The CyberWire Daily Briefing 5.26.17

Special Section

the 2017 Cyber Investing Summit

We conclude our coverage of the second annual Cyber Investing Summit with today's issue. Our stories include notes on pitches by four young innovative companies. We also summarize advice from investors and major customers. Cybersecurity startups, those experts said, would do well to see their early stage investors at least as much as a source of advice as a source of capital. And when you're pitching to a customer, go in after you've come to some understanding of the problems the customer faces, and be prepared to show what you can do about those problems. Finally, look to your references. A warm introduction from a well-informed and satisfied customer does more to cut through the noise of cold calls and pitches than anything else you can bring with you.

Summary

By The CyberWire Staff

Influence operations targeting the elections in France and the US centered on leaked emails. Some are reckoned to have been damaging (those affecting the US Democratic National Committee) others to have have had negligible effect (emails taken from En Marche in France). But in these cases there was little suggestion that the stolen emails had been altered to render them more damaging.

That may not hold true in future operations. A study by the University of Toronto's Citizen Lab finds leaked emails belonging to a Russian journalist and critic of the government were doctored to discredit the opposition. Their investigation also led them to a large phishing campaign against more than two-hundred high-profile targets in thirty-nine countries. Citizen Lab is reticent about attribution, but says there's "clear overlap" between what they're seeing and evidence others have presented concerning "Russian-affiliated threat actors."

Reuters reports that hackers acting apparently on behalf of the government of Vietnam are attacking Philippine targets. The larger issue is the dispute over sovereign rights in the South China Sea.

A worm that exploited EternalRocks vulnerabilities, and that seemed to be quietly staging future attacks, may have been pulled by its creators, according to researchers at Croatia's CERT. Good news, maybe, but crying victory would be premature.

Flashpoint linguists think the authors of WannaCry spoke Chinese and English. They point out that this doesn't constitute attribution, and isn't inconsistent with Symantec's linkage of the ransomware campaign to North Korea.

Bogus WannaCry remedies are in the PlayStore. Don't bite.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, China, Czech Republic, European Union, France, Democratic Peoples Republic of Korea, New Zealand, Nigeria, Philippines, Russia, Syria, United Kingdom, United States, and and Vietnam.

A note to our readers: we'll be observing Memorial Day this coming Monday, and won't publish either our Daily News Briefing or Daily Podcast. Wherever you may be, join us in sparing a thought for those anywhere who've served and sacrificed with honor.

Podcast Summary

In today's podcast, we hear from our partners at Accenture Labs, as Malek Ben Salem discusses self-sustaining enterprises. Our guest is Dinah Davis, founder of Code Like a Girl.

New York City: wrapping up the Second Annual Cyber Investing Summit

Pitches: Innovation from Young Companies (The CyberWire) In a crowded market, how can you put innovation in front of prospective customers and investors? Four young companies making a name for themselves address the 2017 Cyber Investing Summit.

Investors and Customers: What they're looking for in cybersecurity vendor (The CyberWire) There was a consensus at the Summit that cybersecurity is fundamentally an exercise in risk management. The sector remains relatively young, and the sorts of actuarial data, well-established best practices, and regulatory systems that have shaped risk management in other areas are still emerging.Early stage investors help start-ups, the venture capitalists at the Summit believed, with close engagement and advice, particularly in matters affecting management and communication. If a start-up wonders what value these investors bring, they should think of expertise and guidance as much as they think of capital. An interesting trend noted by DataTribe's Mike Janke: the big investment firms have consolidated their investments, which has pushed them out of the A round. That's left the early stages to the angels and the incubators.

Cyber Attacks, Threats, and Vulnerabilities

Russian Hackers Are Using ‘Tainted’ Leaks to Sow Disinformation (WIRED) A group of security researchers present the most systematic analysis yet showing Russian hackers mix fakes in with their hacked revelations.

E-mails phished from Russian critic were “tainted” before being leaked (Ars Technica) Campaign targeting more than 200 people also spread disinformation, report says.

Tainted Leaks: Disinformation and Phishing With a Russian Nexus - The Citizen Lab (The Citizen Lab) Documents stolen from a prominent journalist and critic of the Russian government were manipulated and then released as a “leak” to discredit domestic and foreign critics of the government. We call this technique “tainted leaks.”

In Modern Cyber War, the Spies Can Become Targets, Too (Wall Street Journal) Over the past eight months, a mysterious hacking group released what it says are National Security Agency computer-espionage secrets. Former intelligence officials now fear the hackers are taking a new tack: exposing the identities of the NSA computer-hacking team.

