The CyberWire Daily Briefing 8.7.17

Summary

By The CyberWire Staff

The US Army has ordered all units to immediately stop using DJI drones. The order derives from unspecified concerns over cybersecurity. DJI, a Chinese firm, had been criticized in the past by consumers for collecting too much about users (including geolocation data). Whether such collection is what worries the Army is unknown, but G3/5/7 (Deputy Chief of Staff, Operations, Plans, and Training) has directed that all DJI products be taken out of service, from drones to controllers to the batteries that power them.

Trend Micro reports that an Android phishing campaign is in progress against Russian-speaking businesses.

Researchers warn social media timelines may betray more user information than users suspect.

Amazon, moved by recent incidents in which customers inadvertently exposed data stored in the AWS cloud, works to steal a march on criminals by scanning for publicly available S3 buckets and warning such buckets' owners.

White hats who looked at voting machine vulnerabilities recommend five steps to more secure elections: retire old machines, secure registration systems and voter databases, require security audits of electronic voting machines, make patching easier, and improve poll workers' training.

An opinion piece in the Diplomat doesn't quite advocate cyber marque-and-reprisal against Russia, but it comes close.

Marcus Hutchins, a.k.a. MalwareTech, the researcher credited with (inadvertently) flipping WannaCry's kill switch, is out on bail after pleading not guilty in a US court. He's facing charges relating to creation and distribution of the Kronos banking Trojan. The case is likely to set important precedents for vulnerability research.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, China, European Union, India, Republic of Korea, Philippines, Poland, Russia, Ukraine, United Kingdom, and United States.

What do AI and machine learning mean for cybersecurity?

We hear about them everywhere in cybersecurity. They sound cutting-edge, but what do they mean? And what value do they add? Find out exactly how significant AI and machine learning are, and how small nuances in their use can make a big difference.

On the Podcast

In today's podcast we talk with our partners at Level 3, as Dale Drew discusses "hacking back."

Sponsored Events

Security In the Boardroom (Palo Alto, CA, USA, August 23, 2017) Cybersecurity is a boardroom topic in nearly every organization. For many boards, security has evolved from a technical risk to a top business risk. Cybersecurity is also a growth opportunity. Proper integration of security and privacy concerns can drive far more effective digital transformation efforts. However, the mystique around cybersecurity can prevent board members and management from improving their cyber fluency and driving required improvements. Please join The Chertoff Group for our Security in the Boardroom event where we will demystify cybersecurity technology and policy issues while providing practical tools that board members and management can use to improve their resiliency to cyber risk and drive competitive advantage.

Cyber Security Conference for Executives (Baltimore, MD, USA, September 19, 2017) The Johns Hopkins University Information Security Institute and COMPASS Cyber Security are hosting the 4th Annual Cyber Security Conference for Executives on Tuesday, September, 19. It will be held on the Homewood Campus of Johns Hopkins University. This year’s theme is, “Emerging Global Cyber Threats.” The conference will feature thought leaders across a variety of industries to address current cyber security threats to organizations and how executives can work to better protect their data.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

Army tells troops to stop using DJI drones immediately, because cyber (Ars Technica) "Halt use of all DJI products," Army Aviation commands.

Army orders the removal of DJI drones, citing cyber security concerns (Mashable) DJI drones just took a military hit, and it might ripple through the rest of the market.

Interpol and Security Firm Dox Pro-ISIS Hacktivists (BleepingComputer) In cooperation with Interpol, Group-IB, a Moscow-based cyber-security firm, has tracked down and revealed the real-world identities of five members of the United Islamic Cyber Force (UICF).

Anarchists vow attacks on British travellers (Times) British holidaymakers travelling to popular European destinations have been warned to be vigilant after a militant organisation protesting against mass tourism promised fresh attacks. The leader of...

Hackers leak info stolen from Mandiant analyst, threaten similar attacks (SC Media UK) Hackers leak info stolen from Mandiant analyst, threaten similar attacks in the future

Game of Thrones Season 7: HBO hackers threaten to leak more episodes on 6 August (Firstpost) HBO employees fear that the hackers might have gained access to their personal information in the records of the company but the channel denies the same.

HBO Hack: Reports Suggest Much Worse than Just Game of Thrones Leaks (Apps for PC Daily) HBO hackers 'stole Curb Your Enthusiasm episodes, not emails'

Spoiler Alert: Hackers Are Gunning for Hollywood (Guest Column) (Variety) The 2014 hack at Sony Pictures Entertainment was a watershed moment for the entertainment industry.

