The CyberWire Daily Briefing 11.29.16

Summary

By The CyberWire Staff

The head of Germany's foreign intelligence service, the Bundesnachrichtendienst (BND), joins warnings of a Russian cyber threat to next year's elections.

More accounts of how US intelligence targeted ISIS information operators, and a young Syrian continues to survive and tweet under the Assad regime's bombardment of Aleppo. ISIS has not yet claimed responsibility for the knife-rampage at Ohio State University yesterday, but the Caliphate's sympathizers have begun lionizing the late alleged attacker as a "brother."

Deutsche Telekom, recovering from Sunday's DDoS attack by an evolved version of the Mirai botnet, issues a router firmware upgrade to mitigate the exploited vulnerability. The router flaw, also implicated in last week's attack against Eircom, leaves Internet port 7547 open to external connections. That port is then used to send commands based on TR-069 and TR-064 protocols.

San Francisco's Municipal Transport Agency resumes normal service after a ransomware attack on payment and scheduling terminals. They did not pay the ransom, and so far have suffered none of the threatened consequences. KrebsOnSecurity reports a security researcher hacked the attacker's mailbox and found links suggesting connections to other ransomware attacks. Signs point toward a Southwest Asian hacker, but no firm attribution, yet.

Old news persists: WikiLeaks releases Carter Administration diplomatic cables from 1979, former Secretary of State Clinton faces continued civil litigation over emails, and prospective Secretary of State Petraeus remains under investigation for his own security breaches.

xHamster user accounts are appearing on the dark web. Don't say John McAfee didn't warn you years ago.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, China, European Union, France, Germany, India, Iraq, Japan, Republic of Korea, Russia, Syria, United Kingdom, United States

On the Podcast

The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we hear from our partners at Level 3, as Dale Drew talks about protecting critical infrastructure. If you enjoy the podcast, we invite you to please consider giving it an iTunes review.

Sponsored Events

AlienVault USM Webcast (Live Webcast, December 1, 2016) Find threats lurking on your systems with host-based intrusion detection and AlienVault USM.

NCCoE Speaker Series: Understanding, Detecting & Mitigating Insider Threats (Rockville MD, USA, December 6, 2016) Your employees could be your biggest cybersecurity risk. Join us to learn more.

Selected Reading

Cyber Trends

The future of conflict is in cyberspace (Raconteur) Suspected state-sponsored attacks have triggered an international cyber arms race aimed at repelling and even retaliating if secrets are stolen or online infrastructure targeted, threatening to paralyse critical systems

2016 Pre-Holiday Retail Cyber Risk Report (Bay Dynamics) You would expect cyber security to be a number one issue on retailers’ minds, particularly during the holiday season, due to a confluence of factors

The Surprising Reason Why You Keep Getting Hacked (NBC News) Cyber Monday is upon us — and one in four shoppers will get hacked this holiday season. If it's already happened to you, the chances are that it will happen again. That's because many people still aren't motivated to protect their personal information, according to one new survey

What will the data breach landscape look like in 2017? (Help Net Security) While many companies have data breach preparedness on their radar, it takes constant vigilance to stay ahead of emerging threats and increasingly sophisticated cybercriminals, according to Experian Data Breach Resolution

McAfee Labs predicts 14 security developments for 2017 (Help Net Security) Intel Security released its McAfee Labs 2017 Threats Predictions Report, which identifies 14 threat trends to watch in 2017

What parents don't get about cyberbullying (Christian Science Monitor Passcode) In his new book about kids and digital safety, Nathan Fisk argues that efforts to thwart cyberbullying shouldn't stop young people from participating in online communities where they can figure out the right ways – and wrong ways – to communicate

Legislation, Policy and Regulation

House of Commons passes Digital Economy Bill (Computing) Bill to block pornographic websites and "other material" to be debated in the House of Lords

The UK Is About to Legalize Mass Surveillance (Motherboard) On Tuesday, the UK is due to pass its controversial new surveillance law, the Investigatory Powers Act, according to the Home Office

100k+ petition: MPs must consider debating Snoopers' Charter again (Register) Brexit means Brex... hang on, you want to store... WTF?

