The CyberWire Daily Briefing 11.22.16

Summary

By The CyberWire Staff

Looking back at election hacking, it's worth noting that for all the crying of havoc (and legitimate concerns) about interference with US voting, other places probably had it worse. Consider Montenegro's experience, as described by Wapack Labs.

Since July ATM hackers (probably affiliated with the Buhtrap mob) have been at work, mostly in Taiwan and Thailand, stealing cash by inducing installation of a bogus firmware update that directed the machines to empty themselves. Taipei police realized something was amiss when they started receiving reports of cash lying around ATMs. This isn't conventional carding, but a direct manipulation of the ATMs themselves. Buhtrap has spawned at least one associated gang, "Cobalt," which has been active in Europe, and the FBI warns US banks that they could be at risk as well.

Cerber has now begun to target high-value database files for encryption and extortion. There is some good news on another ransomware strain, however: ESET has released a free decryption tool for Crysis ransomware.

Anubis Networks finds another Android backdoor, this one associated with software from Ragentek Group. The backdoor enables potential exploitation of over-the-air updating.

A patch fixes exploitable issues with Siemens-branded security cameras.

Check Point scans the malware landscape and finds that Conficker remains number one.

In industry news, Oracle announces it will acquire Dyn, recently famous as the victim of Mirai-DDoS. Telstra is buying security analytics shop Cognevo, part of the dissolving New Zealand security firm Wynyard.

The US Defense Department's Hack-the-Pentagon program gets more wide-open than ever.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, Israel, Montenegro, New Zealand, Norway, Russia, Singapore, Taiwan, Thailand, United States

A note to our readers: We won't publish this Thursday, as we'll be observing the Thanksgiving holiday. We'll be back as usual with the CyberWire Daily News Briefing on Friday (although the CyberWire Daily Podcast will take a longer hiatus, and pick up again on Monday).

On the Podcast

The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we hear from our partners at Palo Alto Networks, as Rick Howard discusses the gap that continues to persist between boards and technical teams. We'll also have Derek Northrope of Fujitsu Biometrics as our guest; he'll describe recent developments in biometrics and their application to security. As always, if you enjoy the podcast, please consider giving it an iTunes review.

Sponsored Events

AlienVault USM Webcast (Live Webcast, December 1, 2016) Find threats lurking on your systems with host-based intrusion detection and AlienVault USM.

NCCoE Speaker Series: Understanding, Detecting & Mitigating Insider Threats (Rockville MD, USA, December 6, 2016) Your employees could be your biggest cybersecurity risk. Join us to learn more.

Selected Reading

Cyber Trends

NSA Chief Michael Rogers Talks Cybersecurity (Wall Street Journal) The head of the U.S. Cyber Command discusses the Sony hack, state-backed attacks and WikiLeaks

FriendFinder breach shows it's time to be adults about security (Engadget) More like Adult Friend Loser

Was your data breach an inside job? (Help Net Security) Kaspersky Lab revealed the current state of security threats among businesses and how their perception of threats compares to the reality of cybersecurity incidents experienced over the past year, both in North America and worldwide. A top concern of North American businesses and a leading cause of successful cyberattacks in these organizations are also the most important asset: their employees

When the workforce is the weakest link (Financial Times) Staying alert to possible disaster should be a priority for employees

How security collaboration will prove vital in 2017 (Help Net Security) The escalation of high-profile hacking and data dumps recently has underscored the increasing boldness of digital threat actors, culminating in July’s Democratic National Committee email leak and its ripple effect through American politics. The group behind the hack and its attack patterns were known, and yet the attack was not thwarted, leaving many questions as to the overall state of the Internet’s security

Your car will be recalled in 2017 thanks to poor open-source security (ZDNet) Security experts believe yet another open-source software security catastrophe is on the horizon -- but this time, your car is the target

Fortinet Predicts Tipping Point For Cybersecurity as Threats Become More Intelligent, Autonomous, and Difficult to Detect Than Ever Before in 2017 (Yahoo!) Derek Manky, global security strategist, Fortinet: "The expanding attack surface enabled by technology innovations such as cloud computing and IoT devices, a global shortage of cybersecurity talent, and regulatory pressures continue to be significant drivers of cyber threats. The pace of these changes is unprecedented, resulting in a critical tipping point as the impact of cyber attacks are felt well beyond their intended victims in personal, political, and business consequences. Going forward, the need for accountability at multiple levels is urgent and real affecting vendors, governments, and consumers alike. Without swift action, there is a real risk of disrupting the progress of the global digital economy."

