The CyberWire Daily Briefing 8.11.17

Summary

By The CyberWire Staff

WikiLeaks' weekly dump from Vault7 features documents covering "CouchPotato," said to be a CIA tool that remotely collects video streams.

FireEye reports that Fancy Bear (Russia's GRU) has undertaken an ambitious program of spying on "high-value hotel guests" through hotel Wi-Fi systems. Fancy Bear is apparently using EternalBlue tools (believed to have leaked from NSA, and posted online by the ShadowBrokers) to propagate surveillance code across targeted networks.

The HBO hacker or hackers going by "Mr. Smith" released an email yesterday from HBO that appears to be an attempt to finesse the black hats into white hats by offering them, Variety reports, a "'bounty payment' of $250,000 as part of a program in which 'white hat IT professionals' are rewarded for 'bringing these types of things to our attention.'" Mr. Smith wasn't buying—the hackers want millions.

Skyhigh Networks says that criminals are using difficult-to-track "cloud-on-cloud" attacks.

Two familiar strains of ransomware have resurfaced in the wild. Both Locky and Mamba are out in an enhanced, more virulent form.

In the US, some Defense Department rapid acquisition tools are coming into use. Both DIUx and SCO have received enhanced purchasing authority. US Cyber Command will begin using its rapid acquisition authority by the end of September.

An unsealed FBI affidavit says that a Maryland man arrested last year in connection with alleged ISIS activities was involved in using eBay and PayPal to siphon cash to the terrorist group.

Ukrainian police last week arrested a man in Nikopol for distributing NotPetya.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, Brazil, China, European Union, India, Russia, Saudi Arabia, Singapore, Solomon Islands, South Africa, Ukraine, United Kingdom, United States

What do AI and machine learning mean for cybersecurity?

We hear about them everywhere in cybersecurity. They sound cutting-edge, but what do they mean? And what value do they add? Find out exactly how significant AI and machine learning are, and how small nuances in their use can make a big difference.

On the Podcast

In today's podcast, we hear from our partners at Webroot, as David Dufour talks about basic cyber hygiene. Our guest is Barmak Meftah, President and CEO of AlienVault, who offers his thoughts on the state of the security industry.

Sponsored Events

Security In the Boardroom (Palo Alto, CA, USA, August 23, 2017) Cybersecurity is a boardroom topic in nearly every organization. For many boards, security has evolved from a technical risk to a top business risk. Cybersecurity is also a growth opportunity. Proper integration of security and privacy concerns can drive far more effective digital transformation efforts. However, the mystique around cybersecurity can prevent board members and management from improving their cyber fluency and driving required improvements. Please join The Chertoff Group for our Security in the Boardroom event where we will demystify cybersecurity technology and policy issues while providing practical tools that board members and management can use to improve their resiliency to cyber risk and drive competitive advantage.

Cyber Security Conference for Executives (Baltimore, MD, USA, September 19, 2017) The Johns Hopkins University Information Security Institute and COMPASS Cyber Security are hosting the 4th Annual Cyber Security Conference for Executives on Tuesday, September, 19. It will be held on the Homewood Campus of Johns Hopkins University. This year’s theme is, “Emerging Global Cyber Threats.” The conference will feature thought leaders across a variety of industries to address current cyber security threats to organizations and how executives can work to better protect their data.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

WikiLeaks: CIA' CouchPotato Tool Remotely Collects Video Streams (HackRead) WikiLeaks has released yet another CIA hacking tool as part of its Vault 7 series documents belonging to the American Central Intelligence Agency (CIA).

A Russian Hacker Group Used a Leaked NSA Tool to Spy on Hotel Guests (WIRED) The same hackers who hit DNC and Clinton campaign are now apparently spying on high-value travelers via Wi-Fi

Unsecured Wi-Fi hotspots and troubling browsing behaviors - Help Net Security (Help Net Security) Unsecured Wi-Fi hotspots

Bitglass Study: One in Five Put Data at Risk by Using Unsecured Wi-Fi Hotspots (Marketwired) 72 percent of data Stored in Box, Google Drive, and OneDrive is shared in some capacity

HBO Hacker Leaks Message From HBO Offering $250,000 ‘Bounty Payment’ (EXCLUSIVE) (Variety) The HBO hacker has struck yet again. Variety has obtained a copy of another message released Thursday by the anonymous hacker to select journalists in which HBO is apparently responding to the init…

HBO breach: Centrify says ‘winter is coming’ for passwords (Security Brief) HBO’s soft underbelly was laid bare to the world after hackers stole 1.5 TB of data from its systems - Centrify says passwords' days are limited.

