skip navigation

More signal. Less noise.

2017 cyberattacks proved more numerous, sophisticated, and ruthless than in years past.

WannaCry, NotPetya, ransomware-as-a-service, and fileless attacks abounded. And, that’s not everything. The victims of cybercrime ranged from private businesses to the fundamental practices of democracy. Read The Cylance Threat Report: 2017 Year in Review Report and learn about the threat trends and malware families their customers faced in 2017.

Daily briefing.

Late Friday the US Department of Justice announced the indictment of a Russian national on charges of attempting to interfere with the approaching midterm elections. Elena Alekseevna Khusyaynova of St. Petersburg, Russia, was charged with conspiracy to influence US elections. She is alleged to have been active in the 2016 election cycle as well, but her indictment marks the first charges brought in connection with the 2018 vote.

Her role is an interesting one: she's an accountant, and she's charged with managing the finances for "Project Lakhta," an influence campaign directed toward the now-familiar goal of inflaming existing American political and cultural fissures. As has been the case with most Russians indicted in the US, Ms Khusyaynova isn't in custody. If she ever faces trial, she could face five years' imprisonment.

US authorities continue to express concern over influence operations not only by Russia, but by China and Iran as well.

Saudi influence operations in social media draw attention as the Kingdom continues to vigorously and implausibly spin its role in the murder of journalist Jamal Khashoggi inside Saudi Arabia's Istanbul consulate. Twitter has banned inauthentic accounts pushing the Kingdom's official line. The New York Times also reports that Saudi intelligence services attempted to infiltrate Twitter by compromising an employee back in 2015.

The European Union concluded its meetings last week with gruff noises about cyber deterrence, but did not, finally, enact the tough sanctions against Russia the UK and Netherlands advocated.

Pyongyang's quiet crimewave? Gaming hacks, says Recorded Future.

Notes.

Today's issue includes events affecting Bahrain, Belarus, China, Cuba, Egypt, European Union, Iran, Iraq, Democratic Peoples Republic of Korea, Libya, Myanmar, Oman, Russia, Saudi Arabia, Syria, Thailand, Turkey, Turkmenistan, Uganda, United Arab Emirates, United Kingdom, United States, Venezuela, and Vietnam.

A year in, companies unsure of risk under China's Cyber Security Law, says Control Risks.

Over a year into China’s Cyber Security Law, Control Risks experts say its vague definition and application leaves multinational companies struggling to understand their risk. Further, how strictly the government will crack down and the extent of penalties for non-compliance remain open questions. Nonetheless, companies operating in China must understand their unique exposure and specific cyber, physical and procedural requirements. Let Control Risks help you make the critical decisions to seize your opportunities in China.

In today's podcast, up later this afternoon, we hear from our partners at the Johns Hopkins University, as Joe Carrigan discusses network segmentation.

SecurityWeek 2018 Industrial Control Systems (ICS) Cyber Security Conference (Atlanta, Georgia, United States, October 22 - 25, 2018) SecurityWeek’s ICS Cyber Security Conference is the conference where ICS users, ICS vendors, system security providers and government representatives meet to discuss the latest cyber-incidents, analyze their causes and cooperate on solutions. Register today for the original ICS/SCADA Cyber Security Conference – October 22-25 in Atlanta.

Maryland Cybersecurity Career & Education Fair (Rockville, Maryland, United States, November 9 - 10, 2018) Join us for two dynamic days that put on display why Maryland is where cyber works. Friday will feature a career and education fair, connecting cybersecurity job seekers with opportunities across the state of Maryland. On Saturday, high school and undergraduate students compete in our cyber challenge.

Cyber Attacks, Threats, and Vulnerabilities

U.S. National Security Officials Worried About Voter Influence From Russia, China and Iran (Time) The two-page statement about foreign influence in U.S. elections was issued

Russian Trolls Are Still Playing Both Sides—Even With the Mueller Probe (WIRED) The latest indictment against Russian trolls shows how they sowed division in the US on wedge issues, including the investigation into their activity.

Russian troll threat hasn't gone away as election day nears (CNN) The US intelligence community and Silicon Valley may have upped their efforts to prevent interference in November's midterm elections, but that hasn't stopped the Russians from trying, a criminal complaint filed on Friday shows.

Trump Claims China Election Meddling—But Cyber Firms Don't See It (Fortune) The findings of top cybersecurity firms are casting doubt on Trump's claims.