Legislation, Policy and Regulation

Trump will direct Pentagon to develop new national cybersecurity plan (CyberScoop) On his first day in office, President-elect Donald Trump will direct the Department of Defense and the Chairman of the Joint Chiefs of Staff to develop “a comprehensive plan to protect America’s vital infrastructure from cyberattacks, and all other form of attacks”

Influencers: Trump won’t improve cybersecurity (Christian Science Monitor Passcode) President-elect Donald Trump has promised that protecting the country from cyberattacks will be a “major priority” for his administration, but three-quarters of Passcode’s pool of digital security and privacy experts say they do not believe cybersecurity will improve with the Republican in the Oval Office

Cyber panel closes in on final recommendations (FCW) The commission charged with developing a plan to secure cyberspace in the next decade will recommend six long- and short-term fixes to the Obama administration by Dec. 1

Firing NSA Chief Would Be ‘Extremely Reckless,’ Nunes Says (Bloomberg) Comments follow reports that DNI, Pentagon want Rogers gone. ‘Knives are out’ to get NSA and Cyber Command director: Nunes

DFS Cyber Regulation: Changing the Rules – An Interview with Bay Dynamics’ Steven Grossman (JDSupra) As part of Patterson Belknap’s continuing focus on the New York Department of Financial Services (DFS) proposed cybersecurity regulation, we sat down with Steven Grossman, VP Strategy & Enablement at Bay Dynamics, a cyber risk analytics company, to talk about cybersecurity in a highly regulated environment. In the first installment of our 2-part interview with Steven, he discusses implementation of the new regulation and the fact that organizations shouldn’t confuse regulatory compliance with effective cybersecurity planning and strategy

Products, Services, and Solutions

Oxygen Forensics Offers Enterprise License to Organizations so Multiple Experts Can Connect From Anywhere at Anytime (PRNewswire) Oxygen Forensics, the worldwide developer and provider of advanced forensic data examination tools for mobile devices and cloud services, announced today Oxygen Forensic Detective Enterprise license which allows users in different locations or departments to access specific cases that utilize Oxygen Forensics products from any computer and/or location

ReSec Technologies Expands Engagement with Bezeq the Israeli Telecommunication Corp Ltd. to Secure Files from all Sources (PRNewswire) Largest telecommunications group in Israel expands agreement with ReSec; Utilizes full suite of ReSecure solutions to secure files from all sources, including internal partitioning

DDoS protection quiz-based training course (Help Net Security) The DDoS Protection Bootcamp is the first online portal to provide in-depth technical training in the field of DDoS protection

TrapX releases deception-based security solution (Compliance Week) TrapX, a deception-based cyber-security defense provider, recently released the world’s first deception-based security solution specifically designed to protect the Society for Worldwide Interbank Financial Telecommunication (SWIFT) financial networks

FireEye’s iSIGHT threat intelligence exposes security blind spots (Network World) FireEye combines machine learning with human analytics to better understand the tools, tactics and procedures used by threat actors

Pentagon seeks better computer encryption (Defense Systems) The Pentagon is exploring technologies designed to decrease hardware requirements and improve computer encryption to better secure networks without compromising speed and performance

IBM to add four new cloud data centres infused with cognitive intelligence in the UK (International Business Times) The move will help IBM keep up with growing client demand

Israeli startup CyBellum wants to end zero-day attacks (Geektime) CyBellum’s solution provides end-to-end protection, from the internal network to the organization’s cloud. They can detect breaches and block the attack in its initial stage, all before the attacker penetrates the system

Technologies, Techniques, and Standards

Crysis Averted: Eset Releases Free Ransomware Decryptor (Infosecurity Magazine) Victims of the Crysis ransomware now have a get out of jail free card after security vendor Eset announced a free decryptor tool

