The CyberWire Daily Briefing 08.26.16

Summary

By The CyberWire Staff

Citizen Lab and security company Lookout disclose iOS persistent spyware they found on a UAE dissident's iPhone. The tool, "Pegasus," is an intercept product of NSO Group; it was apparently deployed by UAE authorities. The researchers were given the affected phone after its owner saw a suspicious text message on August 10. They located the exploits (which they've called "Trident") and disclosed them to Apple. Apple's patch, now generally available, was ready in ten days. The Citizen Lab and Lookout reports are linked below; see also commentary from Errata Security for brief, interesting perspective.

Cisco, Huawei, and Juniper Networks are said to be downplaying the impact of the Shadow Brokers' leaked exploits. The US Intelligence Community continues to investigate the incident.

Zscaler's ThreatLabZ reports finding a cybersquatting campaign that's delivering the AgentTesla keylogger.

The Ramnit banking Trojan is out and about, again, now afflicting six major British banks. Proofpoint tracks another banking Trojan, Dreambot (an Ursnif or Gozi ISFB variant) that's spreading via Tor.

Russia feels it's more sinned against than sinning in cyberspace, and points an accusatory finger Beijing-ward. Cybercrime rises in India as a function of device use. A FireEye study suggests many cyber incidents in the Asia-Pacific region are kept very quiet.

In the US, NIST issues a draft publication on de-identifying personal data in government systems.

The Canadian Security Establishment (CSE) has dramatically increased electronic monitoring; no one's quite sure why.

Clinton email sensitive content (more coming, by court order) prompts calls for a special prosecutor.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, Canada, China, France, India, Mexico, NATO, Poland, Russia, Syria, Tunisia, Ukraine, United Arab Emirates, United Kingdom, United States, and and Vietnam.

A note to our readers, especially those of you interested in art and design--"STEM to STEAM," as they call it: the CyberWire is partnering with Maryland Art Place to sponsor a competition for an original work of art on the theme "creating connections." You can read about the competition in NY Arts Magazine. A full prospectus may be found here.

On the Podcast

The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today Joe Carrigan from our partners at the Johns Hopkins University will tell us about photo backups. And as students prepare to start the academic year, AT&T's Bindu Sundaresan will make our flesh creep with back-to-school cyber security concerns. (Just kidding about the flesh-creeping thing, but he will share some knowledge worth having, fellow kids.) If you enjoy the podcast, please consider giving it an iTunes review.

Sponsored Events

7th Annual Billington CyberSecurity Summit (Washington, DC, USA, January 1, 1970) Cyber attacks continue to pose high-stake threats to national security. Top government, military and private sector cybersecurity leaders will explore the threats and solutions at the leading fall cybersecurity forum.

Selected Reading

Cyber Trends

Russia More Prey Than Predator to Cyber Firm Wary of China (Bloomberg Technology) While the West sees Russia as a cyber predator, hackers in the East increasingly view it as prey, according to online security company Kaspersky Lab, which says there’s been a sharp spike in attacks from China

Cyber crime in India up 300% in 3 years: Study (Indian Express) India has emerged as one of the primary targets among cyber criminals with growing adoption of internet and smartphones, reveals the study

FireEye releases First Mandiant M-Trends Asia Pacific Report (Data Quest) FireEye released the first Mandiant® M-Trends® Asia Pacific report. The report shares statistics and insights gleaned from Mandiant investigations in the region in 2015, and examines the latest cyber trends and tactics threat actors used to compromise businesses and steal data

Stolen devices to blame for many breaches in the financial services sector (Help Net Security) Bitglass performed an analysis of all breaches in the financial services sector since 2006, with data aggregated from public databases and government mandated disclosures. They found that leaks nearly doubled between 2014 and 2015, a growth trend on track to continue in 2016

The current state of privileged access management practices (Help Net Security) There’s a widening gulf between organizations that adhere to best practices for privileged access management, according to BeyondTrust

Rules? What rules? Huge gap between parents and teens on digital guidelines (Silicon Beat) This shouldn’t come as a big surprise: There is a gap between teenagers and parents over their understanding of family rules about being online, according to a new study by the National Cyber Security Alliance

Legislation, Policy and Regulation

Russian “New Generation” Warfare: Theory, Practice, and Lessons for U.S. Strategists (Small Wars Journal) Russian unconventional warfare—dubbed by analysts as “new generation” warfare—elevates the psychological and popular aspects of conflict more so than any of its geopolitical partners and rivals

Polish think-take advocates offensive cyber stance for NATO (IHS Jane's Defence Weekly) NATO should opt for developing offensive cyber capabilities as opposed to only defensive ones, says one of Poland's leading security think-tanks. The mixed nature of hybrid warfare requires the shift, it argues in a new paper

Canada’s Spy Agency Now Intercepting Private Messages 26 Times More Than Previously (VICE) Federal spies in Canada have ramped up the monitoring of phone calls and online messages—but it's not clear why

Experts: Org chart and budget, not technology, is key to federal cybersecurity (FedScoop) Boring work in the back offices is what's needed — not another shiny new piece of security technology

Products, Services, and Solutions

Zensar Technologies to showcase ‘Return on Digital’ solutions at Oracle Open World 2016 (Yahoo! Finance) Zensar Technologies, a leading digital solutions and technology services company, announced that it will exhibit digital solutions on the central theme of, ‘Return on Digital’ at this year’s Oracle Open World

Elcomsoft Phone Breaker 6.0 Decrypts FileVault 2, Downloads iCloud Photos, Retrieves Apple ID Password (PRNewswire) ElcomSoft Co. Ltd. releases a major update to Elcomsoft Phone Breaker, adding support for decrypting FileVault 2 volumes by downloading the Recovery Key from iCloud. The new release adds the ability to download existing and recently deleted photos from iCloud Photos, introduces the updated Keychain Explorer and the ability to cache online authentication credentials for streamlined subsequent logins into iCloud, Windows Phone and BlackBerry 10

CrowdStrike Integrates Scanning Engine With VirusTotal (Dark Reading) Machine Learning engine first in virus-scanning service to provide confidence levels with results, vendor says

AlienVault and Zscaler Announce Partnership to Provide Customers With Increased Security, Visibility and Control (MarketWired) Partnership extends the Zscaler Platform by integrating threat intelligence while augmenting AlienVault's Unified Security Management with Intelligent Nanologs to improve visibility and control

Balabit Recognized for Blindspotter Security Solution (Find Biometrics) Balabit has become a top-level award winner in this year’s Golden Bridge Awards. The company’s Blindspotter behavior analytics system netted the company a Gold award in the category of User Behavior Analytics (UBA) – Innovations

VMware Helps Service Providers Accelerate Production Deployment of Network Functions Virtualization With Growing Portfolio of VMware Ready Solutions (Yahoo! Finance) VMware, Inc. (VMW) today announced new VMware Ready™ for NFV certified solutions, further demonstrating its ongoing commitment to supporting communications service providers (CSPs) in the adoption and production deployment of Network Functions Virtualization (NFV). These new certified solutions from Brocade, Check Point, Infoblox, Mitel and Netrounds support virtualized mobile infrastructure and SD-WAN

RingCentral and Okta Partner to Enable the Future of Work with Seamless Mobility, Security and Communication (BusinessWire) New integration simplifies identity and access management for IT, supporting secure user access to RingCentral’s UCaaS cloud solutions

Armor helps streamline HITRUST certification (Help Net Security) As the healthcare industry continues to be a major cybercrime target, compliance has gained even more significance. HITRUST certification has emerged as the benchmark for healthcare organizations to demonstrate sound security policies and a commitment to patient privacy

The Password is Dead: MobileIron and Entrust Datacard Partner on Derived Credentials for Next-Generation Multi-Factor Authentication (PRNewswire) MobileIron (NASDAQ: MOBL), the stand-alone EMM leader, and Entrust Datacard, a leader of trusted identity and secure transaction technologies, today announced a technology alliance partnership to deliver derived credentials for next-generation multi-factor authentication

Security Firm Releases Decrypter for Alma Locker Ransomware (Softpedia) Victims can recover files for free without paying the ransom

TrapX launches ransomware deception tool, CryptoTrap (Healthcare IT News) The technology is effective at deceiving TeslaCrypt, Locky and 7ev3n ransomware families, luring hackers away from valuable data assets

Niara's PartnerWatch™ Extends UEBA Reach To Monitor and Track Third-Party Access to High Value Assets (MarketWatch) Advanced machine learning models use behavior profiling to detect misuse of credentials by compromised or malicious business partners

WhatsApp will share your phone number with Facebook (Help Net Security) For the first time in four years, WhatsApp is updating its Terms of Service and Privacy Policy, and the big news is that the messaging service will share users’ phone numbers with Facebook

Virtustream and Iron Mountain Join Forces to Build Cloud Platform for Enterprise Data Management (BusinessWire) Virtustream, the enterprise-class cloud services and software provider and an EMC Federation Company, today announced that Iron Mountain Incorporated (NYSE:IRM), the global leader in storage and information management services, has selected Virtustream® xStream® and Virtustream Viewtrust® software to orchestrate, automate and secure cloud storage services for Iron Mountain’s cloud-based service offerings

Managing Application State in Duo Insight (Duo) Duo Insight is our new free, easy-to-use risk assessment tool to help companies identify their users and devices that may be vulnerable to phishing attacks. One of the key user interface components of Duo Insight is the campaign wizard, where users can quickly and easily configure a phishing campaign using one of several pre-made services

Technologies, Techniques, and Standards

DRAFT NIST Special Publication 800-188: De-Identifying Government Datasets (NIST) The US Government collects, maintains, and uses many kinds of datasets. Every federal agency creates and maintains internal datasets that are vital for fulfilling its mission, such as delivering services to taxpayers or ensuring regulatory compliance. Federal agencies can use de-identification to make government datasets available while protecting the privacy of the individuals whose data are contained within those datasets

Helping to Secure Education Networks (AT&T) Schools and colleges are particularly vulnerable to attacks by cyber criminals. Here’s what education leaders can do to help prevent these incidents

Marketplace

Stand-alone cyber coverage had direct loss ratio of 65.2%: Fitch (Canadian Underwriter) Cyber-related insurance products present a “significant growth opportunity” for property and casualty insurance carriers, with more than a third of the U.S. market held by American International Group Inc. and Chubb Ltd., Fitch Ratings Inc. suggested in a report announced Wednesday

Global mobile deep packet inspection market explodes (Help Net Security) The global mobile deep packet inspection (DPI) market will grow at an impressive CAGR of almost 22% until 2020, according to Technavio

Proofpoint buys Return Path’s email fraud protection division (BizWest) New York-based data-solutions provider Return Path has sold its Broomfield-based email fraud protection business unit to Proofpoint Inc. for $18 million

Cybersecurity business of Sypris Electronics sold to Analog Devices (Military Embedded Systems) Officials at Analog Devices, Inc. announced that the company has acquired the Cyber Security Solutions (CSS) business of Sypris Electronics LLC., in Tampa, Florida, which is owned by Sypris Solutions in Louisville, Kentucky

Cybersecurity Company Raises $1.2M in Seed Round to Protect ICS/SCADA Networks (PRNewswire) Dragos, Inc. to offer new threat hunting service and ICS-tailored technology

Closer Look: Qihoo Retires from Public View after Record Privatization (Caixin Online) Having pulled off the biggest privatization in history for a US-listed Chinese security software maker, Qihoo 360 is saying it isn't in any hurry to re-list in China. The strategy contrasts with the more than three dozen Chinese firms to announce similar plans to leave New York since last year, most of them hoping to quickly re-list in China at higher valuations

How IBM is pushing data-driven security (FedScoop) The perimeter strategy is no longer effective, an IBM senior security strategist said

Whatever we do is around mobile now: Akamai CEO Tom Leighton (Live Mint) Akamai CEO Tom Leighton on content delivery and Internet trends, and why it makes sense for Akamai to also sharpen its focus on enterprise security

CRN Exclusive: Palo Alto Networks CEO On Security Platform Evolution And When Partners Can Expect Traps To Take Off (CRN) The security industry is at an inflection point, and CEO Mark McLaughlin maintains he is confident that Palo Alto Networks is positioned to win in that shift

Valuing BlackBerry As A Security Software Company (Seeking Alpha) BlackBerry's market value as a security software and services company is at the low end among competitors. BBRY has more cash than most companies in this line of business. But having a handset business (barely) works against it being considered an S&S company

Leesburg’s PhishMe grows into cyber security powerhouse (Loudon Times-Mirror) Leesburg-based cyber security company PhishMe is making waves against fraudulent emails with a new, innovative approach

2016 IPO Prospects: Optiv Grows Inorganically (Seeking Alpha) Optiv is helping address the cyber security problems faced by organizations by offering a holistic approach as a solution provider, and not just a reseller. Optiv continues to grow inorganically. Since the start of the year it has made three acquisitions within the cyber security space. In April this year, Optiv was estimated to be valued at $2 billion

Muddy Waters claims device maker vulnerable to hackers (Financial Times) Muddy Waters, the hedge fund, on Thursday claimed that a pacemaker manufacturer’s life-saving devices are vulnerable to hackers, the first time a shortseller has publicly used alleged cyber security vulnerabilities to put pressure on a stock to fall

Cybersecurity Center in Colorado Springs to hire CEO and host national conference (Colorado Springs Gazette) The National Cybersecurity Center in Colorado Springs plans to hire a CEO next month and will host officials from across the country at a three-day conference in November at The Broadmoor

Security Patches, Mitigations, and Software Updates

Apple plugs three actively exploited iOS zero-days (Help Net Security) Owners of Apple’s mobile devices are advised to upgrade to iOS version 9.3.5 as soon as possible, as it fixes three zero-day vulnerabilities actively exploited in the wild

Cisco starts patching firewall devices against NSA-linked exploit (Computerworld) Cisco has released some fixed versions of its Adaptive Security Appliance firewalls, and more patches are expected

Dropbox prompts certain users to change their passwords (CSO) The move appears to be a precautionary measure

Google to rate down sites with aggravating pop-up ads (Naked Security) Annoying pop-up ads that get in the way of content are going to be the new lead balloons: Google’s planning to penalize mobile sites that use them by placing those sites lower in its rankings

Cyber Attacks, Threats, and Vulnerabilities

Apple iOS up to 9.3.4 Kernel Trident Information Disclosure (Vulbd) A vulnerability was found in Apple iOS up to 9.3.4. It has been rated as problematic. Affected by this issue is an unknown function of the component Kernel. The manipulation with an unknown input leads to a information disclosure vulnerability (trident). Impacted is confidentiality

Apple Software Vulnerability Is Linked to Intrusions (New York Times) One of the world’s most evasive digital arms dealers is believed to have been taking advantage of three security vulnerabilities in popular Apple products in its efforts to spy on dissidents and journalists

Government Hackers Caught Using Unprecedented iPhone Spy Tool (Motherboard) On the morning of August 10, Ahmed Mansoor, a 46-year-old human rights activist from the United Arab Emirates, received a strange text message from a number he did not recognize on his iPhone

A Hacking Group Is Selling iPhone Spyware to Governments (Wired) These days it seems like every government has a far-reaching and well-developed digital surveillance operation, complete with defense, international espionage, and offensive components. Smaller nations even join spy alliances to pool resources. But there are still many nation-states that for various reasons prefer not to handle their cyber intelligence development in-house. So they do what we all do when we need software: They buy it from a vendor

The UAE Spends Big on Israeli Spyware to Listen In on a Dissident (Foreign Policy) In attacking the iPhone of human rights defender Ahmed Mansour, the Emirati government reportedly bought a rare, zero-day, Israeli exploit of Apple’s iOS

The Million Dollar Dissident: NSO Group’s iPhone Zero-Days used against a UAE Human Rights Defender (Citizen Lab) This report describes how a government targeted an internationally recognized human rights defender, Ahmed Mansoor, with the Trident, a chain of zero-day exploits designed to infect his iPhone with sophisticated commercial spyware

Sophisticated, persistent mobile attack against high-value targets on iOS (Lookout) Persistent, enterprise-class spyware is an underestimated problem on mobile devices. However, targeted attack scenarios against high-value mobile users are a real threat

Mobile Cyber Espionage is Real! (Skycure Blog) Targeted, persistent spyware called Pegasus

How to know if you’ve been impacted by Pegasus (Lookout) The guidance below will help you determine if you are impacted by the Pegasus threat. Pegasus is a sophisticated attack that uses three vulnerabilities in the iOS software, collectively known as Trident, that, when exploited, enables attackers to install spyware on your device

Apple zero-days mark a new era of mobile hacking (TechMedia Magazine) Apple’s head of security engineering and architecture, Ivan Krstic, told a rapt audience at the Black Hat security conference earlier this month that his notoriously secretive company was ready to open up its vulnerability reporting process to researchers

Notes on the Apple/NSO Trident 0days (Errata Security) I thought I'd write up some comments on today's news of the NSO malware using 0days to infect human rights activist phones. For full reference, you want to read the Citizen's Lab report and the Lookout report

The National Security Agency has no idea how a rogue hacking group leaked its exploits (International Business Times) A group called The Shadow Brokers leaked NSA exploit kits online on 13 August

Cisco, Huawei and Juniper play down NSA attack reports (Capacity Media) Cisco, Huawei and Juniper have played down reports that the US National Security Agency (NSA) has developed tools to spy on traffic running through their equipment

Boko Haram's Doomed Marriage to the Islamic State (War on the Rocks) When the Nigerian jihadist group popularly known as Boko Haram publicly pledged its allegiance to the Islamic State in March 2015, this new alliance made perfect sense to both groups

Agent Tesla Keylogger delivered using cybersquatting (ZScaler) Zscaler ThreatLabZ recently came across an attack chain in which cybersquatting was being used to deliver a commercial keylogger, called “AgentTesla,” with an intent to steal confidential information. The keylogger payload was configured to relay the stolen information back to the cyber-squatted domain, which had been registered two months prior to the attack

Ramnit Trojan rides again, targets customers of six major UK banks (Help Net Security) The infamous Ramnit Trojan is on the prowl again, and this time it targets personal banking customers of six unnamed UK banks

Nightmare on Tor Street: New Ursnif Variant Dreambot Adds Tor Functionality (Proofpoint) One of the most active banking Trojans that we have observed recently in email and exploit kits is one often referred to as Ursnif or Gozi ISFB [6]. Thanks to Frank Ruiz from FoxIT InTELL, we know that the actor developing one of its variants since 2014 has named this variant Dreambot. The Dreambot malware is actively evolving, and recent samples in particular caught our attention for their addition of Tor communication capability, as well as peer-to-peer (P2P) functionality

Anatomy of a cryptographic collision – the “Sweet32” attack (Naked Security) Researchers at the Institute for Research in Computer Science and Automation in France (INRIA) have come up with the latest BWAIN

Monitoring SSL traffic now everyone's concern: A10 Networks (ZDNet) As the uptake of SSL grows, Tim Blombery, systems engineer at A10 Networks, said threat actors are increasingly leveraging SSL-based encryption to hide malicious activity

Cyberattack could impact 148,000 with Highmark Medicaid (Delaware Online: the News Journal) Close to 150,000 Delaware Medicaid clients enrolled in Highmark Health Options are being notified this week that a cyberattack at the end of May could have compromised their health plan information

Brainjacking: Hacking brain implants (Help Net Security) Did you know that Dick Cheney, former US Vice President who held that office from 2001 to 2009, had the wireless telemetry on his implantable cardioverter-defibrillator disabled during his time in office for fear of political assassination?

Essential Pokémon GO protection tips (Help Net Security) Since its release, Pokémon GO has become the most downloaded game in history on iOS and Android. However, Gemalto is now warning its millions of players around the world to stay safe and ensure they only battle fellow players’ gyms, not viruses and identity theft

Academia

Westpac, Deloitte-backed Day of STEM launches in Australia (ZDNet) Australian tech leaders have launched LifeJourney's Day of STEM program, using the power of the industry to get the word out to inspire kids to take up a career in the tech industry

Going Global: SUU Will Train Vietnam's Next Cyber Security Experts (Utah Policy) Information technology students in southeast Asia will soon be taking graduate-level cybersecurity courses from Southern Utah University

Litigation, Investigation, and Enforcement

Court orders State to hand over new Clinton emails by Sept. 13 (Washington Examiner) A federal court ruled Thursday that the State Department has until Sept. 13 to begin handing over emails recovered by the FBI from Hillary Clinton's private server

Graham: Let special prosecutor probe Clinton emails (The Hill) Sen. Lindsey Graham (R-S.C.) is joining a growing number of GOP lawmakers calling for an independent prosecutor to look into Hillary Clinton's emails

Submarine Data Leak Could be Setback for Indian Navy (Voice of America) A massive leak of secret data relating to the combat capabilities of submarines being built for the Indian navy by a French shipbuilder could delay their induction as India investigates the huge security breach

Islamic State group recruiter Hamdi Alqudsi 'loves Australia' (BBC) A Sydney man who helped seven young men travel from Australia to Syria to join the Islamic State conflict has told a court he is "not a terrorist"

Russian Lawmaker’s Son Convicted in U.S. of Hacking Scheme (Bloomberg) The son of a Russian lawmaker was convicted of orchestrating a global hacking bonanza in what a U.S. prosecutor called one of the most prolific credit card trafficking schemes in history

US authorities investigate cyber-attack against Ghostbusters actress Leslie Jones (BBC) US authorities have launched an investigation into the hacking of Leslie Jones' website and iCloud account after intimate photos of the actress were posted online

Leslie Jones website hack reveals stars' tricky cyber landscape (Chicago Tribune) The hateful hack of comedian Leslie Jones' personal website reveals the tricky cyber landscape celebrities tread and the murky legal protections that exist for personal digital content

Massachusetts man admits hoax distress calls to Coast Guard (Stars and Stripes) A Massachusetts man has pleaded guilty to making hoax radio distress calls to theCoast Guard that prompted fruitless searches that wasted time and resources

Cyber Attack Hove Man Sentenced (Juice 107.2) A man who bombarded Sussex Police's contact centre with 3,000 emails in just six hours has been sentenced to ten months in jail, suspended for 18 months

Design and Innovation

This Biohacker Wants to Implant Cryptographic Keys Beneath Your Skin (Motherboard) The millennial trope of your phone feeling like another limb may not be so far off, with new technology that would allow much of the same information in your phone to be stored in a chip under your skin

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

HTCIA International Conference and Training Expo (Summerlin, Nevada, USA, August 28 - 31, 2016) The High Technology Crime Investigation Association (HTCIA) sponsors this conference for professionals in law enforcement cyber security and cyber forensic investigations. College and university faculty working in these areas are also welcome, as are their students. Learn how to protect your agency, organization, or company against cyber threats in the more than 125 lectures and labs offered at the event. Hear distinguished keynote speakers, and network with colleagues. Industry vendors will also be available to discuss their newest products and services.

2016 Government Cyber Security SBIR Workshop (Washington, DC, USA, August 30 - September 1, 2016) The 2016 Government Cyber Security SBIR Workshop affords Small Business Innovation Research (SBIR) awardees in the completed Phase II or Phase III processes the opportunity to collaborate and present their research and technologies to researchers and cybersecurity leadership from the government, private sector and academia. This workshop facilitates knowledge-sharing, improvement of existing deployed technologies and transition to the marketplace by innovative research that safeguards cyberspace.

CyCon US: International Conference on Cyber Conflict (Washington, DC, USA, October 21 - 23, 2016) The inaugural U.S. based International Conference on Cyber Conflict will take place 21-23 October 2016 in Washington D.C. Focusing on a theme of Protecting the Future. CyCon U.S. seeks to create greater information exchange among industry, academia, and government entities at both the national and international levels. The issues to be covered include the future of international cooperation, imminent technical challenges and requirements, forthcoming conflicts in cyberspace, and the potential for new legal frameworks, standards, and regulations.

Regional Cyber Security Summit (Sharm El-Sheikh, Egypt, October 30 - November 1, 2016) The Regional Cyber Security Summit comes this year with the theme of “Boundless Collaboration, Boundless Protection”. It focuses on the cooperation in cybersecurity as one of key pillars to tackle the complexity and the scalability of the main challenges of today’s cyber threats. The regional cybersecurity summit has been conducted for the last 4 years under the umbrella of ITU-ARCC in Oman to share experience and knowledge, learn from each other, get in tight to recent updates and collaborate to enhance organizations’ cybersecurity became a must.

SINET Showcase 2016: Highlighting and Advancing Innovation (Washington, DC, USA, November 2 - 3, 2016) SINET Showcase provides a platform to identify and highlight “best-of-class" security companies that are addressing industry and government’s most pressing needs and requirements. The chosen SINET 16 Innovators present their technological solutions to representatives from the ecosystem of the entrepreneur: venture capital, investment banking, system integration, academia, science, legal, policy, private industry and executives from the Federal Government, including civilian, intelligence and military professionals. Showcase’s objective is to increase awareness of innovative solutions that may lead to an investment in, or the purchase of, advanced technologies that will help secure our nation’s critical infrastructure and command-and-control systems.

CIFI Security Summit (Toronto, Ontario, Canada, November 30 - December 1, 2016) The Annual CIFI Security Summit takes place all over the world, Asia, Europe, Australia & North America. These summits are essential 2 day conferences and exhibitions bringing together leading security experts from around the globe to discuss Cyber Intelligence, Digital forensics, Cyber Security and Cyber Investigations. This is the only event of its kind that will run 4 simultaneous streams over 2 days in addition to case studies, demonstrations from global business leaders and a 30+ Exhibition.

upcoming Events

SANS Alaska 2016 (Anchorage, Alaska, USA, August 22 - 27, 2016) SANS is bringing our renowned security training to Alaska! Join us in August for a week of hands-on training and compelling bonus sessions while taking in breathtaking views and experiencing the great Alaskan wilderness. SANS Alaska will feature two hands-on, immersion-style security training courses taught by real-world practitioners August 22-27, 2016 in Anchorage.

Air Force Information Technology and Cyberpower Conference 2016 (Montgomery, Alabama, USA, August 29 - 31, 2016) America is faced with a national emergency in cyberspace. US national security, economic vitality, financial stability and foreign policy are being eroded. Increasingly prevalent and severe malicious cyber activities are being directed against the DOD, USG, Private-Sector, Critical Infrastructure and Key Resource operators, Academia and Civil Society. USG industrial-aged thought, processes, and organizational relationship are not fostering “success” against decentralized, digital-age threat actors. An information-age solution is needed. Private-public dialogue is integral to building a new paradigm in which digital platforms are secure, and the nation is defended in a domain. Building bridges between government and the private sector is essential for victory. This conference will promote a national dialogue between the US Air Force, commercial businesses, academia and civil society to generate “whole of nation” strategies and processes aimed at overcoming challenges and ambiguities of an increasingly digital world.

CISO Toronto (Toronto, Ontario, Canada, August 30, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations to operate smoothly, CISOs and IT security executives need to be ahead of the hackers, and kept abreast of the latest IT security topics and trends.

ISAO SO Public Forum (Tysons, Virginia, USA, August 31 - September 1, 2016) This public forum is the last opportunity to meet face-to-face and participate in conversations that will shape the first set of standards and guidelines to be published in September! Speakers will include leaders from multiple industry sectors, government and academia. The meeting will feature topics including: an in-depth public discussion of ISAO 100-1: Guidelines for Establishing an ISAO and ISAO 600-1: Government Relations, Programs, and Services; the State of the Ecosystem from the ISAO SO: “Where We Are and Where We’re Going” and “How We’ll Get There”; a special meeting of emerging ISAOs, and panel discussions from industry experts and thought leaders on ISAO Services and Capabilities, and Building an ISAO.

cybergamut Technical Tuesday: Quantifying Cyber Attacks: To Optimize and Assess your Defense by Jason Syversen of Siege Technologies (Elkridge, Maryland, USA, September 6, 2016) cybergamut Technical Tuesday is for cyber professionals to exchange innovative ideas and discuss technical issues of mutual interest. We’ll have a Technical Tuesday event on 6 September 2016 (1600 – 1730 East Coast Time). This talk describes the challenges of quantifying offensive and defensive capabilities and posture. This is not an IT-oriented metrics-talk about measuring the firewall rules or number of incidents last year. Instead, you’ll hear about new military-backed research on how to quantify the effectiveness of attacks, predict outcomes and measure defensive strength, as well as the future of data-driven security technologies.

2016 Intelligence & National Security Summit (Washington, DC, USA, September 7 - 8, 2016) Third annual unclassified summit hosted by AFCEA International and the Intelligence and National Security Alliance (INSA). There are five plenary sessions and nine breakout sessions related to cybersecurity, policy, and enduring strategic issues

Annual Privacy Forum 2016 (Frankfurt, Hesse, Germany, September 7 - 8, 2016) In the light of the upcoming data protection regulation and the European digital agenda, DG CONNECT, ENISA and, Goethe University Frankfurt is organizing APF 2016. In the light of the upcoming data protection regulation and the European digital agenda, DG CONNECT, ENISA and, Goethe University Frankfurt is organizing APF 2016.

SecureWorld Cincinnati (Sharonville, Ohio, USA, September 8, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers

Borderless Cyber Europe (Brussels, Belgium, September 8 - 9, 2016) Join CIOs, CISOs and cyber threat intelligence experts from industry, government and CSIRTs worldwide to share experiences, strategies, tactics and practices that will improve your state of preparedness and more effectively protect your business against cyber threats. You will learn how to build communities of practice between C-level professionals and IT security practitioners, access the latest cyber threat information sharing and get actionable experiences from real-world use cases.

SANS Network Security 2016 (Las Vegas, Nevada, USA , September 10 - 16, 2016) We are pleased to invite you and your colleagues to attend SANS Network Security 2016 at the magnificent Caesars Palace, Las Vegas, on September 10-19. SANS Network Security is your annual networking opportunity! SANS will bring you the best in network security training, certification, and up-to-the-minute research on the most important topics in the industry today.

Business Insurance Cyber Risk Summit 2016 (San Francisco, California, USA, September 11 - 12, 2016) The Business Insurance Cyber Risk Summit provides risk management professionals and chief information security officers with the practical information and tools needed to combat the latest cyber risks that threaten their organizations. The day-long conference will explore cyber exposures, regulations, governance and insurance coverage. Risk managers and CISOs will learn how to adapt proven risk management strategies to their current cybersecurity environments, how to better communicate with their information security teams, and how to effectively convey risks, exposures and coverage options to their corporate boards and the C suite.

Hacker Halted 2016 (Atlanta, Georgia, USA, September 11 - 16, 2016) This year, Hacker Halted’s theme is the Cyber Butterfly Effect: When Small Mistakes Lead to Big Disasters. The goal of the conference is to bring the IT security community together to discuss how organizations are often compromised through the smallest of mistakes and how implementing effective changes can have ripple effects throughout all departments of an organization.

(ISC)² Security Congress (Orlando, Florida, USA, September 12 - 15, 2016) (ISC)² Security Congress offers attendees over 90 education sessions, designed to transcend all industry sectors, focus on current and emerging issues, best practices, and challenges facing cybersecurity leaders. As cyber threats and attacks continue to rise, the goal of (ISC)² Security Congress is to advance security leaders by arming them with the knowledge, tools, and expertise to protect their organizations.

7th Annual Billington Cybersecurity Summit (Washington, DC, USA, September 13, 2016) Join over 600 senior-level attendees, more than 50 distinguished speakers, and over 40 prestigious sponsors and exhibitors at the 7th Annual Billington CyberSecurity Summit, the leading Fall forum on cybersecurity in the Nation’s Capital, on September 13 in Washington, D.C. at the Ronald Reagan Building and International Trade Center. Keynotes Include NSA Director Admiral Michael Rogers and top U.K. and Israeli Cyber Leaders.

CISO GAS (Frankfurt, Hessen, Germany, September 13, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. CISOs and IT security executives must always have this in mind, as well as a host of other evolving concerns, from curbing Bring-Your-Own-Device (BYOD) risk to controlling vulnerable social media data. In order for today's leading enterprises to operate smoothly, information security must be ahead of the hackers and kept abreast of the latest IT security topics and trends. The CISO Summit will bring together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include engaging Keynote Presentations, Thought Leadership sessions, CISO Think Tanks, Analyst Q&As and much more

ISS World Americas (Washington, DC, USA, September 13 - 15, 2016) ISS World America is the world's largest gathering of North American Law Enforcement, Intelligence and Homeland Security Analysts as well as Telecom Operators responsible for Lawful Interception, Hi-Tech Electronic Investigations and Network Intelligence Gathering and Sharing. ISS World Programs present the methodologies and tools for Law Enforcement, Public Safety and Government Intelligence Communities in the fight against drug trafficking, cyber money laundering, human trafficking, terrorism and other criminal activities conducted over today's Telecommunications networks, the Internet and Social Networks.

Tarleton State University Cyber Security Summit 2016 (Dallas, Texas, USA, September 13, 2016) Cyber Security for the Board and the C-Suite: "What You Need to Know." Cyber Security experts will discuss corporate cyber-attacks and legal practitioners will discuss strategies to help companies comply with the increasingly complex data security laws. Data privacy and security experts will discuss practical solutions to current problems.

Insider Threat Program Development Training For NISPOM CC 2 with Legal Guidance (Germantown, Maryland, USA, September 14 - 15, 2016) Insider Threat Program Development Training for NISPOM CC 2 (Germantown, Maryland, September 14 - 15, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. The training will include "Legal Considerations & Guidance For Insider Threat Programs" (Privacy Concerns, User Activity Monitoring, Investigations, Etc.) - Provided By Co-Instructor Insider Threat Law - Licensed Attorney. Insider Threat Defense has trained over 400 organizations and has become the "leader-go to company" for insider threat program development training.

SecureWorld Detroit (Dearborn, Michigan, USA , September 14 - 15, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers

Insider Threat Program Development Training for NISPOM CC 2 (Milwaukee, Wisconsin, USA, September 19 - 20, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust insider threat program. Insider Threat Defense has trained over 350+ organizations and has become the "leader-go to company " for insider threat program development training.

4th ETSI/IQC Workshop on Quantum-Safe Cryptography (Toronto, Ontario, Canada, September 19 - 21, 2016) This three-day workshop brings together diverse players in the quantum-safe cybersecurity community to facilitate the knowledge exchange and collaboration required to transition cyber infrastructures and business practices to make them safe in an era with quantum computers. Attendees and presenters will include leaders from the fields of post-quantum (quantum resistant) cryptography, quantum key distribution (QKD), theoretical and commercial integration of cryptography and security tools, first-adopters of quantum-safe tools from industry and government, and members of standards bodies. Anyone interested in joining the growing community that is working to mitigate the quantum risk and creating quantum safe cryptosystems for the future should attend this workshop.

Cyber Physical Systems Summit (Newport News, Virginia, USA, September 20 - 22, 2016) On September 20-22, 2016 the Commonwealth will be hosting a Cyber and Physical Systems Summit. The three day event will consist of roundtable discussions, plenary and panel presentations across the intersection of cyber and three vectors – Autonomy, Physical Systems (Mfg), and Critical Infrastructure. Participants in the Summit will engage in conversations surrounding challenges, opportunities, threats, and the associated policy and budgetary implications.

hardwear.io Security Conference (The Hague, the Netherlands, September 20 - 23, 2016) hardwear.io Security Conference is a platform for hardware and security community where researchers showcase and discuss their innovative research on attacking and defending hardware. The objective of the conference revolves around four key concerns in hardware, firmware and related protocols i.e. backdoors, exploits, trust and attacks (BETA). hardwear.io is seeking innovative research on hardware security. If you have done interesting research on attacks or mitigation on any Hardware and want to showcase it to the security community, just submit your research paper.

3rd Annual Senior Executive Cyber Security Conference: Navigating Today's Cyber Security Terrain (Baltimore, Maryland, USA, September 21, 2016) The Johns Hopkins University Information Security Institute and COMPASS Cyber Security are hosting the 3rd Annual Senior Executive Cyber Security Conference on Wednesday, September 21, from 8:30 a.m. – 4:00 p.m., on the Homewood campus of Johns Hopkins University. Hear from industry leaders on cyber security best practices and trends that will help you better secure your organization's data. This year's agenda examines the current cyber security landscape, threats, and challenges ahead for organizations and how senior leaders can work towards "shifting their data to being safe and secure."

New York Cyber Security Summit (New York, New York, USA, September 21, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. This educational and informational forum will focus on educating attendees on how to best protect highly vulnerable business applications and critical infrastructure. Attendees will have the opportunity to meet the nation’s leading solution providers and discover the latest products and services for enterprise cyber defense.

Gigaom Change 2016 Leader's Summit (Austin, Texas, USA, September 21 - 23, 2016) Over an immersive 2.5 days, we will explore the current state-of-the-art technologies, how these are transforming industry, and why this all matters. You’ll emerge with a greater understanding of the exponential technological changes occurring around us, and the confidence to accelerate tangible next steps. Gigaom Change is designed to empower businesses of today to thrive in a world of tomorrow. Gigaom Change will focus on the seven most disruptive enterprise technologies that are widely known but little understood: Artificial Intelligence, Virtual Reality, Robotics, Nanotechnology, Cybersecurity, 3-D Printing, and Human-Machine Interface.

NYIT Annual Cybersecurity Conference (New York, New York, USA, September 22, 2016) Presented by NYIT School of Engineering and Computing Sciences, this conference brings together cyber experts from academia, business, and government to address: Cyber Defense Against Attacks–How Industry Is Addressing Evolving Threats; Information Currency and Blockchain Vulnerability; Cyber Physical Systems, Cyber Infrastructure, and the Internet of Things; Government Agencies' Strategies for Securing Cyberspace; Cyber Risks of Smart Transportation; and Accelerating Cyber Education and Career Paths.

Cyber Security: How to Identify Risk and Act (Frankenmuth, Michigan, USA, September 26, 2016) Join us on 9/26/2016 for the PMI-MTC's annual project management PDD focusing on "Cyber Security: How to Identify Risk and Act." Earn 7 PDUs during the interactive sessions with well-known information security and project management experts. Featuring a keynote speaker from the FBI Detroit Cyber Task Force. Also featuring speakers from the Dow Chemical Company, UHY LLP, Ally Financial, CBI, and more.

CYBERSEC (Kraków, Poland, September 26 - 27, 2016) The CYBERSEC forum is the first of its kind in Poland and one of just a few regular public policy conferences in Europe devoted to the strategic issues of cyberspace and cybersecurity.The goal of the CYBERSEC conference is the formulation of practical recommendations that aim to increase resilience to cyber threats within specific economic sectors, states, and the EU as a whole.

Third Annual Women in Cyber Security Reception (Baltimore, Maryland, USA, September 27, 2016) The CyberWire is pleased to present the 3rd Annual Women in Cyber Security Reception in cooperation with our partner the Cybersecurity Association of Maryland (CAMI) on Tuesday, September 27, 2016, in Baltimore, MD - See more at: https://thecyberwire.com/events/s/3rd-annual-women-in-cyber-security-reception.html#sthash.Kgzd4dXp.dpuf

IP EXPO Nordic 2016 (Stockholm, Sweden, September 27 - 28, 2016) IP EXPO Nordic is part of Europe’s number ONE enterprise IT event series, designed for those looking to find out how the latest IT innovations can drive business growth and competitiveness. The event showcases brand new exclusive content and senior-level insights from across the industry, as well as unveiling the latest developments in IT. It covers everything you need to run a successful enterprise or organisation. Arrive with challenges, leave with solutions. IP EXPO Nordic 2016 incorporates six IT events under one roof – Cloud, Cyber Security, Networks and Infrastructure, Data Analytics, DevOps and Open Source. This year’s event will be the most comprehensive business-enhancing experience for those across the IT industry, including IT managers, CTOs, CDOs, network and storage engineers, CISOs, data analysts, developers and communications specialists.

SecureWorld Dallas (Plano, Texas, USA , September 27 - 28, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

Pegasus (a.k.a. Trident) found in UAE dissident's iPhone (Apple issues patch). Zscaler finds AgentTesla keylogger in cybersquatting campaign. Ramnit, Dreambot Trojan notes. NIST takes up de-identification. CSE ramps up surveillance