Political hacks: email, Twitter, and iCloud. Calls mount for tough US response to Russian cyber operations. Al Qaeda tries Millennial outreach. Two Android vulnerabilities and one threat revealed. Verizon calls Yahoo! breach "material."
US Presidential candidate Clinton's campaign chairman Podesta's Twitter account was hijacked Wednesday to announce (obviously falsely) that Podesta had jumped ship to Team Trump. Apparently Podesta's iCloud account was also hacked (and wiped), this also occurring Wednesday night about twelve hours after Podesta's password appeared in the latest WikiLeaks email dump.
The FBI is said to be investigating the compromise of Podesta's accounts, with Russian intelligence services as the prime suspects. Russian President Putin shrugs a denial, but says the whodunnit's not important—he thinks people should worry more about the dumped emails' content. Concerning that content, Wired draws attention to a 2006 essay in which WikiLeak's Assange explained the hacktivist determination to impose a "secrecy tax" on organizations.
How the US will respond to Russian hacking remains up in the air, but more foreign policy experts and defense intellectuals call for that response to err on the side of toughness.
Al Qaeda is receiving much the same military pressure as ISIS, and it's also turning to a similar campaign of online inspiration in the hopes of recouping its Millennial jihadist mindshare.
New Android vulnerabilities include "Pork Explosion," a Foxconn factory de-bugger left behind in shipped devices—it can serve as a backdoor. The Nine app, used to access Microsoft Exchange resources, is found vulnerable to man-in-the-middle exploitation. And a bogus video app promises great selfies but actually delivers identity theft.
Verizon finds the Yahoo! breach "material," hinting that it will affect its planned acquisition of the troubled company's assets.
Notes.
Today's issue includes events affecting Afghanistan, Australia, Bangladesh, Brazil, China, European Union, India, Iraq, Israel, Libya, Myanmar, Pakistan, Russia, Syria, United Kingdom, and United States.
A note to our readers: On Monday we'll be back at Jailbreak in Laurel, Maryland, for a seminar on blockchain technology hosted by Novetta. We'll have a report, of course, later in the week.
And, as the second week of National Cyber Security Awareness Month winds down, remember this week's theme, one more time: "From the Break Room to the Boardroom: Creating a Culture of Cybersecurity in the Workplace."
The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today our partner from the Johns Hopkins University, Joe Carrigan, answers a question from a listener about Amazon's recent password resets. Our guest, Corero's Dave Larson, explains the IoT botnets that have been inflicting DDoS attacks against high-profile targets. If you enjoy the podcast, please consider giving it an iTunes review.
Cyber Attacks, Threats, and Vulnerabilities
Clinton campaign chief’s Twitter, iCloud accounts hijacked (Help Net Security) Some 12 hours after WikiLeaks published emails stolen from the email account of Hillary Clinton campaign Chairman John Podesta, someone has hijacked the man’s Twitter account and tweeted out “I’ve switched teams. Vote Trump 2016. Hi pol”
Clinton campaign chief’s iPhone was hacked and wiped, photos suggest (Ars Technica) Podesta's iPhone reportedly wiped within hours of his Twitter account being hacked
Intelligence Analyst: Russian Cyberattacks Could Roil US Elections (Voice of America) Malcolm Nance is extremely worried about what might happen as U.S. votes are tallied on Nov. 8, election night
Want to Know Julian Assange’s Endgame? He Told You A Decade Ago (Wired) Amid a seemingly incessant deluge of leaks and hacks, Washington, DC staffers have learned to imagine how even the most benign email would look a week later on the homepage of a secret-spilling outfit like WikiLeaks or DCLeaks. In many cases, they’ve stopped emailing altogether, deleted accounts, and reconsidered dumbphones. Julian Assange—or at least, a ten-years-younger and more innocent Assange—would say he’s already won
Elections at Risk in Cyberspace, Part III: Vote Database Security Ultimately Could Determine an Election Result (SIGNAL) It would take a nation-state with advanced cyber capabilities to alter U.S. election; those adversaries exist today