So you're thinking about becoming an illegal hacker – what's your business plan? (Register) Some insights from the HBO hack and bomb threat claims

Hackers Are Taking Dead Aim at Manufacturers as Cyber Attacks Rise Globally (Security Sales & Integration) Motivations for the attacks are often criminal in nature and include extortion via ransomware and industrial espionage, NTT Security says.

SonicSpy: Over a thousand spyware apps discovered, some in Google Play (Lookout Blog) Lookout researchers have identified over a thousand spyware apps related to a threat actor likely based in Iraq. Belonging to the family "SonicSpy," these samples have been aggressively deployed since February 2017, with several making their way onto the Google Play Store. Google removed at least one of the apps after Lookout alerted the company.

Libpurple flaw: How does it affect connected IM clients? (SearchSecurity) A flaw in the library providing core functionality for several IM clients enables code execution attacks. Find out more on the libpurple flaw.

Watch out for Emotet, the trojan that’s nearly a worm (Naked Security) Emotet arrives as a malicious email attachment and tries to steal your online banking credentials

Stealthy Mughthesec Mac adware exposed: What it does, how to protect yourself (Help Net Security) Mughthesec Mac adware got its name after the name of the app and the launch agent it installs on the target machine.

Nasty Mamba ransomware that encrypts entire hard drive resurfaces (HackRead) Mamba Ransomware Resurfaces in Brazil and Saudi Arabia With Nefarious Objectives Last year we informed you about Mamba ransomware that attacked computers a

Locky Ransomware Returns with Spam Campaign Pushing Diablo6 Variant (BleepingComputer) A large malspam campaign is underway that is pushing a new Locky variant that appends the .diablo6 extension to encrypted files. Is this the return of Locky or just a brief resurgence?

Hackers use 'cloud-on-cloud' attacks to evade detection, attribution (Cyberscoop) The attacks appear to be early examples of criminal or other malefactors using cloud infrastructure to hide not only their identity, but the attack itself.

Top 12 cloud security threats to watch out for (JAXenter) The convenience of cloud technology also has some drawbacks. In this article, Jenny Harrison goes over 12 important cloud security threats to watch out for.

Carbon Black denies its IT security guard system oozes customer secrets (Register) Not a bug, it's a clearly labelled switched-off feature, we're told

Carbon Black and DirectDefense are fighting. Such is life lately in the endpoint protection business. (Cyberscoop) The two cybersecurity companies disagree over whether Carbon Black has been leaking terabytes of sensitive customer data.

Beware of Security by Press Release (KrebsOnSecurity) On Wednesday, the security industry once again witnessed an all-too-familiar cycle: I call it “security by press release.”

eScan Says MIUI Riddled With Security Flaws, Xiaomi Responds (NDTV Gadgets360.com) Security solutions company eScan on Thursday in a 36-page report alleged that Xiaomi's MIUI custom Android ROM has multiple flaws that affected the security of user data. Xiaomi system apps such as the uninstall mechanism and Mi Mover were some of the flawed aspects of MIUI, the report stated. The Chinese smartphone company has refuted the allegations however, in a statement to Gadgets 360.

Multiple Flaws in Xiaomi’s Miui System Apps Introduce Un-Intentional Vulnerabilities into End-User Apps and Security Apps (eScan) A comparative study, between Xiaomi’s MIUI System Apps and various Security/Backup-restore apps, vis-à-vis the functional working of the end-user apps and the security controls implemented by them.

Your Favourite Apps Could Be Seriously Compromising Your Personal and Financial Security (Huffington Post India) How safe is your personal information?

Patched Flash Player Sandbox Escape Leaked Windows Credentials (Threatpost) One of Tuesday's Flash Player patches was a do-over after the researcher who privately reported the problem earlier this year discovered the original patch incompletely resolved the issue.

Don't Let Malware Hit You on the Way Out (Infosecurity Magazine) Enterprises are not doing enough to secure their organizations when it personnel leave.

Customers 'furious' with TNT after cyber-attack meltdown (BBC News) The courier is still struggling to return operations to normal more than a month after the NotPetya attack.

Hackers have been targeting 3 major Hungarian banks with series of phishing attacks since June (International Business Times UK) A recent study by PhishMe found that 91% of targeted cyberattacks begin with a spear phishing email.