AdultFriendFinder network finally comes clean to members about hack (ZDNet) The adult entertainment and dating network waited a week to message its millions of users after news of the hack broke, but its method of delivery was far from proactive

Security Threat Looms over Holiday Shopping Season (ReadItQuik) The coming weekend, starting from Black Friday (November 25) to Cyber Monday (November 28), is that time of the year when people do most of their shopping. It is also the time when most of the discounts and deals are offered by the retailers, both instore as well as on their websites and apps

Please Enjoy This Clip of a Hedgehog Unlocking an iPhone (Motherboard) Watching this hedgehog unlock an iPhone will make your heart melt

Marketplace

Oracle buys cyber attack target Dyn (Phys.org) Oracle on Monday announced it is buying Dyn, a Web traffic management firm recently hit with a cyber attack that closed off the internet to millions of users

Oracle Just Bought Dyn, the Company That Brought Down the Internet (Wired) Last month, the entire internet went down for a few hours. At least that’s what one of the biggest denial-of-service attacks in recent memory felt like to a lot of people. Sites from Netflix, Spotify, and Reddit to The New York Times and, yes, even WIRED went dark

Telstra acquires New Zealand security analytics provider Cognevo (ZDNet) Telstra will bolster its business security software suite by purchasing part of New Zealand company Wynyard's assets

Symantec doubles down on consumer security by buying LifeLock (Register) Bid to mitigate damage in face of declining anti-virus sales

Top Stocks to Buy in Cybersecurity (Fox Business) Over 5.3 billion records were lost or stolen during data breaches over the past three years, according to the Breach Level Index. A mere 4% of those hacks were considered "secure breaches" in which the stolen data was encrypted and rendered useless for hackers

Is Cisco Stock Worth Holding Through Its Transition? (Motley Fool) After a bullish run in recent years, Cisco stock is down following fiscal 2017 first-quarter earnings. Here's why the company could still be worth holding through its transition

root9B Technologies Announces Third Quarter 2016 Financial Results (PRNewswire) Company remains focused on transition to pure play cybersecurity firm

root9B Announces $790,000 Cyber Defense Contract Extension with Fortune 500 Company (PRNewswire) ORION platform continues to provide proactive HUNT operations

Okta CEO Todd McKinnon and the importance of digital identity (Diginomica) Okta is growing in popularity as a secure identity management layer for digital services. CEO Todd McKinnon talks us through the challenges of scaling the company

Centrify Named A Fastest Growing Private Company in Silicon Valley (BusinessWire) Silicon Valley Business Journal ranked Centrify No. 33 on its annual list of Top 50 Fastest Growing Private Companies

Republic supporting start-ups in countering cyber threats (Straits Times) The Internet of Things may herald a new age of information sharing and automation, but it can also facilitate misdeeds like money laundering and terrorism

Pentagon expands white-hat hacker challenge to all comers (Federal News Radio) The Defense Department undertook a significant expansion of its new crowdsourced approach to cybersecurity Monday, opening its “Hack the Pentagon” challenge to literally anyone and providing them a legal route to report any security holes they find

Pentagon waives penalties for hackers to test its cybersecurity (Stars and Stripes) The Pentagon has approved all so-called “white hat” hackers to test the cybersecurity of its public websites without fear of prosecution, the Defense Department announced Monday

Here’s how to (legally) hack the Defense Department (CyberScoop) The Department of Defense released a policy Monday that allows freelance security researchers a legal way to disclose vulnerabilities in any of the department’s public-facing systems

Qualcomm Offers $15K Reward for Security Bugs (PC Magazine) After discovering 900 million devices were vulnerable to attack, a bug bounty program became essential

Army to break ground on its new cyber center at Fort Gordon (Army Times) Senior Army leaders will break ground Nov. 29 at Fort Gordon, Georgia, for the new headquarters of Army Cyber Command, the command has announced

Best small to midsized cities to land a cybersecurity job (CSO) Looking for a change of scenery in 2017?