7 Ways Electronic Voting Systems Can Be Attacked (Dark Reading) Pre-election integrity tests and post-election audits and checks should help spot discrepancies and errors, but risks remain
Pro-Trump Hackers Deface Clinton Wikipedia Page (Infosecurity Magazine) Hackers purporting to support presidential hopeful Donald Trump have defaced Hillary Clinton’s Wikipedia page with pornographic images
'Join the Revolution': Al-Qaeda Makes Populist Pitch to Millennials (PJ Media) Al-Qaeda is appealing to millennials with a cocktail of populism and Islam and directives to not admire grown "kids" in professional sports but "men... with their AK aimed at the enemy" -- and to follow the latter into jihad
Algerian forces kill commander of Islamic State affiliate behind French murder: source (Reuters) Algerian soldiers have killed two Islamist militants including one who security sources said was a senior commander with an Islamic State-allied group that kidnapped and beheaded a French tourist two years ago
How Hackers Plant False Flags to Hide Their Real Identities (Motherboard) During the first half of 2015, a mysterious hacking group allegedly started attacking military and government organizations in Peru in what looked like a routine—even run-of-the-mill—espionage campaign
Popular Android App Leaks Microsoft Exchange User Credentials (Threatpost) A popular Android app used to access corporate email, calendar and contacts via Microsoft Exchange servers is vulnerable to leaking user credentials to attackers
Backdoor dubbed Pork Explosion lets attackers go hog wild on Android phones (CSO) A backdoor in Android firmware provided by manufacturer Foxconn allows attackers to root devices to which they have physical access, according to a security researcher and barbecue enthusiast who dubbed the vulnerability Pork Explosion
Leftover Factory Debugger Doubles as Android Backdoor (Threatpost) A leftover factory debugger in Android firmware made by Taiwanese electronics manufacturer Foxconn can be flipped into a backdoor by an attacker with physical access to a device
Enjoy taking selfies? That plays right into the hands of this identity-stealing malware... (Graham Cluley) Fake video app asks victims for selfie, alongside a large amount of other personal info
Odinaff trojan targets SWIFT users, financial organisations (Graham Cluley) Malware takes cues from Carbanak, and comes equipped with lots of hacking tools
Akamai Finds Longtime Security Flaw in 2 Million Devices (Wired) It's well known that the Internet of Things is woefully insecure, but the most shameful and frustrating part is that some of the vulnerabilities that are currently being exploited could have been eradicated years ago. Now evidence of how these bugs are being used in attacks is calling attention to security holes that are long overdue to be plugged
Akamai Says Hackers Use ’Smart’ Devices to Test Stolen Usernames, Passwords (Wall Street Journal) Evidence shows hackers were able to manipulate as many as two million ‘smart’ devices
Old SSH Vulnerability at Center of Credential-Stuffing Attacks (Threatpost) Connected devices aren’t just for DDoS attacks anymore
Symantec warns Swift users about an upcoming cyber-attack (The USB Port) On Tuesday, American cyber security giant Symantec reported a second hacker group, dubbed Odinaff, was likely to perpetuate SWIFT attacks against financial institutions, mirroring the heist that occurred earlier this year, in February, at the Bangladesh Bank
Evony Gaming Company Website Hacked; 33M Gamer Accounts Stolen (HackRead) Evony gaming company had its website and forum breached and as a result 33 million of its gamers had their accounts stolen
South American Based Indetectables Member Shares RAT (Wapack Labs) Current Wapack Labs research revealed a Spanish language forum, Indetectables.net Forum, which highlights a member selling a popular remote access tool (RAT). This information is being supplied for your situational awareness and protection
There Are 5,761 Online Stores Currently Infected with Card-Data-Stealing Malware (Softpedia) Online skimming malware is about to become a big problem
Phishing scam hits Australian inboxes (CSO) The latest phishing scam impersonates energy company AGL
GlobalSign security certificate foul-up knocks out secure websites (ZDNet) A security certificate mix-up has frozen hundreds of thousands of websites