Florida GOP consultant admits he worked with Guccifer 2.0, analyzing hacked data (Ars Technica) Voting models and other leaked data were “worth millions,” consultant told Guccifer 2.0.

Vietnam-linked hackers likely targeting Philippines over South China Sea dispute: FireEye (Reuters) Hackers linked with Vietnam's government are likely targeting Philippine state agencies to gather intelligence related to the maritime dispute in the South China Sea, cybersecurity company FireEye (FEYE.O) said on Thursday.

An Up-Close View of the Notorious APT32 Hacking Group in Action (WIRED) Cybersecurity company Cybereason has shared new details about how one of the world's most mysterious hacking groups operates.

Author shuts down EternalRocks worm that could have out-damaged WannaCry (Computing) The developer of a worm using four different NSA exploits to spread has thrown in the towel.

Forget North Korea's Nuclear Arsenal. Its Chemical and Cyber Weapons Are Already a Threat. (The National Interest) Pyongyang’s VX attack and cyber hijinks suggests a regime bent on acquiring multiple weapons of mass disruption and destruction.

WannaCry Ransom Note Written by Chinese, English Speaking Authors (Threatpost) A linguistics analysis of the 28 ransom notes included with WannaCry indicate that native Chinese and English speakers wrote the original note, Flashpoint said.

WannaCry Ransom Notes Penned by Chinese-Speaking Authors, Analysis Shows (Dark Reading) But a Chinese-language link doesn't shoot down theories of the North Korean Lazarus Group's involvement in the ransomware worm attacks, say language experts at Flashpoint.

Symantec's claims that North Korea is behind WannaCry ransomware blasted as 'distracting' (Inquirer) ICIT claims connection is 'premature and not wholly convincing',Security ,Symantec,ransomware,wannacry,north korea,Hacking

Symantec cites links between WannaCry ransomware and Lazurus, but ICIT calls report a 'distraction' (Healthcare IT News) The security firm stressed the connection to North Korea-linked hackers was purely technical, but there were substantial commonalities in the tools, infrastructure and techniques used.

WannaCry Gives Consumers a First Look into Ransomware (Dark Reading) Although ransomware has been around for two years, it took the fast-moving and expansive WannaCry to provide a majority of consumers their first glimpse, according to a study released today.

Newly Discovered Vulnerability Raises Fears of Another WannaCry (NDTV Gadgets360.com) A newly found flaw in widely used networking software leaves tens of thousands of computers potentially vulnerable to an attack similar to that caused by WannaCry, which infected more than 300,000 computers worldwide, cyber-security researchers said on Thursday.

Kelly: DHS halted the march of WannaCry in the U.S. (FCW) The DHS Secretary told a Hill panel that the agency was key to curtailing the historic cyberattack.

Bogus anti-WannaCry apps cropping up on Google Play (Help Net Security) While the world is still battling WannaCry, fraudsters are exploiting users' confusion to make them install Android apps that supposedly protect against it.

Yup, the Android app store is full of useless, unwanted anti-WannaCry apps (Graham Cluley) Apps claiming to protect Android users against WannaCry ransomware are popping up on Google Play, but all of them are a bunch of hogwash.

New Samba Bug Dangerous But No WannaCry (Dark Reading) The administrators of the open-source Samba software have fixed a newly discovered vulnerability that lets attackers upload malicious files to vulnerable systems and servers.

WannaCry: the rush to blame XP masked bigger problems (Naked Security) Many pointed the finger at Windows XP, but the worst hit computers were unpatched Windows 7 machines

In a throwback to the ’90s, NTFS bug lets anyone hang or crash Windows 7, 8.1 (Ars Technica) It's like the c:\con\con bug all over again.

Critical Vulnerability in Samba from 3.5.0 onwards (SANS Internet Storm Center) Developers of Samba[1] disclosed a critical vulnerability that affects the file sharing component. Samba is a suite of tools that helps in the interoperability between UNIX with Microsoft Windows. The vulnerable component is the daemon that offers file sharing capabilities.

Password Breaches Fueling Booming Credential Stuffing Business (Threatpost) The market for automated credential stuffing tools is growing fast, because of a record number of breaches.

RANSOMWARE IS LOUD & GETS THE HEADLINES while credential stealing malware is quiet - as they take the keys to your kingdom... (LinkedIn) In this video learn all about how hackers are reeking havoc on US enterprises with credential stealing malware.

