The CyberWire Daily Briefing 7.10.17

Summary

By The CyberWire Staff

US warnings over probes of electrical power facilities name Russia as the source of the incidents. The probes themselves seem not to have reached operating as opposed to business networks, and both authorities and utilities say there's no immediate danger to either public safety or power distribution, but the involvement of at least one nuclear plant (Wolf Creek, in Kansas) has spooked the media. The warnings were raised by the FBI and the Department of Homeland Security; the Department of Energy is providing security assistance to threatened operators.

Connection of NotPetya to Russian groups generally thought responsible for attacks on Ukraine's power grid gives added point to the FBI and DHS warnings. As recovery from NotPetya continues, observers give authorities in the US and Europe generally high marks for their response, but warn it might be harder next time. And the costs exacted by NotPetya remains unknown, but it's thought they'll be high.

Copycat and Spydealer malware are infesting the Android ecosystem.

The World Wide Web Consortium (W3C) announced it will promote the Encrypted Media Extensions (EME) as the standard for digital streaming. The decision is controversial: opponents say concerns about consumer protection weren't considered.

A brief bit of Russo-American cyber-comity at the G20 meetings proved a very false dawn. President Trump's noises on Twitter yesterday about possible cybersecurity collaboration between two countries were swiftly amended to, effectively, nice-idea-won't-happen. Whatever Foreign Minister Lavrov might say, the US continues to hold Russia responsible for hacking and influence operations during 2016's elections.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, Austria, Canada, China, Germany, India, Israel, Democratic Peoples Republic of Korea, New Zealand, Oman, Russia, Singapore, Ukraine, United Kingdom, and United States.

On the Podcast

In today's podcast, we hear from our partners at the University of Maryland's Center for Health and Homeland Security, as Ben Yelin discusses legislation covering automated capture of license plate information.

Sponsored Events

Deep Instinct at Black Hat (Las Vegas, Nevada, USA, July 22 - 27, 2017) Meet us at Black Hat USA 2017. Visit booth #873. Book a meeting.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

U.S. officials say Russian government hackers have penetrated energy and nuclear company business networks (Washington Post) The NSA has detected malicious cyber-based activity by Russia’s FSB spy agency, U.S. officials said.

Russian hackers 'breached US power plants' (The Independent) Hackers working for a foreign government recently breached at least a dozen US power plants, including the Wolf Creek nuclear facility in Kansas, according to current and former US officials, sparking concerns the attackers were searching for vulnerabilities in the electrical grid.

Did the Russians orchestrate a cyber-attack on a nuclear plant? (NBC News) Hackers targeted a dozen facilities, including the Wolf Creek nuclear plant in Kansas.

U.S. Energy Department helping power firms defend against cyber attacks (Reuters) The U.S. Department of Energy said on Friday it is helping U.S. firms defend against a hacking campaign that targeted power companies including at least one nuclear plant, saying the attacks have not impacted electricity generation or the grid.

Experts Blame Russia For NotPetya Cyberattack (PYMNTS.com) Experts are saying that the complexity and scale of the latest global cyberattack point to a hostile government, not a criminal group, as the originator of the attack. And many of them have an educated guess about who it was: Russia. On June 27, the hostile software — dubbed “NotPetya” after initial reports misidentified it as […]

Petya victims given hope by researchers (BBC News) A team claims to have found a way of decrypting some files damaged in the recent cyber-attack.

Organisations count the cost of Petya as the storm abates (Naked Security) So what happened? 10 days after the outbreak, some of the strands of the Petya outbreak are coming together – but there’s still plenty we don’t know

Next cyber-attack could cost insurers $2.5 billion (The Economic Times) Cybercrime insurers largely avoided costly claims from the recent attacks that hit businesses around the globe. The next global virus could change that.

Cyber attack victims Maersk and TNT find ways to keep customers' cargo moving (Load Star) Maersk, APM Terminals and TNT are working hard to get their operations back on track as they enter the third day of the Petya cyber attack.

Report: 44% of ocean carriers show 'cyber weakness' (American Shipper) Maersk Line and parcel carrier TNT Express are just now getting major functions back online after last week's massive cyber attack, compounding a systematic problem that needs to be addressed immediately, according to SeaIntel's Lars Jensen.

Shipping must learn from Maersk cyber attack – tighten security or be next, warning (Load Star) The shipping industry must learn from last week’s cyber attack on Maersk, say analysts, and the line’s chief commercial officer, Vincent Clerc, said the line would “have to ask ourselves some tough questions”.

