current issue – 3.23.17

Control Risks experts in risk

Greetings!

THE CYBERWIRE (Thursday, March 23, 2017)—Some recently discovered threats and vulnerabilities lead today's news. Palo Alto Networks' Unit 42 has determined that new, aggressive adware is abusing the popular open-source Android plug-in frameworks, DroidPlugin and VirtualApp. Users' private data are at risk if they operate in these environments.

ICS security shop Dragos reports finding malware disguised as Siemens firmware infecting some ten industrial plants. The infestation has been quietly active for about four years.

According to Netskope, a new strain of macro-based malware affecting Microsoft Office is now cloud-based. Default Office installations disable macros, so the malware purveyors seek to induce their targets to enable macros in the documents they use as vectors.

Enterprises are encouraged to apply the most recent SAP patches: ERPScan has demonstrated a proof-of-concept remote code execution exploit for the SAP graphic user interface.  

While this attack technique hasn't been observed in the wild, Cybellum researchers describe an escapade they're calling "Double Agent." Double Agent uses Microsoft's Application Verifier, loading its own verifier DLL in place of the one provided by Microsoft. Double Agent, as demonstrated by Cybellum, can subvert anti-virus software and either silence them or turn them into attack mechanisms. Potentially affected AV vendors have either verified that their products aren't vulnerable, patched them, or are at work on fixes.

In industry news, GoDaddy acquires security firm Sucuri.

The US considers indicting North Korean hackers in the Bangladesh Bank SWIFT fraud case.

Heard of fake news? Here's another fake thing to worry about: apparently catphish are refereeing scientific journals.

[250]

Today's edition of the CyberWire reports events affecting Australia, Brazil, China, Ecuador, Kenya, Lithuania, Mexico, Russia, Ukraine, the United Kingdom, and the United States.

Cylance is proud to be the CyberWire sustaining sponsor for 2017. Learn more about how Cylance prevents cyberattacks at cylance.com

On the Podcast

In today's podcast, Dale Drew from our partners at Level 3 describes the evolution of the Mirai botnet. Our guest is Eric Olson from LookingGlass, who describes some of the interesting security issues with Facebook Marketplace.  

Special editions of the podcast are also up. See Perspectives, Pitches, and Predictions from RSA, and an overview of how artificial intelligence is being applied to security. And see also Cylance's video interview with our Producer.

Sponsored Events

Billington International Cybersecurity Summit (Washington, DC, USA, March 30, 2017) 2nd Annual Billington International Cybersecurity Summit (Washington, DC, USA, March 30, 2017) The International Cybersecurity Summit features 20+ world class cybersecurity thought leaders from allied nations and US including DoD, IARPA, DHS, USCYBERCOM, ARCYBER, NSA, DOC, NCTC/UK, U.S. Army Cyber Command, U.S. Cyber Command, Cyber National Mission Force.

The Cyber Security Summit: Atlanta and Dallas (Atlanta, GA, USA, April 6, 2017) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

A New Trend in Android Adware: Abusing Android Plugin Frameworks (Palo Alto Networks Blog) Unit 42 researchers uncover aggressive adware abusing third-party DroidPlugin framework on Android.

Malware 'disguised as Siemens firmware drills into 10 industrial plants' (Register) Four years of active infection, claims security biz Dragos

Project MIMICS - Stage One (Dragos) What can the community learn in terms of realistic metrics and data points around malware in modern industrial control systems (MIMICS) from completely public datasets?

DoubleAgent attack uses built-in Windows tool to hijack applications (Help Net Security) Security researchers have revealed the DoubleAgent attack technique, which can be used by attackers to take over applications and entire Windows machines.

Double Agent attack can turn antivirus into malware (Network World) An attack discovered by Cybellum called Double Agent can take over antivirus software on Windows machines and turn it into malware that encrypts files for ransom, exfiltrates data or formats the hard drives.

Windows 10: DoubleAgent zero-day hijacks Microsoft tool to turn antivirus into malware (ZDNet) Microsoft's Application Verifier tool can be used by attackers to grab control of antivirus software, researchers say.

New Attack Uses Microsoft's Application Verifier to Hijack Antivirus Software (BleepingComputer) A new technique named DoubleAgent, discovered by security researchers from Cybellum, allows an attacker to hijack security products and make them take malicious actions.

