The CyberWire Daily Briefing 10.27.16

Summary

By The CyberWire Staff

CyberHunta, thought to be Ukrainian hacktivists, dox Putin consigliere Vladislav Surkov, releasing emails that indicate Surkov's connections with Russian separatists fighting inside Ukraine. The Russian government has long denied such support, but vanishingly few observers believe those denials. President Putin says the emails are fabricated: "Surkov doesn't use electronic mail."

The French government looks at ongoing US experience with online political meddling (which the US has ascribed to Moscow) and warns its own candidates that they should expect to be on the receiving end of similar ministrations.

US intelligence sources say ISIS continues to seek to inspire attacks online from its Syrian headquarters in Raqqa. Vectra Networks says it's found an extensive cyber espionage campaign, "Moonlight," operated by Hamas against unnamed Middle Eastern targets.

Dyn offers more results of investigation into the distributed denial-of-service attack it sustained last week. It confirms that it was a Mirai botnet and that about 100 thousand devices were implicated (fewer than earlier estimates had put the number). The attackers used masked TCP and UDP traffic across Port 53; they also employed recursive DNS retry traffic. Investigation of the Dyn attacks is ongoing; Dyn won't speculate about attackers or their motives.

Analysts warn that more attacks like this can be expected; Singapore's StarHub already experienced them on Saturday and again on Monday. Correro reports observing exploitation of Lightweight Directory Access Protocol (LDAP) to amplify DDoS attack traffic over the weekend. The company warns that LDAP exploitation combined with a Mirai botnet could prove extremely serious.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, China, France, Ireland, New Zealand, Russia, Singapore, Syria, Ukraine, United Kingdom, United States, and and Vietnam.

A note to our readers: National Cyber Security Awareness Month is now in its final full week. The theme is "our continuously connected lives: what's your 'apptitude'?"

On the Podcast

The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we'll hear from our partners at Ben Gurion University, whose Yisroel Mirsky will talk about machine learning. Our guest, Plixer's Thomas Pore, will discuss the Mirai botnet source code. As always, if you enjoy the podcast, please consider giving it an iTunes review.

Sponsored Events

TECHEXPO Cyber Security Hiring Event (McLean, VA, USA, November 2, 2016) Our professional hiring events have benefited nearly a million attendees since 1993. We look forward to helping you advance your career and saving you time in your job search by providing you the opportunity to meet face to face with the nation's leading companies.

Malware Detection: How to Spot Infections Early with AlienVault USM (Live Webcast, November 3, 2016) While malware has been a thorn in the side of IT pros for years, some of the recent variants observed by the AlienVault Labs security research team, like CoreBot, have the ability to modify themselves on the fly, making them nearly impossible to detect with traditional preventative security measures. Join us for a live demo to learn about the most common types of malware, and how you can detect infections quickly with AlienVault USM.

Selected Reading

Cyber Trends

Just a Quarter of Orgs Share Threat Intelligence (Infosecurity Magazine) US company boards are getting more involved in cybersecurity, but information-sharing of threat intelligence across business communities still lags

Good Harbor's Richard Clarke talks about the impact of Yahoo’s massive data breach (FedScoop) Clarke shares insights on what the government needs to protect the voting and election process, as well

Legislation, Policy and Regulation

U.S. To Issue IoT Principles After Internet Cyberattack by Chase Martin, Yesterday, 9:06 AM (MediaPost) A recent large-scale series of cyber attacks brought down multiple major websites in the U.S. and now the Department of Homeland Security (DHS) acknowledges IoT device security to be a factor

Singapore Launches New Cybersecurity Strategy (Conventus Law) Singapore will embark on a new cybersecurity strategy which aims to establish a resilient cyber environment for the country. This was announced by Singapore Prime Minister Lee Hsien Loong at the opening of the inaugural Singapore International Cyber Week

Cyberwarfare: The Next President’s Most Pressing Battleground (VAR Guy) Many security providers in the channel that are well-acquainted with the myriad of security risks and vulnerabilities in businesses' networks think the issue of cyberwarfare should be front and center of this year's presidential debates. Instead, it's been a tangential issue for both candidates, despite recent massive breaches and clear threats to U.S. infrastructure from nation states like Russia

Cyber Mandates for Big Banks Would Build on Earlier Guidance (BankInfo Security) Regulators' proposed standards would ensure institutions are taking necessary steps

Feds Propose Voluntary Automotive Cybersecurity Standards (GovInfo Security) 2 Senators say guidelines don't go far enough, seek regulations

Cyber Command’s teams reach initial operating capability; Clapper says it’s time to separate them from NSA (Federal News Radio) The time has come to split U.S. Cyber Command from the National Security Agency and assign separate leaders to each organization, the nation’s top intelligence official said Tuesday

OMB reveals proposed guidance on federal IT modernization (Federal News Radio) The Office of Management and Budget has played it close to the vest when it comes to guidance on IT modernization, but it’s finally showing some of its cards

