The CyberWire Daily Briefing 06.10.16

Summary

By The CyberWire Staff

The Hamas-connected hacking group variously known as Gaza Cybergang, the Gaza Hackers Team or the Molerats is back after going to ground in January. Reports connect them to the DustSky cyber espionage campaign.

The Atlanticist Bilderberger Group is meeting in Germany this week, with cyber security figuring among its announced ten-point agenda. Anonymous doesn’t much care for Bilderberg, and has turned its anti-global finance OpIcarus DDoS campaign against the Bilderbergers’ website.

And since the old LinkedIn, MySpace, and Tumblr compromises have turned out to be bigger than thought, companies like Netflix are checking their customers’ credentials against lists of exposed email addresses and passwords to avoid cross-contamination.

The point-of-sale breach at the Wendy’s fast food chain also seems poised to emerge as bigger-than-thought.

uTorrent has suffered the compromise of 385,000 credentials.

Bitdefender announces it’s found a way of eavesdropping on TLS-encrypted communications between users and virtualized server instances. They’re calling the proof-of-concept “TeLeScope,” and say it exploits the hypervisor.

Phishing, ransomware, and DDoS continue their popularity among criminals and hacktivists. Enterprises are warned to be on their guard against business email compromise (particularly in the US, UK, and Australia). Crysis ransomware has eclipsed TeslaCrypt, and CryptXXX has switched its distribution mode from Angler to the Neutrino exploit kit. Locky and Dridex have fallen off dramatically as the Necurs botnet has apparently vanished.

In industry news, Zimperium gets $25 million in series C funding, and Tenable opens its search for a new CEO. US startups still find Federal acquisition too slow.

Notes.

Today's issue includes events affecting Australia, China, Finland, India, Israel, NATO, New Zealand, Palestinian Territories, Russia, Singapore, Ukraine, United Kingdom, United States

On the Podcast

Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day. Our legal expert Markus Rauschecker from the University of Maryland's Center for Health and Homeland Security will explain a recent ruling on phone location data. You may recall that late last month we hit the Jailbreak IoT security conference, where among other interesting presentations we heard Wesley Wineberg, a senior security researcher with Microsoft, make people's flesh creep with an account of how security cameras can be hacked. Today we follow up with Wes, and he takes us through some unexpected threats arising from IP security cameras. (If you enjoy the Podcast, please share your enjoyment with an iTunes review.)

Selected Reading

Cyber Trends

New Gemalto research reveals most organizations not confident in ability to Protect Data after Data Breach (Gemalto) Key Findings: One-third of organizations have experienced a data breach in past 12 months. 69% of IT professionals are not confident their data would be secure if perimeter defenses were breached. 66% of IT professionals say unauthorized users can access their networks and 16% believe unauthorized users have access to their entire networks

Fact Not Fiction: Ipswitch’s Independent Research Reveals How IT Teams Are Preparing Today For The Rise Of Intelligent Machines (BusinessWire) New global research shows rapid adoption of intelligent machines used for automating and optimizing business and IT processes. 92 percent of IT professionals surveyed recognize the technology is now central to the success of their business, but 68 percent acknowledge it raises new concerns about network security, access and controls

Do employers give enough security training? (Help Net Security) More than half of UK office workers say their employers have provided no cyber security awareness training, according to ISACA’s 2016 Cyber Security Perceptions study of more than 2,000 UK consumers online

Booz Allen Hamilton Builds Data Scientists From Scratch (Chief Learning Officer) Booz Allen Hamilton’s yearlong Tech Tank program turns junior employees into highly skilled analytics and computer science professionals

War Games: Tracing the History of Cyber Security (Knowledge@Wharton) The concept of “cyber war” goes back to the beginning of the internet, almost 50 years ago. A new book by Pulitzer-Prize-winning journalist Fred Kaplan traces the history of this topic in his new book Dark Territory: The Secret History of Cyber War

Feds not prosecuting enough cyberthieves, survey (SC Magazine) Two-thirds of adults surveyed last month believe the government is inadequate in its pursuit and prosecution of cyberthieves, according to an ESET blog

Takeaways From Mumbai Breach, Fraud Summit (InfoRiskToday) Need for collaboration & information sharing, key messages at ISMG event