Macro-based Office Malware using Cloud Services (Netskope) Netskope Threat Research Labs recently observed new strains of Microsoft Office macro-based document malware that extensively uses cloud storage services for downloading the second-stage malware...

Sushi or pizza? Mac or Windows threat? (Help Net Security) Fortinet researchers have made an unusual find: a malicious Word file that is meant to target both OS X and Windows users.

Third-Party App Stores Delivered via the iOS App Store (TrendLabs Security Intelligence Blog) The iOS ecosystem is usually described as a closed ecosystem, under the strict control of Apple. However, there are still ways to get around this tight control. Remember the Haima app? That method relied on enterprise certificates from Apple—which are costly, since the certificates needed are changed very frequently.

Hackers demand Apple pay ransom to save user iCloud accounts (Fifth Domain | Cyber) A group of hackers claims to have breached Apple's iCloud platform and gained access to hundreds of millions of user accounts. If Apple doesn't pay a ransom, the hackers say they will remotely wipe the accounts.

Vermont Says Job Databank Compromised (US News and World Report) The Vermont Department of Labor says a job database used by the state has been compromised by malicious software.

Blank Slate Spam Campaign Spreads Cerber Ransomware (Threatpost) A spam campaign called Blank Slate is spreading Cerber ransomware and abusing hosting providers to register new domains as soon as they’re taken down.

Whoops: The DOJ May Have Confirmed Some of the Wikileaks CIA Dump (Motherboard) The US government says it wants to keep some of the now-public documents out of court because they contain classified material, suggesting that they could be authentic.

WikiLeaks Says Tech Firms Slow to Co-operate on Patching (Infosecurity Magazine) WikiLeaks Says Tech Firms Slow to Co-operate on Patching. US government contracts could be a roadblock, it claims

SAP Vulnerability Puts Business Data at Risk for Thousands of Companies (Threatpost) Researchers at ERPScan today disclosed details and a proof-of-concept exploit for a SAP GUI remote code execution vulnerability patched last week.

Can SAP Be Affected By Ransomware? (ERPScan) On 14th of March, SAP released its scheduled set of SAP Security Notes for March. It includes a fix for a Remote Command Execution vulnerability in SAP GUI, identified by ERPScan’s researchers. The security issue was rated at 8.0 by CVSS Base Score v. 3.

Rock Island cyber attack (The Journal of the San Juan Islands) Submitted by Rock Island Communications

The Expansion of IoT since Mirai. (Radware Blog) The idea of an Internet of Things (IoT) botnet is nothing new in our industry. In fact, the threat has been discussed for many years by security researchers. It has only now gained public attention due to the release and rampage of the Mirai botnet. Since Mirai broke the 1Tbps mark in late 2016 the …

Java and Flash top list of most outdated programs on users' PCs (Help Net Security) Gathered anonymously from 116 million Windows desktop and laptop users, Avast found the most outdated programs. Java and Flash top the list.

Soundwaves used to produce fake data from accelerometers (Naked Security) The attacks on a Samsung Galaxy S5 and a Fitbit are proof of concept, but they make an important point: analog devices are also vulnerable

Chinese Crooks Use Fake Cellular Telephony Towers to Spread Android Malware (BleepingComputer) Malware authors in China are using fake base transceiver stations (BTSs), which is equipment usually installed on cellular telephone towers, to send spoofed SMS messages that contain links to Android malware.

USB pen-testing stick: what happens if it falls into malicious hands? (Naked Security) The latest version of a circuit-frying USB stick that can now also disable Macs is a reminder to be careful about what you plug into your devices

Developer Complains Firefox Labels His Site as Insecure, Hilarity Ensues (BleepingComputer) The developer of Oil and Gas International (OGI), a Texas-based website for petroleum industry news, has filed a complaint on the Mozilla bug tracker, accusing Firefox of wrongly labeling his website as insecure.

Hacking is so easy, even a reporter can do it [Video] (C4ISRNET) Fifth Domain Reporter Mark Pomerleau plays cyber capture the flag with the Cyber Security Forum Initiative’s demo at AUSA Global Force in Huntsville. (Daniel Woolfolk/Staff)

Scammy science: 40 journals appointed a fake person as editor (Ars Technica) Bogus, predatory journals fell for a sting operation.