New HHS CIO on Emerging Threats, Top Priorities (GovInfo Security) Beth Anne Killoran discusses agency's cybersecurity efforts

Products, Services, and Solutions

This is how Microsoft is preventing hackers from hijacking IoT devices (Business Insider) Last week, a massive cyberattack knocked out many major websites across the internet, including Amazon, Netflix, Github, and Spotify

Trend Micro announces availability of XGen endpoint security (Technuter) Trend Micro Incorporated has announced the availability of XGen endpoint security. This new offering is powered by the XGen blend of cross-generational threat defense techniques that intelligently applies the right technology at the right time, resulting in more effective and efficient protection against a full range of threats

Brocade Ruckus Cloudpath ES 5.0 simplifies security and policy management (eCampus News) New release enables any IT organization to easily secure all network connections with identity-based policies

ESET unveils ESET Internet Security 10, ESET Smart Security Premium (Beta News) ESET has released two new products for home users, ESET Internet Security 10 ($59.99) and ESET Smart Security Premium 10 ($79.99)

Comodo Offers Free Forensic Analysis to Uncover Zero-day Malware Lurking on Enterprise Endpoints and Networks (PRNewswire) Zero-day malware – new malware that has never been seen before – continues to plague businesses of all sizes. Millions of these unknown files are being crafted or modified each year. They cannot be detected by existing security systems; they hide on endpoints and networks and remain among the most important and effective tools hackers use

There’s a new way to take down drones, and it doesn’t involve shotguns (Ars Technica) The advent of inexpensive consumer drones has generated a novel predicament for firefighters, law-enforcement officers, and ordinary citizens who encounter crafts they believe are interfering with their safety or privacy

MSPAlliance Launches Monthly Payment Option for Audit and Examination Program (Cleveland 19 News) MSP/Cloud Verify Program offers flexible payment options for improved cash flow and budgeting; enhances MSP/Cloud Verify community with new Slack channel

Technologies, Techniques, and Standards

Roundtable: Former Deputy Director of NSA Talks Insider Threats (Infosecurity Magazine) When you picture the typical venue for a cybersecurity discussion, the British Museum probably isn’t the first place that would spring to mind. However, yesterday, it played host to a press roundtable with Chris Inglis, former deputy director of the National Security Agency (NSA), and other representatives of security intelligence platform provider Securonix to explore the ever-evolving landscape of the insider threat

20 Endpoint Security Questions You Never Thought to Ask (Dark Reading) The endpoint detection and response market is exploding! Here's how to make sense of the options, dig deeper, and separate vendor fact from fiction

How to Easily Deny Denial of Service (SIGNAL) Some simple steps could prevent 99 percent of these types of cyber onslaughts

Opinion: How to fix an internet of broken things (Christian Science Monitor Passcode) The recent cyberattack that crippled much of the web last week took advantage of vulnerabilities in home products connected to the internet. Fixing those flaws is possible but it requires public action and industry cooperation

Let’s Clean Up The Internet By Taking Responsibility For Our Actions (Dark Reading) Imagine an Internet with multiple levels of security that users need to earn

Blog: Simple Steps for Social Media Security (SIGNAL) According to a recent report by cybersecurity developer Forcepoint, millennials might pose as serious a cybersecurity risk to enterprise networks as cyber criminals. The research found that the baby boomer generation, those aged 51 to 69, are more cautious online while the younger work force is more likely to abandon caution in exchange for digital convenience

Cyber Defense in an Imperfect World, a New Approach (Brink News) Cybersecurity has become a persistent topic in the nation’s boardrooms and C-suites, and it’s a complex problem that is often oversimplified and misunderstood

Debit Card Compromise: A Call to Action (InfoRisk Today) Experts outline immediate recommendations for bank CISOs, long-term ideas for industry

Solution to cyber skills shortage: Federal cyber range (Federal Times) In a recent blog on cybersecurity, we discussed the widespread labor shortage in the cybersecurity workforce. We believe that it’s not just a labor shortage but a skills shortage, and with the number of threats increasing daily, the way we train and vet cybersecurity analysts must change

Marketplace

Security Orchestration Market Worth 1682.4 Million USD by 2021 (MarketWatch) According to a new market research report"Security Orchestration Market by Component (Solution and Service), Application (Threat Intelligence, Network Forensics, Ticketing Solutions, and Compliance Management), Deployment Mode, End User, and Vertical, Region - Global Forecast to 2021 " published by MarketsandMarkets, the market size is estimated to grow from USD 826.1 Million in 2016 to USD 1682.4 Million by 2021, at an estimated Compound Annual Growth Rate (CAGR) of 15.3%

Inside The Foggy, Shady Market For Zero-Day Bugs (Motherboard) Earlier this year, the FBI abruptly ended a months-long acronymous legal battle with Apple to unlock the iPhone of a dead terror suspect. The bureau hasn’t told anyone that much about how it finally got into the phone, but experts assume someone gave the feds a way in thanks to an unknown vulnerability, or “zero-day"

Verizon exec: Yahoo deal 'still makes sense' despite security breach (Seeking Alpha) Verizon's (VZ -0.4%) $4.83B deal to acquire the core of Yahoo (YHOO -1.3%) still makes sense even in light of Yahoo's massive security breach, says Verizon exec Marni Walden

Why Verizon's Due Diligence May Not Have Caught Yahoo's Massive Security Breach (Fast Company) Cyber due diligence typically looks at overall policies and broad risk rather than scouring networks from top to bottom, experts say

AT&T/Time Warner seems headed for FCC review, whether AT&T likes it or not (Ars Technica) Time Warner has dozens of licenses that could trigger a public interest review

AT&T Secret For-Profit Spy Program Rakes in Millions (Infosecurity Magazine) AT&T reportedly has been running a massive secret spying program—funded by tens of millions in taxpayer money—for state and local law enforcement agencies to conduct warrantless searches of trillions of call records and other customer metadata, such as precise physical location

Conspiracy or cockup? Google hid ProtonMail's encrypted email service from search results (Graham Cluley) The jury is out

Qualcomm to acquire NXP Semiconductor for $47 billion (TechCrunch) Qualcomm will acquire NXP Semiconductor in a deal worth around $47 billion in a cash deal. The two chip-making giants were said to have reached an agreement last week, but today’s announcement from Qualcomm makes it official

Tenable Network Security makes first acquisition (Baltimore Sun) Tenable Network Security Inc. has acquired FlawCheck, a small San Francisco firm, in a deal that will expand Tenable's security software offerings

Tenable Network Security Acquires Container Security Company FlawCheck (Yahoo! Finance) Tenable Network Security, Inc.®, a global leader transforming security technology for the business needs of tomorrow, announced today it has acquired FlawCheck, becoming the first vulnerability management company to provide security for Docker containers and support organizations’ modern DevOps processes

Enterprise Mobile Device Configuration and Deployment Software, Tachyon, Acquired by Samsung Electronics (PRWeb) Acquisition will completely automate the setup process for Samsung’s enterprise Android devices, thereby leading to faster, more secure and cost-effective, accurate and complete rollouts

‘We have many IoT customers’ says Huawei CTO (Register) Czech 'em out

Cyber Security: Five Firms Working to Squash Cyber Attacks (Wall St. Daily) Angry at a journalist for writing mean things about you? Trying to make ends meet and need a blackmail scheme? Get your own DDoS botnet on the internet today!

Is Palo Alto's Recent Drop an Opportunity to Buy? (GuruFocus) Company looks set to ride on the expected industry growth

Why Akamai Technologies, Inc. Jumped 16% Today (Motley Fool) Tuesday's third-quarter report showed the former network performance expert taking on a lucrative role in network security

Twitter lays off 9% of its workforce as it posts a desperately-needed positive Q3 (TechCrunch) With Twitter’s acquisition hopes essentially dead, the company now seems it’s on its own to fend for itself and needs to figure out a way to build a reasonable and profitable business

Q&A: Tanium CEO thinks staying private would be giving in to the 'evil' side of Silicon Valley (Silicon Valley Business Journal) At the company's first user conference, we caught up with Orion Hindawi, co-founder and CEO of Tanium. The Emeryville-based cybersecurity firm has evolved into a $3.5 billion powerhouse since 2007, when Hindawi co-founded the company with his father David. It has raised more than $300 million in funding from Silicon Valley investors who include Andreessen Horowitz and Institutional Venture Partners

Rapid7 Earns Spot on UK Government Digital Marketplace (Econo Times) Rapid7, Inc. (NASDAQ:RPD), a leading provider of security data and analytics solutions, announced today that its cloud–delivered security solutions have been added to the Crown Commercial Service (CCS) registry and are now accessible to public sector organisations

MacB to support US NAVAIR’s cyber warfighting capabilities initiative (Naval Technology) MacAulay-Brown (MacB) has secured a multi-year basic ordering agreement (BOA) to support the naval air systems command (NAVAIR) cyber warfare detachment (CWD) initiative

Small Businesses Slow to Take Up Cyber Insurance (Scoop) New Zealand small businesses slow to take up cyber insurance despite cyber attacks

Lunarline Inc., Enters into Partnership with Carnegie Mellon University's Software Engineering Institute (Yahoo! Finance) Lunarline, Inc., an Arlington-based leader in cybersecurity consulting, services and training, added yet another important capability by signing on as a partner with the CERT® Program at Carnegie Mellon University's Software Engineering Institute (SEI). The partnership enables Lunarline to leverage SEI's world-renown body of research, frameworks and models to improve organizations' ability to manage cybersecurity and operational resilience programs from the board room to the server room

Cylance to open offices on Cork city's South Mall (Irish Examiner) An international anti-virus and cybersecurity company, Cylance, is to open offices on Cork city’s South Mall: a formal jobs announcement and commitment is due within days. It’s one of several new office moves on the South Mall, with Irish Life Health also taking space on the street from next week