Pernod Ricard confirms cyber security incident, says no impact (Reuters) Pernod Ricard SA waspotentially targeted by a cyber attack but the incident wasfully contained and had no impact on operations, the companysaid on Thursday.

Security Patches, Mitigations, and Software Updates

Juniper Issues Security Alert Tied to Routers and Switches (Threatpost) Juniper warned Thursday of a high-risk bug in the GD graphics library used in several versions of its Junos OS.

SAP cleans up more than a dozen troubling CRM security blunders (Register) 19 vulnerabilities squished this month – get patching

SAP CRM, Flex patched in monthly security update (Inside SAP) A vulnerability in SAP CRM has been highlighted in this month’s SAP critical patch update, released this week.

Debian move marks beginning of the end for TLS 1.0 and 1.1 (Naked Security) TLS 1.20 fixes a vulnerability so now’s the time to check that the software you use and the software you manage supports it

New in Windows security: Automatically log off suspicious users (Computerworld) The Cloud App Security subscription service will boot users off the network, and out of apps and services, at the first sign of anomalous behavior.

This Xiaomi smartphone is getting Android Nougat update in India (Gadget Now) Recently, we reported that Xiaomi will soon start rolling out Android Nougat update for its Redmi Note 4 smartphone.

Cyber Trends

Top 5 cybersecurity flaws in organisations (AMEInfo) Most companies worldwide are failing to measure cybersecurity effectiveness and performance, according to a study released late July. The study by Thycotic found that nearly a third of the companies were blindly making cybersecurity investments. More than half of the 400 respondents in the survey – 58 per cent – scored an “F” or “D” …

Hackers: Privileged Accounts Provide Fastest Access to Sensitive, Critical Data (Dark Reading) Nearly 75 percent state traditional perimeter security firewalls and antivirus are now irrelevant or obsolete.

What hackers think of your cybersecurity efforts (CIO) A survey of 250 self-identified hackers at the twentieth annual Black Hat conference in Las Vegas last month has revealed the security technologies they find toughest to beat.

What security looks like in a cloud-native world (CRN Australia) Defending cloud-native apps requires a new way of thinking.

HIMSS survey: Hospitals ramping up cybersecurity efforts (Healthcare Dive) More than 70% of health IT leaders said their organization budgets specific funds for cybersecurity.

Companies in Singapore are not protected against cyber-attacks. Why and what needs to happen? (MIS Asia) Research by IDC revealed that 91 per cent of Singapore companies in the early stages of security preparedness. We speak with Simon Piff, VP of IDC's APAC IT Security Practice to learn why.

Marketplace

DIUx, SCO given special hiring and contracting authorities (Defense News) Two of the Pentagon’s innovation offices have been granted special authorities to help speed the hiring of staff and awarding of contracts in a move that could allow the groups to flow commercial technology into the department quicker.

CYBERCOM plans to exercise new acquisition authority by end of fiscal year (Inside Cybersecurity) U.S. Cyber Command will use its new acquisition authority to buy cybersecurity tools by the end of this fiscal year, and the organization plans to hold its first industry day later this fall, according to a command official.

The Race to Cyberdefense, Artificial Intelligence and the Quantum Computer (Government Technology) I've been following cybersecurity startups and hackers for years, and I suddenly discovered how hackers are always ahead of the rest of us — they have a better business model funding them in their proof of concept (POC) stage of development.

Greater China cyber insurance demand set to soar after WannaCry attack: AIG (Reuters via Business Insider) Demand for cyber insurance from firms in Greater China and elsewhere in Asia is poised to soar, based on enquiries received after the "WannaCry ransomware" attack earlier this year, executives at American International Group Inc said.

Opaque nature of cyber risks makes captives managers wary (Intelligent Insurer) Companies looking to better utilise their captive to take on more risks such as cyber, need to adopt a risk-based approach and define an optimal risk financing strategy, according to Adam Peckman, global practice leader at Aon Risk Solutions, speaking at a cyber security panel at the Vermont captive Insurance Association (VCIA) annual conference in Burlington, Vermont.

Hack the Air Force Bug Bounty Program Finds 207 Vulnerabilities (eWEEK) Security researchers find 207 vulnerabilities in U.S. Air Force code, as part of the monthlong Hack the Air Force bug bounty program.

Check Point set to surpass Teva as Israel's biggest company (Globes) The gap in value between the two companies on Thursday afternoon was only $206 million.