Security Patches, Mitigations, and Software Updates

Good News: Android’s Huge Security Problem Is Getting Less Huge (WIRED) According to Google's own stats, only half of Android devices received a security update any time in 2016.

eBay Asks Users to Downgrade Security (KrebsOnSecurity) Last week, KrebsOnSecurity received an email from eBay. The company wanted me to switch from using a hardware key fob when logging into eBay to receiving a one-time code sent via text message.

LastPass Fixes Password Manager Zero-Day in Record Time (Infosecurity Magazine) The flaw would allow remote code execution and the ability to steal users’ passwords.

AT&T ZTE Maven Z812 March security patch rolling out (The Android Soul) AT&T has started rolling out the March security update to ZTE’s entry-level handset, the ZTE Maven (also known as the ZTE Z812). Weighing in at 18MB, the update installs the monthly security patch on the smartphone.

Cyber Trends

How technology tramples on freedom (The Christian Science Monitor Passcode) Rapid advances in biometric technology mean the public is surveilled – and their movements recorded – more than ever before. If this technology spreads without limits, it could soon impinge on basic rights.

Businesses Are 'Getting Sucker Punched' in Cyberspace (Fortune) "The CEO who caught the Chinese spies redhanded" weighs in on Russia.

Mobile Threat Intelligence Report Q4 2016 (Skycure) Instead of taking a single slice in time, this report attempts to step back a bit to identify and analyze some of the larger trends in mobile threats across the entire year of 2016.

2017 DDoS Impact Survey (Corero) Service providers, hosting providers, and the online enterprise are all impacted by DDoS attacks, which have continued to grow in size, frequency and sophistication in recent years.

'Mean blind spot' leaves organisations vulnerable to cyber attack (Phys.org) New research has identified a 'mean blind spot', which leaves organisations vulnerable to cyber attack – particularly in the months of April and October.

Will most security operations transition to the cloud? (Help Net Security) Leveraging the cloud for security applications is becoming increasingly accepted – and required – as we move into a 24/7 digital world.

Marketplace

How U.S Companies Can Play a Role in Latin America's Growing Cyber Economy (International Policy Digest) Latin America represents a huge opportunity for U.S. companies through the regions growing cyber economy.

GoDaddy Acquires Sucuri to Advance Digital Security for Customers (Yahoo! Finance) GoDaddy Inc (GDDY), the world's largest cloud platform dedicated to small, independent ventures, today announced it has entered into an agreement to purchase Sucuri, a leading provider of website security products and services. Sucuri is a security

Rise of the Twitterbots increases pressure on Twitter chief Dorsey (Naked Security) ‘Up to 15%’ of Twitter accounts are bots posting spam, propaganda and fake news and driving away advertisers and investors – but social media firms are fighting back

Acquisitions Bolster Symantec Vs. Cisco, Palo Alto: Analyst (Investor's Business Daily) Symantec[ticker symb=SYMC] is making the right moves with acquisitions, says Morgan Stanley, which upped its price target on the computer security software provider Wednesday.

Why Shares of FireEye Just Jumped (Market Realist) Shares of cybersecurity (HACK) firm FireEye (FEYE) rose ~8% on March 20, 2017, to close at $11.61, after Bank of America (BAC) analyst Tal Liani upgraded the stock from “neutral” to “buy” and increased the stock’s price target from $13.5 to $18.

LookingGlass Cyber Solutions Inaugurates New Corporate Headquarters (LookingGlass Cyber Solutions Inc.) LookingGlass™ Cyber Solutions, a leader in threat intelligence-driven security, today announced that they have relocated their headquarters to a 20,000 sqft office in Reston, Virginia. The company formerly occupied an office at 11091 Sunset Hills Road, and is moving to its newly designed space at 10740 Parkridge Blvd to accommodate its employee growth and next generation Security Operations Center (SOC).

Products, Services, and Solutions

Gemalto Wins 2017 Cybersecurity Excellence Award for Best Encryption Product with SafeNet KeySecure (GlobeNewswire News Room) Gemalto (Euronext NL0000400653 GTO), the world leader in digital security, announces that they have been named a winner of the 2017 Cybersecurity Excellence Awards. Gemalto's SafeNet KeySecure was voted "best encryption product" by over 300,000 members of the global information security community.

