At week's end, it's apparently all ransomware all the time. Back up your files. Carbanak expands its target set. Links to readings on Mirai, Manning, and information operations.
Trustwave and Forcepoint are tracking the evolution of Carbanak through the gang's use of legitimate Google services. They're also following Carbanak's expansion of its target set from financial services to the retail and hospitality sectors.
There's a fair amount of extortion news at week's end. Ransomware criminals who've been hitting Elasticsearch and MongoDB databases have begun to devote similar attention to CouchDB and Hadoop. The tools for attacking MongoDB and Elasticsearch, as well as a list of vulnerable installations, are now being sold by "Kraken0" on the black market for about $500. Elsewhere in the criminal souks, Satan ransomware-as-a-service is being offered to criminals who lack the time, resources, or technical chops to come up with their own attacks. They offer a wizard to walk aspiring crimelords through the process. (Bleeping Computer has the details through researcher "Xylitol.")
Fortinet has discovered a new strain of Android ransomware that targets Russian-speaking users. It's unusual in at least two respects. First, its demand is very large—₽545,000, or about $9100—at least an order of magnitude more than the cost of the Android devices whose screens it locks. Second, it asks for payment by credit card as opposed to the customary cryptocurrency.
Locky ransomware makes a minor comeback, but may be on its way to supersession by Spora.
An unusually repellent extortion attack hits the Indiana cancer services not-for-profit Red Door. Back your files up.
There's apparently some big event going on about forty miles south of us today. What'd we miss?
Notes.
Today's issue includes events affecting Australia, Canada, China, Estonia, Georgia, Iceland, Russia, Sweden, Ukraine, United Kingdom, and United States.
In today's CyberWire podcast we hear from our partners at Terbium Labs, whose Emily Wilson addresses the perception that the dark web is full of terrorists. (It's full of a lot of other people, too.) Today's guest, Simone Petrella from CyberVista discusses workforce issues and the continuing challenge of filling the cyber gap.
A special edition of our Podcast is currently available. It covers buying cyber security. Every day there seems to be a new security product on the market, with many of them claiming to provide something that you simply can’t live without. Companies appear and disappear, and businesses are faced with difficult, confusing, and often expensive choices. In this CyberWire special edition, we explore how businesses are navigating the process of choosing products and technologies in a crowded marketplace. We talk to some key stakeholders to find out what drives their purchasing decisions, and what they wished their vendors knew before they came knocking on their doors.
Cyber Attacks, Threats, and Vulnerabilities
Public Urged To Help DDoS Trump’s Inauguration In Protest (IS Buzz News) A software engineer is calling on Americans to oppose Trump’s presidency by visiting the Whitehouse.gov site and overloading it with too much traffic. In effect, he’s proposing a distributed denial-of-service (DDoS) attack, an illegal act under federal law. IT security experts from DomainTools, Imperva and NSFOCUS IB commented below.
The emergence of the 'cyber cold war' (CNN) A spectre is haunting the West -- the spectre of cyberwar
Squirrels Keep Menacing the Power Grid. But at Least It’s Not the Russians (Wired) Nearly four years ago, Cris Thomas began documenting attacks on the US power grid. The number of incidents was eye-popping; over 1700 in all, impacting nearly five million people. The perpetrators? Squirrels. And birds. Assorted rodentia. Some industrious frogs, too
The Changing Face of Carbanak (Threatpost) Months of ramped up Carbanak activity that includes a new host of targets and new command and control strategy has reinvigorated attention on a criminal outfit that may have at one time stolen up to $1 billion from banks worldwide
Cybersecurity Experts Uncover Dormant Botnet of 350,000 Twitter Accounts (MIT Technology Review) A massive botnet secretly infiltrated the Twitterverse in 2013 but has lain mysteriously dormant since then, say researchers
Attackers start wiping data from CouchDB and Hadoop databases (CSO) After MongoDB and Elasticsearch, attackers are looking for new database storage systems to attack
MongoDB Ransomware is being sold online (The Next Web) January has been a rough month for anyone that a.) uses the popular MongoDB database software, and b.) doesn’t really know how to secure it
New Satan Ransomware available through a Ransomware as a Service (Bleeping Computer) A new Ransomware as a Service, or RaaS, called Satan has been discovered by security researcher Xylitol. This service allows any wannabe criminal to register an account and create their very own customized version of the Satan Ransomware