Ntrepid’s Hire of CIA Cyber Security Architect Bolsters Cyber Defense Expertise (BusinessWire) Steven Earls, accomplished leader and catalyst for innovation, joins Ntrepid as VP of Information Security Strategy

Security Patches, Mitigations, and Software Updates

Credentials Accessible in Siemens-Branded CCTV Cameras (Threatpost) Vanderbilt Industries has provided a firmware update for more than a dozen Siemens-branded IP-based closed circuit TV cameras that patches a serious, remotely exploitable vulnerability

SSA-284765: Vulnerability in SIEMENS-branded IP-based CCTV Cameras (Siemens) The latest update for SIEMENS-branded IP-based CCTV cameras fixes a vulnerability that could allow a remote attacker to obtain administrative credentials from the integrated web server

Microsoft to Bid Farewell to SHA-1 in February (Infosecurity Magazine) Microsoft has announced it will no longer support the insecure SHA-1 hash algorithm for HTTPS from 14 February next year, adding further urgency for webmasters to transition to SHA-2

Twitter Is Fighting an Uphill Battle to Censor Sexualised Images of Children (Motherboard) Twitter has grappled with offensive or illegal content on its network. Whether it's Islamic State supporters sharing graphic propaganda, or far-right racists harassing high profile users, the site has been often criticised for not doing enough to police its network

Cyber Attacks, Threats, and Vulnerabilities

DDoS Attacks And Coup Attempt During October 2016 Montenegro Elections (Wapack Labs) During the October 16, 2016 elections in Montenegro, the website of the pro-NATO ruling party and several other media and political NGO websites were subject to Distributed Denial of Service (DDoS) attacks. In tandem, misinformation campaigns were conducted across various platforms including social media. Analysis of the event indicate that certain Russian media outlets were involved, and investigations showed that an international group that included Montenegrin, Russian and Serbian nationals were planning a coup that included the assassination of the Montenegrin Prime Minister. It is possible that the Russian government was involved in these activities, which show the possible vectors for a foreign power to influence an election

Hackers Program Bank ATMs to Spew Cash (Wall Street Journal) After crimes in Taiwan and Thailand, the FBI warns of similar potential attacks in U.S.

FBI: US ATMs Could Be Hacked to Spew Cash (Infosecurity Magazine) The FBI is warning that potential ATM attacks, similar to those in Taiwan and Thailand that caused ATMs to dispense millions, could happen in the US

Ask Toolbar Update Feature Hacked to Drop Malware (HackRead) Attackers infected Ask Toolbar Updater to make you download unwanted software

Backdoor Found in Firmware of Some Android Devices (Threatpost) Nearly three million Android devices are vulnerable to an attack that could allow a hacker to compromise over-the-air (OTA) updates to the devices and allow adversaries to remotely execute commands with root privileges

Anti-virus away! Android banking trojan blocks security apps to evade detection (Graham Cluley) Fake login forms pop-up in front of legitimate banking apps to steal credentials

Office 365 Vulnerability Identified Bogus Microsoft.com Email as Valid (Threatpost) Details have been released on a simple Office 365 hack that incorrectly identifies spoofed emails pretending to be from the Microsoft.com domain as valid. The vulnerability being targeted was privately disclosed by Turkish security researcher Utku Sen, and was patched by Microsoft this month

New ScanPOS Point-of-Sale malware heavily targets hospitality sector (Security Brief) Proofpoint researchers have discovered a Point-of-Sale malware that is targeting retailers worldwide, including Australia. The malware, named ScanPOS is heavily targeting the hospitality sector.

ZIP With Comment (SANS Internet Storm Center) I got hold of a malicious document e-mailed inside a password protected ZIP file

Siemens-branded CCTV webcams at risk of hacking, require urgent firmware patch (We Live Security) Siemens-branded IP-based CCTV cameras are the latest internet-connected devices to be found vulnerable to hacking attacks

Businesses as Ransomware’s Goldmine: How Cerber Encrypts Database Files (TrendLabs Security Intelligence Blog) Possibly to maximize the earning potential of Cerber’s developers and their affiliates, the ransomware incorporated a routine with heavier impact to businesses: encrypting database files

