Supported by Cylance.
Delta Risk - Top 10 Cyber Incident Pain Points

Greetings!

THE CYBERWIRE (Tuesday, December 20, 2016) — Saturday Ukraine experienced an electrical outage in the vicinity of Kiev. Ukrenergo, the national power company, said the interruption was caused by an "external influence." Investigation continues, focusing on "failure of automation control."

Flashpoint has published its close look at the ShadowBrokers' leak of Equation Group code. The security company concludes, "with medium confidence," that it was an inside job. They say the data's structure looks like something from an internal code repository, one accessible to contractors and employees. The Grugq offers an interesting and wide-ranging cultural and linguistic close-reading of the communications surrounding the leak.

WordPress vulnerabilities may have been overestimated, as source-code analysis shop RIPS noted last week, but some bad actors are paying them a lot of attention nonetheless. Over the past three weeks WordFence has observed 1.6 million brute-force attempts daily against WordPress sites. About a sixth of these attacks originate in a single Ukrainian ISP.

Cisco's Talos unit warns of "hailstorm" spam: it evades detection by sending low volumes of spam from a large number of IP devices. PerimeterX observes a similar technique used in botnet-driven brute-force attacks, which avoid tripping volumetric warnings by using a very large number of bots.

Neustar's study of DDoS growth in 2016 is out. And the SANS Internet Storm Center reports that Mirai is prowling the wild, sniffing for new bots at Port 6789.

According to White Ops, Russian criminals are exploiting ad networks in the "Methbot" scam, diverting between $3 and $5 million a day from US advertisers.

[250]

A note to our readers: The new Star Wars flick, Rogue One, is billed as "the epic tale of a scrappy group of rebels and their daring mission to steal the plans for the Death Star." Given what's known about information security, however, one wonders if perhaps the plans might actually have been compromised in a different way. (Like using "camaro" as your password for both Lord.Vader@deathstar.edu and Heavybreather@yakhoo.com...not that a Sith Lord and a T.I.E. ace would do that, y'know...)

Another note on our end-of-year schedule: We'll be observing US Federal holidays, as is our custom, and since this year both Christmas and New Year's Day fall on Sunday, that means we'll take a break on Monday, December 26th, and again on Monday, January 2nd. Other than that we'll publish on our normal schedule.

Today's edition of the CyberWire reports events affecting Egypt, Germany, Russia, Syria, Turkey, Ukraine, and the United States.

On the Podcast

The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we'll hear from our partners at the University of Maryland, as Jonathan Katz updates us on recent advances in homomorphic encryption. We'll also have a guest, Corero's Dave Larson, who'll tell us what we can expect the DDoS landscape to look like in 2017.

A special edition of our Podcast is also up—the topic is venture capital. In it we examine the current state of investment in cyber security, speak to experts in the field, and learn from top cyber security-focused venture capitalists about what they expect before they invest.

As always, if you enjoy the podcasts, we invite you to please consider giving it an iTunes review. The podcast will take a holiday break on December 26th and January 2nd. Next week, December 27th through December 30th, we'll be running special best-of-episodes from 2016. All returns to normal on January 3rd.

Selected Reading

Cyber Events (13)

Cyber Attacks, Emerging Threats, and New Vulnerabilities

Five Things to Worry About After the Assassination of Russia’s Ambassador to Turkey (Foreign Policy) On Monday, Russian Ambassador to Turkey Andrey Karlov was assassinated at an art exhibit in Ankara, reportedly shot by Mevlut Mert Altinas, a police officer. According to at least one report, the gunman said “We’ll make you pay for Aleppo” before firing at the ambassador, likely referring to Russia’s backing of the Syrian government in its brutal siege of Aleppo…

Ukraine Suffers Power Outage Possibly Due to Energy Plant Hack (HackRead) The affected company claims outage was caused by an “external interference”…

Why is NERC minimizing cyber threats? (Control Global) In preparation for the January 2017 Texas A&M Cyber Security Conference, a question was raised to some select participants about our thoughts concerning a recent article on nuclear plant cyber security – “UN: Threat of a hacking attack on nuclear plants is growing”…

ShadowBrokers Dump Came from Internal Code Repository, Insider (Threatpost) An analysis of the latest ShadowBrokers dump of alleged NSA spy tools points to an insider with access to a code repository belonging to the intelligence agency, experts said…