Victims Lost US$1B to Ransomware (TrendLabs Security Intelligence Blog) Over the course of 2016, ransomware operators trailed their sights on bigger targets and raked in US$1 billion for their efforts.

Kentucky workers comp carrier survives ransomware (CSO Online) An overzealous Web surfer brings employee training to the forefront. See how they have tightened up the network.

Ransomware: Carding's Replacement for the Criminal Masses (Dark Reading) Ransomware is not only here to stay, it's going to proliferate by orders of magnitude and cause substantial risk to businesses for the foreseeable future.

Trump’s Dumps: ‘Making Dumps Great Again’ (KrebsOnSecurity) It’s not uncommon for crooks who peddle stolen credit cards to seize on iconic American figures of wealth and power in the digital advertisements for their shops that run incessantly on various cybercrime forums.

Houdini on Paste Sites (Recorded Future) Recorded Future analysts found a threat actor from Germany that appears to be partially responsible for the malicious VBScripts posted to paste sites.

A Rising Trend: How Attackers are Using LNK Files to Download Malware (TrendLabs Security Intelligence Blog) PowerShell is a versatile command-line and shell scripting language from Microsoft that can integrate and interact with a wide array of technologies. It runs discreetly in the background, and can be used to obtain system information without an executable file. All told, it makes an attractive tool for threat actors. There were a few notable instances...

How does Gooligan malware compromise Google accounts? (SearchSecurity) Gooligan malware can steal authentication tokens from an infected Android device to access a user's Google account. Find out how to prevent this attack.

New class of attacks affects all Android versions (Help Net Security) Researchers have demonstrated how a malicious app with two specific permission can stealthily compromise users' Android devices. Attack Android.

Samsung Galaxy S8 not as secure as you think, a German team shows how it can be hacked (The News Minute) This should be the last thing Samsung might want to hear. Just when they would have been celebrating back in Seoul the huge victory with the latest flagships Galaxy S8 and S8 Plus, comes the bad news from Germany. The Iris Scanner on the Samsung Galaxy S8 and S8 Plus is not that secure after all.

People who were impersonated by anti-net neutrality spammers blast FCC (Ars Technica) FCC should investigate and throw out fake comments, impersonation victims say.

When Technology Takes Hostages: The Rise of 'Stalkerware' (Motherboard) NSA zero-days and sophisticated state surveillance tools get all the headlines. But we’re overlooking the dangerous, life-threatening, rise of “stalkerware,” which enables domestic violence.

5 Unsettling cyberthreats (Malwarebytes Labs) Cyberthreats are typically boring, repetitive, and require a reasonably predictable remediation process. Here are 5 cyberthreats that if you’re not frightened by, you should be.

Security Patches, Mitigations, and Software Updates

Critical Samba code execution hole plugged, patch ASAP! (Help Net Security) The Samba code execution flaw could allow a malicious client to upload a shared library to a writable share, and cause the server to load and execute it.

Security Firm Releases Windows XP Patch for NSA Exploit ESTEEMAUDIT (BleepingComputer) Cyber-security firm enSilo has released a patch for Windows XP and Windows Server 2003 that will protect against attacks via ESTEEMAUDIT, a hacking tool dumped online by the Shadow Brokers last month, and allegedly developed by the NSA.

Keybase Extension Brings End-to-End Encrypted Chat To Twitter, Reddit, GitHub (Threatpost) A recently released extension for Chrome, developed by the public key crypto database Keybase, brought end-to-end encrypted messaging to several apps this week.

SCADA HMI Devs Take 150 Days to Release Patches (Infosecurity Magazine) SCADA HMI Devs Take 150 Days to Release Patches. Trend Micro report urges more secure development to minimize SCADA bugs

Cyber Trends

12 Key Takeaways From 6 Cybersecurity Insights Reports (BitSight) Take a look at new trends and pertinent data from six BitSight Insights reports on cybersecurity.

Cybersecurity ROI: Still a tough sell (CSO Online) Cybersecurity is a wise investment. But as a panel of experts at the MIT Sloan CIO Symposium said, it is difficult to put an exact number on it.

AI: The promise and the peril (CSO Online) Two panels at the MIT Sloan CIO Symposium this week focused on how to embrace the almost magical productivity benefits of artificial intelligence without leaving workers behind.

‘Sometimes it is necessary to bend the rules a bit’ (CSO Online) A recent survey asked employees why they didn’t follow the rules and much of the response sounded a bit like a child answering their parent. They might have been bored or there were too many rules to deal with.

Cyber attack threat to law firms prompts warnings (Financial Review) Big law firms have beefed up cyber protections, but they're asking questions about smaller ones.