ESET: CEO Fraud - Understanding How it Works (Infosecurity Magazine) “CEO fraud happens a lot, because it works”

SIM Box, OTT Bypass Growing Threats to Mobile Operators (Infosecurity Magazine) SIM box fraud and over-the-top (OTT) hijack remain two of the major threats to mobile operator revenues, new research has revealed

Michigan State University confirms data breach of server containing 400,000 student, staff records (WXYZ) Michigan Sate University is confirming that someone breached a database that contains around 400,000 records containing personal information

Impostor claims to be Gen. Mattis on Twitter (Marine Corps Times) A fake Twitter account purportedly belonging to retired Marine Gen. James Mattis is spreading a rumor that the real Mattis will be nominated as the next defense secretary

Great. Now Even Your Headphones Can Spy on You (Wired) Cautious computer users put a piece of tape over their webcam. Truly paranoid ones worry about their devices’ microphones, some even crack open their computers and phones to disable or remove those audio components so they can’t be hijacked by hackers. Now one group of Israeli researchers has taken that game of spy-versus-spy paranoia a step further, with malware that converts your headphones into makeshift microphones that can slyly record your conversations

A Hacker Took Over Tel Aviv’s Public Wi-Fi Network to Prove That He Could (Motherboard) Israeli hacker Amihai Neiderman needed three days to hack into Tel Aviv’s free public Wi-Fi. He only worked during the evenings, after he came home from his full-time job as a security researcher. The 26-year-old said the difficulty level was “a solid 5” on a scale from 1 to 10

Anticipating Black Friday Threat Trends (Recorded Future) We studied attacks reported during the 2015 holiday period and identified new tools, techniques, and procedures (TTPs) that have emerged recently to help anticipate what to expect this year

This year’s most hackable holiday gifts (Help Net Security) Intel Security announced its second annual McAfee Most Hackable Holiday Gifts list to identify potential security risks associated with hot-ticket items this holiday season. The most hackable gift category includes laptops and PCs, followed by smartphones and tablets, media players and streaming sticks, smart home automation and devices, and finally, drones

Office Depot caught claiming out-of-box PCs showed “symptoms of malware” (Ars Technica) News investigations show office supply chain sold unneeded fixes for $180

How Social Security numbers became skeleton keys for fraudsters (Passcode) The Social Security number is overused and abused by hospitals, banks, and even retailers, putting millions of Americans at risk of identity theft. But experts say it doesn't have to be this way

Conficker Still on Top as Malware Jumps 5% in October (Infosecurity Magazine) Malware continued its inexorable rise in October with the number of attacks increasing 5% over the previous month, although UK and US users appeared to be insulated from the worst, according to new stats from Check Point

The odd, 8-year legacy of the Conficker worm (We Live Security) Eight years ago, on November 21st, 2008, Conficker reared its ugly head. And since then, the “worm that roared” – as ESET’s distinguished researcher Aryeh Goretsky puts it – has remained stubbornly active

Litigation, Investigation, and Enforcement

IG dings OPM again on IT security, staff still shorthanded (Federal News Radio) Despite a concerted effort, the Office of Personnel Management is still falling short in its promise to improve multiple aspects of its IT security

FBI's Dark Web Child Porn Investigation Stretched to Norway (Motherboard) Nearly two years after its inception, more details about the largest known law enforcement hacking campaign are still coming to light. According to local media reports, the US Federal Bureau of Investigation provided information to Norwegian authorities from its large-scale investigation into child pornography site Playpen

Coinbase Promises to Fight the IRS in Court Over Data on All Active US Bitcoin Traders (Coinspeaker) The Internal Revenue Services sent Coinbase a summons asking for information on all users basing on three isolated cases when people used bitcoin to evade taxes

Design and Innovation

To Operationalize Cyber, Humanize the Design (Small Wars Journal) Cyberspace…the military riddle of the modern age. Despite well-intentioned talk across the U.S. Army to ‘operationalize cyber,’ the indispensable means for doing so, is to ‘humanize’ the design

