The CyberWire Daily Briefing 07.28.16

Summary

By The CyberWire Staff

WikiLeaks continues to post Democratic National Committee files, most recently MP3 audio files pulled from hacked emails. Observers think WikiLeaks has grown less cautious about the privacy implications of its leaks.

Analysts continue to speculate about the DNC hackers’ (generally believed to be Russian) motives. The Council on Foreign Relations blog suggests the possibility that files were leaked amid the apparent Guccifer 2.0 sockpuppetry because the organs (particularly the GRU) got caught, and were making the best of a bad situation.

US Republican Presidential nominee Trump hopes the Russians can tell everyone what was in those 30,000 emails Democratic nominee Clinton erased before turning her homebrew servers over for security inspection. Reactions range from the positive (“troll level: Supreme Galactic Overlord”) to the condemnatory (near solicitation of cybercrime, invitation to release highly classified material, etc.).

More ISIS online claims of responsibility for attacks around Rouen and Ansbach. French and German investigations reveal attackers’ explicit statements of intent and allegiance in social media.

Digital Shadows publishes research into Deer[dot]io, a Russian site-building platform Digital Shadows reports harbors an extensive crimeware souk. Deer[dot]io hosted darkside[dot]global.

Elsewhere in the black market, Spampado ransomware is being offered as a service ($39 for a “lifetime license”—Trend Micro looks into the crooks’ pricing model). The Petya and Mischa ransomware strains are being offered through an affiliate program. (Petya and Mischa also leaked the keys to their Chimera rival.)

Care to weigh in on the current cyber jus ad bellum conversation? Read the Tallinn Manual first.

Notes.

Today's issue includes events affecting Austria, Canada, Czech Republic, France, Germany, India, Iraq, Italy, Kazakhstan, Morocco, Russia, Syria, Ukraine, United Kingdom, United States

A note to our readers: We'll be at Black Hat this year, talking to people and keeping our ears open, as usual. You'll see coverage next week in our daily briefings, and you'll hear updates in our podcasts.

On the Podcast

The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Markus Rauschecker from our partners at the University of Maryland's Center for Health and Homeland Security gives us some insight into advances in facial recognition software, and the privacy implications thereof. And Shehzad Merchant, CTO at Gigamon, talks about some ways of using metadata to enhance security. (If you enjoy the podcast, please consider giving it an iTunes review.)

Sponsored Events

3rd Annual Senior Executive Cyber Security Conference: Navigating Today’s Cyber Security Terrain (Baltimore, MD, September 21, 2016) Hear from industry leaders on cyber security best practices and trends that will help you better secure your organization’s data. This year’s agenda examines the current cyber security landscape, threats, and challenges ahead for organizations and how senior leaders can work towards “shifting their data to being safe and secure.”

Selected Reading

Cyber Trends

Cybersecurity talent crisis continues, technical skills in high demand (Help Net Security) Intel Security, in partnership with the Center for Strategic and International Studies (CSIS), has released a global report outlining the talent shortage crisis impacting the cybersecurity industry across both companies and nations. 82 percent of respondents admit to a shortage of cybersecurity skills, with 71 percent of respondents citing this shortage as responsible for direct and measureable damage to organizations whose lack of talent makes them more desirable hacking targets

KPMG Study: Breaches Up, Security Spending Down (Dark Reading) 81 percent admitted to a recent breach but less than half said they'd invested more in security as a result

Kaspersky researchers love “Mr. Robot” hacker but claim no Snowden ties (Network World) Research team says it’s hard to find out who’s behind attack, and kiss privacy good-bye

Legislation, Policy and Regulation

Fighting the ‘cyber caliphate’s’ social media addiction (Federal News Radio) Social media might be the best innovation of the century. But anyone can use it, including terrorists groups

With each attack, France nudges rightward on security (Politico) Spate of terrorism brings ‘Israeli model’ into the French political debate

Opinion: DNC hack requires swift, forceful response from Washington (Christian Science Monitor Passcode) President Obama and other Western leaders need to send a strong and lasting message to Moscow that meddling in democratic institutions is off limits

How DNC, Clinton campaign attacks fit into Russia’s cyber-war strategy (Ars Technica) Was it to cover for hack, or part of info-war on NATO? Putin won't tell

Is there a Russian master plan to install Trump in the White House? Some intelligence officials are skeptical. (Washington Post) The possibility that Russia is behind an information warfare operation to interfere in the U.S. election has sparked concern among administration officials, but it also generated skepticism that there is a Kremlin master plan to install Donald Trump in the White House, as some political operatives are now alleging

Lawmakers ask White House to release internal cybersecurity review (Federal Times) The administration has been ramping up its cybersecurity efforts since the massive breach of Office of Personnel Management networks last year, including issuing a number of policies and directives for agencies to shore up their defenses

When Is a Hack an Act of War? (Motherboard) In the political fog following the DNC email leak, President Obama has released Presidential Policy Directive 41, the first federal directive to offer guidance on how the country should respond to “cyber incidents” and attacks

Prepared Testimony and Statement for the Record of P.W. Singer Strategist at New America At the Hearing on “Digital Acts of War.” Before the House Committee on Oversight and Government Reform (Joint IT and National Security Subcommittee) Chairmen Hurd and DeSantis, Ranking Members Kelly and Lynch, and Members of the Subcommittees, thank you for the opportunity to testify before the committee today

Should Secret Service Protect Emails of Future Presidents? (Nextgov) Maybe it's time the Secret Service starts cracking down on the computer security of presidential candidates, in addition to their physical security, some private cyber investigators say, after a leak of Democratic party files right before the nomination of Hillary Clinton for president

Opinion: How the Justice Department data-sharing plan defends privacy (Christian Science Monitor Passcode) The proposal updates an antiquated law so that countries can exchange electronic data as part of investigations while safeguarding Americans' privacy and promoting security

Opinion: A better tech platform for Hillary Clinton (Christian Science Monitor Passcode) The 2016 Democratic Party Platform fails to offer meaningful improvements to national tech policy that would improve cybersecurity. But Americans deserve a plan that would strengthen networks, bolster security, and safeguard civil liberties

Canadian provinces in urgent need of anti-cyberbullying laws, expert says (Star) Newer protections are needed to allow victims seek solutions without relying solely on police and the courts

Products, Services, and Solutions

Deloitte Cyber Risk Services Expands Threat Management Services With ThreatConnect Platform (PRNewswire) As organizations recognize the need and importance of managing cyber threats, they need better situational awareness of their threat landscapes and the overall attack surface

KnowBe4 releases security training in 26 languages (Paypers) KnowBe4, a platform for security awareness training and simulated phishing tests, has released its Kevin Mitnick Security Awareness Training in 26 language versions

Global network shares phishing attack intelligence in real-time (Help Net Security) IRONSCALES, a multi-layered phishing mitigation solution that combines human intelligence with machine learning, today announced the launch of Federation, a product that will automatically and anonymously share phishing attack intelligence with organizations worldwide

Infection Monkey: Test a network from an attacker’s point of view (Help Net Security) Infection Monkey, a tool designed to test the resiliency of modern data centers against cyber attacks, was developed as an open source tool by GuardiCore’s research group

Review: True Key for iOS (Help Net Security) I’ve been using 1Password for years – both their desktop and mobile products. Altough it works fine, I was curious to see what are the alternatives I can use on my iPhone. After some hits and misses, I’ve installed the True Key personal password manager, which is developed by Intel Security and offered for free

General Dynamics upgrades encryptors (C4ISRNET) General Dynamics has upgraded its TACLANE encryptors

Imperva Introduces Crowdsourced Threat Intelligence Solution to Secure Access to Data Stored in Cloud Apps (GlobeNewswire) New Imperva ThreatRadar IP reputation service for Imperva Skyfence now available

Case Study: Why Systems Security Company Nexusguard Chooses Bitcoin (Bitcoin Magazine) In October 2015, Nexusguard, a systems security company that specializes in DDoS defense, started accepting bitcoin as a form of payment after one of their large international clients requested assistance when their servers came under a DDoS attack

Vixie’s Farsight Rolls Out Its First Enterprise DNS Security Service (Dark Reading) DNS expert aims for proactive protection, defense of organizations' online domains

Gurucul Integrates with Okta to Detect and Respond to Cloud Access- and Identity-based Security Threats (BusinessWire) User behavior analytics platform extends risk-scoring via APIs to Okta for dynamic access provisioning and adaptive multi-factor authentication

G DATA Sicherheitslösungen erzielen Bestwerte bei Virus Bulletin (G Data) Tester loben effektive Schadcodeabwehr und geringe Systembelastung

NSA Designates Unisys Cyber Network Product As Eligible For Use By Governments (Defense Daily) The National Information Assurance Partnership (NIAP) evaluated and accredited the Unisys Corporation’s [UIS] Unisys Stealth product as certified for use by governments in over 20 countries to protect sensitive systems and information, the company said Monday

