The CyberWire Daily Briefing for 10.31.2013
Turkish hacktivists, this time Kemalist rather than Ottoman, recognize Republic Day by hacking sites they perceive as hostile with Atatürk's image.
An Anonymous cell with an Arabo-Liverpudlian nom de hack claims responsibility for vandalizing Italian university sites (without obvious motive). As Guy Fawkes Day approaches (next Tuesday), big Anonymous calls for physical demonstrations in #OpVendetta, not hacktivism.
A Palestinian hacker seeks renown by pwning Mark Zuckerberg.
Ransomware continues to proliferate. It's retail crime: ordinary users are targets.
Odd episodes are harbingers of exploits in the emerging Internet-of-things: Chinese-made electric kettles (says the Russian press), compromised tradeshow swag, counterfeit money detectors.
Open sources contain interesting information. Consider a 2009 academic paper Chinese researchers published through Elsevier, detailing how the US power grid might be taken down.
Such cyber warfare is much on official minds from Tehran to Beijing (via Tel Aviv, London, Dublin, and Washington). A "cyber Pearl Harbor" is again widely discussed. (But cyber events notoriously can be ambiguous. Pundits might also consider the possibility of a cyber Tonkin Gulf Incident.)
Another historical analogy is also much discussed: the 1970's Church Commission inquiry into the CIA. Fresh allegations of US NSA incursions into Google and Yahoo (denied by NSA's director) seem to bring a Church 2 closer. French authorities recover their momentarily cooled outrage, the Chinese government says it will "take steps" to protect itself, and the Israelis again point out that cyber surveillance is pretty widespread.
Some industry news: interesting new products and a "Dark Mail" project are announced.
Today's issue includes events affecting China, European Union, France, Iran, Israel, Italy, Democratic People's Republic of Korea, Republic of Korea, Palestinian Territories, Philippines, Romania, Russia, Singapore, Turkey, United Arab Emirates, United Kingdom, United States, and Vatican..
Cyber Attacks, Threats, and Vulnerabilities
Turk Hack Team Celebrates Turkish Republic Day by Hacking 450+ Websites (HackRead) TurkHackTeam from Turkey, collectively has hacked and defaced 450+ random websites in order to celebrate republic day of Turkey on October 29. Hackers left a deface page with Mustafa Kemal ATATÜRK's image and a greeting message on Turkey's republic day. The deface message was expressed in following words: Since then, every year on October 29 is celebrated as Republic Day in Turkey
Sites of 3 Italian Educational Institutions Hosted on Government Domains Hacked (Softpedia) An Anonymous-affiliated hacker that uses the online moniker Ammar Liverpool has breached and defaced a total of three websites belonging to Italian educational institutions. All of the websites are hosted on government domains
#OpVendetta: Anonymous Calls for Massive Million Mask March on November 5th 2013 (HackRead) The online hacktivists from Anonymous have asked the people to join them on November 5th 2013 in a massive million mask march against the governments around the world in order to bring a change in society. The important point about this protest is that hacking or defacing will not be a part of it. It will be a protest on ground
Anonymous threatens Singapore with hacking attacks, calls for November 5 protest…perhaps (Naked Security) An anonymous person, claiming to be Anonymous, recently fired off a hacking threat against Singapore's financial systems. Should this threat be taken seriously
Path to Success for One Palestinian Hacker: Publicly Owning Mark Zuckerberg (Wired) "You've no idea what I've done," Khalil Shreateh said, bursting into the kitchen of his family's stone-and-concrete house in the South Hebron Hills. The stocky 30-year-old Palestinian ran a hand through his already haphazard hair. "I just posted on Mark
Smaller, Popular Open Source Software Packages Exposed in Sourceforge Review (Threatpost) Metasploit released exploit modules for security issues in seven smaller, yet popular, open source software packages, including e-Learning software Moodle
Cyber–security experts warn computer users of 'explosion of ransomware' (San Jose Mercury News via TribLive) Thousands of consumers are getting a nasty shock when they turn on their computers
Russia: Hidden chips 'launch spam attacks from irons' (BBC) Cyber criminals are planting chips in electric irons and kettles to launch spam attacks, reports in Russia suggest
Counterfeit money detector easily hacked to accept fake money (Help Net Security) A lot of simple electronic devices that we use every day can be easily hacked, because security has for a long time been at the very bottom of the list of things to care about when creating them