Data Breach, Fraud Summit Asia: First Impressions (InfoRiskToday) Summit opens to packed audience in Mumbai

Data Breach & Fraud Prevention Summit: A Preview (InfoRiskToday) Security thought leaders focus on new approaches to tackle breaches

Incident Response Must Come of Age (InfoRiskToday) Act now, than be forced to post the inevitable attack, says NSE's Neelakantan

Legislation, Policy and Regulation

What to Know About the Bilderberg Group’s Secret Annual Meeting (Time) Little is known about the secretive group, but conspiracy theorists have plenty of ideas

$22.2 million for a national CERT: What does it mean for your school? (Educators) Government has allocated funding for a nation-wide Computer Emergency Response Team (CERT) to help New Zealand organisations – businesses, local and regional government, health care and education – understand and respond to cyber threats. With initial funding of $22.2 million, this initiative underscores the importance government places on keeping Kiwi networks safe for commerce, privacy and learning. But what are the immediate and practical implications for the education sector, specifically your school?

Some cyber startups skeptical on lawmakers' show of support (FedScoop) On Wednesday, the House Committee on Homeland Security passed the Support for Rapid Innovation Act and the Leveraging Emerging Technologies Act of 2016

Technology Acquisition Reform (Naval Research Advisory Committee) In February 2003, the Naval Research Advisory Committee was charged by Mr. John J. Young, Jr., Assistant Secretary of the Navy (Research, Development and Acquisition) to conduct a study on technology acquisition reform. The major difference between this study and others on acquisition reform is that this study focuses on ways to more smoothly inject new technology into acquisition programs

House panel approves $1.8 billion for DHS cyber spending (The Hill) The House Appropriations Subcommittee on Homeland Security on Thursday approved a spending bill providing $1.8 billion to the Department of Homeland Security (DHS) to guard against cyberattacks and protect critical infrastructure

Major cyber leadership changes for Army, Navy (C4ISR & Networks) Defense Secretary Ash Carter this week announced changes to leadership in top positions in the Army and Navy cyber divisions, appointments that come after the Navy's cyber commander was confirmed as the service's top intelligence and cyberwarfare officer

Career cryptologic tech tapped to be Navy's top enlisted (Navy Times) The Navy has tapped a career cryptologic sailor to lead the enlisted force as the service presses ahead with its information warfare capabilities

Products, Services, and Solutions

Infocyte HUNT Delivers First Agentless Threat Hunting Solution for Linux Platforms (Infocyte) Endpoint hunting identifies active and dormant malware missed by security monitoring, drastically reducing the breach detection gap and strengthening defense-in-depth strategies

Finland's F-Secure Lays Code 'Honeypots' To Catch Cybercriminals (Forbes) The IT security market is very crowded. Along with death and taxes, this is a truth we can pin down irrefutably. London has just played host to its annual InfoSec event and the Olympia conference centre was crammed with over a hundred firms all claiming to offer ‘a new approach to threat intelligence’ and so on. As repetitively deflating as some of these claims are, a few trends are emerging

BT readies itself for IoT with Fortinet (Enterprise Times) BT has announced a deepening of its relationship with Fortinet. The new agreement will see Fortinet’s Fortigate enterprise firewalls integrated into its global portfolio of managed service

CipherCloud unveils first GDPR-ready cloud security solution (Help Net Security) CipherCloud announced the availability of a cloud security solution designed to help companies comply with the European General Data Protection Requirement (GDPR)

Why CTOs have been thinking about intelligence all wrong (Recode) "Don’t build it, buy it," says one of the developers of IBM's Watson supercomputer

BioCatch Boosts Behavioral Biometrics Tech (PYMNTS) BioCatch, a global behavioral authentication and malware detection company, announced on Wednesday (June 8) that it will extend its collaboration with Microsoft Azure to increase its behavioral biometrics technology capabilities

SecureAuth Launches New Progressive Threat Service to Detect and Protect Against Cyber Crime (Marketwired) With over 90% of traffic from Tor deemed 'malicious,' SecureAuth can stop suspicious logins, even if attackers have valid credentials