Insider Threats: “The Shadow Brokers” Likely Did Not Hack the NSA (Flashpoint) Based on the data released in the most recent dump by the threat actor known as “The Shadow Brokers,” Flashpoint assesses with medium confidence that the stolen information was likely obtained from a rogue insider. Flashpoint is uncertain of how these documents were exfiltrated, but they appear to have been copied from an internal system or code repository and not directly accessed through external remote access or discovered on any external staging server…

The Great Cyber Game: Commentary (2) (Medium) Analysis of a message of messages containing messages…

Die Gefahr aus dem Netz (WeltN24) Thyssenkrupp hat gerade eine groß angelegte Attacke aus dem Internet abgewehrt. Für Mittelständler können Cyber-Angriffe sogar die Insolvenz bedeuten. Und selbst Privatpersonen sind nicht sicher…

FYI! – Your! hacked! Yahoo! account! is! worth! $0.0003! (Register) Stolen billion-user database being flogged for $300,000, apparently…

Russian 'Methbot' scammers steal $3 to $5 mil a day by exploiting ad networks (CSO) Russian criminals are stealing between $3 and $5 million a day…

Russian Hackers Run Record-Breaking Online Ad-Fraud Operation (Dark Reading) 'Methbot' is a sophisticated cybercrime scheme that has hit major US advertisers and publishing brands and pilfered millions of dollars per day…

Online retailers' fake news problem (Christian Science Monitor Passcode) Just as fake news circulated around the web ahead of the presidential election, bogus ads are spreading on Facebook and Twitter as a vehicle for delivering malicious software…

Christmas pump-and-dump stock spam (Graham Cluley) Ho ho no…

Ukrainian ISP Behind Over 1.65Mil Daily Brute-Force Attacks on WordPress Sites (Bleeping Computer) Over the past three weeks, the number of brute-force attacks against WordPress sites has almost doubled, according to WordPress security firm WordFence…

2016 SS8 Threat Rewind Report (SS8) Over the past year, SS8 has conducted breach detection risk assessments on live production networks for companies in key industries including critical infrastructure, retail and education using our BreachDetect platform. BreachDetect leverages technology used by the nation’s leading law enforcement and intelligence agencies to uncover digital footprints associated with suspects-of-interest (SOI) to help enterprises uncover previously unknown threats posed by devices-of-interest (DOI)…

Neustar Reports Rampant Growth of DDoS Attacks in 2016 (Neustar) Mitigation of multi-vector DDoS attacks has increased 322 percent in 2016; IoT botnets, DNS-based attacks and conventional DDoS attacks present on-going risk…

Mirai Scanning for Port 6789 Looking for New Victims (SANS Internet Storm Center) Early today, a reader reported they were seeing a big spike to inbound tcp/6789 to their honeypots. We have seen similar on DShield's data started on December 17. It was actually a subject of discussion this weekend and this helpful data from Qihoo's Network Security Research lab attributes the large increase to Mirai, the default-password-compromising malware infected various IoT devices that are internet-connected. It's hard to see in the graph as it is still not a huge (but still it is significant) portion of Mirai scanning traffic. Here is port-specific graphs from Qihoo as well showing the start time of the spike…

Researchers Claim Medical Devices Vulnerable to DoS Attacks (HealthITSecurity) A recent study found that certain medical devices were vulnerable to types of denial-of-service (DoS) attacks, potentially compromising patient safety…

Brute-Force Botnet Attacks Now Elude Volumetric Detection (Dark Reading) It just became harder to distinguish bot behavior from human behavior…

Spammers Work Up A Hailstorm (Dark Reading) In their constant effort to evade anti-spam filters, spammers have devised a new way to deliver junk mail to your inbox…

Alice: A Lightweight, Compact, No-Nonsense ATM Malware (TrendLabs Security Intelligence Blog) Trend Micro has discovered a new family of ATM malware called Alice, which is the most stripped down ATM malware family we have ever encountered. Unlike other ATM malware families, Alice cannot be controlled via the numeric pad of ATMs; neither does it have information stealing features. It is meant solely to empty the safe of ATMs. We detect this new malware family as BKDR_ALICE.A…

It's Now Commonplace for Android Banking Trojans to Include Ransomware Features (Bleeping Computer) The current generation of Android banking trojans are all equipped with ransomware-like features in order to lock the user's device, and in some cases encrypt his data…