Saudis’ Image Makers: A Troll Army and a Twitter Insider (New York Times) The kingdom silences dissent online by sending operatives to swarm critics. It also recruited a Twitter employee suspected of spying on users, interviews show.

A Twitter employee groomed by the Saudi government prompted 2015 state-sponsored hacking warning (TechCrunch) An explosive report in The New York Times this weekend sheds new light on the apparent targeting of Twitter accounts by “state-sponsored actors” three years ago. It comes in the wake of the confirmed death of Washington Post journalist Jamal Khashoggi on Friday, two weeks after he disap…

Twitter suspends bots spreading pro-Saudi tweets after Khashoggi case (The Telegraph) Twitter has taken down a sophisticated network of bots that were pushing out thousands of tweets in support of the Saudi regime following the disappearance of journalist Jamal Khashoggi.

Opinion | This new technology could send American politics into a tailspin (Washington Post) We should all be concerned about ‘deepfakes.’

Perspective | I fell for Facebook fake news. Here’s why millions of you did, too. (Washington Post) Everyone now knows the Web is filled with lies. So then how do fake Facebook posts, YouTube videos and tweets keep making suckers of us?

How AI is creating new threats to election security (CBS News) Big data and artificial intelligence will expose old vulnerabilities and create new methods of hacking campaigns

Weaponizing the Digital Influence Machine: The Political Perils of Online Ad Tech (Data and Society Research Institute) In this report, we argue that today’s digital advertising infrastructure creates disturbing new opportunities for political manipulation and other forms of antidemocratic strategic communication.

Revealed: Israel's cyber-spy industry helps world dictators hunt dissidents and gays (Haaretz) Haaretz investigation spanning 100 sources in 15 countries reveals Israel has become a leading exporter of tools for spying on civilians. Dictators around the world – even in countries with no formal ties to Israel – use them eavesdrop on human rights activists, monitor emails, hack into apps and record conversations.

Big attacks a smokescreen for “low-level” North Korea cybercrime that the world is ignoring (CSO) North Korean hackers’ use of gaming hacks has become one of numerous strategies they have successfully used to stay under the radar of international law-enforcement authorities, according to a threat-intelligence researcher who warns the world has long underestimated the rogue state’s use of criminal activities to raise money.

Kaspersky says it detected infections with DarkPulsar, alleged NSA malware (ZDNet) Victims located in Russia, Iran, and Egypt; related to nuclear energy, telecommunications, IT, aerospace, and R&D.

SettingContent-ms can be Abused to Drop Complex DeepLink and Icon-based Payload (TrendLabs Security Intelligence Blog) Microsoft’s SettingContent-ms has become a recent topic of interest. In July, we saw one spam campaign use malicious SettingContent-ms files embedded in a PDF to drop the remote access Trojan FlawedAmmyy, a RAT also used by the Necurs botnet. That campaign was mostly targeting banks in different countries across Asia and Europe.

Zero-day in popular jQuery plugin actively exploited for at least three years (ZDNet) A fix is out but the plugin is used in hundreds, if not thousands, of projects. Patching will take ages!

Password and credit card-stealing Azorult malware adds new tricks (ZDNet) Malware can now steal more types of cryptocurrecny and comes with other updates, likely in response to a free version being leaked online.

Fraudster Targets Cryptocurrency Wallets with a Variety of Info Stealers (BleepingComputer) An online scammer targeting thousands of victims interested in cryptocurrencies runs a large and diverse business that includes phishing and fraud operations.

Hurricane Michael phishing schemes leverage Azure blob storage to rake in credentials (Proofpoint) Proofpoint researchers detail recent phishing templates that combine multiple techniques for credential theft.

What Spammers Could Do With Your Hacked Facebook Data (WIRED) A new report suggests that spammers, not nation states, may have been behind the Facebook hack. That could be even worse news.

Hack on 8 adult websites exposes oodles of intimate user data (Ars Technica) A recovered 98MB file underscores the risks of trusting personal info to strangers.

Cryptojackers Keep Hacking Unpatched MikroTik Routers (GovInfo Security) Cryptojackers and eavesdroppers are continuing to exploit a one-time zero-day flaw in unpatched MikroTik routers, despite a patch that's been available for six

Serious D-Link router security flaws may never be patched (Naked Security) Six routers with serious security flaws are considered end of life (EOL) and may never be updated.

