The CyberWire Daily Briefing 07.21.16

Summary

By The CyberWire Staff

Phineas Phisher claims responsibility for the hundreds of thousands of AKP emails taken from Turkey’s ruling party and posted online. The Turkish government continues its post-coup-attempt purges—the number of people purged is approaching 50,000. Senior military officers and judges are obvious targets, but teachers make up the bulk of those affected. The government is watching social media closely; arrests have been made on the strength of disrespectful tweets.

Hacktivists, criminals, and proof-of-concept hackers turn their attentions to the US Presidential campaigns. The Republican convention was affected this week; expect the same when the Democrats meet.

ISIS sites may have come under denial-of-service attack. Some familiar tools, including NetStresser, are reported in the incidents. ISIS recruiting themes seem to draw heavily on local concerns. Authorities in Germany, seeing an absence of command-and-control and discounting the role of inspiration, deny an ISIS connection to the recent train attack.

Consensus holds that the remote-code execution vulnerabilities fixed in Apple’s latest OS X and iOS patches—commonly compared to last year’s Android Stagefright—are serious indeed, so patch soon.

Digital Defense reported a serious backdoor issue with Dell’s SonicWall; Dell has issued a hot fix.

Onapsis details security issues with SAP HANA and SAP Trex.

Cisco’s Talos releases details on some of the Oracle bugs fixed this week.

AVG finds a new Python ransomware variety, “HolyCrypt.” AVG is also distributing a free decryptor for Bart ransomware.

In industry news, NGG buys Arilou Technologies, and Sift Security uncloaks with a $3.25 million angel round.

Notes.

Today's issue includes events affecting Australia, Canada, China, Denmark, Egypt, European Union, France, Germany, Iraq, Japan, Democratic Peoples Republic of Korea, Kuwait, Lebanon, Libya, Russia, Saudi Arabia, Syria, Tunisia, Turkey, Ukraine, United Arab Emirates, United Kingdom, and United States.

A note to our readers: We'll be in Detroit tomorrow for the first annual Billington Global Automotive Cybersecurity Summit. Watch for live-tweets from the event, and a full report published here next week. For a preview of some of the conference's important themes, check our interview with Booz Allen Hamilton's Jon Allen.

On the Podcast

The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today's partner segment comes to us from the Johns Hopkins University: Joe Carrigan will talk us through Tor's capabilities and limitations, and give us some thoughts on new alternatives to the anonymizing network. (If you like our podcast, please consider giving it an iTunes review.)

And, risk professionals, check out the CyberWire's Special Edition Podcast, "Quantifying Cyber Risk."Experts in the security and insurance sectors discuss quantifying cyber risk: how you do it, what you do with the numbers once you've got them, and why it all matters.

Selected Reading

Cyber Trends

The Race to Cyber Attribution Needs to Stop (LookingGlass) It has become almost systemic for people to immediately question, “Who did it?” when a major breach occurs in the public or private sectors. Understandably, the victimized have a keen interest in identifying their faceless attackers especially when they have been publicly exposed. There is also a competitive aspect, as the first person to make attribution can add credibility to his or her name. However, while providing information for public consumption is important, it’s equally as important to provide accurate information

Overreliance on perimeter-based defense creates opportunities for attackers (Help Net Security) RSA has announced the results of research that demonstrates organizations in Asia Pacific & Japan (APJ) investing in detection and response technologies are better poised to defend against today’s advanced threats, in comparison to those primarily utilizing perimeter-based solutions

IoT Insecurity: Pinpointing the Problems (Threatpost) It’s a coin toss whether or not that Internet of Things device you depend on is secure. Those unacceptable 50/50 odds come from a survey by IOActive where technology professionals were asked about the security of connected devices from thermostats, security cameras to alarm systems

Most Businesses See Data As Main IoT Benefit, Eye Security Challenges (Mediapost) With the Internet of Things comes a flood of data to be analyzed

Majority Of Companies Say Trade Secrets Likely Compromised (Dark Reading) About 60 percent of companies in a survey by Ponemon and Kilpatrick Townsend say at least some of their trade secrets are likely in the hands of rivals

FireMon Survey: One-Third of Security Professionals Grounded for LIFE Due to Messy Firewall Rules (MarketWired) Survey shows 65% of security professionals surveyed think they would get grounded by their mom for untidy firewall rules

Assessing the Vulnerability of the UK to a Cyber-attack: A Multidisciplinary Analysis of Cyber Security. (Infosec Institute) This paper will demonstrate the vulnerabilities which are present in cyberspace and the vast number of threats to the United Kingdom from both a theoretical and practical perspective. The central argument of this paper is that the most general analysis of cyberspace and cybersecurity by international security studies scholars that cyberspace is merely an extension of war or a war-fighting domain is inherently unrepresentative of the true nature of the phenomena

Legislation, Policy and Regulation

Turkey's Erdogan Declares Three-Month State of Emergency After Failed Coup (NBC News) Turkey's president on Wednesday declared a three-month state of emergency following a failed coup

Analysts Predict Rifts in US-Turkey Relationship (Defense News) US Defense Secretary Ash Carter today offered reassurances Turkey’s alliance with the US and NATO, and Turkey’s commitment to counter-Islamic State fight, are all still strong following a failed military coup. But experts believe that the relationship between Ankara and Washington is now in a fragile state, which could boil over into the fight against the militant group, commonly known as ISIS or ISIL

Call for Australia to appoint cyber ambassador (ITWire) A senior official from the security services company Forcepoint has welcomed the appointment of Dan Tehan as the minister assisting Prime Minister Malcolm Turnbull for cyber security, but says that, given Tehan's numerous roles, the appointment of a "cyber ambassador" will be key to co-ordinating Australia's efforts in this direction

Electronic spy agency mum on foreign info-sharing that could lead to torture (Times Colonist) Canada's electronic spy agency won't say how often it shares information that could lead to someone being tortured in an overseas prison

Preparing for new EU cybersecurity rules and regulations (Help Net Security) Recently, the European Parliament signed off on its first ever set of cybersecurity rules. The Network and Information Security (NIS) Directive spells the end of more than three years of political bickering and requires critical national infrastructure operators, such as banks, healthcare, transportation, energy and digital service providers, to ramp up their security measures and report major data breaches

Government Officials Conflicted About Encryption (National Defense Magazine) Encryption — which prevents unauthorized users from accessing devices and data — is a double-edged sword, experts have said. While U.S. citizens use the technology to protect personal information, bad actors such as terrorists are employing it to hide illicit activity

The Pentagon’s Massive IT Consolidation Plan Is In Trouble (Defense One) Defense officials can’t project the program's cost because of its complexity, and because officials can’t even agree what is or isn’t included

More live training, new cyber-threat list as Army aims to avoid insider attacks (Army Times) An Army anti-spying effort born shortly after the Cold War received an update last month, with expanded lists of potentially malicious cyber-activities and new training requirements designed to help ferret out insider threats

Network defense to become more sophisticated, effective (Army News Service) "We must rethink how we defend ourselves from the increasingly sophisticated and capable enemy cyber advances," said Maj. Gen. Paul Nakasone

DoD acquisition not broken, just slow (C4ISRNET) The head of the Pentagon’s secretive Strategic Capabilities Office, which specializes in near-term innovation to gain advantages with unconventional uses of existing systems, has harsh words for those overly critical of the department’s seemingly ineffective acquisition process

Products, Services, and Solutions

Verodin Named “Vendor to Watch” by Enterprise Management Associates (BusinessWire) The Verodin Platform matures defenses by continually challenging how security controls and teams perform under fire, removing assumptions and empowering defenders

Deloitte, Cray launch supercomputer-driven threat analytics service (CIO) Subscription-based service powered by the Cray Urika-GX system

Fireglass Integrates Isolation Platform with Check Point Next-Gen Firewalls and SandBlast to Eliminate Malware, Phishing and Other Advanced Threats (Yahoo! Finance) Fireglass, the leader in web isolation, and Check Point Software Technologies Ltd. (CHKP), today announced a new partnership that enables organizations to protect their users from advanced threats by completely eliminating attack vectors including browsers, emails and documents

Global Velocity Securio 4.0 Scrapes Dark Web for Stolen Data (Top Tech News) Global Velocity Securio 4.0 Scrapes the Dark Web for Stolen Business Data -- Information-centric security solution mitigates risk of insider threats to protect data at-rest and in-motion

ForgeRock’s Latest Identity Platform Finally Kills the Password, Ushers in New Era of the Frictionless User Experience (BusinessWire) Newly announced push authentication features and capabilities in the ForgeRock Identity Platform support passwordless login and frictionless second factor authentication

AlgoSec Debuts Business Application Mapping Platform (eWeek) Auto-Discovery automates the whole process of identifying and mapping application connectivity, and gathers this information into an intuitive map

Boeing signs agreement with Rambus to protect aerospace from security threats (Aerospace Technology) Rambus's cryptography research division has signed a licence agreement for the inclusion of advanced differential power analysis (DPA) countermeasures in Boeing products

Technologies, Techniques, and Standards

Bart ransomware victims get free decryptor (Help Net Security) AVG malware analyst Jakub Kroustek has devised a decryptor for Bart ransomware, and the company has made it available for download (for free)

Free Tools & Training To ‘Hack Yourself’ Into Better Security (Dark Reading) How to teach your blue team to think like the red team when your network is under attack and time is your most valuable asset

Three Pillars of Docker Security: Visibility, Identification & Tracking (Infosecurity Magazine) Like all software, containers face security challenges. Among those challenges are exploitable software vulnerabilities in components used inside Docker containers, exacerbated by the ease with which Docker containers can be deployed

Five Myths about Mobile Phone Security (Panda Security) Most of us carry a mobile phone with us at all times. It has become an essential part of our lives, both in our personal and professional day-to-day. Nevertheless, there are many false conceptions that accompany the security of our business smartphones and tablets

Marines, NSA To Bring Smartphones To Rifle Squad (Breaking Defense) The Marine Corps and National Security Agency have joined forces to bring cellphones to the battlefield by 2019. Working with the NSA’s new Commercial Solutions for Classified (CSfC) program should let the Marines acquire cutting-edge civilian technology swiftly without sacrificing security, said Maj. Kevin Shepherd of Marine Corps Systems Command

Facebook is tracking what you do within apps for better targeted advertising (Naked Security) You know the old saying: if you’re not paying, you’re the product. Even so, it can be disconcerting to contemplate just how thoroughly tracked you are: how what you do is sliced, diced, and monetized

131 Cyber Security Tips that Anyone Can Apply (Heimdal Security) Looking to sink your teeth into some good security tips you can actually apply?

Marketplace

These 10 Companies Are the Top Cybersecurity Startup Acquirers (Fortune) Like so many other startup sectors, cybersecurity is often a game of mergers and acquisitions. So who has got the biggest appetite?

Challenges of cybersecurity due diligence in the acquisition process (Help Net Security) Acquirers are increasingly aware of the need for vigorous cybersecurity due diligence in M&A, yet often lack the proper personnel to conduct thorough analyses, according to a new study by West Monroe Partners and Mergermarket. As the importance of big data and IT rises across sectors, cybersecurity has become a vital area to assess at deal targets

An all-Israeli exit: iGO developer NNG acquires automotive cyber startup Arilou Technologies (Geektime) NNG, responsible for popular navigational app iGO, acquired cyber startup Arilou Technologies, which prevents attacks on connected cars

Sift Security Exits Stealth with an Easier, Faster and Smarter Approach to Threat Hunting and Incident Response (BusinessWire) Underpinned by graph data structures and novel data science; $3.25 million angel round

Will Symantec’s Enterprise Security Gain from Blue Coat Buyout? (Market Realist) Symantec’s Enterprise Security offerings will get a boost from Blue Coat’s acquisition

Gemalto hunts for partners for its encryption solutions as GDPR approaches (CRN) Security vendor says demand for encryption has increased significantly as GDPR deadline gets closer

GE, Huawei to partner on Internet of Things (USA Today) General Electric said Wednesday that it had struck a partnership with Chinese telecommunications giant Huawei Technologies to develop machines that are connected to the Internet

AUB insures against terror, cyber attack (Daily Post-Athenian) Athens Utilities Board has renewed its insurance coverage, which includes cyber security and terrorist threats. The Board of Directors approved renewing coverage - costing more than a half-million dollars - with Athens Insurance at its June meeting

TalkTalk halts customer exodus after cyber attack but broadband base 9,000 lower (Belfast Telegraph) Telecoms group TalkTalk has said its broadband customer base remains 9,000 lower despite halting the exodus from the firm following last year's cyber attack

Investors are pleased with TalkTalk's decent start to the year (City A.M.) TalkTalk shares jumped more than four per cent in early trading as it reported a solid start to the year

Orgs Struggle to Recruit Skilled DDoS Personnel (Infosecurity Magazine) Companies looking to recruit network engineering professionals with experience of dealing with DDoS attacks are facing an uphill struggle, according to new research from Imperva

Illumio Appoints Remo Canessa as Chief Financial Officer (MarketWired) Industry veteran brings 30 years of financial and strategic experience to rapidly growing provider of cybersecurity for data center and cloud computing

Research and Development

Is Your Network Acting Odd? DARPA’s Latest Tool Aims to Sound the Alarm (Defense One) The system is intended to track activity across an entire network over long periods of time, seeking out deviations from normal activity

DARPA releases details on spectrum challenge (C4ISRNET) The Defense Advanced Research Projects Agency has released information concerning its innovative challenge to help alleviate the electromagnetic spectrum

Browser study aims to stop hackers in their tracks (The South Australia Lead) Developing an anti-tracking computer program to protect users against hackers is at the heart of a new study into browsing habits

Security Patches, Mitigations, and Software Updates

SonicWALL Service Bulletin GMS Analyzer Vulnerability Fix - July 2016 (Dell) Vulnerabilities in the Dell SonicWALL GMS and Analyzer have been resolved

Firefox Blocks Flash Content to Improve Security (SecurityWeek) Starting next month, the Firefox Web browser will block certain Flash content to improve the security of its users and to ensure faster page loads

Twitter’s Verified Badge Plan Raises New Security Concerns (Infosecurity Magazine) Experts are warning that Twitter’s decision to open up its verified badge scheme to all-comers could create additional security risks for users

Cyber Attacks, Threats, and Vulnerabilities

Notorious Hacker ‘Phineas Fisher’ Says He Hacked The Turkish Government (Motherboard) A notorious hacker has claimed responsibility for hacking Turkey’s ruling party, the AKP, and stealing more than 300,000 internal emails and other files

RNC attendees were hacked by security researchers to prove a point about Wi-Fi (Fast Company) After setting up an array of wireless access points around the Republican National Convention in Cleveland, security firm Avast Software reports that, despite a rash of recent media and political attention to cybersecurity, visitors weren't shy about connecting their devices to unknown wireless networks

Security Gets Political With Hacks, Darknet Sales (Dark Reading) As presidential campaigns get into full swing, neither party is immune to online chicanery -- and neither are voters

How the Republican Convention Fends Off Hackers (Wired) Just a few blocks away from the Quicken Loans Arena where the Republican National Convention is taking place, past the barricaded streets being guarded by police officers, beyond the Secret Service checkpoint, down the escalator of the Cleveland Convention Center, deep in the belly of the building, you’ll find a nondescript set of cubicles and a snack table set off to the side of a vast empty space. There sit a handful of geeks with laptops

Massive DDoS Attack Shut Down Several Pro-ISIS Websites (Hack Read) Team of attackers shut down several ISIS a.k.a. Daesh websites against terrorist attacks in Nice and Middle Eastern countries

Inside the ISIS Enlistment Files: All Jihad is Local (Defense One) I analyzed over 3,500 leaked ISIS enlistment forms. Here’s what I found

How Bad is the North Korean Cyber Threat? (Hack Rad) A few months ago, United States General Vincent Brooks warned the Senate about the growing threat from North Korean cyber-attacks, saying, “While I would not characterize them as the best in the world, they are among the best in the world, and the best organized”

Update now: Macs and iPhones have a Stagefright-style bug! (Naked Security) Remember Stagefright? Stagefright was one of 2015’s most newsworthy BWAINs (Bugs with an Impressive Name): a security hole, or more accurately a cluster of holes, in Android’s libstagefright multimedia software component

Wavering about Apple's latest security fix? Don't, says Talos (Register) The very image of a remote exploit

Critical Flaws Found in Dell SonicWALL Product (SecurityWeek) Managed security risk assessment provider Digital Defense has identified several vulnerabilities in the Dell SonicWALL Global Management System (GMS), a platform that allows organizations to centrally manage their SonicWALL solutions. The vendor has released a hotfix to patch the issues

Hidden 'backdoor' in Dell security software gives hackers full access (ZDNet) The critical flaw gives an attacker 'full control' of all connected devices

Vulnerabilities affecting SAP HANA and SAP Trex put 10,000 customers at risk (Help Net Security) Onapsis released new security advisories detailing vulnerabilities in SAP HANA and SAP Trex. Included in the advisories is a critical risk vulnerability that could be used to gain high privileges, allowing unrestricted access to business information, and to modify arbitrary database information

New Python ransomware called HolyCrypt Discovered (Bleeping Computer) A new ransomware has been discovered by AVG malware analyst @JakubKroustek called HolyCrypt. This ransomware is written in Python and compiled into a Windows executable using PyInstaller. This allows the developer to distribute all of the necessary Python files as a single executable

The history of ransomware (CSO) See more than 20 variants of these attacks through the years

Flaws in Oracle file processing SDKs affect major third-party products (CSO) Eighteen flaws in Oracle's Outside In Technology also impact enterprise software products from other vendors

Vulnerability Spotlight: Oracle's Outside In Technology, Turned Inside-Out (Talos) One of the most fundamental tasks performed by many software programs involves the reading, writing, and general processing of files. In today's highly networked environments, files and the programs that process them can be found just about everywhere: FTP transfers, HTTP form uploads, email attachments, et cetera

1 in 3 content theft websites expose visitors to malware (Help Net Security) A Digital Citizens investigation has found that malware operators and content theft website owners are teaming up to target consumers – with an unexpected assist from U.S.-based tech firms. The research found that 1 in 3 content theft websites expose consumers to dangerous malware that can lead to serious issues such as ID theft, financial loss and ransomware

Canadian Man Behind Popular ‘Orcus RAT’ (KrebsOnSecurity) Far too many otherwise intelligent and talented software developers these days apparently think they can get away with writing, selling and supporting malicious software and then couching their commerce as a purely legitimate enterprise. Here’s the story of how I learned the real-life identity of Canadian man who’s laboring under that same illusion as proprietor of one of the most popular and affordable tools for hacking into someone else’s computer

Trojanized Remote-Access Tool Spreads Malware (BankInfoSecurity) Kaspersky: bundled downloads fool admins, foil detection

Health Data on Nearly Every Dane Sent to Chinese Firm (Infosecurity Magazine) Sensitive medical data on almost the entire population of Denmark has been accidentally sent to a Chinese state-linked visa office

Playstation chief Shuhei Yoshida has his Twitter hacked by OurMine (Hot for Security) Shuhei Yoshida, the popular president of Sony Computer Entertainment’s worldwide studios, appears to be the latest victim of the OurMine hacking gang, after his Twitter account was hijacked yesterday

‘Warframe’ Hacked, Details on 775,000 Players Traded (Motherboard) User details for online, free-to-play game 'Warframe' are being traded in the digital underground. The nearly 800,000 records include email addresses, usernames, and dates for when the account was created and last logged into

When Pokémon Go’s Servers Go Down, You’re Not the Only Loser (Wired) If you tried to play Pokemon Go this weekend, you probably already know Niantic, the company behind the wildly popular game, is struggling to keep it online. But that’s not just a disappointment for the legions of players who have hit the streets looking for virtual monsters. It’s also costing Niantic money: when Pokemon Go is down, no one can spend money in the game

Pokemon Protection? (NACS) For some businesses the influx of Pokemon users is a boon, but don’t ignore potential security risks

Let’s Pokéstop: A Moment of Reflection on PoGo’s Recent Privacy Revelations (Level 3 Communications Blog) Anyone with a smartphone, TV or internet access has heard about the current cultural phenomenon that is Pokémon Go. For me, this app has been delightfully addicting, but I’ve also felt the frustrations of trying to play through the game’s technical glitches. In the week or so I’ve been playing, I’ve experienced app failures, battery loss and waited anxiously for my data usage to reset. I’d been warned all of these things would happen, but I hadn’t given the seemingly simple act of signing-in a second thought…until now

How hackers are revealing the hidden Pokemon Go monsters all around you (Ars Technica) Deciphered server data provides precise locations in a handy Google Map

Hackers are targeting the Rio Olympics, so watch out for these cyberthreats (CSO) Cyberterrorists and hacktivists could also try to disrupt the event

Someone Hacked Road Sign in US to Display Harsh Anti-Police Messages (Hack Read) While people are protesting against shooting and killing of Alton Sterling someone hacked road right in Cobb County, Georgia and left some harsh messages against cops

Hacker Claims to Have Sold Leaked Terrorism Watchlist 'World-Check' For $20,000 (Motherboard) A confidential database of suspected or convicted criminals and terrorists has surfaced on a dark web marketplace just a few weeks after a security researcher revealed that the database was left exposed online

Flipping the economy of a Hacker (SANS Internet Storm Center) Palo Alto Networks partnered with the Ponemon Institute to answer a very specific question: what is the economic incentive for adversaries?

The Real Cost of Attacks (Palo Alto Networks) The big payday is a myth

Grid hack exposes troubling security gaps for local utilities (E&E News) When Washington state utility executive Benjamin Beberness dug into what was behind the crippling cybersecurity blackout in Ukraine, the details were chilling, not only because of their malevolent nature but because of how familiar those details were to Beberness

Academia

Hackers Convene in Utah for Western Regional U.S. Cyber Challenge Program (US Cyber Challenge) Executive roundtable to discuss national cybersecurity workforce

Litigation, Investigation, and Enforcement

Two arrested in Turkey for praising failed coup attempt on social media (Hurriyet Daily News) Two people have been arrested for praising the July 15 failed coup attempt on social media and insulting President Recep Tayyip Erdoğan in the Central Anatolian province of Karaman and the Black Sea province of Zonguldak

Turkey coup attempt: Charges laid against 99 generals and admirals (BBC) Turkey has formally charged 99 generals and admirals in connection with the weekend's thwarted coup attempt, just under a third of the country's 356 top military officers

EU police agency warns of extremist threats to Europe (SFGate) The number of people killed in attacks by extremists throughout Europe soared in 2015 from a year earlier, the European Union police agency reported Wednesday as it warned the Islamic State group may "put more emphasis on operations abroad" as a Western military alliance puts it under pressure in Syria and Iraq

Germany train attacker had no direct Islamic State connections, top official says (Washington Post) A teenager who attacked passengers with an ax on a German commuter train seems to have acted alone and had no direct connections to the Islamic State, Germany’s top law enforcement official said Wednesday

Why Germany Can’t Figure Out the Identity of Its First ISIS Attacker (Time) The Islamist radical who wounded five was among the hundreds of thousands of asylum seekers who arrived in Germany last year without a passport

The murky role of mental illness in extremism, terror (AP via Yahoo! News) After family members of the driver who slammed a truck into a holiday crowd in the French city of Nice said he suffered from depression, questions have been raised again about the links between mental illness, extreme ideology and mass violence

US intel bulletin warns of persistent threat from 'Western female violent extremists' (Fox News) The U.S. intelligence community is warning law enforcement agencies around the country of persistent terror threats posed by radicalized Western women

Return of the Pokémon Fatwa in Saudi Arabia (Foreign Policy) Conservative Saudi clerics were probably relieved when Pokémon, banned by the country’s top religious body in 2001, fell out of favor over the past decade

Pokémon Go Security Risks Flagged by CIA, Gulf States and Data Security Experts (IFSEC Global) Even by the standards of online viral trends, Pokemon Go’s trajectory is quite astonishing

Alleged Kickass Torrents owner arrested, site taken down (Help Net Security) Artem Vaulin, a 30-year-old Ukrainian that is believed to be the creator and owner of Kickass Torrents, currently the most popular and most visited illegal file-sharing website, has been arrested in Poland on Wednesday

French authorities serve notice to Microsoft for Windows 10 privacy failings (ZDNet) Strict online privacy laws in the EU continue to bedevil American tech companies. The latest to catch flak is Microsoft, over a handful of objections from a French data protection agency

Everyone's favorite infosec biz – Blue Coat – must cough up $40m to rival in patent rip-off row (Register) From SSL cert blowup to busted infringement appeal

Fraud and Computer Misuse Crime on the Rise, Study Finds (Tripwire: the State of Security) A new report from the Office for National Statistics (ONS) states that cybercrime is on the raise in England and Wales

It’s Time to Come to Terms With Secret Law: Part I (Just Security) Secret law. The words are chilling. They evoke Kafka, unaccountable government, liberty subordinated to state security – and to some ears, perhaps simply the paranoid rantings of tinfoil hat wearers. But the claim that the US government is creating secret law has become increasingly common and credible, levied by scholars, secrecy critics, courts, and by lawmakers and government officials of both parties

House Committee Wants to Know How Many DoD Employees Are Mishandling Classified Information (FedSmith) The House Committee on Oversight and Government Reform sent a letter to Defense Secretary Ashton Carter asking for documentation regarding the number of cases the Defense Department has opened recently for non-compliance by its employees with security regulations

Design and Innovation

Snapchat turns facial recognition technology on its head (Naked Security) While facial recognition technology is often criticized for invading people’s privacy, smartphone messaging company Snapchat is looking at how it can use the same technology to enhance the privacy of its users

Edward Snowden is working on an iPhone case (TechCrunch) Most probably wouldn’t have anticipated a smartphone case being high on Edward Snowden’s to-do list, but an on-going collaboration with Andrew “Bunnie” Huang detailed today during an event at MIT Media Lab certainly comports with some of the NSA’s whistle blower’s chief concerns

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

National Institute for Cybersecurity Education 2016 Conference and Expo (Kansas City, Missouri, USA, November 1 - 2, 2016) Cybersecurity has emerged as one of the leading creators of jobs and opportunity for all economic sectors. The demand for cybersecurity positions in both the public and private sector is large and growing, but the talent pool of cybersecurity workers is not yet able to keep up. The NICE 2016 Conference and Expo features thought leaders from education, government, industry and non-profits who are addressing the cybersecurity education, training, and workforce needs of the nation.

upcoming Events

Insider Threat Program Development Training (Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC. For a limited time the training is being offered at a discounted rate of $795. The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained a substantial number of organizations and has become the "Go To Company" for Insider Threat Program Development Training

Billington Global Automotive Cybersecurity Summit (Detroit, Michigan, USA, July 22, 2016) Billington Cybersecurity, an independent conference company focused exclusively on cybersecurity seminars, announces the first global summit that brings together the most senior government and industry experts to examine cyber security in the automotive industry. The Chairman and CEO of General Motors, Mary Barra, U.S. Transportation Secretary Anthony Foxx, U.S. Senator Gary C. Peters and Lyft CEO and Co-Founder Logan Green will discuss industry and government insights on automotive cybersecurity.

Community College Cyber Summit (3CS) (Pittsburgh, Pennsylvania, USA, July 22 - 24, 2016) The third annual Community College Cyber Summit (3CS) is organized and produced by six Advanced Technological Education (ATE) centers funded by the National Science Foundation (NSF) and involved in cybersecurity. 3CS meets the perceived need for a national academic conference that focuses exclusively on cybersecurity education at the community college level. Faculty, administrators, and other stakeholders in community college cybersecurity education are invited and encouraged to attend

SANS San Jose 2016 (San Jose, California, USA , July 25 - 30, 2016) Information security training is coming to Silicon Valley from SANS Institute, the global leader in information security training. At SANS San Jose 2016, July 25-30, 2016, choose from 7 hands-on, immersion-style cybersecurity training courses taught by real-world practitioners. We will see you at The Westin San Jose, located in the heart of downtown San Jose. Now is the time to improve your information security skills. SANS San Jose 2016 features comprehensive hands-on technical training from some of the best instructors in the industry and includes several courses that will prepare you or your technical staff for DoD 8570 and GIAC approved certification exams. Start making your plans to attend now!

SANS ICS Security Summit & Training — Houston 2016 (Houston, Texas, USA, July 25 - 30, 2016) SANS has joined forces with industry leaders and experts to strengthen the cybersecurity of Industrial Control Systems (ICS). The initiative is turning ICS cybersecurity around by equipping both security professionals and control system engineers with the security awareness, work-specific knowledge, and hands-on technical skills they need to secure automation and control system technology. Register now for these ICS skills based courses.

AfricaHackOn (Nairobi, Kenya, July 28 - 29, 2016) What began as a casual meet up for information security professionals has become one of the formidable forces in the profession. That group is the AfricaHackOn. Housed under its parent umbrella, Euclid Consultancy Ltd, AH as fondly known, has traversed all odds to becoming a leading venture in raising awareness on matters affecting cyber security and also grooming upcoming talent into the job market. We have been poised to becoming a one stop shop for talent and resources in a field greatly short staffed.

Black Hat USA (Las Vegas, Nevada, USA, August 1 - 6, 2015) Black Hat — built by and for the global InfoSec community — returns to Las Vegas for its 18th year. This six day event begins with four days of intense Trainings for security practitioners of all levels (August 1-4) followed by the two-day main event including over 100 independently selected Briefings, Business Hall, Arsenal, Pwnie Awards, and more (August 5-6)

SANS Boston 2016 (Boston, Massachusetts, USA , August 1 - 6, 2016) SANS will be returning to Boston with an exceptional cyber security training lineup this August, including a special evening event hosted by Stephen Northcutt, where you'll get choose your favorite chowder! We are bringing our top courses and best instructors to make SANS Boston the perfect training event for you. You can't miss SANS comprehensive hands-on technical training from some of the best instructors in the industry.

Secure Bermuda 2016 (Bermuda, August 10, 2016) Industry-leading intelligence from expert cybersecurity thought leaders and innovators. In addition to human capital shortages, the Bermudian cybersecurity industry faces an uphill battle to keep up with the acceleration of Internet-connected technology. Join us on August 10th at the Hamilton Princess Hotel for Secure Bermuda 2016. In just one day, the event will provide essential intelligence that enables Bermudian technology leaders to drive their cybersecurity strategy forward. The conference covers today's cybersecurity trends and threats as well as those of the future, equipping delegates with the tools needed to cope in an increasingly complex landscape.