GlobalSCAPE, Inc. Releases New Appliance to Better Manage Flow of Corporate Data (GlobalSCAPE) Appliance combines Hewlett Packard Enterprise and Globalscape technology

TalkTalk Enhances the Digital Subscriber Experience and Provides a Faster, More Reliable Network with Nominum DNS () Nominum Vantio CacheServe and N2 Applications deliver superior network performance and personalized services for millions of UK subscribers

Fidelis Cybersecurity and A10 Networks Deliver Deep Visibility into Encrypted Traffic to Prevent Intrusions (Yahoo! Finance) Fidelis Cybersecurity, the leader in next generation intrusion prevention, is joining forces with A10 Networks , a secure application services™ company. A10 lets customers gain visibility into encrypted traffic and Fidelis uses its deep session inspection to discover and prevent the advanced tactics

Why AVG Free Antivirus Remains a Popular Malware and Virus Protection Software (TNH Online) AVG is one of the popular free antivirus software available for users. Perhaps, the most obvious indicator for this is when it was bought for $1.3 billion

UXC Connect segregates Melbourne Water's IT and industrial networks to protect against cyber threats (CRN Australia) Seven-month project delivered ahead of time.

Microsoft Shares Interesting Secure Azure Network Design (Petri) Microsoft has shared very interesting design and JSON templates for a secure n-tier application DMZ network architecture in Azure.

Low-power ARM-based MCU adds security features (Embedded Computing Design) The growth of the IoT has propelled the growth of attacks, malicious and otherwise.

NetNordic offers firewall based in Palo Alto Networks tech (Telecompaper) Scandinavian systems integrator NetNordic said it is now offering NetNordic Office Protect, based on technology from Palo Alto Networks.

Technologies, Techniques, and Standards

Breaking down China’s electronic warfare tactics (C4ISRNET) Russia has garnered attention with its advanced electronic warfare capability, and China has upped its game in this space as well.

Expeditionary cyber forces fighting drones on the front lines (Fifth Domain | Cyber) The services are taking a broad approach to counter tactical small UAS in the field.

Cyber warfare: A new kind of army takes on China, Russia (Dayton Daily News) Cyber warfare could lead to chaos and hackers could potentially attack water treatment and chemical...

"DevSecOps is a bit weird - it's just DevOps" says Chef (Computing) There's a different solution, says infrastructure-as-code company.

DevOps: Test at every point in the lifecycle (and threaten testers with cricket bats) (Computing) Sogeti UK's Andrew Fullen: one firm gave developers cricket bats to threaten testers into getting their code into production faster.

Intrusions Without Malware: Don't Forget the Other Sixty Percent (SecurityWeek) The time has come to start paying attention to the other sixty percent.

Can you justify your security spend? (Help Net Security) Todd Bramblett talks about the importance of IT operations and cybersecurity working together, as well as the AtomicEye RQ platform.

Design and Innovation

Phone Companies Will Soon Banish Robocalls. For Real This Time (WIRED) If Democrats, Republicans, and the telecommunications industry can agree on anything, it's that robocalls are the worst.

Ethereum vs. Bitcoin: Which Crypto-Asset Will See The Best Return? (Lombardi Letter) Which Crypto-Asset Will Bring More Returns Ethereum vs BitCoin. Here are some answers.

A hacker's guide to fixing automotive cybersecurity (The Christian Science Monitor Passcode) The security researcher known for hacking a 2014 Jeep Cherokee, leading to a 1.4 million-vehicle recall, outlines how automakers can keep connected cars safe from cyberattacks.

Legislation, Policy, and Regulation

Cyber Security Roles And Responsibilities Still Confused, Says Former Cyber Command Chief (Defense Daily Network) Despite protracted efforts within the federal government to divvy up roles and responsibilities of departments and agencies for defending the nation in cyberspace

NSA deputy says U.S. cyberattack responses must improve - Fedscoop (Fedscoop) This report originally appeared on CyberScoop. The way that U.S. government agencies respond to cyberattacks against the private sector from nation-state or other high-level adversaries is “fundamentally flawed” and needs to change, outgoing NSA Deputy Director Rick Ledgett said Tuesday. Ledgett, the latest addition to a growing list of cybersecurity officials and former officials who have called for …

NSA: Nation State Cyber Attack Included Virtual ‘Hand-to-Hand Combat’ (Washington Free Beacon) Foreign government hackers caught secretly breaking into a U.S. national security network waged a 24-hour battle with cyber security officials trying to counter the cyber attack, the deputy director

No Need for a Standing Order on Cyber Attacks (Digital Guardian) It has been two months since Donald Trump took office, and the president has been pretty busy. There has been quite a lot of signing and ordering and order signing and policy making. But what there has not been is much movement on the cybersecurity front.