Businesses can now share threat intelligence easily (ITProPortal) For years now, there has been talk about real-time sharing of threat intelligence among companies as a new approach to cyber-security, and Carbon Black has just launched one such solution

Meem backs up your phone every time you charge it (TechCrunch) Forgot to back up your phone again? Meem‘s new product might be just the solution to your woes. The company creates power cables for iOS and Android that back up your device every time you plug it in. After a successful Kickstarter campaign, Meem’s cables started shipping earlier this week

Technologies, Techniques, and Standards

Burning Down the House: Why is a Cyber Attack Different from a Fire Under the Law? (Huffington Post) You are sitting at your desk and the fire alarm goes off. At first, you are annoyed at the latest interruption, but then someone comes on the speaker and says that there is smoke in the building and that everyone must go to their location of safety

Marketplace

With 3 Billion Euros Up For Grabs, NATO Highlights Future Needs at NITEC Conference (SIGNAL) Industry said, “Show me the money,” and NATO obliged

SAIC wins big Cyber Command support contract (Defense Systems) SAIC was awarded a prime contract to provide cyber operations support services for the U.S. Cyber Command, the company announced. The contract, however, was not issued by Cyber Command or the Defense Department directly, but rather, by the General Services Administration

Israeli Zimperium secures a $25M Series C for enterprise mobile threat protection (Geektime) Just maybe, this startup looks like it could grow to become a public company. This is why we think so

Hewlett Packard Enterprise, GE Team Up for Industrial IoT (Zacks via Nasdaq) n a major event yesterday, the two IT services giants, Hewlett Packard Enterprise Company (HPE) and GE Digital, a unit of General Electric Company (GE), joined forces to develop products for Industrial Internet of Things (IoT)

Hewlett Packard Enterprise: Brean Sees a Chance for a Real Transformation (Barron's) I wrote yesterday that bull and bear on Hewlett Packard Enterprise (HPE) were relatively unchanged in their positions following the company’s annual analyst day meeting, held in Las Vegas in conjunction with the annual customer show, “Discover”

New Mozilla fund will pay for security audits of open-source code (IDG via CSO) The project will have a $500,000 fund to start with

Uber awards researcher $10,000 for reporting serious security hole (Graham Cluley) Flaw could have been leveraged to compromise Uber's internal network

Duo Security Opens Office in Austin, Texas; Plans to Hire 30 Employees in 2016 (PRNewswire) Hires Matt Smith as VP, Worldwide Channels & Business Development

Tenable Network Security CEO steps down (Baltimore Sun) Tenable Network Security co-founder Ron Gula has stepped down from his role as CEO and is leading a search for a successor to help the company grow globally

Tenable Network Security looking for new CEO (Washington Business Journal) Tenable Network Security Inc., a fast-growing Columbia cybersecurity company, is searching for a new CEO that will help it expand globally, the company said Thursday

CensorNet Names Information Security Veteran as First Vice President of Sales in North America (MarketWired) Russell Zientek, former VP, CyberSecurity Division for Arrow Electronics will help to further accelerate growth in enterprise sales and amplify channel partnerships

Research and Development

Researchers pack massive amounts of data into a stream of light (TechCrunch) If you’re hungry for a little holographic data storage and transfer this morning have I got a flapjack for you. Researchers at the University of the Witwatersrand, Johannesburg have packed 100 times more data into a light stream by using a pair of holographic Spatial Light Modulators to encode and decode transmissions

Security Patches, Mitigations, and Software Updates

Facebook’s testing a “Hide From Your Timeline” option (Naked Security) Some Facebook posts are embarrassing

Sophos U-turns on lack of .bat file blocking after El Reg intervenes (Register) Infosec bod reckons firm 'misunderstood' the issue

Cyber Attacks, Threats, and Vulnerabilities

Hamas Behind DustSky Cyber-Espionage Campaign (Softpedia) Gaza Cybergang makes a comeback after five months

Singapore PM Says 'Sophisticated' Cyber Attacks Prompt Internet Shutdown on Government Computers (Jakarta Globe) Singapore is to cut off internet access for government employees' work computers to protect government data after some "very sophisticated" cyber attacks, Prime Minister Lee Hsien Loong was quoted as saying on Thursday