EU Council Chief Did Not Use Russian USB Stick Given to Summit Leaders (CIO) Media reports say that tainted USB sticks were handed to participants in the G20 summit in September
Internet of Things: Defence warns more devices means more risks (ComputerWorld) As the Internet of Things expands, industry and government must collaborate to bolster security of critical systems, according to Alex Zelinsky, chief defence scientist at the Department of Defence
Brandon University Hacked (eSecurity Planet) Names, addresses, birthdates and social insurance numbers from student applications between 2004 and 2009 may have been exposed
Cascade–based attack vulnerability on the US power grid (Elsevier) The vulnerability of real-life networks subject to intentional attacks has been one of the outstanding challenges in the study of the network safety. Applying the real data of the US power grid, we compare the effects of two different attacks for the network robustness against cascading failures, i.e., removal by either the descending or ascending orders of the loads
Security Patches, Mitigations, and Software Updates
Windows XP Malware: 6X As Bad As Windows 8 (InformationWeek) Need another reason to quit Windows XP before Microsoft ends support for the operating system in six months? Then consider that real-world Windows XP systems already sport a much higher rate of malware infections than Microsoft's more recent operating systems
Google Webmaster Tools Adds "Security Issues" Section (Search Engine Land) Google has announced the addition of a new section within Webmaster Tools named "Security Issues." This new section is aimed at better communicating to website owners security issues, such as site hacks, malware, and so on and then giving a more detailed and concise method of fixing the problem and submitting a review request
Experts weigh in with wish lists for Android 4.4 KitKat security (CSO) With the next version of its mobile OS, Google has a chance to prove that it's a good fit for the enterprise crowd
New Spamcop Traps Raise Old Issues (Return Path) Spamtrap operators play a valuable role in the email ecosystem. As stated in "M3AAWG Best Current Practices For Building and Operating a Spamtrap", spamtraps are "designed to capture any sort of email abuse." A well-run spamtrap network can identify many types of email abuse, from the very malicious – botnet command and control centers – to the mostly harmless but annoying – email marketers who are inadvertently sending to the wrong subscribers. In order to remain effective, spamtrap operators must frequently update their networks to ensure that they are adequately capturing enough data to identify abuse. As such, many spamtrap operators are continually preparing new traps which they can begin using at any time without warning
Anonymity is the enemy of privacy, says RSA grand fromage (The Register) RSA boss demands revamp of outdated privacy, security regs. RSA Europe 2013 A dogmatic allegiance to anonymity is threatening privacy, according to Art Coviello, executive chairman of RSA
Risk versus hype: What is the real impact of insider security threats? (SerchSecurity) In a recent survey of international corporate executives, insider threats were their No. 1 security concern. Does data justify this level of concern? Should the top priority (and subsequent resources) of enterprise infosec teams be to curb insider security threats
Social Engineers Pwn The 'Human Network' In Major Firms (Dark Reading) Apple, General Motors, Home Depot, Johnson & Johnson, Chevron, Boeing, and other major corporations easily fall to social engineers in recent contest, new report shows
DM Warns of Enemies' Cyber War against Iran (Fars News Agency) Iranian Defense Minister Brigadier General Hossein Dehqan warned of enemies' possible plots to wage a cyber war against the country to destroy Iran's scientific and industrial infrastructures
Cyber Warfare at Home and Abroad (Daily NK) Of late, there has been constant criticism of online political meddling carried out by the National Intelligence Service (NIS) and ROK military Cyber Command; incidents that have inflicted further harm on public trust in South Korea's state security apparatus. Though justified, this criticism has also led to confusion over the value of online defenses against North Korea's own cyber warfare. This is problematic, as cyber security experts mostly agree that Pyongyang is engaged in more such actions today than at any time in the past
'A Cyber Pearl Harbor' looms for vulnerable networks, McConnell says (Chicago Tribune) The United States is losing a "cyberwar" and it will take a "cyber Pearl Harbor" for the country to take the steps necessary to protect critical computer systems, the nation's former intelligence chief said
