The CyberWire Daily Briefing 08.04.16

Summary

By The CyberWire Staff

Chinese cyber units apparently hit Philippine targets over South China Sea territorial disputes: F-Secure has observed the NanHaiShu RAT.

Seoul accused Pyongyang with hacking emails of South Korean diplomats.

Egypt’s Islamic State affiliate takes to the Internet to promise suffering to Israel. Boko Haram (in what amounts by jihadist standards to a charm offensive) goes online to promise more attacks on Christians but reassures all that it will leave mosques alone. ISIS military leadership undergoes a shakeup, and Pakistan’s al Qaeda and Taliban group seeks to inspire through the example of the martyred Osama bin Laden.

Telegram, ISIS’s preferred means of secure communication, seems leakier than ever. Iranian hackers are said to have taken another run at the app and uncovered data on some fifteen-million users.

The DNC complains that the FBI should have warned it earlier that it was under cyberattack. As concerns about electoral vulnerabilities persist, US Homeland Security Secretary Johnson mulls designating voting systems as critical infrastructure. Observers see this as, so far, amounting to little more than an assertion of agency equities. Questions about former Secretary of State Clinton’s homebrew server persist, and some Democratic Senators have called for hearings on Republican candidate Trump’s invitation that Russia find and release Clinton’s missing emails. (Russia continues to grumble that it’s being hacked itself.)

Bitcoin exchange Bitfinex has taken itself offline after losses that for now total somewhere between $66 and $72 million.

The impresario behind the Real Deal criminal souk seems to have disappeared, at least online.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting China, Egypt, Iran, Iraq, Israel, Kazakhstan, Democratic Peoples Republic of Korea, Republic of Korea, Nigeria, Pakistan, Philippines, Russia, Syria, Turkey, United Kingdom, United States, and and Uzbekistan.

A note to our readers: We're at Black Hat this week, talking to people and keeping our ears open, as usual. You'll see coverage in our daily briefings, and you'll hear updates in our podcasts.

On the Podcast

The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. In today's podcast Vikram Sharma from our partners at Quintessence Labs talks about the importance of being open to course corrections when running a technology business. We'll also hear from the winners of the Kaizen at Black Hat 2016. (Should you enjoy the podcast, please consider giving it an iTunes review.)

Sponsored Events

CyberTexas Job Fair (San Antonio, TX, USA, August 23, 2016) Top companies looking for cybersecurity professionals, cleared or non-cleared career opportunities.

3rd Annual Senior Executive Cyber Security Conference: Navigating Today’s Cyber Security Terrain (Baltimore, MD, September 21, 2016) Hear from industry leaders on cyber security best practices and trends that will help you better secure your organization’s data. This year’s agenda examines the current cyber security landscape, threats, and challenges ahead for organizations and how senior leaders can work towards “shifting their data to being safe and secure.”

Selected Reading

Cyber Trends

Kaspersky reveals DDoS attacks last longer in 2016 (ITPro) The longest attack in the period lasted 12 days, beating the previous record by four days

Ransomware Epidemic Claims 40% of Organizations (Infosecurity Magazine) Nearly 40% of firms have suffered a ransomware attack over the past year, according to new global research from Malwarebytes

Ransomware: The genre of cyber attack that is impossible to predict...and prevent (Computer Business Review) Andy Buchanan gives a detailed insight into the evolving threat that is ransomware - and why you should NEVER pay up if attacked

Massive new study lifts the lid on top websites’ tracking secrets (Naked Security) So, just how tracked are you? Plenty, according to the largest, most detailed measurement of online tracking ever performed: Princeton University’s automated review of the world’s top 1,000,000 sites, as listed by Alexa

The CISO Insomniac: What’s Keeping Them Awake at Night? (Infosecurity Magazine) There has never been a tougher time to be a Chief Information Security Officer (CISO). Regulatory changes across the EU have led to the introduction of much more stringent controls on how businesses should manage the customer data they collect. Any organization that suffers a data breach will be subject to a far larger financial penalty than before – something that no CISO wants to preside over

Facing the Truth on Cyber (SIGNAL) Experts call it as they see it on cyber challenges

Legislation, Policy and Regulation

Erdogan’s Purge Is a Sectarian War (Foreign Policy) The alliance between Erdogan and Gulen came apart because it's impossible to reconcile their rival interpretations of Islam — and Islamism

Is China's Role in a UK Nuclear Plant Really a Cybersecurity Risk? (Motherboard) Last week, the UK delayed plans to build the proposed Hinkley Point C nuclear power plant, which would have been the first nuclear plant to be built in the UK in 20 years

How to Hack ISIS (Popular Mechanics) The latest weapon against terrorists is a room full of computers

Towards a Cyber-Security Treaty (Just Security) The Democratic National Convention (DNC) leaks revealed last week have presumably reminded many Americans to the severe cyber-threats this country is facing. Particularly alarming were the allegations that Vladimir Putin is behind the hack. Homeland Security Secretary Jeh Johnson raised his concern that Russian hackers might be able to target voting machines on Election Day. WikiLeaks founder, Julian Assange, announced that the leaks were merely the first episode of an election-season series — largely still behind the curtain

Homeland Security chief weighs plan to protect voting from hackers (Christian Science Monitor Passcode) Secretary of Homeland Security Jeh Johnson said he's considering whether to designate the US election system as critical infrastructure, which could trigger greater cybersecurity at the ballot box

Political Hacking May Prompt U.S. to Aid Election Security (Bloomberg) U.S. officials are weighing whether to designate elections as national critical infrastructure after recent hacking attacks on political groups, a move that would open up federal assistance to election officers around the country, Homeland Security Secretary Jeh Johnson said

Uber Security Specialist Offers Cyber Advice to Feds (Meritalk) The Federal government should focus more on defensive cybersecurity measures, work around the regulatory culture of government, and hire more in-house cybersecurity professionals, according to Alex Levinson, information security specialist at Uber

New Freedom of Information Act Request Documents Released by ODNI (IC on the Record) The Office of the Director of National Intelligence is one of seven federal agencies participating in a pilot program to make records requested via the Freedom of Information Act more readily available to the public, as reflected in the recently released Third National Action Plan for Open Government

Dateline

Welcome to Black Hat USA 2016 (Black Hat) Black Hat - built by and for the global InfoSec community - returns to Las Vegas for its 19th year. This six day event begins with four days of intense Trainings for security practitioners of all levels (July 30 - August 2) followed by the two-day main event including over 100 independently selected Briefings, Business Hall, Arsenal, Pwnie Awards, and more (August 3-4)

Kaizen, a Capture the Flag Event (Kaizen) Booz Allen Hamilton is excited to present Kaizen, a Capture the Flag event. This interactive event is designed to build the skills of information security enthusiasts through hands-on challenges in areas such as forensics, web exploitation, scripting, and binary reverse engineering

Best Of Black Hat Innovation Awards: And The Winners Are… (Dark Reading) Three companies and leaders who think differently about security: Deep Instinct, most innovative startup; Vectra, most innovative emerging company; Paul Vixie, most innovative thought leader

Fixing ‘This Internet’ Before It Breaks Again (Threatpost) There is no guarantee that the internet will succeed. And if we aren’t careful we can really screw it up. It has happened before and we can do it again

Kaminsky Creates Prototype To Lock Out Attackers (Dark Reading) Security expert warns the Internet could be lost to regulators and hackers if industry doesn't start locking down security

The Black Hat Kaminsky DNS Flaw: Eight Years Later (eSecurity Planet) At Black Hat 2008, security researcher Dan Kaminsky revealed flaws in DNS that he claimed could have crippled the internet. Eight years later what was the real impact?

Black Hat: Chip and pin hack spits out cash (BBC News) A vulnerability in the widely-used “chip and pin” system has been exploited to make a cash machine spit out money

Hackers detail the blood and guts of the 2016 Pwn2Own exploit expo (Register) Kernel carnage bashes browsers and punishes plug-ins

Export-Grade Crypto Patching Improves (Threatpost) The FREAK, LOGJAM and DROWN attacks of the last 17 months weren’t just the work of academics and security researchers who found a cool way to unmask encrypted traffic. They were ugly reminders of the Crypto Wars of the 1990s and why export-grade cryptography and intentional encryption backdoors are fraught with potential trouble

Utilizing hardware to stop attackers earlier and without disruption (Help Net Security) Too often the defense community makes the mistake of focusing on the “what,” without considering and truly understanding the “why"

Does dropping malicious USB sticks really work? Yes, worryingly well… (Tripwire: the State of Security) Good samaritans and skinflints beware

Russian web hosting service a favorite among cybercriminals (Christian Science Monitor Passcode) The cybersecurity firm Digital Shadows says that online criminals have used a Russian web hosting service to reap more than $3 million in the sale of illegal goods

Windows 10 Credential Guard Risk Exposed at Black Hat (eWeek) At Black Hat, Rahul Kashyap, Bromium's chief security architect, discusses flaws in Windows 10 Credential Guard and kernel integrity features

Do Security Companies Need to Issue Warranties? (Dark Reading) Jeremiah Grossman outlines how IT security firms are starting to offer guarantees with the backing of insurance companies

Security analytics: Risk from the inside out (Help Net Security) High profile security breaches are at an all-time high. The threat has finally reached the boardroom, and we’re seeing increased security spending. Funds are increasingly getting channeled to security analytics platforms, which aim to bring situational awareness to security events by gathering and analyzing data

Every third American has lost money to online criminals (Help Net Security) With nearly half of Americans reporting they have been tricked or defrauded, citizens are concerned that the internet is becoming less safe and want tougher federal and state laws to combat online criminals, according to a new Digital Citizens Alliance survey released today at Black Hat USA 2016

Four high-profile vulnerabilities in HTTP/2 revealed (Help Net Security) Imperva released a new report at Black Hat USA 2016, which documents four high-profile vulnerabilities researchers at the Imperva Defense Center found in HTTP/2, the new version of the HTTP protocol that serves as one of the main building blocks of the Worldwide Web

ThreatMarket: The world’s first security search engine (Help Net Security) SecurityScorecard is previewing the world’s first security search engine, ThreatMarket, at Black Hat USA 2016

Palo Alto Networks Raises the Bar for Endpoint Security With Updates to Traps Advanced Endpoint Protection Offering (PRNewswire) Palo Alto Networks® (NYSE: PANW), the next-generation security company, today announced new functionality, including significant machine learning capabilities for real-time unknown malware prevention, to its Traps™ advanced endpoint protection offering. These updates further strengthen the malware and exploit prevention capabilities of Traps and alleviate the need for legacy antivirus products to protect endpoints, such as laptops, servers and VDI instances

ZeroFOX Announces Industry’s First Security Research Team Dedicated to Exposing Social Media Threats & Driving Innovative Defensive Technology (BusinessWire) ZeroFOX research combines veteran security experts with data science and machine learning to lead the industry in securing the world’s fastest growing threat vector - social media

Gigamon Fortifies Security Analytics with Certificate Metadata (PRNewswire) Gigamon's Metadata Generation Engine enables faster detection of attacks that leverage falsified certificates

SparkCognition Launches DeepArmor, First Ever Cognitive Antivirus Solution (PRWeb) Leading cyber-physical security company delivers AI-powered cyber security platform, industry’s first cognitive AV

CyberVista Announces New CISSP Certification Test Preparation Program at 2016 Black Hat USA (BusinessWire) (ISC)² selects CyberVista as an approved live online provider for CISSP training

Hacking Hotel Keys and Point of Sale Systems at DEFCON (eSecurity Planet) At DEFCON security researcher is set to reveal how magnetic stripes are at risk from exploitation

Researcher releases DNS Greylisting tool for Phishing defense (CSO) At the BSides Las Vegas conference on Wednesday, a hacker by the name of Munin, and his research partner Nik LaBelle, are releasing a tool and giving a talk on an interesting concept - DNS Greylisting

Products, Services, and Solutions

Cylance Announces a Full Suite of Consulting Services Focused on Redefining Prevention-based Security (BusinessWire) Six practice areas directed by distinguished experts in industrial control systems, red team services, incident response forensics, IoT and embedded systems security, healthcare and training

Forcepoint delivers security coverage for mobile workers with direct connect endpoint (Financial News) Global cyber security leader Forcepoint has introduced direct connect endpoint technology for TRITON AP-WEB Cloud, a way to secure users´ connections to the Web when outside their corporate network, the company said

Malwarebytes Endpoint Security Now Protects Businesses Against Current and Future Ransomware Threats (BusinessWire) Malwarebytes Endpoint Security with advanced anti-ransomware technology is the first solution to offer multiple layers of protection against unknown ransomware

Artificial Intelligence Is Key to Autonomous Cyber Security Future (Top Tech News) DB Networks®, a leader in database cybersecurity, today announced that the latest in Artificial Intelligence (AI)-based security technologies, including machine learning and behavioral analysis offered in the DB Networks DBN-6300 and Layer 7 Database Sensor, is being deployed to intelligently combat modern cyber security database threats

Technologies, Techniques, and Standards

Android Tamer: Virtual platform for Android security professionals (Help Net Security) Android Tamer is a free and open source Swiss army knife type of tool for Android security

US Navy Organizes Cybersecurity Simulation (Dark Reading) Naval interns create 'Capture the Flag' challenge to protect US Navy cyberspace

Marketplace

FireEye Inc: Now Is the Perfect Time to Buy FEYE Stock (InvestorPlace) FEYE stock is showing its best face yet ahead of FireEye earnings

Familiar Concerns At Check Point (Seeking Alpha) Wall Street is once again worried about top-line lackluster growth at Check Point, though this time it seems more related to accounting treatment and not underlying demand or market share

Akamai growth may be threatened by accelerating shift to ‘DIY’ CDNs (Fierce Cable) As more content providers opt to build their own content delivery networks, Akamai may find itself in a rough patch if it can’t transition its revenue generators quickly enough to its newer offerings like online security, cloud services and performance monitoring, according to analysts. But those additional services also offer a ray of hope

How Distil Networks uses machine learning to hunt down 'bad bots' (TechRepublic) Distil Networks recently raised $21 million to bolster its anti-bot offerings for the enterprise. The company plans to expand globally and grow its workforce

Cyber Resilience Coalition formed (ITWire) Email and data security provider Mimecast has formed the Cyber Resilience Coalition (CRC) to bring together leading security, data protection and business continuity vendors

Scott highlights job growth at AppRiver (Pensacola News-Journal) Wednesday, Gov. Rick Scott highlighted recent job growth at AppRiver, a global cybersecurity provider headquartered in Gulf Breeze. During the past five years, AppRiver has created nearly 100 jobs in Gulf Breeze and employs more than 230 Floridians

Research and Development

Quantum Computing Just Grew Way the Hell Up (Motherboard) On Wednesday, researchers at the Joint Quantum Institute at the University of Maryland unveiled a first-of-its-kind fully programmable and reconfigurable quantum computer. The five-qubit machine, which is described in the journal Nature, represents a dramatic step toward general-purpose quantum computing—and, with it, an upending of what we can even consider to be computable

A mathematical conundrum is the key to cryptography (Irish Times) Cryptography depends on the assumption that nobody can factor prime numbers efficiently. Is this assumption safe?

How Hackers Could Get Inside Your Head With ‘Brain Malware’ (Motherboard) Hackers have spyware in your mind. You’re minding your business, playing a game or scrolling through social media, and all the while they’re gathering your most private information direct from your brain signals. Your likes and dislikes. Your political preferences. Your sexuality. Your PIN

IBM reaches breakthrough in artificial intelligence (PACE Today) IBM has brought artificial intelligence (AI) one step closer to reality by creating technology that imitates the brain’s neurons

Raytheon team competing in DARPA cyber competition finals (PRNewswire) First-of-its-kind challenge tests fully automated, self-healing systems that defend against cyber attacks

Security Patches, Mitigations, and Software Updates

Google Switches On HSTS (Infosecurity Magazine) Google has switched on HTTP Strict Transport Security (HSTS) for its google.com domain, in a bid to improve security on the web by forcing users who visit the site to do so via HTTPS

The Latest Push for a Bitcoin Hard Fork Doesn’t Have a Plan (Motherboard) Bitcoin rival Ethereum split itself into two competing currencies in July to implement a code change that aimed to return $56 million worth of the virtual currency that was stolen by a hacker. Now, some bitcoiners are looking to do the same

Cyber Attacks, Threats, and Vulnerabilities

Chinese Hackers Thought to Target Philippines Over South China Sea Dispute (Motherboard) Hackers believed to come from China have targeted high-profile organizations involved in the controversial dispute between China and the Philippines over control of the South China Sea, using malware designed to steal sensitive information from the Philippines government and other targets

Pyongyang Pegged for Email Raid on the South (Infosecurity Magazine) North Korea has been blamed for yet another cyber raid across the 38th parallel, this time attempting to hack the emails of 90 South Korean diplomats, security officials and journalists

Russia Claims It's Victim of Cyberattacks (BankInfo Security) Nation often blamed for hacks offers details on breaches it claims it's suffered

DNC staffers: FBI didn’t tell us for months about possible Russian hack (Ars Technica) FBI told DNC to "look for signs of unusual activity" on network in fall of 2015

US Cyber Pros: Hackers Could Hit Electronic Voting Machines Next (Voice of America) U.S. cyber security professionals say suspected foreign hackers who recently attacked computer systems of the Democratic Party could do something even more sinister in the future

Uzbekistan, Kazakhstan Said To Be Hacking, Spying On Dissidents (Radio Free Europe/Radio Liberty) Researchers have documented incidents of hacking and cyberspying by Uzbekistan, Kazakhstan, and other authoritarian governments

Video by Egypt's Islamic State Affiliate Threatens Israel (AP via ABC News) A video purportedly by Egypt's Islamic State affiliate has delivered a rare direct threat to Israel, saying the Jewish state will soon "pay a high price"

Islamic State Announces New Leader of Boko Haram who Vows War Against Christians (Foreign Policy) It’s been years since anyone was certain on the fate of Abubakar Shekau, the leader of Nigeria-based extremist group Boko Haram. That’s due in large part to the mystery shrouding the militant, who has repeatedly been reported dead only to reemerge in photos, video, or audio footage that seems to prove otherwise

ISIS Says New Boko Haram Leader Promises No Attacks on Mosques (Time) The terrorist group promises not to attack mosques or markets used by Muslims

ISIS’s New Chechen Warlord (Daily Beast) ISIS minister of war Abu Omar al-Shishani looks dead and gone for good, but his brother may be smarter and more dangerous. Will he step out of the shadows?

US State Department lists Jamaat-ul-Ahrar as terrorist group (Long War Journal) The US State Department added Jamaat-ul-Ahrar, a dangerous faction of the Movement of the Taliban in Pakistan, to its list of global terrorists organizations earlier today. Jamaat-ul-Ahrar has been behind numerous deadly attacks inside Pakistan and is closely allied with the Afghan Taliban and al Qaeda

New attack steals SSNs, e-mail addresses, and more from HTTPS pages (Ars Technica) Approach exploits how HTTPS responses are delivered over transmission control protocol

Telegram App Hacked Again; Millions of Contacts Revealed (Hack Read) In June 2016 Iranian security researchers exposed a critical vulnerability in Telegram app allowing anyone to send over-sized anonymous messages to anyone. Now, Iranian hackers have compromised more than a dozen accounts on the Telegram instant messaging service and identified the phone numbers of 15 million Iranian users, the largest known breach of the encrypted communications system, cyber researchers told Reuters

Beware of ransomware hiding in shortcuts (Naked Security) Even if you haven’t been hit by ransomware yourself, you probably know someone who has

Ransomware: Victims have small window of opportunity to stop an attack dead in its tracks (Healthcare IT News) After detonating various strains of ransomware in its lab, security specialist Exabeam learned that because encrypting large data-sets takes time, hospitals hit with ransomware can stop it, if they act quickly

PhishMe codifies ransomware as a formal business model (SC Magazine) Steganographic subterfuge: ransomware was already 'a thing', now it's a mature and established business model

New Gozi Malware Heads for U.S. Financial Institutions (Credit Union Times) buguroo Labs researchers identified newly-evolved versions of Gozi malware that are actively targeting financial institutions, including PayPal, ING Bank and the Bank of Tokyo, leaving organizations that rely on traditional fraud defense tools at risk

Ruckus Routers Put Organizations at Risk, says Researcher (Infosecurity Magazine) Back in 2014 Tripwire research discovered that almost three-quarters (74%) of the top 50 selling consumer Ruckus routers on Amazon came with security vulnerabilities, including exploitable firmware on 20 individual models

Surge in Exploit Attempts for Netis Router Backdoor (UDP/53413) (SANS Internet Storm Center) We started to see a surge in attempts to exploit a well known back door in Netis routers. The backdoor was first described in 2014 by TrendLabs

The Reincarnation of a Bulletproof Hoster (KrebsOnSecurity) In April 2016, security firm Trend Micro published a damning report about a Web hosting provider referred to only as a “cyber-attack facilitator in the Netherlands.” If the Trend analysis lacked any real punch that might have been because — shortly after the report was published — names were redacted so that it was no longer immediately clear who the bad hosting provider was. This post aims to shine a bit more light on the individuals apparently behind this mysterious rogue hosting firm — a company called HostSailor[dot]com

The Administrator of the Dark Web's Infamous Hacking Market Has Vanished (Motherboard) The Real Deal market, a dark web site that specialises in stolen data and computer exploits, shot to infamy this year thanks to its role in the sale of information from several massive data breaches, including Myspace and LinkedIn. But a few weeks ago, the market's main administrator vanished, and has not logged into their chat accounts for over 40 days

Hackers have stolen $72 million worth of bitcoin (SC Magazine) $72 million worth of bitcoins have been stolen from Hong Kong-based bitcoin exchange causing the price of bitcoins to drop, casting doubt on the government's decision to use blockchain technology for its Crown Commercial Service

Bitfinex Customers Lose Millions in Major Cyber Attack (Infosecurity Magazine) Major Bitcoin exchange Bitfinex has suffered a suspected hack leading to the theft of an estimated $66 million worth of the crypto-currency at current exchange rates

Is Going Offline a Solution to Bitcoin’s Hacking Problem? (Motherboard) A bitcoin exchange that once prided itself on storing its customers’ money more safely than the competition was taken for more than $60 million worth of the virtual currency on Tuesday, the second largest theft of bitcoin ever

Four Lessons to Learn From the SWIFT Hacks (Infosecurity Magazine) In April this year news started to trickle through about an alleged security compromise in which the Society for Worldwide Interbank Financial Telecommunication (SWIFT) payment communications network was exploited to steal US $81 million from the Bangladesh central bank account at the New York Federal Reserve Bank. Apparently, but for a spelling mistake that alerted an analyst, the impact could have been a whole lot worse – almost a billion dollars worse

The Dark Side of Certificate Transparency (SANS Internet Storm Center) I am a big fan of the idea behind Certificate Transparency [1]. The real problem with SSL (and TLS... it really doesn't matter for this discussion) is not the weak ciphers or subtle issues with algorithms (yes, you should still fix it), but the certificate authority trust model. It has been too easy in the past to obtain a fraudulent certificate [2]. There was little accountability when it came to certificate authorities issuing test certificates, or just messing up, and validating the wrong user for a domain based on web application bugs or social engineering [3][4]

How Drones Could Help Hackers Shut Down Power Plants (Motherboard) When hackers took down the power grid in parts of Ukraine last year, local authorities sent operators to manually switch on power, coordinating the recovery efforts via cellphone. But what if the attackers could jam the cellphone network—perhaps using drones?

Impatient users saddled with malicious copycats of popular Prisma app (Help Net Security) If an iOS app gains extreme popularity but still does not come in a version for Android, it can be practically guaranteed that malware peddlers and scammers will take advantage of users’ impatience, and offer fake, malicious versions of it on Google Play and third-party Android apps stores

Banner Health notifying 3.7 million people of cyber attack (Arizona Star via Tucson.com) Phoenix-based Banner Health is sending out letters to 3.7 million people related to a cyber attack that may have compromised patient information, including birth dates and Social Security numbers, company officials said today

PoodleCorp Shut Down Blizzard and League of Legends (NA) Servers (Hack Read) PoodleCorp, a group of hackers are claiming responsibility for conducting a series of massive distributed denial-of-service (DDoS) attacks on Blizzard and League of Legends servers

Academia

CSRA ‘Cyber District’ begins push to start teaching Cyber Security at elementary level (WBJF News Channel 6) A ‘Cyber District’ is being created in the C.S.R.A

Litigation, Investigation, and Enforcement

Dems ask Cruz to hold hearing on Trump's Russian hacking remarks (The Hill) A pair of Senate Democrats is pushing Sen. Ted Cruz (R-Texas) to hold a hearing on Donald Trump's call for Russia to obtain and leak Hillary Clinton's personal emails

Can Hillary Clinton give a straight answer on emails? (BBC) Despite all the Trump-related good fortune that has been showered on Hillary Clinton over the past week, there has been a bit of a dark lining on her silver cloud. She still can't seem to come up with an effective response to questions surrounding her use of a private email server while secretary of state

Turkish lawyer files complaint accusing U.S. generals of aiding coup attempt (Washington Post) Barely a day after the Pentagon's top official arrived in Turkey in a bid to cool growing tensions between Ankara and Washington, a Turkish lawyer filed a criminal complaint against him and two other senior U.S. officials

Georgia Man Pleads Guilty To Hacking, Insider Trading (Dark Reading) Leonid Momotok breached newswire networks and used confidential data for illegal trades worth $30 million

Design and Innovation

This Engineer Started a Tor-Based Internet Provider to Fight Surveillance (Motherboard) UK lawmakers are currently closing in on their biggest expansion of government surveillance powers since the Snowden revelations—but one network engineer is determined to not let privacy go down without fight

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

Black Hat USA (Las Vegas, Nevada, USA, August 1 - 6, 2015) Black Hat — built by and for the global InfoSec community — returns to Las Vegas for its 18th year. This six day event begins with four days of intense Trainings for security practitioners of all levels (August 1-4) followed by the two-day main event including over 100 independently selected Briefings, Business Hall, Arsenal, Pwnie Awards, and more (August 5-6)

SANS Boston 2016 (Boston, Massachusetts, USA , August 1 - 6, 2016) SANS will be returning to Boston with an exceptional cyber security training lineup this August, including a special evening event hosted by Stephen Northcutt, where you'll get choose your favorite chowder! We are bringing our top courses and best instructors to make SANS Boston the perfect training event for you. You can't miss SANS comprehensive hands-on technical training from some of the best instructors in the industry.

Secure Bermuda 2016 (Bermuda, August 10, 2016) Industry-leading intelligence from expert cybersecurity thought leaders and innovators. In addition to human capital shortages, the Bermudian cybersecurity industry faces an uphill battle to keep up with the acceleration of Internet-connected technology. Join us on August 10th at the Hamilton Princess Hotel for Secure Bermuda 2016. In just one day, the event will provide essential intelligence that enables Bermudian technology leaders to drive their cybersecurity strategy forward. The conference covers today's cybersecurity trends and threats as well as those of the future, equipping delegates with the tools needed to cope in an increasingly complex landscape.

TECHEXPO Top Secret Polygraph-Only Hiring Event (Baltimore, Maryland, USA, August 10, 2016) Polygraph-Tested Professionals are invited to interview for new career opportunities on Wednesday, August 10 at the BWI Marriott in Baltimore, MD. A CI or Full Scope Polygraph is Required to Attend. Hot job opportunities are available in Cyber Security, Intelligence, Defense and IT. Hiring managers will be onsite to fill critical open positions.

Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, August 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained over one hundred fifty organizations and has become the "go-to company" for Insider Threat Program Development Training.

International Conference on Cyber Security (ICCS) 2016 (Kota, Rajasthan, India, August 13 - 14, 2016) The International Conference on Cyber Security (ICCS) 2016 is an unparalleled opportunity to discuss cyberthreat analysis, operations, research, and law enforcement to coordinate various efforts to create a more secure world. The ICCS 2016 serves as a platform for researchers and practitioners from academia, industry, and government to present, discuss, and exchange ideas that address real-world problems with CYBER SECURITY. The conference program will include special sessions, presentations delivered by researchers from the international community, including presentations from keynote speakers and state-of-the-art lectures and keynote speeches