Anonymous Boosts Up OpIcarus, Shuts Down Bilderberg Group Website (HackRead) Anonymous hacktivists conducted ddos attacks on the Bilderberg Group website when the group was having a meeting in Germany

uTorrent Forum Suffers Data Breach, 385,000 Credentials Database Stolen (HackRead) uTorrent forum suffers massive data breach through vendor controlling the forum

There’s the Beef: Wendy’s Breach Numbers About to Get Much Meatier (KrebsOnSecurity) When news broke last month that the credit card breach at fast food chain Wendy’s impacted fewer than 300 out of the company’s 5,800 locations, the response from many readers was, “Where’s the Breach?” Today, Wendy’s said the number of stores impacted by the breach is “significantly higher” and that the intrusion may not yet be contained

More Wendy’s restaurants hit with cyber attack (Nation's Restaurant News) Company says it disabled malware, but attacks now reach more than 300 locations

Netflix among firms checking stolen passwords to protect users (SFGate) Following database breaches at LinkedIn, Tumblr and MySpace, Netflix is warning customers that email addresses and passwords they used to log in to the streaming-video service had been exposed online

When tech CEOs get hacked, is anyone safe from data breaches? (San Francisco Business Times) When it comes to protecting online accounts, even the social media tycoons among us aren't immune to data breaches. And beyond the embarrassment factor, the breaches reveal an ever-vulnerable security landscape that can threaten individuals and business alike

Bitdefender finds eavesdropping vulnerability in public cloud (ZDNet) Bitdefender has developed a technique that enables a third party to tap into TLS-encrypted communication between an end-user and a virtualised instance of a server

Hypervisor wiretap feature can leak data from the cloud (Help Net Security) Bitdefender has discovered that encrypted communications can be decrypted in real-time using a technique that has virtually zero footprint and is invisible to anyone except extremely careful security auditors

BEC scams: What you need to know (Help Net Security) Ransomware attacks hitting businesses and institutions might be the latest trend, but they are just one of the threats these organizations have to protect themselves against

Dramatic Increase in Phishing Proves Its Effectiveness (IT Business Edge) On any given day, between 50 and 100 email messages land in my spam filter, and maybe one ended up there by accident. A few are legitimate emails, trying to sell me something based on past purchases, but most of them are phishing

More companies being hit by repeated DDoS attacks: Akamai (CSO) Latest DDoS metrics show Web application attacks surging, gamers dominating

POST traumatic stress: why a massive DDoS attack means trouble for hybrid protection (TechFruit) As human beings most of us have come to expect terrible things to occasionally happen. And so we prepare for them. Even if those terrible things can’t be prevented, they can be protected against, the damage minimized as much as possible

CryptXXX Ransomware Jumps From Angler to Neutrino Exploit Kit (Threatpost) Crooks behind the revamped CryptXXX 3.100 ransomware have switched its distribution from the Angler Exploit Kit to the Neutrino Exploit Kit. The sudden change in distribution was spotted on Monday by researchers at the SANS Internet Storm Center

Crysis ransomware fills vacuum left by TeslaCrypt (Help Net Security) TeslaCrypt has reached the end of the road, and other ransomware is ready to fill the vacuum left behind it. A relative newcomer to the market, Crysis ransomware is already laying claim to parts of TeslaCrypt’s territory

One of the World's Largest Botnets Has Vanished (Motherboard) With no warning, one of the world's largest criminal botnets—a massive collection of computers used to launch attacks—has disappeared. Researchers have reported huge drops in traffic for two of the most popular pieces of malware which rely on it

Locky Volumes Plummet, One of the Worlds Largest Botnets Possibly Taken Down (Cloudmark Security Blog) Motherboard reports that researcher Kevin Beaumont and several security firms have seen the distribution of Dridex and Locky malware stop as of June 1st. These pieces of malware, and several others such as Neverquest2, are spread via Necurs — what is possibly the world’s largest botnet, as stated by Beaumont

US-CERT Warns Of Resurgence In Macro Attacks (Dark Reading) Organizations and individuals urged to be proactive in protecting against threat from the 90s