Security Patches, Mitigations, and Software Updates

Emergency Flash Player patch fixes zero-day critical flaw (CSO) Adobe warns that hackers are already exploiting the vulnerability in limited attacks

Adobe Patches Flash Zero Day Under Attack (Threatpost) Adobe today released an emergency Flash Player update that includes a patch for a vulnerability being exploited in targeted attacks

Security Notification – Unity Simulator (Schneider Electric) Schneider Electric has become aware of a vulnerability in the Unity PRO Software product

New SCADA Vulnerability Enabled Remote Control Of ICS Networks; Fix Quickly Issued (HS Today) Cyber security vendor Indegy disclosed a vulnerability in a Schneider Electric software application that can be used to remotely control industrial processes at the 2016 Industrial Control Systems Cyber Security Conference in Atlanta today

Cyber Attacks, Threats, and Vulnerabilities

Hakerzy ujawnili przestępcze plany Putina (FAKT24) Ukraińscy hakerzy przejęli tajne dokumenty Rosji dotyczące Ukrainy. Plany zostały wykradzione ze skrzynki mailowej doradcy samego Władimira Putina. Chodzi o Władisława Surkowa, który podpowiada Putinowi w kwestiach Abchazji, Osetii oraz Ukrainy. Autentyczność dokumentów potwierdziła Służba Bezpieczeństwa Ukrainy (SBU)

Kremlin Brushes Off E-Mail Leak Allegedly Showing Russian Hand In Ukraine Conflict (Radio Free Europe/Radio Liberty) The Kremlin has challenged the authenticity of leaked e-mails purportedly from the inbox of presidential aide Vladislav Surkov that appear to show the Russian government's coordination with separatists in eastern Ukraine

It's On: US Mulls Tricky Options for Retataliation Against Russian Hacks (NextGov) The decision by top intelligence and Homeland Security officials to attribute election-related data breaches to top Russian government officials earlier this month marked a sea change in cyber relations between the two former Cold War adversaries

Expert at USF cybersecurity conference rejects idea of hijacked Nov. 8 election (Tampa Bay Times) Despite a concerted effort by Russians to interfere with the Nov. 8 presidential election, and constant claims by Republican nominee Donald Trump that it is rigged, American voters should not fret, says a man who was once a top spook

France warns candidates on cyber risk after U.S. election hacks (Bloomberg via the Chicago Tribune) France's cyber-security watchdog is briefing the country's presidential candidates on hacking threats, drawing lessons from attacks that have disrupted the U.S. election campaign

DDoS attacks from webcams, routers hit Singapore's StarHub (CSO) The outage follows IoT-based DDoS attacks that knocked out internet access to many US sites

DDos On Dyn Used Malicious TCP, UDP Traffic (Dark Reading) Dyn confirms Mirai IoT botnet was 'primary source' of the attack, with some 100,000 infected devices sending the bogus traffic

DDoS attack overwhelmed Dyn despite mitigation efforts (CSO) Orders of magnitude fewer devices caused the service interruptions, Dyn says

What you need to know about the botnet that broke the internet (Christian Science Monitor Passcode) Why security experts are worried about Mirai – the software attackers use to create malicious networks out of ordinary connected devices – and how you can protect yourself

Mirai Aftermath: China's Xiongmai Details Webcam Recall (BankInfo Security) But true fix requires a more resilient Internet, experts warn

Chinese Firm Says It Did All It Could Ahead of Cyber-Attack (Gadgets 360) A Chinese electronics maker that has recalled products sold in the US said Tuesday it did all it could to prevent a massive cyber-attack that briefly blocked access to websites including Twitter and Netflix

Analysts fear even bigger cyber attacks are coming (San Diego Union-Tribune) Security experts fear the big cyberattack that debilitated Twitter, PayPal, Netflix, Airbnb and dozens of other companies last week could be a precursor to a larger assault that deeply impacts American society, possibly during the holiday shopping season

DHS official: DDoS attack triggered use of new cyber-response 'schema' (Inside Cybersecurity) Last week's distributed denial of service attack that temporarily shut down social media sites triggered use of the Department of Homeland Security's new “schema” for identifying and evaluating a cyber incident in order to determine the federal government's response, according to a DHS official

Attackers are now abusing exposed LDAP servers to amplify DDoS attacks (PC World) LDAP adds to the existing arsenal of DDoS reflection and amplification techniques that can generate massive attacks

Zero-day DDoS attack vector leverages LDAP to amplify malicious traffic (SC Magazine) Corero Network Security today disclosed a zero-day distributed denial of service attack (DDoS) technique, observed in the wild, that is capable of amplifying malicious traffic by a factor of as much as 55x

‘Moonlight’ Hackers Coordinating Targeted Attacks Against Entities In The Middle East (Information Security Buzz) Vectra Networks has uncovered a hacking group (code named Moonlight) conducting cyberespionage against targets in the Middle East. Vectra has identified over two hundred samples of malware generated by the group over the last two years

Islamic State continues to plot against the West, US military warns (Long War Journal) The US military warned today that the Islamic State continues to plot attacks against the West from its headquarters in Raqqa, Syria

CyberX Threat Intelligence Uncovers Critical Vulnerability in Industrial Control Systems (ICS) Firewall (PRNewswire) Cyberattackers can exploit vulnerability to impact safety and production in critical infrastructure sectors such as energy, chemicals, transportation and manufacturing

Major Security Flaw Targets Industrial Computer Systems (Voice of America) A major security vulnerability affecting one of the world’s largest manufacturers of computerized industrial control systems, Schneider Electric, has recently been identified, according to a leading cybersecurity firm

Pager Security Can Affect Critical Infrastructure (Security Intelligence) Pagers don’t get much attention in this era of smartphones and tablets. They are, however, still widely used in industrial control systems (ICS). Pagers are also good backup for everyday communication since they are functional in areas that have poor cellphone signals

4SICS: ICS threats are mostly unknown, industry needs more information sharing (SC Magazine) Opening his Keynote speech at the third edition of 4SICS in Stockholm, Robert M. Lee, CEO of ICS security company Dragos Inc., said that “ICS threats are currently mostly unknown"

Dirty COW bug leaves 5,000 servers in Vietnam vulnerable to attack: Bkav (Tuoi Tre News) More than 5,000 computer server systems powered by Linux operating system are vulnerable to hacker attacks as they suffer the serious Dirty COW bug, a local security company has warned

Personal Tracking Devices Expose Public Privacy Risk (eWeek) A study by Rapid7 finds multiple vulnerabilities in Bluetooth tracking technologies, leading to possible security breaches as IoT device use continues to rise

Fake Blue Screen of Death faux-freezes your system like the real McCoy (Naked Security) There’s a new fake support scam in town, hiding behind a file calling itself Microsoft Security Essentials, and it’s trying to trick victims into contacting bogus help centers

Vulnerability Spotlight: Iceni Argus Buffer Overflows (Talos) Talos has identified two stack-based buffer overflows (TALOS-2016-0200 & TALOS-2016-0202) in the Iceni Argus pdf content extraction software. This software is used to convert a pdf document into various tagged and xml-based formats (such as XHTML)

AdaptiveMobile Finds That Thousands of North American iCloud Users’ Accounts Are Still Being Hijacked to Send Spam (Businesswire) Hackers turn growing number of iMessage accounts into spam bots that target China

Can the phishing epidemic be stopped? (GCN) Researchers at Germany's Friedrich-Alexander University (FAU) recently conducted two spear-phishing studies. Before the experiment was underway, a questionnaire was sent to all participants asking them to “rate their own awareness of security.” Of the 1,700 participants, 78 percent claimed they were aware of the risks of clicking on unknown links

Your Bill Is Not Overdue today! (SANS Internet Storm Center) Just as little as yesterday's order that "proceeded." It Look like today's ransomware subject is "Your Bill is Overdue." But then again, don't bother blocking it. Block ZIP'ed visual basic scripts. This round of Locky makes blocking a tad harder by using "application/octet-stream" as a Content-Type instead of "application/zip"

Ransomware for sale on nonsensical dark web malware site (Graham Cluley) “Everyone knows Locky! Time has come, new ransomware is arrived. Goliath is sell here”

Stolen medical records available for sale from $0.03 per record (Help Net Security) The development of the market for stolen data and related hacking skills indicate that the business of cybercrime in the healthcare sector is growing, according to Intel Security

Malicious Insider Threat as Hackers Target Healthcare IP (Infosecurity Magazine) Financial records continue to be far more lucractive on the darkweb markets than medical information, although healthcare organizations must be alive to the dangers of exploit kits, malicious insiders and attacks targeting IP, according to Intel Security

ATMs Still a Weak Link for Bank Security (Infosecurity Magazine) More than physical distraction and rogue software applications on the ATM itself, the securing of the hole in the wall has become a priority in banking security

NFC – Friend or Foe (Wapack Labs) Wapack Labs has previously exposed the hazards of using near-field communication (NFC) devices in our support during the 2016 Summer Olympics in Rio De Janeiro and other collection and research projects

Litigation, Investigation, and Enforcement

“He’s not Edward Snowden,” lawyers for accused NSA contractor tell judge (Ars Technica) Is Hal Martin a “serious risk to the public" as a magistrate judge found?

Privacy group shoots legal arrow at Privacy Shield (CSO) Digital Rights Ireland is said to have filed suit to annul a European Commission decision implementing Privacy Shield

IBM Blames Contractors for Aussie e-Census Stumble (GovInfo Security) As chief contractor, IBM is now in compensation discussions

Arrested LinkedIn Hacker Accused of Hacking DropBox, Stealing Bitcoins (HackRead) Turns out the Russian hacker accused of LinkedIn hack is a bigger fish than expected—the indictment made by Justice Department shows he was also behind Dropbox and Formspring hacks

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

Focusing On The Future: Prioritizing Security in the Digital Economy (Washington, DC, USA, November 18, 2016) In today's digital economy, developing and prioritizing a cyber strategy is critical to address diverse and evolving threats, foster trust in the technology we use, and define a path forward where security is seen as a business enabler. Join The Chertoff Group for a premier post-election cyber conference that will convene thought leaders across government and industry to share their unique points of view and insights with regard to critical policy, technology, and risk management issues that will be shaping the security agenda.

upcoming Events

SANS San Diego 2016 (San Diego, California, USA , October 23 - 28, 2016) Cyber security training in San Diego, CA from SANS Institute, the global leader in information security training. Choose from nine hands-on, immersion-style training courses for security professionals at all levels. Many of these security courses have certifications that are aligned with DoD Directive 8570/8140 and all courses at this event are associated with GIAC Certifications. This event was planned to give you the weapons you need to defend against attackers and advance your career. You will learn from leading experts in courses that have been carefully selected to arm you with the latest tactics and strategies that will sharpen your skills

2016 ICS Cyber Security Conference (Atlanta, Georgia, USA, October 24 - 27, 2016) As the largest and longest-running cyber security-focused conference for the industrial control systems sector, the event caters to the energy, utility, chemical, transportation, manufacturing, and other industrial and critical infrastructure organizations, including the military. The conference will address topics covering ICSs, including protection for SCADA systems, plant control systems, engineering workstations, substation equipment, programmable logic controllers (PLCs), and other field control system devices.

14th Annual EWF National Conference (Scottsdale, Arizona, USA, October 25 - 27, 2016) Balancing risk and opportunity: transforming cybersecuity; risk and privacy beyond the enterprise. The Executive Women's Forum (EWF) Annual Conference provides an exclusive opportunity to personally interact with more than 350 global thought leaders in the fields of Information Security, Risk Management and Privacy. During this three-day event, members collaborate on round-table exercises, incident simulations, panel discussions and working groups. Exposure to new ideas and approaches, best practice management of everyday issues and learning from observing the best and the brightest is an excellent and abundant return on investment.

SecureWorld Bay Area (San Jose, California, USA, October 27, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers

Security By Design (McLean, Virginia, USA, October 28, 2016) The essential security conference for all who desire to build trustworthy software. Developers, DevOps Engineers, Software Architects, Security Software Engineers, Designers and more.

Regional Cyber Security Summit (Sharm El-Sheikh, Egypt, October 30 - November 1, 2016) The Regional Cyber Security Summit comes this year with the theme of “Boundless Collaboration, Boundless Protection”. It focuses on the cooperation in cybersecurity as one of key pillars to tackle the complexity and the scalability of the main challenges of today’s cyber threats. The regional cybersecurity summit has been conducted for the last 4 years under the umbrella of ITU-ARCC in Oman to share experience and knowledge, learn from each other, get in tight to recent updates and collaborate to enhance organizations’ cybersecurity became a must.

Inside Dark Web (Washington, DC, USA, November 1 - 2, 2016) Individuals, organizations, corporations, and governments use the Dark Web to protect themselves and their users, employees, customers, and citizens seeking a more accessible and secure Internet experience. Experts from government, the financial community, law enforcement and cyber security will give you the background history, current utilization and future thoughts about the fast growing misunderstood world of the Dark Web.

National Institute for Cybersecurity Education 2016 Conference and Expo (Kansas City, Missouri, USA, November 1 - 2, 2016) Cybersecurity has emerged as one of the leading creators of jobs and opportunity for all economic sectors. The demand for cybersecurity positions in both the public and private sector is large and growing, but the talent pool of cybersecurity workers is not yet able to keep up. The NICE 2016 Conference and Expo features thought leaders from education, government, industry and non-profits who are addressing the cybersecurity education, training, and workforce needs of the nation.

GTEC (Ottawa, Ontario, Canada, November 1 - 3, 2016) For the public sector and business, count on GTEC to help you keep up with the changing landscape of technology and service delivery in Canada. With our nationally recognized awards program and annual conference, plus our new learning products, GTEC is your destination of choice for innovation and excellence in public sector IT. The conference program will feature a close focus on the cyber threat, particularly the threat of cybercrime, and the Canadian response to that threat.

Black Hat Europe 2016 (London, England, UK, November 1 - 4, 2016) Black Hat is returning to Europe again in 2016, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days--two days of deeply technical hands-on Trainings, followed by two days of the latest research and vulnerability disclosures at our Briefings.

TECHEXPO Cyber Security Hiring Event (Tysons Corner, Virgina, USA, June 30, 2016) Cyber security professionals are invited to interview face-to-face with employers including The CIA, Deloitte, Intel Security, Northrop Grumman, Lockheed Martin, Deloitte, Vencore and many more. Hundreds of career opportunities are available in cyber security that need to be filled immediately. Bring copies of your resume with you and interview in person, representing yourself better than any online application ever could.