Lastline's Market Momentum Dramatically Accelerates During Q2 2017 (BusinessWire) Record setting sales performance, Series C funding, and high-impact strategic partnerships reinforce company’s leadership position in advanced malware protection

When NeuStar went private, its executives cashed out. Here's how much they made. (Washington Business Journal) The stock and options buyback reached into the tens of millions of dollars, according to SEC filings.

Cylance® Appoints Brian Robins as Chief Financial Officer as Company Hits 283 Percent Year-Over-Year Revenue Growth (Cylance) Veteran security industry CFO brings broad experience in scaling financial infrastructure at growing software companies

Sales Leaders Join Bandura Executive Team (PRNewswire) Bandura®, LLC, a trusted cybersecurity innovator, today...

Data analytics firm adds former DoD officials to advisory board (Defense News) A big-data analytics company has appointed former deputy secretary of defense Bob Work and former vice chairman of the Joint Chiefs of Staff Adm. James “Sandy” Winnefield to its advisory board.

Products, Services, and Solutions

New infosec products of the week: August 11, 2017 (Help Net Security) This week's infosec products include releases from the following vendors: Absolute, Cellebrite, Imanis Data, Toshiba, and Tripwire.

Core Security Unveils Core Role Designer to Streamline Access Governance (PRNewswire) Core Security, a leader in Vulnerability, Access Risk Management and Network...

Comodo Announces Comodemia, an Industry-first Cybersecurity Research Service for Academia (Sys-Con Media) Comodo, a global innovator and developer of cybersecurity solutions and the worldwide leader in digital certificates, today announced that it is launching a new cybersecurity research service for university, governmental, and non-profit educators and researchers.

Darktrace Releases Version 3 of its AI Cyber Defense Solution (Dark Reading) Productivity boost for novice and expert analysts, and executives.

Self-hosted search option is a new approach to bursting the filter bubble (Naked Security) An open-source, self-hosted search aggregator might be a good way both of avoiding being tracked and getting away from the echo chamber

Does the GDPR have a technology answer? Blue Cedar injects code to protect data - not the device (Computing) There's no silver bullet, but Blue Cedar can be part of the shotgun blast of technology solutions

Microsoft Surface fails reliability report, while Apple is most reliable (CRN Australia) Microsoft hits back against the findings.

What you need to know about Microsoft Surface's 'not recommended' rating (CRN Australia) Five key takeaways from the report.

Symantec Announces Plesk Will Integrate Symantec Encryption Everywhere Security Into Its Website Management Platform, Simplifying Encryption for Small Businesses (IT Briefing) Symantec Corp. (NASDAQ-NMS:SYMC), one of the world's leading cyber security companies, today announced that Plesk, a leading WebOps platform, will now incorporate Symantec's Encryption Everywhere security offerings into its website management platform and control panel, giving web professionals, small businesses, and cloud service providers one-click access to website encryption and customized security offerings.

Secude Halocore Secures Sensitive SAP Purchasing Processes (E3zine - E-3 Magazine International) Secude announced the implementation of its solution Halocore for SAP at the Research Centre Imarat (RCI) in Hyderabad, India.

GCI Taps Synacor for Hosted Email and TV Authentication (BusinessWire) Synacor Inc. (Nasdaq:SYNC) and GCI today announced that the companies have expanded their partnership. The multiyear agreement includes an upgrade to

Datacipher accredited as a check point authorized training centre (Hindu Business Line) Datacipher, a Professional Services Company specialized in next generation networking and security

Technologies, Techniques, and Standards

Man + Machine is the winning combo for combatting cyber threats (Vectra) To understand the maturity & effectiveness of security operations teams, we conducted a survey at Black Hat to understand their response times and capabilities

Why SOCs are not comprehensive enough for ICS cyber security (Control Global) For ICS cyber security, Operations, cyber security, physical security, and risk management organizations need to coordinate and training is required for Operations to know when to work with IT Security following upset conditions.

.why .it’s .time .to .fix .localhost (Naked Security) When you type in “localhost” it refers to your local host – this very computer right here. Or not. And Mike West wants to fix that.

Let 'localhost' be localhost. (IETF) This document updates RFC6761 by requiring that the domain "localhost." and any names falling within ".localhost." resolve to loopback addresses. This would allow other specifications to join regular users in drawing the common-sense conclusions that "localhost" means "localhost", and doesn't resolve to somewhere else on the network.

Eight Myths Not to Believe About Penetration Testing (Security Intelligence) Penetration testing can help organizations across all industries identify vulnerabilities before cybercriminals have a chance to exploit them.