UN Atomic agency admits a cyber-attack 'disrupted' a nuclear power plant (SC Magazine) A senior UN official has told press that a nuclear power plant was disrupted several years ago by a cyber-attack
Security Patches, Mitigations, and Software Updates
Tor Project and Mozilla Making It Harder for Malware to Unmask Users (Motherboard) Generally, the Tor network provides a high level of protection and anonymity for its users. So much so that law enforcement agencies, instead of attacking the network itself, have opted to hack individual users’ computers, or end-points. This way, investigators have learned Tor users’ IP addresses
Cisco patches critical authentication flaw in conferencing servers (CSO) Hackers could exploit the issue to masquerade as legitimate users
Google Plugs 21 Security Holes in Chrome (Threatpost) Google on Wednesday patched 21 security vulnerabilities in Chrome, including a half dozen rated high severity that were reported by external researchers and were eligible for a bounty
Android Fragmentation Sinks Patching Gains (Threatpost) It’s been 13 months since Google began releasing Android security bulletins and software patches on a scheduled, monthly basis. So far, the benefits of the new strategy to shore up Android’s defenses are mixed at best. Compared to Apple’s patching track record, Google’s is significantly lacking
Cyber Trends
1 in 5 executives take risks with sensitive data to meet regulatory demands (Help Net Security) The Anti-Money Laundering Directive (AML), the EU-US Privacy Shield and the Market Abuse Directive (MAD) and Regulation (MAR) are the three biggest regulatory pressures across EMEA, according to a survey conducted by Vanson Bourne
SecureAuth: It’s The Beginning of The End of The Password (Find Biometrics) It’s the beginning of the end of the password, suggests survey data from SecureAuth
80% Of IT Pros Say Users Set Up Unapproved Cloud Services (Dark Reading) Shadow IT is a growing risk concern among IT pros, with most reporting users have gone behind their backs to set up unapproved cloud services
Alarming cloud encryption misconceptions revealed (Help Net Security) Businesses have a high level of concern about the exposure of sensitive and regulated data in the cloud to security threats. Yet despite this, the majority of data owners outsource responsibility for data protection, even though they still bear full legal liability if there is a breach
Cyber threats to U.S. presidential election helps boost interest in cybersecurity careers among millennials (PRNewswire) Raytheon-NCSA global survey finds growing awareness of cybersecurity careers, but gender gap widens
Most Small Businesses Lack Response Plan For Hacks (Dark Reading) Half of small business owners have experienced malware, phishing, Trojans, hacking, and unauthorized access to customer data, according to Nationwide survey
Marketplace
Information Security Spending Will Top $101 Billion By 2020 (Dark Reading) Spending on security services will drive much of the growth, IDC says in new forecast
Verizon says Yahoo hack 'material,' could affect deal (Reuters) Verizon Communications Inc (VZ.N) said on Thursday it has a "reasonable basis" to believe Yahoo Inc's (YHOO.O) massive data breach of email accounts represents a material impact that could allow Verizon to withdraw from its $4.83 billion deal to buy the technology company
Verizon's Yahoo Breach Question: What's 'Material'? (BankInfo Security) Don't expect world's largest data breach to derail Verizon's Yahoo buy
Verizon signals Yahoo data breach may affect acquisition (CSO) Yahoo says its still confident in the company's value
Digital privacy campaign urges users to 'Dump Yahoo' (Christian Science Monitor Passcode) The tech advocacy group Fight for the Future is calling on Yahoo users to delete accounts after reports alleged the company let US officials scan millions of emails
HP Inc to cut up to 4000 jobs (CRN) HP Inc plans to cut up to 4,000 jobs across multiple divisions in the next three years as part of a restructuring plan, the company disclosed in a filing on Thursday
Accenture acquires Defense Point Security, US-based cyber consultant (Consultancy) Cybercrime is becoming increasingly problematic for companies and governments globally, as a range of digital avenues and developing adversaries tap into systems to extract a range of value. As costs grow, companies are turning to consultancy firms for advice. In a bid to meet demand, as well as access relevant certifications, Accenture recently acquired US-based Defense Point Security for an undisclosed sum
