[ISN] Attend The DCOI – INSS-CSFI Defensive Cyberspace Operations and Intelligence Conference

Attend The INSS-CSFI Conference, Exhibition, Workshops & Trainings Defensive Cyberspace Operations & Intelligence Conference – DCOI Tel Aviv, April 8-9, 2014 – http://www.dcoi.org.il/ Join us in being part of cyber history! This is the very first Cyberspace Operations event in Israel. InfoSec News subscribers can save 10% by entering: 230710 at checkout For sponsorship opportunities & delegations of 5+ Please contact: Hadask (at) inss.org.il In Cooperation with: National Cyber Bureau OCS-Office of the Chief Scientist Israel Export Institute Ministry of Intelligence C4I Corps The Defensive Cyberspace Operations & Intelligence Conference aims to contribute to an informed public debate on cyber security and to promote international collaborations in the technological, legal, and policy-making domains. The conference will deal with: · Cyberspace Operations & Intelligence · Advanced defense technologies · National policy and strategy · Cybercrime and cyber-terrorism · Policy, legality, legislation, and regulation Our list of speakers: Dr. Yuval Steinitz Minister of Intelligence, Israel MG. (ret.) Amos Yadlin Director of INSS Dr. Eviatar Matania Head of the National Cyber Bureau, Prime Minister’s Office, Israel Avi Hasson Chief Scientist of the Israeli Ministry of Economy, Israel Dr. Col. (res.) Gabi Siboni Director of the Cyber Warfare Program (INSS) Paul De Souza President of Cyber Security Forum Initiative (CSFI) Dr. Yossi Vardi Internet entrepreneur General José Carlos dos Santos Commander in Chief, Center for Cyber Defense, Brazilian Army MG (ret.) ‘Punch’ Moulton Senior Director of Cyberspace, Stellar Solutions BG. Carlos G. L. de Medina Chief of the ESP Joint Cyber Command, Spain BG Nadav Zafrir Outgoing Head of the IDF 8200 Unit Nir Gaist Senior Security Expert, CEO Nyotron BG (res.) Yair Cohen Former head of the Unit 8200 IDF MG (ret.) Jonathan Shaw Digital Barriers plc, UK Rear Admiral (ret.) Norman Hayes Former Director of the Intelligence, EUCOM (J-2) Mr. James Lewis Cyber Defense Training Systems & Center MG Uzi Moscovici Head of IDF J6/C4i Directorate, IDF, Israel US Army BG Bruce T. Crawford Director, J-6, C4/Cyber EUCOM Mr. Daniel Cohen Research fellow, INSS Michal B.Braverman Microsoft Israel R&D center Mr. Etay Maor Fraud Prevention Solution Manager, Trusteer – IBM Mr. Roger W. Kuhn Command Science Advisor, NECC, USA




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Regulator: Las Vegas Sands hackers didn’t steal credit cards

http://www.lasvegassun.com/news/2014/feb/13/regulator-las-vegas-sands-hackers-didnt-steal-cred/ By Hannah Dreier Associated Press Feb. 13, 2014 A Nevada gambling regulator said Thursday that the hackers who knocked down all Las Vegas Sands websites for three days and counting did not steal any patron data, including credit card information. Nevada Gaming Control Board chairman A.G. Burnett said regulators’ first priority after the world’s largest casino operator was hacked Monday was to ensure the safety of player information and the integrity of the gambling systems. Burnett said Sands has confirmed that hackers did not compromise these two areas. Last December, Las Vegas-based casino operator Affinity Gaming announced that its credit-card transactions had been hacked and warned its 300,000 customers to take steps to protect themselves from identity theft. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] DHS Hires Booz to Finish Cyberattack Drill Job

http://www.nextgov.com/cybersecurity/cybersecurity-report/2014/02/dhs-hires-booz-finish-cyberattack-drill-job/78833/ By Aliya Sternstein Nextgov.com February 13, 2014 The Homeland Security Department has decided to extend a contract for help on a biennial cyberattack drill with Booz Allen Hamilton. The roughly $400,000 follow-on runs from Feb. 6 through April 6, according to a Jan. 13 justification for not letting other firms bid on the upcoming work. Booz won a five-year $15 million contract for the project in 2009. Booz was unable to get the job done on time due to hiccups in the federal billing cycle, DHS said.. “The delays can be entirely attributed to government action, including the government shutdown,” DHS officials said in the justification, which was signed Jan. 13. Homeland Security offices “would like to complete planned deliverables that have projected schedule delays through no fault of the contractor.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Prepare for cyber war, Iran’s supreme leader tells students