The Many Evolutions of Locky (Forcepoint) First spotted in February 2016, the Locky crypto-ransomware has become a dangerous threat to both large organisations and residential users alike. In this blog we give a brief overview of what Locky is and cover the significant aspects of its infamous history…

Ransomware Top 10 list of 2016 (Indian Cyber Security Solutions) Ransomware attack in corporate houses in 2016 was very common. Some ransomware attacked the critical infrastructure of organizations. Ransomware attacks panicked the entire corporate world. There are hundreds of ransomware families which came into lam light after they attacked many organizations. Some of the most dangerous ransomware of 2016 are as follows…

Medical data: Accessible and irresistible for cyber criminals (Network World) Hospitals are generally safe places for patients. It is the personal data of patients that is not so safe, thanks to the complexity of those organizations and a lack of focus on security…

Malware Exchange Busted by the Feds Relaunches, At Least in Name (Motherboard) The digital underground is a fragile place, with hacking forums sometimes being shuttered by police. That's what happened to malware-marketplace Darkode last year: in coordinated raids, the FBI, UK's National Crime Agency, and a slew of other law enforcement bodies arrested over 70 hackers and closed the popular site…

In-Flight Entertainment System Flaws Put Passenger Data at Risk (Threatpost) A simple tap on an in-flight entertainment system touchscreen kicked off an intellectual exercise that resulted in the discovery of a number of firmware vulnerabilities in embedded systems used by at least 13 airlines…

Fake Apps Take Advantage of Super Mario Run Release (TrendLabs Security Intelligence Blog) Earlier this year, we talked about how cybercriminals took advantage of the popularity of Pokemon Go to launch their own malicious apps. As 2016 comes to a close, we observe the same thing happening to another of Nintendo’s game properties: Super Mario…

Signal Claims Egypt Is Blocking Access to Encrypted Messaging App (Motherboard) Egypt has been censoring access to encrypted messaging app Signal, according to Open Whisper Systems, the company behind the app. The move highlights that as privacy-focused users move to technologies such as Signal, governments may still try to limit their use…

Signal unstable: Alternatives to the encrypted messaging application (MADA) Several users of Signal, the messaging and voice calling application supported by Open Whisper Systems’s encryption protocol, reported on Saturday that they were no longer able to send or receive messages while tethered to Egyptian ISP addresses…

27 Chinese Hackers Profiled (Wapack Labs) Hacker use information sharing and collaboration, and there is a large community of Chinese coders are doing just that -- exchanging ideas, and tools, and sharing software development. This week, Wapack Labs published a study of 27 of the most active Chinese coders, revealing the some common characteristics of this community…

Cyber Trends

Veracode Secure Development Survey (Veracode) The results of Veracode’s survey of developers and development managers demonstrate that many are concerned about security…

5 Ways The Cyber-Threat Landscape Shifted In 2016 (Dark Reading) IoT botnets and turnkey phishing services were just some of the ways the bad guys stayed ahead in 2016…

Retailers Beware: More Than Half of Consumers Would Return to Using Cash Payments at Checkout If Merchant Data Breach Reported (PRNewswire) 1 in 5 U.S. consumers say they would stop shopping at the hacked store…

Citizens will share personal data with smart city programs by 2019 (Help Net Security) The rapid pace of technological and societal change has given government CIOs a new sense of urgency and a willingness to experiment with smart city and open data initiatives, according to Gartner. If managed effectively, this shift will position governments at the core of technological innovation in society…

Multi-Factor Authentication Sees Huge 40% Jump in 2016 (Infosecurity Magazine) The use of multi-factor authentication (MFA) has jumped by more than 40% year-over-year in 2016…

UK Consumers Fear Hackers Will Disrupt their Christmas (Infosecurity Magazine) Over half (59%) of consumers are worried that staff shortages over Christmas will mean their data and key IT systems are more at risk from hackers, according to new research from Huntsman Security…

Marketplace

Verizon Wants Concessions on Yahoo (Investopedia) There have been reports Verizon Communications Inc. (VZ) has requested changes to its pending acquisition of Yahoo’s core assets for $4.85 billion in the wake of revelations of a new Yahoo cyberhack…

Akamai buys bot-sniffing startup Cyberfend (Register) Credential-stuffing mitigator snapped up…

Serious Internet Security Vulnerabilities Drive Cyren's Global Growth (PRNewswire) Company harnesses growing worldwide network of channel partners to gain significant business in North America, APAC and Europe…