Cybersecurity Stocks & ETFs Fall on Fortinet's View Cut (Nasdaq) Shares of almost every anti-hacking company took a hit yesterday after Fortinet Inc. FTNT lowered its third-quarter 2016 revenue and earnings guidance, raising investors' concerns over increasing price competition across the industry
7 Cyber Security Stocks Cashing In On The Hacking Epidemic (Seeking Alpha) The threat of being hacked will have companies and governments has sent cyber security spending soaring in the last five years. This tidal wave of spending is creating a great investment opportunity: it has never been a better time to be a cyber security company. Investors can profit from buying shares in a cyber security ETF or individual industry leaders with strong financial positions and high growth prospects
Qualys: A Fast-Growing Cyber Security Provider (Seeking Alpha) Revenues growing at a compound annual growth rate of 21.1%. Has met earnings expectations since going public. Cyber security industry is expected to grow at a CAGR of 9.8%
Increase in Cyber Threats Makes This Stock a Raging Buy Right Now (The Street) Incidents of hacking are growing daily. Here is a great way for investors to play the trend
Symantec CEO Takes Aim At Cylance, Other Next-Gen Security Vendors As Blue Coat Integration Gets Under Way (CRN) Symantec is charging back into the market after its acquisition of Blue Coat Systems earlier this year, CEO Greg Clark said, and he didn’t mince words about what that means for the security vendor’s competition
IBM gets in retaliation before VMware flips to AWS (Channel Biz) Big Blue moves to step on new hybrid cloud romance between Amazon Web Services and VMware
LookingGlass is a Champion of National Cyber Security Awareness Month (BusinessWire) Cybersecurity leader emphasizes importance of educating organizations on effective phishing protection
Products, Services, and Solutions
Terbium Labs and Skry Team Up to Enhance Detection of Bitcoin Fraud (Finance Magnates) The integration aims to minimize the damage of blockchain fraud by reducing the delay time between compromise and detection
‘Bitcoin Unlimited’ Hopes to Save Bitcoin from Itself (Motherboard) For over a year, bitcoin has been embroiled in a circular debate about a code change that would allow the virtual currency to handle many more transactions. But this week finally saw a major shake-up that could change the course of bitcoin as we know it
Top SIEM Vendors and Other Buying Advice (eSecurity Planet) Security incident and event management (SIEM) products are no longer just for large enterprises. This article will help determine if SIEM is for you
Thycotic Releases Privilege Manager for Windows (eWeek) Privilege Manager for Windows lets IT admins implement an array of security policies and controls that best match their needs, such as deny-first whitelisting
Sophos bundles cybersecurity technology under one solution (Interaksyon) It’s the underlying philosophy that has catapulted Sophos to the forefront of the industry. Using big data analytics, the global security leader gains a deep a deep understanding of the threat landscape, recognizing malicious patterns, attack vectors and criminal motivations
Technologies, Techniques, and Standards
What is MANRS and does your network have it? (CSO) The Internet Society's Mutually Agreed Norms for Routing Security (MANRS) initiative is designed to provide measures to improve the resilience and security of the internet's routing infrastructure to keep it safe for businesses and consumers
Internet Routing Security Effort Gains Momentum (Dark Reading) More than 40 network operators agree to filter routing information, prevent IP address-spoofing, and to work together to thwart Internet traffic abuse and problems
Infragard: Helping the Nation's IT Security Professionals (In Homeland Security) On August 25, Infragard Las Vegas had an interesting event where they discussed a report about current threats to information technology. Infragard is an organization that serves the security community
101 Ways I Screwed Up Making a Fake Identity (Hacks4Pancakes) As most of you know, my professional area of expertise in security is incident response, with an emphasis on system / malware forensics and OSINT. I’m fortunate enough in my position in the security education and con community to sometimes get pulled into other directions of blue teaming and the occasional traditional penetration testing. However, the rarest of those little fun excursions are into the physical pen testing and social engineering realm. In the breaking into buildings and pretending to be a printer tech realm, I’m merely a hobbyist
