-- The National Cybersecurity Innovation Conference, April 18-19, 2011 - CISOs and other users (no vendors or consultants) sharing remarkable solutions they found to (1) defense against APT, (2) continuous monitoring, (3) proving the value of security investment and making security strategic, (4) reliable, risk-based decisions on which new tools to buy, (5) finding all their hardware and software across large networks, (6) the most promising automation initiative in security. Plus expert briefings on the most dangerous new attack techniques and the 20 Critical Controls. http://www.sans.org/cyber-security-innovations-2011/
-- SANS Northern Virginia 2011, Reston, VA, April 15-23, 2011 11 courses. Bonus evening presentations include Cyberwar or Business as Usual? The State of US Federal CyberSecurity Efforts http://www.sans.org/northern-virginia-2011/
-- SANS Security West 2011, San Diego, CA, May 3-12, 2011 23 courses. Bonus evening presentations include The Emerging Security Threat Panel Discussion; and Emerging Trends in Data Law and Investigation http://www.sans.org/security-west-2011/
-- SANSFIRE 2011, Washington, DC, July 15-24, 2011 40 courses. Bonus evening presentations include Ninja developers: Penetration testing and Your SDLC; and Are Your Tools Ready for IPv6? http://www.sans.org/sansfire-2011/
Plus Barcelona, Amsterdam, Brisbane, London and Austin all in the next 90 days. For a list of all upcoming events, on-line and live: http://www.sans.org/index.php
********************* SPONSORED BY WinMagic Inc. *************************
WinMagic SecureDoc offers a comprehensive full-disk encryption solution for Windows, Mac, and Linux platforms and removable media (USB thumb drives, CD/DVDs, SD Cards). The central administration console simplifies enterprise management of encrypted devices, user permissions, and encryption keys. SecureDoc manages Intel Anti-theft Technology, SEDs, advanced Lenovo technologies, and exclusively offers pre-boot networking. Evaluate SecureDoc today.
************************** SPONSORED LINK ********************************
1) New SANS Analyst Program Webcast: Debunking Continuous Monitoring Myths, May 17, 1PM EDT. Learn what holds organizations back from implementing continuous monitoring and where to get started. Featuring Eugene E. Schultz and Steve Johnston. http://www.sans.org/info/75139
Gonzalez Seeks to Have Guilty Plea and Sentence Thrown Out (April 7, 2011)
The mastermind behind the massive cyber theft of credit card information from TJX, Heartland Payment Systems, Office Max and other companies is seeking to withdraw his guilty plea. Albert Gonzalez wants a federal judge to throw out his pleas and his 20-year prison sentence; he maintains that the government authorized his activities. The government does not dispute that while stealing the data, Gonzalez was an undercover Secret Service informant. In this action, Gonzalez is acting as his own attorney. -http://www.wired.com/threatlevel/2011/04/gonzalez-plea-withdrawal/
Regional Winners to Meet in Collegiate Cyber Security Competition Finals (April 7, 2011)
New Security Tool Will Enhance Troops' Computing Experience (April 6, 2011)
US troops stationed in the Middle East are expected to begin using copies of the Unified Golden Master, a disk that standardizes security settings on Windows computers. In combat operations, there is often inadequate staff to ensure that computers are kept patched and secured; this tool will eliminate the need to fine tune more than 1,200 settings. It also includes a trio of features that will help prevent malware from making its way onto the computers. -http://www.nextgov.com/nextgov/ng_20110406_5909.php
Legislators Consider Methods of Combating Piracy (April 6, 2011)
At a US House Judiciary Committee Internet subcommittee hearing, several US legislators suggested that search engines filter search results so they do not include websites that violate copyright law and trade in counterfeit goods. Google senior VP and general counsel Kent Walker says his company does take steps to minimize the presence of such sites and has shut down a large number of accounts for trying to use sponsored links to advertise counterfeit merchandise, but that Google does not want to decide which sites should be left out of search results. Walker suggested that rather than trying to remove the offending sites from search results, the focus should turn to the advertising and financial activity that support the sites. -http://www.computerworld.com/s/article/9215580/Lawmakers_question_whether_search _engines_aid_piracy?taxonomyId=17
