The CyberWire Daily Briefing 11.21.16

Summary

By The CyberWire Staff

Fortinet warns of an Android banking Trojan. It's mostly affecting German users' devices.

Facebook Messenger is being used as a vector for ransomware. Criminals are distributing Locky in malicious images shared over the service. The Nemucod downloader is bypassing Facebook's whitelisting protections by arriving in the form of an SVG file, so treat images you receive with circumspection.

GeekedIn, a tech job recruiting site, scraped (not clearly legitimately) 8 million GitHub profiles, but then left them exposed in an unsecured database. GeekedIn regrets the misstep, and says it's correcting it. Those with GitHub profiles should take steps to secure themselves.

Investigators continue to look into the upgrade fraud at Three. Some observers think on-boarding and off-boarding practices may have contributed to compromising the credentials used in the scam.

In industry news, Symantec indeed is ready to acquire LifeLock for $2.3 billion, and Optiv is filing for an IPO.

The holiday shopping season begins more-or-less officially this Friday, and there's much advice out on how to buy safely online. RiskIQ this morning released a white paper on the topic. They draw particular attention to the risks apps pose during the season (and suggest specific points of skepticism), and they emphasize the importance of knowing you're on the site where you intend to shop, not on a spoofed page.

In US news, President Obama says he "can't" (meaning "won't") pardon Snowden. Rumors in Washington suggest DNI Clapper and Secretary of Defense Carter want NSA Director Rogers removed; Congress disagrees, and threatens hearings.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, Canada, China, European Union, Finland, India, Iran, Morocco, Romania, Russia, Spain, Ukraine, United Kingdom, United States

A note to our readers: We won't publish this Thursday; we'll be observing the Thanksgiving holiday.

On the Podcast

The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we hear from our partners at the University of Maryland's Center for Health and Homeland Security: Markus Rauschecker talks about proposed Federal voluntary standards for automotive cyber security. As always, if you enjoy the podcast, please consider giving it an iTunes review.

Sponsored Events

AlienVault USM Webcast (Live Webcast, December 1, 2016) Find threats lurking on your systems with host-based intrusion detection and AlienVault USM.

NCCoE Speaker Series: Understanding, Detecting & Mitigating Insider Threats (Rockville MD, USA, December 6, 2016) Your employees could be your biggest cybersecurity risk. Join us to learn more.

Selected Reading

Cyber Trends

Black Friday eCommerce Blacklist (RiskIQ) According to Adobe Digital Index, in 2015, online shoppers filled eCommerce cash registers with more than $5.8 billion in sales over the Black Friday weekend—and with that number expected to grow this year, threat actors are looking to take advantage

GDPR heads security focus for large companies, disaster recovery for small - research (Computing) With 18 months to go before new regulations hit larger firms are rushing to make themselves compliant

Manufacturing companies highly exposed to cyberattacks, study (Insurance Business) Manufacturing companies highly exposed to cyberattacks, study Manufacturing businesses are particularly vulnerable to cyberattacks owing to their focus on innovation and increasing reliance on connected products, a multinational professional services firm said in a recent study

35% of websites still using insecure SHA-1 certificates (Help Net Security) 35 percent of the world’s websites are still using insecure SHA-1 certificates, according to Venafi. This is despite the fact that leading browser providers, such as Microsoft, Mozilla and Google, have publicly stated they will no longer trust sites that use SHA-1 from early 2017. By February 2017, Chrome, Firefox and Edge, will mark websites that still rely on certificates that use SHA-1 algorithms as insecure

Ransomware success creates apathy towards traditional antivirus software (Help Net Security) In the last 12 months, 48 percent of organizations across the globe have fallen victim to a ransomware campaign, with 80 percent indicating that they’ve suffered from three or more attacks, according to a global survey conducted by Vanson Bourne

Report: Half of Organizations Have Been Hit by Ransomware (eWeek) Not only are many organizations being impacted by ransomware, they are also being attacked repeatedly and some are paying up

Businesses aren’t telling anyone when they’ve been hit with ransomware (CyberScoop) There may be more businesses dealing with ransomware than the private sector community cares to talk about