Washington responded well to WannaCry and Petya, but don't celebrate yet (Washington Examiner) The federal government's response to recent cyber attacks earned positive reviews, but those incidents still showed the need for more coordi...

Kaspersky raps hacking group Lazarus for recent ATM attacks (The Economic Times) Kaspersky and other security firms had also linked the WannaCry ransomware attacks to the Lazarus group, in which hackers demanded ransom in Bitcoins.

OSX Malware Linked to Operation Emmental Hijacks User Network Traffic (TrendLabs Security Intelligence Blog) We recently discovered a new malware that showcases sophisticated features such as certificate abuse and security software evasion that affects machines using Apple’s OSX operating system. This malware, which specifically targets Swiss banking users, uses a phishing campaign to drop its payload, which eventually results in the hijacking of a user’s network traffic using a Man-in-the- Middle (MitM) attack. OSX_DOK.C seems to be another version of WERDLOD, which is a malware that was used during the Operation Emmental campaigns.

'CopyCat' Malware Infected 14 Million Google Android Devices (Apps for PC Daily) The researchers define CopyCat as "a fully developed malware with vast capabilities, including rooting devices, establishing persistency, and injecting code into the Zygote", which is a primary Android app launching process.

Highly Advanced SpyDealer Malware Can Root One in Four Android Devices (BleepingComputer) Security experts have discovered a brand new Android trojan that features a broad range of features that allow it to root Android devices, steal data from over 40 apps, and geo-track phone owners.

Broadpwn Bug Affects Millions of Android and iOS Devices (BleepingComputer) Broadcom Wi-Fi chips embedded in Android and iOS devices are vulnerable to a bug that allows an attacker to execute code on their devices, without any interaction needed from the user.

Jahoodists misspell to cloak interactions from state surveillance (SC Media) A new report has revealed the tricks IS sympathisers use to avoid automated law enforcement surveillance software.

ISIS, Despite Heavy Losses, Still Inspires Global Attacks (New York Times) The Islamic State’s territory-building project is crumbling, but it still has an international reach and an ideology that motivates attackers around the world.

Wi-Fi on planes: Are cyber-security fears tough to tackle? (The Economic Times) For in-flight Wi-Fi, Honeywell's satellite communications hardware is fitted on the aircraft so it can receive true broadband class connectivity via Inmarsat satellites.

IoT Physical Attack Exploit to be Revealed at Black Hat (Dark Reading) Security researcher Billy Rios plans to demonstrate how an exploit can cause an IoT device to launch a physical attack against a human.

ASIC impersonated in "largest-scale" Australian malware outbreak in past year": MailGuard (CRN Australia) Fourth malware attack targeting ASIC this year.

Self-Service Food Kiosk Vendor Avanti Hacked (KrebsOnSecurity) Avanti Markets, a company whose self-service payment kiosks sit beside shelves of snacks and drinks in thousands of corporate breakrooms across America, has suffered of breach of its internal networks in which hackers were able to push malicious software out to those payment devices, the company has acknowledged. The breach may have jeopardized customer credit card accounts as well as biometric data, Avanti warned.

Hard Rock, Loews Hotels Among Sabre Corp Hospitality Breach Victims (Threatpost | The first stop for security news) Victims of Sabre Corp’s SynXis reservation system breach reportedly include both the Hard Rock Hotel and Casino chain and the Loews Hotel chain.

Cinema Chain B&B Suffers Suspected Two-Year Car Breach (Infosecurity Magazine) Cinema Chain B&B Suffers Suspected Two-Year Car Breach. Company was reportedly tipped off by banking partner

Security Patches, Mitigations, and Software Updates

Security concerns: What you need to know before you update your Snapchat (Fox 54) The infamous dog filter, flower crowns, and other features are what make Snapchat truly unique.

Microsoft to Windows Home Server Users: Upgrade for Security's Sake (eWEEK) Microsoft has stopped supporting Windows Home Server 2011 and urges users to migrate to Windows Server Essentials for improved security.

Microsoft Pivots Windows 10 Toward Security: Revisiting a Near Catastrophic Mistake (IT Business Edge) Security isn’t fun. There is no better way to say this. I don’t care if you are working as a security guard, bodyguard, or defending against cyberattacks, the job is mostly dreadfully dull and when it gets exciting it is likely because you’ve screwed up or are in the wrong place at the wrong time.

Cyber Trends

New reality of ransomware attacks spikes FUD in cybersecurity (CSO Online) Cyber attacks and ransomware are in the news, raising fear of a digital Pearl Harbor.

The World May Be Headed for a Fragmented ‘Splinternet’ (WIRED) In Germany, Canada, Austria, and elsewhere in the world, tech companies are being ordered to remove online content globally. Here's why that's troubling.

Kaspersky Lab chief urges global assault on hackers (Australian Business Review) The man who runs the global internet security firm under fire from US authorities over claims of cyber-espionage says governments across the world must urgently launch a co-ordinated effort to crack down on state-sponsored hackers.

UK executives badly informed about where data is stored compared to other countries (Help Net Security) When it comes to data compliance matters, 1 in 5 UK business decision makers do not know which compliance regulations their company is subject to.

Marketplace

Cybersecurity stocks rally as global hackings start to impact corporate bottom lines (CNBC) Cyber attacks are ramping up, and it looks like they're only going to get worse as more companies shift to the cloud.

Mach37 management shakeup ousts Rick Gordon and others (Washington Business Journal) Mach37's Rick Gordon, Dan Woolley and Bob Stratton are no longer at the Herndon cybersecurity accelerator, part of what its parent, the Center for Innovative Technology, is calling a “modification to the management structure.”

CIT Announces Leadership Transition at MACH37 Cyber Accelerator (Globe Newswire) Tom Weithman named President, Company adds industry veterans Mary Beth Borgwing and Jason Chen

Raytheon again selected to provide cyber security technologies for DHS (Jane's IHS) The US Department of Homeland Security (DHS) has awarded Raytheon a one year contract with four option years to provide cyber security capabilities to enhance the resiliency of United States' federal government computer networks.

Will Raytheon Abandon Cybersecurity? (Madison.com) Two years ago, I critiqued Raytheon's (NYSE: RTN) decision to more than triple the size of its cybersecurity business -- at a very high price -- by buying Websense. Two

Cisco Through The Looking-Glass Of Meta-Vision (Seeking Alpha) The ITC decision ratchets competition - recent '944 ITC ruling in favor of Arista will further impact near-term networking revenue growth. The FTC decision puts

5 Signs You Should Sell Palo Alto Networks (The Motley Fool) Avoid this cybersecurity play until its sales stabilize, losses narrow, and valuations cool down.

API Security Startup Elastic Beam Uses AI to Block Attacks (SDxCentral) API security startup Elastic Beam launched its flagship product, an artificial-intelligence powered software platform that blocks attacks.

Cybersecurity firm Edge Networks works to keep computer systems stable (The Columbian) The computer screens on the walls of Edge Networks paint a picture of an industry’s ongoing battles.

CACI wins task order to provide Navy with information assurance (Defense Systems) CACI’s information assurance upgrade is designed to strengthen cyber defense services for critical infrastructure systems.

CA Technologies Named an Overall Leader in Privilege Management for Fourth Consecutive Year (CA Technologies) CA Technologies today announced it has been named an “Overall Leader” in Privilege Management in this year’s Leadership Compass report issued by KuppingerCole, a leading analyst firm for identity-focused information security.

CrowdStrike Appoints Matthew Polly as Vice President of Worldwide Business Development and Channels (BusinessWire) CrowdStrike® Inc., the leader in cloud-delivered endpoint protection, today announced the appointment of Matthew Polly as vice president of Worldw

Products, Services, and Solutions

Kaspersky DDoS Protection Connect helps small and medium businesses thwart cyber threats (Windows Report - Windows 10 and Microsoft News, How-to Tips) Kaspersky's new DDoS Protection Connect is a DDoS protection suite for small and medium businesses. The DDoS Protection Connect is not only affordable but relatively easy to install and use.

Review: Acunetix 11 (Help Net Security) This Acunetix 11 review takes a deep look at a web vulnerability scanner that includes SQL injection and XSS black box scanning technology.

New Forcepoint Cloud Security, NGFW and Cross Domain Solutions Enhance Government IT Modernization and Security Capabilities (PRNewswire) Global cybersecurity leader Forcepoint today announced new enhancements...

Technologies, Techniques, and Standards

W3C Brazenly Ignores All Critics and Approves Browser DRM Standard (BleepingComputer) The World Wide Web Consortium (W3C) has announced this past week it's intention to promote the Encrypted Media Extensions (EME) draft as an official standard in the upcoming future.

Amid Unprecedented Controversy, W3C Greenlights DRM for the Web (Electronic Frontier Foundation) Early today, the World Wide Web Consortium (W3C) standards body publicly announced its intention to publish Encrypted Media Extensions (EME)—a DRM standard for web video—with no safeguards whatsoever for accessibility, security research or competition, despite an unprecedented internal controversy...