http://www.haaretz.com/news/middle-east/1.574043 By Haaretz Feb. 13, 2014 Iranian Supreme Leader Ayatollah Ali Khamenei has urged the country’s students to prepare for cyber war, the semi-official Mehr News Agency reported on Wednesday. Khamenei delivered a message to a university students’ association, or his “Revolutionary foster-children,” as he called them, reminding them that they are “cyber-war agents” who must prepare for battle, Mehr reported. “You are the cyber-war agents and such a war requires Ammar-like insight and Malik Ashtar-like resistance,” he wrote according to Mehr, referring to two Prophet’s companions in early Islamic history. “Get yourselves ready for such war wholeheartedly.” Also Wednesday, Iran’s Chief of Staff, General Hassan Firouzabadi, said his country is ready for a “decisive battle” with the U.S. and Israel, and dismissed threats against Tehran as “political bluffing.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Inside Endgame: A Second Act For The Blackwater Of Hacking

http://www.forbes.com/sites/andygreenberg/2014/02/12/inside-endgame-a-new-direction-for-the-blackwater-of-hacking/ By Andy Greenberg Forbes Staff 2/12/2014 This story appears in the March 3, 2014 issue of Forbes. In the classic hacker career narrative, a juvenile genius breaks into the Internet’s most sensitive networks, gets caught and then settles into a lucrative corporate gig selling his skills for defense. Nate Fick is trying to pull off the same story with an entire company. Fourteen months ago Fick took over as chief executive of Endgame, perhaps the most controversial name in Washington, D.C. cybersecurity contracting. For years Endgame’s elite hackers worked in the shadows of the Beltway to build and sell “zero-day exploits,” an industry term for malicious code that abuses a previously unidentified vulnerability. As a contractor to military and intelligence agencies including the NSA, it enabled some of those customers’ most intrusive spying practices by offering ways to break into software from the likes of Microsoft – MSFT +0.79%, IBM – IBM +0.3% and Cisco for millions of dollars. Fick’s daunting task now: To shift his firm’s focus to the far wider market in commercial defense products


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Email Attack on Vendor Set Up Breach at Target

http://krebsonsecurity.com/2014/02/email-attack-on-vendor-set-up-breach-at-target/ By Brian Krebs Krebs on Security February 12, 2014 The breach at Target Corp. that exposed credit card and personal data on more than 110 million consumers appears to have begun with a malware-laced email phishing attack sent to employees at an HVAC firm that did business with the nationwide retailer, according to sources close to the investigation. Last week, KrebsOnSecurity reported that investigators believe the source of the Target intrusion traces back to network credentials that Target had issued to Fazio Mechanical, a heating, air conditioning and refrigeration firm in Sharpsburg, Pa. Multiple sources close to the investigation now tell this reporter that those credentials were stolen in an email malware attack at Fazio that began at least two months before thieves started stealing card data from thousands of Target cash registers. Two of those sources said the malware in question was Citadel


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] White House pushes cybersecurity framework for critical infrastructure

http://www.computerworld.com/s/article/9246266/White_House_pushes_cybersecurity_framework_for_critical_infrastructure By Grant Gross IDG News Service February 12, 2014 A new cybersecurity framework released Wednesday by the Obama administration aims to help operators of critical infrastructure develop comprehensive cybersecurity programs. The voluntary framework creates a consensus on what a good cybersecurity program looks like, senior administration officials said. The 41-page framework takes a risk management approach that allows organizations to adapt to “a changing cybersecurity landscape and responds to evolving and sophisticated threats in a timely manner,” according to the document. Organizations can use the framework to create a “credible” cybersecurity program if they don’t already have one, said one senior Obama administration official. “The key message is that cybersecurity is not something you just put in place and walk away,” the official said, in a background press briefing. “There’s no prescription or magic bullet for cybersecurity. There are only well-conceived, proven ways of continuously managing the risks.” The framework, building on a presidential directive from a year ago, can help “companies prove to themselves and to their stakeholders that good cybersecurity can be the same thing as good business,” the official said. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail