The CyberWire Daily Briefing 06.15.16

Summary

By The CyberWire Staff

Investigation into the Orlando shooting (which ISIS boasts of having inspired) continues. US authorities are looking into the possible involvement (and the online lives) of the shooter’s father and wife. German authorities are investigating the father’s banking transactions.

US Cyber Command leaders assess ISIS hacking capabilities as rudimentary, but the terrorist group concentrates on information operations. As its territory shrinks, ISIS turns to releasing increasingly indiscriminate by-name kill lists in the hope of inspiring carnage in Dar al Harb—which is to say, essentially everywhere outside of a few regions in Syria and Iraq.

Yesterday the Democratic National Committee and Crowdstrike disclosed that the US political party had been hacked by Russian intelligence services. Crowdstrike identifies the threat actors as “Cozy Bear” (a.k.a. APT 29, probably the FSB, which had been in the DNC’s networks for about a year) and “Fancy Bear” (a.k.a. APT 28, a GRU crew that arrived noisily in April, and blew the gaffe). Emails, chat, and opposition research are reported to have been compromised.

Palo Alto Networks points out that APT 28 (a.k.a. again “Sofacy”) is involved in an ongoing spearphishing campaign against US officials.

More cyber economic espionage by the Chinese government comes to light even as the US and China conduct bilateral talks aimed at achieving a modus vivendi in cyberspace.

Microsoft patched yesterday, as did Verizon and D-Link. Adobe has not yet patched, but promises to do so later this week: it hopes to address a Flash zero-day being exploited in the wild.

Notes.

Today's issue includes events affecting Afghanistan, Bahamas, China, European Union, France, Germany, India, Iran, Iraq, Japan, Republic of Korea, Kuwait, Myanmar, NATO, Nepal, Romania, Russia, Singapore, South Africa, Syria, Turkey, United Kingdom, United Nations, United States and Zimbabwe

On the Podcast

Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day. Today, Charles Clancy from the Hume Center at Virginia Tech explains the importance of information sharing (honored more often in the breach than the observance). And we'll catch up on social media security among National Football League players as we hear from K2's Vincent D’Agostino about what they're doing for the NFLPA.

We didn't get yesterday's planned guest, Zscaler's Deepen Desai, but we hope to catch up with him soon to talk about malicious Microsoft macros. We heard instead from STEALTHbits Technologies' Adam Laub, who offered some perspective on the breaking story of the Russian intelligence services' hack of the Democratic National Committee. Give it a listen if you missed it. (As always, if you feel so inclined, please give us an iTunes review.)

Sponsored Events

Cyber Security Summit (Washington, DC, USA, June 30, 2016)

Selected Reading

Cyber Trends

Survey Identifies Internet of Things (IoT) Security Challenges for the Connected Enterprise (Marketwired) Majority of respondents lack confidence in their ability to see and control IoT devices

The IoT blame game (Help Net Security) IoT blame gameThe first Friday the thirteenth of any year is officially “Blame Someone Else Day.” What a delightful thought – that all the failures, inconsistencies, and ill-advised schemes hatched in the previous 12 months could be legitimately handed off to that universal sink of all blame: “someone else”

Companies suffer an average of 15 DDoS attacks per year (Help Net Security) The average company suffers 15 DDoS attacks per year, with average attacks causing 17 hours of effective downtime, including slowdowns, denied customer access or crashes, according to A10 Networks

FireEye Releases First Mandiant M-Trends EMEA Report (Information Security Buzz) EMEA organizations not up to the challenge of stopping advanced threats; dwell time three times longer than global average

Legislation, Policy and Regulation

China, US hold talks to bridge cybersecurity differences (AP via In Homeland Security) Chinese and American officials said Tuesday they’re committed to bridging their differences on cybersecurity and moving to implement recent agreements, as they held talks amid complaints over China-based hacking operations that the U.S. says may have already cost U.S. companies tens of billions of dollars

U.S. sees progress in latest cyber talks with China (Reuters via Yahoo! Finance) The United States is pleased to see progress has been made with China on information sharing about cyber threats, a senior U.S. official said on Tuesday during the latest round of cyber security talks between the two countries

DOJ officials pull out of China cyber talks for Orlando investigation (The Hill) Both Attorney General Loretta Lynch and Homeland Security Secretary Jeh Johnson are pulling out of ministerial-level cybersecurity talks with China scheduled in Beijing this week in response to the mass shooting in Orlando, Fla., on Sunday

Stronger EU action to better tackle violent radicalisation leading to terrorism (Europa) Delivering on its European Agenda on Security, the European Commission is today presenting further steps to support Member States in preventing and countering violent radicalisation leading to terrorism

Cyberspace: A new front-line fight for NATO (Stars and Stripes) NATO formally designated the cyber domain as a new front line, adding virtual attacks as an area that could demand a collective military response much like a conventional assault from land, air or sea, the alliance’s top official said Tuesday

Senators push committee leaders to elevate military cyber force (The Hill) Two senators are pushing leaders from both the Senate and House Armed Services committees to include a provision in the final version of the national defense policy bill elevating the military’s cyber unit to a full-fledged combatant command

Senate Approves Defense Policy Bill, Baiting Veto (Defense News) The Senate on Tuesday easily approved an annual defense policy bill that authorizes roughly $602 billion in base defense and war spending — baiting a presidential veto

Meaningful Surveillance Reform Risks Defeat (Threatpost) Civil liberties groups are anxiously waiting to see if an anti-surveillance amendment will be added to a Department of Defense spending bill Tuesday. The so-called Massie-Lofgren amendment would rein in U.S. domestic mass surveillance by the NSA and protect U.S. encryption standards

Lawmakers Reject Proposal That Would’ve Schooled Them on Tech (Wired) Even as complicated technology shapes the national debate about privacy and surveillance, politicians on Capitol Hill recently voted to reject a proposal that would have provided the science and tech education they so desperately need

An American Strategy for Cyberspace: Advancing Freedom, Security, and Prosperity (American Enterprise Institute) The Internet is an American success story, generating tremendous benefits at home and globally, and helping to advance American values of freedom, security, and prosperity. It has also created challenges, among them its use by authoritarian states to repress political freedoms, by criminals to steal property and commit extortion, and by America’s adversaries and potential adversaries to use malicious code and cyber-warfare to threaten our economic and national security

Navy’s Cyber Sea Change: ‘American Ninja Warrior’ (Breaking Defense) There’s been a sea change in the Navy. Training and organizations are changing as admirals raised on missiles and torpedoes come to terms with cyber warfare — both as a potential weak point and as a weapon

Products, Services, and Solutions

KoolSpan Partners with Sirin Labs to Integrate Trustcall Secure Mobile Communications Solution into Solarin “Super” Smartphone (KoolSpan) Advanced SOLARIN smartphone delivers KoolSpan’s easy-to-use encryption technology to provide the strongest possible privacy protection to global customers

New Version of Captor™ by Inkscreen Offers Mobile Data Capture, Governance and Control for Sensitive Enterprise Data; will be Demonstrated at Gartner Security Summit (InkScreen) Enterprise mobility solution turns BYOD and company-provisioned mobile devices into a fully-secured business camera and document scanner that is easy to manage

FICO to Offer ‘Enterprise Security Scores’ (Wall Street Journal) The consumer-credit score firm on Tuesday said it acquired cybersecurity startup QuadMetrics to develop a standard industry-wide metric for corporate cybersecurity risk

Tactical exploitation with Warberry Pi (Help Net Security) WarBerry Pi was built for red team engagements where it’s essential to obtain as much information as possible in a short period of time, while going undetected. All you need to do is find a network port and plug it in

Brocade Teams with Harris on Cybersecurity (eWeek) Brocade is teaming with Harris Corp. in a strategic partnership that will lead to cyber-security products designed to enable organizations to protect key assets

Keeper Delivers New Capabilities in Password Management for Businesses (Marketwired) As market demand accelerates, password management leader delivers greater security, productivity and flexibility

Tenable and ServiceNow partner up for security services (CloudPro) Tenable's security services will be used to identify, prioritise and remediate vulnerabilities

Balabit Wins Identity Management Category in 2016 SC Awards (Marketwired) Balabit, a leading provider of contextual security technologies, is pleased to announce that Shell Control Box (SCB) 4 F2 was the winning solution in the EXCELLENCE AWARDS: THREAT SOLUTIONS IDENTITY MANAGEMENT category at the 2016 SC Magazine Awards Europe. The announcement was made on Tuesday, 7th June at the awards presentation held at the stunning new venue Old Billingsgate, London

Menlo Security: Isolation Technology Gives Malware The Cold Shoulder (Channel Partners) Menlo Security will announce Tuesday a deal to sell its cloud-based isolation platform through value-added distributor Cloud Harmonics

