Black Hat, Defcon, and BSides
In his Black Hat address, Facebook's security chief made a strong pitch for more empathy in the security profession. Only this, he suggests, is likely to produce much needed change.
Remember Robin Sage, the security expert who never was, but who nonetheless attracted friends and job offers from within the US Defense Department and the industry that surrounds it? She was a demonstration catphish, but now she has some counterparts in the wild. Dell SecureWorks Counter Threat Unit presented their findings on one Mia Ash, a 20-something fictitious persona who purports to be a photographer based in London. She's also supposed to be an amateur model who's into social media and "tech-savvy guys with ties to the oil and gas industry," as Threatpost puts it.
Mia is an elaborately curated catphish run by the threat group Cobalt Gypsy (a.k.a. OilRig, TG-2889, or Twisted Kitten). Cobalt Gypsy is thought to be operating on behalf of the Iranian government. Its targets are governments, telecommunications infrastructure, defense companies, oil companies, and financial services outfits in the Middle East and North Africa.
Mia Ash is being used to troll for connections in the oils and gas industry. The operation's goal is to infect the marks with PupyRAT malware in a cyber espionage play. (So if you're bored out there on your production platform, sorry to rain on your parade, but Mia's not really interested in you, because, well, there's really no Mia.)
The Game of Drones (like Game of Thrones, but you no doubt got that on first reading) showed that stopping drone incursions is harder than it looks.
A presentation at Black Hat by two researchers, one from ZeroFOX, the other from RIT, suggests that academic training for cybersecurity is misaligned with the job market because it's misaligned with the realities in the wild. Thus, they conclude, traditional academic programs and certifications continue to fall short. They see a hermetic system: "[Academia] really traditionally encourages people to stay within academia and not got out and learn new things and come back."