Is Cloud the new home for Cyber Criminals? How to be Safe? | HostReview.com (Host Review) We remain on the edge of the digital age, where innovation moves rapidly, and our lives have been ch,Cloud Computing

5 Ways to Make Threat Analysis Actionable (ThreatConnect) Lights, Camera, All Quiet on Threats (Set) - Action! - What goes into the creation of your favorite movies? They have a director, editor, post-production effects, actors, and a ton of extras. A lot goes on behind the scenes to make a film possible. Editor's piece together shots to create the films we all enjoy. The role of an editor isn't solely reserved for Hollywood; threat analysts work in the same landscape each and every day.

Prioritizing Threats With Real-Time Threat Intelligence (Recorded Future) The element of surprise plays a huge part in successful cyberattacks, and the role of threat intelligence is to minimize it.

Six Ways to Help Improve your Security Posture (Anomali) A strong cybersecurity program is quickly becoming one of the most important investments a company can make. In the wake of numerous corporate breaches over the last few years, all users are on higher alert about the safety of their sensitive data. Whatever the size or maturity level of your security infrastructure, there are a few key steps that you can take to keep your data and organization safe.1) Educate your employeesIt’s an unfortunate truth that security isn’t really a

'Security is the only team that when given more budget finds more problems' (Computing) Raj Samani, chief scientist at security firm McAfee explains why some firms are deterred from investing in security

Focusing on Employee Training for Stronger Health IT Security (HealthITSecurity) A Most Wired hospital CIO discusses why employee training has become such a critical aspect to improving health IT security measures.

Design and Innovation

Microsoft reveals new blockchain efficiency technology (CRN Australia) Claims it can make blockchain-based systems faster, more private.

Bitcoin Price Will Likely Increase to $5,000 Post SegWit: Reasons & Trends (Cointelegraph) Bitcoin price will likely increase to $5,000 post SegWit activation, considering current upward momentum of Bitcoin and the cryptocurrency market.

Buoyant Bitcoin stirs fears of a crypto-currency bubble bursting (The Independent) Bitcoin and other "cryptocurrencies" are big money, virtually as big as Goldman Sachs and Royal Bank of Scotland combined. The price of a single bitcoin hit an all-time high of above $3,500 (£2,699) this week, dragging up the value of hundreds of newer, smaller digital rivals in its wake. Now some investors fear a giant crypto-bubble may be about to burst.

B2B APIs: FinTech, Bank Rivalry (PYMNTS) The rivalry between banks and FinTechs has, at times, been tense if not downright combative. Enter APIs to help the two sides coexist more peacefully. API solutions are doing more than helping two different types of financial institutions find ways to collaborate. By integrating artificial intelligence and machine learning capabilities, companies are relying on API […]

Research and Development

IBM Just Achieved a Deep Learning Breakthrough (Futurism) Researchers are taking big leaps in deep learning.

World's Leading Physicist Says Quantum Computers Are "Tools of Destruction, Not Creation" (Futurism) With great power comes great peril.

ICF wins cybersecurity contract (Fifth Domain) Under the contract, valued at up to $93 million, ICF will support Army Research Laboratory’s Defensive Cyber Operations (DCO) and Defensive Cybersecurity Research.

DIUx reports surge in pilot program funding (Defense News) The Pentagon’s Defense Innovation Unit-Experimental (DIUx) awarded $71 million in funding for 37 pilot programs over the last year, and the group expects to transition its first demonstrator program to higher-rate production.

Academia

Online radicalisation and cyber attacks to be tackled by new university facility (Bradford Telegraph and Argus) A HIGH tech centre dedicated to cyber security has been opened at the University of Bradford, and one of its first projects it to look at how to…

Mastercard Joins CyberPatriot as Cyber Silver Sponsor (GlobeNewswire News Room) The Air Force Association’s (AFA) CyberPatriot program announced today that Mastercard has become the program’s newest sponsor.

Legislation, Policy and Regulation

New ministry to tackle terrorism (Mercury) The primary responsibility of a national government is the defence and security of its citizens.

Weakening encryption would damage the UK's wider interests says former MI5 chief (Computing) Weakening encryption would open the country up to more threats, says Jonathan Evans

Sorry, who did you say you were? We’ve forgotten about you (Naked Security) Britain’s data proposals will enshrine GDPR’s right to be forgotten in domestic law – but what’s the situation elsewhere?