An echo of opening shots (TechCentral) As is so often the case these days, I learned of the IT incident that came to be known as the NotPetya outbreak via Twitter.

Hackers Behind WannaCry Cashed Out Bitcoin While No One Was Watching (Motherboard) Hackers behind two strains of WannaCry have moved out their bitcoin proceedings in a very similar way.

WannaCry hackers are converting bitcoins to 'totally anonymous' Monero to hide their tracks (International Business Times UK) Monero is an extremely privacy-oriented cryptocurrency and is nearly impossible to track.

New Version of Dangerous Android Malware Sold on Russian Hacking Forum (BleepingComputer) A new version of the Svpeng Android banking trojan has started making victims during the past month, and at the origin of this sudden surge in activity is a criminal selling a new and improved version of Svpeng on a Russian underground hacking forum.

Backdoor-carrying Emails Set Sights on Russian-speaking Businesses (TrendLabs Security Intelligence) A malicious email campaign against Russian-speaking enterprises is employing a combination of exploits and Windows components to deliver a new backdoor that allows attackers to take over the affected system.

FBI warns on IP addresses (FCW) The FBI issued an alert in late July advising industry, government and academic institutions about persistent cyber threats from a group with ties to Iran.

Meet Alex, the Russian Casino Hacker Who Makes Millions Targeting Slot Machines (WIRED) This Russian mathematician-turned-hacker has cracked slot machines worldwide. His secret: seeing through pseudo-random numbers.

The Rise Of The No-Frills Hacker (HuffPost UK) It looks innocent enough - a receipt from your favourite high street shop, a file to review from a colleague or an alert from your bank or gas company th...

Steganography Use on the Rise Among Cyber Espionage, Cybercrime Groups (Dark Reading) At least three cyber espionage campaigns and several malware samples in recent months have employed ancient technique, Kaspersky Lab says.

Attackers Use Typo-Squatting to Steal NPM Credentials (Threatpost) Hackers seeking developer credentials used typo-squatting to spread malicious code via libraries hosted at the online repository npm. In all, 40 npm packages were found malicious and removed from the Node.js package management registry, according to npm.

The Coolest Talk at Defcon 25 That No One is Writing About (Security Week) I’ve been attending the DEF CON hacker conference for 18 years. This year, I was starting to think “I’m too old for this stuff!” Don’t get me wrong, I still love the community-oriented DIY hacker spirit of the conference, but after all this time, I was starting to think I’d seen it all. Yeah.

Obscuring malicious Facebook links using the Open Graph Protocol (Help Net Security) If you though that obscuring malicious Facebook links was hard, think again. Phishers achieve the semblance of a harmless link using Open Graph tags.

Here's Why your Social Media Timeline Shows Your e-Shopping Wishlist (News18) Welcome to the digital age where everything is public. The government could be trying to read your mails, but the giant corporations are already reading them.

Continue on PC, Timeline features raise Windows 10 security concerns (SearchEnterpriseDesktop) The Windows 10 Fall Creators Update presents new security threats by syncing smartphones to PCs through the new Timeline and Continue on PC features.

Exploits Available for Siemens Molecular Imaging Vulnerabilities (Threatpost) Siemens is readying patches for a number of vulnerabilities in its molecular imaging products, including some where public exploits are available.

ESET Tries to Scare People Away From Using Torrents (TorrentFreak) IT security company ESET has published a rather curious article which portrays the use of BitTorrent as a security threat. Noting that merely downloading a torrent client could "infect your machine and irreversibly damage your files", the piece focuses on a pair of rare incidents to present an overall climate of fear. The reality is much more nuanced.

UCLA System Hacked In Cyber Attack (CBS Los Angeles) UCLA officials are notifying about 32,000 people this week about a cyberattack on a university computer server containing personal information about some students, although officials have said they do not believe the hacker actually obtained any sensitive information.

FTC must scrutinize Hotspot Shield over alleged traffic interception, group says (Ars Technica) VPN service "can intercept and redirect HTTP requests to partner websites."

Radio Station Broadcast Cold War Era Messages Despite Being Non-operational (HackRead) Now, this is one such creepy news that has all conspiracy theorists excited and enthralled. Reportedly, there is a mysterious radio station in Russia that

Security Patches, Mitigations, and Software Updates

Microsoft Will Not Patch SMBLoris Vulnerability (BleepingComputer) Microsoft has declined to patch a vulnerability in the Server Message Block (SMB) file sharing protocol that affects all versions of the Windows operating system released in the past two decades, since Windows 2000.

Samsung's 2015 Flagships Receive Update From Verizon | Androidheadlines.com (Android Headlines) American wireless carrier Verizon is rolling out a new update that will install Android security patches and fix a few bugs to several Samsung smartphones.

Cyber Trends

'Information' is playing outsize role in warfare (C4ISRNET) In 21st century warfare, war is cognitive as much as it’s kinetic, Lt. Gen. Vincent Stewart, director of the Defense Intelligence Agency, told a small group of reporters in his office this week.

Microsoft sees cyberattacks as part of the 'fabric of society' (null) Microsoft has warned that artificial intelligence could "reset" cybercrime and the techniques used to combat it. AI is being used to tackle emerging threats but is also powering a new generation of malware created by elite attackers.

Combatting cyber terrorism (Global Telecoms Business) Our homes and cities are increasingly connected via the internet of things (IoT). But while this enhanced connectivity brings vast benefits and opportunities, the vulnerability of systems and access points to hacks and cyber security threats is truly upon us, writes Jason McGee-Abe

Hackers & Hospitals: An Infographic on Medical Device Security (Medium) Of all of the connections brought about by the Internet of Things, nothing is more frightening than the notion of an unsecured medical…

Marketplace

Top 10 Security Startups to Watch: Don't Let Them Out of Your Sight (SDxCentral) These 10 security startups that launched before Black Hat show promise in protecting enterprise's networks, and business overall.

12 Security Startups That Raised New Funding in July 2017 (eWEEK) July was a newsworthy month for the security industry. Not only did the Black Hat and DefCon security conferences take place in July, but it was a busy month for investors pumping money into security vendors.

BlueteamGlobal: Cybersecurity Firm Launches With $125 Million Round, Deep Senior Team (PRNewswire) BlueteamGlobal, a cybersecurity services firm, today announced the launch of...

Facebook Acquires AI Startup Ozlo As Virtual Assistant Race Heats Up (StockNewsTimes) Facebook has acquired an artificial intelligence startup based in Palo Alto, California in order to improve how Messenger’s virtual assistant works. Ozlo, which was founded four years ago by Charles Jolley and Michael Hanson, has proven abilities in engaging in text-based conversations. The startup confirmed the acquisition in an online posting. “[Ozlo] has built a […]

How can MSPs evolve into cybersecurity companies? (SearchITChannel) Managed services providers at ChannelCon 2017 described their journeys of transitioning into cybersecurity companies.

A Third of Enterprises Want Managed Security From Their Carriers. Here's Why Carriers Should Listen (Wireless Week) Too many companies are woefully unprepared for a cyber-attack. A full 43 percent of companies reported they can’t handle an attack that lasts just 24 hours. Two new tipping points will only make a bad situation worse: the Internet of Things (IoT) and encryption.

You Wouldn't Believe the Size of FireEye, Inc's Subscription Sales and Operating Expenses -- The Motley Fool (The Motley Fool) The data security upstart’s revenue and earnings pleasantly surprises the Street, but pales in comparison to its cost-cutting efforts.

Tata Communications to hire 400 people to combat cyber crime and data theft (The Economic Times) The company will be investing in building capability in risk and compliance, cloud security, identity and access management, analytics to predict cyber attacks.

Teradata lands $29M deal to help handle Immigration’s data (ARN) Teradata has taken home a $28.9 million data warehouse services deal from the Department of Immigration and Border Protection.

Navy awards C4ISR contract (C4ISRNET) The technical services contract, awarded to CACI-ISS, is scheduled to be completed by December 2017.

Qualys CEO Calls WannaCry a "Godsend" for his Business (eSecurity Planet) Qualys reports second quarter fiscal 2017 revenue of $55.3 million as security events like WannaCry help to drive more business opportunity.

UK intelligence agencies turn to start-ups on cyber security (Financial Times) Private sector coders are being sought to develop fixes for virulent global crimes

Scuttlebiz: Separating Cyber from NSA could speed private-sector development in Augusta (Augusta Chronicle) When America’s enemies hide behind closed doors, the best military strategy could be stealthily picking the lock under the cover of night. Or it could be blowing the door to smithereens with an M203 in broad daylight.