Experts: US needs a federal CISO (CSO Online) Last week, the Trump administration announced the appointment of a White House cybersecurity coordinator. That's a good first step, security experts say, but the government also needs to have a federal CISO

How Washington evaluates software vulnerabilities (The Christian Science Monitor Passcode) The US government keeps some security flaws for itself. We take a look inside the secretive process to decide which ones to keep - and which ones to reveal to tech companies.

Illinois governor announces cybersecurity plan (Fifth Domain | Cyber) The plan outlines goals to protect state information systems, though it wouldn't have prevented incidents like the cyberattack on Illinois voter data last fall.

New York’s ‘unconstitutional’ right to be forgotten bill sparks concern (Naked Security) Opponents warn of the potential for ‘an internet riddled with memory holes’

Analysis | N.Y. bill would require people to remove ‘inaccurate,’ ‘irrelevant,’ ‘inadequate’ or ‘excessive’ statements about others (Washington Post) Speakers would have to delete speech that -- however factually correct -- might be found by a court to be "no longer material to current public debate or discourse."

Litigation, Investigation, and Law Enforcement

US May Charge North Korea in Bangladesh Bank Cybertheft (Dark Reading) The potential case accuses North Korea, and suspected Chinese middlemen, of spearheading an $81-million theft from Bangladesh Bank.

London attack: Eight held after armed police raids (BBC News) A second victim is named as a minister says the attack is linked to Islamic terrorism "in some form".

Twitter suspended 377,000 accounts for promoting terror and extremism (HackRead) Twitter announced on Tuesday (20th) that it has deleted 377,000 accounts in the second half of 2016 as part of its fight against content related to extremi

Trump team 'incidentally monitored' after election (BBC News) The president says he feels "somewhat" vindicated over his allegations of wiretapping.

Trump team communications captured by intelligence community surveillance, Nunes says (Fox News) Members of the intelligence community collected incidental communications from the Trump transition team during legal surveillance operations of foreign targets, a top Republican lawmaker said Wednesday afternoon.

Don’t Buy the Latest Trump Surveillance Hype (WIRED) Rep. Devin Nunes made some unprecedented statements today. But even if they're true, they don't prove what the White House wishes they did.

Group sues for EPA docs on employees using encrypted apps to talk Trump (Federal Times) Watchdog group the Cause of Action Institute has filed a lawsuit seeking access to agency-related correspondence in and about the use of the encrypted messaging application Signal to discuss Trump political appointees.

Lessons learned from the Russian hacking scandal and our “cyber” election (TechCrunch) Information security -- or what is commonly referred to as ‘cyber’ -- has dominated the narrative in this week’s hearings on Capitol Hill about the..

Lithuanian arrested for $100 million BEC scams (Help Net Security) Criminal charges were announced against Evaldas Rimasauskas for orchestrating a fraudulent BEC scheme that induced two U.S.-based Internet companies.

A.G. Schneiderman Announces Record Number Of Data Breach Notices For 2016 (Attorney General Eric T. Schneiderman) Hacking drives data breaches up by 60%, exposing info of 1.6 million New Yorkers

Russian Man Pleads Guilty for Role in Citadel Malware Attacks (Dark Reading) Russian national Mark Vartanyan pleads guilty in US federal court following his December 2016 extradition from Norway.

AT&T and Verizon join advertising boycott against Google over offensive YouTube videos (TechCrunch) AT&T and Verizon are the latest companies to pull advertising from Google’s display network amid concerns that company does not do enough to prevent ads..

Man who orchestrated tech-fueled kidnapping scheme given 40 years (Ars Technica) Kidnapper left his phone at the crime scene, said he still had a privacy interest in it.

Cyber Events

For a complete running list of events, please visit the event tracker on the CyberWire website.