Android Ransomware Locks Phone and Asks for Credit Card Number (Bleeping Computer) A new ransomware family is targeting Android devices, locking access to the screen, and constantly pestering the user to enter his payment card details
Locky Limps Back into Action After Lull (Threatpost) Researchers say Locky spam volumes are limping back into action with two new and tiny campaigns that could reveal telltale signs of a future full-scale attack
Spora ransomware could become the new Locky (Help Net Security) A recent decrease of Locky ransomware infections has been tied with the lack of activity of the Necurs botnet, which is used to deliver the malware directly to potential victims’ email accounts
Cyber Criminals Held Cancer Services Computers for Ransom (HackRead) The targeted computers belong to “Little Red Door” Cancer Services from East Central Indiana
Ransomware Hits Little Red Door: Four Questions You Should Ask (Muncie Journal) In the light of the recent events involving the compromise of the Little Red Door’s company server, data, and privacy, I thought this would be a great time to note some safety tips for all of the non-profits out there when it comes to protecting your data. But first, you should understand that Little Red Door is not alone. The ransomware style of hacking which involves breaking into your systems and stealing your data away from you with a threat to either destroy it or leak it if you don’t pay the ransom is growing
Behind the Scenes of a Phishing Campaign (Imperva Cyber Security Blog) In a previous Imperva Hacker Intelligence Initiative (HII) report we delved into some of the financial aspects of phishing and credential theft
Hackers Hack Hacking Forum As Soon As It's Launched (Motherboard) Possibly one of the most embarrassing things that can happen to a hacking forum is getting hacked
Facebook, Researcher at Odds Over Messenger Issue (Threatpost) Facebook is dismissing claims by a researcher who says multimedia content such as audio-based messages sent via its Facebook Messenger service can be intercepted by a third-party under certain conditions
Control system cyber incidents have injured and killed people in medical applications (Control Global) Control system cyber security is often thought of as affecting the electric grid or energy systems. However, control system cyber security is much more than just the electric grid. When reading the blog, think not just medical devices, but any control system application in any industry. The issues identified below: inappropriate software, unanticipated interactions, and lack of appropriate training have been the root cause of numerous control system cyber incidents in multiple industries (my database of control system cyber incidents in now more than 900)
Most employees use unsanctioned group chat tools (Help Net Security) Employees are sharing sensitive company information using group chat tools that are not officially sanctioned for use, according to SpiderOak
Rsync errors lead to data breach at Canadian ISP, KWIC Internet (CSO) Credit card details, databases, emails, and personal information backed up to public servers
DFM hit by cyber attack (Financial Times Advisor) Hawksmoor Investment Management has sought to reassure clients after it was the victim of a cyber attack earlier this week
Security Patches, Mitigations, and Software Updates
What the end of Patch Tuesday means for businesses (Naked Security) Microsoft will shake up its long-standing patching process next month, replacing its monthly Patch Tuesday security bulletins (also known as Update Tuesday) with a new database and all-encompassing automatic updates
Cyber Trends
How to wake the enterprise from IoT security nightmares (CSO) IoT security costs to climb
Businesses worried about hacks via mobile and IoT - but aren't doing much to stop them (ZDNet) Ponemon Institute research claims budgets often mean security of new technologies takes a back seat
Marketplace
IBM thinks the 'the debate is over' on artificial intelligence — but this exchange says otherwise (CNBC) Wall Street is still waiting for the cash to roll in
2 Stocks Set to Rise During 'Cold War II' (The Street) Geopolitical gamesmanship is flaring anew between America and Russia, which spells persistent long-term demand for cyber security products
Fortinet Looks Undervalued in the Age of Trump (Small Cap Network) Our Elite Opportunity Pro newsletter has suggested mid cap cyber security solutions stock Fortinet Inc (NASDAQ: FTNT) as a new long term idea as we believe it to be undervalued around current levels plus Trump has made cyber security a major focal point
Imperva: More Upside With Incapsula? (Seeking Alpha) The cloud security market is one of the fastest growing cyber security segments. Imperva offers best-of-breed web security solutions to capture future growth. Does Imperva deserve a better valuation?
Gigamon to open Dutch office as it targets security success (Channelnomics) Freshly appointed EMEA vice president Gerard Allison discusses 2017 plans
Avaya files for bankruptcy protection, CEO calls it the 'best path forward' (CRN) Avaya has confirmed that it has filed for Chapter 11 bankruptcy protection in a move chief executive Kevin Kennedy said was "the best path forward"
Pentagon advances cloud strategy with on-prem services from Smartronix, Dell (ZDNet) The Defense Department is aiming to consolidate workloads with a new on-premise managed services contract
Diligent selected for U.S. Air Force COMSEC/CCI tool program (Military Embedded Systems) U.S. Air Force officials selected Diligent Consulting Inc. for the Air Force Communications Secure (COMSEC) and Controlled Cryptographic Items (CCI) Accountability and Tracking (COMSEC/CCI) Tool program. A contract worth over $1.5 million under the NETCENTS-2 Application Services Small Business IDIQ vehicle
root9B Awarded 5-Year Training Subcontract Supporting Department of Defense (WALB 10 News) root9B, a root9B Holdings Inc. (NASDAQ: RTNB) company, and leading provider of advanced cybersecurity services and training for commercial and government clients, announced today that it is part of a team with Chiron Technology Services, Inc. that was awarded a Department of Defense (DoD) training contract. This contract is an indefinite-delivery/indefinite-quantity (IDIQ) contract, and has a period of performance of 5 years, with a ceiling value of $50 million
Dr. Bill Anderson Named Chief Executive Officer of OptioLabs (BusinessWire) OptioLabs promotes Chief Product Officer and mobile security expert
Products, Services, and Solutions
Frost & Sullivan Vulnerability Management Report Names Digital Defense, Inc. Industry's "Best Scanning Engine" (Yahoo! Finance) Digital Defense, Inc., a leading provider of Vulnerability Management as a Service (VMaaS™), today announced that Frost & Sullivan identified Digital Defense's patented scanning technology as the best in the industry, according to its recent Vulnerability Management (VM) Global Market Analysis
Kali Linux certification, first official Kali book on the horizon (Help Net Security) The Kali Linux distribution celebrates its 10th anniversary this year. The hugely popular open source project, maintained by Offensive Security, announced today that its new Kali Linux Certified Professional (KLCP) will debut in Black Hat USA 2017. The KLCP is the first and only official certification program that validates one’s proficiency with the Kali Linux distribution
SkillSmart and ICMCP Announce Partnership to Address Cybersecurity Issues Through Increased Diversity Hiring (PR[.]com) The International Consortium of Minority Cybersecurity Professionals (ICMCP) is working with SkillSmart, a skills-based platform, to increase efforts to address the gross underrepresentation of women and minorities in the Cybersecurity industry
Panda Security’s Adaptive Defense 360 – Cannot Fail to Record Malware (SAT Press Releases) As Adaptive Defense 360 classifies all executed processes, it cannot fail to record any malware
WISekey and Lykke to Integrate Cybersecurity and Trading Apps (Finance Magnates) Lykke will integrate the WISeKey identity and security stack into its digital bitcoin wallets and software
ProtonMail Is Now Available via a Tor Address to Avoid Global Censorship (Bleeping Computer) ProtonMail, today's largest provider of encrypted email services, has announced today a Tor URL that users can utilize if the service is blocked in their country by ISPs or the central government
ID Tech Releases SRED Contactless EMV Reader: Vivopay Kiosk III SRED (AB Newswire) ID TECH, a leading manufacturer of secure payment solutions, mobile payment readers, point of sale peripherals, and digital signage, is proud to announce the release of its newest NFC/Contactless EMV reader, the ViVOpay Kiosk III SRED
New infosec products of the week: January 20, 2017 (Help Net Security) Twistlock 1.7 comes with new runtime defense architecture... Carbon Black releases Cb Response 6.0... New IPsec VPN-Client from HOB... SOTI simplifies unified endpoint management and remote support with MobiControl 13.3... Benchmark third-party cyber risk with CyberGRX
Technologies, Techniques, and Standards
Advancing a standard format for vendors to disclose cybersecurity vulnerabilities (Help Net Security) Technology providers and their customers are joining forces to advance a standard format for vendors to disclose cybersecurity vulnerabilities
Apple’s malware problem is accelerating (Help Net Security) For a long time, one of the most common reasons for buying an Apple computer over a Windows-based one was that the former was less susceptible to viruses and other malware. However, the perceived invulnerability of Macs to all manner of computer nasties may not have any grounding in reality – or at least, not anymore