Cybersecurity Bill deadline for comments looms (IT-Online) The Cybersecurity Bill, set to have massive implications for South African companies and individuals, is open for public comment until Thursday 10 August 2017.

Cyber Security Bill's success lies in how rules apply to each sector (The Straits Times) We live in an age of rapid digitisation where mobile communication and cloud computing have dramatically increased cyber connectivity.. Read more at straitstimes.com.

Solomons Government ‘committed’ to Huawei high-speed internet cable despite ‘concerns’ (Solomon Islands Broadcasting Corporation) The Solomon Islands Government says it is committed to providing high speed internet submarine cable for the country, ahead of Prime Minister Sogavare’s trip to Australia next week.

Blumenthal: North Korean Cyber Attack on Sony 'Should Have Prompted a More Aggressive Response' From Obama Admin. (Washington Free Beacon) Sen. Richard Blumenthal (D., Conn.) told MSNBC host Andrea Mitchell on Thursday that the Obama administration should have responded more aggressively against North Korea in November 2014 after they reportedly waged a cyber attack against Sony Pictures Entertainment.

Federal CISO to get second hat as National Security Council's cyber director (Cyberscoop) Acting federal CISO Grant Schneider, is getting a second hat as a senior director for cybersecurity at the NSC, raising questions among former officials.

Air Force CISO: Cyber workers 'crippled' by overload of regs (FederalNewsRadio.com) Air Force cybersecurity officials worry that the rank-and-file may be too preoccupied with the nuts and bolts of compliance.

Litigation, Investigation, and Enforcement

Ukrainian Man Arrested, Charged in NotPetya Distribution (Threatpost) The Ukranian Police suspect was arrested by the Ukrainian Police in connection with spreading the Petya ransomware.

ISIS Used eBay As Part Of Terror Network, Unsealed FBI Affidavit Shows (NPR) The network operated by a senior Islamic State official used fake eBay and PayPal transactions to funnel money to an alleged U.S. operative, who has pleaded not guilty to supporting a terror group.

A New Report Raises Big Questions About Last Year’s DNC Hack (The Nation) Former NSA experts say it wasn’t a hack at all, but a leak—an inside job by someone with access to the DNC’s system.

Blowback from staffer scandal burns Wasserman Schultz (POLITICO) "We wish she would go away and stop being so public by doubling down on negative stories," said one Florida DNC member.

Attorney for Loretta Lynch at Justice Department now at committee investigating Lynch (Washington Examiner) The attorney worked on editing Lynch's emails before going to work at the committee.

Judge tells State Dept. to search for more Clinton Benghazi emails (CNN) A federal judge has ordered the State Department to search for any additional Benghazi-related emails then-Secretary of State Hillary Clinton may have sent or received from aides Huma Abedin, Cheryl Mills or Jake Sullivan at their state.gov addresses.

Some Complicated Thoughts on Leaks and Leak Investigations (Lawfare) On Lawfare@FP, Benjamin Wittes and Susan Hennessey consider Attorney General Jeff Sessions' press conference on prioritizing leak investigations.

China investigates domestic social media sites in attempt to police content (Computing) The Great Firewall locks the country off from external influences, and now China is cracking down on internal dissidents

ACCC accuses Domain Name Corp Pty Ltd and Domain Name Agency of deception (CRN Australia) Alleges deceptive practice to sell new registrations masquerading as renewals.

TalkTalk fined £100,000 for putting THOUSANDS of customers at risk from scammers (The Sun) TalkTalk has been fined £100,000 for putting thousands of customers at risk from scammers. An investigation by the Information Commissioner’s Office (ICO) found that the telecoms giant failed…

HackinItaly: The Story Behind the Takedown of a 2,500-Strong QNAP NAS Botnet (BleepingComputer) Last Friday, on August 4, a jury in the US found Fabio Gasperini, an Italian citizen, guilty of building a botnet that he used to hijack remote servers and surreptitiously click on ads for his personal profits.

Microsoft agrees to Windows 10 security demands as Kaspersky Lab drops its antitrust complaint (VentureBeat) Russian security software company Kaspersky Lab has dropped its antitrust complaint against Microsoft after the U.S. technology giant agreed to demands to give third-party antivirus (AV) software providers more time to prepare for Windows updates.

Microsoft agrees to change Windows 10 after Kaspersky’s antitrust claims (The Seattle Times) The Russian anti-virus software company had accused Microsoft of favoring its own tools at the expense of other security software in Windows 10.