Hybrid cloud storage use to double in next 12 months (Help Net Security) The use of hybrid cloud storage will accelerate rapidly over the next 12 months, according to Cloudian. Across 400 organisations surveyed in the UK and USA, 28% already use hybrid cloud storage, with a further 40% planning to implement within the next year. Only 19% have no plans to adopt

More than 55 percent millennials have been hit by cybercrime in India: Norton by Symantec (Open Sources) Over 55 percent of millennials (born between 1980-2000) in India have experienced cybercrime in the past year and globally, millennials are the most commonly affected victims, with 40 percent experiencing it last year, a report revealed on Saturday. According to the ‘Norton Cyber Security Insights’ report by security software firm Norton by Symantec, “39 percent Indian millennials have either experienced ransomware themselves or know someone who has”

A quarter of Australian firms ignorant about their own cyber defences, survey finds (IT Briefs) A quarter of Australian businesses don't know if they have the right security controls for cyber attacks and are risking an average cyber attack cost of more than $622,000, new research from BAE Systems has revealed

Legislation, Policy and Regulation

Govt to soon appoint cyber professionals (Tribune) Due to increase in cyber crime, the Information and Technology Ministry is in major disarray. To control this, the Central Government is soon going to appoint a force of cyber professional, who will be able to stop hacking and keep a check on cyber crime in the government body

NSA Director Mike Rogers Could Be Removed in Restructuring (ABC News) President Obama is considering a recommendation by Defense Secretary Ash Carter and Director of National Intelligence James Clapper to separate the commands of the National Security Agency and U.S. Cyber Command that could lead to the removal of Admiral Mike Rogers who heads both commands

Pentagon and intelligence community chiefs have urged Obama to remove the head of the NSA (Washington Post) The heads of the Pentagon and the nation’s intelligence community have recommended to President Obama that the director of the National Security Agency, Adm. Michael S. Rogers, be removed

Lawmakers decry possible removal of NSA director, call for hearings (Federal News Radio) Several key GOP members of Congress began to weigh in this weekend with strong disapproval over suggestions that Adm. Michael Rogers, the director of the National Security Agency and commander of U.S. Cyber Command may be fired during the final weeks of the Obama administration

Trump's national security pick is a cybersecurity hawk (CSO) Like Trump, Michael Flynn supports using offensive cyberweapons

Former NSA, CIA Director Hayden: World Needs a Set of Cyber Norms (USNI News) The United States should help create an international set of norms for cyber behaviors – to distinguish between accepted behaviors like espionage and non-accepted behaviors like cyber theft and destruction – and then craft laws and policies that allow U.S. cyber warriors to succeed in that domain, a former director of the National Security Agency and Central Intelligence Agency said today

McCain dismisses Russian impact on election, stresses need for cyber committee (The Hill) Senate Armed Services Chairman John McCain (R-Ariz.) said Saturday that he does not believe Russian hackers affected the presidential election, adding that he plans to recommend a new select committee on cybersecurity

What a Trump presidency could mean for U.S. cyber weapons (CyberScoop) Defense contractors developing military grade cyber weapons find themselves in a prime position to capitalize on President-elect Donald Trump’s rise to the White House. With this significant-yet-exclusive business opportunity on the horizon, policy and security experts question what Trump’s apparent plan to develop offensive cyber tools will mean for both those at home and abroad

Products, Services, and Solutions

Kaspersky introduces its own “Hackproof” OS (Technews) The popular anti-virus software company called “Kaspersky” has quite recently claimed to have their very own Operating System software since last October. They are constructing a secure operating system for preserving the personal data of users

Russian Security Firm Kaspersky Announces Its Own Secure OS, 14 Years in the Making (Circle ID) "I've anticipated this day for ages — the day when the first commercially available mass market hardware device based on our own secure operating system landed on my desk," writes Eugene Kaspersky, Chairman and CEO of Kaspersky Lab, in a blog post introducing company's layer 3 switch powered by Kaspersky OS. Kaspersky believes the OS will be "ideal for applications where a small, optimized and secure platform is required" — particularly when it comes to Internet of Things

Matrix.org Launches Cross-platform Beta of End-to-End Encryption Following Security Assessment by NCC Group (Matrix) Security assessment allows Matrix to advance development of its end-to-end encryption implementation, as the project today adds iOS and Android to the list of E2E supported platforms