Here are the companies that could join China’s Orwellian behavior grading scheme (Venture Beat) A year after China’s central government proposed a far-sweeping social credit system to turn citizens’ mundane online activities into a record of creditworthiness, local governments are beginning to compile records in the system critics dismiss as Orwellian

Feds provide legal loophole to hacking IoT devices (CSO) Federal regulators have approved exemptions to existing copyright law that allow independent researchers to hack into the software of most Internet of Things devices. But there are strict limitations on it, and the exemptions only last for two years

Fight Over FBI Hacking Powers Comes Down to the Wire (NextGov) A top Justice Department official pushed back Monday against critics of an FBI hacking powers expansion set to take effect Thursday, saying the critics are confusing substantive issues with procedural ones

DHS Wants New Facial Recognition Cameras in Airports (NextGov) The Homeland Security Department wants to install more cameras for facial recognition in airports

NDAA to Create New Pentagon Chief Innovator Job, Keep AT&L in Compromise (Defense News) Instead of blowing up the Pentagon chief weapons buyer’s office, lawmakers will consider renaming it and creating a new chief technology officer charged with advancing technology and innovation

Double, triple wait times at OPM to complete background investigations (Federal News Radio) If it seems like the wait for your security clearance is endless, that’s because it is — or at least twice as long as it should take, according to goals set by the Office of Personnel Management (OPM)

Anonymous Hackers Want McAfee to Be Trump’s Security Adviser, Call for March (Softpedia) Website calls for demonstration at Trump Tower on December 5

Products, Services, and Solutions

Microchip reverse engineering and security expert Texplained launches new laboratory (Texplained) New lab enables French start-up to conduct market-leading analyses of microchip security

FireEye Announces Helix -- the First Intelligence-led Platform to Simplify, Integrate, and Automate Security Operations (FireEye) Accelerates response with automation and orchestration powered by machine-learning and behavioral analysis based detection from FireEye MVX plus FireEye iSIGHT Intelligence. Delivered via public or private cloud, or on premise, to integrate and prioritize every alert in customer environments within a simple user interface

APTEC Expands Identity and Access Management Capabilities with One Identity Partnership (APTEC) APTEC provides full lifecycle implementation and integration for One Identity customers, maximizing performance and return on investment for IAM deployments

Cymmetria Offers $1M Warranty To Make Cybersecurity More Accountable (Tom's Hardware) Cymmetria announced that it will offer a $1 million warranty to businesses damaged by attacks that its "cyber deception solution" doesn't catch

6 Free and Open Source Security Tools (PC Quest) There are thousands of open source security tools with both defensive and offensive security capabilities. The following are essential security tools that will help you to secure your systems and networks

Sophos scoops two awards for security excellence (Sophos) The inaugural 2016 Security Excellence Awards by UK magazine Computing saw Sophos collect two industry prizes last night: SafeGuard 8 took the Data Encryption Award and Sophos XG Firewall won the Firewall Solution and UTM Award

Gemalto broadens PKI portfolio (Security Document World) Gemalto has announced that its Public Key Infrastructure (PKI) portfolio now includes solutions for qualified electronic signatures that enable compliance with the new EU and EFTA-wide eIDAS (Electronic Identification and Services) regulation

Raytheon offers the only interoperable electronic warfare planning and management tool (PRNewswire) Cyber and electromagnetic battle management tool fits neatly into existing EW platforms

CyberArk taps power of behavioral analytics to block threats (Security Asia) CyberArk has announced new behavioral analytics to block and contain advanced threats targeting credential theft at the endpoint. CyberArk Viewfinity, with enhanced threat protection features, is now available as CyberArk Endpoint Privilege Manager

Trend Micro to Offer Deep Security as a Service on AWS Marketplace (BusinessWire) Enables organizations to easily secure cloud workloads and pay through their AWS bill

Malware cleaning centre to start in a month (The Hindu) The cyber security market is expected to be around $35 billion with a requirement of one million cyber security experts

Jolla’s Sailfish OS now certified as Russian government’s first ‘Android alternative’ (TechCrunch) The future for one of the few remaining alternative mobile OS platforms, Jolla’s Sailfish OS, looks to be taking clearer shape. Today the Finnish company which develops and maintains the core code, with the aim of licensing it to others, announced Sailfish has achieved domestic certification in Russia for government and corporate use