An Information Security Survival Guide (Infosecurity Magazine) Information security is viewed in some organizations as a function owned by a few individuals or one department. However, with human error continuing to remain the most prominent cause of data breaches, it is important to create a corporate culture that views information security as a shared responsibility among all employees
That connected device already knows your mom’s maiden name (ReadWrite) Since it’s National Cyber Security Awareness Month, and with the increasing amount of connected homes, systems and trendy devices, consumers need to stay informed about the best security practices, and precautions to take in order to stay safe and keep their information secure
How Sophos helps our own employees to stay safe (Sophos) Sophos is the same as any other business – we need to keep our employees (and the company) safe, while at the same time we need to give people the freedom to do their jobs
Why You Need a Cybersecurity Crisis Management Plan (InfoRisk Today) A CISO offers insights based on real-world experience
Design and Innovation
The AI disruption wave (TechCrunch) Information technology evolves through disruption waves. First the computer, then the web and eventually social networks and smartphones all had the power to revolutionize how people live and how businesses operate. They destroyed companies that weren’t able to adapt, while creating new winners in growing markets
How identity and access management is critical in the digital transformation process (Help Net Security) Digital transformation is a top priority and source of anxiety for enterprises, but the majority of IT decision makers have not completed technology deployments to address the initiatives that are critical to making the shift, according to Ping Identity
Research and Development
BAE Systems to Develop Cyber Attack Prediction Capability for IARPA (BusinessWire) The U.S. Intelligence Advanced Research Projects Activity (IARPA) has selected BAE Systems to develop technology that will help the U.S. military and intelligence agencies forecast and detect cyber-attacks significantly earlier than existing methods allow. The approximate lifetime value of the contract is $11.4 million
Academia
University IT employees fighting for jobs question security (CSO) Data security is a simmering issue in offshore outsourcing. The offshore workers who staff help desks, call centers and manage systems are accessing data in the U.S. The University of California IT employees, who will soon lose their jobs to overseas workers, are trying point this out
University of Maryland University College Renews Support of AFA's CyberPatriot (Yahoo!) The Air Force Association today announced that the University of Maryland University College (UMUC) renewed its support for CyberPatriot, the National Youth Cyber Education Program, as a Cyber Silver sponsor. For the fourth consecutive year, UMUC has sponsored CyberPatriot in its mission to stimulate youth interest in STEM and educate students on the importance of cybersecurity
Legislation, Policy, and Regulation
America’s dilemma over Russian cyber attacks (Financial Times) Washington walks a difficult line in defining an acceptable response
State Dept. Official Urges ‘Strong’ U.S. Response to Election Hacking By Russia (Foreign Policy) A State Department official called for a “strong” U.S. response to Russian hacking of Democratic Party organizations on Thursday and urged the administration to name names and clearly convey that manipulating U.S. elections won’t go unpunished
Russia, US move past Cold War to unpredictable confrontation (CNN) It's not a new Cold War. It's not even a deep chill. It's an outright conflict
America’s Russia Policy Has Failed (Foreign Policy) Here are seven things the next U.S. president should do to put Washington back in the driver’s seat
Cybersecurity: Time to Move from Talk to Action (InfoRisk Today) India needs a comprehensive, pragmatic plan
Athens Conference Plans Europe's Shielf Against Cyber Attacks (Euronews) What would happen if Europe were targeted by a large-scale cyber attack?
