Election-related hacking reported on at least three continents. Shadow Brokers seem more interested in influence than profit or intelligence. US, Russia, exchange tough talk over cyberwar. Compromised databases. FBI releases details of Clinton email investigation.

Cyber Attacks, Threats, and Vulnerabilities

Cuba government filtering mobile text messages, dissidents say (Reuters) Cuba's Communist government is filtering mobile phone text messages for key words such as "democracy" and "human rights" and then blocking them, dissidents said on Monday

Indonesian militant in Syria luring M'sian IS sympathisers to launch attacks in country (Sun Daily) The Counter-Terrorism Division of the Special Branch has revealed that an Indonesian militant in Syria has been luring Malaysian Islamic State (IS) sympathisers to launch attacks here

Mexico Refuses to Probe Hacker's Claims of Electoral Fraud (Telesur) Colombian hacker Andres Sepulveda claimed that he hacked, spied, and manipulated social media for President Enrique Peña Nieto’s 2012 presidential campaign

New clues link election hacks in U.S. to Russian intelligence (Yahoo! News) A top cybersecurity firm said Friday it has found “significant” links between the hacks of two U.S. state election databases this summer and suspected Russian state-sponsored attacks against the ruling political party in Turkey and members of the Ukrainian Parliament

Illinois voter registry breach smaller than first thought (Christian Science Monitor) State election officials suspect hackers stole the personal information of 86,000 voters, not 200,000 it first suspected

Why Dems and the media always blame hacks on Moscow (Washington Examiner) Democratic leaders have blamed Russian hackers for this year's spate of cyberattacks, arguing that they prove Kremlin opposition to Hillary Clinton's presidential candidacy. And many in the media have been quick to accept that conclusion

Vladimir Putin: Whoever Hacked the D.N.C. did a Public Service (Vanity Fair) The Russian president denied any involvement in the hack, but he also didn’t condemn it

U.S. investigating potential covert Russian plan to disrupt November elections (Washington Post) U.S. intelligence and law enforcement agencies are investigating what they see as a broad covert Russian operation in the United States to sow public distrust in the upcoming presidential election and in U.S. political institutions, intelligence and congressional officials said

The threat posed by sore losers: Our election legitimacy is at risk — even without a cyber attack (Raw Story) We’ve heard a lot in recent weeks about the potential for Russian meddling in the presidential election

No Homeland Security can't step in to protect the election (USA Today) Any federal plan to intervene at this late date will backfire

How Spy Tech Firms Let Governments See Everything on a Smartphone (New York Times) Want to invisibly spy on 10 iPhone owners without their knowledge? Gather their every keystroke, sound, message and location? That will cost you $650,000, plus a $500,000 setup fee with an Israeli outfit called the NSO Group

Pokémon-inspired rootkit attacks Linux systems (IT News) Provides backdoor and traffic-hiding capabilities

Mirai DDoS Trojan Is the Next Big Threat to IoT Devices and Linux Servers (Full Circle) A new trojan named Mirai has surfaced, and it’s targeting Linux servers and IoT devices, mainly DVRs, running Linux-based firmware, for the purpose of enslaving these systems as part of a large botnet used to launch DDoS attacks

The Central Security Treatment Organization Ransomware Uses the Cry Extension and Communicates via UDP (Information Security Newspaper) A new ransomware that pretends to be from a fake organization called the Central Security Treatment Organization has been discovered by security researcher MalwareHunterTeam. When the Central Security Treatment Organization, or Cry, Ransomware infects a computer it will encrypt a victim’s files and then append the .cry extension to encrypted files. It will then demand approximately 1.1 bitcoins, or $625 USD, in order to get the decryption key

Fantom ransomware pretends to be a Windows critical update (Naked Security) We’ve had a few questions from readers asking about a new ransomware strain known as Fantom, blocked by Sophos products as Troj/Fantom-B

TorrentLocker Ransomware Still Around, Uses Tor to Hide Backup C&C Servers (Softpedia) Two years later, TorrentLocker is still going strong

Can't Stop the Ransomware (BankInfo Security) Bitcoin-hungry attackers target enterprises

​Understanding and defeating ransomware (CSO) "Ransomware is a reposing issue," says Eric Skinner, the VP for Market Strategy for Trend Micro

Point-of-sale data breaches have now reached the cloud (CSO) Lightspeed's cloud-based point-of-sale system, with 38,000 clients, has suffered a break-in