Eugene Kaspersky's roadshow on cyber–nasty woes of modern life (Irish Times) Kaspersky Lab, one of the top four global security firms, warns about the threat of cyberwarfare
How Can We Realistically Prep For A Cyber Attack? (National Geographic) American Blackout is not a movie about cybersecurity. It is about disaster preparedness. The 90-minute docudrama devotes less than five minutes to the cyber attack, saying only that it involves some sort of "malicious code" that somehow causes transformers and substations to blow up all over country. The rest of the movie follows the breakdown of civil society during a ten-day, nationwide blackout
Alexander: Defending Against Cyberattacks Requires Collaboration (American Forces Press Service) Catastrophic cyberattacks loom in the nation's future, and only collaboration among government agencies, Internet service providers and U.S. allies worldwide can help citizens prepare for them, the commander of U.S. Cyber Command said this afternoon
The Haunted House of Cyber Scares (PCMagazine) Don't think supernatural baddies exist? You're about to be proved wrong. Vampires and witches pose some of the most dangerous cyber threats out there. In the spirit of Halloween, Trend Micro released an entertaining infographic that pairs some of the spookiest frights to their cyber counterparts
Naming And Shaming Unlikely To Work For Cyberespionage (Dark Reading) Why a whistleblower's evidence of widespread surveillance by the NSA has caused the U.S. government to react, but Mandiant's revelations about Chinese espionage fail to curb that nation's efforts
The emerging turf battle between information and physical security pros (CSO) As security threats increasingly cross role boundaries, information and physical security pros struggle to get along, so what are the best practices for uniting both teams under a common goal
Romania's Bitdefender says "a listing on the stock exchange before 2016 is unlikely" (actmedia) "We are now reviewing our strategy for the next 3 to 5 years. Bitdefender will not list on the stock exchange before 2016. I am referring to the fact that we need to reach critical mass, and the first stage of this will probably happen in 2015," Florin Talpes, CEO and founder of Romanian security solutions provider Bitdefender, said
Lavabit And Silent Circle Join Forces To Make All Email Surveillance–Proof (Forbes) In recent months, Lavabit, based in Texas, and Silent Circle, based in Washington, D.C., both shuttered their encrypted email services. The companies said they couldn't keep them running knowing they were vulnerable to surveillance if faced with a dedicated enough attacker... which for Lavabit came in the form of the federal government when it wanted access to NSA whistleblower Edward Snowden's Lavabit account. Now the companies are teaming up with plans to offer an open-source tool that could make peer-to-peer, end-to-end encryption an easy add-on for any email service. The challenging part: they need to get other email providers — especially the heavyweights, Google, Yahoo, and Microsoft — to join them in offering the tool
Northrop Grumman Receives Two 2013 Nunn–Perry Awards for Superb Performance in the DOD Mentor–Protege Program (MarketWatch) Springfield, Va.-based MVLE Inc. and Kimmich Software Systems, Inc., of Columbia, Md., are protege partners
Lockheed Martin Brings FireEye, Red Hat And Splunk To Its Cyber Security Alliance (MarketWatch) Lockheed Martin (NYSE: LMT) today announced that FireEye (NASDAQ: FEYE), Red Hat (NYSE: RHT) and Splunk Inc. (NASDAQ: SPLK) have joined its Cyber Security Alliance and have agreed to collaborate on solutions that can enhance an intelligence driven defense approach to solve customers' hardest problems
Why you should care about something as boring as an accounting firm merger (Quartz) PriceBoozHouse. PricewaterhouseBooz. BoozPrice. Pooz? Those are just a few of the scintillating names that could come from combining two of the world's biggest professional services firms, accounting behemoth PricewaterhouseCoopers, and management consulting house Booz & Company. The firms announced plans to tie up today, which should help give sluggish PricewaterhouseCooper a boost. But what's good for the bottom line isn't always good for the integrity of the business; the move raises concern about the accounting industry's longstanding troubles with conflicts of interest
Products, Services, and Solutions
EMT announces availability of Secunia PSI in Arabic (Kipp Report) The availability to help individual PC users across the Arab world to stay more secure with the latest version of Secunia Personal Software Inspector
