Recorded Future

Are you using threat intelligence to its full potential? Download this free report via Recorded Future to learn 12 common threat intelligence use cases.

The daily briefing.

The US Treasury Department announced sanctions against five Russian organizations and three individuals. Treasury designated them as violating Executive Order 13694 (which authorizes measures against entities engaging in "significant malicious cyber-enabled activities"). The Department links them to Russia's FSB, and sees them implicated in threats to the US power grid, undersea cables, and other infrastructure. Those sanctioned include Digital Security, ERPScan (Treasury says Digital Security controls the company, a claim ERPScan denies), Embedi (also said to be under Digital Security's control), Kvant Scientific Research Institute (supervised by FSB, Treasury says), and Divetechnoservices (suspected of undersea cable tapping). The three individuals singled out are associated with Divetechnoservices.

Okta reports a long-standing third-party code-signing issue in macOS signature checks. The fault isn't in Apple code itself. It lies, rather, in unclear documentation that led developers to use the API incorrectly. The documentation has since been clarified.

A wave of spearphishing is hitting Russian IT device service centers, according to Fortinet researchers. The emails, which have the clumsy look of machine-translation as opposed to native (or even non-native) speakers of Russian, purport to be from Samsung. The exploit uses an old (and patched) vulnerability in Microsoft Office documents, CVE-2017-11882.

The Kim-Trump summit went off in Singapore yesterday as planned. It focused, as expected, on nuclear issues. Cyber conflict between the US and the DPRK is expected to resume (or continue) its now familiar course.

A multinational sweep picked up a large ring of business email scammers: the US Justice Department counts seventy-four collars.

[250]

Cylance is proud to be the CyberWire sustaining sponsor for 2018. Learn more about how Cylance prevents cyberattacks at cylance.com

Today's edition of the CyberWire reports events affecting China, the European Union, the Democratic Peoples Republic of Korea, the Republic of Korea, Nigeria, Russia, the United Kingdom, the United States, and Vietnam.

Under GDPR non-compliant companies face trade-offs on borrowed time, says Control Risks.

Control Risks says non-compliance is a truly enterprise risk for companies operating in the EU. It burdens already taxed programs with particular measures to protect personal data and disclose security issues. Many worry that resources catching up to GDPR before an incident occurs trade-off other critical initiatives, leaving them vulnerable nonetheless. Companies must get executives and experts involved in managing the risk and competing priorities. Let  Control Risks help you be both secure and compliant.

On the Podcast

In today's podcast we hear from our partners at the University of Maryland's Center for Health and Homeland Security. The topic is the crypto wars, and Ben Yelin discusses the framing of the encryption debate. Our guest is Steve Schult from LogMeIn and LastPass, who explains password security best practices.

Sponsored Events

The Cyber Security Summit: DC Metro on June 28 and Seattle on July 19 (Washington, DC, United States, June 28, 2018) Learn from cyber security experts from The U.S. Department of Justice, The NSA, Pulse Secure, CenturyLink and more as they brief you on the latest security threats facing your business.  This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers. Receive $95 VIP admission with promo code cyberwire95 at CyberSummitUSA.com ($350 without code). Your registration includes a catered breakfast, lunch, and cocktail reception. Passes are limited. Secure your ticket while space permits.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

Sponsored: You can’t defend yourself from an attack you don’t see coming. (LookingGlass Cyber) Enabling your team with high-quality threat intelligence will help you stop cyber attacks BEFORE your network is breached. Download LookingGlass’ eBook to learn more.

Multi-Stage Attacks Target Service Centers in Russia (SecurityWeek) Non-Russian threat group targets service centers in Russia in multi-stage attacks involving spear phishing and malicious documents

I can be Apple, and so can you (Okta) A Public Disclosure of Issues Around Third Party Code Signing Checks

For almost 11 years, hackers could easily bypass 3rd-party macOS signature checks (Ars Technica) Technique caused security apps to falsely show untrusted apps were signed by Apple.

Bugs Allowed Hackers to Make Malware Look Like Apple Software (Motherboard) Hackers could have snuck malware past several popular third-party Mac security tools thanks to a mistake in how the tools were implementing Apple digital certificate APIs.