For the sake of national security, Donald Trump needs to trade in his cellphone (Recode) He’s going to have to give up most of the features that make a smartphone smart
Why Containerisation Matters More Than Ever Before (Infosecurity Magazine) Enterprise mobility has come a long way in the past two decades. When the concept was first coined, it meant giving a select number of staff corporate mobile devices with email access, or possibly going so far as to equip them with a laptop for occasional home or remote usage. Few would have predicted it would ultimately mean staff sat in the office while accessing the corporate network via their personal smartphone, checking their emails while walking from one meeting room to the next, setting up their tablet as a second screen on their desk or uploading documents to their personal cloud to be accessed on their journey home
It’s Game Time (Again) For War Gaming (SIGNAL) The technique is on the rebound as educators prepare digital natives for future conflicts
Design and Innovation
Code Development Still not Seeing Security Involvement (Infosecurity Magazine) Code development should have security built in from the start to avoid headaches further along the line, and tools and processes exist to make this possible
Google Uses Cryptographic Signatures, Prevents NSA Backdoor (The Merkle) Google, the technology company overseen by the US$561 billion parent corporation Alphabet, recently released a document entitled “Google Infrastructure Security Design Overview” to provide an overview of how security measures are implemented into Google’s global scale infrastructure
Why the U.S. needs a Smokey Bear of cybersecurity (CNN Money via NBC2) When it comes to dangerous things, the U.S. government has some pretty clever taglines and mascots
Research and Development
Your Heartbeat Could Be a Better Password Than Whatever You’re Using Now (Motherboard) People are notorious for using very bad passwords, so maybe we should be using our heartbeats to unlock our sensitive data instead
Air Force Investing in Deceptive Cyber Technology (Fifth Domain) Once an adversary successfully enters a network, the name of the game is damage mitigation. And this is why the Air Force is interested in deceptive cyber tools
Legislation, Policy, and Regulation
Russia’s radical new strategy for information warfare (Washington Post) Last February, a top Russian cyber official told a security conference in Moscow that Russia was working on new strategies for the “information arena” that would be equivalent to testing a nuclear bomb and would “allow us to talk to the Americans as equals"
Russia Fears That Trump Won’t Be Such a Great Deal After All (Bloomberg) Top officials fret furor in U.S. over hacking could hurt thaw. Doubts about Trump hints that sanctions could be eased
Chinese Are Masters at Blackmailing – Each Other (Foreign Policy) Chinese spies might not be Russians' equals when it comes to compromising foreigners, but they're masters at the home game
Could Iceland’s Hacker-founded Pirate Party be the Future of Politics? (Panda Security) So, Donald Trump is president of the leading world power. Yes, that really happened. While the jury is still out on the reasons behind the new president’s rise to power, many believe it’s down to a sense of apathy towards left wing politicians, in this case Hillary Clinton and the Democrats, who would otherwise be the traditional harbingers of progress and change
The Current State of Cyber Security in Canada (Duo) The most current Canadian Cyber Security Strategy may be from 2010, but recently the Government of Canada is working toward renewing its approach to cyber security by holding a public consultation to review measures to protect critical infrastructure and Canadians from cyber threats
Outgoing Homeland Security Chief: Cyber Security Has Improved But More Work Remains to Be Done (JD Supra) Following an election season characterized by missing emails, private servers and personal laptops, and amidst pervasive allegations of Russian cybercrimes, outgoing Secretary of Homeland Security Jeh C. Johnson issued an exit memo outlining the cybersecurity strides made by the Department of Homeland Security (DHS) during the Obama administration. Despite acknowledging “tangible progress,” Johnson warned that “more work remains to be done"
Hacking the Army (TechCrunch) Amid fears about political hacking, the Army needs hackers more than ever
Litigation, Investigation, and Law Enforcement
Intercepted Russian Communications Part of Inquiry Into Trump Associates (New York Times) American law enforcement and intelligence agencies are examining intercepted communications and financial transactions as part of a broad investigation into possible links between Russian officials and associates of President-elect Donald J. Trump, including his former campaign chairman Paul Manafort, current and former senior American officials said
Chelsea Manning to Obama: Thanks for ‘giving me a chance’ (The Hill) Former Army soldier Chelsea Manning on Thursday tweeted her gratitude to President Obama after he commuted her prison sentence
Why Obama Made the Wrong Call on Chelsea Manning (Foreign Policy) I do not often disagree with my good friends, the legal sharpshooters over at Lawfare. Ben Wittes, a senior fellow in governance studies at Brookings, Susan Hennessy, also a fellow there, and the other contributors have going the most important conversation anywhere on issues of national security and law. Yet I believe they are overlooking an important national security ramification of their argument in favor of clemency for convicted leaker Chelsea Manning. In particular, they are prejudicing the views of civilian approaches to justice over those of the military, in which Manning was a voluntary participant and by the legal standards of which she has already been treated leniently
Assange seeks to discuss his US extradition with the feds (CSO) Assange offered to be extradited to the US if President Obama granted clemency to WikiLeaks source Manning
Microsoft’s standing to sue over secret US data requests in question (CSO) The company has objected in a lawsuit to unreasonable US government requests for customer data
Mirai botnet creator unmasked: US university student named by security blogger Brian Krebs (Computing) Mirai malware evolved to "promote" a Minecraft protection racket, claims security blogger Brian Krebs
Operator of DDoS protection service named as Mirai author (CyberParse) Krebs says he’s fingered author of epic IoT web assault code
Facebook Banned This Canadian Surveillance Company From Accessing Its Data (Motherboard) A small Canadian company selling social media monitoring tools to police, Media Sonar, was banned from accessing Facebook's data, Motherboard has learned
GDPR is Coming – Penalty Primer (Tripwire: the State of Security) It has been eight months since the Court of Justice for the European Union struck down the 15-year-old Safe Harbor arrangement between the EU and US. At the time, there was a good deal of consternation over the future of EU-US data exchange and just how businesses would continue to operate
That Whole Oculus Lawsuit Hinges on What Makes Code ‘New’ (Wired) What exactly does it mean to steal code? That’s a question at the heart of video game company ZeniMax’s $2 billion lawsuit against Facebook—a suit serious enough that Mark Zuckerberg himself took the stand this week in his company’s defense
Fraud and cyber crime are now the country's most common offences (Telegraph) Online fraud is now the most common crime in the countrywith almost one in ten people falling victim, the latest figures have revealed
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
CyberTech (Beverly Hills, California, USA, Jun 30, 2016) Since 2014, CyberTech has served as one of the largest cyber solutions events around the globe. From Tel Aviv, to Singapore and Toronto, CyberTech is one of the most popular networking events for industry leaders and government decision-makers on cybersecurity, technology, innovation and investment. CyberTech Tel Aviv, the largest cyber solutions event outside of the U.S., features over 12,000 participants annually from over 50 nations, including hundreds of exhibiting companies and startups from around the globe.
SecureWorld Charlotte (Charlotte, North Carolina, USA, Feb 11, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
SecureWorld Boston (Boston, Massachussetts, USA, Mar 29 - 30, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
SecureWorld Philadelphia (King of Prussia, Pennsylvania, USA, Apr 20 - 21, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
SecureWorld Portland (Portland, Oregon, USA, Jun 9, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
SecureWorld Kansas City (Overland Park, Kansas, USA , May 4, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
SecureWorld Houston (Houston, Texas, USA, May 11, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
SecureWorld Atlanta (Atlanta, Georgia, USA , Jun 1 - 2, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
SecureWorld Chicago (Rosemont, Illinois, USA, Jun 7, 2017) Join your fellow security professionals for high-quality, affordable training and education. Attend featured keynotes, panel discussions, and breakout sessions—all while networking with local peers. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry leaders.