'Ripper' ATM Malware: Where Will Cybercriminals Strike Next? (InfoRisk Today) Asian banks get stung; expert predicts more attacks

‘Flash Hijacks’ Add New Twist to Muggings (KrebsOnSecurity) A frequent crime in Brazil is a scheme in which thieves kidnap people as they’re leaving a bank, and free them only after visiting a number of ATMs to withdraw cash

Cyber Attacks On SWIFT’s Banks (Information Security Buzz) SWIFT, the global financial messaging system, disclosed new hacking attacks on its member banks as it pressured them to comply with security procedures instituted after February’s high-profile $81 million heist at Bangladesh Bank. IT security experts from Tripwire, Lieberman Software, MIRACL, Imperva and ESET comments on the attacks

SWIFT kick in the banking (CSO) When SWIFT made headlines back in April of 2016, I could not help but wonder how bad things really were. Many people were blissfully unaware as to what SWIFT (Society for Worldwide Interbank Financial Telecommunication) even was or what it could be used for

98 million Rambler.ru accounts surface after 2012 hack (CSO) Passwords stored in the clear

7 Million LifeBoat Accounts from Jan 2016 Breach Leaked Online (HackRead) Lifeboat has something to worry about — perhaps it should inform users how the stolen 7 million accounts from January 2016 breach have surfaced online now?

Hacked BitcoinTalk.org Forum Database Goes for Sale on Dark Web (HackRead) A hacker is selling hacked database of Bitcointalk.org, a Bitcoin forum that was hacked in May 2015 but its database was leaked a couple of days ago

Nearly 800,000 Brazzers users’ credentials exposed (Help Net Security) Account login credentials of nearly 800,000 Brazzers porn site users have been stolen in 2012, but the breach has only now come to light, after the data dump was obtained by breach monitoring site Vigilante.pw

Sundown is Just a Bunch of Exploits Stolen from Other Exploits Kits (Information Security Newspaper ) Sundown EK fails to improve market share among fellow EKs. The Sundown exploit kit (EK), which has been trying to fill the void left by the death of the Angler and Nuclear EKs, is nothing more than a collection of copy-pasted exploits, according to Trustave’s SpiderLabs team

Bilal Bot: That Time a Malware Developer Asked Me to Correct a Security Blog (IBM Security Intelligence) The user, who claimed to be the author of Bilal Bot, contested that the malware had been updated with more features and was being offered in underground forums at a higher cost that what we reported. The author offered to be interviewed to clarify

Hackers Have Evolved into Sophisticated, Organized Criminals (Infosecurity Magazine) If there’s one thing the last few years have shown us it’s that hackers have evolved into sophisticated, organized criminals, capable of orchestrating well-oiled, imaginative attacks

Hacking mobile login tokens tricky but doable, says reverse-engineer (Register) I think I'm a clone now, there's always two of me just a-hangin' around

Expert Questions Claim That St. Jude Pacemaker Was Hacked (IEEE Spectrum) Last week, a controversial report claimed that pacemakers and other implantable heart devices made by the manufacturer St. Jude Medical have massive security flaws that leave them vulnerable to hacking. Now, medical device security expert Kevin Fu, an associate professor at University of Michigan, is questioning the accuracy of that report

So far, St. Jude Medical weathering cybersecurity scrutiny (Minneapolis Star Tribune) A report saying its devices lacked needed safeguards has so far proved untrue

Retiring Sysadmin Fakes Cyber-Attack to Get Away with Data Theft (Softpedia) He did it because he wanted a house in a seaside town

Sophos false positive detection ruins weekend for some Windows users (CSO) Sophos antivirus products detected winlogon.exe as malicious

Porn Chatbot Tricks Argentinians Into Thinking They’re Chatting With President (Motherboard) Is that person you’re interacting with online a real flesh-and-bones human, or are they actually just made of 1s and 0s?