Hackers breach Healthcare.gov system, taking files on 75,000 people (TechCrunch) A government system used by insurance agents and brokers to help customers sign up for healthcare plans was breached, allowing hackers to siphon off sensitive and personal data on 75,000 people. The Centers for Medicare and Medicaid Services confirmed the breach in a late Friday announcement, but r…

UK-based Card Factory Website Glitch Exposes Personal Data (Information Security Buzz) News is breaking that a leading retailer has seen a website glitch put the privacy of customers’ personal data at risk. This time, Card Factory, a popular UK-based greeting card business, has been storing customers’ data in an insecure way, letting the public access their photos with a basic URL trick, specifically through an ‘insecure direct …

Muscatine cyber-attack targets government financial server (WQAD.com) Several government servers were attacked early Wednesday morning including a server used for the city's finances.

Local clerk's office suffers cyber attack (WTHI News) The Crawford County Clerk's office was the victim of a ransomware attack.

Borough continues to recover from cyber attack (Mat-Su Valley Frontiersman) The price tag on the cyber attack that hit the Mat-Su Borough in July has reached $2.1 million.

Security Patches, Mitigations, and Software Updates

Amazon fixes security flaws allowing smart home hijacks (Engadget) The real-time OS had 13 flaws affecting a wide range of devices.

Tumblr fixes security flaw that exposed account info (Engadget) The recommended blogs feature showed more than it should.

Audio recording is now disabled by default in OpenBSD (ZDNet) OpenBSD 6.4 also ships with Meltdown, Spectre v2, SpectreRSB, L1FT, and Lazy FPU mitigations.

Google Patch to Block Spectre Slowdown in Windows 10 (Dark Reading) Microsoft will incorporate Google's Retpoline patch to prevent Spectre Variant 2 from slowing down its operating system.

Microsoft Releases Security Update for Yammer (US-CERT) Microsoft has released a security update to address a vulnerability in the Yammer desktop application. A remote attacker could exploit this vulnerability to take control of an affected system.NCCIC encourages users and administrators to review the Microsoft Security Advisory and apply the necessary update.

Critics warn Microsoft it needs to fix broken update process (Computerworld) Microsoft's decision this month to stop distribution of the fall feature upgrade to Windows 10 is only the latest sign of a broken update process. Upset users want that fixed.

Microsoft’s problem isn’t how often it updates Windows—it’s how it develops it (Ars Technica) Buggy updates point at deeper problems.

Google warns Apple: Missing bugs in your security bulletins are 'disincentive to patch' (ZDNet) Google's Project Zero has again called Apple out for silently patching flaws.

Cyber Trends

Cyberattacks that Target the C-Suite on the Rise (BizTech) Whaling, impersonating CEOs and compromising executives’ business emails are all ways that hackers are targeting those at the top.

Business Cyber Attacks Escalate While Cryptojacking Drops 26% In Q3 2018 - Malwarebytes | CryptoGlobe (CryptoGlobe) Cybersecurity firm Malwarebytes has revealed that cybercriminals are modifying their tactics in favour of targeting businesses over individuals, which comes alongside a 26 percent fall in recorded cryptojacking incidents in the third quarter of 2018.

USA and China identified as top cyber attack sources (Help Net Security) NSFOCUS identified USA and China as the top cyber attack sources in its H1 Cybersecurity Insights report, which analyzed traffic from January 1, 2018 to June 30, 2018.

Few employers have a culture that supports cybersecurity (HR Dive) While cybersecurity may seem like an issue for IT, a modern company requires HR and IT to work together to protect the company, a new study shows.

Building a Culture of Security within the Aviation Industry - Connected Aviation Today (Connected Aviation Today) Airport management & aviation organizations can proactively mitigate insider threats by creating a “culture of security.” Dominic Nessi offers tips on how.

A simple acronym sums up what's wrong with social media (Quartz) Engineer, philosopher, and virtual reality pioneer Jaron Lanier thinks you should leave social media platforms like Twitter and Facebook because they are BUMMERs.

An Intelligent History (The American Interest) Christopher Andrew’s The Secret World shows us how the intelligence business is consistently underrated by politicians, military leaders, and historians.

Book Review: 'Cyber Strategy: The Evolving Character of Power and Coercion' (International Policy Digest) Given a choice between hysteria or complacency about international cyberattacks, Bruce Newsome urges a more practical view.