Hitting emails and Facebook: Ray-Ban scam is back (We Live Security) A while ago, we informed you about a Ray-Ban scam campaign flooding Facebook via hacked profiles. Using fake ads that offered massive discounts, attackers tried to lure users into “buying” branded sunglasses, thus giving up their payment card details via an unsecured channel

Apple users in UK and China targeted in phishing attacks (International Business Times) Apple users have become prime targets of several phishing campaigns in 2016. Security researchers have discovered that since the start of the year, assorted phishing attacks have emerged targeting iCloud users in the UK and China

Communications of the Bolek Trojan (Arbor Networks) A few weeks ago CERT Polska released a short blog post introducing a new malware family now known as Bolek. PhishMe and Dr.Web have since added some additional insight into the family. Browsing through a memory dump of the malware, a Webinjects section sticks out. Webinjects usually imply banking malware, so it seems Bolek picks up where its predecessor, Carberp, leaves off. This post takes a closer look at its command and control (C2) mechanism and what it takes to elicit a configuration file from its C2 servers

Study: APAC Banking Apps Are Not Secure (InfoRiskToday) AppKnox identifies shortcomings in applications

Black Hat SEO: A detailed analysis of illegal SEO tactics (Imperva) Researchers at the Imperva Defense Center have discovered a series of long-running, multi-vector search engine optimization (SEO) campaigns that exploit vulnerabilities in thousands of legitimate websites to illegally increase the SEO results for malicious websites

Bugging phones the Rube Goldberg way (Naked Security) Researchers at the University of Illinois at Urbana-Champaign have demonstrated that they can discern 80% of a mobile phone conversation by turning the phone’s vibration motor into a microphone

More corporate shared folders in cloud filled with malware, research finds (Ars Technica) In related studies: Ice is cold; fire still hot

When you isolate your industrial control systems don't forget about DNS (Network World) Many control-system owners don't block DNS traffic on network segments they believe are isolated, researcher finds

A hacker told us how someone could take down the power grid without using a cyberattack (Tech Insider) The chief of US Cyber Command has said it's a matter of "when, not if" the US power grid is hit by cyber attackers. And a recent high-profile attack that shut down power in Ukraine showed it's certainly possible

Nationwide blackout in Kenya caused by marauding monkey (Ars Technica) Monkey dropped onto a transformer, knocking 180MW hydro plant offline for four hours

Water Sector Prepares For Cyberattacks (Circle of Blue) Security threats evolve as water systems connect to the internet

Academia

Former Nittany Lion Butler makes leap from NFL to cyber forensics (Penn State News) As a wide receiver for the Penn State football team from 2004 to 2009 and later for the Seattle Seahawks, Deon Butler is fully aware of the importance of teamwork to the success of any organization. As a recent graduate of the College of Information Science and Technology's (IST) online graduate program, Butler has carried the lessons he learned on the field into his role as a cybersecurity analyst

Litigation, Investigation, and Enforcement

OPM Data Breach: A New Twist On The Discovery Of The Malware (Dark Reading) Congressional members lay out details of the chain of events that led to the revelation of the Office of Personnel Management's big data breach

No clear answer in probe of Bangladesh cyber heist: FBI (Reuters) The Federal Bureau of Investigation is working quickly to figure out who perpetrated the cyber heist of $81 million from Bangladesh Bank's account at the Federal Reserve Bank of New York in February, but there are no definitive answers yet, an FBI official said Thursday

Emails in Clinton Probe Dealt With Planned Drone Strikes (Wall Street Journal) Some vaguely worded messages from U.S. diplomats in Pakistan and Washington used a less-secure communications system

Navy officer accused of spying to face October court-martial (Navy Times) The naval aviator accused of spying for a foreign government is set to face a general court-martial in October, in a high-profile case that has caught national attention

U.S. Levels Terrorism Charges Against Islamic State Defector (Radio Free Europe/Radio Liberty) U.S. authorities on June 9 leveled terrorism charges against a man who joined the Islamic State extremist group for two months before surrendering to Kurdish authorities in Iraq in March

ISIS Might Not Be So Broke After All (Vocativ) They’re being crushed on the battlefield, and losing men and morale. But Islamic State militants are a long ways still from going belly up

Design and Innovation

What autonomous driving is — and isn’t — in 2016 (TechCrunch) When Honda announced that its latest Civic sedan would have a full suite of state-of-the-art driver assist features for $20,000, The Wall Street Journal called it a self-driving vehicle. While the Civic can do a lot, it cannot drive itself. Yet. So what are we even talking about when we talk about autonomous or self-driving vehicles?