Rook Security Is Determined To Keep Your Company From Getting Hacked (Forbes) The Rook team thinks their combination of people, process and technology makes them a unique force in IT security…

Accountants and spies: The secret history of Deloitte's espionage practice (CNBC) As 2016 comes to a close, the consulting firm Deloitte is busy hiring employees in the Washington area — listing a total of 392 jobs open in the region with "federal" in the job description…

Blog: DHS S&T Has Money to Award for Innovation, New Technologies (SIGNAL) Douglas Maughan, director of the Cyber Security Division at the U.S. Department of Homeland Security (DHS), recently briefed members from AFCEA International’s Homeland Security and Small Business committees on the Silicon Valley Innovation Program (SVIP), which launched in 2015 and serves to cultivate relationships with technology innovators, particularly nontraditional performers, from small startups to large companies, investors, incubators and accelerators…

Products, Services, and Solutions

Cylance and Westcon Team Up to Deliver Advanced Artificial Intelligence Threat Detection Collaboration will offer key cybersecurity services to the global market (BusinessWire) Collaboration will offer key cybersecurity services to the global market…

WinPatrol Anti-Ransom Solution Adds New Interactive Dashboard (PRWeb) Users have instant view and control of what is blocked or running on their Windows systems…

LockPath Evaluated in Gartner's 2016 Magic Quadrant for Operational Risk Management Solutions (Marketwired) LockPath®, a leader in governance, risk management and compliance (GRC) solutions, today announced it has been recognized in Gartner, Inc.'s Magic Quadrant for Operational Risk Management (ORM) Solutions…

Oxygen Forensics and Passware Inc. Team Up to Provide Instant Extraction of Photo Stream Files on iOS Devices (Oxygen Forensics) Oxygen Forensics, the worldwide developer and provider of advanced forensic data examination tools for mobile devices and cloud services, announced today that it is teaming with Passware Inc. to provide customers the ability for instant extraction of iOS Photo Stream files…

RansomFree Is the Latest App That Tries to Stop Ransomware Infections on Windows (Bleeping Computer) The team at Cybereason released today a new tool that tries to help users stay safe from ransomware infections…

Salient CRGT Expands Assure 6i Software Product Offerings 0 (Washington Exec) Fairfax, Va.-based Salient CRGT Inc. announced Dec. 15 that the company is expanding its software product offerings of Appix Financial Services, Assure 6i™ Cyber Security Solutions and Voyager™ Mobility Solutions to add enhanced features, be more widely available and decentralized, and offer multi-platform accessibility…

Deutsche Telekom Partners with Qualys to Help Secure the Digital Transformation of Enterprises Across the Globe (Marketwired) Telekom Security will host the Qualys Private Cloud Platform in its highly secure datacenter, providing customers with 2-second visibility across all of their global IT assets…

Tufin extends Check Point R80 security management (App Developer Magazine) Tufin, a network security policy orchestration solutions, has announced support for Check Point R80 Security Management, delivering end-to-end change automation and continuous policy compliance for joint customers across hybrid networks…

Infobyte launches Faraday App Store (Broadway World) Infobyte works to design solutions that helps toimprove security systems information. With that goal, is now presenting Faraday App Store, a place where you can acquire and merge essential tools to optimize security audits for your company…

Microsoft : Transatel To Offer Data Plans in Windows Store via eSIM-Compatible Solution (4-Traders) Microsoft announced on December 8th a range of new features and experiences for its customers in 2017 in the wake of Windows 10 updates…

Technologies, Techniques, and Standards

Op-ed: Why I’m not giving up on PGP (Ars Technica) Key discovery is an issue, but Signal can't replace PGP…

Digital security tips for journalists: Protecting sources and yourself (Journalist's Resource) With hacking and other digital intrusions becoming a regular feature of life in the computer age, it’s more critical than ever for journalists to protect their sources. But for many, the tech world is intimidating. This tip sheet offers free resources for journalists of all digital-comfort levels as well as links to useful tutorials…

Mitigating internal risk: Three steps to educate employees (Help Net Security) IT security is usually focused on how to prevent outsiders with malicious intent from causing harm to your IT systems and data. While this is a valid concern, people within organizations who simply do not understand the consequences of their everyday habits and behavior on company computers pose an equivalent if not greater risk…

Five Ways To Avoid Holiday CyberFraud (Forbes) As more and more people are shopping online -- a record $3 billion in sales was racked up this past CyberMonday alone -- ever more thieves are active in cyberspace. That means you have to pay even more attention to cybersecurity…