Marketplace

NSA Finalizes $6.7 Billion in Classified Tech Contracts (Nextgov.com) After two years, the NSA finished rebidding its “Groundbreaker” program and is beginning work on a secretive new set of communications contracts.

NCCoE Unveils Vendor Partners for Medical Device Security Project (HealthITSecurity) The National Cybersecurity Center of Excellence unveiled this week an initial set of vendor partners for a medical device security project called Securing Picture Archiving and Communication Systems.

10 Security Startups That Investors Are Funding (SDxCentral) These 10 security startups raised over $499 million in just the last month as security remains a top priority for many enterprises.

Exclusive: CrowdStrike hires Goldman Sachs to lead IPO - sources (Reuters) Cybersecurity software maker CrowdStrike Inc has hired investment bank Goldman S...

SolarWinds had a wobbly first day of trading — its CEO explains why he's not sweating it (Business Insider) BI Prime: SolarWinds literally set off fireworks over Time Square at 7:30 am, despite pricing its IPO on the low end of its range just hours before.

SolarWinds shares rise 3.2 percent in downsized market debut (WSAU) SolarWinds Corp's shares rose as much as 3.2 percent in their downsized U.S. market debut on Friday, giving the enterprise software maker a market value of about $4.80 billion.

3 Cyber Security Stocks to Focus on Following Facebook Breach (Zacks Investment Research) Frequent data breaches and information theft enhances growth opportunities for cyber security stocks.

These are the top 20 cybersecurity companies today, according to reviews from IT professionals (Business Insider) BI PRIME: IT professionals say these are the companies leading the way in the cybersecurity business.

ESET to focus on Cybersecurity consulting (TahawulTech.com) IT security firm ESET says it is transforming itself from a software provider to cyber security consultant, even as the …

Defense Firms Battle Long Wait for Security Clearances (Wall Street Journal) An exacerbated workforce crunch for makers of warships, jet fighters and cybersecurity systems is forcing them to resort to workarounds to finish Pentagon orders.

Liked at last... Sir Nick Clegg takes top job at Facebook (Times) Two years ago Sir Nick Clegg said: “I’m not especially bedazzled by Facebook. I find the messianic Californian new-worldy-touchy-feely culture of Facebook a little grating.” How times have changed.

QuintessenceLabs Scales Up, Attracts Top Leadership in Growth Phase (AP NEWS) QuintessenceLabs (QLabs), a leader in quantum cybersecurity known for its quantum random number generators and integrated data protection capabilities, welcomes Andreas Baumhof as its Vice President of Technology.

Products, Services, and Solutions

BAE Systems technology successfully shares data (Homeland Preparedness News) BAE Systems technology successfully demonstrated its ability to provide U.S. intelligence organizations with data from BAE Systems’ Geospatial eXploitation Products (GXP) Platform and access to geospatial imagery. The technology, XTS Guard 5, was equipped with the GXP platform demonstrated secure …

IPKeys and ElectSolve accelerate growth strategies with the synergistic merger of Secure Demand Response and Meter Data Management platforms for the Public Power and Rural Electric Cooperatives Sectors (PR Newswire) IPKeys Power Partners (IPKeys) announced today the completion of the merger and acquisition...

Leading Certificate Authority, GlobalSign, Secures Qualified Trust Service Provider Recognition in Europe (PR Newswire) GMO GlobalSign (www.globalsign.com), a global Certificate Authority (CA) and the leading provider of...

SRA Tool 3.0 Expands Application to More Health Data Security Risks (HealthITSecurity) OCR and ONC have updated their security risk assessment tool to improve usability and expand its application to a broader range of health data security risks.

5 open source intrusion detection tools that are too good to ignore (CSO Online) Everyone should employ an intrusion detection system (IDS) to monitor their network and flag any suspicious activity or automatically shut down potentially malicious traffic. We look at five of the best open source options.

Technologies, Techniques, and Standards

To Curb Terrorist Propaganda Online, Look to YouTube. No, Really. (WIRED) Opinion: Despite YouTube’s crackdown, extremist groups are still exploiting other Google platforms.

Cybersecurity 'Paul Revere' touts adversarial model (Star Tribune) Chris Wysopal and his Boston hacker collective pals from the L0pht sounded the alarm on the sad state of software vulnerability in a now-legendary 1998 appearance before Congress. Then-Sen. Joe Lieberman hailed the group as "modern-day Paul Reveres."

