The CyberWire Daily Briefing 10.13.16

Summary

By The CyberWire Staff

Patriotic hacktivism, possibly state-directed, flares again in the long-running antipathy between India and Pakistan.

Australia's leadership swears off WhatsApp as a security risk. (In the UK, security fears have led HM Government to exclude iWatches from cabinet meetings.)

To the embarrassing emails published by WikiLeaks add another online problem for US Presidential candidate Clinton's campaign manager Podesta: his Twitter account was hijacked yesterday to tweet "I've switched teams. Vote Trump." US Federal officials at the Departments of Justice, Defense, and Homeland Security continue to evolve plans for protecting state and local election infrastructure.

The US mulls its response to Russian election hacking. That response, when it comes, whatever it may prove to be, is promised to be "proportional," a concept whose home is just war theory. The Russian embassy to the US crocodile-tweets its own take on the state of Russo-American relations: "bilateral relations became collateral damage in domestic debate in US. We are open to restarting dialogue and restoring normalcy."

Compromised IoT devices have a bigger role in the criminal underground than DDoS botnet potential. Researchers find criminals are also using them as proxies to hide their location, and exploiting them in other workaday ways.

Criminals are increasingly using in-game currencies to launder real-world money.

Hackers compromise Modern Business Solutions' MongoDB.

Windows Script File attachments are being actively exploited in the wild.

SAP fixes forty-eight vulnerabilities, the most in any patch since 2012.

Cybersecurity stocks show unpleasant volatility as traders react to Fortinet's downbeat guidance on security spending trends.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, Brazil, Canada, China, India, Iran, Libya, Pakistan, Russia, United Kingdom, United States

A note to our readers: The theme for this second week of National Cyber Security Awareness Month in the United States is, "From the Break Room to the Boardroom: Creating a Culture of Cybersecurity in the Workplace."

On the Podcast

The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today's partner segment features Ran Yahalom from Ben-Gurion University, introducing himself and talking about his area of interest: the security implications of USB devices. Our guest, Amber Steel from Lastpass, shares the results of a recent password survey. And if you enjoy the podcast, please consider giving it an iTunes review.

Sponsored Events

Tech Talk: Blockchain & Bitcoin (Laurel, Maryland, USA, October 17, 2016) Join Novetta and Chainanalysis at Jailbreak Brewery to learn about Bitcoin, a digital currency, and Blockchain, the technology that makes it all work. Rub elbows with like-minded techies and enjoy ice cold beer - Don’t miss out.

Cyber Security Summit (Los Angeles, California, USA, October 20, 2016) Senior-level executives are invited to learn about the latest threats and solutions in cyber security from experts from the U.S. Dept. of Justice, Darktrace, IBM and more. Use promo code cyberwire50 for a 50% off (Regular price $250).

Selected Reading

Cyber Trends

Credit Cards and Mobile Payments: What Your Business Needs to Know for Now and the Near Future (Rutgers Online) Monetary exchange of goods has been a part of society for ages, though it has taken many different forms throughout the years

Dimension Data: Mobile Workspaces Are Not Ready for the Cyber Threats of Tomorrow (BusinessWire) Dimension Data, the USD7.5 billion global ICT solutions and services provider, today published a ¹white paper that examines the need for organisations to transform in order to allow employees to work in more mobile workspaces

Securing workspaces in a hyperconnected digital era (Help Net Security) Enterprises that fail to offer employees a flexible, autonomous, and creative work environment are at risk of not attracting and retaining next-generation talent, according to Dimension Data. Unfortunately, most workspaces are not ready for the cyber threats of tomorrow

Grey hats and blue skies, dealing with airline security (CSO) Airline security in the 21st century will have to address hacking and physical threats

Netskope and Ponemon Institute Study: Majority of Businesses Have Not Inspected Cloud Services for Malware (PRNewswire) As cloud services usage - and risk - increases, businesses still lack visibility into data breaches

Shadow IT intensifies cloud security risks (Help Net Security) Lack of visibility into an organization’s use of cloud providers can lead to unauthorized access to data, improper handling and storage of data and improper data removal. As a result, organizations are left highly exposed and vulnerable to a data breach, reveales a new Blancco Technology Group study

UK Financial Fraud Nears £400 Million (Infosecurity Magazine) Financial fraud in the first half of the year reached £399.5 million and was driven mainly by online attacks, according to Financial Fraud Action UK