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

Embracing Innovation and Diversity in Cybersecurity (Washington, DC, USA, August 11, 2017) Drawing from the experience of a panel of experts in the field, this event will explore how diversity in thought perspective, background, and professional experience is instrumental to solving today’s cybersecurity challenges. The conversation will examine how each speaker found their career, what advice they would give to others following in their footsteps and recommendations on how to increase diversity in the cyber workforce through mentoring and education initiatives.

2017 DoDIIS Worldwide Conference (St. Louis, Missouri, USA, August 13 - 16, 2017) Hosted annually by the DIA Chief Information Officer, the DoDIIS Worldwide Conference features a distinguished line-up of speakers and an extensive selection of breakout sessions allowing attendees to gain insight and interact with experts in smaller settings. This year’s conference presents an exciting and unique opportunity to directly engage with senior leaders from the Intelligence Community, Department of Defense, and industry about the IT complexities and challenges impacting the mission user.

SANS New York City 2017 (New York, New York, USA, August 14 - 19, 2017) Be better prepared for cyber-attacks and data breaches. At SANS New York City 2017 (August 14-19), we offer training with applicable tools and techniques for effective cybersecurity practices. Gain the skills and tools you need to win the battle against the wide range of cyber adversaries who want to harm your environment.

Information Security Summit 2017 (Hong Kong, August 15 - 16, 2017) Effective Use of Analytics and Threat Intelligence to Secure Organizations: The Information Security Summit 2017 is a Regional Event with the aim to give participants from the Asia Pacific region an update on the latest development, trends and status in information security.

TechFest (Louisville, Kentucky, USA, August 16 - 17, 2017) TechFest is a biannual summit designed to bring together technology professionals for learning and networking. Attendees will have opportunities to explore economic development avenues for their businesses, connect with regional IT leaders, and learn about emerging technology. Among the topics addressed will be cybersecurity- hacking, malware, exploits, skimmers, new standards and policies in key industries.

The Chertoff Group Security Series: Security In The Boardroom (Palo Alto, California, USA, August 23, 2017) The Chertoff Group Security Series will aim to enhance and add to the Security in the Boardroom conversation by applying our insights into technology, threat, and policy to help executives respond to the evolving threat environment.

U.S. Department of Commerce Cybersecurity Awareness Day (Washington, DC, USA, August 24, 2017) On August 24, 2017, the Department of Commerce headquarters is planning the Cybersecurity Awareness Day event which will host guest speakers from throughout the Cybersecurity community. The 2017 Cybersecurity Awareness Day and Expo will feature timely, topical, and thought-provoking presentations, bringing together cybersecurity workforce, training, and educational leaders from academia, business, and government for one day of focused discussions. In light of current events involving unauthorized disclosures, sensitive and/or classified information leaks, and breaches of personally identifiable information in cyberspace, it is imperative that sound practices are incorporated. The agenda will include speakers from Industry and Government.

7th Annual Cybersecurity Training and Technology Forum (Colorado Springs, Colorado, USA, August 30 - 31, 2017) CSTTF is designed to further educate Cybersecurity, Information Management, Information Technology, and Communications Professionals by providing a platform to explore and enhance cyber resilience, collaboration, threat intelligence, information sharing, workforce development, and risk management. This will be accomplished through a number of in-depth sessions and panel discussions, along with cybersecurity exhibits provided by industry and government partners.

SANS Network Security 2017 (Las Vegas, Nevada, USA, September 10 - 17, 2017) SANS is recognized around the world as the best place to develop the deep, hands-on cybersecurity skills most in need right now. SANS Network Security 2017 offers more than 45 information security courses taught by SANS' world-class instructors, with dynamic content on the hottest information security issues. Join us for immersion training that will provide you with the cutting-edge skills to defend your organization against security breaches and prevent future attacks.

Finovate Fall 2017 (New York, New York, USA, September 11 - 14, 2017) FinovateFall 2017 will begin with the traditional short-form, demo-only presentations that more than 20,000 attendees from 3,000+ companies have enjoyed for the past decade. After two days of Finovate’s inspiring short-form demos, stay on for another day and a half of practical advice from your peers and industry gurus alike. Determine just how you will incorporate the latest fintech innovations into your product road map.