Cybersecurity could be WV’s next big growth area, leaders say (WV MetroNews) An increasingly dangerous online world could be a job-creator for West Virginia. “We ought to be the cybersecurity center of the country,” West Virginia Univer…

Can Northwest Florida become Florida’s cybercoast? (Pensacola News Journal) UWF provides leadership to advance cyber defense education among colleges and universities in the Southeast.

Cybersecurity headhunter shares 10 secrets from Black Hat 2017 (CSO Online) A security industry job recruiter goes undercover at the Black Hat 2017 Conference, and lives to tell about it. Here are 10 things he learned.

Products, Services, and Solutions

Dash Employs Elite Cybersecurity Service Bugcrowd to ‘Hack’ Its Blockchain (Payment Week) Dash, the top payments-focused digital currency, has received approval from the Dash community to employ the services of Bugcrowd, the leader in crowdsourced security testing. The partnership means thousands of security researchers will be incentivized to identify critical software vulnerabilities within Dash’s code and present them to …

CyberSponse Continues to Simplify Security Operations by Announcing Interoperability & Out-of-the-Box Connectors for the RSA NetWitness® Product Suite (Benzinga) CyberSponse, a leader in case management, security orchestration and automation, announces interoperability and out of the box playbooks for the RSA NetWitness® Suite.

Technologies, Techniques, and Standards

Amazon reaches out to users with bad security before the crooks do (Naked Security) Amazon is taking proactive steps to keep its customers safe

Young Iranians Are Using These Apps to Bypass Government Oppression (Motherboard) Amid censorship and "moral police", the youth of Iran are looking to their smartphones for civil liberties.

Voting Machine Hackers Have 5 Tips to Save the Next Election (WIRED) Hey, democracy, your vulnerabilities are showing.

Spy data to help small, medium businesses fend off cyber threats (Financial Review) Small and medium-sized businesses are the big winners under a government plan to share cyber-security spy data with internet providers.

The UK government has issued new cybersecurity guidelines for smart cars (Verge) An effort to ensure that automakers pay attention to cybersecurity

Governments, Silicon Valley faces problems in combating terrorist exploitation of cyberspace, cybersecurity expert says (Homeland Preparedness News) The United Kingdom’s Home Secretary Amber Rudd is set to face an uphill battle this week as she meets with leading tech companies in Silicon Valley to discuss issues related to terrorist exploitation of information and communications technologies (ICT)...

NHS must ensure £21m cybersecurity fund is spent in the right places (Computing) The NHS needs to invest in cyber defences that can adapt to changing threats, argues Malcolm Murphy

GDPR and PSD2: a regulatory double whammy or a unique opportunity for banks? (Computing) New regulations are forcing banks to give more power to customers and competitors with respect to account data, but they may be able to turn it them to their advantage

GDPR: Should Your Organisation Purchase Cyber Insurance? (Computer Business Review) The good news is that cyber insurance firms are offering new policies to help organisations protect themselves from the financial implications of a breach.

In A Ransom DDoS Attack, It Doesn't Pay To Pay (PYMNTS.com) Cyberattacks have become so common that criminals don’t even have to launch one in order to get victims to pay up; all they have to do is threaten. The distributed denial-of-service (DDoS) attack has made a massive resurgence in Q2, particularly Ransom DDoS, or RDoS. In an RDoS attack, cybercriminals threaten to launch a DDoS […]

How cloud computing could protect firms against ransomware attacks (CNBC) Cloud computing may provide the security companies need to protect against cybercrime such as data theft, ransomware and computer hacks.

How Utilities Can Protect Themselves from Cyberattacks (BizTech) Security assessments, cloud-based tools and data protection measures can keep power and utility companies as safe as possible.

Blog: We’re Writing Checks—Money Is in Our Pockets (SIGNAL) Traditional checkbooks provide a new type of financial cybersecurity.

Design and Innovation

Google wants to track you in real life – privacy group says, ‘No way!’ (Naked Security) Google plans to use AI tool to grab details of billions of in-store credit card transaction.

Researchers Put Windows Defender in a Sandbox to Show Microsoft How It's Done (BleepingComputer) Software experts from Trail of Bits — a well-known security R&D company — have sandboxed Windows Defender, the default antivirus solution that ships with recent Windows editions.