How Machine Learning Techniques Helped Us Find Massive Certificate Abuse by BrowseFox (TrendLabs Security Intelligence Blog) By employing machine learning algorithms, we were able to discover an enormous certificate signing abuse by BrowseFox, a potentially unwanted application (PUA) detected by Trend Micro as PUA_BROWSEFOX.SMC.

Critical Flaws Expose ABB Door Communication Systems to Attacks (SecurityWeek) Several critical vulnerabilities expose door communication systems from ABB to remote hacker attacks. Patches and workarounds are available

Many Android Devices Ship with ADB Enabled (SecurityWeek) Many vendors ship Android devices with the Android Debug Bridge (ADB) feature enabled, exposing them to various attacks

Major U.S. Refineries At Risk Of Cyberattacks As Many Continue To Use Windows XP (Forbes) The end of life of Microsoft's Windows 7 operating software is almost upon us, with the company saying its updates and patches for the widely used interface will cease after January 14, 2020. In such circumstances, most people would assume that critical plant control system operators must be in a mad scramble to upgrade to the latest version.

How Secure is that Third Party Mobile App? (BitSight) As mobile applications continue to pose looming threats, BitSight researchers leveraged data from its mobile application security risk vector to identify if mobile applications offered on iOS and Google Play stores have known security vulnerabilities and issues.

Hackers Stole Over $20 Million From Misconfigured Ethereum Clients (BleepingComputer) A group of hackers has stolen over $20 million worth of Ethereum from Ethereum-based apps and mining rigs, Chinese cyber-security firm Qihoo 360 Netlab reported today.

Bitcoin price takes a dive after another cryptocurrency exchange hack (Graham Cluley) There’s bad news if you’re a cryptocurrency investor. Billions of dollars worth of wealth were wiped out this weekend after a South Korean cryptocurrency exchange was hacked.

Crypto-currency mining malware wreaks havoc in Africa (ITWeb) Cyber criminals take advantage of the popularity of digital currencies on the continent, unleashing crypto-currency malware.

The Hustlers Fueling Cryptocurrency’s Marketing Machine (WIRED) As Google and Facebook ban ads for cryptocurrency projects, and the SEC cracks down on hype, backers are employing unconventional strategies to find investors.

Apple Bans Cryptocurrency Mining In App Store (Motherboard) Apple recently updated its developer policies to ban apps that mine cryptocurrencies like Monero on user devices.

Weighing up the email security threat in EMEA (Barracuda Networks) Despite numerous attempts to dethrone it over the past few years, email continues to be the defacto for business communications. In research published last year, The Radicati Group estimated that more than 281bn email messages would be sent every day in 2018.

An introduction to the Spanish-language underground (IDG Connect) We speak to Flashpoint’s Cybercrime subject matter expert, Liv Rowley about the threat from the Spanish-language cybercriminal underground.

Spanish soccer app caught using microphone and GPS to snoop (TechCrunch) If you’ve ever found yourself wondering why an app is requesting microphone access when there doesn’t seem to be any logical reason why it should need to snoop on the sounds from your surroundings, hold that thought — and take a closer look at the T&Cs. Because it might turn o…

FIFA World Cup in Russia Bringing Cyberthreats at Home and Abroad (Government Technology) The No. 1 global sporting event, which only comes around once every four years, is about to begin in Russia. Billions of people are expected to be watching and commenting and clicking on all things football (soccer) over the next month. But with all the fun, and money and attention, there are criminals preparing as well. Let’s explore the FIFA World Cup cyberthreats and what can be done about security.

Bootloader vulnerability in OnePlus 6 lets an attacker take control of the device (HackRead) An IT security researcher has discovered a critical vulnerability in OnePlus 6 smartphones which if exploited can allow an attacker to boot any modified

Weight Watchers IT Infrastructure Exposed via No-Password Kubernetes Server (BleepingComputer) Just like many companies before it, weight loss program Weight Watchers suffered a small security breach after security researchers found a crucial server exposed on the Internet that was holding the configuration info for some of the company's IT infrastructure.