Technologies, Techniques, and Standards

Cisco Extends Security Flaw Responsible Disclosure Timelines (eWeek) While some security experts advocate for faster security disclosure, Cisco's Talos research group is extending its disclosure timeline from 60 to 90 days

Your computer has been locked Screenlocker Removal Guide (Bleeping Computer) The Your computer has been locked screen locker is a Trojan that displays a fake security screen stating that the computer has been locked because viruses were detected. It then tells you to contact a Microsoft technician to get a an unlock code to unlock it. Once you enter the correct code, the screen will unlock and another screen will be displayed that contains instructions on how to remove the Trojan

How do you move petabytes of data out of Europe? With a van (Computing) IT leaders discuss strategies to move large volumes of data out of Europe following the Brexit vote

Five step approach to address data breaches, increase online trust (Help Net Security) The Internet Society has released the findings from its 2016 Global Internet Report in which 59 percent of users admit they would likely not do business with a company which had suffered a data breach. Highlighting the extent of the data breach problem, the report makes key recommendations for building user trust in the online environment, stating that more needs to be done to protect online personal information

DHS helps you make your control systems more secure (CSO) After a zero-day exploit to the maritime transportation sector, DHS's National Cybersecurity and Communications Integration Center notified potentially affected U.S. ports about the threat. They described the apparent vulnerability and provided preliminary mitigation measures

FBI offers some poor password advice for online shoppers (Graham Cluley) # 1, 2, 3, 4. / Password advice is really poor #

Marketplace

GDPR: More concern for marketing, or IT? (Computing) Who will be responsible for all the data?

Security budgets continue to grow, but is it enough? (CSO) Cybersecurity is now a top concern for businesses, but the reality is that it should have been on their radar years ago. Why did businesses wait so long to invest in cybersecurity?

Hiring the hidden gems: Should InfoSec hire from other industries? (CSO) The InfoSec market is predicted to grow from $75 billion in 2015 to $170 billion by 2020, but – like any child star – it finds itself struggling with growing pains

Cybersecurity Stocks: What to Watch in 2017 (Motley Fool) How will aggressive cyberattacks, higher enterprise spending, and market consolidation affect the cybersecurity sector next year?

BT ordered to legally split from Openreach by Ofcom (BBC) Telecoms regulator Ofcom has ordered BT to legally separate from its Openreach division, which runs the UK's broadband infrastructure

Samsung May Split in Two, Report (Computing) Samsung Electronics has said it is considering splitting in two, after political and governance scandals and the recall of Note 7 devices have led to renewed pressure from investors

L-3 Communications Acquires MacDonald Humfrey Automation (Nasdaq) Defense contractor L-3 Communications Holdings Inc. on Tuesday said it acquired MacDonald Humfrey Automation Ltd. for about £ 224 million ($280 million), beefing up its position in the global aviation-security market

Q&A: SonicWall CEO Talks Rise Of Ransomware, IoT (Dark Reading) Bill Conner discusses security risks at top of mind as the newly appointed leader of SonicWall, a company becoming independent for the second time

NC4 to buy cyber threat intelligence company, Soltra, from FS-ISAC, DTCC (PRNewswire) Combined capabilities will provide enhanced defense against cyber-attacks in financial services and other industries

Palo Alto Networks - It Is Time To Dip Your Toes Back In (Seeking Alpha) Data security is still a secular growth story. PANW has the broadest product platform in the industry. Some Point Solution and legacy providers are struggling to compete with PANW. PANW trades at a discount to peers based on FCF

Palo Alto Networks, Inc. Delivers a Deceivingly Good Quarter (Motley Fool) The network security company came in light on revenue and guidance, but not for the reasons you might think

Russian security services deny interest in buying Western software vulnerabilities (SC Magazine) Russia's First Exchange, which specialises in the sale of vulnerabilities in popular software such as Adobe Flash, Windows, Tor, and iOS, is growing in popularity among special services and experts in the field of cyber-security