Protect yourself from cybercrimals with these tips (Morning Call) Advice from the National Cyber Security Alliance on how to avoid becoming a cyberattack victim…

Design and Innovation

Google is beefing up security by offering tools to check cryptography libraries (Yahoo! Tech) Google security engineers Daniel Bleichenbacher and Thai Duong announced the launch of Project Wycheproof on Monday, a set of security tests that look for known weaknesses and check for expected behaviors in cryptographic software. It’s named after the smallest mountain in the world, Mount Wycheproof, because “the smaller the mountain the easier it is to climb it.” Project Wycheproof is provided on GitHub via open source to download and use for testing popular cryptographic algorithms such as AES-EAX and AES-GCM, and related software libraries…

Verizon Begins Installation of Smart Cities Pilot in Boston (Security Sales & Integration) The pilot calls for at least 40 sensors at a downtown intersection, including multiple cameras, a lighting control solution and broadband connectivity…

Companies beef up security against next smart home hack (CNBC) After a hack attack blindsided major websites around the world this year, companies are exploring ways to better protect valuable data from connected devices…

Google-Chrysler autonomous project will include ride-sharing (Auto Blog) Google's new Waymo automobile-technology division might have just gotten "way mo" interesting, if you'll excuse the pun. Google, which this spring said it would work with Fiat Chrysler Automobiles on the development of a self-driving Chrysler minivan prototype, is adding a ride-sharing component to the project…

Research and Development

Virginia Tech leads partnership to conduct research on ‘cyberbiosecurity’ for the Department of Defense (Virginia Tech News) Virginia Tech is collaborating with the University of Nebraska and Colorado State University on a $750,000 Department of Defense contract to initiate research in “cyberbiosecurity,” a new crosscutting discipline that leverages systems biology, chemical engineering, cyber-physical systems analysis, and biosecurity…

Academia

New Information Systems Lab leadership poises Hume Center to educate next generation of experts in national security technology (Virginia Tech News) The Hume Center has announced a new leadership team to head up its Information Systems Lab at the Virginia Tech Research Center ─ Arlington, naming Joseph Mitola III as director and research professor and Kevin Heaslip as associate director…

Making a Play in Digital Games (Empire State Development) New York State powers-up its gaming industry with university-based digital gaming hubs…

USM’s Tom Sadowski on his plans to help entrepreneurs grow on campus (Daily Record) J. Thomas Sadowski Jr., in his role as the University System of Maryland’s vice chancellor for economic development, is out to encourage entrepreneurs and bring products to market from the system’s 12 institutions…

Legislation, Policy, and Regulation

An Eye for an Eye: Deterring Russian Cyber Intrusions (War on the Rocks) The U.S. intelligence community has confirmed what many suspected for months: Agents directly affiliated with the Russian government conducted malicious cyber operations intended to influence the 2016 U.S. presidential election. Russia’s primary motive — now accepted by the Director of National Intelligence, the Central Intelligence Agency, and, most recently, the Federal Bureau of Investigation — was not simply to undermine the legitimacy of American democracy, but to actually bolster Trump’s chances of defeating Clinton. Moreover, new reports suggest that Vladimir Putin himself may have actually given the orders…

Why Naming and Shaming Won’t Stop Putin (Daily Beast) Declassifying information on the Russian influence operation against the U.S. election carries more risks than benefits…

Cyber goes hyper! (Federal News Radio) Eight years ago, one of the think tanks published a grand extended white paper: “Securing Cyberspace for the 44th Presidency.” I often think that if some law of nature imposed a 10-page limit on all reports generated in Washington, more would actually get done. Yet during the Barack Obama administration and the Congresses that coincided with it, the federal government has made a lot of progress…

Critics pan changes to cyber export rules (The Hill) A coalition of policymakers and cyber experts say they've failed to agree on changes to an international export pact they worry will hurt cybersecurity…

Trump appointee to FCC could put the brakes on Wheeler cyber initiatives (Washington Examiner) One of the chief architects of cybersecurity policy during the Obama years — Federal Communications Commission Chairman Thomas Wheeler — last week announced he will leave the FCC on Jan. 20, clearing the way for a Donald Trump appointee who may put the brakes on a couple of cyber initiatives that have roiled industry…

