increasing sophistication of cyber adversaries
Ministry reshuffle sees Hunt move to industry, Tehan get assistant cyber responsibilities (ZDNet) Prime Minister Malcolm Turnbull has announced the changes to his ministry following the July 2 election, with Christopher Pyne no longer responsible for industry, innovation, and science
When does a cyber attack become an act of war? (Bellingham Herald) As the pace of cyber attacks quickens on U.S. retailers, banks, political parties and the government itself, legislators worry over what looms ahead and wrestle with when to elevate a crippling cyber attack to an act of war
Pentagon not impressed over slow start of cyberwar against Isis (International Business Times) US Cyber Command is yet to establish a full staff and develop offensive tools like malware to launch attacks
U.S. military rebooting ISIL-focused cyberwar task force (FedScoop) The U.S. cyber campaign against ISIS is the first publicly declared military operation online by any nation
U.S. Cyber Command readies for first troop deployment (SC Magazine) The demand for a cybersecurity component that can be deployed to protect U.S. military infrastructure and combat forces is so strong that Cyber Command will begin deploying its cyber troops even before the complete force is trained and staffed
DoD debuting new personnel system for civilian cyber workforce (Federal News Radio) The Defense Department has begun initial steps to create a new civilian cyber workforce outside the strictures of the traditional civil service system, giving the department more flexibility to hire, fire and pay employees in critical cyber posts
Microsoft's Win in Email Case Brings Calls for Legislative Reforms (eWeek) An appeals court decision overturning a lower court order requiring Microsoft to turn over email stored overseas has far-reaching implications
Tighe Takes Charge of Information Warfare, Naval Intelligence (Maritime Professional) Vice Adm. Jan Tighe assumed the duties of the Deputy Chief of Naval Operations (DCNO) for Information Warfare (N2N6) and Director of Naval Intelligence (DNI) July 15 at the Pentagon
US Fleet Cyber Command/10th Fleet Holds Change of Command (America's Navy) Vice Adm. Mike Gilday relieved Vice Adm. Jan E. Tighe as commander, U.S. Fleet Cyber Command/U.S. 10th Fleet (FCC/C10F) during a change of command ceremony held July 14 at the U.S. Naval Academy in Annapolis
Litigation, Investigation, and Law Enforcement
U.S. bank regulator chief unaware of any hacking cover-up: hearing (Reuters) The head of a U.S. banking regulator on Thursday said he was unaware of any efforts by his staff to cover up hacking of the agency's computers by a foreign government in 2010 and 2011, as outlined by a congressional report
Hillary Managed Her Emails Like Criminals I’ve Known (Federalist) ‘There’s no evidence’ is the last refuge of a brazen criminal. I know, because two employees scammed me before destroying all the evidence, and it nearly got them off
Does Snapchat’s Lenses feature violate Illinois’ biometrics law? (Ars Technica) 2008 law warns "full ramifications of biometric technology are not fully known"
Attention all area #PokemonGo players... (Manchester (NH) Police Department) Attention all area #PokemonGo players: we have recently found out that there is a #Charizard in our booking area. With the Charizard being such a rare character, we are only inviting a specific number of people. If your name appears on the following list you are one of the lucky ones. Come down to the station to capture Charizard. Hurry before the Charizard leaves!
Marine vets playing Pokemon Go find man wanted for attempted murder (Marine Corps Times) Two Marine veterans looking for Pokemon found a man wanted for attempted murder and aided police in arresting him
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
CANCELLED: cybergamut Technical Tuesday: The Importance of Managing Attribution Online by Dani Charles of Ntrepid Corporation (Elkridge and Calverton, Maryland, USA, Jul 19, 2016) cybergamut has informed the CyberWire that tomorrow's Tech Tuesday presentation has been cancelled due to the speaker's unexpected unavailability. Other Tech Tuesdays are expected to proceed as scheduled, resuming as planned in September.
Insider Threat Program Development Training (Washington, DC, USA, Mar 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC. For a limited time the training is being offered at a discounted rate of $795. The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained a substantial number of organizations and has become the "Go To Company" for Insider Threat Program Development Training
Upcoming Events
Insider Threat Program Development Training (Washington, DC, USA, Mar 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC. For a limited time the training is being offered at a discounted rate of $795. The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained a substantial number of organizations and has become the "Go To Company" for Insider Threat Program Development Training
CyberSec 2016 (New York, New York, USA, Jul 19, 2016) Ask any bank CEO in the U.S. what keeps them up at night and cybersecurity is bound to be in the top five. Maybe even no. 1. And while the threat matrix is evolving rapidly, along with the regulatory demands, so are the technology tools available to help meet them. This one-day conference will take a big-picture look at the threats facing banks today and tomorrow, and offer insights on how to combat them.