Billington International Summit 3.30.17
Cyber Security Summit: Atlanta 4.6.17 and Dallas 5.5.17 (promo: CYBERWIRE50)

Newly Noted Events

ISSA CISO Executive Forum: Information Security, Privacy and Legal Collaboration (Washington, DC, USA, April 20 - 21, 2017) Information Security, Privacy and Legal programs must be closely aligned to be successful in today’s world. Customer and vendor contracts require strong security language. Privacy has moved to the forefront of a global stage. Response to data breaches are often coordinated through Legal departments to protect privilege. Increasing global regulations drives change to Information Security and Privacy practices. Join your Information Security, Legal and Privacy leadership peers to discuss timely issues in these areas.

ISSA CISO Executive Forum: Security Awareness and Training--Enlisting your entire workforce into your security team (Las Vegas, Nevada, USA, July 23 - 24, 2017) The gap in Security skills in the workforce have put the pinch on Security teams. Join us to learn how to get lean by empowering the rest of your organization to understand and manage security risks. We’ll cover secure-by-design concepts inherent in DevSecOps, effective training and awareness practices, and how to lead organizational change management to embed security into your company’s DNA.

ISSA CISO Executive Forum: Payment Strategies: The Game Has Changed (San Diego, California, USA, October 11 - 12, 2017) From the water cooler to the boardroom, daily conversations discuss the most recent incursions, the staggering numbers, and speculation about the thieves’ next target. Recent attacks against Target, PF Chang’s, Michaels, and Sally Beauty Supply stealing millions of records are constant reminders of the daily struggle against hackers seeking to steal payment information. Hackers--including criminal organizations--are taking advantage of unprotected and poorly managed payment systems. As we know, an entire underground economy has sprung up to provide hackers with the tools needed to steal payment information. Organizations must implement a payment strategy to ensure the security and protection of payment systems and information. Users and consumers must be aware of the different payment strategies used to protect information.

Upcoming Events

Integrated Adaptive Cyber Defense (IACD) Community Day (Laurel, Maryland, USA, March 23, 2017) Advancing cyber operations through secure automation & interoperability. Government agencies, commercial firms, research organizations, academic institutions and cyber security experts align in community efforts demonstrating cyber defenses art-of-the-possible, through automation and interoperability. Learn how to dramatically change the timeline and effectiveness of cyber defenses, increase community awareness and defensive capabilities. Free event, registration requested.

SANS Pen Test Austin 2017 (Austin, Texas, USA, March 27 - April 1, 2017) Every organization needs skilled people who know how to find vulnerabilities, understand risk, and help prioritize resources based on mitigating potential real-world attacks. That's what SANS Pen Test Austin is all about! If you like to break things, put them back together, find out how they work, and mimic the actions of real-world bad guys, all the while providing real business value to your organization, then this event is exactly what you need.

cybergamut Tech Tuesday: Software Defined Networking Forensics (Elkridge, Maryland, USA, and online at various local nodes, March 28, 2017) Volatility and Tshark were critical components in Booz Allen Hamilton winning the 2016 Digital Forensics Research Work Shop (DFRWS) international Software Defined Networking (SDN) digital forensics challenge. This was achieved by creating a prototype solution for the extraction of forensics artifacts from SSL/TLS encrypted packets between a software defined networking (SDN) switch and controller as well as a memory dump from the SDN switch. Mr. Bull and Mr. McAlister of Booz Allen Hamilton will articulate the steps which enabled the team to forensically enumerate the SDN network using only open source tools.

IT Security Entrepreneurs' Forum Bridging the Gap Between Silicon Valley & the Beltway (Mountain View, California, USA, March 28 - 29, 2017) SINET – Silicon Valley provides a venue where entrepreneurs can meet and interact directly with leaders of government, business and the investment community in an open, collaborative environment focused on identifying solutions to Cybersecurity challenges.

PCI Security Standards Council: 2017 Middle East and Africa Forum (Cape Town, South Africa, March 29, 2017) Join your industry colleagues for a full day of networking and one-of-a-kind partnership opportunities. Whether you want to learn more about updates in the payment card industry or showcase a new product, you’ll find it all at the 2017 Middle East and Africa Forum (MEAF).