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

LegalSEC Summit 2016 (Baltimore, Maryland, USA, June 9 - 10, 2016) Whatever your role in security, there’s something here for you! Hear from experts who will share their experiences related to information security, and develop takeaways to use in your organization. The target audience for ILTA’s LegalSEC Summit is legal technology professionals at every level and general counsel who touch legal security in their law firm or law department and want to learn more and connect with peers.

SANSFIRE 2016 (Washington, DC, USA , June 11 - 18, 2016) For more than 10 years, the Internet Storm Center has been providing free analysis and warning to our community. SANSFIRE 2016 is our annual "ISC Powered" event. Evening talks tap into the expertise behind our daily postings, podcasts, and data collection efforts focusing on current trends and actual relevant threats. The strength of the Internet Storm Center is its group of handlers, who are cyber security practitioners tasked with securing real networks just like you. This is your chance to meet some of them in person.

4th International Conference on Cybercrime and Computer Forensics (ICCCF) (Vancouver, British Columbia, Canada, June 12 - 14, 2016) For the past four years, APATAS has organized the International Cybercrime and Computer Forensics conference at various locations throughout Asia. In 2016, our 4th annual ICCCF is moving for the first time to Simon Fraser University’s Harbour Centre campus and Centre for Dialogue at downtown Vancouver, Canada. North America has been a pioneer in cybercrime research, policy and practice since the mid-1980s. As expected, we have witnessed increasing technological developments in both personal computing and in smart-phone and wireless devices that have had an impact on how technology-enabled crimes have been committed in the Asia Pacific region and beyond. One of the key approaches to understanding such crime is through research and incorporating the outcome of research into policy and practice. The 4th Annual ICCCF 2016 Vancouver, BC, Canada therefore focuses its discussion on ‘Cybercrime: Linking Research, Policy, and Practice.’

Show Me Con (St. Charles, Missouri, USA, June 13 - 14, 2016) SHOWMECON. The name says it all. Known as the Show Me State, Missouri is home to St. Louis-based ethical hacking firm, Parameter Security, and security training company, Hacker University. Together, they are bringing you a one-of-a-kind event that will Show You the State of security from a unique perspective — the hacker?s viewpoint

CISO DC (Washington, DC, USA, June 14, 2016) Tactics and best practices for taking on enterprise IT security threats. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more.

Cyber Security Opportunities in Turkey Webinar (Online, June 14, 2016) As in other countries, Turkey is a target of high profile attacks in the public and private sectors. Instability from neighboring countries increases their risk. Since 2014 Turkey is working on a cyber security plan which includes not only government but private sector and NGOs as well. Per Cisco's 2014 Security Report, attacks occur in ICS-SCADA, web servers and malwares-6% respectively, applications-31%, infrastructure-18%, and end-users-9%.Topics include: industry drivers, trends, and key players. Open Q&A session at the conclusion of presentations. Confirmed speakers: Alper Cem Yilmaz, Founder, and Jade Y. Simsek, Mrktg Specialist, CrypTech. Learn about the Cyber Security Market in Turkey with the objective of finding sales opportunities. Turkey's Transportation, Maritime Affairs and Communications Ministry formed SOME (Cyber Incident Response Teams)for protection of cyber attacks.

The Security Culture Conference 2016 (Oslo, Norway, June 14 - 15, 2016) The Security Culture Conference 2016 is the leading, global conference discussing how to build, measure and maintain security culture in organizations. The conference is a part of the Security Culture Framework Community, and draws professionals from around the world to meet, share and learn about security culture.

TECHEXPO Top Secret Hiring Event (Baltimore, Maryland, USA, June 15, 2016) Security-cleared professionals are invited to interview for new career opportunities on Wednesday, June 15 at the BWI Marriott in Baltimore, MD. Hot job opportunities are available in Cyber Security, Intelligence, Defense and IT. Hiring managers will be onsite to fill open positions from companies including BAE Systems, CACI, Deloitte, CGI, Prosync, OnyxPoint, ShoreIT Solutions, Varen Technologies and many more.