Security Patches, Mitigations, and Software Updates

Google Chrome fixes serious vulnerabilities, thanks to bug fighters (Naked Security) The latest Google Chrome browser update comes with 33 vulnerability patches, including 13 that are high-severity. It’s all thanks to community contributors and bug fighters who submitted fixes for Chrome’s bug bounty program

Android device updates: Verizon Galaxy S7, S7 Edge get key updates, AT&T phones add Wi-Fi calling (Green Bot) The AT&T S7 and S7 Edge get the monthly security update, while the Galaxy S5 and S5 Active finally get Marshmallow along with Wi-Fi calling capabilities

Cyber Trends

Hacking away at your phone (Sunday Times) Cyber-criminals are switching from PCs and laptops to mobiles containing swathes of our private information. Experts are urging us to be more on our guard

25 Years Of DDoS (Qube) It has been 25 years since the first DDoS attack, and since then the world has witnessed many variants which all share the same result: disrupting the availability of the target host and its services

Big data analytics is key to stronger cybersecurity (ITWire) Big data analytics is fast becoming the defence to a cyber security offence

Your Kitchen Appliances Are Watching You, Security Expert Warns (Bloomberg Technology) More connected household objects collect personal data. Vendors should be more transparent on data use, Kaspersky says

Mac Malware Part of Worsening Security Picture (eSecurity Planet) While Mac malware is not as big of a problem as attacks meant for Windows, hackers are targeting Apple operating systems more than ever before

Public yawns at threat of cyber crime (San Diego Union-Tribune) The seemingly inpenetrable National Security Agency was hacked recently. So was the Democratial National Committee, and voter registration offices in Illinois and Arizona

Why Asia-Pacific Lags in Data Breach Detection (InfoRi Today) FireEye's Rob van der Ende identifies shortcomings

Marketplace

Kaspersky 'terminates' deal with security reseller Quadsys (Register) Hack a rival? We're not cool with that, says Russian AV titan

Assured Information Security acquires Maryland firm (Central New York Business Journal) Assured Information Security, Inc. (AIS) announced it has acquired Ross Technologies, Inc. (RTGX) of Maryland

Palo Alto Networks Slashes Growth Forecast (PANW) (Investopedia) While demand for corporate security services still outpaces broader IT spending increases, the industry is facing slower growth in 2016. In 2015, the global economy saw major hacking incidents involving security breaches at companies such as Sony Corp. (SNE) and Anthem Inc. (ANTM)

Why FireEye Is A Sell (Seeking Alpha) FEYE’s billings growth has also slowed down remarkably of late, which is bad news for investors as it is hurting the financial performance and forced a lower guidance

BAE sets sights on bigger slice of the cyber defence market (Telegraph) BAE SYSTEMS has teamed up with Germany’s top insurer Allianz as it aims to grab a bigger slice of the burgeoning cyber defence market

VMworld: My Cybersecurity-Centric Impressions (Network World) NSX security is gaining traction in the VMware installed based but the story remains confusing to cybersecurity professionals. VMware needs to bolster its NSX security go-to-market initiatives to scale to the next level

Microsoft bug bounty program adds .Net Core and ASP.Net Core (InfoWorld) The company will pay researchers up to $15,000 for critical vulnerabilities found in these software development platforms

Movers and Shakers: DigiCert Promotes COO John Merrill to CEO (IoT Evolution) DigiCert, a global trusted identity and authentication services provider for enterprise web applications and the IoT, has named John Merrill its new CEO

Products, Services, and Solutions

Hexadite Announces Strategic Reseller Agreement with HPE (BusinessWire) Partnership to strengthen HPE Security Intelligent Security Operations Portfolio with Security Orchestration and Automated Incident Response Platform

Take Advantage of Security Cheat Codes With Behavioral Intelligence (IBM Security Intelligence) It's not quite God Mode, but an effective behavioral intelligence solution, paired with a security intelligence solution, can help analysts understand behavior patters to sniff out insider threats. The E8 Security App for QRadar provides this

Hillary Clinton adopts start-up's encryption app (Financial Times) Hillary Clinton last week joined the billions of people who now have their messages secured by a tiny, three-person non-profit based in the Mission district of San Francisco

What this expensive ‘secure’ phone tells us about mobile hacking (CSO) Will a $12,000 phone protect you from mobile malware?