How Will the Next President Approach Cybersecurity? (GovInfo Security) The similarities, differences in Clinton, Trump platforms
Letter to next president on cybersecurity (Federal Times) Like Kennedy’s moonshot, the next president will need to think boldly, not incrementally. There is no better place for the next president to start than with his or her own house
Online First: U.S. Special Operations Forces in Cyberspace (Cyber Defense Review) Cyberspace is a human space, as dynamic and uncertain as human nature. No longer simply a technical abstraction or manmade domain unto itself, cyberspace is a growing facet of every-day life that increasingly cuts across all aspects of Special Operations
Marines adopt acquisition approach to work at cyber speed (C4ISRNET) Marine Corps Systems Command (MCSC) has announced a new process for rapidly fielding cyber capabilities to its personnel
As self-driving cars hit the road, cybersecurity takes a back seat (Christian Science Monitor Passcode) While consumers and industry experts worry about cybersecurity in autonomous vehicles, government regulators are still struggling to respond to digital risks in driverless cars
New York State Moves Towards Cyber Attack Regulations (Reg Blog) In the days of Bonnie and Clyde, bank robbers used masks to conceal their identities while robbing the local bank. Today, with the advent of cyber attacks, the mask is a computer screen, and the attacks pose systemic risks to major financial institutions
Kentucky Leaders Update Cyber Attack Preparedness (WKU) Kentucky cyber security leaders are compiling information from a simulated cyber attack in order to update plans in the event that a power grid goes down or sensitive data is stolen from businesses or state agencies
Litigation, Investigation, and Law Enforcement
UK Police Bought Privacy Invading Phone Snooping Tech – Report (Infosecurity Magazine) Rights groups are up in arms after it emerged several UK police forces have purchased controversial mobile phone snooping technology notorious for enabling indiscriminate surveillance
Twitter, Facebook revoke access to social media surveillance software used by cops (Help Net Security) Geofeedia, a US-based company that offers its social media aggregation platform “to a broad range of private and public sector clients”, also numbers among its clients over 500 law enforcement and public safety agencies across the country
Google Handles Record Number of Government Requests for Data (Threatpost) Google fielded a record number of government requests for user data during the first half of 2016, according to its updated Transparency Report
More Congressional Scrutiny of FTC's LabMD Case (HealthcareInfo Security) Senators question whether FTC provided lab with 'due process'
Feds Investigate Email Hack of Clinton Campaign Boss (Infosecurity Magazine) Hillary Clinton’s campaign chairman has claimed the FBI is investigating whether Russian hackers were behind a cyber-attack on his private email
FBI: Russia likely hacked Florida election contractor and Clinton campaign chairman (SC Magazine) U.S. intelligence officials' concerns of a Russian hacking operation against political targets continues to escalate, as FBI officials now believe Russian intelligence agencies likely orchestrated the hacks of emails belonging to a contractor for Florida's election system and Hillary Clinton's campaign chairman John Podesta, according to a report in The Wall Street Journal
Retailer Vera Bradley: Payments System Hacked (DataBreach Today) FBI warning triggers discovery of July breach involving malware
The Video Defense About Her Emails Hillary Clinton Never Gave (NPR) At 10:33 p.m. on Aug. 21, 2015, Hillary Clinton's lead speechwriter sent around an email with the subject line "Script." In it is a draft of a video address to supporters where Clinton would try to explain the private email system she used while secretary of state "directly, in one place, at one time, as best as I can"
Did the FBI chief lie to Congress about the Hillary email probe? (New York Post) Congressional leaders investigating the FBI’s suspiciously inept investigation of ex-Secretary of State Hillary Clinton’s emails are turning their attention to FBI chief James Comey’s truthfulness. Did he mislead them? Did he perjure himself?
The OPM breach report: A long time coming (CSO) The catastrophic breach of the federal Office of Personnel Management, which exposed the personal information of more than 22 million current and former employees, became public in mid-2015. It took another 15 months for Congress to complete a report on it
'Snowden': A cinematic snow job? (GCN) It’s well understood that even the most historically accurate films may take some dramatic license in their depiction of actual events
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
Pharma Blockchain Bootcamp (Edison, New Jersey, USA, Nov 16, 2016) Blockchain technology has gained recognition as one of the most disruptive technologies in the industrial world with the potential of redefining how businesses operate similarly the internet changed it more than 30 years ago. At this critical one-day learning seminar, bio/pharmaceutical professionals (tech + business) will uncover the key areas where blockchain applications could have a significant impact in securing, managing and leveraging the deluge of data throughout the enterprise from R&D to clinical to commercialization. Key issues to be addressed: what exactly is blockchain and why is it considered a disruptive innovation; where and why in the enterprise is pharma ripe for blockchain applications; the hidden business rewards that would be exposed; the legal and regulatory considerations with implementation, and much more.