SecureWorld Cincinnati (Sharonville, Ohio, USA, Sep 8, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
SecureWorld Detroit (Dearborn, Michigan, USA , Sep 14 - 15, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
SecureWorld St. Louis (St. Louis, Missouri, USA, Oct 18 - 19, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
SecureWorld Denver (Denver, Colorado, USA, Oct 5 - 6, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
SecureWorld Twin Cities (Minneapolis, Minnesota, USA, Oct 12, 2017) Join your fellow security professionals for high-quality, affordable training and education. Attend featured keynotes, panel discussions, and breakout sessions—all while networking with local peers. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry leaders.
SecureWorld Dallas (Plano, Texas, USA , Sep 27 - 28, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
SecureWorld Bay Area (San Jose, California, USA, Oct 27, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
SecureWorld Seattle (Bellevue, Washington, USA, Nov 9 - 10, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
Upcoming Events
SANS Las Vegas 2017 (Las Vegas, Nevada, USA, Jan 23 - 28, 2017) Attend SANS Las Vegas 2017, where SANS will provide outstanding courses in IT security, forensics, and security management presented by the best cybersecurity teachers in the country. At SANS events you get the kind of hands-on, immersion training that you can put to work immediately.
BlueHat IL (Tel Aviv, Israel, Jan 24 - 25, 2017) Announcing BlueHat IL – a special edition of Microsoft's leading cyber security conference for top professionals, to be held for the very first time in Tel Aviv, Israel. Over the past 10 years, BlueHat conferences have drawn the brightest minds in security to discuss key industry challenges. And now, BlueHat IL is here to crank it up by exploring and creating new cyber security thoughts and boundaries. This exclusive, by invitation only, single track event will host top cyber security professionals from around the world, who will come together to tackle the present and peek into the future. It will feature brilliant speakers and focus on breakthrough research, key trends and emerging threats in the field. Registration closes December 28.
SANS Cyber Threat Intelligence Summit & Training 2017 (Arlington, Virginia, USA, Jan 25 - Feb 1, 2017) Join SANS at this innovative Summit as we focus on enabling organizations to build effective cyber threat intelligence analysis capabilities. Most organizations are familiar with threat intelligence, but have no real concept of how to create and produce proper intelligence. The 2017 Summit will focus on specific analysis techniques and capabilities that can be used to properly create and maintain Cyber Threat Intelligence in your organization. Attend this summit to learn and discuss directly with the experts who are doing the CTI analysis in their organizations. What you learn will help you detect and respond to all ranges of adversaries including some of the most sophisticated threats targeting your networks
Blockchain Protocol and Security Engineering (Stanford, California, USA, Jan 26 - 27, 2017) This conference will explore the use of formal methods, empirical analysis, and risk modeling to better understand security and systemic risk in blockchain protocols. The conference aims to foster multidisciplinary collaboration among practitioners and researchers in blockchain protocols, distributed systems, cryptography, computer security, and risk management.
National Credit Union - Information Sharing & Analysis Organization - 2017 Tech Conference (Cape Canaveral, Florida, USA, Jan 31 - Feb 2, 2017) Join us for three days of Cyber Security topics that are pertinent to Credit Union cyber resilience, real-time security situational awareness information sharing, and coordinated response in the global credit union community! Protecting the Credit Union’s global infrastructure to sustain cyber resilience requires an unprecedented level of public- and private-sector cooperation, collaboration and coordination and includes access to the real-time availability of proactive “actionable” threat intelligence; analysis of potential impacts; coordinated countermeasure solutions and response; cybersecurity best practice adoption and role-based workforce education.
Southern Virginia - Cyber Security Lunch & Learn (Norfolk, Virginia, USA, Feb 2, 2017) Cyber security experts discuss security incident response. Dealing with cyber security risk is an exercise in managing daily chaos. Organizations know they need to improve their posture but common roadblocks often get in the way. Join us for lunch and an action-oriented discussion about ways you can improve your security incident response program in 2017. The conversation will be led by certified SANS instructor Alissa Torres, and Rsam CISO Bryan Timmerman. Attend and earn CPE credits towards your ISACA and (ISC)2 certifications.
Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, Aug 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained over one hundred fifty organizations and has become the "go-to company" for Insider Threat Program Development Training.
The Risks and Benefits of Artificial Intelligence and Robotics (Cambridge, England, UK, Feb 6 - 7, 2017) The Risks and Benefits of Artificial Intelligence and Robotics Workshop aims to provide media and security professionals with an in-depth understanding of the implications that the rapid advancement of AI technology may affect the global community in both the physical and structural spheres and the potential impact of the future evolution of such technology, especially in terms of security. Emphasis will be given to the way in which AI and autonomous robotics can be represented and communicated in the media.
SANS Southern California - Anaheim 2017 (Anaheim, California, USA, Feb 6 - 11, 2017) Learn practical, relevant tips and techniques from industry leaders. Join us for SANS Southern California - Anaheim 2017, and choose from eight courses on cyber defense, penetration testing, incident response, threat hunting, ethical hacking, IT management and ICS/SCADA security. Some of our courses are in alignment with DoD Directive 8570 requirements for Baseline IA Certifications, and most courses have GIAC Certification attempts available. Take advantage of this opportunity to sharpen your skills and advance your career.
Workplace Violence & Response To Active Shooter Events Meeting (Laurel, Maryland, USA, Feb 9, 2017) The National Insider Threat Special Interest Group (NITSIG) will be hosting a meeting on February 9, 2017, at the Johns Hopkins University Applied Physics Laboratory, Laurel, MD. The meeting will be exclusively focused on workplace violence and responding to an active shooter event. Presenters include experts from the Occupational Safety and Health Administration (OSHA), and the Maryland State Police. It's free to attend. Prominent among the topics to be discussed will be threats directed from the Internet.
RSA Conference 2017 (San Francisco, California, USA, Feb 13 - 17, 2017) The current state of cybersecurity means there are many opportunities for the industry as a whole to collaborate on new innovations. Discovering the next great opportunity will require everyone to embrace new and unique perspectives from a broadly diverse base of people and sources. RSA Conference 2017 provides the opportunity for all attendees at all levels to grow their knowledge, exchange ideas with peers and further their careers. With opportunity comes great responsibility for the future. Our actions today will have a lasting impact on the strength of the industry—and the safety of the world—tomorrow. At RSA Conference 2017, you will learn about new approaches to info security, discover the latest technology and interact with top security leaders and pioneers. Hands-on sessions, keynotes and informal gatherings allow you to tap into a smart, forward-thinking global community that will inspire and empower you.
Using STIX/TAXII to share automated cyber threat data (San Francisco, California, USA, Feb 15, 2017) Cybersecurity experts representing the financial sector, healthcare, utilities, software providers, government, academia and nonprofits continue to define/develop the STIX/TAXII specifications as the solid foundation for standardizing threat information. This large group of public and private sector organizations and companies are working together to advance the STIX/TAXII specifications in the OASIS Cyber Threat Intelligence Technical Committee. These specs have already dramatically streamlined the analysis of threat data. We invite cybersecurity experts and decision makers to be part of the conversation.
Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, Aug 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained over one hundred fifty organizations and has become the "go-to company" for Insider Threat Program Development Training.
SANS Dallas 2017 (Dallas, Texas, USA, Feb 27 - Mar 4, 2017) We are pleased to invite you to attend SANS Dallas 2017, on February 27- March 4 at The Westin Dallas Downtown, located in the heart of the city. We have selected several of our top information security courses to provide you with the training and certification that you need to boost your career by learning from the best! SANS instructors are industry professionals who will ensure that you not only learn the material, but that you will also be able to apply what you learn your first day back in the office.
Autonomous Vehicles Silicon Valley (Santa Clara, California, USA, Feb 28 - Mar 2, 2017) The road to autonomy: Regulation. Consumer Acceptance. Safety & Security. Explore the latest technologies and hottest issues for the autonomous vehicles industry.