Marketplace

5 Proven Cyber Security Certifications That Will Skyrocket Your Salary (HackRead) With rising salaries and a massive global demand for qualified professionals, cyber security is an incredibly attractive industry to work in. There are tho

Report: Microsoft to buy security firm Hexadite for $100M as Cloudyn still in progress (TechCrunch) While we wait to get more news on Microsoft closing a reported acquisition of Cloudyn, another report has emerged of one more enterprise startup that the..

Poll: Microsoft's Brand Appears Stronger Than Data Breach - Morning Consult (Morning Consult) Despite people’s concern for their online safety, the security breach of a well-loved brand such as Microsoft Corp. did not deter its most dedicated customers.

Defence supplier QinetiQ revamps as global security steps up (Evening Standard) Ministry of Defence supplier QinetiQ promised to crack on with a shake-up today by targeting increasingly “sophisticated” customers facing a cocktail of global security threats. The FTSE 250 supplier of weapons systems and technology, which recently won a £1 billion amendment to a long term MoD contract, saw revenues rise 4% to £783.1 million and pre-tax profits up to £123.3 million for the year ending March.

Czech-Based Avast Looks to Number One Position in Global Security (Radio Praha) It’s probably a surprise to most outsiders that the Czech Republic is a world leader in terms of computer and mobile phone security but that’s undoubtedly the case as Avast wraps up its takeover of rival company AVG.

ThreatQuotient Takes Gold for Best IT Software and Hottest Company in 2017 IT World Awards (BusinessWire) ThreatQuotient™, a trusted threat intelligence platform innovator, today announced that they have been named the winner of four Network Products

A10 Networks Appoints New Chief Financial Officer (Techwire.net) Tom Constantino will start in the new position of executive vice president and chief financial officer on June 12.

Products, Services, and Solutions

New infosec products of the week: May 26, 2017 (Help Net Security) Here's an overview of new products from the following infosec vendors: BH Consulting, Circadence, IBM, NopSec, Skyport Systems, and Vera.

Cyphort Introduces the Quilt Security Ecosystem (Sys-Con Media) Leveraging the open architecture of its Anti-SIEM software platform, Cyphort has completed product integration with more than 30 technology vendors

Zscaler Reveals Insights from the World’s Largest Cloud Security Platform at Cloud Expo Asia conference in Hong Kong (China Newswire) More than 5,000 organizations are escaping legacy security appliance overload with Zscaler

New Jersey Hospital Association Selects Sensato Cybersecurity Solutions as Strategic Partner (PRNewswire) The New Jersey Hospital Association (NJHA) has selected...

Superyachts face tidal wave of cyber-attacks (St. Lucia News Online) One of the country’s leading cyber-security companies that has worked with the Royal Navy is seeing a steep rise in demand for its expertise from superyacht...

Rapid7 Launches New Partner Program, Puts Services Play Front And Center (CRN) The security vendor's new program will allow partners to deliver professional, deployment and training services, recognizing that's where partners can 'provide the most value to our mutual customers,' says Rapid7's John Ryan.

SparkCognition Solutions Products Now Available on GSA Schedule (PRNewswire) SparkCognition, a global leader in cognitive computing analytics, today...

Technologies, Techniques, and Standards

You Have One Year to Make GDPR Your Biggest Security Victory Ever (Dark Reading) The EU's new razor-toothed data privacy law could either rip you apart or help you create the best security program you've ever had. Here's how.

As GDPR deadline looms, time for compliance is running out (Help Net Security) GDPR is a game-changing piece of data protection legislation that goes into effect on May 25, 2018. While the legislation includes various components relat

EU GDPR Final Countdown: How to Prepare Your Security Program (Infosecurity Magazine) GDPR will have real-world impact, and not just for EU member states.

Guidance for connected vehicle security: Attack vectors and impacts (Help Net Security) "Observations & Recommendations on Connected Vehicle Security" is report that provides a comprehensive perspective on vehicle security connectivity design.

NATO Releases IoT Draft Report (SIGNAL Magazine) The Parliamentary Assembly will discuss a report urging governments to take a more proactive role in defining the IoT's future at its spring session.

EU security body calls for a security trust mark for IoT devices (Bitdefender) For all the excitement and buzz around the Internet of Things, spurred on by connected gadgets being sold in great numbers both online and on the high street, there is no denying that it has a serious problem. And the problem is that often IoT devices are found to be lacking when it comes to …

Why can’t security have SLAs? (CSO) Sure 100 percent uptime is a pipe dream, but some vendors believe it is unrealistic to even place parameters on security.

