The CyberWire Daily Briefing 5.31.17

Summary

By The CyberWire Staff

The ShadowBrokers have released more details of their exploit-of-the-month club. It will cost you about $22,000 per month to join. (The club "is being for high rollers, hackers, security companies, OEMs, and governments," so this Robin Hoods is now being for wealthy elite we be thinking.)

Symantec and others have linked WannaCry to North Korea by its evident connection to the Lazarus Group. Skepticism about that attribution has been based in part on doubt that the Lazarus Group really is a tool of DPRK intelligence services. Group-IB researchers have just published the results of their investigation of the Lazarus Group's command-and-control infrastructure as used against Sony, Bangladesh Bank, and others. They see a clear connection of the threat group to North Korea's government.

Android users shopping for diversion in Google Play should avoid Star Hop and Candy Link. Both apps are serving spam.

Criminals increasingly turn to extortion, both crypto ransomware and traditional blackmail. Sometimes the blackmail is a bluff, as Disney claims was the case in the Pirates of the Caribbean extortion attempt. Other blackmail is quite real, as is the case with a threat to post before-and-after pictures of a Lithuanian plastic surgery clinic's patients.

French President Macron is disinclined to let Russian information operations pass unremarked. In a joint news conference held Monday with Russia's President Putin he called out Russian attempts to influence elections, specifically citing Russia Today and Sputnik as "agents of influence" spreading disinformation. The two presidents' dialogue was characterized as "frank" and "sincere."

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Afghanistan, Australia, Bangladesh, Belgium, Bulgaria, China, France, Germany, Czech Republic, Democratic Peoples Republic of Korea, Lithuania, Portugal, Russia, Sweden, Syria, Ukraine, United Kingdom, and United States.

On the Podcast

In today's podcast we hear from our partners at Accenture, as Justin Harvey discusses red teaming as a security technique. Our guest, Ely Kahn from Sqrrl, talks about NIST's call for revisions to its “Framework for Improving Critical Infrastructure Cybersecurity.”

Sponsored Events

Delta Risk (Webinar, Jun 8, 2017) Insider threats are more prevalent but not any less difficult to detect and deter. One of the best ways to address insider threats is to implement a formal insider threat program in your organization. Delta Risk experts discuss essential elements of an insider threat program, and why you need one now more than ever.

SANS Technology Institute (online event, Jun 13, 2017) Earn a master’s degree in cybersecurity from SANS, the world leader in information security training. Learn more at a free online information session on Tuesday, June 13th, at 12:00 pm (noon) ET. For complete information on master’s degree and graduate certificate programs, visit www.sans.edu.

CyberTech Fairfax (Fairfax, Virginia, USA, Jun 13, 2017) Cybertech Fairfax: meet tech execs, start-ups, investors & legal, media & mktg pros changing the global cyber landscape. Cybertech Fairfax is a thought-provoking conference on global cyber threats, solutions, innovations and technologies.

UMBC Cybersecurity Graduate Info Session (Rockville, Maryland, USA, Jun 15, 2017) Learn how UMBC’s graduate programs in Cybersecurity can elevate your career at our upcoming Info Session. Led by industry experts, our programs combine hands-on technical training with unparalleled opportunity.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

Macron, Standing Alongside Putin, Says Russian Media Spread 'Falsehoods' (The Atlantic) The French president accused Russia Today and Sputnik of being “agents of influence.”

And Now, a Brief Explanation as to Why Russia and Ukraine Are Fighting on Twitter: (Foreign Policy) It all started in 1051...

Group linked to NSA leaks says will release more data in July (Reuters) A group that published hacking tools that security experts believe were stolen from the U.S. National Security Agency said on Tuesday it plans to sell a new batch of stolen code in July to customers willing to pay more than $22,000 for it.

Shadow Brokers double down on zero-day subscription service (Naked Security) Should you dive in and help with the crowdfunding move to access the data they claim they have? It’s not what we’d advise – but what do you think?

The Shadow Brokers Announce Details About Upcoming Monthly Dump Service (BleepingComputer) In a message posted online early this morning, the Shadow Brokers — the cyber-espionage group believed to have stolen hacking tools from the NSA — announced new details about their upcoming "monthly dump service."