Tim Berners-Lee approves Web DRM, but W3C member organizations have two weeks to appeal (Defective by Design) Yesterday Tim Berners-Lee, the chief arbiter of Web standards, approved the controversial proposed Digital Restrictions Management (DRM) standard for the Web, Encrypted Media Extensions (EME).

The W3C has overruled members' objections and will publish its DRM for videos (Boing Boing) The W3C has overruled members' objections and will publish its DRM for videos

What is the CVE and how does it work? (CSO Online) The Common Vulnerabilities and Exposures (CVE) Program has been cataloging software and firmware vulnerabilities for 18 years. Here’s how it can help you secure your company’s network.

Closing the CVE gap: Is MITRE up to it? (CSO Online) Critics say the The Common Vulnerabilities and Exposures (CVE) program, managed by MITRE, is falling far behind in its mission to catalog and identify all known vulnerabilities. Its defenders say a new model is closing that gap.

Malware Round Two: EU's Cybersecurity Champ Defends Bloc via Information Sharing (Bloomberg BNA) A massive international cyberattack centered in Europe begins disrupting major companies. Sound familiar? It does to the European Union’s cybersecurity defense agency since they have now battled dramatic malware attacks twice in last two months—first with WannaCry and then with Petya.

Embrace 'consequence-based engineering' before the next WannaCry or Petya attack (Healthcare IT News) As attack surfaces become more common across various industries, the fact that this tactic has already worked elsewhere means hospitals can use the best practice too.

U.S. Cyber Command conducts mock attacks to prepare for the digital battlefield of the future | SOFREP (SOFREP) Although modern warfare can be every bit as brutal as the battles Americans have fought in the past, a new combat domain is rapidly becoming the focus of m

RSA’s Tran: Agencies must speed up the detection-response cycle (FederalNewsRadio.com) RSA's Peter Tran takes what he calls an edgier view of cybersecurity.

Your anti-virus software is not enough (Popular Science) As cyber-security gets more complicated, you should be taking more steps to protect yourself.

How I learned to stop worrying (mostly) and love my threat model (Ars Technica) Reducing privacy and security risks starts with knowing what the threats really are.

Adversary hunting with SOF-ELK (SANS Internet Storm Center) As we recently celebrated Independence Day in the U.S., I'm reminded that we honor what was, of course, an armed conflict. Today's realities, when we think about conflict, are quite different than the days of lining troops up across the field from each other, loading muskets, and flinging balls of lead into the fray.

The Jester Dynamic: A Lesson in Asymmetric Unmanaged Cyber Warfare (SANS Institute InfoSec Reading Room) Sophisticated and complex to implement, long-term cyber attacks are often considered the work of intelligent agencies and crime syndicates. However, the oversight and bureaucracy that comes from such management often hinders the ultimate lethality of the attack. In this paper, we will examine the significant impact a lone-wolf patriot hacker has had over the course of the last two years, and what important lessons we can learn from him on how to wage a successful fight in this domain.

For Phishing Protection, Rely on More than Users (Infosecurity Magazine) If we are “down to people” to protect against phishing and ransomware, we should just give up the fight.

Creating the Right Perception for Security Awareness Training (Infosecurity Magazine) “Just-in-time” security training can certainly help the individual, but what message is being sent to that employee?

Design and Innovation

DJI Is Locking Down Its Drones Against a Growing Army of DIY Hackers (Motherboard) Drone hackers have forced DJI into an arms race.

Google is funding the creation of software that writes local news stories (TechCrunch) Google’s Digital News Initiative has committed £622,000 ($805,000) to fund an automated news writing initiative for UK-based news agency, The Press..

Fake news is a war effort humans need to lead (TechCrunch) Of all the challenges we face in 2017 and beyond, “fake news” has certainly made its way to the top of the list. Can technology solve this issue head-on?..

We Investigated the Conspiracy Theory That r/conspiracy Is Hiding Something (Motherboard) Why did the subreddit decide to ban CNN articles?

Research and Development

IARPA to Brief Proposers on Distributed App Security Project (ExecutiveBiz) The Intelligence Advanced Research Projects Activity will hold a conference on July 26 to provide information on a new agency program that aims to help developers and architects use cryptographic techniques to build distributed applications. IARPA said the conference will take place in Washington and will field inquiries from potential vendors on the Homomorphic Encryption Computing...