Sophos delivers cloud–based endpoint security (Help Net Security) Sophos announced Sophos Cloud, an easy to use security service that provides essential protection for today's advanced threats. This first version of Sophos Cloud provides protection at the endpoint
Secure corporate BYOD solution by ForeScout (Help Net Security) ForeScout Technologies announced interoperability between ForeScout CounterACT network security and SAP Afaria mobile device management (MDM) platforms. The combination enables companies to accelerate
RSA takes a big data approach to help with high–risk threats (Help Net Security) RSA, The Security Division of EMC, unveiled RSA Vulnerability Risk Management (VRM), a new software solution designed to help organizations improve their overall security posture by analyzing massive
Lockheed Martin Cyber Solution Enables Secure Data Sharing Between Top Secret and Unclassified Security Domains (Wall Street Journal) Lockheed Martin (NYSE: LMT) has developed a cyber security solution that allows intelligence to be securely shared among personnel working at all security levels -- from highly classified intelligence sites to unclassified users in the field. This high assurance information solution, called Trusted Sentinel, allows data to be manually and/or automatically transferred between two or more differing security domains by using a single consolidated configuration of hardware and software
FireEye Introduces New Virtual Machine–Based Threat Protection for Remote or Branch Offices (MarketWatch) FireEye, Inc. FEYE -3.80% , the leader in stopping today's advanced cyber attacks, today announced the launch of the FireEye(R) NX 900, extending the FireEye virtual machine-based threat protection to remote or branch offices. With the FireEye NX 900, organizations can better protect one of the weakest links in enterprise security against advanced attacks. The FireEye NX 900 will be generally available before the end of the year
Five free apps for encrypting email (TechRepublic) Whether you are using an email client or a web-based email solution, you can encrypt your email
Facebook may start logging your cursor movements (Ars Technica) Facebook wants to know not just where your mouse ends up, but where it's been
Network IDS reduces "white noise" for more focus on critical vulns (Help Net Security) RandomStorm has announced the latest release of its next generation network intrusion detection system (NIDS), StormProbe
Technologies, Techniques, and Standards
NIST revises cybersecurity training special publication (FierceGovIT) The National Institute of Standards and Technology released Wednesday a public draft of a special publication governing federal agency cybersecurity role-based training
Improving Critical Infrastructure Cybersecurity: Executive Order 13636 (NIST) The Preliminary Cybersecurity Framework for improving critical infrastructure cybersecurity is now available for review. The Preliminary Cybersecurity Framework is provided by the National Institute of Standards and Technology (NIST). If the Cybersecurity Framework is to be effective in helping to reduce cybersecurity risk to the Nation's critical infrastructure, it must be able to assist organizations in addressing a variety of cybersecurity challenges. The National Institute of Standards and Technology (NIST) requests 9 that reviewers consider the following questions
Arab world to get internet addresses in Arabic script (The National) Internet addresses can now be registered in Arabic script following approval from the global regulator last week
Compliance Checklist: Cloud Encryption Best Practices for Banks and Insurance Companies (Ciphertext) For industries whose handling of sensitive consumer data renders them subject to strict regulations, the cloud is anything but a simple choice. Before you can commit to the cloud, you'll have to understand exactly what cloud information protection measures you must take to remain in regulatory compliance. Follow this checklist to protect your organization's data and business interests
Do you have your security checklist for deploying on the cloud? (Trend Micro Simply Security) With AWS re:Invent 2013 right around the corner, I know many of you have the cloud on your mind. Which makes me wonder – is security one of the cloud topics you are thinking about
BSIMM Advancing Software Security (eSecurity Planet) The annual Building Security in Maturity Model (BSIMM) study adds new software security data every year. Nearly 70 companies contributed to version five, introduced this week
Making metadata meaningful for network security (CSO) Metadata is most simply data about data. From a network security perspective it has multiple uses ranging from real-time incident detection to post-prevention forensic analysis. Before you start exploring the many uses of metadata extracted from your network environment, there are some variables that must be considered