'Ultra secure' Turing Phone plagued by shaky security claims (ZDNet) Questions remain over claims that this 'secure' phone can keep data safe

Kaspersky releases security cloud for SMB (Enterprise Times) Security vendor Kaspersky has released a new Software as a Service solution for Small to Medium Businesses (SMB)

Project Argus Is an Outlook Plugin for Reporting Phishing Attacks (Softpedia) You can now report suspicious emails by pushing one button

Technologies, Techniques, and Standards

Threat Hunting: More than a Marketing Buzzword (Delta Risk) In early August we presented a comprehensive webinar on threat hunting. In this post, we expand on that presentation to explore the use of the term “hunt,” and why threat hunting is more than just a buzzword

Balancing Compliance, Business Risk Security Strategies (InfoRisk Today) Security head at credit-rating bureau shares insights on setting security priorities

People, Please Don’t Store Private Data in Your Address Book (Wired) There's been some controversy over the data that Donald Trump’s campaign app collects. Though the America First app asks before accessing anything on both Android and iOS, it gathers and stores the data from smartphone address books as soon as it is granted permission

Design and Innovation

Can biometrics and the FIDO Alliance save us from password overload? (Help Net Security) FIDO AllianceAll the available evidence indicates our password-based security system is broken

Microsoft Launches Smart Contracts Security Working Group (Coin Desk) Microsoft has revealed it is organizing a working group dedicated to improving smart contracts security

Research and Development

University of Illinois awarded cyber research contract (C4ISRNET) The University of Illinois Urbana-Champaign has been awarded an $18.7 million Air Force contract to develop a cybersecurity research system

Pixellation popped: AI can ID you, even after PhotoShop phuzzing (Register) Like humans, machines can ID obfuscated faces - only faster

Academia

Morgan Designated as Center of Academic Excellence by the NSA and Department of Homeland Security (Morgan State University) University recognized for advancements in cyber defense education, certified through 2021

UK’s Cyber Amateurs Battle Shadowy Hackers (Infosecurity Magazine) Some of the UK’s top cyber amateurs battled each other in exercises over the weekend for the right to reach the Masterclass final of the Cyber Security Challenge UK in November

Legislation, Policy, and Regulation

State Governments' War Against Cybercrime (InfoRisk Today) Cyber labs, CERTs will play critical roles

Australia still has a way to go to become an infosec world leader (IT News) Taking lessons from Israel

Brazil Must Rebalance Its Approach to Cybersecurity (Council on Foreign Relations) When Brazil attends the Group of 20 Summit in Hangzhou next week, cybersecurity will be on the top of everyone’s mind

Obama Tells Putin Hackers Shouldn't Create Cyber 'Wild Wild West' (ABC News) President Obama addressed his tense, 90-minute-long meeting with Russian President Vladimir Putin on the sidelines of the G20 in a press conference on Monday

Obama Threatens Cyber War on Russia Turning G20 Summit Into a Political Event (Sputnik) President Barack Obama took a hardline during discussions with his Russian counterpart Vladimir Putin on the sidelines of the G20 Summit parroting the theory of Hillary and the Democrats that Moscow has nothing better to do than intervene in America’s election

Obama warns of cyber 'arms race' with Russia (Politico) President Barack Obama issued a subtle warning to Russia on Monday, noting that the United States has “more capacity than anybody, both offensively and defensively” when it comes to cyber weapons

The Shadow Brokers Publish NSA Spy Tools, Demonstrating Possible Flaws in the NSA’s Approach to Security Vulnerabilities (EFF) The vulnerabilities equities process is unaccountable, secretive, and nonbinding

The NSA’s stash of digital holes is a threat to everyone online (Guardian) The revelation by hackers of the internet vulnerabilities stockpiled by US intelligence shows that in the fight against cybercrime public safety is ignored

Halvorsen: Cybersecurity must be a risk assessment in context of mission (C4ISRNET) When it comes to cybersecurity, the criticality of cyber in the functionality of systems creates difficulties in a traditional sense of security. The Defense Department's chief information officer, Terry Halvorsen, is approaching this issue from a risk standpoint as opposed to security

Counter voting hacking threat (Post and Courier) News that foreign hackers, probably from Russia, accessed computerized voter rolls in Illinois and tried to break into the Arizona state electoral system earlier this year should grab the attention of election officials across the nation

Litigation, Investigation, and Law Enforcement

FBI Releases Documents in Hillary Clinton E-Mail Investigation (Federal Bureau of Investigation) Today the FBI is releasing a summary of former Secretary of State Hillary Clinton’s July 2, 2016 interview with the FBI concerning allegations that classified information was improperly stored or transmitted on a personal e-mail server she used during her tenure

A mystery user breached an email account on Clinton's server (CSO) The unknown user browsed email folders and attachments, the FBI says in newly released documents