New Shadow Brokers 0-day subscription forces high-risk gamble on whitehats (Ars Technica) Mysterious group with cache of NSA exploits promises new release to those who pay.

Banned outfits in Pakistan operate openly on Facebook (Dawn) Activity of 41 sectarian, terrorist, anti-state organisations is accessible to every user on the social network.

Jihad during Ramadan is ‘obligatory,’ Taliban spokesman says (FDD's Long War Journal) An official Taliban spokesman described jihad as "obligatory worship" and said that there would be no cease-fire during the Muslim holy month of Ramadan.

What Happens After ISIS Goes Underground (The National Interest) Eradicating the Islamic State's dominant presence in the Middle East will merely push the caliphate further into the dark corners of the cyber world.

NORK spy agency blamed for Bangladesh cyberheist, Sony Pictures hack (Register) Group-IB IDs Lazarus Group

New Evidence Cements Theory That North Korea is Behind Lazarus Group (BleepingComputer) A 53-page report released today by Group-IB, a Russian cyber-security vendor, contains new evidence that cements the theory that the North Korean government is behind the Lazarus Group, a cyber-espionage outfit.

Lazarus Arisen: Architecture, Techniques and Attribution (Group-IB) The only in-depth report outlining multiple layers of Lazarus infrastructure, thorough analysis of hacker’s tools and evidence leading to North Korean IP addresses

Analysis of Competing Hypotheses, WCry and Lazarus (ACH part 2) (SANS Internet Storm Center) In my previous diary, I did a very brief introduction on what the ACH method is [1], so that now all readers, also those who had never seen it before, can have a common basic understanding of it.

Threat Spotlight: “Enable Macros” Phishing Attack (Barracuda) As if we didn’t know that ransomware was bad news — we learned just how big of an epidemic this stuff is becoming with the WannaCry attack earlier this month. The scope of this particular attack was truly astonishing, reaching hundreds of thousands of users in over 150 countries worldwide. From a security perspective — we have to learn from attacks like WannaCry in order to help prevent or mitigate them in the future. And even though WannaCry seems like it may be in our rearview mirror now, cyber criminals are incredibly creative and always looking for a new angle

Why you should avoid Star Hop and Candy Link in Google Play (Naked Security) Both games look harmless enough, but they contain a payload that ensures you’ll be hammered with spam

Hackers blackmail patients of cosmetic surgery clinic (Help Net Security) Hackers has been trying to blackmail patients of a Lithuanian plastic surgery clinic, by threatening to publish their nude "before and after" photos online.

Disney ‘Hackers’ Were Bluffing: Iger (Infosecurity Magazine) Disney ‘Hackers’ Were Bluffing: Iger. Media giant was never breached, says CEO

Surprise! Extortionists have no qualms about claiming they ‘hacked’ your business (HOTforSecurity) No one likes to have their company hacked. No one is going to be happy if hackers manage to break into systems and steal away their intellectual property. In the case of companies like Disney, having a $230 million blockbuster like the latest Pirates of...

Ransomware - The Non-Technical But Fascinating Ripple (ThreatQuotient) One of the silver-lining effects of a global cyber scare such as WannaCry ransomware is the trigger to catch up with friends to discuss fact vs. fiction of the threat research and other ‘bigger picture’ observations.

The new crime model: why criminals are now holding our data for ransom rather than stealing or selling it (Computing) Ransomware has changed the economic model of cybercrime, argues Paul Farrington.

Ransomware challenges every SMB faces (Computing) UK SMBs are low-hanging fruit; and for cybercriminals, they're ripe for the picking. It's no longer a question of 'when' they will be hit, but 'how often'.

‘Lone Wolf’ Criminal Hacker Gets Doxed Thanks To Series Of Dumb Mistakes (Motherboard) A cybercriminal from Eastern Europe who has been hacking a Chinese company for years appears to have carelessly exposed his own real identity.

Economic analysis reveals cyber-criminals make bad business people (SC Media UK) Ransomware users could be making a lot more money, according to a new report from the University of Kent.

Cybercriminals Regularly Battle it Out on the Dark Web (Dark Reading) People operating criminal services on Tor and other darknets attack each other frequently, a study by Trend Micro shows.