Critical Manufacturing Sector Named as One of the Critical Infrastructures Carrying Large Supply Chain Cyber Risk According to Cyber Security Executive Order (Cyber Data-Risk Managers) Due to the increasing pressures from external threats, organizations responsible for critical infrastructure need to have a consistent and iterative approach to identifying, assessing, and managing cybersecurity risk. The critical manufacturing sector was named as one of the critical infrastructures that carries large (supply chain) cyber risk according to the Cyber Security Executive Order that is expected to be released in its final form in February 2014
America's Best Student Researchers to Compete in NYU–Poly Cyber Security Awareness Week (Sacramento Bee) Judges chose 10 of the best young researchers to progress to the final round of the prestigious Best Applied Security Paper Contest during the world's biggest student cyber security challenge event. The 10 doctoral candidates from across the United States will gather on the Brooklyn campus of the Polytechnic Institute of New York (NYU-Poly) for the 10th annual Cyber Security Awareness Week
Capitol Hosts Cybersecurity Awareness Event (Capitol College) [On October 16, 2013], Capitol College hosted students from Oxon Hill High School, Charles H Flowers High School, Frederick Douglas High School and Fort Meade High School for a cybersecurity awareness event in honor of National Cybersecurity Awareness month. Every October is National Cybersecurity Awareness Month and it is an excellent opportunity to help create a safe, secure, and resilient cyber environment
Legislation, Policy, and Regulation
Remarks as delivered by James R. Clapper Director of National Intelligence (IC on the Record) Open Hearing on Continued Oversight of the Foreign Intelligence Surveillance Act to the House Permanent Select Committee on Intelligence
"You can't have your privacy violated if you don't know your privacy is violated" (Naked Security) House Intelligence Committee Chairman Mike Rogers suggested during a hearing at the US National Security Agency (NSA) on Tuesday that it's impossible to have your privacy violated if you don't know that your privacy is being violated
Google 'outraged' by government snooping; NSA chief denies claim (CNN) The National Security Agency's director flatly denied a Washington Post report Wednesday that the NSA secretly broke into communications links to Google and Yahoo servers overseas
NSA fires back at Washington Post report (Politico) A new report that the U.S. government had infiltrated links to Google's and Yahoo's data centers around the globe drew a sharp rebuke Wednesday from the National Security Agency, which declined to comment whether such collection had ever occurred
NSA bombshell shocks former spooks (Foreign Policy) Former intelligence officials, technology industry executives and lawmakers reacted with anger and anxiety over the latest revelations that the National Security Agency is reportedly infiltrating some of the world's biggest technology companies and making off with the private communications of millions of their customers
'Numerous' NSA Analysts Don't Like The Google Cloud Hack, And For Good Reason (Business Insider) The National Security Agency has found a way to circumvent the encryption process between Yahoo/Google's public Internet and cloud encryption through a program codenamed MUSCULAR, reports Barton Gelmann of the Washington Post
Analysis: NSA's data grab ought to boost privacy concerns (Louisville Courier-Journal) The latest revelation of how government spies tap into the personal data that U.S. consumers so blithely place into the control of the Internet's advertising giants is the most profound yet
NSA denials are 'Implausible,' France says (Washington Post) France rejected as implausible assertions by U.S. intelligence agencies Wednesday that they had not collected phone records of millions of European citizens, and a French government spokeswoman said the charges "appear to have been thoroughly substantiated"
European and German delegations visit White House to talk National Security Agency surveillance (Politico) Delegations from the European Union and Germany visited the White House Wednesday to discuss the ongoing controversy over National Security Agency surveillance that allegedly swept up communications of European leaders and members of the public
U.S. security agency denies reports it targeted Vatican (Reuters) The National Security Agency, responsible for U.S. electronic eavesdropping, said on Wednesday that it does not target the Vatican, and called an Italian media report that it had done so "not true."