In the Future, Internet-Connected Car Security Is Only Getting Tougher (Tech.Co) Self-driving cars will create an entirely new form of life in major cities across the world. However the concern for security is at the forefront.

Rockwell Automation outlines best practices for industrial security (Mining Review) Rockwell Automation cautions that industrial organisations are operating in ways they scarcely could have imagined a few decades ago. They are converging his

Caught in the breach – what to do first (CSO Online) Since there is no way to prevent every cyber attack, incident response is crucial. Experts at the MIT Sloan CIO Symposium talk about what to do immediately after the bad news hits.

Using threat intelligence tools to prevent attacks on your enterprise (SearchSecurity) Find out how threat intelligence tools can help pre-empt possible attacks on your enterprise and keep your assets secure.

How to build a better SOC team (Help Net Security) What can organizations do to alleviate the strain on its security professionals, better protect the business and build a better SOC team?

In the Cloud, Evolving Infrastructure Means Evolving Alliances (Dark Reading) New opportunities makes for unusual bedfellows. Here's how to navigate the shift in organizational dynamics between security operations, line-of-business managers and developers.

How to Prevent Hackers From Hijacking Memorial Day (Infosecurity Magazine) How not to fall victim to a hoax on Memorial Day, and the solutions to solve this.

Design and Innovation

Walk this way: Researchers claim new authentication technology based on the way people walk (Computing) Could walking become the latest form of biometric authentication?

Academia

Virginia Tech Designated NSA Center For Academic Excellence In Cyber Operations (Alexandria News) Governor Terry McAuliffe today announced that the National Security Agency has designated Virginia Tech as a Center for Academic Excellence in Cyber Operations. The first university to receive this status in the Commonwealth, Virginia Tech joins an exclusive list of 16 other universities in the nation in bearing this designation. Virginia Tech will hold the CAE-CO designation for five academic years, from 2017 to 2022.

NZ Herald: New Zealand's Latest News, Business, Sport, Weather, Travel, Technology, Entertainment, Politics, Finance, Health, Environment and Science (The New Zealand Herald) Latest breaking news articles, photos, video, blogs, reviews, analysis, opinion and reader comment from New Zealand and around the World - NZ Herald

Legislation, Policy, and Regulation

Revised Active Defense Bill Allows Victims to Recover or Destroy Stolen Data (Threatpost) Rep. Tom Graves has revised a draft of the Active Cyber Defense Certainty Act with new provisions that include mandatory notification and permission to recovery or destroy stolen data on the attack…

Proposed 'hack back' law would not have stopped WannaCry (CSO Online) On Monday, the Financial Times published a story concerning a proposed bill form Representative Tom Graves, a Republican from Georgia's 14th district. Graves has proposed changing the Computer Fraud and Abuse Act (CFAA) to allow organizations to fight back when being attacked online. But is this a smart, or even workable solution for enterprise operations?

GOP chair eyes DHS cyber reorganization bill next week (TheHill) Bill to organize DHS cyber unit has backing from Trump administration, McCaul says.

Cyber Command’s Move to Full Combatant Command Still in Works (Sea Power) The future growth of U.S. Cyber Command and the need to get ahead of adversaries were subjects of a May 23 hearing in Washington of the House Armed Services emerging threats and capabilities subcommittee.

Trump’s First Cybersecurity Scorecard (Infosecurity Magazine) ‘C for effort – could try harder’ seems to be the overall judgment of Trump’s first quarter as President, reports Danny Bradbury

Trump wants capability to track, hack and destroy drones (C4ISRNET) If these new powers do come into law, we can expect a whole new range of drone-capture kit to hit the market for law enforcement agencies.

Lieberman withdraws from FBI director consideration (CNN) Former Sen. Joe Lieberman, once considered a front-runner, formally withdrew his name from consideration. Ex-TSA Admin John Pistole may be under consideration

SECURITY: Slim TSA cyber staff takes on rising pipeline threat (EnergyWire) As the cyberthreat facing the nation's biggest natural gas pipelines grows and evolves, a small group of federal workers tasked with protecting the sprawling, hidden energy matrix is woefully outnumbered.

Litigation, Investigation, and Law Enforcement

Bomber Salman Abedi planned Manchester attack for a year (Times (London)) The Manchester bomber is believed to have planned the attack for at least a year and bought nails and screws for the atrocity in two trips to DIY stores in the city, The Times has learnt. Salman...