Trusts yet to confirm financial impact of cyber-attack (Digital Health) Recovery costs from the recent global cyber-attack are yet to be calculated, according to some trusts. A total of 48 trusts were affected by the attack.

Protegrity Warns That NIST-Approved Format-Preserving Encryption (FPE) Standard May Leave Organizations Vulnerable to Attack (BusinessWire) Protegrity warned data security practitioners to closely inspect how and where they are using the FF3 format-preserving encryption standard that is no

7 nightmare cyber security threats to SMEs and how to secure against them (DDoS Info) Small businesses face a range of cyber threats daily and are often more vulnerable than the larger organisations.

Analyzing phishing attacks against 500,000 mailboxes at 100 organizations (Help Net Security) When it comes to analyzing phishing attacks, Ironscales offers lessons learned from 500,000 mailboxes at 100 organizations located worldwide.

Chipotle Admits Cyber Attack Affected 'Most' U.S. Stores (TheStreet) Customers in as many as 48 states could have their data exposed.

Security of medical devices ‘is a life or death issue’, warns researcher (Naked Security) Concern rises as one study finds more than 8,000 vulnerabilities in seven pacemakers while another highlights wider issues in medical devices

The Top Ten DDoS Attacks of all Time (Infosecurity Magazine) The DDoS attack has moved from a sign of cyber-protest to something tactically used to bring websites, applications and even DNS providers offline.

Security Patches, Mitigations, and Software Updates

Privacy Issue Fixed in Yopify Ecommerce Notification Plugin (Threatpost) Ecommerce sites using the Yopify plugin were leaking customers’ names, locations and purchases.

FreeRADIUS Update Resolves Authentication Bypass (Threatpost) Developers behind FreeRADIUS, an open source implementation of the networking protocol RADIUS, are encouraging users to update to address an authentication bypass found in the server.

Cyber Trends

What will it take to keep smart cities safe? (Help Net Security) The development of secure smart cities depends on two key factors: the limitations of the technologies used and how they are implemented.

Get hacked, and watch your company’s share price plummet (Business Insights (Bitdefender)) Data breach impact. hacked, and watch your company’s share price plummet

Staving off the hackers as target base grows wider (The Straits Times) When an 11-year boy managed to obtain the phone numbers of dozens of participants at a cyber security conference two weeks ago with nothing more than a laptop and a self-programmed Bluetooth scanner, it was a reminder to both the cyber security community and regular users on just how easy it is for a dedicated hacker to steal information off personal devices.. Read more at straitstimes.com.

Manufacturers, providers fear attack likely on med devices (Health Data Management) Product testing frequently is insufficient to ensure security, Larry Ponemon says.

IT and Biz Leaders: Boards Don’t Take Security Seriously (Infosecurity Magazine) IT and Biz Leaders: Boards Don’t Take Security Seriously. Control Risks says IT teams need to communicate better with C-level

Marketplace

Cisco and IBM announce historic cybersecurity partnership (CSO Online) Cisco Security and IBM Security join forces to battle cybercrime, helping customers reduce the time to detect and mitigate threats.

4 vectors transforming the security software market (Help Net Security) The overall security software market is undergoing a period of disruption due to the rapid transition to cloud-based digital business and technology models.

Waltham cybersecurity firm CounterTack tacks on $20M from strategic investors (Boston Business Journal) CounterTack Inc., a Waltham-based cybersecurity firm that has already raised more than $70 million from Goldman Sachs and others, announced Tuesday it has tacked on another $20 million in a Series D round of funding.

Why Microsoft Acquired Hexadite (Market Realist) Microsoft targets cybersecurity space via Hexadite

NeuStar mulls next steps after losing court bid to retain $500M annual contract (Washington Business Journal) Sterling-based NeuStar Inc. (NYSE: NSR) is reviewing its options after losing a court battle to retain a key contract worth more than $500 million — nearly half of its annual revenue last year.

Former FBI director Robert Mueller wrapping up security review of local contractor (Washington Business Journal) A review of Booz Allen Hamilton Inc.’s (NYSE: BAH) security, personnel and management practices by former FBI director Robert Mueller is “substantially complete,” a company spokesman confirmed to me.