Bill Clinton Staffer’s Email Was Breached on Hillary’s Private Server, FBI Says (Wired) Since it came to light that Hillary Clinton ran a private email server during her time as Secretary of State, that computer’s security has become a subject of controversy among politicos whose only notion of a “server” until recently was a waiter carrying canapés at a fundraising dinner

Evidence Clinton Was Speared In Phishing Attack (Smoking Gun) FBI report details "multiple" attempts to breach accounts

Clinton answers reporters' questions on emails, cyber hacking, in rare exchange (Fox News) Democratic presidential nominee Hillary Clinton on Monday held a question-and-answer session with reporters, defending her handling of confidential material as secretary of state and answering several other pressing questions, amid criticism she has largely avoided the news media during her campaign

A state.gov Email Account Is Not a Secure Account (Mother Jones) I had a conversation today on Twitter that suggests there's something that perhaps a lot of people don't quite understand

Kaine: Trump's actions like Watergate (CNN) Hillary Clinton's running mate Tim Kaine compared Donald Trump's seeming encouragement of Russia to hack and release Clinton's emails to Watergate

Amazon, Google, Apple… Fox News join Microsoft in US gag orders fight (Ars Technica) Eclectic bunch support MS battle against US government's secret requests for user data

Activists to FBI: Show Us Your Warrant for Mass Hack of TorMail Users (Motherboard) Mass hacking is now one of the FBI's established tactics for fighting crime on the dark web

Police Seize Two Perfect Privacy VPN Servers (TorrentFreak) VPN provider Perfect Privacy has had two of its servers seized by Dutch police, as part of an active investigation

Suspect arrested in 5-year-old kernel.org breach (CIO) A computer programmer is accused of compromising several Linux Foundation servers in 2011

Report: Nigeria Detains Reporter Over Boko Haram Link (AP via ABC News) Nigerian intelligence agents Monday detained a journalist off an aircraft arriving from Dubai, over alleged links to Boko Haram and purported knowledge of the kidnapped Chibok schoolgirls, Nigerian media and a security agent reported

Australian Teenager Sentenced to 10 Years in Jail for Anzac Day Terror Plot (New York Times) A teenager who plotted to run over and behead a police officer during a holiday parade in Melbourne last year was sentenced on Monday to 10 years in jail

Warner Bros. flags own site for piracy, orders Google to censor pages (Ars Technica) Studio also wanted Amazon, Sky, and IMDb links nixed for allegedly breaking copyright law

Pokémon Go church stunt could mean hefty jail term for Russian blogger (Ars Technica) 22-year-old accused of "insulting religious sensitivities," faces five years behind bars

John McAfee Sues Intel over Naming Rights (Infosecurity Magazine) Controversial anti-virus pioneer John McAfee has been told by Intel he can’t use his own name to rebrand a new company because the chip giant owns the rights

For a complete running list of events, please visit the Event Tracker.

Upcoming Events

cybergamut Technical Tuesday: Quantifying Cyber Attacks: To Optimize and Assess your Defense by Jason Syversen of Siege Technologies (Elkridge, Maryland, USA, Sep 6, 2016) cybergamut Technical Tuesday is for cyber professionals to exchange innovative ideas and discuss technical issues of mutual interest. We’ll have a Technical Tuesday event on 6 September 2016 (1600 – 1730 East Coast Time). This talk describes the challenges of quantifying offensive and defensive capabilities and posture. This is not an IT-oriented metrics-talk about measuring the firewall rules or number of incidents last year. Instead, you’ll hear about new military-backed research on how to quantify the effectiveness of attacks, predict outcomes and measure defensive strength, as well as the future of data-driven security technologies.

2016 Intelligence & National Security Summit (Washington, DC, USA, Sep 7 - 8, 2016) Third annual unclassified summit hosted by AFCEA International and the Intelligence and National Security Alliance (INSA). There are five plenary sessions and nine breakout sessions related to cybersecurity, policy, and enduring strategic issues

Annual Privacy Forum 2016 (Frankfurt, Hesse, Germany, Sep 7 - 8, 2016) In the light of the upcoming data protection regulation and the European digital agenda, DG CONNECT, ENISA and, Goethe University Frankfurt is organizing APF 2016. In the light of the upcoming data protection regulation and the European digital agenda, DG CONNECT, ENISA and, Goethe University Frankfurt is organizing APF 2016.