Manchester bomber probably had ISIS training, US official says (CNN) Manchester suicide bomber Salman Abedi likely received some ISIS training by traveling to Syria in the months before the bombing, according to information gathered in the preliminary investigation into the attack, a US official told CNN on Thursday.

Manchester bombing latest: Teenager among suspects in custody amid fears Salman Abedi made second device (The Telegraph) Counter-terror police investigating the Manchester Arena bombing have carried out fresh raids today amid fears the attacker might have built a second device that is now in the hands of fellow jihadists.

Think Before You Tweet In the Wake of an Attack (WIRED) Terrorists use social media to recruit, but they also depend on you and the media to use it to amplify their message.

Twisted logic drives terrorists to target children (Times (London)) As a cultural phenomenon, suicide bombing is comparatively new, astonishingly virulent and remarkably complex — an explosive combination of ideology and psychology that has made it the terrorist...

Trump calls for investigation of U.S. leaks in Manchester bombing probe (Washington Post) In Brussels, Trump responded to British outrage over the leaks and vowed to “get to the bottom of this” to preserve intelligence sharing.

The U.S. Intelligence Ship Is Too Leaky To Sail (Bloomberg) The U.S. services have lost credibility by becoming the leakiest in the world.

Norwich hospital and airport cyber-attack: Man charged (BBC News) A 30-year-old man will appear in court charged with unauthorised access after two incidents in 2015.

Wasserman Schultz Threatened Police Chief For Gathering Evidence On Her IT Staffer’s Alleged Crimes [VIDEO] (The Daily Caller) Rep. Debbie Wasserman Schultz threatened the chief of the U.S. Capitol Police with "consequences" for holding equipment that she says belongs to her in order to build a criminal case against a Pakista

3 Nigerian Cyberthieves Sentenced to Total of 235 Years in Prison (Dark Reading) Using love-struck girlfriends found on the Internet to help them carry out their schemes, three Nigerian cyberthieves and their cohorts made off with tens of millions of dollars in pilfered goods before they were ultimately sentenced to a collective total of 235 years in prison.

The Silk Road Creator’s Life Sentence Actually Boosted Dark Web Drug Sales (WIRED) A new study raises questions about the deterrence value of harsh sentencing for dark web crimes.

Industry Events

For a complete running list of events, please visit the Event Tracker.

Newly Noted Events

The Chertoff Group Security Series: Security In The Boardroom (Palo Alto, California, USA, Aug 23, 2017) The Chertoff Group Security Series will aim to enhance and add to the Security in the Boardroom conversation by applying our insights into technology, threat, and policy to help executives respond to the evolving threat environment.

European Cybersecurity Forum – CYBERSEC (Krakow, Poland, Oct 9 - 10, 2017) The Fourth Industrial Revolution is in full swing, giving a strong impulse to the growth of Europe’s innovation-driven economy that can compete with world’s economic superpowers. Let’s start the dialogue together to unlock our potential and use the opportunities ahead. CYBERSEC’s mission is to foster the building of a Europe-wide cybsersecurity system. Our goal is to create a dedicated collaborative platform for governments, international organisations, and key private-sector organisations.

Upcoming Events

Cyber Southwest (Tucson, Arizona, USA, May 27, 2017) CSW will be dedicated to furthering the discussion on cyber education and workforce development in Arizona, healthcare cybersecurity, and technical training in areas such as threat intelligence, insider threats, and protecting critical infrastructure. CSW will focus on creating a positive, unique, and highly productive unification point to further Arizona’s developing leadership in cybersecurity. Subject Matter Experts (SMEs) will be on hand to share information on the latest cybersecurity trends, best practices, and key innovations.

SANS Atlanta 2017 (Atlanta, Georgia, USA, May 30 - Jun 4, 2017) Learn the most effective steps to prevent attacks and detect adversaries with actionable techniques that you can directly apply when you get back to work. Take advantage of tips and tricks from the experts so that you can win the battle against a wide range of cyber adversaries who want to harm your digital environment.

Cyber Security Summit: Seattle (Seattle, Washington, USA, Jun 1, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Seattle. Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: Seattle is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

SANS Houston 2017 (Houston, Texas, USA, Jun 5 - 10, 2017) At SANS Houston 2017, SANS offers hands-on, immersion-style security, security management, and pen testing training courses taught by real-world practitioners. The site of SANS Houston 2017, June 5-10, is Royal Sonesta Hotel Houston, located in the heart of the Galleria area of Uptown Houston.