Navy 'Extremely' Confident HMS Queen Elizabeth Can Fend Off Cyber Attack (Forces Network) In recent weeks, Russia and its military intelligence unit the GRU have been accused of a raft of cyber-attacks on targets around the world.

Industrial IoT Intelligence Aims to Save Lives by Preventing Disasters (PCMAG) In an evolution that could save lives as well as billions of dollars in disaster damage, real-time embedded systems, virtualization, and artificial intelligence (AI) are now a part of the Industrial IoT (IIoT) mix at plants and oil refineries.

Know Your Enemy: Lockheed Touts ‘Intelligence-Driven’ Cybersecurity (Breaking Defense) In a bland office building 30 minutes from the Pentagon, a wall-mounted screen shows, in real time, every suspicious email and LinkedIn request sent to employees of Lockheed Martin, the world’s largest defense contractor.

LA's cyber strategy: savvier employees, secure IoT (GCN) Los Angeles is reducing its attack surface by training employees and securing connected devices.

When cybersecurity capabilities are paid for, but untapped (GCN) Agencies should cull the security stack and provide contextual visibility across all layers of the environment -- network, endpoint, lateral movement, cloud and IoT.

Design and Innovation

The Tiny Chip That Powers Up Pixel 3 Security (WIRED) Google's latest flagship smartphone includes the Titan M, a security-focused chip that keeps users safe against sophisticated attacks.

A Very British AI Revolution in Intelligence is Needed (War on the Rocks) Artificial intelligence (AI) and automation will make large numbers of intelligence staff the world over increasingly redundant. This means that people

Threat intelligence needs AI to prove effective - McAfee (Channelnomics) CTO details the changing demands of cyber security

Decentralized Internet: TV Technobabble or Problem-Solver? (Northrop Grumman) Tech comedy show "Silicon Valley" introduced the concept of decentralized internet — could this work in real life or is it just TV technobabble?

Cybersecurity And The Human Element: Creating Realistic Solutions For A Safer Digital World (Forbes) When it comes to the technology itself, we often jump straight into complex software development without stopping to think about the natural tendencies of the consumers using that tech.

Wisdom of the Crowd: How the App Store Model Drives Innovation in Data Security (Security Intelligence) Application developers can accelerate the pace of innovation in data security by making it easy for third parties to integrate with their platforms.

Free societies face emerging, existential threats from technology (TechCrunch) Bilal Zuberi Contributor Share on Twitter Bilal Zuberi is a partner at Lux Capital, and is on the boards of Evolv Technology, CyPhy Technologies, and Nozomi Networks, among others. Silicon Valley is currently, and correctly, under fire for the failure of leading platforms such as Facebook, Google a…

Research and Development

Can the Pentagon Win the AI Arms Race? (Foreign Affairs) Artificial intelligence (AI) is the new frontier of military competition, and with China and Russia making headway in the field, the Pentagon is starting to rush, some say belatedly, into the new era.

How is IBM Research strengthening security in machine learning? (Silicon Republic) Machine learning and AI systems are transforming organisations all over the world, and IBM Research is helping to strengthen their defences.

Academia

How NSA is winning the war for cyber talent (Federal News Network) Kathy Hutson, NSA’s senior strategist for academic engagement, said a 20-year partnership with the University of Maryland, Baltimore County helps keep current employees growing and brings in new ones.

At CyberMaryland, Baltimore startup Point3 Security organized a capture the flag tournament (Technical.ly Baltimore) Poolesville High School won the Maryland Cyber Challenge, besting a field that also included college teams. It marks a new front for Point3's Escalate platform.

Legislation, Policy, and Regulation

Russia dodges bullet of EU sanctions on cyber — for now (POLITICO) EU summit shows capitals are divided on how to counter a growing cyberthreat from Moscow.

EU Leaders to Seek Cyber Sanctions, Press Asia for Action: Draft Statements (US News) The European Union should agree a sanctions law to target computer hackers by early next year, the bloc's leaders are set to say on Thursday and will also seek a pledge from Russia and China to help stop cyber attacks, internal EU documents show.

Paranoia is the religion of Putin’s Russia (Times) I was saddened, but not surprised, to find myself again on the Kremlin-financed RT channel’s list of top ten “Russophobes”. Dismissing criticism as prejudice is the easiest, and cheapest, way of...