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

Norwich University Cyber Security Summit (Northfield, Vermont, USA, June 19 - 21, 2017) Norwich University’s College of Graduate and Continuing Studies (CGCS) is pleased to announce the first annual Cyber Security Summit in June 2017. The summit, presented in a continuing education format, welcomes Norwich alumni and their guests interested in exploring and discussing the latest in cyber security policy from both the federal level and the practical application of that policy on a local or business level. Register today to reserve your space at the summit.

upcoming Events

Data Breach & Fraud Prevention Summit Asia (Mumbai, India, June 8, 2016) ISMG’s Data Breach & Fraud Prevention Summit Asia – Mumbai is a one-day event that will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach to looking at the data breach threat that impacts all industries. Whether you are forming opinions on how to view the recent global Apple Vs. FBI debate, want to learn more about the breach incidents, or just look forward to networking with your peers on cybersecurity challenges, we are confident you will gain tremendous insight throughout the event. CyberWire readers can use the discount promo code "CW20" when registering with dbfpmumbai@ismgcorp.com to receive 20% off the conference price.

SCSC Cyber Security Conclave 2.0 Conference and Exhibition (Hyderabad, India, November 22 - 23, 2016) India’s leading two-day cyber security event is returning in November 2016, once again bringing together over hundreds of cyber security experts, senior officials and policy-makers from across the public and private sector to provide an update on cyber security instances, share best practice strategies, and help India to combat cyber threats.

4th Ethiopia Banking & ICT Summit (Addis Ababa, Ethiopia, November 25, 2016) The 4th Ethiopia Banking & ICT Summit is the ONLY event in Horn of Africa that focuses on technology innovations and trends in the Banking and ICT sectors. This annual summit brings together Financial Institutions, Information Technology Vendors, high profile CIOs, CISOs, CTOs Risk and Compliance Officers and COOs to explore how they can utilize the newest technologies to further increase mobility, enhance security, support new products and services, and improve customers’ experience to secure their competitive edge.

Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, August 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained over one hundred fifty organizations and has become the "go-to company" for Insider Threat Program Development Training.

Internet of Things (IoT) (Elkridge, Maryland, USA, November 29, 2016) This cybergamut Technical Tuesday features Dr. Susan Cole, currently the Cybersecurity Lead for a Federal Information Systems Controls Audit Management (FISCAM) preparation team and also provides consulting support to small companies. The Internet of Things (IoT) is becoming more embedded in everyday life, often without people being aware. This talk centers on defining what IoT really is, discussing why it has exploded exponentially, and identifying challenges to future implementation of IoT, including security challenges.

CIFI Security Summit (Toronto, Ontario, Canada, November 30 - December 1, 2016) The Annual CIFI Security Summit takes place all over the world, Asia, Europe, Australia & North America. These summits are essential 2 day conferences and exhibitions bringing together leading security experts from around the globe to discuss Cyber Intelligence, Digital forensics, Cyber Security and Cyber Investigations. This is the only event of its kind that will run 4 simultaneous streams over 2 days in addition to case studies, demonstrations from global business leaders and a 30+ Exhibition.

AlienVault USM Webcast (Online, December 1, 2016) Host-based intrusion detection systems (HIDS), work by monitoring activity that is occurring internally on a host. HIDS look for unusual or nefarious activity by examining logs created by the operating system, looking for changes made to key system files, tracking installed software, and sometimes examining the network connections a host makes. AlienVault USM integrates HIDS with other key security controls to help you get the most out of host-based monitoring.

Cyber Threats Master Class (Turin, Italy, December 1 - 2, 2016) The UNICRI Masterclass on Cyber Threats aims to provide media and public relations professionals, as well as those planning a career in public information and communication, with a deeper understanding of new security threats to states and citizens. The focus of the course is on cyber threats, internet governance and the role of media. Application deadline is October 2, 2016.

Disrupt London (London, England, UK, December 3 - 6, 2016) TechCrunch Disrupt is the world’s leading authority in debuting revolutionary startups, introducing game-changing technologies, and discussing what’s top of mind for the tech industry’s key innovators. Disrupt gathers the best and brightest entrepreneurs, investors, hackers, and tech fans for on-stage interviews, the Startup Battlefield competition, a 24-hour Hackathon, Startup Alley, Hardware Alley, and After Parties.