PhishLabs Launches New T2 Threat Intelligence Service Delivering Near Real-Time Intelligence on Active Spear Phishing Campaigns and Advanced Persistent Threats (APTs) (BusinessWire) Comprised of intelligence gathered from expert investigations into active spear phishing campaigns, T2 Threat Intelligence alerts defenders to threat indicators far in advance of other intelligence sources

Threat Intelligence Currency in the API Economy (IBM Security Intelligence) The cloud market today is full of references to the API economy. This is certainly with merit since the capabilities of an application programming interface (API) open the doors to a world of new applications, services and products

Lockheed Martin Partners With Interset For Threat Detection Solutions (Defense World) Lockheed Martin has entered into a commercial cyber partnership with Interset’s insider threat detection solution during the 2016 Gartner Risk and Security Summit conference in National Harbor, Md

How to Encrypt a USB Flash Drive (eSecurity Planet) Microsoft BitLocker offers a free and easy way to encrypt a USB flash drive

Technologies, Techniques, and Standards

Pentagon bounty program swats 100 security bugs (The Hill) Hackers called upon to help the Pentagon have found 100 vulnerabilities in Department of Defense systems

DOD IT is killing CACs (FCW) The military is ditching the computer Common Access Card reader

5 Ways to Outsmart Ransomware Phishers (Credit Union Times) The list of ransomware victims has grown to include financial institutions, hospitals, government departments, school districts, businesses and even law enforcement agencies

Marketplace

Online fraud detection spend to hit $9.2 billion by 2020 (Help Net Security) eCommerce merchants and financial institutions will be investing heavily in online fraud detection solutions over the next five years, with annual spending reaching $9.2 billion by 2020, up by 30% on current levels, according to Juniper Research

FireEye Inc (FEYE) Is More Important Than You Think (Investor Place) FEYE is part of a rapidly expanding market, which gives it long-term oomph

Area 1 Security Launches from Stealth to Preempt Targeted Phishing Attacks (PRNewswire) Company unveils industry's first preemptive cybersecurity solution at Gartner Security & Risk Management Summit

A team of elite ex-NSA hackers is giving everyone the ability to hunt down the most advanced cyber threats (Tech Insider) A company founded by three ex-National Security Agency analysts says it can predict where hackers may strike next - up to a year before it even happens

Why Microsoft Buying LinkedIn For $26B Is A Smart Move (Fast Company) LinkedIn could help Microsoft stave off Google and Amazon in the battle to rule the enterprise market

Microsoft, Other Tech Giants Race to Develop Machine Intelligence (Wall Street Journal) LinkedIn purchase is latest move to acquire vast stores of data

Research and Development

Deep Learning Isn’t a Dangerous Magic Genie. It’s Just Math (Wired) Deep learning is rapidly ‘eating’ artificial intelligence. But let’s not mistake this ascendant form of artificial intelligence for anything more than it really is

Quantum Computation: A cryptography armageddon? (We Live Security) Cryptography is a cornerstone of information security. It is used to encode and decode data in order to fulfill the requirement for confidentiality, integrity, authenticity as well as non-repudiation. Together, these are frequently referred to as cryptography services

Security Patches, Mitigations, and Software Updates

Microsoft Patches Dozens of Security Holes (KrebsOnSecurity) Microsoft today released updates to address more than three dozen security holes in Windows and related software. Meanwhile, Adobe — which normally releases fixes for its ubiquitous Flash Player alongside Microsoft’s monthly Patch Tuesday cycle — said it’s putting off today’s expected Flash patch until the end of this week so it can address an unpatched Flash vulnerability that already is being exploited in active attacks

Adobe states that the Flash Player zero-day vulnerability (CVE-2016-4171) has been exploited in targeted attacks. It will be fixed later this week. (Security Affairs) Once again Adobe Flash Player is the target of hackers in the wild. Adobe has released security updates for several of its products announcing that the fix for a critical Flash Player zero-day vulnerability (CVE-2016-4171) exploited in targeted attacks will only be issued later this week

Safari 10 to turn off Flash by default (IDG via CSO) Safari will no longer tells websites that common legacy plug-ins like Flash and Silverlight are installed on Macs

Adobe Flash zero day overshadows June 2016 Microsoft Patch Tuesday (Tech Target) Microsoft's June 2016 Patch Tuesday release is not the most important of the day according to experts, instead another Adobe Flash zero day vulnerability gets the spotlight

Microsoft released 16 security bulletins for June, 5 rated critical (Network World) For the first Patch Tuesday of summer 2016, Microsoft released 16 security bulletins, five are rated critical for remote code execution flaws

Verizon Patches Serious Email Flaw That Left Millions Exposed (Threatpost) Verizon fixed a critical flaw in its Verizon.net messaging system that permitted attackers to hack the email settings of other customers and forward email to any email account

D-Link Patches Weak Crypto in mydlink Devices (Threatpost) Browser makers and other tech companies have gone to great pains to beef up weak crypto libraries, in particular those that are exposed to fallback attacks such as POODLE

Cyber Attacks, Threats, and Vulnerabilities

D.N.C. Says Russian Hackers Penetrated Its Files, Including Dossier on Donald Trump (New York Times) Russian hackers penetrated the computer systems of the Democratic National Committee in an espionage operation that enabled them to read emails, chats and the committee’s trove of opposition research against Donald J. Trump, the party confirmed on Tuesday

Russian government hackers penetrated DNC, stole opposition research on Trump (Washington Post) Russian government hackers penetrated the computer network of the Democratic National Committee and gained access to the entire database of opposition research on GOP presidential candidate Donald Trump, according to committee officials and security experts who responded to the breach

Bears in the Midst: Intrusion into the Democratic National Committee (Crowdstrike) There is rarely a dull day at CrowdStrike where we are not detecting or responding to a breach at a company somewhere around the globe

Trump Data Theft Stirs Concerns Of Cyberattacks On Presidential Campaigns (Dark Reading) Two Russian cybergroups stole a DNC database containing opposition research on Trump in two unrelated campaigns over past year, Crowdstrike says

Hack Brief: Russia’s Breach of the DNC Is About More Than Trump’s Dirt (Wired) Four decades ago, breaking into the files of the Democratic National Committee meant burglarizing the headquarters at the Watergate hotel. Today’s spies and saboteurs can breach the DNC’s computer network far more quietly

What the Joint Chiefs’ Email Hack Tells Us About the DNC Breach (Defense One) The two attacks share a perpetrator and even some techniques. Here’s how to stop them

New spear-phishing campaign targeting US officials (Federal Times) Malware researchers at Palo Alto Network’s Unit 42 are tracking a “well-known threat group” targeting U.S. government officials with well-worn hacking tactics used in a fresh way

ISIS Praises Mateen as 'Lion of Caliphate,' Urges Attacks at Theaters, Hospitals, Amusement Parks (PJMedia) An ISIS-affiliated media group issued new statements today praising Orlando nightclub shooter Omar Mateen as a "lion of the caliphate" and a "hero" for slaughtering 49 "infidels" -- and calling on other lone jihadis to follow his example

Did Islamic State claim credit for latest attacks too soon? (AP via Yahoo! News) It took just a few hours for the Islamic State group's opportunistic propaganda machine to capitalize on the latest bloodshed in Florida and in France, with messages claiming the two attackers as its own. It may take the group longer to sort through the implications of a killer whose backstory of conflicted sexuality and heavy drinking is at odds with a carefully crafted public image of its fighters

When ISIS Hackers Call You Out By Name (Motherboard) Americans are well aware that terrorists wish harm on their country. We’ve lived through 9/11, San Bernardino, and this week’s horrid atrocity in Orlando—ugly reminders that our nationality, genders, and sexualities all make us targets

U.S. Military Focused on Data Breaches, Cadet Info (Wall Street Journal) Some kinds of foreign cyber attacks are more worrisome than others

ISIS Cyber Threat Limited Says Deputy Commander of U.S. Cyber Command (Wall Street Journal) ISIS has “lots of aspirations” to be a major threat to U.S. networks, Lt. Gen. James K. “Kevin” McLaughlin told Wall Street Journal Deputy Editor in Chief Rebecca Blumenstein at WSJ’s CFO Network Tuesday. Major state actors pose a significantly greater threat than ISIS, though it could threaten soldiers by posting information about them online, Lt. Gen. McLaughlin said

This hacker is fighting ISIS by spamming its Twitter accounts with porn (Washington Post) It started years ago, when at age 16 he bought his first computer, took it home and disassembled it. When he put the machine back together and it refused to run, a local big-box store tech guru taught the teen who would eventually take the alias "Wauchula Ghost" how to hack

Revealed: Yet Another Group Hacking For China’s Bottom Line (Wired) In the world of cyberespionage, the Chinese are king. More nation-state attacks are attributed to it than any other country. Though the assumption has been that the motive behind most of this spying was to gain a competitive advantage for Chinese companies, there had not been much proof. Until now. A new espionage campaign attributed to China shows an almost one-to-one correlation between the breaches and China’s economic interests

Anonymous Attacks Anti-White Movements in South Africa and Zimbabwe (Softpedia) The same hacker that carried out DDoS attacks on the South African Broadcasting Corporation (SABC) last weekend for news censorship practices came back today with new attacks on the EFF and ZANU-PF, two black nationalist political parties in South Africa and Zimbabwe

East Euro crims pwning 'high profile' victims with Flash zero day (Register) Unpatched flaw exploited since March

Security Advisory for Adobe Flash Player (Adobe Security Advisory) Vulnerability identifier: APSA16-03. CVE number: CVE-2016-4171. Platforms: Windows, Macintosh, Linux and Chrome OS. Summary: A critical vulnerability (CVE-2016-4171) exists in Adobe Flash Player 21.0.0.242 and earlier versions for Windows, Macintosh, Linux, and Chrome OS. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system

Hackers Found Their Way Inside Telegram App (HackRead) Telegram users are vulnerable to attacks due to programming error allowing anyone to send invisible and over-sized messages on their devices

Windows 'BadTunnel' Attack Hijacks Network Traffic (Dark Reading) Newly discovered -- and now patched -- Windows design flaw affects all versions of Windows

Another “historic” hack and leak: 51 million iMesh accounts for sale (Help Net Security) Email addresses and login credentials of some 51 million users of the recently defunct iMesh file sharing service are being sold online for 1 bitcoin

Hacker steals 45 million accounts from hundreds of car, tech, sports forums (ZDNet) The company that runs the forums admitted failings, but underplayed the hack

JTB fears data of 7.93 million leaked in cyber-attack (Asahi Shimbun) Police are investigating a possible cyber-attack on the computer system of leading travel agency JTB Corp., fearing that personal data of up to 7.93 million customers could have been stolen

Confidential driver data subject to 'cyber attack or physical breach' reveals RMI investigation (Automotive Management) Driver data, including phone numbers and addresses, appears to have been accessed by third parties not involved in the repair of the vehicle

Cost of a data breach: $4 million. Benefits of responding quickly: Priceless. (IDG via CSO) That's $158 per compromised record, in case you're keeping track

Thousands of Hacked Government and Corporate Servers Selling for $6 on Black Market (Wired) Underground hacker markets provide one-stop shopping for anything a miscreant might want, from stolen credit cards and pilfered passwords to spamming services and botnets. But a boutique forum recently uncovered by Kaspersky Lab focuses on just one thing: access to hacked government, corporate, and university servers, often for less than you’d pay for lunch

Wendy’s security breach exposes weaknesses in POS systems (Nation's Restaurant News) In January, The Wendy’s Co. said it was investigating possible credit card fraud at some of its restaurants

Spam’s not just annoying, it can be dangerous: ESET (IT Wire) Although many would already be well aware that today’s spam can be far more dangerous that just a dodgy viagra pill, and could infect your computer, ESET has issued a new warning

There's No Backup System if GPS Fails (Nextgov) In only took 13 millionths of a second to cause a whole lot of problems

Database corruption erases 100,000 Air Force investigation records (Ars Technica) Inspector General's case tracking system data back to 2004 lost

Recoverable? 100,000 Air Force Inspector General reports in limbo after systemwide crash (Air Force Times) The Air Force says it will take about two weeks to determine whether 100,000 Inspector General investigation reports, corrupted in a June 6 system crash, are recoverable

Academia

Cisco launches $10 million cybersecurity scholarship, new certifications (Help Net Security) Cybersecurity provides the critical foundation organizations require to protect themselves, enable trust, move faster, add greater value and grow. However, research indicates there will be a global shortage of two million cybersecurity professionals by 2019

Litigation, Investigation, and Enforcement

Orlando gunman said he carried out attack to get ‘Americans to stop bombing his country,’ witness says (Washington Post) The gunman who opened fire inside a nightclub here said he carried out the attack because he wanted “Americans to stop bombing his country,” according to a witness who survived the rampage

Investigators say Orlando shooter sought out Islamic State propaganda, may have staked out Disney sites (Los Angeles Times) Omar Mateen increasingly sought out Islamic State videos and other radical Islamist propaganda in the months leading up to his shooting rampage at an Orlando, Fla., gay nightclub Sunday, investigators have found

FBI investigates whether wife of Orlando shooter knew about massacre plan (New Orleans Times-Picayune) The 30-year-old wife of the gunman who opened fire inside an Orlando nightclub is facing intense scrutiny as the FBI tries to determine whether she had advance knowledge of the massacre, according to federal authorities

Everything Known About Noor Zahi Salman, The Wife Of Orlando Terrorist Omar Mateen (Daily Beast) A woman of Palestinian heritage, who did not adhere to Islamist dress codes for women, allegedly helped buy ammo and case Pulse nightclub days before the attack

Germany Investigating Bank Link to Orlando Shooter's Father (AP via ABC News) German federal investigators say they're looking into a Duesseldorf bank account held by the father of the gunman who attacked an Orlando nightclub, and are in contact with their American counterparts

Officials: French Police Attacker Pledged Allegiance to ISIS (AP via Military.com) A man who stabbed a police commander and police administrator to death at their home in a Paris suburb pledged loyalty to the leader of the Islamic State group and had a list of other targets, including rappers, journalists, police officers and public officials, the Paris prosecutor said Tuesday

Tom Wheeler defeats the broadband industry: Net neutrality wins in court (Ars Technica) Total victory for FCC as appeals court decision upholds net neutrality order

US company's China employee allegedly stole code to help local government (IDG via CSO) Xu Jiaqiang worked for the U.S. company’s operation in China

Interpol Experts Aim To Help Police To Tackle Cyber Crimes (Tribune 242) INTERPOL’S cyber crime investigative course, which aims to equip regional law enforcement agencies with skills necessary to identify and address crimes perpetrated on cyber platforms, is currently underway at the Royal Bahamas Police Force’s East Street headquarters

Ireland Police Boosts Cyber Capabilities (Infosecurity Magazine) The Irish police force An Garda Síochána has announced that it will set up specialist units to liaise with international partners on current and emerging threats, and to provide cyber and forensic tools to support front line policing and state security

Design and Innovation

Apple promises “differential privacy” at Worldwide Developers Conference (Naked Security) Big tech companies like Google and Facebook want as much of your data as they can get their hands on, because their survival depends on using information about you to better target you with advertisements

Apple’s ‘Differential Privacy’ Is About Collecting Your Data—But Not Your Data (Wired) Apple, like practically every mega-corporation, wants to know as much as possible about its customers. But it’s also marketed itself as Silicon Valley’s privacy champion, one that—unlike so many of its advertising-driven competitors—wants to know as little as possible about you. So perhaps it’s no surprise that the company has now publicly boasted about its work in an obscure branch of mathematics that deals with exactly that paradox

As ransomware rises, cybersecurity researchers fight back (Christian Science Monitor Passcode) Security researchers are developing new tools for consumers to protect themselves against the scourge of malware designed to encrypt files until victims pay fees

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

SANSFIRE 2016 (Washington, DC, USA , June 11 - 18, 2016) For more than 10 years, the Internet Storm Center has been providing free analysis and warning to our community. SANSFIRE 2016 is our annual "ISC Powered" event. Evening talks tap into the expertise behind our daily postings, podcasts, and data collection efforts focusing on current trends and actual relevant threats. The strength of the Internet Storm Center is its group of handlers, who are cyber security practitioners tasked with securing real networks just like you. This is your chance to meet some of them in person.

The Security Culture Conference 2016 (Oslo, Norway, June 14 - 15, 2016) The Security Culture Conference 2016 is the leading, global conference discussing how to build, measure and maintain security culture in organizations. The conference is a part of the Security Culture Framework Community, and draws professionals from around the world to meet, share and learn about security culture.

TECHEXPO Top Secret Hiring Event (Baltimore, Maryland, USA, June 15, 2016) Security-cleared professionals are invited to interview for new career opportunities on Wednesday, June 15 at the BWI Marriott in Baltimore, MD. Hot job opportunities are available in Cyber Security, Intelligence, Defense and IT. Hiring managers will be onsite to fill open positions from companies including BAE Systems, CACI, Deloitte, CGI, Prosync, OnyxPoint, ShoreIT Solutions, Varen Technologies and many more.

2016 CyberWeek (Tel Aviv, Israel, June 19 - 23, 2016) The conference, held jointly by the Blavatnik Interdisciplinary Cyber Research Center (ICRC), the Yuval Ne'eman Workshop for Science, Technology and Security, the Israeli National Cyber Bureau, Prime Minister's Office and Tel Aviv University, in collaboration with the Ministry of Foreign Affairs, will bring together high level international cyber experts, policy-makers, academia and researchers, security officials and foreign diplomats, attracting many participants from around the world for an exchange of knowledge, methods and ideas evolving field of cyber.

National Insider Threat Special Interest Group - South FL Chapter Kickoff Meeting (Palm Beach, Florida, USA, June 21, 2016) The National Insider Threat Special Interest Group (NITSIG) is excited to announce the establishment of a South Florida Chapter. Presentations and discussions will be provided by Insider Threat Defense, Inc. and the FBI. The meeting will focus on: how to recognize potential insider threat problems, employee behavioral indicators of concern, and strategies for insider threat risk mitigation.

cybergamut Technical Tuesday: SS7, SWIFT, and Checking: Closed Network Evolution and Exploitation (Elkridge, Maryland, Calverton, June 21, 2016) A recent 60 Minutes article on extracting mobile phone information from the SS7 telephone carrier signaling network crystalized some thoughts I’ve had for a while on the evolution of closed networks over time and the security implications of opening closed networks. This talk examines that issue using three case studies: the SS7 demonstration, the recent theft of $81 million dollars from the New York Central Reserve Bank belonging to the Central Bank of Bangladesh using the SWIFT network, and the enormous but generally unremarked shift about 10 years ago from the paper check to digitized check information as a negotiable instrument for moving money between bank accounts. All three involve complex networks with both “real world” and digital network dimensions, and illustrate how authentication and trust design decisions (explicit or implicit) made when a network is first created can lead to exploitation opportunities as that network and the way it’s used evolves over time. Jeff Kuhn of Amches, Inc. will present the topic.

Cyber Security for Critical Assets LATAM (Rio de Janeiro, Brazil, June 21 - 22, 2016) Cyber-attacks on critical infrastructure have become an increasing threat for Latin American governments and companies within the oil and gas, chemical and energy sectors. Although the attack frequency is increasing, companies are still reluctant to develop strategies to fight them. As cyber-attacks grow in sophistication, frequency and intensity, these companies are increasingly becoming high profile targets. The Cyber Security for Critical Assets LATAM Summit aims to bring together the key players involved in Cyber Security and defending critical infrastructure against the ever growing threat of attacks. The conference will connect process control and corporate IT senior level professionals, allowing them to discuss challenges, share experiences and investigate best practice guidelines. This in turn will lead to the building of robust policies and standards that will protect the future of LATAM’s critical assets.

Cyber 7.0 (Laurel, Maryland, USA, June 22, 2016) Cyber 7.0 delves into the cyber threat to the nation’s critical infrastructure—transportation, health care, utilities, and energy, to name a few. How can government and industry work together to battle the threats to personal and public safety? For the seventh year, regional cyber experts, small entrepreneurs, large businesses, and government organizations come together to discuss, connect, and strategize. Be a part of the solution. Sponsor, exhibit, attend.

Security of Things World (Berlin, Germany, June 27 - 28, 2016) Security. Privacy. Connected Devices. Exploring Security and the Internet of Things. A world class event focused on the next information security revolution. Be part of Security of Things World in June in Berlin to tailor your proposition to respond to the security concerns that preoccupy enterprise customers today and find pragmatic solutions to the most common security threats.

SANS Salt Lake City 2016 (Salt Lake City, Utah, USA , June 27 - July 2, 2016) We are pleased to invite you to SANS Salt Lake City 2016, June 27-July 2. Are you ready to immerse yourself in the most intense cyber training experience available anywhere? Do you need to become a more effective leader when implementing security improvements for your organization? Do you need a more in-depth knowledge of the theory and implementation of computer security, hacker tools and incident handling, advanced digital forensics, defending web apps, or ISC/SCADA? This new event has been planned to meet your needs. Start making your plans now to attend SANS Salt Lake City 2016!

DC / Metro Cyber Security Summit (Washington, DC, USA, June 30, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. This educational and informational forum will focus on educating attendees on how to best protect highly vulnerable business applications and critical infrastructure. Attendees will have the opportunity to meet the nation’s leading solution providers and discover the latest products and services for enterprise cyber defense.

TECHEXPO Cyber Security Hiring Event (Tysons Corner, Virgina, USA, June 30, 2016) Cyber security professionals are invited to interview face-to-face with employers including The CIA, Deloitte, Intel Security, Northrop Grumman, Lockheed Martin, Deloitte, Vencore and many more. Hundreds of career opportunities are available in cyber security that need to be filled immediately. Bring copies of your resume with you and interview in person, representing yourself better than any online application ever could.