TECHEXPO Top Secret Polygraph-Only Hiring Event (Baltimore, Maryland, USA, August 10, 2016) Polygraph-Tested Professionals are invited to interview for new career opportunities on Wednesday, August 10 at the BWI Marriott in Baltimore, MD. A CI or Full Scope Polygraph is Required to Attend. Hot job opportunities are available in Cyber Security, Intelligence, Defense and IT. Hiring managers will be onsite to fill critical open positions.

Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, August 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained over one hundred fifty organizations and has become the "go-to company" for Insider Threat Program Development Training.

International Conference on Cyber Security (ICCS) 2016 (Kota, Rajasthan, India, August 13 - 14, 2016) The International Conference on Cyber Security (ICCS) 2016 is an unparalleled opportunity to discuss cyberthreat analysis, operations, research, and law enforcement to coordinate various efforts to create a more secure world. The ICCS 2016 serves as a platform for researchers and practitioners from academia, industry, and government to present, discuss, and exchange ideas that address real-world problems with CYBER SECURITY. The conference program will include special sessions, presentations delivered by researchers from the international community, including presentations from keynote speakers and state-of-the-art lectures and keynote speeches

2016 Information Assurance Symposium (Washington, DC, USA, August 16 - 18, 2016) The Information Assurance Symposium is the premier IA event at which leaders and practitioners share vital information and provide direction and best practices to meet today’s challenges in IA and the cyber environment. The classification of the event is UNCLASSIFIED//FOR OFFICIAL USE ONLY. The 2016 IAS is expecting upwards of 2,000 attendees and will provide an excellent opportunity to learn and network with leading information assurance and cyber security professionals, subject matter experts and solution providers from throughout Government, industry and academia. The Information Assurance Symposium will include a variety of keynote sessions, five distinct tracts and panel discussions spanning over three days. It will also have a vendor expo where hundreds of exhibitors will display a wide variety of IA products, services and demonstrations. Exciting networking opportunities will be offered in the exhibit hall, all designed to enhance the IAS attendee experience.

SANS Alaska 2016 (Anchorage, Alaska, USA, August 22 - 27, 2016) SANS is bringing our renowned security training to Alaska! Join us in August for a week of hands-on training and compelling bonus sessions while taking in breathtaking views and experiencing the great Alaskan wilderness. SANS Alaska will feature two hands-on, immersion-style security training courses taught by real-world practitioners August 22-27, 2016 in Anchorage.

CISO New Jersey (Hoboken, New Jersey, USA, August 23, 2016) With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing more sophisticated attacks, the IT department has a growing responsibility to protect customer and company data. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more.

CyberTexas (San Antonio, Texas, USA, August 23 - 24, 2016) CyberTexas was established to provide expanded access to security developments and resources located in Texas; provide an ongoing platform for the education and skill development of cyber professionals & job creation; build strong relationships with other U.S. and International geographies focused on cyber ecosystem development; bring national and international resources to the region to showcase Texas-based cyber assets; identify and encourage business opportunities within and outside of Texas; and create long-term value for the cyber security ecosystem of San Antonio and the State of Texas.

Chicago Cyber Security Summit (Chicago, Illinois, USA, August 25, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. This educational and informational forum will focus on educating attendees on how to best protect highly vulnerable business applications and critical infrastructure. Attendees will have the opportunity to meet the nation’s leading solution providers and discover the latest products and services for enterprise cyber defense.

Air Force Information Technology and Cyberpower Conference 2016 (Montgomery, Alabama, USA, August 29 - 31, 2016) America is faced with a national emergency in cyberspace. US national security, economic vitality, financial stability and foreign policy are being eroded. Increasingly prevalent and severe malicious cyber activities are being directed against the DOD, USG, Private-Sector, Critical Infrastructure and Key Resource operators, Academia and Civil Society. USG industrial-aged thought, processes, and organizational relationship are not fostering “success” against decentralized, digital-age threat actors. An information-age solution is needed. Private-public dialogue is integral to building a new paradigm in which digital platforms are secure, and the nation is defended in a domain. Building bridges between government and the private sector is essential for victory. This conference will promote a national dialogue between the US Air Force, commercial businesses, academia and civil society to generate “whole of nation” strategies and processes aimed at overcoming challenges and ambiguities of an increasingly digital world.

CISO Toronto (Toronto, Ontario, Canada, August 30, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations to operate smoothly, CISOs and IT security executives need to be ahead of the hackers, and kept abreast of the latest IT security topics and trends.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

AKP emails released as Turkey purges suspected coup risks. Hackers look to US Presidential campaigns. Hacktivists say they've DDoSed ISIS. Inspiration, too, is a connection. Vulnerabilities in OS X, iOS, Oracle, and SAP.