US Department of Commerce Cyber Security Trade Mission to Turkey ( Ankara and Istanbul, Turkey, December 5 - 8, 2016) Now is the time to expand in Turkey! The growth and frequency of cyber-attacks in recent years has increased the demand to protect critical data and infrastructure of governments and businesses. Turkey is increasing resources in the public and private sectors to tackle these complex cyber threats. Apply now for this mission. Recruitment for the mission will begin immediately and conclude no later than September 16, 2016. The U.S. Department of Commerce will review applications and make selection decisions on a rolling basis beginning May 2, 2016 until the maximum of 20 participants is selected. Applications received after September 16, 2016 will be considered only if space and scheduling constraints permit.

NCCoE Speaker Series: Understanding, Detecting & Mitigating Insider Threats (Rockville, Maryland, USA, December 6, 2016) Insider threats are growing at an alarming rate, with medium-to-large company losses averaging over $4 million every year. Smaller businesses are at risk too, and it is estimated that in 2014, over half of all cyber attacks targeted companies with less than 1,000 employees. The majority of these breaches are caused accidentally by internal employees or contractors, which means that, whether their intent is malicious or not, people represent the greatest risk to a company's cyber security. Join us for the December 6th NCCoE Speaker Series and learn from the leading experts, including Mitre's Principal Behavioral Psychologist Dr. Deanna Caputo, how you can keep your business safe from these costly and preventable breaches.

Weaponizing Data Science for Social Engineering: Automated E2E Spear Phishing on Twitter (Elkridge, Maryland, USA, December 6, 2016) This cybergamut Technical Tuesday features ZeroFox data scientist John Seymour, who will present a recurrent neural network that learns to tweet phishing posts targeting specific users. Historically, machine learning for information security has prioritized defense: think intrusion detection systems, malware classification and botnet traffic identification. Offense can benefit from data just as well. Social networks, especially Twitter with its access to extensive personal data, bot-friendly API, colloquial syntax and prevalence of shortened links, are the perfect venues for spreading machine-generated malicious content.

Practical Privacy Series 2016 (Washingto, DC, USA, December 7 - 8, 2016) This year, the Practical Privacy Series will return to Washington, DC, with its rapid, intensive education that arms you with the knowledge you need to excel on the job. We’re programming some stunningly good sessions right now—we can’t wait to share them with you!

CISO Southern Cal (Los Angeles, California, USA, December 8, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations to operate smoothly, CISOs and IT security executives need to be ahead of the hackers, and kept abreast of the latest IT security topics and trends. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more

SANS Cyber Defense Initiative 2016 (Washington, DC, USA , December 10 - 17, 2016) Make plans to attend SANS Cyber Defense Initiative 2016 (CDI). SANS is the one educational organization known for developing the cybersecurity skills most in need right now. SANS Cyber Defense Initiative 2016 will feature courses in IT security, security management, IT audit, penetration testing, and computer forensics, including short courses that can be taken with a long course to enhance your training. Every course, evening talk, and special event is designed to equip you with cutting-edge knowledge and skills required to combat today's cyber criminals. SANS events offer you a unique opportunity to learn from the best cybersecurity teachers in the country. At SANS events you get the kind of hands-on, immersion training that you can put to work immediately

Privacy, Security and Trust: 14th Annual Conference (Auckland, New Zealand, December 12 - 14, 2016) This year’s international conference focuses on the three themes of Privacy, Security and Trust. It will provide a forum for global researchers to unveil their latest work in these areas and to show how this research can be used to enable innovation. The main aims of the conference are: To highlight the innovative research happening globally with three main themes: Privacy, Security and Trust. Academics from across the globe will come together to discuss solutions related to PST risks and to showcase the research methods that are able to minimise future cybercrime issues. To foster new ideas and conversation in order to reduce the amount of PST issues globally and to create enduring change in the behaviour and attitudes towards PST. To draw together PST practitioners, researchers, and government to showcase the latest PST research outputs and initiatives. We envisage that industry participants will implement the PST initiatives that are discussed and showcased at the conference into their practice.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.