IRS hires ‘white-hat’ hackers to help protect IT systems (Federal News Radio) The IRS is employing a “white hat” approach to improve its cybersecurity. The IRS awarded Synack Government a $2 million contract to provide penetration testing by ethical hackers or researchers with no knowledge of IRS systems

Brocade aims to expand DevOps by collaborating with startups (Deccan Herald) Storage and networking solutions provider Brocade Communications Systems aims to tap more business with DevOps (Development and IT Operations) by partnering with more startups

The InfraGard National Members Alliance (INMA) Announces New Officers and Members of the Board of Directors (Satellite Press Releases) InfraGard National Members Alliance (INMA) has announced that the 2015-2016 election cycle resulted in the following individuals being named to the Board of Directors and as Officers

Balabit Boosts Leadership Team to Drive Global Growth (Yahoo!) Balabit, a leading provider of contextual security technologies, has announced two appointments to its Senior Executive team with the addition of Peter O' Neill as Senior Vice President of Worldwide Sales and Matthew Ravden in the position of VP and Chief Marketing Officer. The new appointments are part of Balabit's major plans for international expansion. In the last 18 months Balabit has opened offices in the UK (London) and the US (New York), and the US market is already the company's fastest growing region

Rapid7 Appoints Jeff Kalowski as Chief Financial Officer (Yahoo! Finance) Rapid7, Inc. (RPD), a leading provider of data analytics solutions for IT and security professionals, today announced the appointment of Jeff Kalowski as the Company’s chief financial officer (CFO), effective January 9, 2017

Research and Development

Security body plans malware research centre in city (Times of India) Cyber security is now a national concern and the next world war would be fought in cyberspace without shedding a drop of blood, said IT minister K T Rama Rao, speaking at the second edition of the cyber security conclave that began on Tuesday

DOT seeks proposals for Automated Vehicle Technology “Proving Grounds” (US Department of Transportation) Posted by Secretary of Transportation Anthony Foxx: Today I am announcing the launch of a new Automation Proving Ground Pilot Program. Through this program, the Department will designate facilities as qualified proving grounds for the safe testing, demonstration and deployment of automated vehicle technology. We believe that by designating facilities as part of a Community of Practice, we can foster a safe environment for these entities to share best practices related to testing and developing this technology

Security Patches, Mitigations, and Software Updates

Firmware zum Speedport W 921V (Deutsche Telekom) Derzeit kommt es zu Problemen an Telekom-Anschlüssen. Wir arbeiten an der Behebung der Ursache. Einen Zeitpunkt für die Behebung der Störung können wir derzeit noch nicht nennen. Internet, Telefonie und Fernsehen sind davon betroffen

Port 7547 SOAP Remote Code Execution Attack Against DSL Modems (SANS Internet Storm Center) German Telekom is now offering a firmware update for the affected routers... Affected user are advised to power off their router and power it on again after 30 seconds. During bootup the router should retrieve the new firmware from the Telekom servers

PayPal Fixes OAuth Token Leaking Vulnerability (Threatpost) PayPal fixed an issue that could have allowed an attacker to hijack OAuth tokens associated with any PayPal OAuth application

Cyber Attacks, Threats, and Vulnerabilities

Spy Chief Adds to Warnings of Russian Cyber Attacks on Germany (New York Times) Germany's spy chief warned that Russian hackers may target next year's German election with campaigns of misinformation that could undermine the democratic process, echoing concerns voiced by the country's domestic intelligence director

Japan Denies Report of ‘State-Backed’ Cyber Attack on Military (Bloomberg) Japan’s Defense Ministry on Monday denied a report that a military computer network had suffered a high-level cyber attack in September, possibly involving a state actor

ISIS's second-in-command hid in Syria for months. The day he stepped out, the US was waiting. (Washington Post) For a man given to fiery rhetoric and long-winded sermons, Abu Muhammad al-Adnani became oddly quiet during his last summer as the chief spokesman for the Islamic State

Syrian Girl With Viral Twitter Account Narrowly Survives Bombing: ‘I Almost Died’ (Time) "Tonight we have no house." A young Syrian girl with a viral Twitter account narrowly escaped death on Sunday after her house was bombed in rebel-held eastern Aleppo

