The CyberWire Daily Briefing 08.16.16

Summary

By The CyberWire Staff

Iranian authorities investigate the possibility of a cyber attack (or at least a SCADA failure) in recent fires at oil and gas facilities.

A group calling itself "the Shadow Brokers" has placed files online they say they obtained by hacking the Equation Group, widely believed to be associated with the US NSA. (Kaspersky described the Equation Group in February, 2015.) The Shadow Brokers (whose blog site was offline as of this morning) offer what they characterize as "NSA malware" for one million Bitcoin (about $568 million). The samples they've posted strike researchers as interesting and possibly genuine, but analysts are a long way from reaching firm conclusions about either the Shadow Brokers or the Equation Group, or indeed the files in question. The posted files don't appear, at least on quick inspection, to be recent.

Guccifer 2.0 is back, releasing more documents related to the compromise of US Democratic Party networks. As Motherboard notes, Guccifer 2.0 has morphed from a screenwriter's caricature of a hacktivist (complete with broken English and stumblebum clues left in files—we should mention, by the way, that the Shadow Brokers' prose style is a lot like Guccifer 2.0's early efforts, something between Ensign Chekhov and the Hekawi tribe from F Troop) into a polished, fluent leaker.

Parties unknown seem to be monitoring communications related to the ongoing Veracrypt security audit.

There's a bogus patch for QuadRooter in Google's Play Store. Stay clear: it's malware.

London's Metropolitan Police experiment with cyber marque and reprisal for solicitors.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, Bahrain, Iran, Romania, Russia, United Kingdom, and United States.

A note to our readers, especially those of you interested in art and design--"STEM to STEAM," as they call it: the CyberWire is partnering with Maryland Art Place to sponsor a competition for an original work of art on the theme "creating connections." You can read about the competition in NY Arts Magazine. A full prospectus may be found here.

On the Podcast

The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Our guest today will be Hardik Modi, Director of Threat Research at Fidelis Cybersecurity. He'll tell us what Fidelis has discovered about Vawtrak and its most recent evolutions. (If you enjoy the podcast, please consider giving it an iTunes review.)

Sponsored Events

Cyber Security Summit in Chicago (Chicago, Illinois, USA, August 25, 2016) Senior-level executives are invited to learn about the latest threats & solutions in cyber security with experts from the FBI, Arbor Networks, and more.

3rd Annual Senior Executive Cyber Security Conference: Navigating Today’s Cyber Security Terrain (Baltimore, MD, USA, September 21, 2016) Hear from industry leaders on cyber security best practices and trends that will help you better secure your organization’s data. This year’s agenda examines the current cyber security landscape, threats, and challenges ahead for organizations and how senior leaders can work towards “shifting their data to being safe and secure.”

Selected Reading

Cyber Trends

This is the future of war (Business Insider) Battles in the next world war will be fought in the air, on the ground, and online

How PCI Acceptance Has Improved Security (BankInfo Security) A look at how far payments security has come in 10 years

Legislation, Policy and Regulation

As India Gears Up for Cybersecurity Challenges, Threats Are Multiplying (IBM Security Intelligence) India is gearing up to bring in new encryption and privacy policies to take on growing cybersecurity challenges. It may also amend the existing laws to make cyberspace more secure

National interest is exploitation, not disclosure (Errata Security) Most of us agree that more accountability/transparency is needed in how the government/NSA/FBI exploits 0days. However, the EFF's positions on the topic are often absurd, which prevent our voices from being heard

Products, Services, and Solutions

Priority breach response intrinsic to BHSI's Australian cyber-insurance debut (CSO Australia) Policyholders given broad cover, rapid access to Symantec security specialists

Innovation Update: Fortscale 2.7 Reveals New Ways to Detect Insider Threats (PRWeb) Named a 2016 “Cool Vendor” by Gartner; now shedding light on insider credentials compromised on the dark web and advanced attackers’ remote lateral movement

ControlScan Introduces Managed SIEM Service for LogRhythm (Yahoo! Finance) ControlScan, the managed security service provider (MSSP) IT leaders and their organizations rely upon for unified security and compliance, announced today that it now offers a managed SIEM service to support IT teams utilizing the LogRhythm Security Intelligence Platform. The new ControlScan Managed SIEM service maximizes the value of an organization's LogRhythm SIEM investment by delivering a layer of deep-seated expertise and active, ongoing administration and support

Respect: Windows 10 security impresses hackers (CSO) Windows is a popular attack target for criminals and researchers alike, but Microsoft has done a good job of making it harder to target security flaws in the OS

myLG: Open source command line network diagnostic tool (Help Net Security) myLG (my Looking Glass) is an open source utility that combines the functions of different network probes into one network diagnostic tool. It comes as a single binary with no dependencies

Technologies, Techniques, and Standards

Never patch another system again (CSO) Over the years I have been asked a curious question numerous times. 'If we use product x or solution y we wouldn't have to patch anymore, right?" At this point in the conversation I would often sit back in my seat and try to look like I was giving their question a lot of thought. The reality was more pragmatic. I was trying very hard to stifle my screams while appearing considerate of their query

How to Mitigate Fourth-Party Security Risks (eSecurity Planet) What do you know about your vendors' vendors? Fourth-party security risks can be serious. How can you mitigate them?

What are Managed Security Services? Why Organizations Hire Managed Security Service Providers (Digital Guardian) More organizations are turning to managed security services to gain security expertise and lessen the workload of their in-house security staff. Learn more about this option in Data Protection 101, our series on the fundamentals of information security

Report: Change in focus could help slow cyberattacks (CIO Dive) Companies focus too much time on the amount of data stolen or the number of customer records impacted in cyberattacks, according to a new report from Area 1 Security. Area 1 maintains that companies should instead focus on attribution and remediation and attempt to find out where cyberattacks originate in order to make an impact. The study suggests companies focus on the "attacker’s history, behavior, delivery mechanism, and infrastructure"

Closing the insider threat loop with authority (Federal Times) I’ve spent the past several months writing about building an effective and successful insider threat program. Over the last two months, we’ve looked at the topic through the lens of the three “As”: advocacy, agility, and authority. Since I’ve already covered advocacy and agility, it should come as no shock that this month’s blog focuses on the third “A”: authority

Data security: Will new consent and opt-out plans protect our personal health information? (GP) The recent review of data security, consent and opt-outs lead to the demise of care.data, but it may not yet herald a new era of transparency over what is happening with our personal data, says Dr Neil Bhatia

Incident response challenge: How to get out of Firefighter Mode (Help Net Security) Organizations tend to have the mindset that their IT and security teams should play the role of First Responders on the scene of a security incident. They expect their IT and Security departments to be experts, possessing the ability to immediately respond and contain the incident and the expertise to expeditiously remediate and rid the environment of any active attacker

Marketplace

Making cybersecurity a priority in mergers and acquisitions: integration (CIO) In mergers and acquisitions (M&A), integration of cybersecurity between the two companies not only needs to happen: it should begin with an agile interim plan that provides the necessary access for employees and restricts data completely wherever it’s not needed

Bahrain’s Investcorp acquires UK cybersecurity firm Nebulas (Gulf Business) Combined with its previous acquisitions, the deal will create Europe's second largest cybersecurity player, Investcorp said

Nebulas joins forces with European cyber-security ‘powerhouse' (ChannelWeb) Private equity firm behind growth of US FishNet Security looking to replicate model in Europe - with UK security VAR Nebulas representing its latest purchase

Webroot's double digit road to success (ChannelLife) Webroot has just announced double-digit year-over-year bookings growth for both the quarter and the fiscal year ending June 30, 2016. The company's business segment bookings also grew at 36% for the year

Undervalued Cybersecurity Stock Is a Must Buy (Guru Focus via Yahoo! Tech) Cyber security stocks have struggled this year, despite the positive trends in the overall industry. Companies in this sector have been spending money heavily to grow, which has negatively affected the bottom-line of companies like Palo Alto Networks (PANW) and FireEye (FEYE). Thus, it is necessary for investors looking to bet on this sector to make their picks wisely. Gigamon (GIMO) is one of my favourite picks from the sector

The Akamai Comeback Begins Now (Barron's) Revenue growth is set to reaccelerate in 2017 and the CEO has been aggressively buying stock

Baltimore-area investors get in on cybersecurity MOOC (Technical.ly Baltimore) Former Tenable CEO Ron Gula and a North Baltimore VC were involved in Cybrary's $1.3 million funding round

5 highest-paying bug bounty programmes (Computer Business Review) List: You can make $500,000 through ethical hacking if you know what to look for

SnoopWall Hires Former Kaspersky Executive Mark Bermingham as Vice President of Worldwide Channels (PRWeb) Former Kaspersky executive joins rapidly growing breach prevention company

Research and Development

Should there be a Manhattan Project for cyber security? (ResearchGate) Some security experts are calling for a task force on cyber security in the face of growing threats

We don't understand AI because we don't understand intelligence (Engadget) Reverse-engineering the brain is only half of the equation

Security Patches, Mitigations, and Software Updates

Microsoft extends security lifeline for pre-Windows 10 users and here's why (TechRadarPro) Redmond has thought better of using a strict Skylake support deadline to push Windows 10

Serving Up Security? Microsoft Patches ‘Malicious Butler’ Exploit — Again (IBM Security Intelligence) It’s been a busy year for Windows security. Back in March, Microsoft bulletin MS16-027 addressed a remote code exploit that could grant cybercriminals total control of a PC if users opened “specially crafted media content that is hosted on a website.” Just last month, a problem with secure boot keys caused a minor panic among users

Microsoft rolls out a new Authenticator app for Android and iOS, makes 2FA simpler (PCWorld) Forget about Azure Authenticator and Microsoft Account on Android. There's a new authentication app for Android and iOS and its name is Microsoft

Cyber Attacks, Threats, and Vulnerabilities

Iran Probes Cyber Role In Fires Across Gas Facilities (Dark Reading) Country rocked by a string of explosions in petroleum facilities causing millions of dollars in damage

'Shadow Brokers’ Claim to be Selling NSA Malware, in What Could Be Historic Hack (Foreign Policy) Programs posted online allow espionage on network devices

NSA hacked? Top cyber weapons allegedly go up for auction (CSO) The hackers have offered sample files, which some security researchers say appear to contain legitimate exploits

Hackers Claim to Auction Data They Stole From NSA-Linked Spies (Wired) The NSA’S elite teams of hackers have for years made it their mission to silently compromise computer systems around the globe. Now one group of anonymous hackers claims to have executed a counter-hack with none of the same discretion: They’ve brazenly announced the theft of a collection of files they say belonged to an NSA-linked spy group. And they’re auctioning those files off to the highest bidder

Group claims to hack NSA-tied hackers, posts exploits as proof (Ars Technica) Extraordinary claim gets attention of security experts everywhere

Hackers Claim Stealing NSA Hacking Tools; Selling Them Online (HackRead) Shadow Brokers hacking group is claiming that it hacked NSA’S Equation Group and stole a trove of hacking tools and exploits! Hackers are selling the tools online right now

Hackers Say They Hacked NSA-Linked Group, Want 1 Million Bitcoins to Share More (Motherboard) A mysterious hacker or hackers going by the name “The Shadow Brokers” claims to have hacked a group linked to the NSA and dumped a bunch of its hacking tools. In a bizarre twist, the hackers are also asking for 1 million bitcoin (around $568 million) in an auction to release more files

Guccifer 2.0 takes credit for hacking another Democratic committee (CSO) Self-proclaimed DNC hacker is promising journalists "exclusive materials"

Why Did Guccifer 2.0 Evolve from Sloppy Hacktivist to Professional Leaker? (Motherboard) After almost a month of complete silence, the hacker known as Guccifer 2.0, who is likely a persona created by Russian spies to cover up their own hacks, is back with a bang

October surprise: Could Russia ties doom Trump's candidacy? (The Hill) GOP nominee Donald Trump and Republicans might be counting on an "October surprise" of embarrassing material about Democratic nominee Hillary Clinton obtained through Russian espionage against the Democratic Party, but what if the real October surprise is public disclosure of, or intelligence leaks about, the true extent of Russian espionage and, very possibly, possible Russian or pro-Russian Ukrainian financial relationships that could be a game-ending disaster for the Trump campaign?

Security officials find IBM ‘failings’ in census collapse (Australian) Security officials have identified major failings by computer giant IBM in the collapse of the census website last week, triggering written demands to the company to explain its role amid growing talk of a legal stoush over the disaster

Android DroidJack Malware Spreading Via 'Over-The Top' Services (Dark Reading) RAT finding new ways to spread that work around carrier and phone defenses

A nasty Android malware is spreading using Google's online ad network (Business Insider) Watch out, Android users: Security researchers have discovered a nasty new piece of smartphone malware that targets users of Google's mobile operating system — and it uses Google's popular advertising network AdSense to do it

TCP Flaw in Linux Extends to 80 Percent of Android Devices (Threatpost) Eight out of 10 Android devices are affected by a critical Linux vulnerability disclosed last week that allows attackers to identify hosts communicating over the Transmission Control Protocol (TCP) and either terminate connections or attack traffic

QuadRooter: Unfortunately, you can’t have it patched for now (We Live Security) Soon after the discovery of the QuadRooter vulnerability, a remedy appeared on the Google Play app store. Unfortunately, neither of the two apps named “Fix Patch QuadRooter” by Kiwiapps Ltd. would patch the Android system. Already pulled from Google Play on ESET’s notice, these apps were malicious, serving their victims with unwanted ads. On top of that, one of them required payment (costing 0.99 EUR)

Scammers put a bogus Android security patch app in Google Play (CSO Australia) Scammers put a fake Android security patch app in Google Play to infect smartphones

Latest Windows UAC Bypass Permits Code Execution (Threatpost) Less than a month after disclosing a Windows User Account Control bypass, researcher Matt Nelson today published another attack that circumvents the security feature and leaves no traces on the hard disk

Security Alert: New Scylex Financial Crime Kit Aims to Provide Zeus-grade Capabilities (Heimdal Security) “Do you want to make money, do you want multiply your net-worth?”

Where does text message spam come from? NUVOs (CSO) The major mobile networks account for 90 percent of all legitimate text message traffic -- but only 38 percent of blocked spam messages. The rest of the spam messages is dominated by network unaffiliated virtual operators, according to a new report from Cloudmark

Someone Seems to be Trying to Spy on Veracrypt's Security Audit (Graham Cluley) At the start of this month OSTIF (the Open Source Technology Improvement Fund) announced that it had agreed a plan to get the open source disk encryption tool VeraCrypt independently audited

OSTIF, QuarksLab, and VeraCrypt E-mails are Being Intercepted (OSTIF) As we have began the process of staging our audit, we have set up PGP encrypted communications between OSTIF, QuarksLab, and the lead developer of the VeraCrypt project. In these communications we have discussed vulnerability information, processes and procedures for reporting findings, and exchanged confidential information about the audit

HEI Hotels reports point-of-sale terminals breach (CSO) The hotel operator said payment card information could have been stolen

20 hotels suffer hack costing tens of thousands their credit card information (Ars Technica) Starwood, Hyatt, Marriott, and Intercontinental hotels across the country hacked

Data of nearly 900,000 at risk in latest cyber attack (Health Data Management) Valley Anesthesiology and Pain Consultants, a large practice with more than 300 providers serving multiple hospitals across the greater Phoenix region, has suffered a cyber attack affecting 882,590 patients

Sage Customer Data Exposed After Unauthorized Login (Infosecurity Magazine) Accountancy software maker Sage has revealed it’s been hit by a data breach affecting a “small number” of its UK and Ireland business customers

The inside man: Sage cyber security breach puts 280 UK firms at risk (Information Age) This latest cyber attack shows once again that cyber security is losing its battle against cyber criminals, and that an internal threat is just as dangerous as an external one

Russian Doping Whistleblower Fears After Account Hacked (Infosecurity Magazine) Hackers appear to have accessed the online account of Russian athletics doping whistleblower Yulia Stepanova, possibly in an attempt to learn the whereabouts of the 800-meter runner, who is in hiding with her husband

How to tell the “real” @realDonaldTrump, and why it’s a security lesson for us all (Naked Security) We can never say it often enough when it comes to staying safe on the internet: just because somebody claims to be a particular person doesn’t mean they’re not someone else entirely

Tech support scammer tricked into installing ransomware (Naked Security) First things first, we do not recommend that you screw around with crooks

A hacker's best friend is a nice employee (USA Today) When it comes to hacking, the most dangerous thing at most companies may not be their computer network but the lowly desk telephone

FireEye says industrial cybersecurity is far too vulnerable - and the stakes are high (Security Brief) FireEye has released a report that shines light on how industrial and utilities providers manage the security of their own industrial control systems (ICS) assets, and the effects can put an entire country at stake

Half of Vehicle Vulnerabilities Could Allow Cyber Attackers To Take Control (Information Security Buzz) Three-year study by IOActive that has found half of vehicle vulnerabilities could allow cyber attackers to take control of a vehicle – and 71% are ‘easy to exploit’ Jon Geater, CTO, Thales e-Security commented below

Pokémon Go Exploitation Saga Continues; Beware of New Ransomware (HackRead) Pokémon GO is not only your favorite game but also a favorite target for cybercriminals — after malware infected apps here’s Pokémon GO ransomware scam

Pokemon Go: Call for 'Pokestops' to be deleted in German airport security zones (BBC) Police and the airport operators association in Germany has called for Pokemon Go features located beyond security controls to be deleted

Litigation, Investigation, and Enforcement

UK law firms will be able to profit from pursuing cyber criminals (IT Pro Portal) A pilot scheme from the City of London police means that private law firms will be able to profit from the pursuit of suspected cyber criminals. Rather than handling cases of online crime themselves, police will instead pass details on to private agents

FBI Widens Investigation into Russian Attacks on Democrats (Infosecurity Magazine) The hack at the US Democratic National Committee is expanding in scope and repercussions—it now appears that hackers have compromised over 100 email accounts tied to officials and groups from the Democratic party—not just the DNC and the Democratic Congressional Campaign Committee

LinkedIn sues anonymous data scrapers (TechCrunch) LinkedIn is trying to lock down its exclusive relationship with its users

Australian Authorities Hacked Computers in the US (Motherboard) Australian authorities hacked Tor users in the US as part of a child pornography investigation, Motherboard has learned

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

NYIT Annual Cybersecurity Conference (New York, New York, USA, September 22, 2016) Presented by NYIT School of Engineering and Computing Sciences, this conference brings together cyber experts from academia, business, and government to address: Cyber Defense Against Attacks–How Industry Is Addressing Evolving Threats; Information Currency and Blockchain Vulnerability; Cyber Physical Systems, Cyber Infrastructure, and the Internet of Things; Government Agencies' Strategies for Securing Cyberspace; Cyber Risks of Smart Transportation; and Accelerating Cyber Education and Career Paths.

Federal IT Security Conference (Columbia, Maryland, USA, November 8, 2016) The Federal IT Security Institute in partnership with PhoenixTS in Columbia, MD is hosting the first annual Federal IT Security Conference. Speakers from NIST, DHS, the Defense Department as well as private industry will be in attendance discussing the themes and trends that are influencing the Federal/DoD cyber landscape. All proceeds from the event go to help retrain Wounded Warriors to become cyber defenders at the Wounded Warrior Cyber Combat Academy.

upcoming Events

2016 Information Assurance Symposium (Washington, DC, USA, August 16 - 18, 2016) The Information Assurance Symposium is the premier IA event at which leaders and practitioners share vital information and provide direction and best practices to meet today’s challenges in IA and the cyber environment. The classification of the event is UNCLASSIFIED//FOR OFFICIAL USE ONLY. The 2016 IAS is expecting upwards of 2,000 attendees and will provide an excellent opportunity to learn and network with leading information assurance and cyber security professionals, subject matter experts and solution providers from throughout Government, industry and academia. The Information Assurance Symposium will include a variety of keynote sessions, five distinct tracts and panel discussions spanning over three days. It will also have a vendor expo where hundreds of exhibitors will display a wide variety of IA products, services and demonstrations. Exciting networking opportunities will be offered in the exhibit hall, all designed to enhance the IAS attendee experience.

Insider Threat Program Development Training (Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC. For a limited time the training is being offered at a discounted rate of $795. The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained a substantial number of organizations and has become the "Go To Company" for Insider Threat Program Development Training

SANS Alaska 2016 (Anchorage, Alaska, USA, August 22 - 27, 2016) SANS is bringing our renowned security training to Alaska! Join us in August for a week of hands-on training and compelling bonus sessions while taking in breathtaking views and experiencing the great Alaskan wilderness. SANS Alaska will feature two hands-on, immersion-style security training courses taught by real-world practitioners August 22-27, 2016 in Anchorage.

CISO New Jersey (Hoboken, New Jersey, USA, August 23, 2016) With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing more sophisticated attacks, the IT department has a growing responsibility to protect customer and company data. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more.

Cyber Jobs Fair (San Antonio, Texas, USA, August 23, 2016) Held in conjunction with the Second Annual CyberTexas Conference, the Cyber Jobs Fair is open to anyone with cyber security education or experience. A security clearance is not required. Booz Allen Hamilton, Digital Hands, IPSecure, Inc., ISHPI, L-3 - West, Lockheed Martin, the Los Alamos National Laboratory, MacAulay-Brown, Inc., STG, Inc., and Tensley Consulting, Inc. will be among the employers attending.

CyberTexas (San Antonio, Texas, USA, August 23 - 24, 2016) CyberTexas was established to provide expanded access to security developments and resources located in Texas; provide an ongoing platform for the education and skill development of cyber professionals & job creation; build strong relationships with other U.S. and International geographies focused on cyber ecosystem development; bring national and international resources to the region to showcase Texas-based cyber assets; identify and encourage business opportunities within and outside of Texas; and create long-term value for the cyber security ecosystem of San Antonio and the State of Texas.

Chicago Cyber Security Summit (Chicago, Illinois, USA, August 25, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. This educational and informational forum will focus on educating attendees on how to best protect highly vulnerable business applications and critical infrastructure. Attendees will have the opportunity to meet the nation’s leading solution providers and discover the latest products and services for enterprise cyber defense.

Air Force Information Technology and Cyberpower Conference 2016 (Montgomery, Alabama, USA, August 29 - 31, 2016) America is faced with a national emergency in cyberspace. US national security, economic vitality, financial stability and foreign policy are being eroded. Increasingly prevalent and severe malicious cyber activities are being directed against the DOD, USG, Private-Sector, Critical Infrastructure and Key Resource operators, Academia and Civil Society. USG industrial-aged thought, processes, and organizational relationship are not fostering “success” against decentralized, digital-age threat actors. An information-age solution is needed. Private-public dialogue is integral to building a new paradigm in which digital platforms are secure, and the nation is defended in a domain. Building bridges between government and the private sector is essential for victory. This conference will promote a national dialogue between the US Air Force, commercial businesses, academia and civil society to generate “whole of nation” strategies and processes aimed at overcoming challenges and ambiguities of an increasingly digital world.

CISO Toronto (Toronto, Ontario, Canada, August 30, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations to operate smoothly, CISOs and IT security executives need to be ahead of the hackers, and kept abreast of the latest IT security topics and trends.

ISAO SO Public Forum (Tysons, Virginia, USA, August 31 - September 1, 2016) This public forum is the last opportunity to meet face-to-face and participate in conversations that will shape the first set of standards and guidelines to be published in September! Speakers will include leaders from multiple industry sectors, government and academia. The meeting will feature topics including: an in-depth public discussion of ISAO 100-1: Guidelines for Establishing an ISAO and ISAO 600-1: Government Relations, Programs, and Services; the State of the Ecosystem from the ISAO SO: “Where We Are and Where We’re Going” and “How We’ll Get There”; a special meeting of emerging ISAOs, and panel discussions from industry experts and thought leaders on ISAO Services and Capabilities, and Building an ISAO.

cybergamut Technical Tuesday: Quantifying Cyber Attacks: To Optimize and Assess your Defense by Jason Syversen of Siege Technologies (Elkridge, Maryland, USA, September 6, 2016) cybergamut Technical Tuesday is for cyber professionals to exchange innovative ideas and discuss technical issues of mutual interest. We’ll have a Technical Tuesday event on 6 September 2016 (1600 – 1730 East Coast Time). This talk describes the challenges of quantifying offensive and defensive capabilities and posture. This is not an IT-oriented metrics-talk about measuring the firewall rules or number of incidents last year. Instead, you’ll hear about new military-backed research on how to quantify the effectiveness of attacks, predict outcomes and measure defensive strength, as well as the future of data-driven security technologies.

2016 Intelligence & National Security Summit (Washington, DC, USA, September 7 - 8, 2016) Third annual unclassified summit hosted by AFCEA International and the Intelligence and National Security Alliance (INSA). There are five plenary sessions and nine breakout sessions related to cybersecurity, policy, and enduring strategic issues

Annual Privacy Forum 2016 (Frankfurt, Hesse, Germany, September 7 - 8, 2016) In the light of the upcoming data protection regulation and the European digital agenda, DG CONNECT, ENISA and, Goethe University Frankfurt is organizing APF 2016. In the light of the upcoming data protection regulation and the European digital agenda, DG CONNECT, ENISA and, Goethe University Frankfurt is organizing APF 2016.

SecureWorld Cincinnati (Sharonville, Ohio, USA, September 8, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers

Borderless Cyber Europe (Brussels, Belgium, September 8 - 9, 2016) Join CIOs, CISOs and cyber threat intelligence experts from industry, government and CSIRTs worldwide to share experiences, strategies, tactics and practices that will improve your state of preparedness and more effectively protect your business against cyber threats. You will learn how to build communities of practice between C-level professionals and IT security practitioners, access the latest cyber threat information sharing and get actionable experiences from real-world use cases.

SANS Network Security 2016 (Las Vegas, Nevada, USA , September 10 - 16, 2016) We are pleased to invite you and your colleagues to attend SANS Network Security 2016 at the magnificent Caesars Palace, Las Vegas, on September 10-19. SANS Network Security is your annual networking opportunity! SANS will bring you the best in network security training, certification, and up-to-the-minute research on the most important topics in the industry today.

Business Insurance Cyber Risk Summit 2016 (San Francisco, California, USA, September 11 - 12, 2016) The Business Insurance Cyber Risk Summit provides risk management professionals and chief information security officers with the practical information and tools needed to combat the latest cyber risks that threaten their organizations. The day-long conference will explore cyber exposures, regulations, governance and insurance coverage. Risk managers and CISOs will learn how to adapt proven risk management strategies to their current cybersecurity environments, how to better communicate with their information security teams, and how to effectively convey risks, exposures and coverage options to their corporate boards and the C suite.

(ISC)² Security Congress (Orlando, Florida, USA, September 12 - 15, 2016) (ISC)² Security Congress offers attendees over 90 education sessions, designed to transcend all industry sectors, focus on current and emerging issues, best practices, and challenges facing cybersecurity leaders. As cyber threats and attacks continue to rise, the goal of (ISC)² Security Congress is to advance security leaders by arming them with the knowledge, tools, and expertise to protect their organizations.

7th Annual Billington Cybersecurity Summit (Washington, DC, USA, September 13, 2016) Join over 600 senior-level attendees, more than 50 distinguished speakers, and over 40 prestigious sponsors and exhibitors at the 7th Annual Billington CyberSecurity Summit, the leading Fall forum on cybersecurity in the Nation’s Capital, on September 13 in Washington, D.C. at the Ronald Reagan Building and International Trade Center. Keynotes Include NSA Director Admiral Michael Rogers and top U.K. and Israeli Cyber Leaders.

CISO GAS (Frankfurt, Hessen, Germany, September 13, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. CISOs and IT security executives must always have this in mind, as well as a host of other evolving concerns, from curbing Bring-Your-Own-Device (BYOD) risk to controlling vulnerable social media data. In order for today's leading enterprises to operate smoothly, information security must be ahead of the hackers and kept abreast of the latest IT security topics and trends. The CISO Summit will bring together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include engaging Keynote Presentations, Thought Leadership sessions, CISO Think Tanks, Analyst Q&As and much more

Tarleton State University Cyber Security Summit 2016 (Dallas, Texas, USA, September 13, 2016) Cyber Security for the Board and the C-Suite: "What You Need to Know." Cyber Security experts will discuss corporate cyber-attacks and legal practitioners will discuss strategies to help companies comply with the increasingly complex data security laws. Data privacy and security experts will discuss practical solutions to current problems.