Grote Molen, Inc., d/b/a BlackRidge Technology, a Leader in Cyber Defense, Holds First Annual Shareholder Meeting (Street Insider) Grote Molen, Inc. (OTCQB: GROT), d/b/a BlackRidge Technology, a leader in cyber defense, is pleased to announce the reelection of Robert Graham, John Hayes and Robert Lentz to the Board of Directors and the election of new board members J. Allen Kosowsky, Thomas Bruderman and Robert Zahm.

Ntrepid Wins 2017 IT World Award for Best IT Products and Services for Government (BusinessWire) Ntrepid Corporation today announced that Network Products Guide has named the company’s secure isolated browser, Passages, the Silver winner for

The No. 1 Cybersecurity Vendor, According to MSPs (MSP Mentor) As more high-profile hacks make headlines each day, it’s no wonder cybersecurity is a top concern for businesses worldwide. Clarity Channel Advisors reviewed last year’s MSPmentor 501 survey for MSP trends and their choices in cybersecurity vendors. One stat stood out: Webroot is winning with MSPs. The question is: Why?

Jeff Nolan Joins SecureAuth as Chief Marketing Officer (GlobeNewswire News Room) Nolan to help organizations understand that shutting down attackers’ most common tactics can be of immediate value and require low lift

BooleBox Appoints New North American Leadership (Digital Journal) BooleBox is a global leader in providing customers with the most efficient, secure and easy to use file and information sharing systems.

Fortinet (FTNT) Appoints Peter Cohen to its Board of Directors (Street Insider) Peter Cohen, principal and founder at Xendota, Inc. and Fortinet Board Member “Fortinet has experienced tremendous growth through its differentiated Security Fabric architecture that extends its leading-edge security capabilities to any network environment, from on-premise, to IoT endpoints and out to the cloud. I am honored to be joining its board to help provide strategic counsel on the cloud technology priorities, partnerships and innovations that will help contribute to the company’s continued momentum with enterprise customers.”

Products, Services, and Solutions

Netwrix Launches Netwrix Auditor Free Community Edition (Netwrix) The new freeware enables small businesses to monitor user activities across hybrid IT environments and minimize security and operational risks

EclecticIQ Platform significantly broadens scope of available cyber threat intelligence to allow for more comprehensive threat analysis, new hires (EclecticIQ) New integrations include AlienVault OTX, Cisco Threat Grid, DHS AIS, DomainTools, Farsight Security, FireEye iSIGHT Intelligence, IBM X-Force Exchange, NCSC UK CiSP, PhishMe IntelligenceTM, Recorded Future.

STEALTHbits Announces Free Shadow Brokers Vulnerability Utility (Marketwired) Arms organizations to win against WannaCry ransomware

Global Security Intelligence Centre launched in Australia (The Lead South Australia) NEC opens its cyber security centre in Adelaide, South Australia.

Cyber adAPT launches patented network analytics platform (Cyber adAPT) Cyber adAPT seamlessly and securely enables the new hyper-connected, decentralized enterprise, protecting the mobile-first business generation.

CrowdStrike Extends Falcon Platform with Enhanced Cloud and Data Center Coverage (CrowdStrike) CrowdStrike® Inc. announced new features of the CrowdStrike Falcon® platform custom-built for cloud providers and modern data centers.

Area 1 Security stops phishing campaigns before they become attacks (Network World) Area 1 Security scours the web to find signs of brewing phishing campaigns in order to stop them before they can become actual attacks.

Technologies, Techniques, and Standards

Fixating on the Kill Chain Model is Misleading (Infosecurity Magazine) CISOs must forget about preventing attacks and focus on dealing with the ones which have already breached their networks

Military Meets Commercial Threat Intelligence (Recorded Future) Threat intelligence has always played a vital role in the military. In this episode, learn how commercial teams compare to their military counterparts.

Prevalent Security Control Mechanisms To Protect Files - And What Needs To Be Done To Truly Fight Data Leakage - Information Security Buzz (Information Security Buzz) In today’s cyber world, it is much easier for files containing sensitive, regulated or confidential data to be accidentally exposed or purposefully exfiltrated. There are a lot more ways for authorized personnel to use and share files, for network share resources to be unintentionally exposed, for files to be readily emailed, and for hackers and …

Password Sharing and Actions Against Disgruntled Employees Who Exploit Access (Ice Miller LLP) The team at Ice Miller provides legal counsel for various industries including antitrust litigation, government law, real estate & intellectual property.