2016 Information Assurance Symposium (Washington, DC, USA, August 16 - 18, 2016) The Information Assurance Symposium is the premier IA event at which leaders and practitioners share vital information and provide direction and best practices to meet today’s challenges in IA and the cyber environment. The classification of the event is UNCLASSIFIED//FOR OFFICIAL USE ONLY. The 2016 IAS is expecting upwards of 2,000 attendees and will provide an excellent opportunity to learn and network with leading information assurance and cyber security professionals, subject matter experts and solution providers from throughout Government, industry and academia. The Information Assurance Symposium will include a variety of keynote sessions, five distinct tracts and panel discussions spanning over three days. It will also have a vendor expo where hundreds of exhibitors will display a wide variety of IA products, services and demonstrations. Exciting networking opportunities will be offered in the exhibit hall, all designed to enhance the IAS attendee experience.

Insider Threat Program Development Training (Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC. For a limited time the training is being offered at a discounted rate of $795. The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained a substantial number of organizations and has become the "Go To Company" for Insider Threat Program Development Training

SANS Alaska 2016 (Anchorage, Alaska, USA, August 22 - 27, 2016) SANS is bringing our renowned security training to Alaska! Join us in August for a week of hands-on training and compelling bonus sessions while taking in breathtaking views and experiencing the great Alaskan wilderness. SANS Alaska will feature two hands-on, immersion-style security training courses taught by real-world practitioners August 22-27, 2016 in Anchorage.

CISO New Jersey (Hoboken, New Jersey, USA, August 23, 2016) With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing more sophisticated attacks, the IT department has a growing responsibility to protect customer and company data. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more.

Cyber Jobs Fair (San Antonio, Texas, USA, August 23, 2016) Held in conjunction with the Second Annual CyberTexas Conference, the Cyber Jobs Fair is open to anyone with cyber security education or experience. A security clearance is not required. Booz Allen Hamilton, Digital Hands, IPSecure, Inc., ISHPI, L-3 - West, Lockheed Martin, the Los Alamos National Laboratory, MacAulay-Brown, Inc., STG, Inc., and Tensley Consulting, Inc. will be among the employers attending.

CyberTexas (San Antonio, Texas, USA, August 23 - 24, 2016) CyberTexas was established to provide expanded access to security developments and resources located in Texas; provide an ongoing platform for the education and skill development of cyber professionals & job creation; build strong relationships with other U.S. and International geographies focused on cyber ecosystem development; bring national and international resources to the region to showcase Texas-based cyber assets; identify and encourage business opportunities within and outside of Texas; and create long-term value for the cyber security ecosystem of San Antonio and the State of Texas.

Chicago Cyber Security Summit (Chicago, Illinois, USA, August 25, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. This educational and informational forum will focus on educating attendees on how to best protect highly vulnerable business applications and critical infrastructure. Attendees will have the opportunity to meet the nation’s leading solution providers and discover the latest products and services for enterprise cyber defense.

Air Force Information Technology and Cyberpower Conference 2016 (Montgomery, Alabama, USA, August 29 - 31, 2016) America is faced with a national emergency in cyberspace. US national security, economic vitality, financial stability and foreign policy are being eroded. Increasingly prevalent and severe malicious cyber activities are being directed against the DOD, USG, Private-Sector, Critical Infrastructure and Key Resource operators, Academia and Civil Society. USG industrial-aged thought, processes, and organizational relationship are not fostering “success” against decentralized, digital-age threat actors. An information-age solution is needed. Private-public dialogue is integral to building a new paradigm in which digital platforms are secure, and the nation is defended in a domain. Building bridges between government and the private sector is essential for victory. This conference will promote a national dialogue between the US Air Force, commercial businesses, academia and civil society to generate “whole of nation” strategies and processes aimed at overcoming challenges and ambiguities of an increasingly digital world.

CISO Toronto (Toronto, Ontario, Canada, August 30, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations to operate smoothly, CISOs and IT security executives need to be ahead of the hackers, and kept abreast of the latest IT security topics and trends.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

Notes from Black Hat USA--Kaizen winner, Best of Black Hat, and advice from leading VCs. Updates on DPRK and PRC hacking. US election concerns, and more jihadist online information operations.