Fotolia
OURSA takes on RSA Conference to highlight diversity
News roundup: Our Security Advocates emerges amid criticism of RSA Conference's lack of female keynote speakers. Plus, a kill switch is discovered for the Memcrashed DDoS exploit, and more.
A new security conference, called OURSA, launched this week following criticism of RSA Conference 2018 and its lack of female keynote speakers.
RSA Conference came under fire in recent weeks, as security professionals and technology experts slammed the show for having no female infosec professionals as keynote speakers.
This year's RSA Conference features 22 keynote speakers, but only one is female. Anti-bullying activist and privacy advocate Monica Lewinsky is scheduled to deliver one of the keynote addresses, but critics have noted that she is not a security professional.
Last month, Facebook CSO Alex Stamos criticized RSA Conference and threw out the idea of putting together another "alt conference" to highlight diversity in the infosec profession.
In 2014, several infosec professionals, including Stamos, formed a rival conference, known as TrustyCon, to protest RSA Security's reported ties to the U.S. National Security Agency. Earlier this week, organizers unveiled Our Security Advocates, or OURSA, which will take place at Cloudflare's headquarters in San Francisco on April 17.
Maybe it's time to rent out the Metreon again for an alt-conference, this time all women speakers (with me handing out popcorn). Anybody game?
— Alex Stamos (@alexstamos) February 27, 2018
According to OURSA's website, the event "highlights a diverse set of experts from across information security, safety, trust and other related fields," including Parisa Tabriz, engineering director for Google's Chrome browser; Aanchal Gupta, security director at Facebook; Amie Stepanovich, U.S. policy manager at internet advocacy group Access Now; and Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation.
The conference will feature four primary session topics: "Advocating for High-Risk Groups," "Applied Security Engineering," "Practical Privacy Protection" and "Security Policy & Ethics for Emerging Tech." While the event is sold-out, organizers said sessions can be livestreamed.
Last year's RSA Conference also featured just one female keynote speaker: Dame Stella Rimington, former director general of MI5, the United Kingdom's domestic counterintelligence and security agency. In 2016, the event featured two: Sandra Toms, vice president and curator of RSA Conference, and Nuala O'Connor, president and CEO of the Center for Democracy & Technology. Other security conferences have also had a noticeable lack of female and minority speakers.
RSA Conference responded to the criticism of this year's show in a blog post from Toms. "Overall this year, RSA Conference will feature more than 130 female speakers, on both the main stage, industry experts stage and in a variety of other sessions and labs, tackling topics from data integrity to hybrid clouds and application security, among others," Toms wrote. "And while 20% of our speakers at this year's conference are women, we fully recognize there is still work to be done."
In other news
- After two record-setting terabit distributed denial-of-service (DDoS) attacks that exploited memcached servers exposed to the internet, Corero Network Security, a network security company headquartered in Marlborough, Mass., promoted a simple mitigation that uses the memcached command flush_all as a kill switch for the attack. The Memcrashed DDoS exploit gained attention after a 35 Tbps attack that disrupted GitHub services for about 10 minutes last month, followed by a 1.7 Tbps DDoS attack reported by DDoS defense company NetScout, on an unnamed company that resulted in no service disruption. Corero said organizations targeted by the Memcrashed DDoS exploit can mitigate the attack by sending the flush_all command to any memcached servers sending attack traffic. According to the memcached specification, that command "causes all items whose update time is earlier than the time at which flush_all was set to be executed to be ignored for retrieval purposes." Sys admins responsible for systems that expose a memcached server to the internet can prevent their systems from being exploited by updating to memcached release 1.5.6, which disables the UDP port 11211 that is being used in the attacks, by disabling that port on older versions of the server, or by blocking the memcached server from accessing the internet. Corero also noted that attackers might also be able to exfiltrate proprietary data cached on the exposed memcached servers -- another reason for sys admins to disable internet access for those servers.
- Cryptocurrency mining malware is now attempting to maximize returns by killing competing processes on victim systems. SANS Internet Storm Center handler Xavier Mertens has reported new cryptocurrency mining malware that scans infected systems for other cryptomining programs, as well as other CPU-intensive processes and security tools, in order to kill those processes and free up processing power for itself. Mertens wrote, "When a computer is infected, it looks legit to search for already running miners and simply kill them: The fight for CPU cycles started!" The malware Mertens found is contained in a PowerShell program that downloads a cryptocurrency miner; it also lists all running processes on the victim system and compares them to a list of well-known processes, including a list of known cryptocurrency mining processes, and it kills those processes to free up system resources for the new mining software.
- Amid concerns from the U.S. government about its hostile takeover of U.S.-based chipmaker Qualcomm, Broadcom this week pledged to invest $1.5 billion to train and educate U.S. engineers while "making the U.S. the global leader in 5G." Broadcom has been scrutinized by the U.S. government, including the multiagency Committee on Foreign Investment in the U.S. (CFIUS), which argued the takeover represents potential "national security risks" if Qualcomm's status as a leading wireless technology provider is threatened by foreign companies. Both CFIUS and Qualcomm have expressed concern that the takeover will give China a leadership position in the 5G market, forcing the U.S. to rely on telecommunications services that could undermine national security.