Rethinking Vulnerabilities: Network Infrastructure as a Software System (Dark Reading) Increasing complexity is putting networks at risk. It's time to shift our security approach and take some lessons from software development.

Reconfiguring Your Workflow to Enable Shift-Left Security (Twistlock) Reconfiguring Your Workflow to Enable Shift-Left Security from Twistlock. Dev-to-Production Docker and container security for enterprises.

Securing the Human a Full-Time Commitment (Dark Reading) Encouraging the people in your organization to make safer cyber decisions requires dedicated brainpower to pull off, SANS study shows.

Fort Meade Brigade Provides Cyber Capabilities to Tactical Units (US Army) Cyber Soldiers from the 780th Military Intelligence (MI) Brigade, conducted expeditionary cyberspace operations in support of an armored brigade combat team at the National Training Center (NTC), Fort Irwin, Calif., April 22 to May 19.

How to Spring Clean Your Digital Clutter to Protect Yourself (WIRED) You don't have to get your hands dirty to do the most important spring cleaning of the year.

Design and Innovation

Can Johnny Build a Protocol? Co-ordinating developer and user intentions for privacy-enhanced secure messaging protocols (Eurosec 2017) As secure messaging protocols face increasingly widespread deployment, differences between what developers “believe” about user needs and the actual needs of real-existing users could have an impact on the design of future technologies.

Bitcoin Has Come Roaring Back—But So Have the Risks (WIRED) The bitcoin boom is back. But the only real rule with cryptocurrencies is uncertainty.

First post-quantum cryptography on a contactless security chip (Help Net Security) In a world of quantum computers, post-quantum cryptography should provide a level of security that is comparable with what RSA and ECC provide today.

Infineon claims readiness for post-quantum cryptography chip security (eeNews Europe) Due to their computing power, quantum computers have the disruptive potential to break various currently used encryption algorithms.

Instead of Banning Lzzy Cheaters, Pokémon Go Trolls Them (WIRED) A new "shadowban" leaves Pokémon Go bot runners stuck in a sea of Pidgeys.

Academia

McAuliffe announces winners of NSA Day of Cyber challenge (Augusta Free Press) Governor Terry McAuliffe today announced the winners of Virginia’s NSA Day of Cyber School Challenge.

Legislation, Policy and Regulation

NATO Cyber-Defense Group Adds New Nations to Its Ranks (Infosecurity Magazine) NATO CCD COE has added two new member states, and two more will soon follow.

Containing ISIS' Online Campaigns After Manchester: The Simple Tools We Can Use But Choose Not To (Foreign Affairs) The suicide attack at a Manchester teen pop concert on Monday, which killed nearly two dozen people and injured many more, was the latest reminder that the Islamic State (also known as ISIS) is waging the most aggressive and effective worldwide recruitment and incitement campaign of any terrorist group in history.

Germany brushes off US help on election cybersecurity: report (TheHill) Germany's September elections are assumed to be a Russian target.

Spies, companies to share intelligence for national firewall (The Australian) Critical cyber intelligence held by the Australian Signals Directorate will be declassified for the first time and shared with the country’s leading telecommunications companies to build a national digital firewall that would protect millions of Australians from cyber attacks.

Why the NSA Makes Us More Vulnerable to Cyberattacks (Foreign Affairs) There is plenty of blame to go around for the WannaCry ransomware that spread throughout the Internet earlier this month, disrupting work at hospitals, factories, businesses, and universities.

Congress Fast-Tracks Bill That Would Give DHS Agencies Access To NSA Collections (Techdirt.) As a parting gift to the incoming president, Barack Obama approved information-sharing rules which gave sixteen federal agencies access to unminimized NSA collections. The whole list of agencies involved in the information sharing can be found at the...

Cyber Security Executive Order - it took a while, but it's finally here (CyberDB) A post reviewing the President’s Executive Order (EO) “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure”.

How Congress dismantled federal Internet privacy rules (Washington Post) Lawmakers in more than a dozen states have proposals to restore consumer protections.

SECURITY: States 'awaken' to critical infrastructure cyberthreats (EnergyWire) A cyberattack on the power grid would be devastating but "especially in Las Vegas," said Pat Spearman.

Trump's use of private cellphone raises security concerns (KLTV) President Donald Trump has been handing out his cellphone number to world leaders and urging them to call him directly, an unusual invitation that breaks diplomatic protocol and is raising...

Litigation, Investigation, and Enforcement

German police arrest suspect allegedly planning suicide attack in Berlin | News | DW | 30.05.2017 (Deutsche Welle) A teenage asylum-seeker suspected of planning a suicide attack in Berlin has been arrested in the German state of Brandenburg. He reportedly wrote to his mother about his intentions.

Ex-Gitmo Inmate Among 6 Detained from French Jihadi Network (VOA) Sabir Mahfouz Lahmar was freed from the US detention center in Cuba in 2009 after France agreed to accept him

National Security Experts Divided In Response To White House Leaks (WUMW) As we heard, this White House is concerned about leaks.

Elijah Cummings demands DNI, NSA leaders turn over documents on Trump Russia conversations (Washington Examiner) The Maryland Democrat's requests follow a report from earlier this month that said Trump asked Rogers and Coats to deny any existence of col...

Was Obama administration illegal spying worse than Watergate? (USA TODAY) The Obama administration's program of illegal spying and corrupt intelligence agencies may have been worse than Watergate. Donald Trump and Congress will have to decide whether or not to investigate them.

Target's data breach settlement sets a low bar for industry security standards (CSO Online) Target’s multistate data breach settlement over its 2013 data breach outlines the kind of security measures enterprises should have in order to not be found negligent with customer data. The problem is, the settlement doesn’t go far enough to improve organizational security. For the pro-active CSO, the settlement should indicate the bare minimum and not what they should aspire to.

Russian suspected hacker moves step closer to US extradition (the Guardian) FBI accuses Yevgeniy Nikulin of hacking LinkedIn, Formspring and Dropbox, and Russia has also filed extradition request

Uber engineer Levandowski, accused of massive theft from Google, has been fired (Ars Technica) Engineer is accused of grabbing 14,000 files before founding his own startup.

Is “I forget” a valid defense when court orders demand a smartphone password? (Ars Technica) This week, a judge considers possible jail for alleged extortionists who pled the Fifth.

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

Cyber Security Summit: Seattle (Seattle, Washington, USA, Jun 1, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Seattle. Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: Seattle is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

SANS Houston 2017 (Houston, Texas, USA, Jun 5 - 10, 2017) At SANS Houston 2017, SANS offers hands-on, immersion-style security, security management, and pen testing training courses taught by real-world practitioners. The site of SANS Houston 2017, June 5-10, is Royal Sonesta Hotel Houston, located in the heart of the Galleria area of Uptown Houston.

Cyber Resilience Summit: Measuring and Managing Software Risk, Security and Technical Debt (Brussels, Belgium, Jun 6, 2017) The Consortium for IT Software Quality is bringing the Cyber Resilience Summit to Europe, to take place on 6 June 2017 in Brussels, Belgium, the vibrant heart of political Europe and headquarters of the European Commission. All are invited to attend! The theme of the Summit is “Measuring and Managing Software Risk, Security and Technical Debt.” Discussion will focus on the latest strategic thinking from innovative American and European CIOs and IT policy makers.

National Cyber Security Summit (Huntsville, Alabama, USA, Jun 6 - 8, 2017) The National Cyber Summit is the preeminent event for cyber training, education and workforce development aimed at protecting our nation’s infrastructure from the ever-evolving cyber threat. The summit attracts commercial and defense companies as well as healthcare, automotive and energy industries.

Infosecurity Europe 2017 (London, England, UK, Jun 6 - 8, 2017) Infosecurity Europe is the region's number one information security event featuring Europe's largest and most comprehensive conference programme and over 360 exhibitors showcasing the most relevant information security solutions and products to 13,500 visitors.

Cyber 8.0 Conference (Columbia, Maryland, USA, Jun 7, 2017) Join the Howard County Chamber of Commerce for their 8th annual cyber conference, where they will explore innovation, funding, and growth. Participants can expect riveting discussions from cyber innovators and entrepreneurs, from leading venture capitalists and financiers, and from government agencies who look to our industry base for technologies and solutions.