Nominations are now open: National Cyber Security Hall of Fame (Baltimore, Maryland, USA (nominations submitted online), Jul 20, 2016) The Cyber Security Hall of Fame "Respect the Past - Protect the Future" accepts nominations from companies and organizations that are engaged in, and committed to, the growth of the cyber security industry. Each of the nominators can submit nominations in the following categories or combination of categories: Technology, Policy, Public Awareness, Education, and Business.
Insider Threat Program Development Training (Washington, DC, USA, Mar 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC. For a limited time the training is being offered at a discounted rate of $795. The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained a substantial number of organizations and has become the "Go To Company" for Insider Threat Program Development Training
Billington Global Automotive Cybersecurity Summit (Detroit, Michigan, USA, Jul 22, 2016) Billington Cybersecurity, an independent conference company focused exclusively on cybersecurity seminars, announces the first global summit that brings together the most senior government and industry experts to examine cyber security in the automotive industry. The Chairman and CEO of General Motors, Mary Barra, U.S. Transportation Secretary Anthony Foxx, U.S. Senator Gary C. Peters and Lyft CEO and Co-Founder Logan Green will discuss industry and government insights on automotive cybersecurity.
Community College Cyber Summit (3CS) (Pittsburgh, Pennsylvania, USA, Jul 22 - 24, 2016) The third annual Community College Cyber Summit (3CS) is organized and produced by six Advanced Technological Education (ATE) centers funded by the National Science Foundation (NSF) and involved in cybersecurity. 3CS meets the perceived need for a national academic conference that focuses exclusively on cybersecurity education at the community college level. Faculty, administrators, and other stakeholders in community college cybersecurity education are invited and encouraged to attend
SANS San Jose 2016 (San Jose, California, USA , Jul 25 - 30, 2016) Information security training is coming to Silicon Valley from SANS Institute, the global leader in information security training. At SANS San Jose 2016, July 25-30, 2016, choose from 7 hands-on, immersion-style cybersecurity training courses taught by real-world practitioners. We will see you at The Westin San Jose, located in the heart of downtown San Jose. Now is the time to improve your information security skills. SANS San Jose 2016 features comprehensive hands-on technical training from some of the best instructors in the industry and includes several courses that will prepare you or your technical staff for DoD 8570 and GIAC approved certification exams. Start making your plans to attend now!
SANS ICS Security Summit & Training — Houston 2016 (Houston, Texas, USA, Jul 25 - 30, 2016) SANS has joined forces with industry leaders and experts to strengthen the cybersecurity of Industrial Control Systems (ICS). The initiative is turning ICS cybersecurity around by equipping both security professionals and control system engineers with the security awareness, work-specific knowledge, and hands-on technical skills they need to secure automation and control system technology. Register now for these ICS skills based courses.
AfricaHackOn (Nairobi, Kenya, Jul 28 - 29, 2016) What began as a casual meet up for information security professionals has become one of the formidable forces in the profession. That group is the AfricaHackOn. Housed under its parent umbrella, Euclid Consultancy Ltd, AH as fondly known, has traversed all odds to becoming a leading venture in raising awareness on matters affecting cyber security and also grooming upcoming talent into the job market. We have been poised to becoming a one stop shop for talent and resources in a field greatly short staffed.
Black Hat USA (Las Vegas, Nevada, USA, Aug 1 - 6, 2015) Black Hat — built by and for the global InfoSec community — returns to Las Vegas for its 18th year. This six day event begins with four days of intense Trainings for security practitioners of all levels (August 1-4) followed by the two-day main event including over 100 independently selected Briefings, Business Hall, Arsenal, Pwnie Awards, and more (August 5-6)
SANS Boston 2016 (Boston, Massachusetts, USA , Aug 1 - 6, 2016) SANS will be returning to Boston with an exceptional cyber security training lineup this August, including a special evening event hosted by Stephen Northcutt, where you'll get choose your favorite chowder! We are bringing our top courses and best instructors to make SANS Boston the perfect training event for you. You can't miss SANS comprehensive hands-on technical training from some of the best instructors in the industry.
Secure Bermuda 2016 (Bermuda, Aug 10, 2016) Industry-leading intelligence from expert cybersecurity thought leaders and innovators. In addition to human capital shortages, the Bermudian cybersecurity industry faces an uphill battle to keep up with the acceleration of Internet-connected technology. Join us on August 10th at the Hamilton Princess Hotel for Secure Bermuda 2016. In just one day, the event will provide essential intelligence that enables Bermudian technology leaders to drive their cybersecurity strategy forward. The conference covers today's cybersecurity trends and threats as well as those of the future, equipping delegates with the tools needed to cope in an increasingly complex landscape.
TECHEXPO Top Secret Polygraph-Only Hiring Event (Baltimore, Maryland, USA, Aug 10, 2016) Polygraph-Tested Professionals are invited to interview for new career opportunities on Wednesday, August 10 at the BWI Marriott in Baltimore, MD. A CI or Full Scope Polygraph is Required to Attend. Hot job opportunities are available in Cyber Security, Intelligence, Defense and IT. Hiring managers will be onsite to fill critical open positions.
Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, Aug 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained over one hundred fifty organizations and has become the "go-to company" for Insider Threat Program Development Training.
TECHEXPO Top Secret Polygraph-Only Hiring Event (Baltimore, Maryland, USA, Aug 10, 2016) Polygraph-Tested Professionals are invited to interview for new career opportunities on Wednesday, August 10 at the BWI Marriott in Baltimore, MD. A CI or Full Scope Polygraph is Required to Attend. Hot job opportunities are available in Cyber Security, Intelligence, Defense and IT. Hiring managers will be onsite to fill critical open positions.
International Conference on Cyber Security (ICCS) 2016 (Kota, Rajasthan, India, Aug 13 - 14, 2016) The International Conference on Cyber Security (ICCS) 2016 is an unparalleled opportunity to discuss cyberthreat analysis, operations, research, and law enforcement to coordinate various efforts to create a more secure world. The ICCS 2016 serves as a platform for researchers and practitioners from academia, industry, and government to present, discuss, and exchange ideas that address real-world problems with CYBER SECURITY. The conference program will include special sessions, presentations delivered by researchers from the international community, including presentations from keynote speakers and state-of-the-art lectures and keynote speeches
2016 Information Assurance Symposium (Washington, DC, USA, Aug 16 - 18, 2016) The Information Assurance Symposium is the premier IA event at which leaders and practitioners share vital information and provide direction and best practices to meet today’s challenges in IA and the cyber environment. The classification of the event is UNCLASSIFIED//FOR OFFICIAL USE ONLY. The 2016 IAS is expecting upwards of 2,000 attendees and will provide an excellent opportunity to learn and network with leading information assurance and cyber security professionals, subject matter experts and solution providers from throughout Government, industry and academia. The Information Assurance Symposium will include a variety of keynote sessions, five distinct tracts and panel discussions spanning over three days. It will also have a vendor expo where hundreds of exhibitors will display a wide variety of IA products, services and demonstrations. Exciting networking opportunities will be offered in the exhibit hall, all designed to enhance the IAS attendee experience.
Insider Threat Program Development Training (Washington, DC, USA, Mar 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC. For a limited time the training is being offered at a discounted rate of $795. The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained a substantial number of organizations and has become the "Go To Company" for Insider Threat Program Development Training
SANS Alaska 2016 (Anchorage, Alaska, USA, Aug 22 - 27, 2016) SANS is bringing our renowned security training to Alaska! Join us in August for a week of hands-on training and compelling bonus sessions while taking in breathtaking views and experiencing the great Alaskan wilderness. SANS Alaska will feature two hands-on, immersion-style security training courses taught by real-world practitioners August 22-27, 2016 in Anchorage.
CISO New Jersey (Hoboken, New Jersey, USA, Aug 23, 2016) With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing more sophisticated attacks, the IT department has a growing responsibility to protect customer and company data. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more.
CyberTexas (San Antonio, Texas, USA, Aug 23 - 24, 2016) CyberTexas was established to provide expanded access to security developments and resources located in Texas; provide an ongoing platform for the education and skill development of cyber professionals & job creation; build strong relationships with other U.S. and International geographies focused on cyber ecosystem development; bring national and international resources to the region to showcase Texas-based cyber assets; identify and encourage business opportunities within and outside of Texas; and create long-term value for the cyber security ecosystem of San Antonio and the State of Texas.
Chicago Cyber Security Summit (Chicago, Illinois, USA, Aug 25, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. This educational and informational forum will focus on educating attendees on how to best protect highly vulnerable business applications and critical infrastructure. Attendees will have the opportunity to meet the nation’s leading solution providers and discover the latest products and services for enterprise cyber defense.
Air Force Information Technology and Cyberpower Conference 2016 (Montgomery, Alabama, USA, Aug 29 - 31, 2016) America is faced with a national emergency in cyberspace. US national security, economic vitality, financial stability and foreign policy are being eroded. Increasingly prevalent and severe malicious cyber activities are being directed against the DOD, USG, Private-Sector, Critical Infrastructure and Key Resource operators, Academia and Civil Society. USG industrial-aged thought, processes, and organizational relationship are not fostering “success” against decentralized, digital-age threat actors. An information-age solution is needed. Private-public dialogue is integral to building a new paradigm in which digital platforms are secure, and the nation is defended in a domain. Building bridges between government and the private sector is essential for victory. This conference will promote a national dialogue between the US Air Force, commercial businesses, academia and civil society to generate “whole of nation” strategies and processes aimed at overcoming challenges and ambiguities of an increasingly digital world.
CISO Toronto (Toronto, Ontario, Canada, Aug 30, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations to operate smoothly, CISOs and IT security executives need to be ahead of the hackers, and kept abreast of the latest IT security topics and trends.