Upcoming Events
AppSecUSA 2016 (Washington, DC, USA, Oct 11 - 14, 2016) OWASP’s 13th Annual AppSecUSA Security Conference is the premier application security conference for developers and security experts. Come hear an amazing group of inspirational speakers—including YouTube’s Favorite Hacker, Former DHS NCSD Director of Software Assurance, and Assistant Professor & Cryptographer—who are challenging traditions. You’ll be inspired by fresh ideas, start rethinking the status quo, and leave ready to tackle your challenges in innovative ways.
Cyber Security Summit 2016 (Aukland, New Zealand, May 5, 2016) New Zealand’s first Cyber Security Summit will be held in Auckland on 5 May 2016. The theme is “Keeping New Zealand’s Economy Cyber Secure”. Hosted by the Minister for Communications Hon Amy Adams, the Summit is an opportunity for board chairs and chief executives to discuss how New Zealand should tackle the threat of cybercrime, and improve our resilience and security. Chief executives, board chairs and leaders from across the public and private sectors have been invited to join the Minister for Communications at this high level event.
Tech Talk: Blockchain & Bitcoin (Laurel, Maryland, USA, Oct 17, 2016) Join Novetta and Chainanalysis at Jailbreak Brewery to learn about Bitcoin, a digital currency, and Blockchain, the technology that makes it all work. Rub elbows with like-minded techies and enjoy ice cold beer - Don’t miss out.
Insider Threat Program Development Training for NISPOM CC 2 (Warrington, Pennsylvania, USA, Oct 17 - 18, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (NISPOM Conforming Change 2). PA. For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust insider threat program. Insider Threat Defense has trained over 350+ organizations and has become the "leader-go to company" for insider threat program development training.
Cyber Ready 2016 (McDill Air Force Base, Florida, USA, Oct 18, 2016) We invite you to join us for our first annual Cyber ReadyTM 2016 conference observing National Cyber Security Awareness Month: The Impact of Cyber Crime. The National Cyber Partnership, joined by the MITRE Corporation, Tampa Bay Innovation Center, Florida Chamber Foundation and the Florida Suncoast AFIO Chapter is proud to present this important event. In addition to attending the Cybersecurity Conference, you're also invited to register for the Golf Outing and Barbecue Dinner at the MacDill AFB Bay Palms Golf Complex on Monday afternoon. The event will include the sixth annual MITRE National Capture the Flag (CTF) Competition Cyber Challenge Awards Ceremony.
EDGE2016 Security Conference (Knoxville, Tennessee, USA, Oct 18 - 19, 2016) The EDGE2016 conference is where true collaboration between business and technology professionals happens. Combining engaging keynotes from world-renowned visionaries, recognized technology industry leaders, topical roundtables, training sessions, and industry-specific tracks, EDGE2016 is where complex business security problems meet real-world solutions.
SecureWorld St. Louis (St. Louis, Missouri, USA, Oct 18 - 19, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
CyberTini at CyberMaryland (Baltimore, Maryland, USA, Oct 19, 2016) The bwtech@UMBC Cyber Incubator will be hosting a CyberTini as the official opening event of the CyberMaryland Conference on the evening of October 19, 2016 at the Columbus Center in Baltimore’s Inner Harbor. The Columbus Center is just a few blocks from the Baltimore Hilton Hotel where the CyberMaryland Conference is taking place, and attendance at the CyberTini is estimated to be 250 or more. The event will begin at 5pm the night before the CyberMaryland Conference and will run until approximately 7:30pm.
Los Angeles Cyber Security Summit (Los Angeles, California, USA, Oct 28, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. This educational and informational forum will focus on educating attendees on how to best protect highly vulnerable business applications and critical infrastructure. Attendees will have the opportunity to meet the nation’s leading solution providers and discover the latest products and services for enterprise cyber defense.
Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, Aug 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained over one hundred fifty organizations and has become the "go-to company" for Insider Threat Program Development Training.