UK bank to extend trial of behavioural biometrics security (NFC World) UK bank Natwest has trialled a behavioural biometrics system designed to offer continuous authentication throughout an online banking session, using more than 500 behaviour patterns to identify users and prevent fraud from unauthorised logins and automated attacks

LogRhythm Enhances Security Software (Techrockies) Boulder-based security software developer LogRhythm, which develops security intelligence and analytics software, said this week that it has made a major upgrade to its flagship software

Comodo Certification Manager relieves the burden of managing security certificates manually (Network World) Some companies have 10,000 or more certificates, and managing them manually is time consuming and error-prone. A management platform can automate certificate discovery and renewal

Argus Breakthrough Technology for Automotive Cyber Security (American Security Today) Argus Cyber Security, the world’s largest independent automotive cyber security company, today announced further expansion of its In-Vehicle Network Protection suite with its new groundbreaking ECU Fingerprinting technology

Website Security Partner Program (Symantec) The Symantec Website Security Partner Program includes the most relevant, recognized, trusted and diverse SSL Certificate, Code Signing, and Website security & management solutions. Our partners have multiple brand options to sell including; Symantec, Thawte, GeoTrust, & RapidSSL. Each brand has a specific product offering which will allow you to succinctly map to your customers unique requirements

Embracing cyberspace and the cyber-challenge for public-private partnerships (Telegraph) Anu Khurmi and Andrew Fitzmaurice discuss how Templar Executives’ unique approach is enabling businesses to embrace and exploit cyberspace and Sally Howes discusses how the public and private sectors can improve the success of cybersecurity

Exclusive: Hemisphere adds six new security vendors; ups solution sell scope (ChannelLife) Hemisphere Technologies has added six new vendors to its security line up as the distributor looks to provide resellers with a full suite of offerings for solution selling

Technologies, Techniques, and Standards

Vulnerable connected devices a matter of 'homeland security' (Christian Science Monitor Passcode) Top government officials such as Homeland Security chief Jeh Johnson are urging device makers to secure everyday objects that connect to the internet

Which operating system do ‘professional’ hackers use? (TechWorm) Which operating system do the ‘real’ hackers use? The real here is the cyber criminal type hackers and hacktivists and not security researchers and white hat hackers

Tips for Secure Online Shopping (Above Security) Shopping online for Black Friday is convenient. You avoid the crowds and browse more effectively with the comfort of your home. However, we are not immune from cyber attacks. How to protect yourself from identity theft or credit card fraud?

As Christmas and Cyber Monday approach consumers should beware of online fraud (Herald Scotland) With the majority of people planning to do at least part of their Christmas shopping online, the recent attack on 9,000 Tesco Bank accounts is a timely reminder that you can’t be too careful when carrying out cyber transactions

Security basics for the holiday season, and the year to come (CSO) Let's go shopping!

Marketplace

Symantec to acquire LifeLock for $2.3 billion (Reuters) Symantec Corp (SYMC.O) said it would acquire U.S. identity theft protection services company LifeLock Inc (LOCK.N) for $2.3 billion, in a deal that it hopes will prop up sales at its Norton cybersecurity unit

Cybersecurity company Optiv files for IPO (Reuters) Cybersecurity company Optiv Security Inc, majority owned by Blackstone Group LP (BX.N), filed with U.S. regulators for an initial public offering of its common stock on Friday

Mach37 accelerator hits critical milestones as investors get more selective (Washington Post via Standard Examiner) In its third year of mentoring and investing in cybersecurity start-ups in Northern Virginia, state-funded start-up accelerator Mach37 is starting to show it can churn out self-sustaining businesses

4 Things Cisco's Management Wants You to Know (Motley Fool) With weak guidance knocking down the stock, management tried to fill in the details

Analysts Unimpressed With Cisco Systems, Should You Be? (Seeking Alpha) Cisco Systems' revenue decelerated in the first quarter. Nevertheless, I expect dividend growth to continue due to a very strong balance sheet and cash flow. Guidance for next quarter was for revenue to decline. For this reason, I no longer recommend adding shares of Cisco Systems