‘ISIS’ Refers to Ohio Attacker Abdul Razak Ali Artan as ‘Brother’ (Heavy) Islamic State terrorist channels have been begun to praise 18-year-old Abdul Razak Ali Artan, the Somali refugee behind the terrorist attack today at Ohio State University. However, while the Islamic State sympathizers praise Artan, there is no official claim of credit yet

Accused Ohio State attacker reportedly posted rant online (USA Today) An Ohio State University student has been identified as the suspect behind the gruesome attack Monday on the school's campus

WikiLeaks releases thousands of diplomatic cables (The Hill) WikiLeaks on Monday released more than 500,000 diplomatic cables from President Jimmy Carter’s administration

Hackers suspected as 900,000 hit by internet outage (The Local (de)) Update: German Telekom is now looking into evidence of a hacker attack after 900,000 internet, phone and television clients were hit by a massive outage starting on Sunday and going into Monday

German telecom giant Deutsche Telekom has confirmed that the connectivity problems some 900,000 of its customers experienced on Sunday are the result of a hack attempt (Help Net Security) German telecom giant Deutsche Telekom has confirmed that the connectivity problems some 900,000 of its customers experienced on Sunday are the result of a hack attempt

Information zu aktuellen Beeinträchtigungen (Telekom) Update: Weltweit findet nach unseren Erkenntnissen derzeit ein Angriff auf Fernwartungsschnittstellen statt. Das sieht auch das Bundesamt für Sicherheit in der Informationstechnologie so

Newly discovered router flaw being hammered by in-the-wild attacks (Ars Technica) Researchers detect barrage of exploits targeting potentially millions of devices

Upgraded Mirai botnet disrupts Deutsche Telekom by infecting routers (CSO) Hackers have updated the Mirai malware to infect more devices, according to a security researcher

2016's 7 Worst DDoS Attacks So Far (Dark Reading) Rise of booter and stresser services, mostly run on IoT botnets, is fueling DDoS excitement (but the pros aren't impressed)

SF MUNI starts to restore systems, says no data compromised during attack (CSO) SFMTA spokesperson calls attacker’s bluff, and says teams are working to restore everything

San Francisco Subway Hackers Now Threaten to Publicly Dump Data (Motherboard) Over the weekend, riders of San Francisco's municipal transit system (Muni) were allowed to travel for free because hackers had infected subway computers with ransomware. According to CSO Online, the attackers have demanded some $73,000 worth of bitcoin

Hackers Make New Claim in San Francisco Transit Ransomware Attack (Threatpost) The San Francisco Municipal Transport Agency said by Sunday it had contained a ransomware attack that occurred Friday which impacted its internal computer and payment systems. The public transit system is facing new, unsubstantiated claims on Monday however that the group responsible for launching the attack is holding hostage 30GB of the agency’s data

San Francisco Rail System Hacker Hacked (KrebsOnSecurity) The San Francisco Municipal Transportation Agency (SFMTA) was hit with a ransomware attack on Friday, causing fare station terminals to carry the message, “You Hacked. ALL Data Encrypted.” Turns out, the miscreant behind this extortion attempt got hacked himself this past weekend, revealing details about other victims as well as tantalizing clues about his identity and location

San Francisco Transit Agency Earns Praise For Denying Ransom Request (Dark Reading) Despite being forced to give out free rides all weekend, metropolitan transportation authority declines to pay the ransomware operators who locked down ticketing systems

Hackers threaten to leak bank customers' account info unless they pay up (Graham Cluley) This isn’t your ordinary bank account compromise

No, I won't help you blackmail the company you just hacked (Graham Cluley) When extortionists use the media to earn their cash

The Chrome extension that “Firesheeps” you by choice (Naked Security) A Naked Security reader just drew our attention to a recently released extension in the Chrome Web Store called AccessURL that is being talked about positively on mailing lists and online lifestyle websites

Web and mobile apps often hide complex maze of insecure connections (Qualys News) To stay secure, organizations must gain control and visibility over their app landscape