Weight Watchers Swears No Customer Data Exposed After Dozens of Servers Found Publicly Accessible (Gizmodo) Dozens of servers containing Weight Watcher’s data were left exposed after the company failed to password protect software used for managing application containers, according to German cybersecurity firm Kromtech.

Vendor of Careers@Gov jobs portal hit by malware (The Straits Times) Applicants for public service jobs in Singapore could have had their information compromised, as a malware infection was found to have hit an outsourced Australian-based vendor here.. Read more at straitstimes.com.

Bad .Men at .Work. Please Don’t .Click (KrebsOnSecurity) Web site names ending in new top-level domains (TLDs) like .men, .work and .click are some of the riskiest and spammy-est on the Internet, according to experts who track such concentrations of badness online.

Security Patches, Mitigations, and Software Updates

VMware plugs RCE hole in remote management agent (Help Net Security) VMware has fixed a critical remote code execution vulnerability (CVE-2018-6968) in VMware AirWatch Agent for Android and Windows Mobile.

Cyber Trends

Sponsored: Busting Threat Intelligence Myths: A Guide for Security Professionals (Recorded Future) See how you can begin to augment your cybersecurity skills with powerful and contextualized threat intelligence.

State of the Internet Summer 2018 Attack Spotlight: What You Need To Know (Akamai) Earlier this year, Akamai mitigated the largest DDoS attack in its history, fueled by a new reflector, memcached. The attack targeted one of our software clients and broke through the 1 Tbps threshold for the first time. Memcached was developed...

How employee behavior impacts cybersecurity effectiveness (Help Net Security) Whether accidental or intentional, employee behavior impacts cybersecurity effectiveness and it can negatively impact even the best strategy.

Protecting consumers from mobile and IoT threats (Help Net Security) A new report by Allot revealed a dynamic and automated threat landscape in which consumers lack the security expertise to effectively protect themselves.

With the GDPR, companies face new era of compliance and transparency (Help Net Security) A foundational principle of the GDPR is controlling privileged access. Yet only 36% of organizations have removed administrator rights at various levels.

Companies caught between crooks and compliance warns Centrify (CSO) Companies can escape the squeeze between cyber crooks and compliance by better protecting identity says Centrify

Marketplace

USCYBERCOM Awards Cyber Innovation Contract to MISI (MISI) The Maryland Innovation and Security Institute (MISI) has been awarded a five-year Partnership Intermediary Agreement (PIA) by United States Cyber Command (USCYBERCOM) to innovate new technologies in an unclassified, state-of-the-art facility located in Columbia, MD.

CyberX Not Just an Amazon.com Subsidy (Bacon's Rebellion) Virginia economic development officials have kept their lips tight about the incentive package Virginia is extending to Amazon.com, Inc., to induce the e-commerce giant to locate its second headquarters in Northern Virginia. My concern has been that the Commonwealth might … Continue reading →

Security Industry Association Announces 2018 Legislator of the Year and Statesman Award Winners (Security Industry Association) Sens. Orrin Hatch, John Thune and Gary Peters, Reps. Dan Donovan and John Rutherford and security industry veteran Rob Reiter will be honored at SIA GovSummit.

Dreamit Ventures launches new security vertical (TechCrunch) Dreamit Ventures, a Philadelphia-based early stage investor and accelerator, announced it was moving into security today. To that end, it also announced it was bringing on Bob Stasio, an industry vet with roots in startups, IBM and work in the military and the NSA to run the new division. The compa…

Two Companies Picked To Protect Nation’s 600 Dams from Cyberattacks (Nextgov.com) The Interior Department awarded spots on a five-year, $45 million contract to manage IT risk for more than 600 dams nationwide.

Verint CEO: We're looking to improve margins (Globes) Dan Bodner refused to comment on the report that Verint will acquire cyber intelligence company NSO.

3 Hot Topics for Palo Alto Networks (The Motley Fool) Management at the cybersecurity specialist had plenty to say about the cloud migration, existing customers, and data privacy.

Facebook Says its Competitors Are the Whole Internet, Because Facebook Is the Internet (Motherboard) Facebook told Congress that its competitors come from all over the internet—that's true, because Facebook has largely replaced the internet for many of its users.

Splunk to acquire DevOps incident management platform VictorOps for $120 million (VentureBeat) Big data-crunching platform Splunk has announced plans to acquire VictorOps, an incident management platform for the DevOps community. For the uninitiated, Splunk captures machine-generated data fo…

Cyxtera Announces Closing of Immunity, Inc. Transaction (Cyxtera) Cyxtera Technologies, the secure infrastructure company, today announced the completion of the acquisition of Immunity, Inc., a global leader in offense-oriented cyber security techniques and technologies.

Kudelski Security Extends Capabilities to Germany and Austria From New Office in Zurich (PR Newswire) Kudelski Security, the cybersecurity...

Products, Services, and Solutions

Pulse Secure Virtual Application Delivery Controller Extends Availability to Amazon Web Services GovCloud (US) to Help US Government Agencies Innovate in the Cloud (GlobeNewswire News Room) Pulse Secure supports automation and integration with DevOps tools on AWS GovCloud (US) Region

Tenable Launches Pioneering Solution to Help Secure Critical Infrastructure across Converged IT/OT Environments (Tenable™) Tenable®, Inc., the Cyber Exposure company, today announced the industry’s first solution designed to reduce cybersecurity risk across today’s converged IT/OT environments. Enhancements to the Tenable.io® platform and Industrial Security, an asset discovery and vulnerability detection solution for Operational Technology (OT) systems, delivered in partnership with Siemens, enable organizations to manage Cyber Exposure holistically across IT and OT and effectively prioritize remediation based on the criticality of the asset and the vulnerability.

Denim Group’s ThreadFix Provides Application Security Scalability to the Enterprise (BusinessWire) Vulnerability Resolution Platform Enhances Performance for High Volume Testing

Kaspersky Lab and the brewers of Pilsner Urquell work together to secure beverage industry (IT News Africa) Kaspersky Lab and Plzensky Prazdroj have announced the successful completion of a cybersecurity partnership to improve the overall industrial security posture of the brewery.

Experian focusing on automated app deployments with Dynatrace (ComputerworldUK) From application management to security-as-a-service, credit reports firm Experian drives Dynatrace support with new model

Nyansa extends network performance monitor software (SearchNetworking) In Cisco Live news, Nyansa expanded its network performance monitor software to track WAN and Wi-Fi problems. And A10 added support for ingress filtering for Kubernetes containers.

Morphisec Hits One Million Endpoint Milestone in Under Two Years (Daily American) Morphisec, the leader in Moving Target Defense, today announced that it has reached a major milestone – it has deployed its Endpoint Threat

Twistlock Launches Twistlock Advantage Program (Sys-Con Media) First of its kind partner program for cloud native security equips partners with technical, sales and marketing support

LogRhythm adds NESA compliance regulation to platform (Intelligent CIO Middle East) In an effort to support the United Arab Emirates’ (UAE) cybersecurity outlook and show commitment to the country and the region as a whole, LogRhythm, the Security Intelligence Company, has integrated the UAE National Electronic Security Authority (NESA) cybersecurity compliance standards and guidelines into its NextGen SIEM (Security Information and Event Management) platform. These standards were […]

Medibank Private finds the cure for ransomware (CSO) Like most large businesses, health insurer Medibank Private was regularly experiencing a few of what CISO Stuart Harrison calls “significant incidents” every month.

Technologies, Techniques, and Standards

Sponsored: Automate and Orchestrate Your Cybersecurity Processes (ThreatConnect)

DHS cyber specialist: look for behavior patterns with APTs (Cyberscoop) To better track advanced hacking groups, U.S.-based companies should watch for signals in human behavior instead of changing tactics, according to Casey Kahsen, an IT specialist at the Department of Homeland Security.

How to Establish Effective Intelligence Requirements (SecurityWeek) Intelligence requirements (IRs) lay the foundation and set the direction of an intelligence operation, and enable teams to prioritize needs, allocate resources, determine data sources, and establish the types of analysis and expertise required to process that data into intelligence.

Train Your Employees to Think for Themselves in Data Security (Infosecurity Magazine) Since employees have access to company information, they are technically a bigger danger to data security than attackers.

Analyst research: ROI of Pen Testing as a Service (Help Net Security) Dr. Chenxi Wang examined the Return on Investment that organizations may realize by using Cobalt’s Pen Testing as a Service platform.

5 new facts about DoD’s secure phones and tablets (C4ISRNET) DISA continues to provide a variety of mobility solutions for DoD customers.

Cyber Yankee 2018 trains for attack (DVIDS) Cyber Yankee 2018 trains for attack

Design and Innovation

Sponsored: Closing the Last Gap in Data Security: Protecting Data in Use (Enveil) Industry analyst firm 451 Research highlights how startup Enveil tackles the encryption-in-use problem with a new take on homomorphic encryption.

Interview: 'Cyber wars' veteran Phil Zimmermann talks quantum-proof encryption and backdoors (Computing) 'If the NSA tells you to get ready for quantum computers then you'd better get ready

Research and Development

US Oak Ridge National Lab unveils world's most powerful supercomputer (Computing) 200-petaflop Summit supercomputer eight times more powerful than Titan, the supercomputer it supercedes at Oak Ridge,Hardware,Server ,Oak Ridge National Laboratory,Summit,supercomputer,Power9,Department of Energy

Russia prepares for a future of making autonomous weapons (C4ISRNET) Kalashnikov, an arms maker that’s part of the larger Rostec defense enterprise, announced last week that it is has developed some expertise in machine learning.

Academia

Computer science researcher meets updated phishing attacks head on (Virginia Tech News) In an age of cyberattacks and data breaches, vigilance alone might not be enough to keep email users protected, according to new research from Virginia Tech that examines the growing sophistication of phishing attacks.

U.S. Cyber Challenge Kicks Off 2018 Camp Season at Virginia Tech (US Cyber Challenge) U.S. Cyber Challenge kicks off its 2018 boot camp season next week at Virginia Tech in Blacksburg, Virginia for the Eastern Regional Cyber Camp. Camp participants

Legislation, Policy, and Regulation

What the document signed by Donald Trump and Kim Jong Un says (Quartz) The agreement consists of four points—vague enough to confirm the fears of pessimists while leaving optimists feeling hopeful.

Ditching entourages, Trump and Kim Jong Un to meet 1 on 1 (Military Times) They came with scores of aides, bodyguards and diplomats in tow: Donald Trump from Washington, Kim Jong Un from Pyongyang. But for the better part of an hour, the two men will square off one on one, alone but for a pair of translators, raising concerns about the risk of holding such a monumental meeting with barely anyone to bear witness.

Today Only The Beginning of a Much Longer Term Process (Bloomberg) Saruhan Hatipoglu, CEO, B.E.R.I. (Business Environment Risk Intelligence), discussed his expectations for the Trump-Kim summit with Rishaad Salamat and Bryan Curtis. He explains how different Kim Jung Un is to his father, goes on to discuss the prospect of a peace deal ahead between North and South Korea and the importance of agreeing on what denuclearization means.

Trump Kim summit: Whatever happens, North Korea-US cyberwar will rage on (ZDNet) Opinion: A grin and a handshake will not change the attitude of either when it comes to hacking at the country scale.

Russia Is Quietly Playing Three Roles in the Korean Drama (Defense One) Though it rarely makes the news, Moscow has a critical part as a behind-the-scenes negotiator, spoiler, and unholy ally.

Suspend Privacy Shield if the USA will not comply, say MEPs (Computing) Both Facebook and Cambridge Analytica were certified under the pact, Civil Liberties Committee points out

Pressure mounts on EU-US Privacy Shield after Facebook-Cambridge Analytica data scandal (TechCrunch) Yet more pressure on the precariously placed EU-US Privacy Shield: The European Union parliament’s civil liberties committee has called for the data transfer arrangement to be suspended by September 1 unless the US comes into full compliance. Though the committee has no power to suspend the a…

Illegal memes? Weak Safe Harbor? Unpacking the proposed EU copyright overhaul (Ars Technica) Overhaul would bring chilling effects, costs, and legal uncertainty along for the ride.

Even as Trump advocates for Russia, his administration imposes new sanctions for Moscow's cyberattacks (Los Angeles Times) Citing “malicious” cyberattacks by Russia's agents, the Trump administration on Monday imposed economic sanctions on Russian companies and persons accused of supporting Moscow’s spy network. The action comes just after President Trump unsuccessfully pushed for Russia's readmittance to the G-7.

Congress Questions Trump's ZTE Deal (Nextgov.com) Plus the other goodies tucked into the National Defense Authorization Act federal employees need to know.

Senate may deal Trump trade defeat on ZTE (CNN) The Senate is on the verge of directly undercutting a key piece of President Donald Trump's trade negotiations with China, as a bipartisan group of lawmakers successfully pushed for the inclusion of a bill to undo a deal to save Chinese telecom ZTE.

How a Washington crackdown on Huawei could backfire for everyone (IDG Connect) Acting tough on Chinese firms might seem like a good idea to the Trump administration, but it could come back to bite the US tech industry in the long-term.

Senator hopes to draw red line discouraging election cyberattacks (Cyberscoop) A prominent lawmaker wants to draw a line in the sand to discourage hackers from targeting U.S. election systems. Sen. Mark Warner, D-Va., proposed Monday that the United States formally declare it will respond in cyberspace to any foreign interference in American elections.

Lawmakers Take Another Shot at Transforming Trump Cyber Policy (Nextgov.com) Proposed amendments to the Senate’s defense authorization bill would reinstate the White House cyber coordinator and require a White House cyber strategy.

US Government’s biometric database worries privacy advocates (Naked Security) It is something few Americans will have heard of, but the US Department of Homeland Security’s Homeland Advanced Recognition Technology (HART) is catching the eye of privacy advocates – and n…

The cyber bases of the future (C4ISRNET) From BRACtown to downtown: National cyber defense units should be located in metropolitan areas where they can best take advantage of IT capabilities and infrastructure.

How Energy's new cyber shop will work (FCW) The Energy Department's new cybersecurity and emergency response unit aims to complement critical infrastructure efforts at DHS.

Trump's coal, nuclear bailout no shield from hackers: cyber experts (Reuters) Bailing out nuclear and coal-fired power plants will not toughen the U.S. power grid against cyber attacks as the Trump administration claims, according to cyber experts, because hackers have a wide array of options for hitting electric infrastructure and nuclear facilities that are high-profile targets.

New fines for essential service operators with poor cyber security (GOV.UK) Proposals being considered as part of consultation to protect essential services

Vietnam’s new cyber security law draws concern for restricting free speech (TechCrunch) Big tech firms including Google, Facebook and Twitter have expressed major concern after Vietnam’s government passed a law that promises to introduce tighter restrictions on free speech online. The new regulation passed this week strengthens the government’s position on censoring the in…

Litigation, Investigation, and Law Enforcement

Senator says Chinese hack of Navy contractor ‘very serious’ (Fifth Domain) A Rhode Island Senator is describing the case of a Chinese government hack into a Newport Naval Station as “very serious.”

Josh Schulte: CIA insider gone south or repugnant criminal? (CSO Online) Josh Schulte, believed to have been the source of the leaked the "Vault 7" Wikileaks trove of CIA tools, has been charged with a heinous crime concerning illegal images.

Treasury Sanctions Russian Federal Security Service Enablers (U.S. Department of the Treasury) Today, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) designated five Russian entities and three Russian individuals under Executive Order (E.O.) 13694, “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities,” as amended, and Section 224 of the Countering America’s Adversaries Through Sanctions Act (CAATSA).

U.S. Sanctions Russian Firms for Energy Grid Cyberattack (Bloomberg) The U.S. imposed new sanctions Monday on Russian firms and individuals for helping the country’s state security service conduct cyberattacks targeting the American energy grid and other key infrastructure.

US hits Russian firms with sanctions, citing cyberattacks (Fifth Domain) The Trump administration on Monday slapped sanctions on several Russian companies and businessmen for engaging in cyberattacks and assisting Russia’s military and intelligence services with other malicious activities.