A Chinese Perspective on the Pentagon’s Cyber Strategy: From ‘Active Cyber Defense’ to ‘Defending Forward’ (Lawfare) The aggressive posture of the 2018 Department of Defense Cyber Strategy risks increasing insecurity and instability in the cyber realm.

Egypt and Thailand: When the military turns against free speech (TechCrunch) Wael Abbas, a human rights activist focused on police brutality in Egypt has been under arrest since May on charges of spreading fake news and “misusing social media.” Andy Hall, a labor rights researcher, has been fighting charges under Thailand’s computer crime laws because of a report published …

Australia lawyers' group: Draft cyber laws would curb rights (WAFF48) Australian lawyers' group say proposed cybersecurity laws to force companies such as Facebook and Google to help police by unscrambling encrypted messages would significantly limit privacy and freedom

Here are all the countries where the government is trying to ban VPNs (Security Boulevard) VPNs keep your online activity private and unrestricted. Some countries with repressive governments have outlawed VPNs in an attempt to maintain control. VPNs are powerful tools that can evade all but the most sophisticated efforts to regulate the Internet and censor information. That is why repressive governments around the world have been making efforts to The post Here are all the countries where the government is trying to ban VPNs appeared first on ProtonVPN Blog.

Former CSIS director, defence minister urge feds to bar Huawei from 5G (CTVNews) A former CSIS director and defence minister are both urging Ottawa to bar Chinese telecom giant Huawei from participating in the development of Canada’s next-generation 5G wireless network over espionage and security concerns.

Litigation, Investigation, and Law Enforcement

Russian National Charged with Interfering in U.S. Political System (US Department of Justice) A criminal complaint was unsealed in Alexandria, Virginia, today charging a Russian national for her alleged role in a Russian conspiracy to interfere in the U.S. political system, including the 2018 midterm election. Assistant Attorney General for National Security John C. Demers, U.S. Attorney G. Zachary Terwilliger of the Eastern District of Virginia, and FBI Director Christopher Wray made the announcement after the charges were unsealed.

Russian Woman Charged With Influencing US Elections on Social Media (Motherboard) Elena Alekseevna Khusyaynova was part of a wide-ranging project to influence the 2016 and 2018 election on social media.

DOJ charges Russian accountant with targeting 2018 midterms (Fast Company) The Russians allegedly sought to further divide Americans around issues like race and immigration.

Trump doubts Saudi account of journalist’s death: ‘There’s been deception, and there’s been lies’ (Washington Post) The president has expressed displeasure with son-in-law Jared Kushner for mishandling U.S.-Saudi relations, officials said.

Crown prince under scrutiny in journalist’s disappearance even as Saudis search for exculpatory explanation (Washington Post) Mounting evidence points to Mohammed bin Salman’s involvement in the disappearance of Jamal Khashoggi.

Saudi Arabia fires 5 top officials, arrests 18 Saudis, saying Khashoggi was killed in fight at consulate (Washington Post) The Saudi government acknowledged early Saturday that journalist Jamal Khashoggi was killed inside the Saudi Consulate in Istanbul, saying he died during a fistfight, but the new account may do little to ease international demands for the kingdom to be held accountable. The announcement, which came in a tweet from the […]

Jamal Khashoggi was choked and put in a rug, Saudi Arabia now says (Times) Jamal Khashoggi’s body was rolled up in a rug and handed to a “local co-operator” for disposal after he was accidentally strangled while being restrained, a Saudi official has claimed. Three weeks...

Khashoggi suspect had 'cyber spy' training (BBC News) A source tells the BBC about one of the Saudi agents alleged to have killed journalist Jamal Khashoggi.

Khashoggi’s fate shows the flip side of the surveillance state (TechCrunch) It’s been over five years since NSA whistleblower Edward Snowden lifted the lid on government mass surveillance programs, revealing, in unprecedented detail, quite how deep the rabbit hole goes thanks to the spread of commercial software and connectivity enabling a bottomless intelligence-gat…

Sir Nick Clegg faces pressure to attend Commons’ probe into Facebook’s practices and data breaches (The Telegraph) Sir Nick Clegg is under pressure to face questions from MPs over Parliament’s inquiry into Facebook’s data breaches and activity around fake news, following revelations the former Deputy Prime Minister will become an executive at the US technology company.