Spammers Bombard iCloud Users With New Deluge (Infosecurity Magazine) Government-backed awareness raising organization, Get Safe Online, has issued new guidance for users bombarded with iCloud calendar and photos sharing spam

380,000 xHamster Account Details Traded on Digital Underground (Infosecurity Magazine) User account details belonging to hundreds of thousands of users of porn website xHamster are being traded on the digital underground

Cyber crims targeting Aussie companies with Microsoft OneDrive accounts (IT Brief) Cyber-criminals are using compromised Microsoft 365 ‘OneDrive for Business’ accounts to spread malware throughout Australian companies

Cryptography professor warns about Android security, says some of it is six years behind the iPhone (Phone Arena) We are constantly barraged with sensationalist headlines of the "millions of Android phones are under threat" type that inform about this and that malware or security lapse that is usually pretty easy to avoid if you install decent apps from legit sources

How a Grad Student Found Spyware that Could Control Anybody's iPhone from Anywhere in the World (Vanity Fair) Last summer, Bill Marczak stumbled across a program that could spy on your iPhone’s contact list and messages—and even record your calls. Illuminating shadowy firms that sell spyware to corrupt governments across the globe, Marczak’s story reveals the new arena of cyber-warfare

What is spyware? How secret programs can see into your iPhone and record your calls. (Tech.Mic) Smartphones are an extension of one's personal life, so it's terrifying to think that someone else could have access to all of the information we keep there. Many people store photos, conversations, banking details and other private information on their smartphone

Deloitte and MAPI study: Connected industrial control systems expose manufacturers to cyber threats (Modern Materials Handling) Study identifies leading practices to address emerging risks and make their companies more secure

Pwning WordPress with Cross-Site Scripting (Securify) Last July we organized the Summer of Pwnage, which resulted in 118 security findings in WordPress Core and Plugins. By far the most found vulnerability is Cross-Site Scripting, 66% of the findings fall into this category. When targeting a WordPress Administrator, Cross-Site Scripting can result in a full compromise of the WordPress site. In this blog I'll describe one method to achieve this

About 28% WiFi hotspots globally are insecure: Kaspersky Lab (Indian Express) According to Kaspersky Security Network, 25 per cent of the world’s Wi-Fi networks have no encryption or password protection

CybersecurityStudy 2016:Outside Wi-Fi (University of Phoenix) US adults who use Wi-Fi outside the home or workplace (“rogue Wi-Fi” users) are more likely to place a greater level of trust in secured networks than unsecured

Vera Bradley Taking Action to Address Potential Data Breach Involving Payment Cards at Stores (Business Daily Leader) Vera Bradley (VRA) said it is investigating a potential security breach involving customer data at its retail stores over the summer

Academia

University to help plug cyber security skills gap (In the Bay) An initiative from Lancaster University and US defence contractor Raytheon to develop cyber skills has been given the go ahead

Litigation, Investigation, and Enforcement

Washington Post Disgracefully Promotes a McCarthyite Blacklist From a New, Hidden, and Very Shady Group (Intercept) The Washington Post on Thursday night promoted the claims of a new, shadowy organization that smears dozens of U.S. news sites that are critical of U.S. foreign policy as being “routine peddlers of Russian propaganda.” The article by reporter Craig Timberg — headlined “Russian propaganda effort helped spread ‘fake news’ during election, experts say” — cites a report by an anonymous website calling itself PropOrNot, which claims that millions of Americans have been deceived this year in a massive Russian “misinformation campaign”

The Kremlin Didn’t Sink Hillary—Obama Did (Observer) Democratic panic about Russian disinformation neglects to mention that it was the White House that refused to stop it

Concern over FBI operation to catch users of darkweb site (Naked Security) Users of the darkweb sometimes do dark things and law enforcement is constantly searching for new ways to catch them

U.S. investigating leak related to Petraeus case (Military Times) The Defense Department is conducting a new leaks investigation related to the sex scandal that led to the resignation of former CIA Director David Petraeus, The Associated Press confirmed Monday, the same day Petraeus was meeting with President-elect Donald Trump in New York

State contender Petraeus knowingly leaked secrets to biographer, lied to FBI (USA Today) Retired Army General David Petraeus, who stepped down as CIA chief amid the scandal of an extramarital affair and pleaded guilty to divulging classified information, has emerged as a top contender as secretary of State in the incoming Trump administration