Research and Development

IBM And Sony Has Stored 330TB Data In A Tiny Magnetic Tape (TechWorm) IBM and Sony Create Magnetic Tape That Can Store Record-Breaking 330TB Of Uncompressed Data The future of data storage is here: magnetic tapes. Scientists

Academia

Lewis University Ranks 6th For Best Online Masters In Cyber Security (Romeoville, IL Patch) The Romeoville university earned a spot among the top 20 Best Online Masters in Cyber Security.

Elementary students learn the basics of cyber in a weekly computer coding class (WRDW) High school students can choose to take cyber security classes on their own, but in Columbia County it's mandatory for elementary school students to take computer classes, which could help them in a future career in cyber.

Legislation, Policy and Regulation

Russia Sanctions are Insufficient: Use Active Cyber Defense (The Diplomat) “A new approach is needed to shape views of the costs and benefits of cyber attacks.”

UK Writes GDPR into Law with New Data Protection Bill (Infosecurity Magazine) UK Writes GDPR into Law with New Data Protection Bill. Aims to reassure markets and support country’s digital economy post-Brexit

Sebi goes all-out to up cyber security, plans to hire advisor (Business Today) To firewall securities markets from cyber threats, Sebi is looking to further beef up policy framework on this front and plans to appoint an advisor for such security and other IT initiatives.

Germany needs tougher laws against cyber crime, top policeman tells paper (Reuters) Germany's top police official has called for tougher laws to fight cyber crime on the illegal internet - the Darknet - and other organized criminal structures, in an interview published on Saturday.

Bill Aims to Retrain Industrial Workers with In-Demand Cybersecurity Skills (SHRM) Companies that offer their employees cybersecurity training and education would receive tax breaks under a new legislative proposal.

Top Dem argues to keep commission that fights election hacks (TheHill) The EAC is on Republicans' budget chopping block

Jeh Johnson worries U.S. still "vulnerable" to election meddling (CBS News) "Bad cyber actors are becoming more aggressive, more ingenious, and more tenacious," says former Homeland Security secretary

Congress (finally) sets sights on new-age cyber invasion (TheHill) Unless you’ve been hanging out at Mar-a-Lago, playing round after round of “Fake News or Not,” you probably remember the Mirai botnet attack last year. It was a distributed denial of service (DDoS) attack that exploited vulnerabilities in digital cameras and DVRs.

Despite concerns over cyber diplomacy, State works to align internal efforts (Federal News Radio) The State Department quietly launched a new Cyber and Technology Security directorate to address threats and vulnerabilities for embassies and consulates.

Navy Cyber Defense Operations Command Holds a Change of Command Celebration (DVIDS) Capt. Julia L. Slattery relieved Capt. Sean R. Heritage as Commander, Task Force 1020/Commanding Officer, Navy Cyber Defense Operations Command (NCDOC) during a change of command ceremony held at the Suffolk Center for Cultural Arts on August 2.

De Blasio signs executive order to launch city ‘cyber command’ (New York Post) Mayor de Blasio quietly signed an executive order last month creating an office known as the New York City Cyber Command — a new outfit that’s intended to protect the city against online attacks a…

The spies still among us (Post and Courier) The federal government has once again come clean. It has been spying illegally on Americans since 2012, as shown by a large number of documents recently released by the Director

Litigation, Investigation, and Enforcement

Jihadist cell ‘musketeers’ spread hate on YouTube (Times) The terrorists who plotted a deadly pipe-bomb and meat-cleaver attack shared scores of extremist videos hosted by YouTube that featured Islamist propaganda. The terrorist cell known as the...

Hutchins pleads not guilty to charges of writing and distributing malware - expected to be bailed today (Computing) Five-year-old IRC logs paint picture of black hat hacker, but no firm evidence of wrong-doing

Security researcher who neutralized WCry to be released on $30,000 bond (Ars Technica) Prosecutors say Marcus Hutchins admitted he wrote alleged malware. Defense disagrees.

Bail of $30,000 set for UK cyber expert Marcus Hutchins (BBC News) Prosecutors say Marcus Hutchins admitted writing and selling code designed to steal bank details.

British computer expert who stopped NHS cyber attack 'admits creating malware code' (ITV) A British computer expert who was hailed a hero after helping shut down a worldwide cyber attack that paralysed NHS computers has admitted in a police interview that he created the code of a malware that harvests bank details, a Las Vegas court has heard.