2017 ICIT Forum: Rise of The Machines (Washington, DC, USA, Jun 7, 2017) The 2017 ICIT Forum brings together over 300 cybersecurity executives from across critical infrastructure sectors to receive the latest ICIT research from our experts, share knowledge, develop strategies and identify next-generation technologies to improve their resiliency. Topics include Artificial Intelligence, IoT, Advanced Analytics, APT Profiles, Blockchain, Cloud and more!

SecureWorld Chicago (Rosemont, Illinois, USA, Jun 7, 2017) Join your fellow security professionals for high-quality, affordable training and education. Attend featured keynotes, panel discussions, and breakout sessions—all while networking with local peers. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry leaders.

NYS Cyber Security Conference (Albany, New York, USA, Jun 7 - 8, 2017) June 2017 marks the 20th Annual New York State Cyber Security Conference and 12th Annual Symposium on Information Assurance (ASIA) and we invite you to join us for this nationally recognized event. Technology's increasing sophistication has driven new trends in device mobility, social media, and expanded connectivity. Cyber security once considered an issue for IT staff has evolved into a concern for the entire organization. This year's conference examines the broad range of today's cyber challenges and the ways in which organizations can improve security, and create resiliency against cyber threats.

RSAC Unplugged (London, England, UK, Jun 8, 2017) Informal, up close and personal, intimate…that’s RSAC Unplugged. Ignore the background noise and focus on what’s important in information security right now as part of a one-day program focused on excellent content. Raw and uncut, it’s the best of RSA Conference in a single day.

Insider Threat Program Development / Management Training For NITP-NISPOM CC 2 (Huntsville, Alabama, USA, Jun 8 - 9, 2017) Insider Threat Defense announced it will hold a 2 day training class on Insider Threat Program (ITP) Development / Insider Threat Risk Management (National Insider Threat Policy (NITP), NISPOM Conforming Change 2) on June 8-9, 2017, in Huntsville, AL. For a limited time the training is being offered at a $795. This training will provide the ITP Manager-Senior Official and Facility Security Officer with the knowledge and resources to achieve compliance with NITP and NISPOM CC2 / DSS ISL-2016-02 - ITP requirements. Any organization (State Government Agencies, Businesses, Etc.) that is not required to implement an ITP, but is concerned with Insider Threat Risk Mitigation will also benefit greatly from this training. Insider Threat Defense has trained over 500+ organizations and has become the "Leader-Go To Company" for ITP Development / Insider Threat Risk Management Training.

BSides Pittsburgh 2017 (Pittsburgh, Pennsylvania, USA, Jun 9, 2017) BSides Pittsburgh is part of a global series of community-driven conferences presenting a wide range of information security topics from technical topics, such as dissecting network protocols, to policy issues such as managing information leakage via social networks. Pittsburgh has a flourishing information security community; this is a great chance to meet each other, share ideas and work together.

29th Annual FIRST Conference (San Juan, Puerto Rico, USA, Jun 11 - 16, 2017) FIRST is an international confederation of trusted computer incident response teams who cooperatively handle computer security incidents and promote incident prevention programs.

21st Colloquium, Cyber Security Education Innovation for the 21st Century (Las Vegas, Nevada, USA, Jun 12 - 14, 2017) The Colloquium for Information Systems Security Education (CISSE) provides a forum for dialogue among academia, industry and government. Protection of the information and infrastructure used to create, store, process, and communicate information is vital to business continuity and security. CISSE supports cyber security educators, researchers and practitioners in their efforts to improve curricula and foster discussion of current and emerging trends, working to define education requirements and encourage development of information security curricula and courseware.

ETSI Security Week 2017 (Sophia Antipolis, France, Jun 12 - 16, 2017) This year's event will address key cybersecurity standardization challenges in the short, medium and longer term. The event will look at the different aspects of cybersecurity underpinning our digital world. The cybersecurity community will come together at ETSI to network and exchange on the state of standardization for cybersecurity.

Cyber Tech Fairfax (McLean, Virginia, USA, Jun 13, 2017) Cybertech Fairfax will provide attendees with a unique opportunity to learn about the latest innovations and solutions from the cyber community. It will serve as an incredible B2B platform with a strong focus on networking, strengthening existing alliances and forming new ones. Get acquainted with the products and people leading the industry and creating new technological solutions to tackle today’s cyber challenges.

