After a massive response from security community at NullCon Goa, India event shows offline participation of security researchers has been increased immensely in cyber security events. Here is the list few of upcoming events that every security researcher in the community should know:

1. Texas Cyber Summit | September 22-24 | Austin, Texas

Texas cyber summit conference is with vision to increase the number of persons of all demographics entering the cybersecurity field, particularly those of the underserved and women communities. Facilitate a place where attendees can build a social network that brings mentors and inspiration to them in a positive and re-enforcing manner.

To get more details visit https://texascyber.com/

2. RomHack 2022 | September 23 | Rome, Italy

The event is organized by Cyber Saiyan and gives to anyone the opportunity to meet and exchange ideas in three days of learning, entertainment, knowledge sharing through cutting-edge talks, workshops and interactive labs.

To get more details visit https://romhack.camp/

3. International Cyber Expo | September 27-28 | London, UK

International Cyber Expo will be perfect meeting place for CISOs, CTOs, Managing Directors, business owners, cyber security specialists, government officials and end-users to connect and source products from the thriving cyber security market.

To get more details visit https://www.internationalcyberexpo.com/

4. VB2022 Prague | September 28-30 | Prague, Czech Republic

Virus Bulletin, the venerable malware-focused publication, has been running its annual conference for more than 30 years, and returns to an in-person format after two years online.

To get more details visit https://www.virusbulletin.com/conference/vb2022/

5. (ISC)² Security Congress 2022 | October 08-12 | Las Vegas and online

Dozens of sessions around professional development, with topics including cloud security; Deepfakes; Effective Cybersecurity Board Reporting Zero Trust for Cloud; governance, risk, and compliance (GRC); and career development.

To get more details visit https://congress.isc2.org/event/ddd188c4-b9cd-4eb0-bd9a-2c7810df496e/summary

6. Authenticate 2022 | October 17-19 | Seattle, US

Hosted by the FIDO Alliance, the event is dedicated to the who, what, why and how of user authentication – with a focus on the FIDO standards-based approach.

To get more details visit  https://authenticatecon.com/event/authenticate-2022-conference/

7. Web Summit 2022 | November 1-4 | Lisbon, Portugal

Web Summit is “where the future goes to be born” . Web Summit 2022 will bring together 70,000+ people, and the companies redefining the tech industry.

To get more details visit https://websummit.com/

8. 2022 FIRST Cyber Threat Intelligence Symposium | November 2-4 | Berlin, Germany

FIRST (Forum of Incident Response and Security Teams) runs technical colloquia for discussing vulnerabilities, incidents, and tools impacting security/incident response teams, plus less technical, sometimes more hands-on, regional symposia.

To get more details visit https://www.first.org/events/colloquia/

9. HITB + CyberWeek | 17th – 21st April 2023 | TBC, Amsterdam

HITBSecConf – short for Hack In The Box Security Conference – has multiple events featuring trainings, multi-track conferences, and CTFs throughout 2022.

To get more details visit https://conference.hitb.org/

10. Black Hat Europe 2022 | December 5-8 | London, UK and online

Black Hat’s final major event of the year will as usual feature a stellar range of speakers speaking about hacking tools and techniques, security vulnerabilities, and cybercrime trends.

To get more details visit https://www.blackhat.com/upcoming.html#europe

Found this article interesting? Follow HackersIdentity on Facebook, Twitter and LinkedIn to read more exclusive content we post.

The Indian Govt on Wednesday 3rd Aug 2022 withdrew the long-awaited Personal Data Protection (PDP) Bill, 2019. Centre told the members of the Joint Parliamentary Committee that it will bring a set of new legislation for a comprehensive legal framework for the digital economy.

The withdrawn Bill had proposed restrictions on the use of personal data without the explicit consent of citizens. It had also sought to provide the government with powers to give exemptions to its probe agencies from the provisions of the Act. The bill was criticized by privacy experts as it was seen as being more in favor of the government rather than protecting privacy, which the Supreme Court held as a fundamental right in 2017.

Looking forward, this is also a great opportunity to look into certain key issues relating to lack of independence of data protection authority, restrictive cross border data flow and state exemption. The new framework should foster growth and innovation, help the start-up ecosystem and enable ease of doing business while ensuring that the data rights of citizens are at the heart of the legislation.

Found this article interesting? Follow HackersIdentity on Facebook, Twitter and LinkedIn to read more exclusive content we post.

The backbone of the web has received a major upgrade. The HTTP/3 protocol has received RFC 9114 standardization – a boost for internet security, but not one without hurdles for web developers.

This week, the Internet Engineering Task Force (IETF) released HTTP/3, published as RFC 9114.

The Hypertext Transfer Protocol (HTTP) acts as an application layer for facilitating communication between servers and browsers, fetching resources, and transferring data. HTTPS is HTTP with additional security via encryption.

HTTP/3 is the latest revision of the HTTP protocol, taking over from 2015’s HTTP/2. HTTP/3 is designed to address some of the performance issues inherent in HTTP/2, improving the user experience, decreasing the impact of packet loss without head-of-line blocking, speeding up handshake requirements, and enabling encryption by default.

The protocol utilizes space congestion control over User Datagram Protocol (UDP).One of the major differences in HTTP/3 is QUIC. Developed by Google, Quick UDP Internet Connections (QUIC) was adopted by the IETF, and a tailored version provides a cornerstone of HTTP/3.

Cloudflare predicts that 8% of internet traffic is HTTP/1-based, followed by HTTP/2 at 67%, and HTTP/3 at 25%.

Found this article interesting? Follow HackersIdentity on Facebook, Twitter and LinkedIn to read more exclusive content we post.

The Centre for Threat Informed Defence releases mappings between MITRE ATT&CK® and NIST Special Publication 800-53 with supporting documentation and resources.

These mappings provide a critically important resource for organizations to assess their security control coverage against real-world threats as described in the ATT&CK knowledge base and provide a foundation for integrating ATT&CK-based threat information into the risk management process.

With over 6,300 individual mappings between NIST 800-53 and ATT&CK, this resource greatly reduces the burden on the community to do their own baseline mappings– allowing organizations to focus their limited time and resources on understanding how controls map to threats in their specific environment.

For more details NIST 800-53 Control Mappings – CTID (mitre-engenuity.org

Industry’s first comprehensive cybersecurity skilling program to empower India’s workforce for a career in security. This initiative aims to skill 1 lakh learners by 2022.

As digital adoption continue to rise, the need of cybersecurity landscape has evolved significantly, and huge demand for skilled security professionals. To address this skills gap and empower India’s workforce for a career in cybersecurity, Microsoft launched a first of its kind cybersecurity skilling program that aims to skill over 1 lakh learners by 2022.

The program is designed to give learners hands-on experience in the fundamentals of security, compliance, and identity. Microsoft will conduct these courses along with its strategic consortium of partners including Cloudthat, Koenig, RPS, and Synergetics Learning. The course modules are designed to support all levels of learners, regardless of where they are in their cybersecurity journey.

Microsoft has introduced four new security, compliance, and identity certifications, of which the accredited certification for Fundamentals will be offered at zero-cost for any individual who attends the associated training through this initiative. Additionally, in collaboration with its partners, Microsoft, offers learners deeply discounted offers on the rest of the advanced role-based certifications to drive deep skills for addressing cybersecurity challenges.

Learners can apply for the course: https://www.microsoft.com/en-in/campaign/MS-IndiaSkillingInitiative/SecuritySkilling.aspx

Found this article interesting? Follow HackersIdentity on Facebook, Twitter and LinkedIn to read more exclusive content we post.