One-quarter of Canadian small and medium businesses with revenue over $10M victims of cyberattack: study (Canadian Underwriter) One in four Canadian small and medium-sized businesses (SMBs) with annual revenue over $10 million have been victims of a cyberattack compared to only one in 10 with annual revenue under $10 million, according to a new survey from Internet security provider ESET

Second Australian Cyber Security Centre (ACSC) Threat Report (Australian Cyber Security Centre) With more and more high profile cyber security incidents being made public, awareness of the importance of cyber security continues to steadily increase. However, while an ongoing dialogue is good for Australia, the level of public discussion and understanding would benefit from more informed and considered perspectives. In order to have a mature discussion in 2016, it is particularly important that we get the language right - calling every incident a ‘hack’ or ‘attack’ is not helpful for a proportionate understanding of the range of threats and only promotes sensationalism. And treating every adversary as though they are all equally sophisticated and motivated detracts from a balanced perspective of risk and vulnerability

Legislation, Policy and Regulation

G7 Nations Plan To Team Up To Tackle Financial Cybercrime (Dark Reading) Group of Seven nations' new guidelines include sharing updates by governments, private firms and regulators, plus joint address of shortfalls

G-7 Issues Cybersecurity Guidelines (Infosecurity Magazine) The Group of Seven (G-7) released the Fundamental Elements of Cybersecurity for the Financial Sector this week, which are guidelines for protecting the global financial sector from cyberattacks

Five Goals for Brazil's New Foreign Policy (Americas Quarterly) Brasília should embrace a more realistic, involved—but still ambitious—role in a changing world

Johnson plays down new Cold War with Russia (Reuters) British foreign minister Boris Johnson said on Thursday it was not "entirely right" to talk about a new Cold War with Russia because Moscow did not pose as much of a threat to global stability as the former Soviet Union had

After U.S. blames Russia for hacking, what comes next? (C4ISRNET) It came as no surprise when the U.S. government on Oct. 7 formally declared Russia was the culprit of several high-profile cyber intrusions this year, such as those into the Democratic National Committee

How to Win the Cyber War Against Russia (Foreign Policy) Vladimir Putin’s brazen attack on U.S. democracy demands that the Obama administration respond with a firm hand

Russia, Russia, Russia: What Clinton Or Trump Can Do About Nation-State Hacking Gone Wild (Dark Reading) US mulls 'proportional' response to Democratic Party hacks in midst of an unprecedented presidential campaign clouded by cybersecurity concerns (among other things)

Russia May Be Hacking Us More, But China Is Hacking Us Much Less (NBC News) In a rare bit of good cyber security news, Chinese hacking thefts of American corporate secrets have plummeted in the 13 months since China signed an agreement with the Obama administration to curb economic espionage, U.S. officials and outside experts say

Pentagon joins Homeland, FBI in eyeing oversight, control of elections (Washington Times) Concerns about Russian hacking into the November 8 election have now reached the Pentagon where the military's top cyber official has outlined a plan to help the FBI and Department of Homeland Security to track an election altering attack

Senator wants nationwide, all-mail voting to counter election hacks (Ars Technica) 33 states have asked Department of Homeland Security to help secure voting systems

What it takes to secure the elections (TechCrunch) While virtually every industry and domain is flourishing and being revolutionized by technological advances, more than three-quarters of U.S. citizens will vote for their next president on paper ballots this November

What are U.S. officials saying about a potential NSA-CYBERCOM split? (C4ISRNET) A number of lawmakers on Capitol Hill are vehemently opposed to severing the dual-hat position between the director of the National Security Agency and commander of US Cyber Command

Army Cyber Command names new commander (C4ISRNET) Lt. Gen. Paul Nakasone will take the reigns as commander of Army Cyber Command and Second Army. Nakasone will take over for Lt. Gen. Edward Cardon, who will be reassigned to a separate role at the Pentagon

PURA chairman now cyber chief (Hartford Business Journal) Art House of Simsbury has been appointed to the newly created position of the state's chief cyber security risk officer, Gov. Dannel P. Malloy said Wednesday

Products, Services, and Solutions

Cayuga Networks Launches Next-generation Web Application Protection to Deliver Only Alerts that Matter (PRNewswire) Dr. Stuart Staniford transforms web application security by applying advanced detection algorithms, machine learning, real-time forensics and human risk determination to detect attacks that otherwise go undetected