Insider Threat 2017 Summit (Monterey, California, USA, March 29 - 30, 2017) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical security considerations. A heightened awareness of insider threats due to numerous newsworthy attacks and unauthorized leaks has brought us together for one main purpose: To better understand security challenges in order to better defend against insider threats.

2nd Annual Billington International Cybersecurity Summit (Washington, DC, USA, March 30, 2017) The 2nd Annual Billington International Cybersecurity Summit on March 30, 2017 at the National Press Club in Washington, DC will feature over 300 world class cybersecurity decision-makers from allied nations and the US in an intensive day of knowledge exchange and relationship building. NOTE: Attendees must be citizens of the U.S. or allied nations to attend this event. The summit, which will attract senior influencers in cybersecurity from allied nations across the world, has as its theme: Protecting Critical Infrastructure in a Connected World.

Yale Cyber Leadership Forum: Bridging the divide between law, technology, and business (New Haven, Connecticut, USA, March 30 - April 1, 2017) The Yale Cyber Leadership Forum will take place on Yale University's campus and will focus on bridging the divide between law, technology and business in cybersecurity. With McKinsey & Company as our knowledge partner, the Forum will integrate McKinsey’s extensive knowledge of best practices in cybersecurity with Yale’s scholarly expertise. The Forum will expose participants to effective approaches to recognizing, preparing for, preventing, and responding to cyber threats.

WiCyS 2017: Women in Cybersecurity (Tucson, Arizona, USA, March 31 - April 1, 2017) The WiCyS initiative has, since 2013, become a continuing effort to recruit, retain and advance women in cybersecurity. It brings together women (students/faculty/researchers/professionals) in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring.

GITECH Summit 2017: Revolution of Solutions (Annapolis, Maryland, USA, April 2 - 4, 2017) The GITEC Summit “Revolution of Solutions: Transforming Government” will be held April 2-4, 2017 at the Westin Annapolis. This year’s summit will focus on the continued transition and transformation surrounding the development, implementation, management and use of information technology for mission-critical functions.

InfoSec World Conference and Expo 2017 (ChampionsGate, Florida, USA, April 3 - 5, 2017) The conference will feature security practitioners who speak from experience on the real-world challenges companies are facing today. The conference is most suitable for those whose responsibilities include creating solutions. The organizers bill it as a training conference.

Cyber Security Summit: Atlanta (Atlanta, Georgia, USA, April 6, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Atlanta. Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: Atlanta is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

SANS 2017 (Orlando, Florida, USA, April 7 - 14, 2017) Success in information security requires making a commitment to a career of learning, from the fundamentals to advanced techniques. To put you firmly on that learning path, join us at SANS 2017 in Orlando, Florida from April 7-14. This event features over 40 different cutting-edge courses taught by top industry professionals who will provide you with the best available information and software security training. SANS 2017 also features numerous opportunities to learn new skills, techniques, and trends at the SANS@Night talks, Vendor Expo, and Lunch-and-Learn sessions. You will hear about the latest and most important issues in talks led by SANS practitioners who are leading the global conversation on cybersecurity.

Unprecedented Counterintelligence Threats: Protecting People, Information and Assets in the 21st Century. (Arlington, Virginia, USA, April 10, 2017) This full day symposium will provide insights into evolving threats to the nations security and identify effective ways of addressing them. Highlights Include: A keynote address from National Counterintelligence Executive (NCIX) Bill Evanina. The presentation of a new paper from INSA’s Security Policy Reform Council, “Assessing the Mind of the Malicious Insider,” which discusses the psychological traits and stressors that lead to malicious behavior and identifies continuous evaluation methodologies that can provide early warning of destructive acts. A review of best practices in implementing insider threat programs in the public and private sectors. An assessment of the risks to key supply chains and the prospects of delivering goods uncompromised. A discussion of the greatly overlooked long-term impacts of the 2015 theft of OPM personnel data.

Hack In the Box Security Conference (Amsterdam, the Netherlands, April 10 - 14, 2017) Back again at the NH Grand Krasnapolsky, HITB2017AMS takes place from the 10th till 14th of April 2017 and features a new set of 2 and 3-day technical trainings followed by a 2-day conference with a Capture the Flag competition, technology exhibition with hackerspaces, lock picking villages and hardware related exhibits plus a free-to-attend track of 30 and 60 minute talks!