ISSA International Conference (Orlando, Florida, USA, October 22 - 23, 2014) Join us for solution oriented, proactive and innovative sessions focused on security as a vital part of the business.

SINET Showcase 2016: Highlighting and Advancing Innovation (Washington, DC, USA, November 2 - 3, 2016) SINET Showcase provides a platform to identify and highlight “best-of-class" security companies that are addressing industry and government’s most pressing needs and requirements. The chosen SINET 16 Innovators present their technological solutions to representatives from the ecosystem of the entrepreneur: venture capital, investment banking, system integration, academia, science, legal, policy, private industry and executives from the Federal Government, including civilian, intelligence and military professionals. Showcase’s objective is to increase awareness of innovative solutions that may lead to an investment in, or the purchase of, advanced technologies that will help secure our nation’s critical infrastructure and command-and-control systems.

3rd Annual Journal of Law and Cyber Warfare Conference (New York, New York, USA, November 3, 2016) The 2016 Journal of Law and Cyber Warfare symposium speakers represent an unparalleled group of cyber security experts with a wide variety of industry expertise and knowledge. Attendees will hear from experts on cyber security and cyber warfare from the military, government, private industry, and the public sector. Our panels are designed to provide attendees with thought leadership from a diverse group of experts who will share their experience and knowledge-base regarding topical cyber security issues. The symposium is a day long event comprised of panels, Q&A sessions, tool demonstrations and networking opportunities. Focused and thorough, there are take-aways for all attendees.

Security of Things World USA (San Diego, California, USA, November 3 - 4, 2016) Security. Privacy. Connected Devices. Exploring Security and the Internet of Things. A world class event focused on the next information security revolution. Be part of Security of Things World USA in November in San Diego to tailor your proposition to respond to the security concerns that preoccupy enterprise customers today and find pragmatic solutions to the most common security threats.

2nd Annual Summit: Global Cyber Security Leaders (Berlin, Germany, November 7 - 8, 2016) The Global Cyber Security Leaders 2016 is designed to provide unrivaled access to peers from across the globe, and encourage participants to discuss the current challenges and explore the ideas shaping tomorrow’s global cyber threat landscape. The interactive, fresh and content driven format is specifically designed for leaders, visionaries and decision makers across all geographies. Strengthen your global network and form lasting relationships with other forward-thinking and inspiring leaders.

IAPP Europe Data Protection Congress 2016 (Brussels, Belgium, November 7 - 10, 2016) The GDPR is finalised, the Data Protection Congress is returning to Brussels and you have a great deal of work ahead. Begin at the Congress, where you’ll find thought leadership, a thriving professional community and unrivaled education. It’s time to get to work: Start here.

SANS Miami 2016 (Coconut Grove, Florida, USA, November 7 - 12, 2016) Attend our new SANS Miami 2016 event, November 7-12 and choose from five hands-on, immersion-style cybersecurity training courses taught by real-world practitioners. Attackers are targeting you with increasing viciousness and stealth, and it's essential you understand the tools and techniques and learn the skills needed to protect your organizations. Get the training you need from SANS - the most trusted and by far the largest source for information security training in the world

Federal IT Security Conference (Columbia, Maryland, USA, November 8, 2016) The Federal IT Security Institute in partnership with PhoenixTS in Columbia, MD is hosting the first annual Federal IT Security Conference. Speakers from NIST, DHS, the Defense Department as well as private industry will be in attendance discussing the themes and trends that are influencing the Federal/DoD cyber landscape. All proceeds from the event go to help retrain Wounded Warriors to become cyber defenders at the Wounded Warrior Cyber Combat Academy.

11th Annual API Cybersecurity Conference & Expo (Houston, Texas, USA, November 9 - 10, 2016) Join us at the 11th Annual API Cybersecurity Conference & Expo and discover methods for thwarting the bad guys, what the scene looks like over the horizon and how the latest technologies can help you counter cyber espionage, address cyber warfare, and make your cyber efforts secure.

SecureWorld Seattle (Bellevue, Washington, USA, November 9 - 10, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers

Institute for Critical Infrastructure Technology Annual Gala and Benefit (Washington, DC, USA, November 10, 2016) The Annual ICIT Gala and Benefit is the year’s most prestigious gathering of legislative, agency and private sector leaders committed to protecting our Nation’s critical infrastructures. This intimate black-tie event will celebrate the minds of the most influential members of our community as well as the efforts of today’s most impactful cybersecurity leaders. The funds raised from this Benefit will be used exclusively to help sustain and grow the Institute’s research, publications and educational activities for the communities it serves.

Israel HLS and Cyber 2016 (Tel Aviv, Israel, November 14 - 17, 2016) Where physical and cyber security meet. Topics include intelligence, cyber crime, and counter-terrorism, defending critical infrastructures, a smart global world, mass events--the integrative approach, and emergency readiness.