Cyber Resilience Summit: Measuring and Managing Software Risk, Security and Technical Debt (Brussels, Belgium, Jun 6, 2017) The Consortium for IT Software Quality is bringing the Cyber Resilience Summit to Europe, to take place on 6 June 2017 in Brussels, Belgium, the vibrant heart of political Europe and headquarters of the European Commission. All are invited to attend! The theme of the Summit is “Measuring and Managing Software Risk, Security and Technical Debt.” Discussion will focus on the latest strategic thinking from innovative American and European CIOs and IT policy makers.

National Cyber Security Summit (Huntsville, Alabama, USA, Jun 6 - 8, 2017) The National Cyber Summit is the preeminent event for cyber training, education and workforce development aimed at protecting our nation’s infrastructure from the ever-evolving cyber threat. The summit attracts commercial and defense companies as well as healthcare, automotive and energy industries.

Infosecurity Europe 2017 (London, England, UK, Jun 6 - 8, 2017) Infosecurity Europe is the region's number one information security event featuring Europe's largest and most comprehensive conference programme and over 360 exhibitors showcasing the most relevant information security solutions and products to 13,500 visitors.

Cyber 8.0 Conference (Columbia, Maryland, USA, Jun 7, 2017) Join the Howard County Chamber of Commerce for their 8th annual cyber conference, where they will explore innovation, funding, and growth. Participants can expect riveting discussions from cyber innovators and entrepreneurs, from leading venture capitalists and financiers, and from government agencies who look to our industry base for technologies and solutions.

2017 ICIT Forum: Rise of The Machines (Washington, DC, USA, Jun 7, 2017) The 2017 ICIT Forum brings together over 300 cybersecurity executives from across critical infrastructure sectors to receive the latest ICIT research from our experts, share knowledge, develop strategies and identify next-generation technologies to improve their resiliency. Topics include Artificial Intelligence, IoT, Advanced Analytics, APT Profiles, Blockchain, Cloud and more!

SecureWorld Chicago (Rosemont, Illinois, USA, Jun 7, 2017) Join your fellow security professionals for high-quality, affordable training and education. Attend featured keynotes, panel discussions, and breakout sessions—all while networking with local peers. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry leaders.

NYS Cyber Security Conference (Albany, New York, USA, Jun 7 - 8, 2017) June 2017 marks the 20th Annual New York State Cyber Security Conference and 12th Annual Symposium on Information Assurance (ASIA) and we invite you to join us for this nationally recognized event. Technology's increasing sophistication has driven new trends in device mobility, social media, and expanded connectivity. Cyber security once considered an issue for IT staff has evolved into a concern for the entire organization. This year's conference examines the broad range of today's cyber challenges and the ways in which organizations can improve security, and create resiliency against cyber threats.

RSAC Unplugged (London, England, UK, Jun 8, 2017) Informal, up close and personal, intimate…that’s RSAC Unplugged. Ignore the background noise and focus on what’s important in information security right now as part of a one-day program focused on excellent content. Raw and uncut, it’s the best of RSA Conference in a single day.

Insider Threat Program Development / Management Training For NITP-NISPOM CC 2 (Huntsville, Alabama, USA, Jun 8 - 9, 2017) Insider Threat Defense announced it will hold a 2 day training class on Insider Threat Program (ITP) Development / Insider Threat Risk Management (National Insider Threat Policy (NITP), NISPOM Conforming Change 2) on June 8-9, 2017, in Huntsville, AL. For a limited time the training is being offered at a $795. This training will provide the ITP Manager-Senior Official and Facility Security Officer with the knowledge and resources to achieve compliance with NITP and NISPOM CC2 / DSS ISL-2016-02 - ITP requirements. Any organization (State Government Agencies, Businesses, Etc.) that is not required to implement an ITP, but is concerned with Insider Threat Risk Mitigation will also benefit greatly from this training. Insider Threat Defense has trained over 500+ organizations and has become the "Leader-Go To Company" for ITP Development / Insider Threat Risk Management Training.

BSides Pittsburgh 2017 (Pittsburgh, Pennsylvania, USA, Jun 9, 2017) BSides Pittsburgh is part of a global series of community-driven conferences presenting a wide range of information security topics from technical topics, such as dissecting network protocols, to policy issues such as managing information leakage via social networks. Pittsburgh has a flourishing information security community; this is a great chance to meet each other, share ideas and work together.

29th Annual FIRST Conference (San Juan, Puerto Rico, USA, Jun 11 - 16, 2017) FIRST is an international confederation of trusted computer incident response teams who cooperatively handle computer security incidents and promote incident prevention programs.