The Department of Homeland Security is essential to US cyber strategy (The Hill) Last week, President-elect Donald Trump formally nominated former commander of United States Southern Command Gen. John F. Kelly to serve as secretary of the Department of Homeland Security (DHS). In his announcement, he cited Gen. Kelly's “decades of military service and deep commitment to fighting the threat of terrorism inside our borders”…

Impressed by DoD’s digital service, Army decides it needs one of its own (Federal News Radio) First there was the U.S. Digital Service, then the Defense Digital Service. Now the Army says it’s becoming the first of the military services to launch a digital service “outpost” and wants a dedicated team of technology experts from outside the government to tackle its own problems…

Energy Department Cybersecurity Leader and CIO Departs (Wall Street Journal) Michael Johnson was replaced by Deputy CIO Robbie Green…

Litigation, Investigation, and Law Enforcement

Department of Homeland Security May Have Accessed Other State's Websites (Atlanta Journal-Constitution via Government Technology) Concerns have risen about a Department of Homeland Security computer making questionable visits to a number of state computers in recent months…

Byron York: Intel report won't end Russia hacking fight (Washington Examiner) President Obama has ordered the Intelligence Community to finish a review of allegations of Russian election hacking by the time Obama leaves office on Jan. 20…

NSA Watchdog on Leave in Whistleblower Case (New York Times) Allegations of retaliation against a whistleblower at the National Security Agency have left its top watchdog fighting for his job, according to an intelligence official and another individual familiar with the case…

Facebook, Twitter, Google sued by Orlando shooting victims' families (US Today) The civil lawsuit claims Facebook, Twitter and Google allowed ISIS to use the social networks to spread extremist propaganda…

Stingray use could be unconstitutional, finds House report (CSO) Law enforcement use needs to be better regulated…

Franklin Regional HS senior charged in connection with series of cyber-attacks (WPXI) A Franklin Regional High School senior is accused of using a computer at her school to launch a cyber-attack against more than a dozen school districts, the Greensburg Catholic Diocese and the Westmoreland County government…

Cyber Events

For a complete running list of events, please visit the event tracker on the CyberWire website.

Newly Noted:

SANS Southern California - Anaheim 2017 (Anaheim, California, USA, February 6 - 11, 2017) Learn practical, relevant tips and techniques from industry leaders. Join us for SANS Southern California - Anaheim 2017, and choose from eight courses on cyber defense, penetration testing, incident response, threat hunting, ethical hacking, IT management and ICS/SCADA security. Some of our courses are in alignment with DoD Directive 8570 requirements for Baseline IA Certifications, and most courses have GIAC Certification attempts available. Take advantage of this opportunity to sharpen your skills and advance your career.

SANS San Jose 2017 (Milpitas, California,USA, March 6 - 11, 2017) Securing and defending your network has never been more important as attacks and breaches make the news daily. Gain the skills and tools you need to win the battle against the wide range of cyber adversaries who want to harm your environment. SANS San Jose 2017 offers six hands-on, intensive cyber security training courses.

SANS Pen Test Austin 2017 (Austin, Texas, USA, March 27 - April 1, 2017) Every organization needs skilled people who know how to find vulnerabilities, understand risk, and help prioritize resources based on mitigating potential real-world attacks. That's what SANS Pen Test Austin is all about! If you like to break things, put them back together, find out how they work, and mimic the actions of real-world bad guys, all the while providing real business value to your organization, then this event is exactly what you need.

SANS 2017 (Orlando, Florida, USA, April 7 - 14, 2017) Success in information security requires making a commitment to a career of learning, from the fundamentals to advanced techniques. To put you firmly on that learning path, join us at SANS 2017 in Orlando, Florida from April 7-14. This event features over 40 different cutting-edge courses taught by top industry professionals who will provide you with the best available information and software security training. SANS 2017 also features numerous opportunities to learn new skills, techniques, and trends at the SANS@Night talks, Vendor Expo, and Lunch-and-Learn sessions. You will hear about the latest and most important issues in talks led by SANS practitioners who are leading the global conversation on cybersecurity.

Coming Next Month:

CES® CyberSecurity Forum (Las Vegas, Nevada, USA, January 5, 2017) Now in its second year, the CES® CyberSecurity Forum presented by CyberVista is designed to ensure all stakeholders in developing high tech solutions understand the complexity and the need for action in the cybersecurity arena. The IoT, connected cars, new payment systems, VR and AR, wearables and our mobile devices all add new levels of concern to protecting our personal and corporate data. In this day-long conference, we’ll tackle the world of cybersecurity that demands we go far beyond the simple passwords and anti-virus protection of yesterday.