Cyber Tech Fairfax (McLean, Virginia, USA, Jun 13, 2017) A thought-provoking conference and exhibition on global cyber threats, solutions, innovations and technologies. At Cybertech Fairfax, high-profile speakers and panelists will focus on the global cyber threat, and strategies and solutions that meet the diverse challenges for a wide range of sectors including finance, transportation, utilities, defense, communication and government, to protect operations, infrastructure and people.

LegalSec Summit 2017 (Arlington, Virginia, USA, Jun 13 - 14, 2017) Whatever your role in security, there’s something here for you! Hear from experts who will share their experiences related to information security, and develop takeaways to use in your organization. The target audience for ILTA’s LegalSEC Summit is legal technology professionals at every level and general counsel who touch legal security in their law firm or law department and want to learn more and connect with peers. Organized by the International Legal Technology Association.

AFCEA Defensive Cyber Operations Symposium (Baltimore, Maryland, USA, Jun 13 - 15, 2017) Cyber operations are a challenging mission for the U.S. Defense Department and government community that builds, operates and defends networks. Cyber leaders and warriors must continually evolve to adapt to future innovations and develop and leverage cutting-edge tools and technologies. AFCEA’s Defensive Cyber Operations Symposium provides an ethical forum where government and industry will focus on “Connect and Protect.” Participants will discuss requirements and solutions to ensure that the networks within DoD are adaptive, resilient and effective across a range of uses and against diverse threats. Speakers will include leaders in the Defense Information Systems Agency, Joint Force Headquarters-DoD Information Network and DoD Chief Information Office.

Global Cybersecurity Summit 2017 (Kiev, Ukraine, Jun 14 - 15, 2017) During the two-day summit, participants will be exposed to cybersecurity best practices, cutting-edge advancements, and emerging innovations in defensive security across a series of categories, including policy and government, Internet of Things (IoT), industrial controls, and more.

Information Assurance Symposium (Baltimore, Maryland, USA, Jun 19 - 21, 2017) The Information Assurance Symposium is the premier IA event at which leaders and practitioners share vital information and provide direction and best practices to meet today's challenges in IA and the cyber environment. The classification of the event is UNCLASSIFIED//FOR OFFICIAL USE ONLY. The 2017 IAS is expecting upwards of 2,500 attendees and will provide an excellent opportunity to learn and network with leading information assurance and cyber security professionals, subject matter experts and solution providers from throughout Government, industry and academia. The Information Assurance Symposium will include a variety of keynote sessions, three distinct tracts and panel discussions spanning over three days.

Norwich University Cyber Security Summit (Northfield, Vermont, USA, Jun 19 - 21, 2017) Norwich University’s College of Graduate and Continuing Studies (CGCS) is pleased to announce the first annual Cyber Security Summit in June 2017. The summit, presented in a continuing education format, welcomes Norwich alumni and their guests interested in exploring and discussing the latest in cyber security policy from both the federal level and the practical application of that policy on a local or business level. Register today to reserve your space at the summit.

Hack in Paris (Paris, France, Jun 19 - 23, 2017) Hack In Paris brings together major professional IT security and technical hacking experts to attend training and talks exclusively in English. Intrusion attempts grow more frequent and sophisticated, regardless of their target (state or corporation). In this context, international hacking events are multiplying. A few events took place in France but until now, no one had covered hacking practices with a technical approach including both professional training and information aspects. Hack In Paris aims at filling this gap. The program includes state of the art IT security, industrial espionage, penetration testing, physical security, forensics, malware analysis techniques and countermeasures.

SANS Minneapolis 2017 (Minneapolis, Minnesota, USA, Jun 19 - 24, 2017) Get relevant, practical cybersecurity training at SANS Minneapolis 2017 (June 19-24). This event features the information needed to build crucial skills in protecting your organization from the latest cyber-attacks. Now is the time to enhance your skills and further your career.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

ShadowBrokers launch exploit-of-the-month club. Lazarus Group connected to DPRK in new study. Spam-serving apps in Google Play. Online extortion. France calls out Russian media as sources of disinformation.