China says it will take measures to uphold its information security in the wake of NSA allegations (Washington Post) China says it will take steps to protect its data better in the wake of allegations that the U.S. National Security Agency collected millions of phone
What Hides in the 'Box'? (Israel Defense) Ronen Solomon reveals: the US embassy in Tel Aviv and other US embassies around the world possess devices similar to the one used for wiretapping purposes in Berlin, according to the investigation by Der Spiegel
NSA uproar could spark changes not seen since 1970s (USA Today) As criticism of the National Security Agency mounts, the U.S. intelligence community is bracing for an overhaul of how it does business on a level not seen since Sen. Frank Church held hearings into intelligence abuses nearly four decades ago
Woodward: "Secret" Government Under Obama Administration Needs To Be Reviewed (Face the Nation via Real Clear Politics) BOB SCHIEFFER: What is so interesting, Bob Woodward, and you know, you and I have seen a lot of these things. BOB WOODWARD: Too much. SCHIEFFER: The first thing that agencies tend to do is try to make sure they can't be blamed for something. And, clearly, that is why the FBI and the CIA did not come clean with the Warren commission, and why maybe they didn't even tell the agents in Dallas what was going on
Breaking Bad: America Has Used Walter White Logic Since 9/11 (The Atlantic) The earliest moral compromises made to fight terrorism spiraled out of control, doing grave harm at home and abroad
PayPal Tells Government How to Improve Electronic Payments Regulation (Storefront Backtalk) PayPal (NASDAQ: EBAY) is telling global governments how they can better regulate technology companies–especially, of course, payment processors such as itself. Really
Senate bill calls for random background checks for clearance holders (Federal News Radio) In the aftermath of the Sept. 16 shootings at the Navy Yard and security leaks caused by former National Security Agency contractor Edward Snowden, a group of senators has decided it's time to update how the government conducts security clearance background checks
Swalwell Passes Amendment to Recruit Veterans and Mid–Career Professionals for Cybersecurity Careers (Livermore Patch) U.S. Representative Eric Swalwell (CA-15) passed an amendment in the Committee on Homeland Security to direct the Department of Homeland Security (DHS) to take a broader approach in its cybersecurity workforce recruitment on Oct. 29
Los Angeles creates 'Cyber Intrusion Command Center' (Reuters via Yahoo! News) Los Angeles Mayor Eric Garcetti, citing warnings by President Barack Obama and National Intelligence Director James Clapper about the threat of attacks on computer networks, on Wednesday announced the creation of the city's first "Cyber Intrusion Command Center"
Litigation, Investigation, and Law Enforcement
How enterprises can avoid violating the Stored Communications Act (SearchSecurity) I saw that there was a recent case in Ohio, Lazette v. Kulmatycki, where a company was found in violation of the Stored Communications Act, or SCA, because it didn't adequately tell employees how it monitors communications on BYOD devices. What sort of BYOD monitoring details should we include (or not include) in our policy
Adobe cyber attack to trigger flood of legal action, forecast lawyers (The Lawyer) A welter of legal action could tumble out of Adobe's admission yesterday that it had suffered a far greater breach of data security in a cyber attack earlier this month, leading technology lawyers warn
Boris Johnson defends Guardian's coverage of NSA espionage revelations (FreeNewsPos) The mayor of London said today that he believes the Guardian's exposure of espionage within UK and US intelligence agencies was right and that the public deserved to know
PNP bags 4 Koreans in 'voice phishing' scam (FreeNewsPos) Four Koreans involved in the so-called "voice phishing" scam were nabbed by the Cyber Response Team of the Philippine National Police-Anti-Cybercrime Group (PNP-ACG) during operations in 30 Bb. Librado Avelino St., Circulo 12, BF Homes, Paranaque City Thursday
Edward Snowden gets a thrilling new gig — doing Russian tech support (VentureBeat) If you thought Edward Snowden's renown as a famed leaker of corporate secrets has made him unemployable for life — you thought wrong
For a complete running list of events, please visit the Event Tracker.
CyberInnovation Briefing (Baltimore, Maryland, USA, Nov 7, 2013) As cyber attacks plague critical infrastructure, financial institutions, and the federal government, liability and privacy remains a growing concern. With losses mounting and sensitive information being leaked several questions remain unanswered - who's liable, who's responsible, what are enterprises doing to protect their customers? In this panel, experts in cyber security liability, privacy, and insurance will define cyber security and privacy liability, explore the basic coverage offered under cyber security and privacy insurance policies, the types of claims being paid out, the costs for coverage, the process for notification and handling of claims, breach litigation (minimizing the risk of a law suit and finding settlement opportunities), and forensics, crisis management and parties involved when a breach occurs.
RSA Conference Europe (Amsterdam, the Netherlands, Oct 29 - 31, 2013) Information security today isn't optional. It's business-critical. Over three days, RSA® Conference Europe 2013 imparts the must-know actions to manage growing cyber threats. With over 60 sessions spanning 10 hours, attend the educational and networking event that builds your knowledge and furthers your career.
TrustED 2013 (Berlin, Germany, Nov 4, 2013) In this workshop we consider selected aspects of cyber physical systems and their environments. We aim at bringing together experts from academia, research institutes, industry and government for discussing and investigating problems, challenges and some recent scientific and technological developments in this field. In this context we particularly are interested in the participation of industry representatives.