Black hat or white hat? Questions swirl around hero researcher's sudden arrest (The Verge) On Wednesday, a celebrated UK security researcher was stopped at the Las Vegas airport and taken into federal custody. According to law enforcement, Marcus Hutchins (better known as MalwareTech)...

Kronos Malware ‘Dealer’ On WannaCry Killer Charges: What Charges? (Fraud Report) Beaumont had suggested that the contact might know something about the creator of the malware, but Passworded denied they had coded it, telling Forbes in internet-speak: "To be honest am not the coder but i got the file and crack it."

Arrest shines light on shadowy community of good, bad hackers (Update) (Phys.org) Two months ago, Marcus Hutchins was an "accidental hero," a young computer whiz living with his parents in Britain who found the "kill switch" to the devastating WannaCry ransomware.

Arrest of WannaCry researcher sends chill through security community (TheHill) The Wednesday arrest of cybersecurity researcher Marcus Hutchins is sending a chilling effect through the cybersecurity community.

Opinion | The Kronos indictment: Is it a crime to create and sell malware? (Washington Post) A legal analysis of the charges against Marcus Hutchins.

The Marcus Hutchins Case Could Set a Dangerous Precedent For White Hat Hackers (WIRED) The danger of the Marcus Hutchins case is the chilling effect it could have on malware research in general.

Kronos malware: What is the banking Trojan linked to WannaCry hero? (CRN Australia) Kronos malware was first spotted for sale in 2014.

IITian arrested in Bengaluru for stealing Aadhaar data (The Times of India) Bengaluru police on Thursday arrested a software engineer for hacking the server of UIDAI. The 31-year-old IIT-Kharagpur graduate is currently employed with cab aggregator Ola. He have allegedly stolen the demographic data of at least 40,000 Aadhaar cardholders.

Transparency, due process fell by the wayside in the case of Kaspersky Lab (Federal News Radio) Acquisition and cyber experts say the government’s decision to remove Kaspersky Labs from the GSA schedule is highly unusual and could create a trade war.

South Korean Spy Agency Admits to Meddling in 2012 Election (Foreign Policy) The presidency may never have been meant for Park Geun-hye after all.

"This culture of leaking must stop," Sessions says, threatening media subpoenas (CBS News) "We will not allow rogue anonymous sources with security clearances to sell out our country any longer," attorney general says

Jeff Sessions’ leaker crack down may prove tricky (The Washington Times) President Trump’s anger at his attorney general appears to have blown over, with the president offering a few kind words for Attorney General Jeff Sessions’ plan to crack down on what have been a series of embarrassing leaks for the White House.

Factbox: Long history of U.S. leakers to media facing charges (Reuters) While one focus of the leak crackdown announced on Friday by U.S. Attorney General Jeff Sessions is on journalists who receive leaked information, another is on suspected leakers.

Tipping point for anti-Trump leaks? (News-Sentinel) There have been leaks in every presidential administration. But most of them were innocuous, and many were even the result of the administration itself trying to put spin on certain issues.

Rosenstein: Special counsel Mueller can investigate any crimes he uncovers in Russia probe (Washington Post) The deputy attorney general said the Russia investigation is continuing apace, even as Trump dismissed the probe as “a total fabrication.”

Democrats fear Russia probe blowback (POLITICO) "We need to talk about what people think about when they wake up in the morning, and it’s not Russia," said one strategist.

Russian inquiry robs voters of democracy, says Trump (Times) President Trump lashed out against allegations that his path to the Oval Office was smoothed by a foreign power as his new chief of staff set about stamping discipline on a West Wing buffeted by...

We need answers in Democrats' congressional IT drama (USA TODAY) Something shady is going on and former Democratic National Committee chief Rep. Debbie Wasserman-Shultz doesn't want to talk about it.

Clandestine Isis unit training Britons to launch attacks on UK (Times) A secretive Isis unit that trained the perpetrators of the Paris and Brussels terrorist attacks has been teaching British fighters to attack targets in the UK, according to a fighter captured by...

Companies Can't Use Keyloggers to Spy on Employees, Says German Court (BleepingComputer) The German Federal Labour Court has ruled that companies can't install keyloggers to monitor employees because such an action violates personal privacy rights.

DICT, global cybersecurity firm join forces to combat online threats (Inquirer) The Philippine government and international cybersecurity firms are combining forces to address cybersecurity threats in the country as the fast growing economy lures cybercriminals.