Cyber Warrior Women: Blazing the Trail (Catonsville, Maryland, USA, April 19, 2017) Join the Cybersecurity Association of Maryland, Inc. (CAMI), in partnership with The CyberWire, Fort Meade Alliance, and presenting sponsor Exelon Corporation, for "Cyber Warrior Women: Blazing the Trail." This special program is designed to spotlight some of Maryland’s diverse and dynamic female cybersecurity professionals with stories of triumph and tribulation, advice and inspiration. Can't join us in person? Host a viewing party with your colleagues or fellow students, or tune in individually.

SANS Baltimore Spring 2017 (Baltimore, Maryland, USA, April 24 - 29, 2017) SANS Institute, the global leader in information security training, today announced the course line-up for SANS Baltimore Spring 2017 taking place April 24 – 29. All courses offered at SANS Baltimore are open to civilians and veterans. Included among the course line-up are several master's degree and graduate certificate courses that are eligible for GI Bill benefits through the SANS Technology Institute graduate school.

Defence Information 2017 (Cranfield, England, UK, April 26 - 27, 2017) Defence Information 2017 is the major annual communications event of Joint Information Group activities (the JIG reports to the Defence Suppliers Forum) and the Event’s content spans both Information and Support. Our DI’17 Event examines some of the ‘people, process and technology’ issues critical to Team Defence being able to adopt, embed and exploit new (and often disruptive) Information and Communications Technology (ICT) capabilities and associated new ways of working - to productive effect.

Defence Information 2017 (Cranfield, England, UK, April 26 - 27, 2017) Defence Information 2017 is the major annual communications event of Joint Information Group activities (the JIG reports to the Defence Suppliers Forum) and the Event’s content spans both Information and Support. Our DI’17 Event examines some of the ‘people, process and technology’ issues critical to Team Defence being able to adopt, embed and exploit new (and often disruptive) Information and Communications Technology (ICT) capabilities and associated new ways of working - to productive effect.

Crimestoppers Conference (Eden Project, Bodelva, St Austell , April 27, 2017) Crimestoppers is organising a major one-day conference designed to help local businesses shore up their online security. A range of expert speakers will pinpoint typical cyber pitfalls to avoid. 80% of cyber crime is preventable and just a few key security steps can help avoid damaging your business reputation and finances

Atlantic Security Conference (Halifax, Nova Scotia, Canada, April 27 - 28, 2017) Atlantic Canada's non-profit, annual information security conference. AtlSecCon, the first security conference in Eastern Canada focusing on bringing some of the worlds brightest and darkest minds together with one common goal – to expand the pool of IT Security knowledge beyond its typical confines. AtlSecCon provides an unmatched opportunity for IT Professionals and Managers to collaborate with their peers and learn from their mentors.

SANS Automotive Cybersecurity Summit 2017 (Detroit, Michigan, USA, May 1 - 8, 2017) SANS will hold its inaugural Automotive Cybersecurity Summit to address the specific issues and challenges around securing automotive organizations and their products. Join us for a comprehensive look at automotive assembly, industry suppliers, embedded systems, and safeguarding extended customer and product data. The Summit will include two-days of in-depth presentations from top security experts and seasoned practitioners, hands-on learning exercises, and exclusive networking opportunities.

cybergamut Tech Tuesday: Distributed Responder ARP: Using SDN to Re-Engineer ARP from within the Network (Elkridge, Maryland, USA, and online at various local nodes, May 2, 2017) We present the architecture and initial implementation of distributed responder ARP (DR-ARP), a software defined networking (SDN) enabled enhancement of the standard address resolution protocol (ARP) intended to improve network security and performance by exerting much greater control over how ARP traffic flows through the network as well as over what actually delivers the ARP service. Presented by Mark Alan Matties, PhD of The Johns Hopkins University Applied Physics Lab.

Cyber Security Summit: Dallas (Dallas, Texas, USA, May 5, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Dallas. Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: Dallas is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

the cyberwire
Compiled and published by the CyberWire editorial staff. Views and assertions in source articles are those of the authors, not the CyberWire or Pratt Street Media, LLC.
The CyberWire is published by Pratt Street Media and its community partners. We invite the support of other organizations with a shared commitment to keeping this informative service free and available to organizations and individuals across the globe.