Hillary Clinton’s email woes persist after election: ‘Nothing has been settled’ (Washington Times) They won’t now complicate a Hillary Clinton presidency, but the emails from her time in the State Department will still trickle out over the next months as the administration tries to clean up the mess Mrs. Clinton left

Wisconsin to recount US presidential election vote after hack concerns (CSO) Security experts have said that the voting machines could be hacked

Europol Takes Thousands of Piracy and Fraud Sites Offline (Infosecurity Magazine) Europol has cracked down on online piracy and counterfeit sites, taking more than 4,500 domain names offline

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

Infosecurity Magazine Conference (Boston, Massachusetts, USA, December 6 - 7, 2016) Bringing together 100+ information security end-users, analysts, policy-makers, vendors and service providers, the meeting connects the information security community providing actionable information, practical case studies and strategic and tactical insight

upcoming Events

Cyberspies: The Secret History of Surveillance, Hacking, and Digital Espionage (Washington, DC, USA, November 29, 2016) From Bletchley Park to cyber-attacks in the 21st century, the computer was born to spy. Gordon Corera, BBC News Security Correspondent and author of Cyberspies, will trace the previously untold and highly classified story of the melding of technology and espionage from its beginning. He’ll overview how the World War II birth of electronic espionage in Britain transitioned into Cold War-era spy hunting which morphed into the data-driven pursuit of terrorists and has grown into industrial-scale cyber-espionage against countries and corporations in the 21st century. Drawing on unique access to Western intelligence agencies, on-the-ground reporting from China, and insights into the most powerful technology companies, Corera has compelling stories to share from heads of state, hackers, and spies of all stripes. This evening will offer a first-hand exploration of the new space in which the worlds of espionage, geopolitics, diplomacy, international business, science, and technology collide.

Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, August 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained over one hundred fifty organizations and has become the "go-to company" for Insider Threat Program Development Training.

Internet of Things (IoT) (Elkridge, Maryland, USA, November 29, 2016) This cybergamut Technical Tuesday features Dr. Susan Cole, currently the Cybersecurity Lead for a Federal Information Systems Controls Audit Management (FISCAM) preparation team and also provides consulting support to small companies. The Internet of Things (IoT) is becoming more embedded in everyday life, often without people being aware. This talk centers on defining what IoT really is, discussing why it has exploded exponentially, and identifying challenges to future implementation of IoT, including security challenges.

CIFI Security Summit (Toronto, Ontario, Canada, November 30 - December 1, 2016) The Annual CIFI Security Summit takes place all over the world, Asia, Europe, Australia & North America. These summits are essential 2 day conferences and exhibitions bringing together leading security experts from around the globe to discuss Cyber Intelligence, Digital forensics, Cyber Security and Cyber Investigations. This is the only event of its kind that will run 4 simultaneous streams over 2 days in addition to case studies, demonstrations from global business leaders and a 30+ Exhibition.

AlienVault USM Webcast (Online, December 1, 2016) Host-based intrusion detection systems (HIDS), work by monitoring activity that is occurring internally on a host. HIDS look for unusual or nefarious activity by examining logs created by the operating system, looking for changes made to key system files, tracking installed software, and sometimes examining the network connections a host makes. AlienVault USM integrates HIDS with other key security controls to help you get the most out of host-based monitoring.

Cyber Threats Master Class (Turin, Italy, December 1 - 2, 2016) The UNICRI Masterclass on Cyber Threats aims to provide media and public relations professionals, as well as those planning a career in public information and communication, with a deeper understanding of new security threats to states and citizens. The focus of the course is on cyber threats, internet governance and the role of media. Application deadline is October 2, 2016.

Disrupt London (London, England, UK, December 3 - 6, 2016) TechCrunch Disrupt is the world’s leading authority in debuting revolutionary startups, introducing game-changing technologies, and discussing what’s top of mind for the tech industry’s key innovators. Disrupt gathers the best and brightest entrepreneurs, investors, hackers, and tech fans for on-stage interviews, the Startup Battlefield competition, a 24-hour Hackathon, Startup Alley, Hardware Alley, and After Parties.