Oxygen Forensics Speeds Up Forensic Processing of Android Devices Through Agreement with MITRE Corporation (Oxygen Forensics) Oxygen Forensics, the worldwide developer and provider of advanced forensic data examination tools for mobile devices, announced today an agreement with the MITRE Corporation Technology Transfer Office that will make it possible for customers of Oxygen Forensics to take advantage of faster processing times on Android devices for data extraction

Niara's User Behavior Analytics Solution Certified to Interoperate With McAfee Enterprise Security Manager (Broadway World) Niara, a recognized leader in user and entity behavior analytics (UEBA), today announced that its solution has been certified to interoperate with McAfee® Enterprise Security Manager (ESM), a leading enterprise SIEM product

Four UK VARs take a LightCyber to growing security threats (ChannelBiz) Cygnia, Pentesec, Satisnet and SJG Digital have all signed with LightCyber, and are expected to be joined by others

Balabit and Lieberman Software Announce Joint Sales & Marketing Initiative to Deliver Best-of-Breed Privileged Access Management (Marketwired) Long-term technology integration now available as 'one-stop-shop' from joint partners

Trend Micro Debuts Security Solution for Deployment in Growing IoT and IoV Ecosystems (Marketwired) Trend Micro Incorporated (TYO: 4704) (TSE: 4704), a global leader in security software and solutions, today announced the debut of a new information security protection software development kit at Microsoft IoT Expo in Taipei

MobileIron launches Bridge to unify mobile and desktop management and lower TCO (EnterpriseAppsTech) Another quarter passes, and with it comes another depressing statement on the PC market

Signal users can now make their messages disappear (Help Net Security) Open Whisper Systems’ Signal, the messaging app favoured by Edward Snowden and many other users who want and need to keep their communication safe and private, is now also offering the option of making messages disappear after recipients have had enough time to read them

MxHero Integrates Corporate Email With Egnyte Enterprise File Sharing (PRweb) MxHero's Mail2Cloud suite integrates Egnyte's award winning hybrid file sharing service.The integration helps extend the powerful security, governance and productivity benefits of Egnyte to corporate email

htp GmbH in Hannover Chooses Real-Time DDoS Protection from Corero Network Security (BusinessWire) Automated DDoS Defense unmasks previously ‘hidden’ DDoS attacks, prevents server outages and downtime and secures the entire infrastructure

SafeBreach Hacker's Playbook(TM) Expands to Nearly 4 Million Breach Methods (Yahoo! Finance) SafeBreach, a leading innovator of continuous security validation, today announced the second edition of its Hacker's Playbook™, the industry's most comprehensive findings of enterprise trends and risks from the point-of-view of an attacker

Technologies, Techniques, and Standards

FIDO: How a secure authentication protocol could redefine online and IoT security (Computer Business Review) Adding new security factors is not enough; the whole architecture needs to be redesigned

Certifying Software: Why We’re Not There Yet (Dark Reading) Finding a solution to the software security and hygiene problem will take more than an Underwriter's Lab seal of approval

Top Things Even Security Experts Forget (RSA Conference) National Cyber Security Awareness Month in October marks a good time for all organizations to think about how they can build and reinforce a workplace culture of security and privacy

The Cyber Threat at Your Doorstep: Location-Specific Threat Intelligence (Recorded Future) A location-specific cyber risk program evaluates cyber threats and risk at non-HQ locations to increase an organization’s information security

Marketplace

Yahoo shows that breach impacts can go far beyond remediation expenses (CSO) Companies that focus on the immediate breach remediation costs may be missing the big picture, and could be under-investing in security

Cybersecurity Stocks Could Present Opportunities for Investors With Strong Stomachs (The Street) After getting propelled to the stratosphere in 2015 as businesses dialed up their security tech spending in response to a slew of major hacking incidents, cybersecurity stocks have lost some of their luster this year. For investors who can stomach a potentially weak set of third-quarter earnings reports, that could spell an opportunity

Virgil Security Raises a $4 Million Series A (LinkedIn) On October 7th, Virgil Security closed a $4 million Series A investment, led by KEC Ventures. KEC is a venture firm founded by Jeff Citron, who also founded Island ECN, Datek Online and Vonage. For those of you who are close to Mach37, you know I have been promising for many months that we have several companies ready for Series A investment. Virgil was one of them

tCell Closes $9.4M Series A to Secure Cloud-First Organizations Limited By Traditional Network-based Security (PRNewswire) Investment in application security company led by Menlo Ventures with participation from A Capital, Allegis Capital, CrunchFund, SV Angel, and Webb Investment Network