Legislation, Policy and Regulation

The Spies of the 'Five Eyes' Need to Speed Up Intel-Sharing (Defense One) Nations must speed the dissemination of information to enable real-time responses and counter disabling cyber threats.

Trump Backs Off Cybersecurity Plan With Putin After Criticism From Own Party (RadioFreeEurope/RadioLiberty) U.S. President Donald Trump late on July 9 stepped back from his proposal to work with Russian President Vladimir Putin to establish a cybersecurity unit to prevent hacking and election meddling after he received blistering criticism from his own party

Trump backtracks on U.S.-Russia cyber unit, says it cannot happen (Reuters) U.S. President Donald Trump on Sunday backtracked on his push for a cyber security unit with Russia, tweeting that he did not think it could happen, only hours after promoting it following his talks with Russian President Vladimir Putin.

Trump beats hasty retreat on Russia cyber security plan (CRN Australia) President announces Putin partnership then backtracks after friendly fire.

Trump: US must work with Russia, move past election issues (Military Times) President Donald Trump said Sunday that "it is time to move forward in working constructively with Russia" after his lengthy meeting with Russian President Vladimir Putin in Germany. But he is still avoiding the question of whether he accepts Putin's denial that Russia was responsible for meddling in the 2016 election.

Trump discussed forming “impenetrable” cyber security unit with Russia (TechCrunch) In a series of tweets on Sunday, U.S. President Trump recapped his lengthy meeting with Russian President Vladimir Putin on Friday. Apparently, the two world..

Trump says discussed forming cyber security unit with Putin (Reuters) U.S. President Donald Trump said on Twitter on Sunday that he discussed forming a cyber security unit to guard against election hacking with Russian President Vladimir Putin.

Trump, Putin discuss working together on cyber issues (TheHill) "This is like giving the alarm code to the guys who just burglarized your home," Dem says.

'This implicates us in their propaganda': The US just made a striking concession to the Kremlin (Business Insider) The US could inadvertently be furthering Russia's disinformation campaign.

Marco Rubio slams Trump's proposed Russia cybersecurity partnership: Putin 'will never be a trusted ally' (Washington Examiner) Trump proposed forming a 'impenetrable Cyber Security unit' with the Kremlin.

Republicans deride Trump's idea for cyber security unit with Russia (Reuters) U.S. President Donald Trump said on Sunday he and Russia's president had discussed forming a cyber security unit, an idea harshly criticized by Republicans who said Moscow could not be trusted after its alleged meddling in the 2016 U.S. election.

5 Takeaways From the ‘Very Robust,’ 2-Hour Meeting Between Trump and Putin (Foreign Policy) Clarity on Trump's stance on electoral meddling in the 2016 elections is not one of them.

State election officials worry about 2018 election security (News 12 Long Island) State election officials voiced doubt Saturday that adequate security measures can be adopted before 2018 elections to safeguard against the possibility of a foreign government interfering in...

Opinion | Combating a Real Threat to Election Integrity (New York Times) States can take steps to make voting systems more secure from hackers.

Ex-GCHQ Boss: Encryption Backdoors Are a Threat to All (Infosecurity Magazine) Ex-GCHQ Boss: Encryption Backdoors Are a Threat to All. Robert Hannigan says governments need to work in different ways with tech companies

The time is now for a public debate over cryptography policy (ZDNet) Experts, not just politicians, need to be at the table.

Spotify, Google, Tons of Other Companies Will Protest to Save Net Neutrality (Motherboard) The tech giants join Spotify, Reddit, Amazon, and the porn industry in next week's protest.

Singapore unveils first look at new cybersecurity laws (ZDNet) Government says proposed cybersecurity legislations were necessary to take proactive measures to safeguard the country's critical infrastructures and include licensing selected cybersecurity vendors.

Web guardians to repel Oman cyber attacks (Times of Oman) An online army of web guardians is being trained to repel attacks against Oman.

Web constables, SIs to keep hackers off AP net (The Pioneer) Known for its techies globally, but still hit by cyber ransomware viruses like WannaCry back home, Andhra Pradesh has decided to take the hacking menace head on. Citizens with specified

Litigation, Investigation, and Enforcement

Haley: 'Everybody knows that Russia meddled in our elections' (POLITICO) Haley said that Trump brought up Russian meddling early on in his meeting with Russian President Vladimir Putin on Friday, telling him to "cut it out."

Tillerson Says Russia Must Restore Ukraine Territory, or Sanctions Stay (New York Times) The secretary of state, on a visit to Kiev, appeared to set the same high bar for sanctions relief that the Obama administration did.