US Department of Commerce Cyber Security Trade Mission to Turkey ( Ankara and Istanbul, Turkey, December 5 - 8, 2016) Now is the time to expand in Turkey! The growth and frequency of cyber-attacks in recent years has increased the demand to protect critical data and infrastructure of governments and businesses. Turkey is increasing resources in the public and private sectors to tackle these complex cyber threats. Apply now for this mission. Recruitment for the mission will begin immediately and conclude no later than September 16, 2016. The U.S. Department of Commerce will review applications and make selection decisions on a rolling basis beginning May 2, 2016 until the maximum of 20 participants is selected. Applications received after September 16, 2016 will be considered only if space and scheduling constraints permit.

NCCoE Speaker Series: Understanding, Detecting & Mitigating Insider Threats (Rockville, Maryland, USA, December 6, 2016) Insider threats are growing at an alarming rate, with medium-to-large company losses averaging over $4 million every year. Smaller businesses are at risk too, and it is estimated that in 2014, over half of all cyber attacks targeted companies with less than 1,000 employees. The majority of these breaches are caused accidentally by internal employees or contractors, which means that, whether their intent is malicious or not, people represent the greatest risk to a company's cyber security. Join us for the December 6th NCCoE Speaker Series and learn from the leading experts, including Mitre's Principal Behavioral Psychologist Dr. Deanna Caputo, how you can keep your business safe from these costly and preventable breaches.

Weaponizing Data Science for Social Engineering: Automated E2E Spear Phishing on Twitter (Elkridge, Maryland, USA, December 6, 2016) This cybergamut Technical Tuesday features ZeroFox data scientist John Seymour, who will present a recurrent neural network that learns to tweet phishing posts targeting specific users. Historically, machine learning for information security has prioritized defense: think intrusion detection systems, malware classification and botnet traffic identification. Offense can benefit from data just as well. Social networks, especially Twitter with its access to extensive personal data, bot-friendly API, colloquial syntax and prevalence of shortened links, are the perfect venues for spreading machine-generated malicious content.

Practical Privacy Series 2016 (Washingto, DC, USA, December 7 - 8, 2016) This year, the Practical Privacy Series will return to Washington, DC, with its rapid, intensive education that arms you with the knowledge you need to excel on the job. We’re programming some stunningly good sessions right now—we can’t wait to share them with you!

CISO Southern Cal (Los Angeles, California, USA, December 8, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations to operate smoothly, CISOs and IT security executives need to be ahead of the hackers, and kept abreast of the latest IT security topics and trends. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more

SANS Cyber Defense Initiative 2016 (Washington, DC, USA , December 10 - 17, 2016) Make plans to attend SANS Cyber Defense Initiative 2016 (CDI). SANS is the one educational organization known for developing the cybersecurity skills most in need right now. SANS Cyber Defense Initiative 2016 will feature courses in IT security, security management, IT audit, penetration testing, and computer forensics, including short courses that can be taken with a long course to enhance your training. Every course, evening talk, and special event is designed to equip you with cutting-edge knowledge and skills required to combat today's cyber criminals. SANS events offer you a unique opportunity to learn from the best cybersecurity teachers in the country. At SANS events you get the kind of hands-on, immersion training that you can put to work immediately

Privacy, Security and Trust: 14th Annual Conference (Auckland, New Zealand, December 12 - 14, 2016) This year’s international conference focuses on the three themes of Privacy, Security and Trust. It will provide a forum for global researchers to unveil their latest work in these areas and to show how this research can be used to enable innovation. The main aims of the conference are: To highlight the innovative research happening globally with three main themes: Privacy, Security and Trust. Academics from across the globe will come together to discuss solutions related to PST risks and to showcase the research methods that are able to minimise future cybercrime issues. To foster new ideas and conversation in order to reduce the amount of PST issues globally and to create enduring change in the behaviour and attitudes towards PST. To draw together PST practitioners, researchers, and government to showcase the latest PST research outputs and initiatives. We envisage that industry participants will implement the PST initiatives that are discussed and showcased at the conference into their practice.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.