Silver Lake, Thoma Bravo Said to Plan Imperva Takeover Bids (Bloomberg) Buyout firms Silver Lake Management and Thoma Bravo are planning to make takeover offers for cybersecurity company Imperva Inc., people familiar with the matter said

PSS boosts intelligence footprint with latest acquisition (Washington Technology) Preferred Systems Solutions has bolstered its presence in the intelligence market with its latest acquisition of Synaptic Solutions

Cisco: Moving In The Right Direction (Seeking Alpha) The right acquisitions are crucial to Cisco's growth. The company returns to shareholders at least 50% of its free cash flow. Cisco has a strategy for growth based in crucial areas of IoT

Enterprise customers pull back on security spending, says Fortinet (ZDNet) Last year, spending on security fell from the sky for tech vendors. Now enterprises are being a bit more picky about where they place their bets

Cyber security companies slide on Fortinet guidance cut (Financial Times) Investors in cyber companies were in need of security on Wednesday after Fortinet sliced its third-quarter outlook, blaming delayed purchases for its downbeat guidance

Baird Analysts Suggest A Pair Trade Of Fortinet And Palo Alto (Benzinga) A day after Fortinet Inc announced lower-than-expected preliminary results for the third quarter, Baird Equity Research suggested trading the stock with Palo Alto Networks Inc as a pair

Here's a Reason Why Palo Alto Networks (PANW) Stock Is Sliding Today (The Street) Palo Alto Networks (PANW) stock was falling on Wednesday after cybersecurity company Fortinet (FTNT) pre-reported downbeat preliminary results for the 2016 third quarter

Why Must Hewlett Packard Enterprise Co Must Be in Your Portfolio (HPE) (InvestorPlace) This is one split-up that rewards all investors

IBM: Will I Ever Make Any Money? (Seeking Alpha) The company was an early entrant into the Artificial Intelligence race, and has devoted substantial resources to the area. Growth in this line of business will be reflected in the Cognitive Solutions Segment. The article discusses the growth rate in Cognitive Solutions that will be required to drive overall results and restore revenue and profit growth

IBM's Aggressive High-Tech Transformation Will Make It A New Company (Nasdaq) International Business Machines Corporation (IBM), popularly known as IBM, is fast adopting innovative technologies in the era of high-tech transformation, and it will not be long before IBM is seen in a different light, known as a newer kind of IBM

“We are a very focused behemoth,” Symantec CEO says (Channel Buzz) Just over two months after Symantec’s purchase of Blue Coat closed, former Blue Coat CEO and now Symantec chief Greg Clark made the case to partners for the combined security powerhouse at its Partner Engage conference here

FireEye, Inc. (FEYE) Stock Falls Amid Cybersecurity Selloff (InvestorPlace) FEYE stock is poised to rebound, while Fortinet's problems are its own to deal with

Why Shares of Barracuda Networks Inc. Are Soaring Today (Motley Fool) The cybersecurity company beat analyst estimates for a third time in a row, driven by strong subscription growth

Wells Fargo CEO John Stumpf Resigns Amid Scandal (NPR) The chairman and chief executive of Wells Fargo & Co., John Stumpf, has resigned effective immediately in the wake of a scandal over the bank's past practice of secretly selling services to unsuspecting customers

'Noisy neighbour' Cylance turns up the volume in EMEA (CRN) Directors have joined from LogRhythm and Intel Security as the vendor's partner programme is set to launch next month

Research and Development

DeepMind Invented a Computer That Learns How to Use Its Own Memory (Motherboard) DeepMind, Alphabet’s artificial intelligence development wing, published its third research paper in Nature on Wednesday, and it’s a doozy: the team invented a new kind of AI that actually learns how to use its own memory. They call it a “Differential Neural Computer,” or DNC for short

Security Patches, Mitigations, and Software Updates

Biggest patch batch from SAP since 2012 addresses 48 vulnerabilities (Computing) SAP finally fixes vulnerability unpatched since 2013

SAP fixes gaping authentication bypass flaw after 3 YEARS (Register) ERPScan reveals wide open door for miscreants

Cyber Attacks, Threats, and Vulnerabilities

War Goes Viral (Atlantic) How social media is being weaponized across the world

How India-Pakistan hackers escalated cyber war post surgical strikes (Daily O) What if the Indian government supports these patriotic cyber security personnel?

Popular mobile app causes Government security scare (Tenplay) Malcolm Turnbull and senior Government Ministers have been issued a warning from security experts about the dangers of using third-party messaging service, WhatsApp

Elections at Risk in Cyberspace, Part II: Variety is the Spice of Hacking for Voting Machines (SIGNAL) Devices are more vulnerable than the electorate realizes, but provide less of an opportunity than many hackers might hope

Donald Trump Finds Improbable Ally in WikiLeaks (New York Times) In the final weeks of a dizzying presidential campaign, Donald J. Trump is suddenly embracing an unlikely ally: The document-spilling group WikiLeaks, which Republicans denounced when it published classified State Department cables and Pentagon secrets about the wars in Iraq and Afghanistan

Clinton campaign chief tweets “Vote Trump”, after his account is hacked (Hot for Security) Hillary Clinton’s campaign to become to the next President of the United States might be ahead of Donald Trump in the polls, but that doesn’t mean everything is going its way

Cybersecurity and Election Time: How to Avoid Being a Victim Stephanie Johnson (Palo Alto Networks) The 2016 U.S. Presidential Election is a global phenomenon. But candidates aren’t the only ones vying to connect with the people. Behind the scenes, stealthy cybercriminals are immersing themselves in the political banter, gathering information and intel to drive their own criminal agendas. What exactly motivates a cyberattacker to take advantage of elections?

Attack Uses Image Steganography For Stealthy Malware Ops On Instagram (Dark Reading) Endgame details 'Instegogram' and Apple Mac OS X flaw with Instagram images

SSHowDowN Proxy attacks using IoT devices (Help Net Security) Akamai’s Threat Research team has identified a recent spate of SSHowDowN Proxy attacks whereby attackers are using Internet of Things (IoT) devices to remotely generate attack traffic by using a 12-year old vulnerability in OpenSSH

130,000 Avtech IP cameras, DVRs can be easily roped into IoT botnets (Help Net Security) Security researcher Gergely Eberhardt has unearthed over dozen of vulnerabilities in most IP cameras, NVRs and DVRs by Taiwanese manufacturer Avtech, including things like plaintext storage of administrative password and authentication bypass flaws

CCTV that lets the crooks watch you, not the other way around… (Naked Security) We’re sorry, and sadly not surprised, to be writing up yet another report of woeful webcam security

IoT Devices as Proxies for Cybercrime (KrebsOnSecurity) Multiple stories published here over the past few weeks have examined the disruptive power of hacked “Internet of Things” (IoT) devices such as routers, IP cameras and digital video recorders. This post looks at how crooks are using hacked IoT devices as proxies to hide their true location online as they engage in a variety of other types of cybercriminal activity — from frequenting underground forums to credit card and tax refund fraud

Hacking group targets UK financial sector (Computing) Attacks since January using bespoke Trojan linked to the Carbanak gang

Several Exploit Kits Now Deliver Cerber 4.0 (TrendLabs Security Intelligence Blog) We have tracked three malvertising campaigns and one compromised site campaign using Cerber ransomware after version 4.0 (detected as as Ransom_CERBER.DLGE) was released a month after version 3.0

Cyber cartels launder money via gamer currencies (SC Magazine) Trend Micro researchers found that cyber criminals are using video game currency to launder real world money

Funding Cybercrime: The Hidden Side of Online Gaming Currency Selling (TrendLabs Security Intelligence Blog) The online gaming industry has long been a big cybercriminal target. Year after year we see players being subjected to phishing attacks and account hacking, and game companies suffering attacks like DDoS and others. While these attacks occur outside of the games themselves, one of the threats we see is much closer to the gamers’ experience, and has a wide-reaching impact

Darkweb marketplaces can get you more than just spam and phish (CSO) Underground markets offer a great variety of services for cyber criminals to profit from

Surge in ransomware attacks using Windows Script File attachments (Computing) Ransomware spammers shift to Microsoft WSF files to distribute malware

WSF attachments are the latest malware delivery vehicle (Help Net Security) Most users have by now learned not to open executable (.EXE), various MS Office, RTF and PDF files delivered via unsolicited emails, but malware peddlers are always trying out new ways to trick users, email filters and AV software

Cybercriminals exploited zero-day leak in Internet Explorer for several months (MYCE) An unknown zero-day leak in Internet Explorer has been exploited by cybercriminals for several months. The vulnerability allowed attackers to retrieve information about files on the computer, such as which software was installed.The attacks were performed through malicious advertisements

Microsoft says hackers have exploited zero-days in Windows 10's Edge, Office, IE; issues fix (ZDNet) Microsoft's October Patch Tuesday is a reminder why you shouldn't click links or open attachments from unknown senders

Ransomware exploit kits pose huge risk for unpatched organisations (Security Brief NZ) Ransomware exploit kits are making it easier for attackers to target enterprises, because they're so simple to enact and can target the neverending supply of network vulnerabilities, a new blog from Trend Micro says

Exploits as a Service: How the Exploit Kit + Ransomware Tandem Affects a Company’s Bottom Line (Trend Micro Security News) Blackhole Exploit Kit introduced the lucrative but hazardous exploit-kit-ransomware combo with CryptoLocker back in 2013. Soon after, other exploit kits like Angler, Neutrino, Magnitude, and Rig followed suit. At least 18 percent of known ransomware families now arrive via exploit kits

Threat Report Findings: Malware Encounters Drop, but Become More Targeted (MSP Mentor) The current threat landscape is so dynamic that staying abreast of the latest malware trends can be difficult

Companies Should Understand Where Cybercrime Thrives (Harvard Business Review) As global cybercrime increases, governments and businesses are struggling to keep up with the threats they are facing. Because of the changing and innovative methods of attack being used against them, it is of the utmost importance that they constantly refine their knowledge of the particular enemies they face

Unsecured MongoDB Database: 58M Business Firm Accounts Leaked (HackRead) Unsecure database leads to exploitation of personal details of 58M users of in-house data management firm modern business solutions

Vera Bradley Retail Chain Breached (Threatpost) Retailer Vera Bradley warned customers on Wednesday of a compromise of its point-of-sale system that allowed hackers to make off with an undisclosed number of credit card records. The breach impacts only retail customers who shopped at one of 159 Vera Bradley locations between July 25 and Sept. 23

Twitter bot baits bullies into meaningless and futile arguments (Naked Security) Meet Liz (@arguetron). She just loves to argue. In fact, it’s all she ever does

Malware Levels Drop Dramatically During Hurricane Matthew (Enigma Software) As Hurricane Matthew surged up and down the southeastern United States, malware infections took a dive. It's a small but interesting example of how the hurricane disrupted people's everyday activities for a few days. Based on malware detections data from SpyHunter, ESG took a look at infections in the areas hardest hit by Matthew

Academia

AU, NSA ink degree program deal (Augusta Chronicle) National security officials kicked off Georgia’s largest cyber summit Wednesday by inking a deal allowing soldiers at the National Security Agency’s Fort Gordon complex to obtain degrees at Augusta University

Litigation, Investigation, and Enforcement

NSA contractor thought to have taken classified material the old-fashioned way (Washington Post) Harold T. Martin III is accused of stealing mounds of classified information from the government for at least a decade, and investigators also believe some of the information was taken the old-fashioned way — by walking out of the workplace with printed-out papers he had hidden, according to U.S. officials

The Spy We Forgot (New York Times) Over the past six years, the United States intelligence community has taken two powerful punches from insiders — the first from Pfc. Bradley Manning of the Army (now Chelsea Manning) and the second from the National Security Agency contractor Edward J. Snowden, both of whom leaked thousands of classified documents

Feds believe Russians hacked Florida election-systems vendor (CNN) Federal investigators believe Russian hackers were behind cyberattacks on a contractor for Florida's election system that may have exposed the personal data of Florida voters, according to US officials briefed on the probe

Security fears over FBI contracting out highly sensitive surveillance documents (Guardian) US entrusted Aveshka to prepare, organize and courier surveillance materials, such as documentation leading to court orders under intelligence surveillance act

Phisher arrested for stealing Bitcoins from dark web users (NakedSecurity) A US man has been arrested for allegedly stealing Bitcoins from the one user base that might like to see itself as immune from such crimes – other dark web users

Internet witch hunt falsely accuses innocent man of kidnapping in cold case (Daiy Dot) A bunch of amateur internet “sleuths” have once again targeted the wrong individual with extremely serious allegations, this time related to a cold case from 2009. It’s another shining example of how mob mentality continues to thrive in the digital age

Woman sentenced for cyber attack on Hong Kong police website overturns conviction (Coconuts Hong Kong) A 24-year-old woman who was ruled guilty for allegedly carrying out a series of DDoS attacks on the Hong Kong Police Force’s website in 2014 successfully appealed to have her conviction overturned yesterday at the High Court

Design and Innovation

Blockchain an ideal remedy for what ails loyalty rewards programs – Deloitte (EconoTimes) In a recent study, Deloitte stated that blockchain, as a distributed ledger with a fundamentally new way to transact and maintain records in a secure, trustless, digitized interlinked network, will eliminate many inefficiencies currently seen in the loyalty rewards programs

Opinion: Driverless cars need an off switch (Christian Science Monitor Passcode) Consumers have many questions about safety, cybersecurity, and privacy in the coming fleets of autonomous vehicles. And they want a say in shaping the future of transportation

The combination of human and artificial intelligence will define humanity’s future (TechCrunch) Through the past few decades of summer blockbuster movies and Silicon Valley products, artificial intelligence (AI) has become increasingly familiar and sexy, and imbued with a perversely dystopian allure

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

AppSecUSA 2016 (Washington, DC, USA, October 11 - 14, 2016) OWASP’s 13th Annual AppSecUSA Security Conference is the premier application security conference for developers and security experts. Come hear an amazing group of inspirational speakers—including YouTube’s Favorite Hacker, Former DHS NCSD Director of Software Assurance, and Assistant Professor & Cryptographer—who are challenging traditions. You’ll be inspired by fresh ideas, start rethinking the status quo, and leave ready to tackle your challenges in innovative ways.

Cyber Security Summit 2016 (Aukland, New Zealand, May 5, 2016) New Zealand’s first Cyber Security Summit will be held in Auckland on 5 May 2016. The theme is “Keeping New Zealand’s Economy Cyber Secure”. Hosted by the Minister for Communications Hon Amy Adams, the Summit is an opportunity for board chairs and chief executives to discuss how New Zealand should tackle the threat of cybercrime, and improve our resilience and security. Chief executives, board chairs and leaders from across the public and private sectors have been invited to join the Minister for Communications at this high level event.

Insider Threat Program Development Training for NISPOM CC 2 (Warrington, Pennsylvania, USA, October 17 - 18, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (NISPOM Conforming Change 2). PA. For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust insider threat program. Insider Threat Defense has trained over 350+ organizations and has become the "leader-go to company" for insider threat program development training.

Cyber Ready 2016 (McDill Air Force Base, Florida, USA, October 18, 2016) We invite you to join us for our first annual Cyber ReadyTM 2016 conference observing National Cyber Security Awareness Month: The Impact of Cyber Crime. The National Cyber Partnership, joined by the MITRE Corporation, Tampa Bay Innovation Center, Florida Chamber Foundation and the Florida Suncoast AFIO Chapter is proud to present this important event. In addition to attending the Cybersecurity Conference, you're also invited to register for the Golf Outing and Barbecue Dinner at the MacDill AFB Bay Palms Golf Complex on Monday afternoon. The event will include the sixth annual MITRE National Capture the Flag (CTF) Competition Cyber Challenge Awards Ceremony.

EDGE2016 Security Conference (Knoxville, Tennessee, USA, October 18 - 19, 2016) The EDGE2016 conference is where true collaboration between business and technology professionals happens. Combining engaging keynotes from world-renowned visionaries, recognized technology industry leaders, topical roundtables, training sessions, and industry-specific tracks, EDGE2016 is where complex business security problems meet real-world solutions.

SecureWorld St. Louis (St. Louis, Missouri, USA, October 18 - 19, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers

CyberTini at CyberMaryland (Baltimore, Maryland, USA, October 19, 2016) The bwtech@UMBC Cyber Incubator will be hosting a CyberTini as the official opening event of the CyberMaryland Conference on the evening of October 19, 2016 at the Columbus Center in Baltimore’s Inner Harbor. The Columbus Center is just a few blocks from the Baltimore Hilton Hotel where the CyberMaryland Conference is taking place, and attendance at the CyberTini is estimated to be 250 or more. The event will begin at 5pm the night before the CyberMaryland Conference and will run until approximately 7:30pm.

Los Angeles Cyber Security Summit (Los Angeles, California, USA, October 28, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. This educational and informational forum will focus on educating attendees on how to best protect highly vulnerable business applications and critical infrastructure. Attendees will have the opportunity to meet the nation’s leading solution providers and discover the latest products and services for enterprise cyber defense.

Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, August 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained over one hundred fifty organizations and has become the "go-to company" for Insider Threat Program Development Training.

CyberMaryland 2016 (Baltimore, Maryland, USA, October 20 - 21, 2016) The CyberMaryland Conference is an annual two-day event presented jointly by The National Cyber Security Hall of Fame and Federal Business Council (FBC) in conjunction with academia, government and private industry organizations. The theme, “Leading the Cyber Generation,” captures the event’s intent to provide unparalleled information sharing and networking opportunities for development of cyber assets on both the human and technological side. Additionally, the conference provides an opportunity for Maryland to demonstrate its natural leadership in Cyber Security.

CyCon US: International Conference on Cyber Conflict (Washington, DC, USA, October 21 - 23, 2016) The inaugural U.S. based International Conference on Cyber Conflict will take place 21-23 October 2016 in Washington D.C. Focusing on a theme of Protecting the Future. CyCon U.S. seeks to create greater information exchange among industry, academia, and government entities at both the national and international levels. The issues to be covered include the future of international cooperation, imminent technical challenges and requirements, forthcoming conflicts in cyberspace, and the potential for new legal frameworks, standards, and regulations.

SANS San Diego 2016 (San Diego, California, USA , October 23 - 28, 2016) Cyber security training in San Diego, CA from SANS Institute, the global leader in information security training. Choose from nine hands-on, immersion-style training courses for security professionals at all levels. Many of these security courses have certifications that are aligned with DoD Directive 8570/8140 and all courses at this event are associated with GIAC Certifications. This event was planned to give you the weapons you need to defend against attackers and advance your career. You will learn from leading experts in courses that have been carefully selected to arm you with the latest tactics and strategies that will sharpen your skills

18th Annual AT&T Cybersecurity Conference (New York, New York, USA, October 24 - 25, 2016) Countless cyberthreats circle your organization every second of every day. While your organization utilizes more mobile, IoT and emerging technologies, attackers simply focus on more ways to exploit them. That’s why we’re hosting the 18th Annual AT&T Cybersecurity Conference.

2016 ICS Cyber Security Conference (Atlanta, Georgia, USA, October 24 - 27, 2016) As the largest and longest-running cyber security-focused conference for the industrial control systems sector, the event caters to the energy, utility, chemical, transportation, manufacturing, and other industrial and critical infrastructure organizations, including the military. The conference will address topics covering ICSs, including protection for SCADA systems, plant control systems, engineering workstations, substation equipment, programmable logic controllers (PLCs), and other field control system devices.

14th Annual EWF National Conference (Scottsdale, Arizona, USA, October 25 - 27, 2016) Balancing risk and opportunity: transforming cybersecuity; risk and privacy beyond the enterprise. The Executive Women's Forum (EWF) Annual Conference provides an exclusive opportunity to personally interact with more than 350 global thought leaders in the fields of Information Security, Risk Management and Privacy. During this three-day event, members collaborate on round-table exercises, incident simulations, panel discussions and working groups. Exposure to new ideas and approaches, best practice management of everyday issues and learning from observing the best and the brightest is an excellent and abundant return on investment.

SecureWorld Bay Area (San Jose, California, USA, October 27, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers

Security By Design (McLean, Virginia, USA, October 28, 2016) The essential security conference for all who desire to build trustworthy software. Developers, DevOps Engineers, Software Architects, Security Software Engineers, Designers and more.

Regional Cyber Security Summit (Sharm El-Sheikh, Egypt, October 30 - November 1, 2016) The Regional Cyber Security Summit comes this year with the theme of “Boundless Collaboration, Boundless Protection”. It focuses on the cooperation in cybersecurity as one of key pillars to tackle the complexity and the scalability of the main challenges of today’s cyber threats. The regional cybersecurity summit has been conducted for the last 4 years under the umbrella of ITU-ARCC in Oman to share experience and knowledge, learn from each other, get in tight to recent updates and collaborate to enhance organizations’ cybersecurity became a must.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.