The Hartford Servers Infected with Password-Stealing Malware (April 6 & 7, 2011)
The Hartford insurance company has notified approximately 300 employees, contractors and customers of a security breach in which attackers managed to install password-stealing malware known as Qakbot on some of the company's servers. The attack was discovered in February 2011; fewer than 19 customers were affected. The Hartford sent letters to people who had logged in to an infected server between February 22 and 28, 2011. -http://www.pcworld.com/businesscenter/article/224471/windows_servers_hacked_at_t he_hartford_insurance_company.html -http://it.tmcnet.com/topics/it/articles/162069-hartford-insurance-company-falls- victim-hack-attack.htm [Editor's Note (Pescatore): The press loves big numbers, so incidents like the Epsilon compromise get lots of attention. But there are huge numbers of compromises like this one happening that are much more targeted and often actually more damaging than many of the large scale attacks because they go undetected longer. Qakbot had some really sophisticated variants that actually only forward targeted credentials out to command and control/drop sites, reducing its "noise" level even more. ]
Former Gucci Employee Charged for Alleged Attack on Network (April 5, 2011)
Eugene Schultz, Ph.D., CISM, CISSP, GLSC is CTO of Emagined Security and the author/co-author of books on Unix security, Internet security, Windows NT/2000 security, incident response, and intrusion detection and prevention. He was also the co-founder and original project manager of the Department of Energy's Computer Incident Advisory Capability (CIAC).
John Pescatore is Vice President at Gartner Inc.; he has worked in computer and network security since 1978.
Stephen Northcutt founded the GIAC certification and currently serves as President of the SANS Technology Institute, a post graduate level IT Security College, www.sans.edu.
Dr. Johannes Ullrich is Chief Technology Officer of the Internet Storm Center and Dean of the Faculty of the graduate school at the SANS Technology Institute.
Ed Skoudis is co-founder of Inguardians, a security research and consulting firm, and author and lead instructor of the SANS Hacker Exploits and Incident Handling course.
Rob Lee is the curriculum lead instructor for the SANS Institute's computer forensic courses (computer-forensics.sans.org) and a Director at the incident response company Mandiant.
Rohit Dhamankar is a security professional currently involved in independent security research.
Tom Liston is a Senior Security Consultant and Malware Analyst for Inguardians, a handler for the SANS Institute's Internet Storm Center, and co-author of the book Counter Hack Reloaded.
Dr. Eric Cole is an instructor, author and fellow with The SANS Institute. He has written five books, including Insider Threat and he is a founder with Secure Anchor Consulting.
Ron Dick directed the National Infrastructure Protection Center (NIPC) at the FBI and served as President of the InfraGard National Members Alliance - with more than 22,000 members.
Mason Brown is one of a very small number of people in the information security field who have held a top management position in a Fortune 50 company (Alcoa). He is leading SANS' global initiative to improve application security.
David Hoelzer is the director of research & principal examiner for Enclave Forensics and a senior fellow with the SANS Technology Institute.
Mark Weatherford, Chief Security Officer, North American Electric Reliability Corporation (NERC).
Alan Paller is director of research at the SANS Institute.
Marcus J. Ranum built the first firewall for the White House and is widely recognized as a security products designer and industry innovator.
Clint Kreitner is the founding President and CEO of The Center for Internet Security.
Brian Honan is an independent security consultant based in Dublin, Ireland.
David Turley is SANS infrastructure manager and serves as production manager and final editor on SANS NewsBites.
Please feel free to share this with interested parties via email, but no posting is allowed on web sites. For a free subscription, (and for free posters) or to update a current subscription, visit http://portal.sans.org/