Qualcomm and HackerOne Partner on Bounty Program (Threatpost) Qualcomm kicked off its first bug bounty program Thursday, opening the door for white hat hackers to find flaws in a dozen Snapdragon mobile chipsets and related software. Rewards for the invite-only bug bounty program top $15,000 each

ZTE can continue operating as normal, as Washington agency extends temporary license until Feb 27, filing says (South China Morning Post) ZTE Corp, China’s largest listed telecommunications equipment manufacturer, has been granted a reprieve for the fourth time from United States export restrictions over the violation of long-standing trade sanctions on Iran

Aixtron Says CFIUS Opposes Grand Chip Deal Due To Security Concerns (RTT News) Aixtron SE (AIXG) announced Friday that the investigation period for the Committee on Foreign Investment in the United States or CFIUS to review the tender offer by Grand Chip Investment GmbH or GCI lapsed on November 17, 2016

Where cybersecurity computes (MIlford Daily News) Cyberattacks may be bloodless, but they are far from painless, especially for the besieged company that sees its services temporarily or indefinitely disrupted

RiskSense Debuts on 2016 Deloitte Technology Fast 500™ (Businesswire) Cyber risk management pioneer achieves 235% growth rate

FireEye (FEYE) Taps Nuance's Robbins as Head of Worldwide Sales (Street Insider) FireEye, Inc. (Nasdaq: FEYE) announced that former Symantec and Nuance Communications executive Bill Robbins has joined the company as executive vice president of worldwide sales. Robbins reports to FireEye CEO Kevin Mandia

Sources: Crowdstrike Hires Former Tanium Exec As Head Of Worldwide Sales (CRN) As the battle for the endpoint security market heats up, Crowdstrike has landed former Tanium top sales executive Mike Carpenter as its new head of worldwide sales, sources told CRN

Security Patches, Mitigations, and Software Updates

Firefox Focus: Private iOS browsing made easy (Help Net Security) Mozilla has released Firefox Focus, an iOS app that lets you browse the Internet without having to worry who’s tracking your online activity

Drupal Fixes ‘Moderately Critical’ Vulnerabilities in Core Engine (Threatpost) According to a security advisory, the update, pushed Wednesday, fixed four vulnerabilities marked “moderately critical.” The vulnerabilities affect Drupal core 7.x versions prior to 7.52 and Drupal core 8.x versions prior to 8.2.3

Facebook working with fact-checkers to weed out fake news (CSO) The social networking site will make it easier for users to report fake stories

It’s time to get rid of the Facebook “news feed,” because it’s not news (Ars Technica) Fake news didn’t throw the election. It was a symptom, not a cause

Cyber Attacks, Threats, and Vulnerabilities

Canadian Army Recruitment Site Hacked; Redirected to Chinese Govt Webpage (HackRead) The users were shocked to see information about Chinese government officials and their activities on the recruitment site

Canadian Forces recruiting website hacked (CBC) Main landing page for would-be recruits redirects users to Chinese state-run website

German Android users bombarded with banking malware masquerading as legitimate apps (Help Net Security) Fortinet researcher Kai Lu warns of a fake email app that is capable of stealing login credentials from 15 different mobile banking apps for German banks

Android Malware Masquerades as Banking App, Part II (Fortinet) New variants of android banking malware target even more German banks, popular social media apps, and more

Malicious images on Facebook lead to Locky Ransomware (CSO) Images sent via Facebook Messenger lead to Ransomware or Nemucod downloader

8 million GitHub profiles scraped, data found leaking online (Help Net Security) Technology recruitment site GeekedIn has scraped 8 million GitHub profiles and left the information exposed in an unsecured MongoDB database. The backup of the database was downloaded by at least one third party, and it’s likely being traded online

Fraudsters accessed Three UK customer database with authorised credentials (Help Net Security) Three UK, a telecom and ISP operating in the United Kingdom, has suffered a data breach. According to Three’s status report on the investigation, the attackers were able to access the company’s customer upgrade system by using login credentials of an employee, and their goal was to steal high-end smartphones

ZTE & Huawei Swear That Their OZ Smartphones Don’t Contain Tracking Software (Channelnews) ZTE and Huewei, both powerhouse Smartphone brands in China now claim that their devices in Australia do not contain the controversial Adups software which US security Company Kryptowire said was found on several Android smartphones in the USA

Office Depot allegedly running in-store tech support scams (Naked Security) We’ve done plenty of reporting on tech support scams, be they online or by phone, but how about the sort where you walk into a huge, supposedly legit gizmo box store and they try to sell you the same load?

Office Depot insider speaks out about unnecessary computer fixes (KIRO 7) Jesse introduces us to the Office Depot insider who told us

Security Advisory: Mobile Phones (Kraken) Heed this or perish

Symantec: It's time to think about cyber criminals as professionals (IT Pro Portal) "Cyber crime is now a profession,” so needs to be thought of as such

Academia

Northrop Opens 2016-2017 UK National Youth Cyber Defense Competition (GovConExecutive) Northrop Grumman has launched the U.K. national youth cyber defense competition for 2016-2017 in efforts to promote science, technology, engineering and mathematics education

Litigation, Investigation, and Enforcement

Obama says he can’t pardon Snowden (Ars Technica) Snowden may be loved in Germany, but US lawmakers aren't keen on forgiveness

House Intel chair arranging hearing on NSA director (The Hill) House Intelligence Chairman Devin Nunes (R-Calif.) is questioning two top Obama administration officials over reports they recommended President Obama remove National Security Agency Director Adm. Michael Rogers

Ohio man charged with threatening to kill Trump on Twitter (Ars Technica) "My life goal is to assassinate Trump. Don't care if I serve infinite sentences"

Russia Criticized for Blocking Microsoft’s LinkedIn over Data Location Law (Voice of America) Russian users of the online professional-social network LinkedIn expressed concern after Russian authorities this week began blocking the popular service

Cross-continental operation brings down payment card fraudsters (Help Net Security) On 14 and 15 November 2016, the Finnish National Bureau of Investigation, the Spanish Guardia Civil, the British West Midlands Regional Cyber Crime Unit together with the Royal Canadian Mounted Police and with the support of Europol’s European Cybercrime Centre (EC3) teamed up in a cross-continental joint action day aimed at breaking down an international card-not-present fraud network

Investigation confirms no patient or employee info compromised in cyber-attack on healthcare system (Security Info Watch) After a thorough investigation into the late August cyberattack on the Appalachian Regional Healthcare (ARH) system, findings from independent computer forensic experts as well federal authorities have determined that no ARH patient or employee health or financial information was comprised in the attack

Critical Cyber-Attack on Hospitals Now A Reality- A View From ‘Across the Pond’ (JD Supra) Serious trouble for all health and care providers looms large

The Evolution of Cyber Crime in Morocco (Morocco World News) The rise of cyber-crime has become one of the emerging difficulties of a more technologically integrated world

Kaspersky takes Hemisphere Technologies to court in royalties wrangle (ARN) Millions at stake in legal proceedings spanning two countries

FS.to pirate website shut down after Ukraine’s National Police Raid (HackRead) A complaint made by the Motion Picture Association of America led to the arrest of people behind FS.to. The cyber-crime department of Ukraine’s National Police force carried out a series of operations against the website which is used by millions of users around the world. The perpetrators were arrested and a total of 60 servers were shut down as a result

Design and Innovation

Device Security Issues for the Infosec Community to Consider (Tripwire: the State of Security) The issue of device security has once again returned to the forefront in light of the recent botnet attacks that have leveraged CCTV cameras, DVRs and other Internet of Things (IoT) devices. As a community, especially those of us who are CISSPs, it is our responsibility to think several chess moves ahead and to take deeper dives into the investigative questions that aren’t being discussed in the aftermath of such attacks

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

SANS Healthcare CyberSecurity Summit & Training 2016 (Houston, Texas, USA, November 14 - 21, 2016) SANS will be hosting its 4th Annual Healthcare Cybersecurity Summit. Join us and hear top security experts from leading healthcare companies discuss proven approaches for securing and succeeding in the new healthcare environment. You'll have the opportunity to meet with leaders from top organizations and see what really works in securing healthcare. As we know, healthcare has been undergoing major changes. Patients are demanding more convenient and personalized care. Digital health is changing the way that doctors and patients interact. New technologies allow patients to track their own health and generate data that was previously not available to care providers. Additionally, health information exchanges are being created to enable access to electronic medical records across disparate organizations. The Healthcare CyberSecurity Summit will take aim at the major challenges organizations face as they balance the security, compliance, and innovation required to thrive in this quickly changing market

Data Breach & Fraud Prevention Summit Asia (Mumbai, India, June 8, 2016) ISMG’s Data Breach & Fraud Prevention Summit Asia – Mumbai is a one-day event that will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach to looking at the data breach threat that impacts all industries. Whether you are forming opinions on how to view the recent global Apple Vs. FBI debate, want to learn more about the breach incidents, or just look forward to networking with your peers on cybersecurity challenges, we are confident you will gain tremendous insight throughout the event. CyberWire readers can use the discount promo code "CW20" when registering with dbfpmumbai@ismgcorp.com to receive 20% off the conference price.

SCSC Cyber Security Conclave 2.0 Conference and Exhibition (Hyderabad, India, November 22 - 23, 2016) India’s leading two-day cyber security event is returning in November 2016, once again bringing together over hundreds of cyber security experts, senior officials and policy-makers from across the public and private sector to provide an update on cyber security instances, share best practice strategies, and help India to combat cyber threats.

4th Ethiopia Banking & ICT Summit (Addis Ababa, Ethiopia, November 25, 2016) The 4th Ethiopia Banking & ICT Summit is the ONLY event in Horn of Africa that focuses on technology innovations and trends in the Banking and ICT sectors. This annual summit brings together Financial Institutions, Information Technology Vendors, high profile CIOs, CISOs, CTOs Risk and Compliance Officers and COOs to explore how they can utilize the newest technologies to further increase mobility, enhance security, support new products and services, and improve customers’ experience to secure their competitive edge.

Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, August 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained over one hundred fifty organizations and has become the "go-to company" for Insider Threat Program Development Training.

Internet of Things (IoT) (Elkridge, Maryland, USA, November 29, 2016) This cybergamut Technical Tuesday features Dr. Susan Cole, currently the Cybersecurity Lead for a Federal Information Systems Controls Audit Management (FISCAM) preparation team and also provides consulting support to small companies. The Internet of Things (IoT) is becoming more embedded in everyday life, often without people being aware. This talk centers on defining what IoT really is, discussing why it has exploded exponentially, and identifying challenges to future implementation of IoT, including security challenges.

CIFI Security Summit (Toronto, Ontario, Canada, November 30 - December 1, 2016) The Annual CIFI Security Summit takes place all over the world, Asia, Europe, Australia & North America. These summits are essential 2 day conferences and exhibitions bringing together leading security experts from around the globe to discuss Cyber Intelligence, Digital forensics, Cyber Security and Cyber Investigations. This is the only event of its kind that will run 4 simultaneous streams over 2 days in addition to case studies, demonstrations from global business leaders and a 30+ Exhibition.

AlienVault USM Webcast (Online, December 1, 2016) Host-based intrusion detection systems (HIDS), work by monitoring activity that is occurring internally on a host. HIDS look for unusual or nefarious activity by examining logs created by the operating system, looking for changes made to key system files, tracking installed software, and sometimes examining the network connections a host makes. AlienVault USM integrates HIDS with other key security controls to help you get the most out of host-based monitoring.

Cyber Threats Master Class (Turin, Italy, December 1 - 2, 2016) The UNICRI Masterclass on Cyber Threats aims to provide media and public relations professionals, as well as those planning a career in public information and communication, with a deeper understanding of new security threats to states and citizens. The focus of the course is on cyber threats, internet governance and the role of media. Application deadline is October 2, 2016.

Disrupt London (London, England, UK, December 3 - 6, 2016) TechCrunch Disrupt is the world’s leading authority in debuting revolutionary startups, introducing game-changing technologies, and discussing what’s top of mind for the tech industry’s key innovators. Disrupt gathers the best and brightest entrepreneurs, investors, hackers, and tech fans for on-stage interviews, the Startup Battlefield competition, a 24-hour Hackathon, Startup Alley, Hardware Alley, and After Parties.

US Department of Commerce Cyber Security Trade Mission to Turkey ( Ankara and Istanbul, Turkey, December 5 - 8, 2016) Now is the time to expand in Turkey! The growth and frequency of cyber-attacks in recent years has increased the demand to protect critical data and infrastructure of governments and businesses. Turkey is increasing resources in the public and private sectors to tackle these complex cyber threats. Apply now for this mission. Recruitment for the mission will begin immediately and conclude no later than September 16, 2016. The U.S. Department of Commerce will review applications and make selection decisions on a rolling basis beginning May 2, 2016 until the maximum of 20 participants is selected. Applications received after September 16, 2016 will be considered only if space and scheduling constraints permit.

NCCoE Speaker Series: Understanding, Detecting & Mitigating Insider Threats (Rockville, Maryland, USA, December 6, 2016) Insider threats are growing at an alarming rate, with medium-to-large company losses averaging over $4 million every year. Smaller businesses are at risk too, and it is estimated that in 2014, over half of all cyber attacks targeted companies with less than 1,000 employees. The majority of these breaches are caused accidentally by internal employees or contractors, which means that, whether their intent is malicious or not, people represent the greatest risk to a company's cyber security. Join us for the December 6th NCCoE Speaker Series and learn from the leading experts, including Mitre's Principal Behavioral Psychologist Dr. Deanna Caputo, how you can keep your business safe from these costly and preventable breaches.

Weaponizing Data Science for Social Engineering: Automated E2E Spear Phishing on Twitter (Elkridge, Maryland, USA, December 6, 2016) This cybergamut Technical Tuesday features ZeroFox data scientist John Seymour, who will present a recurrent neural network that learns to tweet phishing posts targeting specific users. Historically, machine learning for information security has prioritized defense: think intrusion detection systems, malware classification and botnet traffic identification. Offense can benefit from data just as well. Social networks, especially Twitter with its access to extensive personal data, bot-friendly API, colloquial syntax and prevalence of shortened links, are the perfect venues for spreading machine-generated malicious content.

Practical Privacy Series 2016 (Washingto, DC, USA, December 7 - 8, 2016) This year, the Practical Privacy Series will return to Washington, DC, with its rapid, intensive education that arms you with the knowledge you need to excel on the job. We’re programming some stunningly good sessions right now—we can’t wait to share them with you!

CISO Southern Cal (Los Angeles, California, USA, December 8, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations to operate smoothly, CISOs and IT security executives need to be ahead of the hackers, and kept abreast of the latest IT security topics and trends. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more

SANS Cyber Defense Initiative 2016 (Washington, DC, USA , December 10 - 17, 2016) Make plans to attend SANS Cyber Defense Initiative 2016 (CDI). SANS is the one educational organization known for developing the cybersecurity skills most in need right now. SANS Cyber Defense Initiative 2016 will feature courses in IT security, security management, IT audit, penetration testing, and computer forensics, including short courses that can be taken with a long course to enhance your training. Every course, evening talk, and special event is designed to equip you with cutting-edge knowledge and skills required to combat today's cyber criminals. SANS events offer you a unique opportunity to learn from the best cybersecurity teachers in the country. At SANS events you get the kind of hands-on, immersion training that you can put to work immediately

Privacy, Security and Trust: 14th Annual Conference (Auckland, New Zealand, December 12 - 14, 2016) This year’s international conference focuses on the three themes of Privacy, Security and Trust. It will provide a forum for global researchers to unveil their latest work in these areas and to show how this research can be used to enable innovation. The main aims of the conference are: To highlight the innovative research happening globally with three main themes: Privacy, Security and Trust. Academics from across the globe will come together to discuss solutions related to PST risks and to showcase the research methods that are able to minimise future cybercrime issues. To foster new ideas and conversation in order to reduce the amount of PST issues globally and to create enduring change in the behaviour and attitudes towards PST. To draw together PST practitioners, researchers, and government to showcase the latest PST research outputs and initiatives. We envisage that industry participants will implement the PST initiatives that are discussed and showcased at the conference into their practice.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.