Insider Threat Program Management With Legal Guidance Training Course (Laurel, Maryland, USA, September 12 - 13, 2017) Insider Threat Defense will hold a two-day training class, Insider Threat Program (ITP) Management With Legal Guidance (National Insider Threat Policy (NITP), NISPOM Conforming Change 2). For a limited time the training is being offered at a $1295. This training will provide the ITP Manager / Senior Official and Facility Security Officer with the knowledge and resources to achieve compliance with NITP /NISPOM CC2, and go beyond these regulations to establish a robust and effective ITP. Any individual involved with supporting an ITP will also gain valuable knowledge. A licensed attorney with extensive experience in Insider Threats and Employment Law will provide legal guidance related to ITP's, the collection, use and sharing of employee information, and employee computer user activity monitoring. Any organization (State Government Agencies, Businesses, Etc.) that are not required to implement an ITP, but are concerned with Insider Threat Risk Mitigation will also benefit greatly from this training.

PCI Security Standards Council: 2017 North America Community Meeting (Orlando, Florida, USA, September 12 - 14, 2017) Join your industry colleagues for three days of networking and one-of-a-kind partnership opportunities. Whether you want to learn more about updates in the payment industry or showcase a new product, you’ll find it all at the 2017 Community Meetings.

8th Annual Billington CyberSecurity Summit (Washington, DC, USA, September 13, 2017) The 8th Annual Billington CyberSecurity Summit September 13 in Washington D.C. brings together world-class cybersecurity thought leaders for high-level information sharing, unparalleled networking and public-private partnerships from a cross-section of civilian, military and intelligence agencies, industry and academia. Keynotes from The Honorable Daniel Coats, Director of National Intelligence, Representative William Hurd, R-Texas, General Joseph Votel, Commander, United States Central Command, Robert Joyce, Special Assistant to the President and Cybersecurity Coordinator, The White House, Grant Schneider, Acting CISO, Office of Management and Budget, (invited), plus CISOs from DHS, DoD, HHS and the CIO for USCYBERSOM. Full agenda <a href="http://www.billingtoncybersecurity.com/8th-annual-billington-cybersecurity-summit/agenda/" target="_blank">here</a>.

Cyber Security Summit: New York (New York, New York, USA, September 15, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: New York. Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: New York is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

Cyber Security Conference for Executives (Baltimore, Maryland, USA, September 19, 2017) The Johns Hopkins University Information Security Institute and COMPASS Cyber Security are hosting the 4th Annual Cyber Security Conference for Executives on Tuesday, September, 19. It will be held on the Homewood Campus of Johns Hopkins University. This year’s theme is, “Emerging Global Cyber Threats.” The conference will feature thought leaders across a variety of industries to address current cyber security threats to organizations and how executives can work to better protect their data.

4th Annual Industrial Control Cybersecurity Europe (London, England, UK, September 19 - 20, 2017) Against a backdrop of targeted Industrial Control System cyber attacks against energy firms in the Ukraine power industry, the massive attacks against the Norway oil and gas industry, cyber attacks on Saudi Aramco and the new and continued threats such as Crash Override malware, Stuxnet, Havex, Dragonfly, Black Energy, and the potential impact of ransomware like #Wannacry on industrial control systems, the Cyber Senate return for the 4th Annual Industrial Control Cybersecurity Europe meeting to bring key stakeholders together to address our responsibility in ensuring the safety, reliability and stability of our Critical National Infrastructure.

Cyber Everywhere: Collaboration, Integration, Automatio (Washington, DC, USA, September 20, 2017) We’ve seen all of the cyber headlines this year – new policies emerging, old policies evolving, the cyber workforce is multiplying, and rapidly growing connected devices are complicating governance. While the Federal government is focused on security, new adversaries and attack vectors still emerge hourly. What are the early grades on the new Administration’s response to the growing cyber threat? How can collaborative tactics and integrated intelligence tools strengthen a proactive cyber defense? Join us at the sixth annual Cyber Security Brainstorm on September 20 at the Newseum to discuss the cyber strategies and opportunities that can keep our Federal government one step ahead at all times.

10th Cyber Defence Summit (Dubai, UAE, September 20, 2017) Naseba’s 10th Cyber Defence Summit will address the importance of protecting critical infrastructure and sensitive information, help companies procure cyber security solutions and services, and create further awareness of cyber security among the youth of the UAE.

2017 Washington, D.C. CISO Executive Leadership Summit (Washington, DC, USA, September 21, 2017) Highly interactive sessions will provide many opportunities for attendees, speakers and panelists to be engaged in both learning and discussion. The objective for the day is to deliver high quality useful information that attendees can develop into an action plan. Key Areas of Focus Include: Strategy, Process Improvement and Alignment, Innovation and Technology; Career Management and Leadership Development.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.