SANS Healthcare CyberSecurity Summit & Training 2016 (Houston, Texas, USA, November 14 - 21, 2016) SANS will be hosting its 4th Annual Healthcare Cybersecurity Summit. Join us and hear top security experts from leading healthcare companies discuss proven approaches for securing and succeeding in the new healthcare environment. You'll have the opportunity to meet with leaders from top organizations and see what really works in securing healthcare. As we know, healthcare has been undergoing major changes. Patients are demanding more convenient and personalized care. Digital health is changing the way that doctors and patients interact. New technologies allow patients to track their own health and generate data that was previously not available to care providers. Additionally, health information exchanges are being created to enable access to electronic medical records across disparate organizations. The Healthcare CyberSecurity Summit will take aim at the major challenges organizations face as they balance the security, compliance, and innovation required to thrive in this quickly changing market

Infosec 2016 (Dublin, Ireland, November 15, 2016) Infosec 2016 conference addresses the critically important issues that threaten businesses in the information age By any measure, the digital threats that businesses and organisations of all sizes face are increasing

Kaspersky Academy Talent Lab (Online, then Prague, Czech Republic, November 15, 2016) Kaspersky Academy Talent Lab is an international cyber-world competition for young researchers and professionals aged 18-30 who are interested in the cybersecurity challenges facing the world. 50 finalists will travel to the global final event to Prague (all expenses covered by Kaspersky Lab) to present their projects & compete.

CISO Charlotte (Charlotte, North Carolina, USA, November 15, 2016) The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more

Pharma Blockchain Bootcamp (Edison, New Jersey, USA, November 16, 2016) Blockchain technology has gained recognition as one of the most disruptive technologies in the industrial world with the potential of redefining how businesses operate similarly the internet changed it more than 30 years ago. At this critical one-day learning seminar, bio/pharmaceutical professionals (tech + business) will uncover the key areas where blockchain applications could have a significant impact in securing, managing and leveraging the deluge of data throughout the enterprise from R&D to clinical to commercialization. Key issues to be addressed: what exactly is blockchain and why is it considered a disruptive innovation; where and why in the enterprise is pharma ripe for blockchain applications; the hidden business rewards that would be exposed; the legal and regulatory considerations with implementation, and much more.

Cybercon 2016 (Washington, DC, USA, November 16, 2016) The forum for dialogue on strategy and innovation to secure defense and government networks, as well as private-sector networks that hold their sensitive data.

Versus 16 (San Francisco, California, USA, November 17, 2016) Versus is not an ordinary event. Versus is not about pitching products or preaching to the choir. Versus is about challenging what you think you know about cybersecurity, about technology, about doing business in the digital age

Data Breach & Fraud Prevention Summit Asia (Mumbai, India, June 8, 2016) ISMG’s Data Breach & Fraud Prevention Summit Asia – Mumbai is a one-day event that will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach to looking at the data breach threat that impacts all industries. Whether you are forming opinions on how to view the recent global Apple Vs. FBI debate, want to learn more about the breach incidents, or just look forward to networking with your peers on cybersecurity challenges, we are confident you will gain tremendous insight throughout the event. CyberWire readers can use the discount promo code "CW20" when registering with dbfpmumbai@ismgcorp.com to receive 20% off the conference price.

SCSC Cyber Security Conclave 2.0 Conference and Exhibition (Hyderabad, India, November 22 - 23, 2016) India’s leading two-day cyber security event is returning in November 2016, once again bringing together over hundreds of cyber security experts, senior officials and policy-makers from across the public and private sector to provide an update on cyber security instances, share best practice strategies, and help India to combat cyber threats.

4th Ethiopia Banking & ICT Summit (Addis Ababa, Ethiopia, November 25, 2016) The 4th Ethiopia Banking & ICT Summit is the ONLY event in Horn of Africa that focuses on technology innovations and trends in the Banking and ICT sectors. This annual summit brings together Financial Institutions, Information Technology Vendors, high profile CIOs, CISOs, CTOs Risk and Compliance Officers and COOs to explore how they can utilize the newest technologies to further increase mobility, enhance security, support new products and services, and improve customers’ experience to secure their competitive edge.

CIFI Security Summit (Toronto, Ontario, Canada, November 30 - December 1, 2016) The Annual CIFI Security Summit takes place all over the world, Asia, Europe, Australia & North America. These summits are essential 2 day conferences and exhibitions bringing together leading security experts from around the globe to discuss Cyber Intelligence, Digital forensics, Cyber Security and Cyber Investigations. This is the only event of its kind that will run 4 simultaneous streams over 2 days in addition to case studies, demonstrations from global business leaders and a 30+ Exhibition.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

Putin advisor doxed? ISIS works from Raqqa; Hamas operates "Moonlight" cyberespionage. Dyn releases details on Friday's DDoS. Correro sees a different DDoS campaign exploiting LDAP.