ERPScan named in new US sanctions that claim that Russia is monitoring underwater communication cables (Computing) ERPScan denies links with security firm named in US sanctions

US ZTE ban will remain in place until the company pays $1bn fine and places $400m in escrow (Computing) ZTE deal a 'personal favour' from President Trump - but it will definitely be shut down if it contravenes new agreement,Security,Leadership,Cloud and Infrastructure ,ZTE,Donald Trump,Department of Commerce,sanctions,Fox News,Peter Navarro

Founder of Cybersecurity Company Says His Firm Was Sanctioned Because He was Born in Russia (Motherboard) The US Treasury sanctioned five companies accusing them of helping the Russian government hack. But the founder of one of those companies vehemently denied the accusations.

Kaspersky Asks Appeals Court to Reverse Government Ban With a Quickness (Nextgov.com) The Russian anti-virus company wants to complete the appeal process before a broad government ban takes formal effect in October.

74 Arrested in Coordinated International Enforcement Operation Targeting Hundreds of Individuals in Business Email Compromise Schemes (US Department of Justice) Federal authorities announced today a significant coordinated effort to disrupt Business Email Compromise (BEC) schemes that are designed to intercept and hijack wire transfers from businesses and individuals, including many senior citizens.

Eleven arrested in Harris County by FBI for committing cyber crimes (Houston Chronicle) The international  sweep ran from January to early June 2018 and culminated in two weeks of focused law enforcement activity in the United States and Nigeria, according to the FBI.

French Data Protection Authority Imposes a Record 250,000 € Fine to Optical Center for a Security Breach on its Website (JDSupra) On June 7, 2018, the French Data Protection Authority (the CNIL) published a decision (issued one month earlier) in which it imposed a record 250,000 euros fine on Optical Center (which, although its name does not indicate, is a French company) for having insufficiently secured the personal data of its customers.

Open Source Security hit with bill for defamation claim (Register) Judge okays $260K in defense costs to Bruce Perens and lawyers under anti-SLAPP

Cyber Events

For a complete running list of events, please visit the event tracker on the CyberWire website.

Cyber Security Summit - CYBERWIRE95

Upcoming Events

Dynamic Connections 2018 (Palm Springs, California, USA, June 12 - 14, 2018) Together with you, our customers and partners, we’ll come together for 2 ½ days to learn, explore and create the possible at Dynamic Connections 2018 (DC18). To get ahead of the most critical, most pervasive threat we face in the digital domain today, we must reach into the future and pull tomorrow’s innovation forward.

Social Engineering—Rhode Island (Newport, Rhode Island, USA, June 16 - 16, 2018) Welcome to the first ever social engineering conference in Rhode Island!

NITSIG Meeting: Protecting Controlled Unclassified Information On U.S. Government Contractor Information Systems (Herndon, Virginia, USA, June 18 - 18, 2018) This meeting will discuss the security control requirements for the protection of Controlled Unclassified Information (CUI), for contractor information systems upon which CUI is processed, stored on, or transmitted through. These requirements must be implemented at both the contractor and subcontractor levels based on the information security guidance in NIST Special Publication (SP) 800-171: Protecting Controlled Unclassified Information In Non-Federal Information Systems And Organizations. The CUI protection requirements are intended for use by federal agencies in contractual vehicles or other agreements established between those agencies and non-federal organizations. Failure to implement the security controls to protect CUI, would be a breach of contract.

Norwich University Cyber Security Summit (Northfield, Vermont, USA, June 18 - 20, 2018) Norwich University’s College of Graduate and Continuing Studies (CGCS) is pleased to announce the second annual Cyber Security Summit in June 2018. The summit, presented in a continuing education format, welcomes Norwich alumni and others interested in exploring and discussing the latest in cyber security policy from both the federal level and the practical application of that policy on a local or business level.

Insider Threat Program Management With Legal Guidance Training Course (Tyson's Corner, Virginia, USA, June 19 - 20, 2018) This training will provide the ITP Manager, Facility Security Officer, and others (CIO, CISO, Human Resources, IT, Etc.) supporting an ITP, with the knowledge and resources to develop, manage, or enhance an ITP. A licensed attorney with extensive experience in Insider Threats and Employment Law, will provide legal guidance related to ITP's, the collection, use and sharing of employee information, and employee computer user activity monitoring. Insider Threat Defense has trained over 500+ organizations and has become the "Leader-Go To Company" for ITP Management Training.

GovSummit (Washington, DC, USA, June 27 - 28, 2018) GovSummit -- the government security conference hosted annually by the Security Industry Association -- brings together government security leaders with private industry technologists for top-quality information sharing and education on security topics affecting federal, state and even local agencies.

Impact Optimize2018 (Rosemont, Illinois, USA, June 28 - 28, 2018) Impact Optimize2018, the first-ever IT and Business Security Summit hosted by Impact, will provide attendees with actionable steps that enable the betterment of information, network and cybersecurity. All of the information presented will be designed to facilitate growth and eliminate risk for organizations of all sizes and across all vertical markets, with security as the firm foundation of every solution. The event will include presentations by subject matter experts, breakout sessions among business leaders and live demonstrations of enterprise security and business software.

The Cyber Security Summit: DC Metro (Tysons Corner, Virginia, USA, June 28 - 28, 2018) Learn from cyber security experts from The U.S. Department of Justice, The NSA, Pulse Secure, CenturyLink and more as they brief you on the latest security threats facing your business. This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers. Receive $95VIP admission with promo code cyberwire95 at CyberSummitUSA.com ($350 without code). Your registration includes a catered breakfast, lunch, and cocktail reception. Passes are limited. Secure your ticket while space permits.

Nuclear Asset Information Monitoring and Maintenance (Warrington, England, UK, July 3 - 4, 2018) On July 3rd and 4th in Warrington United Kingdom, nuclear industry leaders will meet for the IoE Events Nuclear Asset Information, Monitoring and Maintenance conference to further develop the sector’s strategic ability to leverage the appropriate people, processes and technology to achieve organisational goals through an enterprise wide integrated asset information strategy.

The Cyber Security Summit: Seattle (Seattle, Washington, USA, July 18 - 18, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts. Learn from cyber security thought leaders and Engage in panel discussions focusing on trending cyber topics such as Sr. Leadership’s Best Approach to Cyber Defense, What’s Your Strategic Incident Response Plan?, Protecting your Enterprise from the Human Element and more. Your registration includes a catered breakfast, lunch, and cocktail reception. Receive half off your admission with promo code cyberwire50 at CyberSummitUSA.com and view details including the full agenda, participating solution providers & confirmed speakers. Tickets are normally $350, but only $175 with promo code.

Cyber Security Summit 2018 (Newport, Rhode Island, USA, July 18 - 20, 2018) Join us for Opal Group’s Cyber Security Summit – set in Newport, RI, this premier event will gather C-Level & Senior Executives responsible for defending their companies’ critical infrastructures together with technology providers & distinguished information security experts. Learn from acclaimed security professionals on how to protect your business from cyber attacks during interactive Panels & Keynote presentations. Convene with fellow influential business leaders, C-Suite executives, investors & entrepreneurs over 3 days of sailing, sessions, and networking opportunities.

Health Cybersecurity Summit 2018 (Santa Clara, California, USA, July 20 - 20, 2018) Worried about being hacked? Not sure how to respond to a cyber incursion? The first line of defense is a cyber threat preparedness strategy that includes coordination with critical infrastructure and emergency management agencies. Join executives, security professionals and elected officials for the Silicon Valley Leadership Group's Health Cybersecurity Summit on Friday, July 20, at Citrix Headquarters in Silicon Valley. Engage in a real-time cyber threat and response simulation, hone your digital defense skills, and learn about the unique security concerns faced by the healthcare industry and related infrastructure providers.

Global Cyber Security Summit (Kathmandu, Nepal, July 27 - 28, 2018) Information Security Response Team Nepal (NPCERT) is all set to host a Global Cyber Security Summit (GCSS) on July 27 with the theme “Building Global Alliance for Cyber Resilience”. The two-day event aims to provide a creative and productive platform for professionals in the field of cyber security.

THE CYBERWIRE
Compiled and published by the CyberWire editorial staff. Views and assertions in source articles are those of the authors, not the CyberWire, Inc.