Polish Kidnapper Tried Selling British Model on Dark Web (HackRead) We have heard about Dark Web marketplace asking for funds to assassinate Donald Trump and Mike Pence - We have also heard about criminals offering physical

Russian man sentenced in Minnesota computer fraud case (Fifth Domain) A Russian man has been sentenced in Minnesota to nearly four years in federal prison in connection with a global computer fraud case.

OPM security controls still not fully implemented, says GAO (Fifth Domain) A report detailing GAO findings on the progress made by OPM to implement 19 recommendations to secure government systems was released Thursday.

Editorial: No excuse for hiding cyber attack on city (Sarasota Herald) How does the city of Sarasota conceal from the public the scope and severity of a cyber attack that corrupted 160,000 computer files and involved a $33

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

Cyber Security Summit: Chicago (Chicago, Illinois, USA, August 8, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Chicago Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: Chicago is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

PCI Security Standards Council: 2017 Latin America Forum (Sao Paulo, Brazil, August 9, 2017) Join your industry colleagues for a full day of networking and one-of-a-kind partnership opportunities. Whether you want to learn more about updates in the payment industry or showcase a new product, you’ll find it all at the 2017 Latin America Forum (LAF).

2017 DoDIIS Worldwide Conference (St. Louis, Missouri, USA, August 13 - 16, 2017) Hosted annually by the DIA Chief Information Officer, the DoDIIS Worldwide Conference features a distinguished line-up of speakers and an extensive selection of breakout sessions allowing attendees to gain insight and interact with experts in smaller settings. This year’s conference presents an exciting and unique opportunity to directly engage with senior leaders from the Intelligence Community, Department of Defense, and industry about the IT complexities and challenges impacting the mission user.

SANS New York City 2017 (New York, New York, USA, August 14 - 19, 2017) Be better prepared for cyber-attacks and data breaches. At SANS New York City 2017 (August 14-19), we offer training with applicable tools and techniques for effective cybersecurity practices. Gain the skills and tools you need to win the battle against the wide range of cyber adversaries who want to harm your environment.

Information Security Summit 2017 (Hong Kong, August 15 - 16, 2017) Effective Use of Analytics and Threat Intelligence to Secure Organizations: The Information Security Summit 2017 is a Regional Event with the aim to give participants from the Asia Pacific region an update on the latest development, trends and status in information security.

TechFest (Louisville, Kentucky, USA, August 16 - 17, 2017) TechFest is a biannual summit designed to bring together technology professionals for learning and networking. Attendees will have opportunities to explore economic development avenues for their businesses, connect with regional IT leaders, and learn about emerging technology. Among the topics addressed will be cybersecurity- hacking, malware, exploits, skimmers, new standards and policies in key industries.

The Chertoff Group Security Series: Security In The Boardroom (Palo Alto, California, USA, August 23, 2017) The Chertoff Group Security Series will aim to enhance and add to the Security in the Boardroom conversation by applying our insights into technology, threat, and policy to help executives respond to the evolving threat environment.

U.S. Department of Commerce Cybersecurity Awareness Day (Washington, DC, USA, August 24, 2017) On August 24, 2017, the Department of Commerce headquarters is planning the Cybersecurity Awareness Day event which will host guest speakers from throughout the Cybersecurity community. The 2017 Cybersecurity Awareness Day and Expo will feature timely, topical, and thought-provoking presentations, bringing together cybersecurity workforce, training, and educational leaders from academia, business, and government for one day of focused discussions. In light of current events involving unauthorized disclosures, sensitive and/or classified information leaks, and breaches of personally identifiable information in cyberspace, it is imperative that sound practices are incorporated. The agenda will include speakers from Industry and Government.

7th Annual Cybersecurity Training and Technology Forum (Colorado Springs, Colorado, USA, August 30 - 31, 2017) CSTTF is designed to further educate Cybersecurity, Information Management, Information Technology, and Communications Professionals by providing a platform to explore and enhance cyber resilience, collaboration, threat intelligence, information sharing, workforce development, and risk management. This will be accomplished through a number of in-depth sessions and panel discussions, along with cybersecurity exhibits provided by industry and government partners.

SANS Network Security 2017 (Las Vegas, Nevada, USA, September 10 - 17, 2017) SANS is recognized around the world as the best place to develop the deep, hands-on cybersecurity skills most in need right now. SANS Network Security 2017 offers more than 45 information security courses taught by SANS' world-class instructors, with dynamic content on the hottest information security issues. Join us for immersion training that will provide you with the cutting-edge skills to defend your organization against security breaches and prevent future attacks.