21st Colloquium, Cyber Security Education Innovation for the 21st Century (Las Vegas, Nevada, USA, Jun 12 - 14, 2017) The Colloquium for Information Systems Security Education (CISSE) provides a forum for dialogue among academia, industry and government. Protection of the information and infrastructure used to create, store, process, and communicate information is vital to business continuity and security. CISSE supports cyber security educators, researchers and practitioners in their efforts to improve curricula and foster discussion of current and emerging trends, working to define education requirements and encourage development of information security curricula and courseware.

ETSI Security Week 2017 (Sophia Antipolis, France, Jun 12 - 16, 2017) This year's event will address key cybersecurity standardization challenges in the short, medium and longer term. The event will look at the different aspects of cybersecurity underpinning our digital world. The cybersecurity community will come together at ETSI to network and exchange on the state of standardization for cybersecurity.

Cyber Tech Fairfax (McLean, Virginia, USA, Jun 13, 2017) Cybertech Fairfax will provide attendees with a unique opportunity to learn about the latest innovations and solutions from the cyber community. It will serve as an incredible B2B platform with a strong focus on networking, strengthening existing alliances and forming new ones. Get acquainted with the products and people leading the industry and creating new technological solutions to tackle today’s cyber challenges.

Cyber Tech Fairfax (McLean, Virginia, USA, Jun 13, 2017) A thought-provoking conference and exhibition on global cyber threats, solutions, innovations and technologies. At Cybertech Fairfax, high-profile speakers and panelists will focus on the global cyber threat, and strategies and solutions that meet the diverse challenges for a wide range of sectors including finance, transportation, utilities, defense, communication and government, to protect operations, infrastructure and people.

LegalSec Summit 2017 (Arlington, Virginia, USA, Jun 13 - 14, 2017) Whatever your role in security, there’s something here for you! Hear from experts who will share their experiences related to information security, and develop takeaways to use in your organization. The target audience for ILTA’s LegalSEC Summit is legal technology professionals at every level and general counsel who touch legal security in their law firm or law department and want to learn more and connect with peers. Organized by the International Legal Technology Association.

AFCEA Defensive Cyber Operations Symposium (Baltimore, Maryland, USA, Jun 13 - 15, 2017) Cyber operations are a challenging mission for the U.S. Defense Department and government community that builds, operates and defends networks. Cyber leaders and warriors must continually evolve to adapt to future innovations and develop and leverage cutting-edge tools and technologies. AFCEA’s Defensive Cyber Operations Symposium provides an ethical forum where government and industry will focus on “Connect and Protect.” Participants will discuss requirements and solutions to ensure that the networks within DoD are adaptive, resilient and effective across a range of uses and against diverse threats. Speakers will include leaders in the Defense Information Systems Agency, Joint Force Headquarters-DoD Information Network and DoD Chief Information Office.

Global Cybersecurity Summit 2017 (Kiev, Ukraine, Jun 14 - 15, 2017) During the two-day summit, participants will be exposed to cybersecurity best practices, cutting-edge advancements, and emerging innovations in defensive security across a series of categories, including policy and government, Internet of Things (IoT), industrial controls, and more.

Information Assurance Symposium (Baltimore, Maryland, USA, Jun 19 - 21, 2017) The Information Assurance Symposium is the premier IA event at which leaders and practitioners share vital information and provide direction and best practices to meet today's challenges in IA and the cyber environment. The classification of the event is UNCLASSIFIED//FOR OFFICIAL USE ONLY. The 2017 IAS is expecting upwards of 2,500 attendees and will provide an excellent opportunity to learn and network with leading information assurance and cyber security professionals, subject matter experts and solution providers from throughout Government, industry and academia. The Information Assurance Symposium will include a variety of keynote sessions, three distinct tracts and panel discussions spanning over three days.

Norwich University Cyber Security Summit (Northfield, Vermont, USA, Jun 19 - 21, 2017) Norwich University’s College of Graduate and Continuing Studies (CGCS) is pleased to announce the first annual Cyber Security Summit in June 2017. The summit, presented in a continuing education format, welcomes Norwich alumni and their guests interested in exploring and discussing the latest in cyber security policy from both the federal level and the practical application of that policy on a local or business level. Register today to reserve your space at the summit.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listeners all over the world, companies trust the CyberWire to get the message out. Learn more.

Cyber Investing Summit wrap-up. Influence op emails in Russia doctored. Hacking over the South China Sea. EternalRocks worm turns. WannaCry masters speak Chinese, English? Bad WannaCry remedies in the PlayStore.