Innoexcell Annual Symposium 2016 (Singapore, Sep 8, 2016) The Innoxcell Annual Symposium (IAS) is largest and most comprehensive international legal and regulatory compliance conference in Hong Kong, Beijing, Shanghai, Singapore, Australia and United States.This is the only event of its kind that will run multiple paths covering great diversity of Legal and Regulatory Compliance topics with over 20 sessions to select from and 10+ exhibitions. We aim to provide a ‘one-of-a-kind’ conference for legal and compliance executives and professionals from different industries to explore the latest best legal and business practices, catch-up with latest regulatory updates, establish networking with prominent legal professionals around the Globe, as well as visit the legal technology and solutions exhibition.

SecureWorld Cincinnati (Sharonville, Ohio, USA, Sep 8, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers

Borderless Cyber Europe (Brussels, Belgium, Sep 8 - 9, 2016) Join CIOs, CISOs and cyber threat intelligence experts from industry, government and CSIRTs worldwide to share experiences, strategies, tactics and practices that will improve your state of preparedness and more effectively protect your business against cyber threats. You will learn how to build communities of practice between C-level professionals and IT security practitioners, access the latest cyber threat information sharing and get actionable experiences from real-world use cases.

SANS Network Security 2016 (Las Vegas, Nevada, USA , Sep 10 - 16, 2016) We are pleased to invite you and your colleagues to attend SANS Network Security 2016 at the magnificent Caesars Palace, Las Vegas, on September 10-19. SANS Network Security is your annual networking opportunity! SANS will bring you the best in network security training, certification, and up-to-the-minute research on the most important topics in the industry today.

Business Insurance Cyber Risk Summit 2016 (San Francisco, California, USA, Sep 11 - 12, 2016) The Business Insurance Cyber Risk Summit provides risk management professionals and chief information security officers with the practical information and tools needed to combat the latest cyber risks that threaten their organizations. The day-long conference will explore cyber exposures, regulations, governance and insurance coverage. Risk managers and CISOs will learn how to adapt proven risk management strategies to their current cybersecurity environments, how to better communicate with their information security teams, and how to effectively convey risks, exposures and coverage options to their corporate boards and the C suite.

Hacker Halted 2016 (Atlanta, Georgia, USA, Sep 11 - 16, 2016) This ​year, ​Hacker ​H​alted’s theme​ is​ the Cyber Butterfl​​y Effect​:​ When ​S​mall ​M​istakes ​L​ead to ​B​ig ​D​isasters​. The goal of the conference is to bring the IT security community together to discuss how organizations are often compromised through the smallest of mistakes​ and how implementing effective changes can have ripple effects throughout all departments of an organization.

(ISC)² Security Congress (Orlando, Florida, USA, Sep 12 - 15, 2016) (ISC)² Security Congress offers attendees over 90 education sessions, designed to transcend all industry sectors, focus on current and emerging issues, best practices, and challenges facing cybersecurity leaders. As cyber threats and attacks continue to rise, the goal of (ISC)² Security Congress is to advance security leaders by arming them with the knowledge, tools, and expertise to protect their organizations.

7th Annual Billington Cybersecurity Summit (Washington, DC, USA, Sep 13, 2016) Join over 600 senior-level attendees, more than 50 distinguished speakers, and over 40 prestigious sponsors and exhibitors at the 7th Annual Billington CyberSecurity Summit, the leading Fall forum on cybersecurity in the Nation’s Capital, on September 13 in Washington, D.C. at the Ronald Reagan Building and International Trade Center. Keynotes Include NSA Director Admiral Michael Rogers and top U.K. and Israeli Cyber Leaders.

Privacy. Security. Risk. 2016 (San Jose, California, USA, Sep 13 - 16, 2016) Innovative since Day 1, P.S.R. brings together two related fields—privacy and security—helping you see beyond your role in order to excel in your role. Because perspective is everything. Delivering the most thought-provoking speakers, sessions led by foremost experts and invaluable opportunities to connect and share ideas, P.S.R. gives you a world of new perspective.