Credence Security adds five new products (IT-Online) Security solutions provider Credence Security has added five new products to its stable: Digital Guardian, Experian, Fidelis CyberSecurity, RedSeal and Solus

Airloom builds out Cloud-based security offering with Zscaler (ARN) Founder challenges legacy on-premise approach to security taken by SIs

Technologies, Techniques, and Standards

How To Stay Safe On The Black Hat Network: ‘Don’t Connect To It’ (Dark Reading) Black Hat attendees may have changed their titles and now carry business cards but hackers gotta hack and there's no better place to do it than Black Hat

How the cybersecurity defense-in-depth model fails agencies (Federal News Radio) For years now, federal agencies have clung to a “defense-in-depth” model to protect their IT networks. Why? Because the concept essentially breaks down into two easy steps

Dispelling the myth of 'perfect' security (FCW) Because governments are the most-attacked organizations in the world, there has been broad recognition that the old approaches to security, based on the impossible premise that security must be perfect, aren't working, and a new approach, based on the premise that security doesn't have to be perfect to still be successful, is needed

Making Cybersecurity a Business Function Poses Challenges (CFO) CFOs must collaborate with chief information security officers, as the challenges have their roots in areas beyond the cybersecurity domain

Legal Sector's Threat Intel-Sharing Group Grows (Dark Reading) LS-ISAO is 'the fastest-growing' ISAO

Verifying SSL/TLS certificates manually (SANS Internet Storm Center) I think that we can surely say that, with all its deficiencies, SSL/TLS is still a protocol we cannot live without, and basis of today’s secure communication on the Internet. Quite often I get asked on how certificates are really verified by browsers or other client utilities. Sure, the canned answer that “certificates get signed by CA’s and a browser verifies if signatures are correct” is always there, but more persistent questions on how it exactly works happen here and there as well

It's not impossible. Digital security on the cheap (Christian Science Monitor Passcode) Internet users on the lower end of the income scale are especially vulnerable to malicious software because public computers and cheap cell phones are the ideal place for cybercriminals to test their new hacks

Marketplace

Deal of the Week: Verizon Not Done Yet After Merging Yahoo, AOL (Bloomberg) Verizon just spent $4.8 billion to buy Yahoo's Internet business, a deal that makes the wireless provider the third-largest digital advertising company by revenue -- far behind Google and Facebook. Verizon isn't content to stay a distant third, and that means there may be more acquisitions to come. What might Verizon buy next?

Oracle Buys NetSuite in Deal Valued at About $9.3 Billion (Bloomberg) Oracle Corp. gave its cloud-services strategy a big boost by offering to buy NetSuite Inc. in a deal valued at about $9.3 billion

A10 Networks forays into Application Delivery Cloud tech with Appcito buy (Techseen) The merger between both marks the expansion of A10's ACOS Harmony architecture for secure application services which was launched earlier in 2015

PwC Advisory buys cybersecurity and privacy consultant Everett (Consultancy.uk) PwC has acquired Everett, a consultancy specialised in Identity and Access Management solutions. More than 50 consultants in four countries join the professional services firm – with the acquisition PwC Advisory further strengthen its cybersecurity services

Akamai Technologies (AKAM) Lags on Q2 Earnings, Sales ( Zacks Equity Research via Yahoo! Finance) Akamai Technologies Inc. AKAM reported lower-than-expected second-quarter 2016 earnings and revenue numbers. Adjusted earnings (including stock-based compensation expense and amortization of capitalized stock-based compensation but excluding all other non-recurring items and related tax impact) of 47 cents per share lagged the Zacks Consensus Estimate of 50 cents. On a year-over-year basis, however, adjusted earnings rose 6.8%

RedSeal Records Strong Growth, New Clients and International Expansion in First Half of 2016 (Marketwired) Cyber analytics company expects to reach profitability in second half of year

Cybersecurity startup PhishMe raises $42.5 million Series C (ZDNet) PhishMe aims to help companies thwart phishing attacks and other threats to business networks through consistent employee training

Digital security officer recruitment challenges and victories on the cyber battlefield (CSO) Veteran cybersecurity recruiter Stephen A. Spagnuolo kicks off an an engaged dialogue around the human capital element and related corporate development trends/issues in the cybersecurity space

Security Patches, Mitigations, and Software Updates

LastPass Patches Ormandy Remote Compromise Flaw (https://wp.me/p3AjUX-v5X) LastPass has patched a vulnerability in its Firefox add-on found by Google Project Zero researcher Tavis Ormandy that allows attackers complete remote compromise of the password manager

Microsoft's July Security Updates Available in ISO Image (Windows IT Pro) After over a decade of Patch Tuesday's, the day each month Microsoft releases security updates for its services and products, everyone knows the drill about their availability and preparing to get then installed on company/organizational devices

Google adds robocall warnings to Phone app (Naked Security) Robocallers, with a bit of luck, a dash of Google blocking and a ‘do-it-now!‘ FCC chairman, you’re going to speed-dial your way straight into oblivion

How Google protects the Android kernel, and future plans (Help Net Security) On Wednesday, Jeff Vander Stoep of Google’s Android Security team took to the official Android Developers blog and shared some information about the defenses they have already implemented in Android, and some that they are currently working on

AT&T's Galaxy S7 and S7 edge are now getting July 1 security patch (GSM Arena) T-Mobile started rolling out the Android security update for July to its Galaxy S7 and S7 edge units more than two weeks ago, and even Verizon outed it shortly after that. So it's been clear for a while now that AT&T will follow. And it finally has

The Ethereum Hard Fork Spawned a Shaky Rebellion (Motherboard) Last week, Ethereum took the incredibly risky step of splitting its virtual currency and app platform into two competing versions. The split allowed developers to implement a code change that rescued $56 million of users’ money, which had been siphoned away by an unknown hacker

Cyber Attacks, Threats, and Vulnerabilities

WikiLeaks releases hacked Democratic National Committee audio files (Reuters) WikiLeaks released files on Wednesday of what it said were audio recordings pulled from the emails of the Democratic National Committee that were obtained by hacking its servers

DNC Hack: What We Know, And What We Still Don’t Know (Motherboard) As the Democrats coronated Hillary Clinton in Philadelphia as the party’s new presidential nominee, the convention has somewhat been overshadowed by the big question of whether the Russian government is trying to mess with the US elections by leaking internal party emails stolen as part of the hack on the Democratic National Committee

Disclosure of DNC Emails: Was Russia Making Up for the Fact It Got Caught? (Council on Foreign Relations) Identifying the responsible party for a cyber incident is always a challenge. However, evidence has been piling up over the last few months that Russian intelligence services, and Russian military intelligence (GRU) in particular, is behind the hack of the Democratic National Committee’s (DNC) network and the email disclosures. Over at Motherboard, Thomas Rid does an excellent job laying out the case, but here’s a short timeline of events

Donald Trump Calls on Russia to Find Hillary Clinton’s Missing Emails (New York Times) Donald J. Trump said on Wednesday that he hoped Russian intelligence services had successfully hacked Hillary Clinton’s email, and encouraged them to publish whatever they may have stolen, essentially urging a foreign adversary to conduct cyberespionage against a former secretary of state

Critics blast Trump calls for Russia to locate missing Hillary Clinton e-mails (Ars Technica) "I think you will probably be rewarded mightily by our press," he says

Trump Comments Straddle Line of Soliciting Computer Crime (Threatpost) Donald Trump may have left himself an out today when he urged Russian hackers to find 30,000 emails deleted by Hillary Clinton from her private server

Investigators Warn More Hacker Attacks Could Hit U.S. Candidates (Scientific American) The leak of Democrats’ e-mails raises unprecedented fears of meddling in the election

Opinion: This is how hackers create maximum damage (MarketWatch) The Democratic National Committee got hacked, and you could be next

How not to get hacked by Russians (or anyone else) (Mashable) There's been a lot of talk about Russian hackers infiltrating the Democratic National Committee's servers and then leaking sensitive emails via WikiLeaks

How WikiLeaks Has Changed: From Whistleblower To Weapon (Fast Company) Experts say the organization appears to have grown more partisan, and more eager to boost impact by pegging releases to events in the news

"Tu vas dans une église, tu fais un carnage": l'enregistrement glaçant de Kermiche (L'Express) L'Express s'est procuré plusieurs fichiers audio enregistrés par l'un des deux auteurs de l'attentat de Saint-Etienne-du-Rouvray. Il y annonce notamment vouloir "entrer dans une église, prendre un couteau et faire un carnage" et évoque son mentor

Islamic state posts video of men it says were French church attackers (Reuters) Islamic State's news agency on Wednesday posted a video of two men it said were those who attacked a church in France in which they pledged allegiance to the group's leader

French newspaper Le Monde will no longer publish photos of terror suspects (Washington Post) In a summer of bloodshed and fear in France, one newspaper is digging in

Minister: Bavaria bomber in online chat before attack (AP via Yahoo! News) A 27-year-old Syrian asylum-seeker who blew himself up in the southern German town of Ansbach was chatting online with a still-unidentified person immediately before the explosion, Bavaria's interior minister said Wednesday

Islamic State claims German suicide bomber was former militant fighter (Washington Post) The Islamic State on Wednesday claimed that a suicide bomber who struck a southern German city had been an active fighter with the extremist group in the Middle East and had drawn on his expertise with explosives to craft the device

Facebook is censoring some posts on Indian Kashmir (Washington Post) Film makers, activists and journalists accused Facebook of blocking their accounts this week after they posted messages and images related to the violence in the trouble-torn province of Kashmir

Is Deer.io a Cyber-Crime Heaven? (Softpedia) Security firm accuses Russian service of harboring criminals

Deer.io: Your One-Stop Shop for Cybercrime (Digital Shadows) Being a cyber criminal is becoming even easier as barriers to entry continue to be lowered. Digital Shadows’ research into deer.io, the site that hosted darkside.global, shows how this is playing out and what it means for security professionals

Economics Behind Ransomware as a Service: A Look at Stampado’s Pricing Model (TrendLabs Security Intelligence Blog) Ransomware have become such a big income earner for cybercriminals that every bad guy wants a piece of the pie. The result? More tech-savvy criminals are offering their services to newbies and cybercriminal wanna-bes in the form of do-it-yourself (DIY) kits—ransomware as a service (RaaS)

Petya, Mischa ransomware-as-a-service affiliate system goes live (Graham Cluley) The more people you scare into paying the ransom, the more money you make

Rival gang leaks decryption keys for Chimera ransomware (CSO) The authors of the Petya and Mischa ransomware programs leaked around 3,500 decryption keys for the Chimera ransomware

Ransomware Dominates 18 Million New Q2 Malware Samples (Infosecurity Magazine) Panda Security detected a staggering 18 million new malware samples in the second quarter, the majority of which were credential stealers and ransomware, it claimed in a new report

Cisco: Ransomware most profitable malware in history (CRN) New Cisco security report claims threat of ransomware to become "even more pervasive and resilient"

5 Freaky but Real Application Security Threats (eSecurity Planet) There are some new application security threats in town, and they are pretty scary

Cisco Wireless LAN Controller 7.4(121.0)/8.0(0.30220.385) Wireless Management Frame Handler Denial of Service (Vulbd) CVSSv3 Temp Score: 4.3. Current Exploit Price (≈) $5k-$10k. A vulnerability, which was classified as problematic, was found in Cisco Wireless LAN Controller 7.4(121.0)/8.0(0.30220.385). Affected is an unknown function of the component Wireless Management Frame Handler. The manipulation with an unknown input leads to a denial of service vulnerability. This is going to have an impact on availability

KeySniffer – here’s what you need to know (Naked Security) A few months ago, US startup Bastille Networks announced research that showed how some wireless computer mice could be hacked by intercepting and manipulating the signals between the devices and your computer

How should businesses respond to the TechCrunch hack? (Btidefender Business Insights) If it can happen to a website as popular as TechCrunch, it might happen to you too

Media-stealing Android app targets developers (Help Net Security) Symantec researchers have unearthed another app on Google Play that secretly steals photos and videos from victims’ mobile devices

Rio Olympics 2016 Keyboard app: more privacy challenges for enterprises (Lookout Blog) A simple keyboard extension built for people celebrating the Olympics was actually collecting more information than its developer intended, putting personal privacy and corporate information at risk

Experts: Rio Travelers to Face Barrage of Security Threats (Infosecurity Magazine) Security experts have warned travelers to the Rio Olympics and those searching for updates back at the office to exercise extra caution in order to avoid what’s likely to be a barrage of cyber threats

YouTube star asks fans for passwords to hijack their Twitter accounts (Naked Security) What’s the stupidest thing that insanely cute pop star Jack Johnson has done?

7 Ways To Charm Users Out of Their Passwords (Dark Reading) While the incentives have changed over time, it still takes remarkably little to get users to give up their passwords

How Illegal Streaming is Putting Your Security at Risk (Hack Read) There’s no such thing as a free ticket: how illegal streaming is putting your security at risk

FBI's Mass Hack Hit 50 Computers in Austria (Motherboard) In early 2015, the FBI embarked on a massive hacking campaign, delivering malware to thousands of criminal suspects who visited a dark web child porn site

Academia

UK education system failing to support cyber security profession (ComputerWeekly) Countries and companies must act quickly to address the cyber security skills shortage through improvements in education, workforce diversity, training opportunities, security technology and data collection, a report says

Litigation, Investigation, and Enforcement

NSA could hold 'smoking gun' in DNC leak (Politico) If Russia hacked Democratic computers, the spy agency likely knows and will tell the FBI

French ID Second Church Attacker (US News and World Report) Officials on Thursday identified the second man who attacked a Normandy church during a morning Mass this week, saying he is a 19-year-old from eastern France

French Ask Whether Priest’s Killer, Listed as a Threat, Could Have Been Stopped (New York Times) The question troubling France on Wednesday in the wake of the attack by a teenager who aspired to go to Syria, but settled instead for cutting the throat of a priest, is whether the crime was a result of failures by the French government, and what more could have been done to prevent it

FBI Chief Warns ‘Terrorist Diaspora’ Will Come to the West (Bloomberg) Hundreds of terrorists will fan out to infiltrate western Europe and the U.S. to carry out attacks on a wider scale as Islamic State is defeated in Syria, FBI Director James Comey warned

Pentagon: 10,000 items of Islamic State intel collected from Manbij (Stars and Stripes) U.S.-backed Syrian fighters who have cleared parts of the strategic northern city of Manbij have found a vast collection of intelligence on the Islamic State group, the Pentagon said Wednesday

ISIS is rewriting textbooks to push its violent ideology. The U.S. once did something similar in Afghanistan. (Washington Post) As the battle for the key Syrian city of Manbij grinds into its third month, U.S.-backed forces there have discovered troves of information left behind by the Islamic State. According to Pentagon officials, the documents illustrate how important the city has been to the self-declared caliphate’s operations, specifically as a hub for transiting foreign fighters

Islamic State claims bombing that killed nearly 50 people in Syria's Kurdish region (Vice News) The Islamic State has claimed responsibility for two massive bombings that killed nearly nearly 50 people and wounded dozens more in northeast Syria Wednesday, according to Syrian state television

Morocco arrests 52 suspected militants, foils several attacks (Reuters) Morocco said on Wednesday that it had arrested 52 suspected militants inspired by Islamic State and that it had foiled several attacks in the North African kingdom by seizing weapons and bomb-making materials

Global Concerns Raised About Ransomware (Innovation Village) The Dutch National Police, Europol, Intel Security and Kaspersky Lab have joined forces to launch an initiative called No More Ransom, a new step in the cooperation between law enforcement and the private sector to fight ransomware together. No More Ransom is a new online portal aimed at informing the public about the dangers of ransomware and helping victims to recover their data without having to pay ransom to the cybercriminals.

Is Bitcoin real money? Florida judge says no (Naked Security) The court case concerning the real-world worth of Bitcoin, the popular cryptocurrency, came to a conclusion in Florida yesterday. Web designer Michell Espinoza fought felony charges brought against him for attempting to launder $1,500 in Bitcoin to undercover FBI agents

Ex-Citibank IT bloke wiped bank's core routers, will now spend 21 months in the clink (Register) Performance review sparks deletion, 110 offices knackered

HHS Penalizes Philadelphia Healthcare Organization For HIPAA Violation (Dark Reading) Catholic Health Care Services of the Archdiocese of Philadelphia agrees to pay $650,000 fine over 2014 data breach

Kim Dotcom’s lawyer will also represent alleged KickassTorrents founder (Ars Technica) Ira Rothken has kept Megaupload founder free for years. Can he do it again?

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

7th Annual Billington Cybersecurity Summit (Washington, DC, USA, September 13, 2016) Join over 600 senior-level attendees, more than 50 distinguished speakers, and over 40 prestigious sponsors and exhibitors at the 7th Annual Billington CyberSecurity Summit, the leading Fall forum on cybersecurity in the Nation’s Capital, on September 13 in Washington, D.C. at the Ronald Reagan Building and International Trade Center. Keynotes Include NSA Director Admiral Michael Rogers and top U.K. and Israeli Cyber Leaders.

RSA Conference 2017 (San Francisco, California, USA, February 13 - 17, 2017) The current state of cybersecurity means there are many opportunities for the industry as a whole to collaborate on new innovations. Discovering the next great opportunity will require everyone to embrace new and unique perspectives from a broadly diverse base of people and sources. RSA Conference 2017 provides the opportunity for all attendees at all levels to grow their knowledge, exchange ideas with peers and further their careers. With opportunity comes great responsibility for the future. Our actions today will have a lasting impact on the strength of the industry—and the safety of the world—tomorrow. At RSA Conference 2017, you will learn about new approaches to info security, discover the latest technology and interact with top security leaders and pioneers. Hands-on sessions, keynotes and informal gatherings allow you to tap into a smart, forward-thinking global community that will inspire and empower you.

2017 Cyber Investing Summit (New York, New York, USA, May 23, 2017) The 2nd Annual Cyber Investing Summit is an all-day conference focusing on investing in the $100+ billion dollar cyber security industry. Attendees will explore the financial opportunities, trends, challenges, and investment strategies available in the high growth cyber security sector. The 2016 Inaugural Cyber Investing Summit welcomed 180+ of the leading cyber professionals, technology analysts, venture capitalists, fund managers, investment advisors, government experts, and more. New this year: separate panels offered throughout the day highlighting publicly traded firms as well as privately owned entities, opportunities to meet one-on-one with corporate executives, and new panel topics (including Investment Strategies & Opportunities, M&A Landscape, Funding for Startups, Government Spending Review, Cyber Sale Lifecycle, and more). Network with investment professionals, asset managers, industry experts, financial analysts, media and more.

upcoming Events

SANS San Jose 2016 (San Jose, California, USA , July 25 - 30, 2016) Information security training is coming to Silicon Valley from SANS Institute, the global leader in information security training. At SANS San Jose 2016, July 25-30, 2016, choose from 7 hands-on, immersion-style cybersecurity training courses taught by real-world practitioners. We will see you at The Westin San Jose, located in the heart of downtown San Jose. Now is the time to improve your information security skills. SANS San Jose 2016 features comprehensive hands-on technical training from some of the best instructors in the industry and includes several courses that will prepare you or your technical staff for DoD 8570 and GIAC approved certification exams. Start making your plans to attend now!

SANS ICS Security Summit & Training — Houston 2016 (Houston, Texas, USA, July 25 - 30, 2016) SANS has joined forces with industry leaders and experts to strengthen the cybersecurity of Industrial Control Systems (ICS). The initiative is turning ICS cybersecurity around by equipping both security professionals and control system engineers with the security awareness, work-specific knowledge, and hands-on technical skills they need to secure automation and control system technology. Register now for these ICS skills based courses.

AfricaHackOn (Nairobi, Kenya, July 28 - 29, 2016) What began as a casual meet up for information security professionals has become one of the formidable forces in the profession. That group is the AfricaHackOn. Housed under its parent umbrella, Euclid Consultancy Ltd, AH as fondly known, has traversed all odds to becoming a leading venture in raising awareness on matters affecting cyber security and also grooming upcoming talent into the job market. We have been poised to becoming a one stop shop for talent and resources in a field greatly short staffed.

Black Hat USA (Las Vegas, Nevada, USA, August 1 - 6, 2015) Black Hat — built by and for the global InfoSec community — returns to Las Vegas for its 18th year. This six day event begins with four days of intense Trainings for security practitioners of all levels (August 1-4) followed by the two-day main event including over 100 independently selected Briefings, Business Hall, Arsenal, Pwnie Awards, and more (August 5-6)

SANS Boston 2016 (Boston, Massachusetts, USA , August 1 - 6, 2016) SANS will be returning to Boston with an exceptional cyber security training lineup this August, including a special evening event hosted by Stephen Northcutt, where you'll get choose your favorite chowder! We are bringing our top courses and best instructors to make SANS Boston the perfect training event for you. You can't miss SANS comprehensive hands-on technical training from some of the best instructors in the industry.

Secure Bermuda 2016 (Bermuda, August 10, 2016) Industry-leading intelligence from expert cybersecurity thought leaders and innovators. In addition to human capital shortages, the Bermudian cybersecurity industry faces an uphill battle to keep up with the acceleration of Internet-connected technology. Join us on August 10th at the Hamilton Princess Hotel for Secure Bermuda 2016. In just one day, the event will provide essential intelligence that enables Bermudian technology leaders to drive their cybersecurity strategy forward. The conference covers today's cybersecurity trends and threats as well as those of the future, equipping delegates with the tools needed to cope in an increasingly complex landscape.

TECHEXPO Top Secret Polygraph-Only Hiring Event (Baltimore, Maryland, USA, August 10, 2016) Polygraph-Tested Professionals are invited to interview for new career opportunities on Wednesday, August 10 at the BWI Marriott in Baltimore, MD. A CI or Full Scope Polygraph is Required to Attend. Hot job opportunities are available in Cyber Security, Intelligence, Defense and IT. Hiring managers will be onsite to fill critical open positions.

Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, August 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained over one hundred fifty organizations and has become the "go-to company" for Insider Threat Program Development Training.

International Conference on Cyber Security (ICCS) 2016 (Kota, Rajasthan, India, August 13 - 14, 2016) The International Conference on Cyber Security (ICCS) 2016 is an unparalleled opportunity to discuss cyberthreat analysis, operations, research, and law enforcement to coordinate various efforts to create a more secure world. The ICCS 2016 serves as a platform for researchers and practitioners from academia, industry, and government to present, discuss, and exchange ideas that address real-world problems with CYBER SECURITY. The conference program will include special sessions, presentations delivered by researchers from the international community, including presentations from keynote speakers and state-of-the-art lectures and keynote speeches

2016 Information Assurance Symposium (Washington, DC, USA, August 16 - 18, 2016) The Information Assurance Symposium is the premier IA event at which leaders and practitioners share vital information and provide direction and best practices to meet today’s challenges in IA and the cyber environment. The classification of the event is UNCLASSIFIED//FOR OFFICIAL USE ONLY. The 2016 IAS is expecting upwards of 2,000 attendees and will provide an excellent opportunity to learn and network with leading information assurance and cyber security professionals, subject matter experts and solution providers from throughout Government, industry and academia. The Information Assurance Symposium will include a variety of keynote sessions, five distinct tracts and panel discussions spanning over three days. It will also have a vendor expo where hundreds of exhibitors will display a wide variety of IA products, services and demonstrations. Exciting networking opportunities will be offered in the exhibit hall, all designed to enhance the IAS attendee experience.

Insider Threat Program Development Training (Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC. For a limited time the training is being offered at a discounted rate of $795. The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained a substantial number of organizations and has become the "Go To Company" for Insider Threat Program Development Training

SANS Alaska 2016 (Anchorage, Alaska, USA, August 22 - 27, 2016) SANS is bringing our renowned security training to Alaska! Join us in August for a week of hands-on training and compelling bonus sessions while taking in breathtaking views and experiencing the great Alaskan wilderness. SANS Alaska will feature two hands-on, immersion-style security training courses taught by real-world practitioners August 22-27, 2016 in Anchorage.

CISO New Jersey (Hoboken, New Jersey, USA, August 23, 2016) With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing more sophisticated attacks, the IT department has a growing responsibility to protect customer and company data. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more.

CyberTexas (San Antonio, Texas, USA, August 23 - 24, 2016) CyberTexas was established to provide expanded access to security developments and resources located in Texas; provide an ongoing platform for the education and skill development of cyber professionals & job creation; build strong relationships with other U.S. and International geographies focused on cyber ecosystem development; bring national and international resources to the region to showcase Texas-based cyber assets; identify and encourage business opportunities within and outside of Texas; and create long-term value for the cyber security ecosystem of San Antonio and the State of Texas.

Chicago Cyber Security Summit (Chicago, Illinois, USA, August 25, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. This educational and informational forum will focus on educating attendees on how to best protect highly vulnerable business applications and critical infrastructure. Attendees will have the opportunity to meet the nation’s leading solution providers and discover the latest products and services for enterprise cyber defense.

Air Force Information Technology and Cyberpower Conference 2016 (Montgomery, Alabama, USA, August 29 - 31, 2016) America is faced with a national emergency in cyberspace. US national security, economic vitality, financial stability and foreign policy are being eroded. Increasingly prevalent and severe malicious cyber activities are being directed against the DOD, USG, Private-Sector, Critical Infrastructure and Key Resource operators, Academia and Civil Society. USG industrial-aged thought, processes, and organizational relationship are not fostering “success” against decentralized, digital-age threat actors. An information-age solution is needed. Private-public dialogue is integral to building a new paradigm in which digital platforms are secure, and the nation is defended in a domain. Building bridges between government and the private sector is essential for victory. This conference will promote a national dialogue between the US Air Force, commercial businesses, academia and civil society to generate “whole of nation” strategies and processes aimed at overcoming challenges and ambiguities of an increasingly digital world.

CISO Toronto (Toronto, Ontario, Canada, August 30, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations to operate smoothly, CISOs and IT security executives need to be ahead of the hackers, and kept abreast of the latest IT security topics and trends.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.