Trump accepts we didn’t mess with election, claim Russians (Times (London)) Donald Trump has accepted President Putin’s claims that the Kremlin did not meddle in last year’s US elections, according to Russia’s foreign minister. President Trump challenged Mr Putin over the...

Maddow warns other media of fake NSA documents (TheHill) The MSNBC host received documents on Russia that she believes were fake.

Hacked DNC servers: Will government ever be given access? (Fox News) As President Trump reportedly questions Russian President Vladimir Putin on alleged Russian interference in the U.S. election, there is a growing focus on a different, as-yet-unanswered question: Where are the Democratic National Committee servers that were allegedly breached by Russian hackers, and has anyone in the government been able to look at them?

Trump Is Less Convinced About Russian Hacking Than His Intelligence Chiefs (NPR.org) The president continues to hedge on whether he believes Russia meddled in the 2016 elections, despite evidence that Russia did interfere and testimony from the intelligence officials he chose.

Donald Trump intimates talked 'adoption' with Kremlin-linked lawyer (Deutsche Welle) US President Donald Trump's son, son-in-law and campaign chairman met with a Kremlin-linked lawyer last June, media report. The meeting occurred shortly after Trump won the 2016 Republican presidential nomination.

Trump’s Son Met With Russian Lawyer After Being Promised Damaging Information on Clinton (New York Times) Donald Trump Jr. is said to have arranged the meeting with the Kremlin-linked lawyer during the campaign after he was told he would be provided with details about Hillary Clinton.

Dvorak pushes Indiana election official for Russian hacking information (South Bend Tribune) Secretary of State Lawson offers meeting

Kaspersky backs Google, Apple's privacy stance (The Sydney Morning Herald) Eugene Kaspersky, the colourful Russian cyber security executive, says technology companies must respect the individual's privacy and products should not be made to be broken.

Waymo drops most patent claims in Uber self-driving car lawsuit (TechCrunch) There were a few big breaks in the case between Waymo and Uber over self-driving car technology today. As a result, the scope of the case is starting to come..

Audi manager charged in diesel scandal (Ars Technica) The 2015 Volkswagen diesel scandal continues, now with more subterfuge.

Banks Deploy AI to Cut Off Terrorists’ Funding (WIRED) Computers are better than humans are recognizing small patterns.

AI Is Making It Extremely Easy for Students to Cheat | Backchannel (WIRED) Teachers are being forced to adapt to new tools that execute homework perfectly.

Prisoner Uses Drones and Cell Phones to Escape (HackRead) Jimmy Causey, a 46-year-old inmate, captured for kidnapping a lawyer, escaped from the South Carolina prison using some sophisticated technology setup that

The Latest: SC governor demands prison cellphone jamming (KLTV) South Carolina's governor is demanding that federal officials allow state prisons to jam cellphone signals to keep the state's prisons safer.

Investor Claims Oracle Wanted To Acquire Palantir (Realist Investor) Marc Abramowitz, an investor in Palantir, told a court on Wednesday that Oracle Corp had held discussions last year with a view to acquiring the data analytics firm.

Cybersleuth Investigations Works to Educate and Assist Victims of Online Sextortion (PRNewswire) Last week, reality star, Rob Kardashian's ex-girlfriend, Blac Chyna,...

Sorry, But You Need to Care About Blac Chyna and Rob Kardashian (WIRED) Like it or not, the Kardashians set standards for social media behavior. Rob Kardashian's might just be illegal.

Man stole bitcoin by phishing individuals on the dark web (Help Net Security) Michael Richo went dark web phishing, and stole bitcoin from people involved in illegal deals through dark web marketplaces.

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

CyberSecurity International Symposium (Chcago, Illinois, USA, July 10 - 11, 2017) The Symposium will take an in-depth look at the latest cyber security threats and trends, as well as real-world strategies for securing critical networks and data in enterprise, commercial, government and industrial environments. The event will bring together several hundred industry practitioners, researchers, regulators and solution providers for two days of in-depth, focused networking and information sharing at the cutting edge of cyber security. Many leading companies in the sector will be presenting.

East Midlands Cyber Security Conference and Expo (Leicester, England, UK, July 11, 2017) The conference and expo will bring together over 150 businesses, information security providers and key influencers to discuss the threats posed by online criminals and the practical ways in which business make themselves more resilient to cybercrime. Core themes will include: the evolving cyber threat; cyber resilience in the supply chain; and essential cyber skills.