CyberMaryland 2016 (Baltimore, Maryland, USA, Oct 20 - 21, 2016) The CyberMaryland Conference is an annual two-day event presented jointly by The National Cyber Security Hall of Fame and Federal Business Council (FBC) in conjunction with academia, government and private industry organizations. The theme, “Leading the Cyber Generation,” captures the event’s intent to provide unparalleled information sharing and networking opportunities for development of cyber assets on both the human and technological side. Additionally, the conference provides an opportunity for Maryland to demonstrate its natural leadership in Cyber Security.
CyCon US: International Conference on Cyber Conflict (Washington, DC, USA, Oct 21 - 23, 2016) The inaugural U.S. based International Conference on Cyber Conflict will take place 21-23 October 2016 in Washington D.C. Focusing on a theme of Protecting the Future. CyCon U.S. seeks to create greater information exchange among industry, academia, and government entities at both the national and international levels. The issues to be covered include the future of international cooperation, imminent technical challenges and requirements, forthcoming conflicts in cyberspace, and the potential for new legal frameworks, standards, and regulations.
SANS San Diego 2016 (San Diego, California, USA , Oct 23 - 28, 2016) Cyber security training in San Diego, CA from SANS Institute, the global leader in information security training. Choose from nine hands-on, immersion-style training courses for security professionals at all levels. Many of these security courses have certifications that are aligned with DoD Directive 8570/8140 and all courses at this event are associated with GIAC Certifications. This event was planned to give you the weapons you need to defend against attackers and advance your career. You will learn from leading experts in courses that have been carefully selected to arm you with the latest tactics and strategies that will sharpen your skills
18th Annual AT&T Cybersecurity Conference (New York, New York, USA, Oct 24 - 25, 2016) Countless cyberthreats circle your organization every second of every day. While your organization utilizes more mobile, IoT and emerging technologies, attackers simply focus on more ways to exploit them. That’s why we’re hosting the 18th Annual AT&T Cybersecurity Conference.
Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, Aug 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained over one hundred fifty organizations and has become the "go-to company" for Insider Threat Program Development Training.
2016 ICS Cyber Security Conference (Atlanta, Georgia, USA, Oct 24 - 27, 2016) As the largest and longest-running cyber security-focused conference for the industrial control systems sector, the event caters to the energy, utility, chemical, transportation, manufacturing, and other industrial and critical infrastructure organizations, including the military. The conference will address topics covering ICSs, including protection for SCADA systems, plant control systems, engineering workstations, substation equipment, programmable logic controllers (PLCs), and other field control system devices.
14th Annual EWF National Conference (Scottsdale, Arizona, USA, Oct 25 - 27, 2016) Balancing risk and opportunity: transforming cybersecuity; risk and privacy beyond the enterprise. The Executive Women's Forum (EWF) Annual Conference provides an exclusive opportunity to personally interact with more than 350 global thought leaders in the fields of Information Security, Risk Management and Privacy. During this three-day event, members collaborate on round-table exercises, incident simulations, panel discussions and working groups. Exposure to new ideas and approaches, best practice management of everyday issues and learning from observing the best and the brightest is an excellent and abundant return on investment.
SecureWorld Bay Area (San Jose, California, USA, Oct 27, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
Security By Design (McLean, Virginia, USA, Oct 28, 2016) The essential security conference for all who desire to build trustworthy software. Developers, DevOps Engineers, Software Architects, Security Software Engineers, Designers and more.
Regional Cyber Security Summit (Sharm El-Sheikh, Egypt, Oct 30 - Nov 1, 2016) The Regional Cyber Security Summit comes this year with the theme of “Boundless Collaboration, Boundless Protection”. It focuses on the cooperation in cybersecurity as one of key pillars to tackle the complexity and the scalability of the main challenges of today’s cyber threats. The regional cybersecurity summit has been conducted for the last 4 years under the umbrella of ITU-ARCC in Oman to share experience and knowledge, learn from each other, get in tight to recent updates and collaborate to enhance organizations’ cybersecurity became a must.