Yale Faces Additional Lawsuit After 2011 Breach (Infosecurity Magazine) Another victim in a Yale University data breach files a second lawsuit.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Times Talks: Arming for Cyberwarfare (Washington, DC, USA, October 30, 2018) David Sanger, a national security correspondent and author of “The Perfect Weapon: War, Sabotage and Fear in the Cyber Age,” will moderate a discussion in Washington, D.C., on cyberwarfare, one of the...

Army Autonomy and Artificial Intelligence Symposium and Exposition (Detroit, Michigan, USA, November 28 - 29, 2018) This symposium will explore and showcase innovative ways the U.S. Army is developing critical capabilities in robotics, autonomy, machine learning, and artificial intelligence. The goals are to explore...

Upcoming Events

2018 ICS Cyber Security Conference USA (Atlanta, Georgia, USA, October 22 - 25, 2018) SecurityWeek’s Industrial Control Systems (ICS) Cyber Security Conference is the largest and longest-running event series focused on industrial cybersecurity. Since 2002, the conference has gathered ICS...

Energy Tech 2018 (Cleveland, Ohio, USA, October 22 - 26, 2018) The annual EnergyTech Conference & Expo is an organized event, supported by NASA and INCOSE, highlighting advancements in Energy, Smart-Grids and Microgrids, Aerospace, Critical Infrastructure, Security...

Cryptocurrency, Cybersecurity and the Law (Annandale, VIrginia, USA, October 24, 2018) Legal and security considerations for users of cryptocurrencies and blockchain technology.

Global Resilience Federation Summit on Third-Party Risk (Leesburg, Virginia, USA, October 24 - 26, 2018) The purpose of the GRF Summit on Third-Party Risk is to increase awareness of security best practices, offer an opportunity for collaboration among third-party vendors and organizations’ risk management other to improve holistic security. The Summit will provide training, education and networking on the critical cyber and physical security issues facing organizations, their vendors, and the areas where the two groups intersect. Space is limited for this complimentary event, and registration will be capped and by-approval only. Attendees will include ISAC/ISAO member organizations plus third-party vendors and suppliers.

Wild West Hackin’ Fest (Deadwood, South Dakota, USA, October 25 - 26, 2018) We’re back for another year of amazing talks, great company and exciting hands-on hacking labs. It will be hard to top our amazing inaugural year, but we’ve taken your feedback and plan to make this event...

Symposium on Securing the IoT (Boston, Massachussetts, USA, October 29 - 31, 2018) Join us for the Symposium on Securing The Internet of Things, featuring keynote speakers from the leading industry companies who are solving the issues of IoT and secure connectivity. There will also be...

Times Talks: Arming for Cyberwarfare (Washington, DC, USA, October 30, 2018) David Sanger, a national security correspondent and author of “The Perfect Weapon: War, Sabotage and Fear in the Cyber Age,” will moderate a discussion in Washington, D.C., on cyberwarfare, one of the...

SecureWorld Denver (Denver, Colorado, USA, October 31 - November 1, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Cyber Security Dallas (Dallas, Texas, USA, October 31 - November 1, 2018) Cyber Security Dallas will bring top speakers and industry experts to the Dallas-Fort Worth (DFW) metroplex, which boasts one of the largest concentrations of corporate headquarters in the United States.

InfoWarCon 18 (Leesburg, Virginia, USA, November 1 - 3, 2018) InfoWarCon 18 brings together a highly elite group of political, military, academic, DIYer, and commercial cyber-leaders and thinkers from around the world. We examine the current, future, and potential...

RETR3AT Cybersecurity Conference (Montreat, North Carolina, USA, November 2, 2018) Each year, Montreat College’s Center for Cybersecurity Education and Leadership hosts RETR3AT, a conference designed to engage, educate, and raise awareness about cybersecurity in Western North Carolina...

4th Annual Cyber Southwest (CSW) Symposium (Tuscon, Arizona, USA, November 2, 2018) Be a part of the 4th Annual Cyber Southwest (CSW) Symposium set to take place at the University of Arizona, Eller College of Management - McClelland Hall in Tucson, AZ on Friday, November 2nd, 2018. CSW...

Hybrid Identity Protection Conference (New York, New York, USA, November 5 - 6, 2018) Learn what cutting-edge industry leaders are doing to improve identity protection in the modern organization and how they are boosting enterprise security. Network with the world’s leading identity experts...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.