Electronic Warfare Olympics & Symposium (Colorado Springs, Colorado, USA, July 13 - 14, 2017) The 2017 Electronic Warfare Olympics & Symposium will improve the capability, and marketability, of spectrum warriors by building the local EW/IO community. and bringing awareness to the capabilities in the region. The event will consist of speakers, government and industry exhibits, and Electronic Warfare Olympics.

3rd Edition CISO Summit India 2017 (Mumbai, India, July 14, 2017) Cyber security has gone through a tremendous change over the last couple of months. Ecosystem disruptions like demonetization, emergence of payment banks and fintech play have put technology as the sine qua non and a savior for banks. But gifts are bundled often with miseries. While technology works as a catalyst for scale and speed, security unpreparedness could play a spoilsport.

CYBERCamp2017 (Herndon, Virginia, USA, July 17 - 28, 2017) Always wondered what “cyber attacks” really are? How a special group of cyber warriors protect and defend our banks, stores, and electric plants every second? Join experts from the FBI and the foremost companies in the nation for an interactive #CYBERcamp in the National Capital Region. Cyber Camp 2017 is a summer camp in which students will have the opportunity to learn about various aspects of cyber security. Students will also gain practical skills through instruction by experienced security and information technology (IT) professionals, and hands-on exercises. The camp is divided into two 1-week segments:

National Insider Threat Special Interest Group - Insider Threat Symposium & Expo (Laurel, Maryland, USA, July 18, 2017) The National Insider Threat Special Interest Group (NITSIG) is excited to announce that it will hold a 1 day Insider Threat Symposium & Expo (ITS&E), on July 18, 2017, at the Johns Hopkins University Applied Physics Laboratory, (JHU-APL) in Laurel, Maryland. This is a MUST ATTEND event if you are involved in Insider Threat Program Management or are interested in Employee Threat Identification and Mitigation.

2nd Annual Billington Automotive Cybersecurity Summit (Detroit, Michigan, USA, July 18, 2017) The 2017 Billington Automotive Cybersecurity summit will build on the 2016 inaugural summit that brought together a who’s who of speakers including the CEO of GM and the Secretary of Transportation, prestigious media coverage from The New York Times and The Wall Street Journal and some 500 attendees. NOTE: Attendees must be citizens of U.S. or allied nations to attend this event.

SANSFIRE 2017 (Washington, DC, USA, July 22 - 29, 2017) Now is the time to advance your career and develop skills to better protect your organization. At SANSFIRE 2017, choose from over 45 hands-on, immersion-style security training courses taught by real-world practitioners. The site of SANSFIRE 2017 (July 22-29) is Washington Marriott Wardman Park.

ISSA CISO Executive Forum: Security Awareness and Training--Enlisting your entire workforce into your security team (Las Vegas, Nevada, USA, July 23 - 24, 2017) The gap in Security skills in the workforce have put the pinch on Security teams. Join us to learn how to get lean by empowering the rest of your organization to understand and manage security risks. We’ll cover secure-by-design concepts inherent in DevSecOps, effective training and awareness practices, and how to lead organizational change management to embed security into your company’s DNA.

AFA CyberCamp (Pittsburgh, Pennsylvania, USA, July 24 - 28, 2017) The AFA CyberCamp program is designed to excite students new to cybersecurity about STEM career opportunities and teach them important cyber defense skills through hands-on instruction and activities. Through the camp, students will learn how to protect their personal devices and information from outside threats, as well as how to harden entire networks running Windows 7 and Ubuntu operating systems. The AFA CyberCamp will culminate in an exciting final team competition that simulates real cybersecurity situations faced by industry professionals and mimics AFA’s CyberPatriot National Youth Cyber Defense Competition.

BSides Las Vegas (Las Vegas, Nevada, USA, July 25 - 26, 2017) BSides Las Vegas isn’t another “talk at you” conference. Everyone at BSides is a participant. Track after track, year after year, the security researchers, engineers, analysts and managers that present at BSidesLV are looking to engage our participants and be engaged by them. Our presenters don’t talk at you, they converse with you.

Cross Domain Support Element Summer Workshop 2017 (Laurel, Maryland, USA, July 25 - 26, 2017) The Unified Cross Domain Services Management Office (UCDSMO) is presenting a two-day workshop for the benefit of the Cross Domain Support Element (CDSE) Offices, and the personnel who support them. Topics will include an update to the Capabilities Portfolio, Baseline and Sunset Lists, the UCDSMO SharePoint sites, Labs and Lab Testing, updates on the CDS Overlays and the Cross Domain Risk Management process.