CISO GAS (Frankfurt, Hessen, Germany, Sep 13, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. CISOs and IT security executives must always have this in mind, as well as a host of other evolving concerns, from curbing Bring-Your-Own-Device (BYOD) risk to controlling vulnerable social media data. In order for today's leading enterprises to operate smoothly, information security must be ahead of the hackers and kept abreast of the latest IT security topics and trends. The CISO Summit will bring together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include engaging Keynote Presentations, Thought Leadership sessions, CISO Think Tanks, Analyst Q&As and much more

ISS World Americas (Washington, DC, USA, Sep 13 - 15, 2016) ISS World America is the world's largest gathering of North American Law Enforcement, Intelligence and Homeland Security Analysts as well as Telecom Operators responsible for Lawful Interception, Hi-Tech Electronic Investigations and Network Intelligence Gathering and Sharing. ISS World Programs present the methodologies and tools for Law Enforcement, Public Safety and Government Intelligence Communities in the fight against drug trafficking, cyber money laundering, human trafficking, terrorism and other criminal activities conducted over today's Telecommunications networks, the Internet and Social Networks.

Tarleton State University Cyber Security Summit 2016 (Dallas, Texas, USA, Sep 13, 2016) Cyber Security for the Board and the C-Suite: "What You Need to Know." Cyber Security experts will discuss corporate cyber-attacks and legal practitioners will discuss strategies to help companies comply with the increasingly complex data security laws. Data privacy and security experts will discuss practical solutions to current problems.

Insider Threat Program Development Training For NISPOM CC 2 with Legal Guidance (Germantown, Maryland, USA, Sep 14 - 15, 2016) Insider Threat Program Development Training for NISPOM CC 2 (Germantown, Maryland, September 14 - 15, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. The training will include "Legal Considerations & Guidance For Insider Threat Programs" (Privacy Concerns, User Activity Monitoring, Investigations, Etc.) - Provided By Co-Instructor Insider Threat Law - Licensed Attorney. Insider Threat Defense has trained over 400 organizations and has become the "leader-go to company" for insider threat program development training.

SecureWorld Detroit (Dearborn, Michigan, USA , Sep 14 - 15, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers

Insider Threat Program Development Training for NISPOM CC 2 (Milwaukee, Wisconsin, USA, Sep 19 - 20, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust insider threat program. Insider Threat Defense has trained over 350+ organizations and has become the "leader-go to company " for insider threat program development training.

4th ETSI/IQC Workshop on Quantum-Safe Cryptography (Toronto, Ontario, Canada, Sep 19 - 21, 2016) This three-day workshop brings together diverse players in the quantum-safe cybersecurity community to facilitate the knowledge exchange and collaboration required to transition cyber infrastructures and business practices to make them safe in an era with quantum computers. Attendees and presenters will include leaders from the fields of post-quantum (quantum resistant) cryptography, quantum key distribution (QKD), theoretical and commercial integration of cryptography and security tools, first-adopters of quantum-safe tools from industry and government, and members of standards bodies. Anyone interested in joining the growing community that is working to mitigate the quantum risk and creating quantum safe cryptosystems for the future should attend this workshop.

Cyber Physical Systems Summit (Newport News, Virginia, USA, Sep 20 - 22, 2016) On September 20-22, 2016 the Commonwealth will be hosting a Cyber and Physical Systems Summit. The three day event will consist of roundtable discussions, plenary and panel presentations across the intersection of cyber and three vectors – Autonomy, Physical Systems (Mfg), and Critical Infrastructure. Participants in the Summit will engage in conversations surrounding challenges, opportunities, threats, and the associated policy and budgetary implications.

hardwear.io Security Conference (The Hague, the Netherlands, Sep 20 - 23, 2016) hardwear.io Security Conference is a platform for hardware and security community where researchers showcase and discuss their innovative research on attacking and defending hardware. The objective of the conference revolves around four key concerns in hardware, firmware and related protocols i.e. backdoors, exploits, trust and attacks (BETA). hardwear.io is seeking innovative research on hardware security. If you have done interesting research on attacks or mitigation on any Hardware and want to showcase it to the security community, just submit your research paper.

3rd Annual Senior Executive Cyber Security Conference: Navigating Today's Cyber Security Terrain (Baltimore, Maryland, USA, Sep 21, 2016) The Johns Hopkins University Information Security Institute and COMPASS Cyber Security are hosting the 3rd Annual Senior Executive Cyber Security Conference on Wednesday, September 21, from 8:30 a.m. – 4:00 p.m., on the Homewood campus of Johns Hopkins University. Hear from industry leaders on cyber security best practices and trends that will help you better secure your organization's data. This year's agenda examines the current cyber security landscape, threats, and challenges ahead for organizations and how senior leaders can work towards "shifting their data to being safe and secure."