OKTANE 1 (San Francisco, California, USA, Nov 3 - 5, 2013) OKTANE13 is an identity, security and mobility event. Whether you're just getting started with cloud applications, evaluating a mobile strategy, building a hybrid enterprise IT, or looking to make your employees more productive and secure, OKTANE13 will keep you up to date with the latest enterprise technology.
MIRcon 2013 (Washington, DC, USA, Nov 5 - 6, 2013) With targeted attacks becoming more prevalent, today's incident responders are faced with the tremendous challenge of accelerating their response times while capturing relevant data from attacks in progress. From analysts and innovators to managers and executives the Mandiant Incident Response Annual Conference® (MIRcon®) is an excellent investment in your business and your professional development where you will learn about new technologies, incident response best practices, and key strategies for managing network security.
KMWorld 2013 (, Jan 1, 1970) KMWorld 2013 is a must-attend event for those concerned with improving their organizations' bottom line, business processes, and productivity, as well as streamlining operations, and accelerating development and innovation in their evolving enterprises. It offers a wideranging program especially focused to meet the needs of executives, and strategic business and technology decision-makers. Attendees learn how to maximize their technology investments through practical information and case studies; build relationships with speakers and thought leaders from around the world; and create flexible, competitive enterprises.
Maryland Art Place Annual Fall Benefit (Baltimore, Maryland, USA, Nov 9, 2013) Maryland Art Place (MAP) is pleased to announce the participating artists of its 2013 Annual Fall Benefit, the Starlight Dinner - highlighting technology and innovation in contemporary art. The dinner will be held on Saturday, November 9, 2013 at 6 o'clock in the evening at the beautiful Thames Street Wharf building, located at Harbor Point courtesy of Beatty Development. A great deal of technology of interest to the cyber community will be on display.
cybergamut Technical Tuesday: Location Based, Context Aware Services for Mobile — Today and Tomorrow by Guy Levy-Yurista, Ph.D. (available at various nodes, Nov 12, 2013) As we continue to grow our dependence on mobile devices in our daily routine from taking pictures to delivering corporate documents, the contexts in which these devices are acting becomes increasingly important. Mobility today does not only take into account who the user is but where they are, when they are there, why they go there, what they're interested in, and what they're going to do. As our smart phones evolve, they are growing into a contextual engine that will not be just our personal assistant, but also our best friend providing us with all our information needs at the right time and in the right place.
Cyber Education Symposium (Arlington, Virginia, USA, Nov 19 - 20, 2013) Both the public and the private sectors suffer from a lack of highly trained and effective cyber security leaders. In response, the government, businesses, and academic institutions are all exploring ways to retrain the existing workforce and develop a new pool of cybersecurity professionals capable of meeting the needs of tomorrow. The Cyber Education Symposium offers a rare opportunity for the brightest minds in government (.gov), the private sector (.com), and the educational community (.edu) to convene and discuss trends and challenges in cybersecurity education. The Symposium will provide a forum to identify new ways of thinking about the problem, exchange best practices, and forge a pathway forward that leverages the full resources of our nation's leadership.
APPSEC USA (New York, New York, USA, Nov 18 - 21, 2013) Welcome to Appsec USA 2013, New York - a world class software security conference for developers, auditors, risk managers, and entrepreneurs, bringing you the world's top speakers, the most relevant security topics and an unbeatable atmosphere. Hosted by OWASP.
IT Forum Expo/Black Hat Regional Summit (, Jan 1, 1970) Black Hat Regional Summit will introduce a mix of local in-region experts and researchers from around the globe, discussing the latest trends in information security with an audience of peers. The sessions will provide candid insight and education for IT security professionals.
2nd Annual East Africa IT and Cyber Security Convention 2013 (Nairobi, Kenya, Nov 28 - 29, 2013) The 2nd Annual East Africa IT and Cyber Security Convention 2013 will bring together leading Cyber and IT Security experts who will provide key insights into critical cybersecurity issues surrounding cyber networks, mobile, and IT infrastructures. Enhancing the security, resiliency, and reliability of the nation's cyber and communications infrastructure is a challenge that must be met, attend the East Africa Cyber Security and IT Security Convention 2013 that will equip you with a comprehensive range of clarifications and solutions.