Black Hat USA 2017 (Las Vegas, Nevada, USA, July 26 - 27, 2017) Now in its 20th year, Black Hat is the world’s leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2017 kicks off with four days of technical Trainings (July 22-25) followed by the two-day main conference (July 26-27) featuring Briefings, Arsenal, Business Hall, and more.

RSA Conference 2017 Asia Pacific & Japan (Singapore, July 26 - 28, 2017) RSA Conference 2017 Asia Pacific & Japan is the leading information security event in the region. Join us for three days of high quality education, engaging content and valuable networking. Get exposure to innovative technologies and leadership that will help secure your organization and your future.

DEF CON 25 (Las Vegas, Nevada, USA, July 27 - 30, 2017) You know how we know it’s almost DEF CON? The Southwest is having a heat wave, that ancient tweet about the Feds (allegedly) not appreciating the ‘Spot the Fed’ contest is back and the interwebz are buzzing with burner phone chat.

North American International Cyber Summit (Detroit, Michigan, USA, July 30, 2017) In its sixth year, the cyber summit brings together experts from across the globe to address a variety of cybersecurity issues impacting the world of business, education, information technology, economic development, law enforcement and personal use. Highly respected speakers from the public and private sectors will address emerging trends, technology and best practices. The event is open to the public and will feature information for individuals, families, educators, business professionals, law enforcement and government officials. The summit agenda will feature internationally recognized keynote speakers as well as experts from across the county to lead breakout sessions on featured industry topics.

Cyber Texas (San Antonio, Texas, USA, August 1 - 2, 2017) CyberTexas was established to provide expanded access to security developments and resources located in Texas; provide an ongoing platform for the education and skill development of cyber professionals & job creation; build strong relationships with other U.S. and International geographies focused on cyber ecosystem development; bring national and international resources to the region to showcase Texas-based cyber assets; identify and encourage business opportunities within and outside of Texas; and create long-term value for the cyber security ecosystem of San Antonio and the State of Texas.

Cyber Security Summit: Chicago (Chicago, Illinois, USA, August 8, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Chicago Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: Chicago is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

PCI Security Standards Council: 2017 Latin America Forum (Sao Paulo, Brazil, August 9, 2017) Join your industry colleagues for a full day of networking and one-of-a-kind partnership opportunities. Whether you want to learn more about updates in the payment industry or showcase a new product, you’ll find it all at the 2017 Latin America Forum (LAF).

2017 DoDIIS Worldwide Conference (St. Louis, Missouri, USA, August 13 - 16, 2017) Hosted annually by the DIA Chief Information Officer, the DoDIIS Worldwide Conference features a distinguished line-up of speakers and an extensive selection of breakout sessions allowing attendees to gain insight and interact with experts in smaller settings. This year’s conference presents an exciting and unique opportunity to directly engage with senior leaders from the Intelligence Community, Department of Defense, and industry about the IT complexities and challenges impacting the mission user.

SANS New York City 2017 (New York, New York, USA, August 14 - 19, 2017) Be better prepared for cyber-attacks and data breaches. At SANS New York City 2017 (August 14-19), we offer training with applicable tools and techniques for effective cybersecurity practices. Gain the skills and tools you need to win the battle against the wide range of cyber adversaries who want to harm your environment.

Information Security Summit 2017 (Hong Kong, August 15 - 16, 2017) Effective Use of Analytics and Threat Intelligence to Secure Organizations: The Information Security Summit 2017 is a Regional Event with the aim to give participants from the Asia Pacific region an update on the latest development, trends and status in information security.

TechFest (Louisville, Kentucky, USA, August 16 - 17, 2017) TechFest is a biannual summit designed to bring together technology professionals for learning and networking. Attendees will have opportunities to explore economic development avenues for their businesses, connect with regional IT leaders, and learn about emerging technology. Among the topics addressed will be cybersecurity- hacking, malware, exploits, skimmers, new standards and policies in key industries.

The Chertoff Group Security Series: Security In The Boardroom (Palo Alto, California, USA, August 23, 2017) The Chertoff Group Security Series will aim to enhance and add to the Security in the Boardroom conversation by applying our insights into technology, threat, and policy to help executives respond to the evolving threat environment.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

Probing of US power utilities ascribed to Russian actors. NotPetya recovery and cost-counting continue. Copycat and Spydealer afflict Android systems. W3C will promote EME. Russo-American good feelings at G20 last...a couple of hours, tops.