New York Cyber Security Summit (New York, New York, USA, Sep 21, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. This educational and informational forum will focus on educating attendees on how to best protect highly vulnerable business applications and critical infrastructure. Attendees will have the opportunity to meet the nation’s leading solution providers and discover the latest products and services for enterprise cyber defense.

Gigaom Change 2016 Leader's Summit (Austin, Texas, USA, Sep 21 - 23, 2016) Over an immersive 2.5 days, we will explore the current state-of-the-art technologies, how these are transforming industry, and why this all matters. You’ll emerge with a greater understanding of the exponential technological changes occurring around us, and the confidence to accelerate tangible next steps. Gigaom Change is designed to empower businesses of today to thrive in a world of tomorrow. Gigaom Change will focus on the seven most disruptive enterprise technologies that are widely known but little understood: Artificial Intelligence, Virtual Reality, Robotics, Nanotechnology, Cybersecurity, 3-D Printing, and Human-Machine Interface.

NYIT Annual Cybersecurity Conference (New York, New York, USA, Sep 22, 2016) Presented by NYIT School of Engineering and Computing Sciences, this conference brings together cyber experts from academia, business, and government to address: Cyber Defense Against Attacks–How Industry Is Addressing Evolving Threats; Information Currency and Blockchain Vulnerability; Cyber Physical Systems, Cyber Infrastructure, and the Internet of Things; Government Agencies' Strategies for Securing Cyberspace; Cyber Risks of Smart Transportation; and Accelerating Cyber Education and Career Paths.

GDPR Comprehensive 2016 (London, England, UK, Sep 22 - 23, 2016) The GDPR is now a reality. Are you prepared? We had an incredible response to the IAPP GDPR Comprehensive in Brussels and New York, where we prepared hundreds of privacy and data protection professionals for the implementation of the GPDR. Now we’re bringing the programme to London. Don’t miss this intensive, two-day guided tour of the GDPR with the industry’s most knowledgeable experts.

Cyber Security: How to Identify Risk and Act (Frankenmuth, Michigan, USA, Sep 26, 2016) Join us on 9/26/2016 for the PMI-MTC's annual project management PDD focusing on "Cyber Security: How to Identify Risk and Act." Earn 7 PDUs during the interactive sessions with well-known information security and project management experts. Featuring a keynote speaker from the FBI Detroit Cyber Task Force. Also featuring speakers from the Dow Chemical Company, UHY LLP, Ally Financial, CBI, and more.

CYBERSEC (Kraków, Poland, Sep 26 - 27, 2016) The CYBERSEC forum is the first of its kind in Poland and one of just a few regular public policy conferences in Europe devoted to the strategic issues of cyberspace and cybersecurity.The goal of the CYBERSEC conference is the formulation of practical recommendations that aim to increase resilience to cyber threats within specific economic sectors, states, and the EU as a whole.

Third Annual Women in Cyber Security Reception (Baltimore, Maryland, USA, Sep 27, 2016) The CyberWire is pleased to present the 3rd Annual Women in Cyber Security Reception in cooperation with our partner the Cybersecurity Association of Maryland (CAMI) on Tuesday, September 27, 2016, in Baltimore, MD - See more at: https://thecyberwire.com/events/s/3rd-annual-women-in-cyber-security-reception.html#sthash.Kgzd4dXp.dpuf

IP EXPO Nordic 2016 (Stockholm, Sweden, Sep 27 - 28, 2016) IP EXPO Nordic is part of Europe’s number ONE enterprise IT event series, designed for those looking to find out how the latest IT innovations can drive business growth and competitiveness. The event showcases brand new exclusive content and senior-level insights from across the industry, as well as unveiling the latest developments in IT. It covers everything you need to run a successful enterprise or organisation. Arrive with challenges, leave with solutions. IP EXPO Nordic 2016 incorporates six IT events under one roof – Cloud, Cyber Security, Networks and Infrastructure, Data Analytics, DevOps and Open Source. This year’s event will be the most comprehensive business-enhancing experience for those across the IT industry, including IT managers, CTOs, CDOs, network and storage engineers, CISOs, data analysts, developers and communications specialists.

SecureWorld Dallas (Plano, Texas, USA , Sep 27 - 28, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers