Get trending threat insights delivered to your inbox.

Do you want trending information on hackers, exploits, and vulnerabilities every day for free? Subscribe now to the Recorded Future Cyber Daily.

The daily briefing.

A spearphishing campaign against Palestinian law enforcement officials is reported to be underway. Its use of Micropsia malware and its development in Delphi lead Check Point to suspect that it's the work of the same group Cisco's Talos Labs and Palo Alto's Unit 42 found engaged in a similar campaign last year. Check Point speculates that the group may be affiliated with Hamas.

A wallet operated by Bancor, a cryptocurrency exchange that raised $150 million in a 2017 ICO, has been compromised, and thieves are said to have made off with $10 million in Bancor’s own BNT, $12.5 million in Ether, and $1 million in Pundi X’s NPXS. Bancor has frozen BNT, but says it can't do much about the Ether or NPXS.

ESET has found an espionage group, BlackTech, using certificates stolen from Taiwanese firms D-Link and Changing Information Technology Inc., to sign Plead backdoor malware. BlackTech has been most active against East Asian targets.

The Polar Flow fitness app, popular among soldiers, spooks, and others professionally devoted to staying fit in odd corners of the earth, may be oversharing. According to Bellingcat, at issue is its "Explore" feature, which lets users find new routes and activities near them that other users have shared. Patterns of activity reveal locations of sensitive sites and (because people tend to turn the tracker off when they get home) the residences of the users. 

Apple has issued iOS fixes and updates. Microsoft will have its regular Patch Tuesday updates later today.

[250]

Cylance is proud to be the CyberWire sustaining sponsor for 2018. Learn more about how Cylance prevents cyberattacks at cylance.com

Today's edition of the CyberWire reports events affecting Australia, China, India, Israel, New Zealand, the Palestinian Territories, Russia, the United Kingdom, and the United States.

Is your malware lab a pain to use? Want a ridiculously easy to use malware lab?

Security teams who use a cloud browser can reduce the time spent investigating cases by more than 50%. Instead of wasting time spinning up a VDI, using Tor or connecting to a jumpbox, get online in seconds with Silo, a secure cloud browser and egress from hundreds of points of presence around the world.

On the Podcast

In today's podcast, we speak with our partners at the University of Maryland, as  Jonathan Katz discusses homomorphic encryption standards. And we have two guests:  Julie Bernard from Deloitte and John Carlson from FS-ISAC share the results of a recent FS-ISAC survey that queried CISOs with a view to developing security benchmarks for the financial sector.

Sponsored Events

The Cyber Security Summit: Seattle on July 19 and Chicago on August 29 (Seattle, Washington, United States, July 19 - 19, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, The NSA, Dell, CenturyLink and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350).

Dragos Industrial Security Conference (DISC) 11/5/18 (Hanover, Maryland, United States, November 5 - 5, 2018) Reserve your spot now for the Dragos Industrial Security Conference (DISC) on November 5th, 2018. DISC is a free, annual event for our customers, partners, and those from the ICS asset community. Visit https://dragos.com/disc/ for more information.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

Cyber-Espionage Group Returns With New Attacks After One Year (BleepingComputer) A cyber-espionage group that has targeted Palestinian law enforcement last year is now back in action targeting Palestinian government officials.

The crypto world’s latest hack sees Israel’s Bancor lose $23.5M (TechCrunch) Bancor, a crypto company that touts a decentralized exchange service, has lost some $23.5 million of cryptocurrency tokens belonging to its users following a hack. The Israel-based company raised over $150 million in an ICO last year and its services include a wallet with a built-in exchange servic…

Demands for transparency over ANU cyber attack (ABC Radio) ANU staff, students, and researchers have all received an email saying their data is safe after a Chinese cyber attack.

Worm (Mirai?) Exploiting Android Debug Bridge (Port 5555/tcp) - SANS Internet Storm Center (SANS Internet Storm Center) Note that our honeypot has a web server listening on this port, so it is not going to respond to this sequence.

Facebook buys ads in Indian newspapers to warn about WhatsApp fakes (TechCrunch) As Twitter finally gets serious about purging fake accounts, and YouTube says it will try to firefight conspiracy theories and fake news flaming across its platform with $25M to fund bona fide journalism, Facebook-owned WhatsApp is grappling with its own fake demons in India, where social media pla…

For Data Thieves, the World Cup Runneth Over (Dark Reading) Large sporting events are always going to be targets, but the fact that the competition is in Russia adds another layer of concern. Here are three tips to stay safer.

Hackers Using Stolen D-Link Certificates for Malware Signing (SecurityWeek) A cyber-espionage group known as BlackTech is using code-signing certificates stolen from Taiwan-based companies for the distribution of their backdoor.

Stolen Taiwanese Certs Used in Malware Campaign (Infosecurity Magazine) Eset reveals latest use of popular black hat tactic

Think that bitcoins and a VPN keep you anonymous? Think again… (Naked Security) A popular cryptowallet service has advised users of the Hola VPN to shift their funds to replacement accounts after an alleged hack.

Fitness app Polar Flow reveals home addresses of soldiers, spies (Help Net Security) Polar Flow can reveal sensitive information about the lives of intelligence agents, soldiers, workers at nuclear weapons storage sites, and so on.

Privates on parade: fitness tracker app reveals sensitive user details (Naked Security) Another online fitness tracking app – Polar Flow – is giving up sensitive information. But this time, it’s revealing the names and home locations of government personnel.

Polar Flow Suspends Feature After Privacy Snafu. (Infosecurity Magazine) Reporters unmask military and intelligence personnel

The Weakest Link: When Admins Get Phished | MacOS “OSX.Dummy” Malware (Security Boulevard) Imagine This Scenario One of your trusted network administrators reaches out on a public Slack, Dischord or other chat workgroup for advice on a performance problem he’s seeing on some part of your network. Of course, your admin is a savvy user and knows which people in the forum are reliable contributors. In this scenario, The post The Weakest Link: When Admins Get Phished | MacOS “OSX.Dummy” Malware appeared first on SentinelOne.

Thai Cave rescue scammers pose as Elon Musk (Graham Cluley) Crypto scammers are creating accounts in the names of known Twitter users and using devious tricks to fool their followers into believing they are reading a genuine message from the likes of Elon Musk.

Researchers find loophole that extends USB Restricted Mode's hour-long timer (AppleInsider) Just hours after Apple debuted USB Restricted Mode in its latest iOS 11.4.1 firmware, security researchers discovered an easy to implement workaround that prevents the feature from working as intended.

New iOS security feature can be defeated by a $39 adapter… sold by Apple (HOTforSecurity) Yesterday Apple released a brace of updates for its software - fixing bugs and patching security holes in the likes of MacOS, watchOS, tvOS, Safari, iTunes for Windows, iCloud for Windows, and iOS for iPhones and iPads.

Timehop Just Leaked Your Phone Number, Here’s What You Need to Do (Motherboard) A hacker learning your phone number can be the start of all sorts of account hijack mischief. The Timehop breach is probably a good time to protect yourself against SIM jacking.

Why the airplane romance that went viral should worry everyone (Naked Security) Covert footage taken of two strangers on a plane went viral as people mooned over The Lovebirds In The Air (And Mucho Spying) Affair.

Fishers residents warned of scam emails regarding speed camera fines; part of school district test (CBS 4 - Indianapolis News, Weather, Traffic and Sports | WTTV) A supposed scam email involving speed cameras prompted a warning from police in Fishers, but it turned out to all be part of a test from Hamilton Southeastern schools.

Reddit CEO tells user, “we are not the thought police,” then suspends that user (Ars Technica) Reddit declined to confirm why suspension was enforced; came shortly after reveal of DMs.

Security Patches, Mitigations, and Software Updates

Apple releases security updates, adds new privacy protection for iOS users (Help Net Security) The iOS update comes with USB Restricted Mode, a new security feature that will protect users' iPhones and iPads from being accessed by law enforcement

Apple OS Update Lifts Curtain on iPhone USB Restricted Mode (Threatpost) Apple has officially added a controversial security feature, USB Restricted Mode, to iPhones as part of its new iOS 11.4.1, released on Monday.

Intel Patches Security Flaws in Processor Diagnostic Tool (SecurityWeek) Intel has updated its Processor Diagnostic Tool to address vulnerabilities that could lead to arbitrary code execution and escalation of privileges.

Make sure Windows Update is temporarily disabled, particularly on Win7 (Computerworld) With Patch Tuesday arriving, take a moment to make sure Auto Update is turned off. Reports of Win7 users getting pushed to Win10 (again) make the check even more imperative.

Cyber Trends

Cyber security of sensors are not being addressed and vulnerabilities are not correlated to system impacts (Control Global) Juan Lopez from ORNL and I gave a presentation June 27th at the 2018 ISA Power Industry Division (POWID) Conference in Knoxville on cyber security of process sensors. As ISA POWID is an Instrumentation & Control conference, the lack of sensor discussions demonstrates the continuing gap between cyber security and operations. The lack of combining sessions that affect both cyber security and reliability/safety continues to foster the culture gap.

Amit Yoran Interview: Cyberattacks Targeting Critical Infrastructure Must Be Addressed (Government Technology) Current Tenable Chairman and CEO Amit Yoran’s career is beyond impressive. Yoran is a cybersecurity rock star. In this exclusive interview, we provide a glimpse into his security past, Tenable’s current technology priorities and future cybertrends. His immediate focus: Critical infrastructures are facing daily cyberattacks and our cyberexposure to system vulnerabilities must be an urgent priority.

Building and City Automation Driving Growth for Access Control (ABI Research) Multiple-Application Enablement and BYOD Crucial Elements for Technology Convergence

Businesses collect more data than they can handle, only half know where sensitive data is stored (Help Net Security) Two in three companies are unable to analyze all the data they collect and only half of companies know where all of their sensitive data is stored.

ZDI Reports Rise in Security Vulnerability Disclosures (eWEEK) Trend Micro's Zero Day Initiative so far has published 600 security advisories in the first half of 2018, awarding $1 million to researchers.

Marketplace

As cyber insurance evolves, insureds must watch the fine print (CSO) There’s nowhere left to hide. Now that the notifiable data breaches (NDB) scheme and EU general data protection regulation (GDPR) legislation are forcing companies to reveal the true extent of their data-security deficiencies, takeup of cyber insurance is surging as businesses weigh up the very real financial risk of non-compliance.

Non-Tech Firms Continued to Shed IT Jobs in June: Analysis (Wall Street Journal) U.S. employers at companies across all sectors of the economy shed 90,000 IT jobs last month, as tech-sector jobs rose, CompTIA reports.  

Defending the Digital Frontier (A Barclays and Per Scholas Issue Brief) A robust defense against today’s sophisticated cybercriminals requires a paradigm shift in thinking not just of how a company’s defenses are built, but of who is building them.

Huawei not expecting US sanctions (CRN Australia) Also expects to keep buying US chips this year.

AT&T to Acquire AlienVault (AT&T) Acquisition to Expand Threat Detection and Response to AT&T Business Customers

D.C.-area cybertech companies persuade West Coast investors to head east (Washington Post) Charlottesville-based Social SafeGuard recently raised $11 million from a pair of Silicon Valley venture funds.

Farnborough 2018: Raytheon focuses in on cyber - DB - Digital Battlespace (Shephard Media) Cyber will be a major focus for Raytheon at the Farnborough International Airshow, with the company set to provide overviews of its cyber hardening systems ...

Cisco forms IoT partnership with $8 billion infrastructure firm Downer (CRN Australia) Will deliver smart traffic lights, street lamps and security features.

The Intelligence Network (BAE Systems) Activating a global community in the fight against cyber crime. Explore a report full of insights from some of the greatest minds in cyber defence.

Sven Hammar Joins Versasec Board of Directors (Versasec) Security and Tech Industry Luminary Brings Wealth of Funding and International Expansion Expertise to New Role

Proofpoint Inc. Expands Executive Team, Hires Klaus Oestermann as President and Chief Operating Officer; Proofpoint’s Board of Directors Appoints CEO Gary Steele as Chairman as Eric Hahn Announces Retirement (GlobeNewswire News Room) Proofpoint, Inc., (NASDAQ:PFPT), a leading next-generation cybersecurity company, today announced the hiring of Klaus Oestermann for the role of president and chief operating officer, effective July 9, 2018. Mr. Oestermann has also been appointed to serve on Proofpoint’s board of directors.

Products, Services, and Solutions

Symantec releases Norton Safe Web extension for Microsoft Edge (On MSFT) For those who enjoy having that extra peace-of-mind when browsing the web on Microsoft Edge, Symantec has released a new extension to the Microsoft Store for Microsoft Edge (via Aggiornamentilumia). This new extension, called Norton Safe Web, helps keep you safe online while browsing by: Providing safety information about pages as you view them, using the latest threat intelligence information Scans and tests websites in advance to warn you of potential security issues Blocks access to malicious or fraudulent websites To install the extension, it can be obtained via the Microsoft Store here.

Alcinéo secures mPOS smartphone apps with Trustonic (Trustonic) Payment innovator Alcinéo has chosen Trustonic Application Protection (TAP) to protect its mobile point of sale (mPOS) apps.

Cayan Integrates GlobalSign’s PKI Service Enhancing Customer Experience and Reducing Support Costs on Its Ultra-Secure Genius Omnichannel Payment Processing Platform (GlobalSign) With Seamless API Integration, GlobalSign’s Cloud-Based PKI Solution Enables Cayan to Deliver SSL Certificates at Scale to Internet Connected Payment Devices

Adaptive multi-factor authentication across entire networks and cloud environments | Silverfort (Silverfort) Silvarfort Enables strong authentication for any sensitive asset across entire networks and cloud environments, without any modifications to endpoints and servers.

Cognitec’s FaceVACS engine integrates face matching algorithm (Help Net Security) Cognitec's FaceVACS engine compares facial images to those stored in photo databases and recorded videos, to find known persons in real time, and for verification processes at borders.

Help AG Unveils Cyber Attack Simulation Service Delivering Real-World Defence Training to Middle East Security Teams (Albawaba) After successfully developing a custom-built cyber-attack and defence simulation environment to train its ethical hacking and security analytics teams, Help AG, a leading information security services, consultancy and solutions provider in the Middle East, today announced it will leverage this platform to deliver its new ‘Red Team/Blue Team Simulation’ service.

CyberSponse is Proud to Be Procured by US Cyber Command's New Capabilities Development Group Technology Outreach Process (Markets Insider) CyberSponse, the leader in enterprise incident management, security orchestration and automation, is prou...

Carahsoft to Distribute Qualys Gov Platform and Its Integrated Security and Compliance Offerings to Federal Agencies (Markets Insider) Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of cloud-based security and compliance solutio...

Technologies, Techniques, and Standards

The coming cyberbattle will be worse than people think (C4ISRNET) The full integration of cyberwarriors into the Army and the ability to integrate cyber capabilities into the core functions of war fighting still face many cultural battles that could slow much-needed momentum.

UK Financial Authorities Publish Paper On Operational Resilience (SecurityWeek) The Bank of England and the Financial Conduct Authority have published a paper on building operational resilience to all risks including cyber.

7 Ways to Keep DNS Safe (Dark Reading) A DNS attack can have an outsize impact on the targeted organization - or organizations. Here's how to make hackers' lives much more difficult.

How to allocate budget for a well-rounded cybersecurity portfolio (Help Net Security) It’s essential for infosec professionals to allocate their budget as effectively as possible. What should a well-rounded cybersecurity portfolio look like?

Security Performance in the Cloud: Not All Solutions Are Created Equal (SecurityWeek) Choosing scalable and high-performance security solutions enables organizations to meet the growing performance demands of today’s digital marketplace.

Is Windows ShimCache a threat hunting goldmine? (Help Net Security) Tim Bandos from Digital Guardian discusses how to leverage ShimCache, to conduct effective threat hunting on an enterprise scale.

Sumo Logic: What can you learn from our approach to GDPR? (Help Net Security) In this podcast, George Gerchow, CSO with Sumo Logic, talks about their approach to GDPR.

Client Advisory Council Research: Facilitating Cyber Board Communications (Kudelski Security) This executive research paper offers CISOs practical advice on how to facilitate board communication & improve CISO board presentations, with strategies to answer 5 tough questions the board asks. Research was done with industry-leading CISOs & CSOs who advise Kudelski Security on its business.

6 M&A Security Tips (Dark Reading) Companies are realizing that the security posture of an acquired organization should be considered as part of their due diligence process.

Data Breaches at Timehop, Macy's Highlight Need for Multi-Factor Authentication (Dark Reading) Names, email addresses, and some phone numbers belonging to 21 million people exposed in Timehop intrusion; Macy's incident impacts 'small number' of customers.

Design and Innovation

YouTube to fight fake news with links to real news and context (Ars Technica) "Authoritative sources" will be more prominently featured in search results.

Research and Development

The AI revolution has spawned a new chips arms race (Ars Technica) There's no x86 in the AI chip market yet—"People see a gold rush; there’s no doubt.”

RANK Software and the Fields Institute Collaborate on AI Cybersecurity Research (GlobeNewswire News Room) Findings in automated detection expected to help enterprises strengthen resilience to cyber-attacks

Do Dating Apps Really Want You to Find Love? (INSEAD Knowledge) Matchmaking services charging a monthly fee to fill a personal or professional void are in a somewhat conflicted position.

Academia

Rising Hacker Talent to Participate in Weeklong Boot Camp near Chicago (US Cyber Challenge) U.S. Cyber Challenge & Moraine Valley Community College Host Annual Cyber Camp

Options growing for local cybersecurity training (New Orleans CityBusiness) The university is the latest local school to offer students more options in cybersecurity training.

Cyber Warrior Diversity Program Established (US Black Engineer) The training is designed to prepare individuals to defend information systems and networks and provide certifications.

Legislation, Policy, and Regulation

Six myths about government cyber security (The Mandarin) Ari Weil, cyber technology expert, explains the myths public agencies need to get over if they are to build resilience against attack.

ASD brawl over Microsoft (InnovationsAus.com) The Australian Signals Directorate executive at the centre of an internal brawl over Microsoft’s Azure and Office365 cloud services being granted Protected Certification has quietly departed the intelligence agency.

Why we are not (quite) playing Aussie rules with China? (Politik | New Zealand politics, inside news and analysis) Defence Minister Ron Mark is playing down criticism of China contained in Friday’s Defence Policy Statement.

Proposed changes to New Zealand’s Privacy Act (Infosecurity Magazine) Proposed changes to New Zealand’s Privacy Act

May appoints MP with no digital experience to lead DCMS (Computing) IT leaders told us that they are disappointed in the choice

SEC Cybersecurity Update May Lead to Increased Oversight (Infosecurity Magazine) What the SEC statement means for companies, who could choose to follow its advice or ignore it altogether.

Trump's Supreme Court Nominee Brett Kavanaugh Is a Disaster for Net Neutrality, Great for the NSA (Gizmodo) On Monday night, President Donald Trump announced his second Supreme Court nominee of his term: the DC Court of Appeals’ Judge Brett Kavanaugh. On a range of issues—but particularly net neutrality, the principle that service providers should be required to treat all data on their networks equally—he is likely to be a total disaster if confirmed by the Senate. For the National Security Agency and big businesses that hate regulation, though, he’ll be great.

Analysis | The Cybersecurity 202: Here's an early look at how states are spending federal election security cash (Washington Post) California and Hawaii are among 13 states that submitted plans early.

With Russian hacking fresh in mind, Washington state beefs up elections cybersecurity (The Seattle Times) Washington is widely considered to have one of the more secure elections systems, in part because the state’s mail-in balloting means the state has a paper record for almost every vote cast.

California Consumer Privacy Act: The Latest Compliance Challenge (eSecurity Planet) Compliance with GDPR may not be enough to meet the requirements of the new law.

Building an e-security culture at Blackpool Council to see off future threats (diginomica government) Austerity? Sure - but we also need to be secure, says the IT leadership of Blackpool Council. Can the two aims be met? Head of ICT, Tony Boyle, believes so.

Litigation, Investigation, and Law Enforcement

Dead mother Dawn Sturgess and boyfriend Charlie Rowley ‘had handled novichok vial’ (Times) A heavy dose of the nerve agent that killed a mother of three and left her boyfriend fighting for his life is highly likely to have come from a vessel containing the leftovers from the...

Lawmakers Press Alphabet and Apple on Smartphone Users’ Privacy (Wall Street Journal) House lawmakers sent letters to the CEOs of Apple and Google parent Alphabet, seeking information about how they handle smartphone users’ personal data such as location information.

Perspective | A journalist’s conscience leads her to reveal her source to the FBI. Here’s why. (Washington Post) Marcy Wheeler, who blogs on national security, believed she had an obligation to come forward.

Metro's Cybersecurity Audit Kept Classified (Infosecurity Magazine) Washington DC's Metro opts not to post results of recent internal cybersecurity audit

Sinovel Wind Group found guilty of IP theft, fined $1.5 million (CSO Online) While American Superconductor's data logs and stores were helpful in convicting Sinovel Wind Group of IP theft, a data loss prevention strategy could have identified the thieves' activities sooner.

Insurers Sue Trustwave for $30M Over '08 Heartland Data Breach (Dark Reading) Lawsuit filed by Lexington Insurance and Beazley Insurance is in response to a Trustwave legal filing that called their claims meritless.

Lawsuit: Data security firm Trustwave owes $30M for 2009 data breach at Heartland Payment Systems (Cook County Record) Two insurance companies have joined together to ask a Cook County judge to order a data security firm to pay $30 million to reimburse the insurers for funds they had to pay out to settle claims resulting from a data breach at Heartland Payment Systems.

Two More Convicted in $30M Massive Hacking, Securities Fraud Operation (Dark Reading) A former hedge fund manager and securities trader participated in a scheme that made $30 million by trading on information from stolen press releases.

Neo-Nazi Site Daily Stormer Takes Down Pepe Images After Getting Copyright Claims From Its Creator (Motherboard) The Daily Stormer has removed all images and references of the famously chill frog after getting DMCA notices from Matt Furie.

Woman scams scammer, incriminates self in the process (Naked Security) “This is SO NOT my ripped-off laptop,” the scammer must have thought when the scammer-scammer sent a package of magazines instead.

Cyber Events

For a complete running list of events, please visit the event tracker on the CyberWire website.

Cyber Security Summit - CYBERWIRE95

Newly Noted Events

Audit Your Digital Risk (Washington, DC, USA, August 7 - 8, 2018) Recent reports indicate that manufacturing is the most heavily targeted industry for cyber attacks in the past year. According to a study released by NTT Security, 34% of all documented cyber attacks in Q2 2017 were focused on manufacturing. It's likely you have a cybersecurity program and team in place, but do you know how to assess your level of risk? Audit Your Digital Risk is designed for cybersecurity and audit professionals, risk managers, and others focused on protecting a company's people, assets, and IP.

Upcoming Events

Cyber Security Summit 2018 (Newport, Rhode Island, USA, July 18 - 20, 2018) Join us for Opal Group’s Cyber Security Summit – set in Newport, RI, this premier event will gather C-Level & Senior Executives responsible for defending their companies’ critical infrastructures together with technology providers & distinguished information security experts. Learn from acclaimed security professionals on how to protect your business from cyber attacks during interactive Panels & Keynote presentations. Convene with fellow influential business leaders, C-Suite executives, investors & entrepreneurs over 3 days of sailing, sessions, and networking opportunities.

The Cyber Security Summit: Seattle (Seattle, Washington, USA, July 19 - 19, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts. Learn from cyber security thought leaders and Engage in panel discussions focusing on trending cyber topics such as Sr. Leadership’s Best Approach to Cyber Defense, What’s Your Strategic Incident Response Plan?, Protecting your Enterprise from the Human Element and more. Your registration includes a catered breakfast, lunch, and cocktail reception. Receive half off your admission with promo code cyberwire50 at CyberSummitUSA.com and view details including the full agenda, participating solution providers & confirmed speakers. Tickets are normally $350, but only $175 with promo code.

Health Cybersecurity Summit 2018 (Santa Clara, California, USA, July 20 - 20, 2018) Worried about being hacked? Not sure how to respond to a cyber incursion? The first line of defense is a cyber threat preparedness strategy that includes coordination with critical infrastructure and emergency management agencies. Join executives, security professionals and elected officials for the Silicon Valley Leadership Group's Health Cybersecurity Summit on Friday, July 20, at Citrix Headquarters in Silicon Valley. Engage in a real-time cyber threat and response simulation, hone your digital defense skills, and learn about the unique security concerns faced by the healthcare industry and related infrastructure providers.

Global Cyber Security Summit (Kathmandu, Nepal, July 27 - 28, 2018) Information Security Response Team Nepal (NPCERT) is all set to host a Global Cyber Security Summit (GCSS) on July 27 with the theme “Building Global Alliance for Cyber Resilience”. The two-day event aims to provide a creative and productive platform for professionals in the field of cyber security.

SINET61 2018 (Melbourne, Victoria, Australia, July 31 - August 1, 2018) Promoting cybersecurity on a global scale. SINET – Melbourne provides a venue where international solution providers can engage with leaders of government, business and the investment community to advance innovative solutions to Cybersecurity challenges.

Community College Cyber Summit (3CS) (Gresham, Oregon, USA, August 2 - 4, 2018) 3CS is the only national academic conference focused on cybersecurity education at community colleges. Who should attend 3CS? College faculty and administrators, IT faculty who are involved or who would like to become involved in cybersecurity education, non-IT faculty in critical infrastructure fields who are interested in incorporating cybersecurity topics into their curricula, decision makers in positions that influence cybersecurity education programs, community college students interested in learning about security or expanding their current knowledge, and students attending the 3CS Pre-Summit Job Fair and National Cyber League (NCL) on Thursday, August 2nd.

2018 Community College Cyber Summit (3CS) (Gresham and Portland, Oregon, USA, August 2 - 4, 2018) 3CS is organized and produced by the National CyberWatch Center, National Resource Center for Systems Security and Information Assurance (CSSIA), CyberWatch West (CWW), and Broadening Advanced Technological Education Connections (BATEC), which are all funded by the National Science Foundation (NSF). The outcomes of 3CS leverage community college cybersecurity programs across the nation by introducing the latest technologies, best practices, curricula, products, and more.

2nd Billington Automotive Cybersecurity Summit (Detroit, Michigan, USA, August 3 - 3, 2018) The 2nd summit on August 3 in Detroit, MI will be the top leadership summit on auto cybersecurity convening a who’s who of speakers in the automotive cybersecurity ecosystem. The inaugural summit included, among others, the CEO of GM Mary Barra and the U.S. Secretary of Transportation Anthony Foxx, resulting in media coverage from The New York Times and The Wall Street Journal and attracting 500 attendees. NOTE: Attendees must be citizens of the U.S. or allied nations to attend this event.

2nd Billington Automotive Cybersecurity Summit (Detroit, Michigan, USA, August 3 - 3, 2018) The 2nd summit on August 3 in Detroit, MI will be the top leadership summit on auto cybersecurity convening a who’s who of speakers in the automotive cybersecurity ecosystem. The inaugural summit included, among others, the CEO of GM Mary Barra and the U.S. Secretary of Transportation Anthony Foxx, resulting in media coverage from The New York Times and The Wall Street Journal and attracting 500 attendees. NOTE: Attendees must be citizens of the U.S. or allied nations to attend this event.

The Cyber Security Summit: Chicago (Chicago, Illinois, USA, August 7 - 7, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts. Learn from cyber security thought leaders and Engage in panel discussions focusing on trending cyber topics such as Sr. Leadership’s Best Approach to Cyber Defense, What’s Your Strategic Incident Response Plan?, Protecting your Enterprise from the Human Element and more. Your registration includes a catered breakfast, lunch, and cocktail reception. Receive half off your admission with promo code cyberwire50 at CyberSummitUSA.com and view details including the full agenda, participating solution providers & confirmed speakers. Tickets are normally $350, but only $175 with promo code.

Audit Your Digital Risk (Washington, DC, USA, August 7 - 8, 2018) Recent reports indicate that manufacturing is the most heavily targeted industry for cyber attacks in the past year. According to a study released by NTT Security, 34% of all documented cyber attacks in Q2 2017 were focused on manufacturing. It's likely you have a cybersecurity program and team in place, but do you know how to assess your level of risk? Audit Your Digital Risk is designed for cybersecurity and audit professionals, risk managers, and others focused on protecting a company's people, assets, and IP.

CyberTexas 2018 (San Antonio, Texas, USA, August 14 - 15, 2018) The 2018 CyberTexas Conference will bring members of the CyberUSA community together with industry and government members of Texas to create long-term values for the cybersecurity ecosystem in San Antonio and the state of Texas. This conference is brought to you be the CyberTexas Foundation and the Federal Business Council (FBC), in conjunction with CyberUSA, and leaders from federal and local government agencies, industry, and academia. Key features of this conference include building on the four pillars of CyberUSA: Communication, Education, Innovation, and Workforce Development. Each topic will feature prominent speakers and panels from Texas and beyond to strengthen the cybersecurity ecosystem.

SecureWorld Bay Area (Santa Clara, California, USA, August 21 - 21, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

THE CYBERWIRE
Compiled and published by the CyberWire editorial staff. Views and assertions in source articles are those of the authors, not the CyberWire, Inc.