2016 CyberWeek (Tel Aviv, Israel, June 19 - 23, 2016) The conference, held jointly by the Blavatnik Interdisciplinary Cyber Research Center (ICRC), the Yuval Ne'eman Workshop for Science, Technology and Security, the Israeli National Cyber Bureau, Prime Minister's Office and Tel Aviv University, in collaboration with the Ministry of Foreign Affairs, will bring together high level international cyber experts, policy-makers, academia and researchers, security officials and foreign diplomats, attracting many participants from around the world for an exchange of knowledge, methods and ideas evolving field of cyber.

National Insider Threat Special Interest Group - South FL Chapter Kickoff Meeting (Palm Beach, Florida, USA, June 21, 2016) The National Insider Threat Special Interest Group (NITSIG) is excited to announce the establishment of a South Florida Chapter. Presentations and discussions will be provided by Insider Threat Defense, Inc. and the FBI. The meeting will focus on: how to recognize potential insider threat problems, employee behavioral indicators of concern, and strategies for insider threat risk mitigation.

Cyber Security for Critical Assets LATAM (Rio de Janeiro, Brazil, June 21 - 22, 2016) Cyber-attacks on critical infrastructure have become an increasing threat for Latin American governments and companies within the oil and gas, chemical and energy sectors. Although the attack frequency is increasing, companies are still reluctant to develop strategies to fight them. As cyber-attacks grow in sophistication, frequency and intensity, these companies are increasingly becoming high profile targets. The Cyber Security for Critical Assets LATAM Summit aims to bring together the key players involved in Cyber Security and defending critical infrastructure against the ever growing threat of attacks. The conference will connect process control and corporate IT senior level professionals, allowing them to discuss challenges, share experiences and investigate best practice guidelines. This in turn will lead to the building of robust policies and standards that will protect the future of LATAM’s critical assets.

Cyber 7.0 (Laurel, Maryland, USA, June 22, 2016) Cyber 7.0 delves into the cyber threat to the nation’s critical infrastructure—transportation, health care, utilities, and energy, to name a few. How can government and industry work together to battle the threats to personal and public safety? For the seventh year, regional cyber experts, small entrepreneurs, large businesses, and government organizations come together to discuss, connect, and strategize. Be a part of the solution. Sponsor, exhibit, attend.

Security of Things World (Berlin, Germany, June 27 - 28, 2016) Security. Privacy. Connected Devices. Exploring Security and the Internet of Things. A world class event focused on the next information security revolution. Be part of Security of Things World in June in Berlin to tailor your proposition to respond to the security concerns that preoccupy enterprise customers today and find pragmatic solutions to the most common security threats.

SANS Salt Lake City 2016 (Salt Lake City, Utah, USA , June 27 - July 2, 2016) We are pleased to invite you to SANS Salt Lake City 2016, June 27-July 2. Are you ready to immerse yourself in the most intense cyber training experience available anywhere? Do you need to become a more effective leader when implementing security improvements for your organization? Do you need a more in-depth knowledge of the theory and implementation of computer security, hacker tools and incident handling, advanced digital forensics, defending web apps, or ISC/SCADA? This new event has been planned to meet your needs. Start making your plans now to attend SANS Salt Lake City 2016!

DC / Metro Cyber Security Summit (Washington, DC, USA, June 30, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. This educational and informational forum will focus on educating attendees on how to best protect highly vulnerable business applications and critical infrastructure. Attendees will have the opportunity to meet the nation’s leading solution providers and discover the latest products and services for enterprise cyber defense.

TECHEXPO Cyber Security Hiring Event (Tysons Corner, Virgina, USA, June 30, 2016) Cyber security professionals are invited to interview face-to-face with employers including The CIA, Deloitte, Intel Security, Northrop Grumman, Lockheed Martin, Deloitte, Vencore and many more. Hundreds of career opportunities are available in cyber security that need to be filled immediately. Bring copies of your resume with you and interview in person, representing yourself better than any online application ever could.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.