SANS Security East 2017 (New Orleans, Louisiana, USA, January 9 - 14, 2017) Start the year off right by choosing from outstanding, cutting-edge courses presented by our top-rated instructors. SANS is looking forward to an exciting kickoff of 2017 with SANS Security East 2017 in the "Big Easy" in January. Now is the time to improve your information security skills and laissez les bons temps rouler!

Global Institute CISO Series Accelerating the Rise & Evolution of the 21st Century CISO (Scottsdale, Arizona, USA, January 11 - 12, 2017) These intimate workshops address the challenges that Board of Directors are placing on security and risk executives, and how to successfully manage and communicate today’s enterprise and organizational threats. These are an intense “roll your sleeves up” thought leadership discussions on How Cyber is Driving the New Board Perspective on Enterprise Risk Management. Attendance is limited to 30 Security and Risk Executives from Global 2000 corporations. For Chief Security Information Officers, Chief Information Officers, and Chief Risk Officers, by invitation only (apply to attend).

Cybersecurity of Critical Infrastructure Summit 2017 (College Station, Texas, USA, January 11 - 13, 2017) An inaugural event to convene thought-leaders, experts, and strategic decision makers from government, industry, and academia to discuss the technology and policy implications of the ever-evolving cyber-threats to critical infrastructures. This summit will focus on two sectors that are among those at greatest risk, the energy and manufacturing sectors. Highlighting emerging technologies and policy initiatives, this event will foster the development of high impact strategies to address the many interrelated cybersecurity challenges we face in the protection of our nation’s critical infrastructures.

ShmooCon 2017 (Washington, DC, USA, January 15 - 17, 2017) ShmooCon is an annual east coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software and hardware solutions, and open discussions of critical infosec issues. The first day is a single track of speed talks called One Track Mind. The next two days bring three tracks: Build It, Belay It, and Bring It On.

SANS Las Vegas 2017 (Las Vegas, Nevada, USA, January 23 - 28, 2017) Attend SANS Las Vegas 2017, where SANS will provide outstanding courses in IT security, forensics, and security management presented by the best cybersecurity teachers in the country. At SANS events you get the kind of hands-on, immersion training that you can put to work immediately.

BlueHat IL (Tel Aviv, Israel, January 24 - 25, 2017) Announcing BlueHat IL – a special edition of Microsoft's leading cyber security conference for top professionals, to be held for the very first time in Tel Aviv, Israel. Over the past 10 years, BlueHat conferences have drawn the brightest minds in security to discuss key industry challenges. And now, BlueHat IL is here to crank it up by exploring and creating new cyber security thoughts and boundaries. This exclusive, by invitation only, single track event will host top cyber security professionals from around the world, who will come together to tackle the present and peek into the future. It will feature brilliant speakers and focus on breakthrough research, key trends and emerging threats in the field. Registration closes December 28.

SANS Cyber Threat Intelligence Summit & Training 2017 (Arlington, Virginia, USA, January 25 - February 1, 2017) Join SANS at this innovative Summit as we focus on enabling organizations to build effective cyber threat intelligence analysis capabilities. Most organizations are familiar with threat intelligence, but have no real concept of how to create and produce proper intelligence. The 2017 Summit will focus on specific analysis techniques and capabilities that can be used to properly create and maintain Cyber Threat Intelligence in your organization. Attend this summit to learn and discuss directly with the experts who are doing the CTI analysis in their organizations. What you learn will help you detect and respond to all ranges of adversaries including some of the most sophisticated threats targeting your networks.

Blockchain Protocol and Security Engineering (Stanford, California, USA, January 26 - 27, 2017) This conference will explore the use of formal methods, empirical analysis, and risk modeling to better understand security and systemic risk in blockchain protocols. The conference aims to foster multidisciplinary collaboration among practitioners and researchers in blockchain protocols, distributed systems, cryptography, computer security, and risk management.

THE CYBERWIRE
Compiled and published by the CyberWire editorial staff. Views and assertions in linked articles are those of the authors, not the CyberWire.
The CyberWire is published by Pratt Street Media and its community partners. We invite the support of other organizations with a shared commitment to keeping this informative service free and available to organizations and individuals across the globe.