ISS World South Africa (Johannesburg, South Africa, July 10 - 12, 2016) ISS World South Africa is the world's largest gathering of Southern Africa Law Enforcement, Intelligence and Homeland Security Analysts as well as Telecom Operators responsible for Lawful Interception, Hi-Tech Electronic Investigations and Network Intelligence Gathering. ISS World Programs present the methodologies and tools for Law Enforcement, Public Safety and Government Intelligence Communities in the fight against drug trafficking, cyber money laundering, human trafficking, terrorism and other criminal activities conducted over today's telecommunications network and the Internet.

Insider Threat Program Development Training (Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC. For a limited time the training is being offered at a discounted rate of $795. The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained a substantial number of organizations and has become the "Go To Company" for Insider Threat Program Development Training

SINET Innovation Summit 2016 (New York, New York, USA, July 14, 2016) “Connecting Wall Street, Silicon Valley and the Beltway.“ SINET Innovation Summit connects America’s three most powerful epicenters and evangelizes the importance of industry, government and academic collaboration on joint research initiatives. The opportunity to bring practitioners and theory together to discuss fundamental Cybersecurity challenges is critical to the advancement of innovation in the Cybersecurity domain. This summit is designed to reinvigorate public-private partnership efforts and increase relationships that foster the sharing of information and joint collaboration on Cybersecurity research projects

CyberSec 2016 (New York, New York, USA, July 19, 2016) Ask any bank CEO in the U.S. what keeps them up at night and cybersecurity is bound to be in the top five. Maybe even no. 1. And while the threat matrix is evolving rapidly, along with the regulatory demands, so are the technology tools available to help meet them. This one-day conference will take a big-picture look at the threats facing banks today and tomorrow, and offer insights on how to combat them.

Nominations are now open: National Cyber Security Hall of Fame (Baltimore, Maryland, USA (nominations submitted online), July 20, 2016) The Cyber Security Hall of Fame "Respect the Past - Protect the Future" accepts nominations from companies and organizations that are engaged in, and committed to, the growth of the cyber security industry. Each of the nominators can submit nominations in the following categories or combination of categories: Technology, Policy, Public Awareness, Education, and Business.

Billington Global Automotive Cybersecurity Summit (Detroit, Michigan, USA, July 22, 2016) Billington Cybersecurity, an independent conference company focused exclusively on cybersecurity seminars, announces the first global summit that brings together the most senior government and industry experts to examine cyber security in the automotive industry. The Chairman and CEO of General Motors, Mary Barra, U.S. Transportation Secretary Anthony Foxx, U.S. Senator Gary C. Peters and Lyft CEO and Co-Founder Logan Green will discuss industry and government insights on automotive cybersecurity.

Community College Cyber Summit (3CS) (Pittsburgh, Pennsylvania, USA, July 22 - 24, 2016) The third annual Community College Cyber Summit (3CS) is organized and produced by six Advanced Technological Education (ATE) centers funded by the National Science Foundation (NSF) and involved in cybersecurity. 3CS meets the perceived need for a national academic conference that focuses exclusively on cybersecurity education at the community college level. Faculty, administrators, and other stakeholders in community college cybersecurity education are invited and encouraged to attend

SANS ICS Security Summit & Training — Houston 2016 (Houston, Texas, USA, July 25 - 30, 2016) SANS has joined forces with industry leaders and experts to strengthen the cybersecurity of Industrial Control Systems (ICS). The initiative is turning ICS cybersecurity around by equipping both security professionals and control system engineers with the security awareness, work-specific knowledge, and hands-on technical skills they need to secure automation and control system technology. Register now for these ICS skills based courses.

SANS San Jose 2016 (San Jose, California, USA , July 25 - 30, 2016) Information security training is coming to Silicon Valley from SANS Institute, the global leader in information security training. At SANS San Jose 2016, July 25-30, 2016, choose from 7 hands-on, immersion-style cybersecurity training courses taught by real-world practitioners. We will see you at The Westin San Jose, located in the heart of downtown San Jose. Now is the time to improve your information security skills. SANS San Jose 2016 features comprehensive hands-on technical training from some of the best instructors in the industry and includes several courses that will prepare you or your technical staff for DoD 8570 and GIAC approved certification exams. Start making your plans to attend now!

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.