Finovate Fall 2017 (New York, New York, USA, September 11 - 14, 2017) FinovateFall 2017 will begin with the traditional short-form, demo-only presentations that more than 20,000 attendees from 3,000+ companies have enjoyed for the past decade. After two days of Finovate’s inspiring short-form demos, stay on for another day and a half of practical advice from your peers and industry gurus alike. Determine just how you will incorporate the latest fintech innovations into your product road map.

Insider Threat Program Management With Legal Guidance Training Course (Laurel, Maryland, USA, September 12 - 13, 2017) Insider Threat Defense will hold a two-day training class, Insider Threat Program (ITP) Management With Legal Guidance (National Insider Threat Policy (NITP), NISPOM Conforming Change 2). For a limited time the training is being offered at a $1295. This training will provide the ITP Manager / Senior Official and Facility Security Officer with the knowledge and resources to achieve compliance with NITP /NISPOM CC2, and go beyond these regulations to establish a robust and effective ITP. Any individual involved with supporting an ITP will also gain valuable knowledge. A licensed attorney with extensive experience in Insider Threats and Employment Law will provide legal guidance related to ITP's, the collection, use and sharing of employee information, and employee computer user activity monitoring. Any organization (State Government Agencies, Businesses, Etc.) that are not required to implement an ITP, but are concerned with Insider Threat Risk Mitigation will also benefit greatly from this training.

PCI Security Standards Council: 2017 North America Community Meeting (Orlando, Florida, USA, September 12 - 14, 2017) Join your industry colleagues for three days of networking and one-of-a-kind partnership opportunities. Whether you want to learn more about updates in the payment industry or showcase a new product, you’ll find it all at the 2017 Community Meetings.

8th Annual Billington CyberSecurity Summit (Washington, DC, USA, September 13, 2017) The 8th Annual Billington CyberSecurity Summit September 13 in Washington D.C. brings together world-class cybersecurity thought leaders for high-level information sharing, unparalleled networking and public-private partnerships from a cross-section of civilian, military and intelligence agencies, industry and academia. Keynotes from The Honorable Daniel Coats, Director of National Intelligence, Representative William Hurd, R-Texas, General Joseph Votel, Commander, United States Central Command, Robert Joyce, Special Assistant to the President and Cybersecurity Coordinator, The White House, Grant Schneider, Acting CISO, Office of Management and Budget, (invited), plus CISOs from DHS, DoD, HHS and the CIO for USCYBERSOM. Full agenda <a href="http://www.billingtoncybersecurity.com/8th-annual-billington-cybersecurity-summit/agenda/" target="_blank">here</a>.

Cyber Security Summit: New York (New York, New York, USA, September 15, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: New York. Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: New York is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

Cyber Security Conference for Executives (Baltimore, Maryland, USA, September 19, 2017) The Johns Hopkins University Information Security Institute and COMPASS Cyber Security are hosting the 4th Annual Cyber Security Conference for Executives on Tuesday, September, 19. It will be held on the Homewood Campus of Johns Hopkins University. This year’s theme is, “Emerging Global Cyber Threats.” The conference will feature thought leaders across a variety of industries to address current cyber security threats to organizations and how executives can work to better protect their data.

4th Annual Industrial Control Cybersecurity Europe (London, England, UK, September 19 - 20, 2017) Against a backdrop of targeted Industrial Control System cyber attacks against energy firms in the Ukraine power industry, the massive attacks against the Norway oil and gas industry, cyber attacks on Saudi Aramco and the new and continued threats such as Crash Override malware, Stuxnet, Havex, Dragonfly, Black Energy, and the potential impact of ransomware like #Wannacry on industrial control systems, the Cyber Senate return for the 4th Annual Industrial Control Cybersecurity Europe meeting to bring key stakeholders together to address our responsibility in ensuring the safety, reliability and stability of our Critical National Infrastructure.

10th Cyber Defence Summit (Dubai, UAE, September 20, 2017) Naseba’s 10th Cyber Defence Summit will address the importance of protecting critical infrastructure and sensitive information, help companies procure cyber security solutions and services, and create further awareness of cyber security among the youth of the UAE.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

US Army tells troops to drop DJI drone use. Android phishing campaign hits Russian businesses. Social media timelines reveal more than users think. Recommendations for election security. Hacking back, sanctions, or active defense? MalwareTech out on bail.