SecureWorld Detroit (Dearborn, Michigan, USA , September 14 - 15, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers

Insider Threat Program Development Training for NISPOM CC 2 (Milwaukee, Wisconsin, USA, September 19 - 20, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust insider threat program. Insider Threat Defense has trained over 350+ organizations and has become the "leader-go to company " for insider threat program development training.

hardwear.io Security Conference (The Hague, the Netherlands, September 20 - 23, 2016) hardwear.io Security Conference is a platform for hardware and security community where researchers showcase and discuss their innovative research on attacking and defending hardware. The objective of the conference revolves around four key concerns in hardware, firmware and related protocols i.e. backdoors, exploits, trust and attacks (BETA). hardwear.io is seeking innovative research on hardware security. If you have done interesting research on attacks or mitigation on any Hardware and want to showcase it to the security community, just submit your research paper.

3rd Annual Senior Executive Cyber Security Conference: Navigating Today's Cyber Security Terrain (Baltimore, Maryland, USA, September 21, 2016) The Johns Hopkins University Information Security Institute and COMPASS Cyber Security are hosting the 3rd Annual Senior Executive Cyber Security Conference on Wednesday, September 21, from 8:30 a.m. – 4:00 p.m., on the Homewood campus of Johns Hopkins University. Hear from industry leaders on cyber security best practices and trends that will help you better secure your organization's data. This year's agenda examines the current cyber security landscape, threats, and challenges ahead for organizations and how senior leaders can work towards "shifting their data to being safe and secure."

New York Cyber Security Summit (New York, New York, USA, September 21, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. This educational and informational forum will focus on educating attendees on how to best protect highly vulnerable business applications and critical infrastructure. Attendees will have the opportunity to meet the nation’s leading solution providers and discover the latest products and services for enterprise cyber defense.

Gigaom Change 2016 Leader's Summit (Austin, Texas, USA, September 21 - 23, 2016) Over an immersive 2.5 days, we will explore the current state-of-the-art technologies, how these are transforming industry, and why this all matters. You’ll emerge with a greater understanding of the exponential technological changes occurring around us, and the confidence to accelerate tangible next steps. Gigaom Change is designed to empower businesses of today to thrive in a world of tomorrow. Gigaom Change will focus on the seven most disruptive enterprise technologies that are widely known but little understood: Artificial Intelligence, Virtual Reality, Robotics, Nanotechnology, Cybersecurity, 3-D Printing, and Human-Machine Interface.

Cyber Security: How to Identify Risk and Act (Frankenmuth, Michigan, USA, September 26, 2016) Join us on 9/26/2016 for the PMI-MTC's annual project management PDD focusing on "Cyber Security: How to Identify Risk and Act." Earn 7 PDUs during the interactive sessions with well-known information security and project management experts. Featuring a keynote speaker from the FBI Detroit Cyber Task Force. Also featuring speakers from the Dow Chemical Company, UHY LLP, Ally Financial, CBI, and more.

CYBERSEC (Kraków, Poland, September 26 - 27, 2016) The CYBERSEC forum is the first of its kind in Poland and one of just a few regular public policy conferences in Europe devoted to the strategic issues of cyberspace and cybersecurity.The goal of the CYBERSEC conference is the formulation of practical recommendations that aim to increase resilience to cyber threats within specific economic sectors, states, and the EU as a whole.

IP EXPO Nordic 2016 (Stockholm, Sweden, September 27 - 28, 2016) IP EXPO Nordic is part of Europe’s number ONE enterprise IT event series, designed for those looking to find out how the latest IT innovations can drive business growth and competitiveness. The event showcases brand new exclusive content and senior-level insights from across the industry, as well as unveiling the latest developments in IT. It covers everything you need to run a successful enterprise or organisation. Arrive with challenges, leave with solutions. IP EXPO Nordic 2016 incorporates six IT events under one roof – Cloud, Cyber Security, Networks and Infrastructure, Data Analytics, DevOps and Open Source. This year’s event will be the most comprehensive business-enhancing experience for those across the IT industry, including IT managers, CTOs, CDOs, network and storage engineers, CISOs, data analysts, developers and communications specialists.

SecureWorld Dallas (Plano, Texas, USA , September 27 - 28, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

"Shadow Brokers" claim they hacked Equation Group. Iran investigates suspected cyber involvement with oil and gas fires. Guccifer 2.0 becomes slick, unrecognizable. Bogus QuadRooter patch is malware.