The CyberWire Daily Briefing 8.16.17

Summary

By The CyberWire Staff

Scotland's Parliament has sustained a brute-force attack on Members' email credentials. The campaign against Holyrood is similar to the one Westminster sustained in June, and similar measures are being taken to remediate it.

WannaCry and NotPetya continue to trouble enterprises (in one case, Maersk has pegged its NotPetya-related losses at $300 million). Both exploited Equation Group material leaked by the ShadowBrokers. How the Brokers got the exploits remains a mystery, but the SMB flaws they exploit—EternalBlue, EternalRomance, EternalSynergy, and EternalChampion—are likely to present problems for some time, according to an analysis published by Cylance.

The hackers who went after a Mandiant analyst in Operation #LeakTheAnalyst claim to have compromised FireEye, but it seems likelier they're mostly trolling.

"Mr. Smith" is getting more strident with HBO, but it's not clear what "Mr. Smith" may have actually obtained from hacking the entertainment giant.

The neo-nazi Daily Stormer, kicked out of most legitimate services, appears to have migrated its unsavory inspiration to the dark net. Even there, parties unknown may be pursuing it with distributed denial-of-service attacks. The Stormer or at least its message will probably find other outlets, if long experience with ISIS is any guide: the Caliphate has posted more beheading pictures—the victim this time is a captured Iranian IRGC fighter.

Trickbot banking malware is being disseminated through unusually convincing counterfeit sites—even the url and certificate are right.

PowerPoint vectors may be distributing an OLE exploit as a test, or so Cisco and Trend Micro researchers suspect.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, China, Croatia, European Union, Germany, Iran, Democratic Peoples Republic of Korea, Nigeria, Russia, Slovakia, Syria, United Arab Emirates, United Kingdom, and United States.

An approach to SIEM that works for resource-constrained organizations.

When it comes to deploying a SIEM, companies of all sizes face challenges such as budget, time and resource constraints which can seriously delay the time it takes to start detecting threats, and thus, return on investment. This new Executive Brief from Frost and Sullivan provides an overview of how AlienVault's unified approach to security addresses these challenges and provides resource-constrained organizations with an integrated solution for effective threat detection, incident response, and compliance.

On the Podcast

In today's podcast we hear from our partners at the University of Maryland's Center for Health and Homeland Security: Ben Yelin talks about the privacy concerns surrounding robot vacuum cleaners. (Yes, really, and these are real concerns. Some of the vacuums create a map of your home's interior.) Our guest is Jeff Pederson from Kroll Ontrack, the data recovery firm, with tips on how you can restore your data at need.

Sponsored Events

Security In the Boardroom (Palo Alto, CA, USA, August 23, 2017) Cybersecurity is a boardroom topic in nearly every organization. For many boards, security has evolved from a technical risk to a top business risk. Cybersecurity is also a growth opportunity. Proper integration of security and privacy concerns can drive far more effective digital transformation efforts. However, the mystique around cybersecurity can prevent board members and management from improving their cyber fluency and driving required improvements. Please join The Chertoff Group for our Security in the Boardroom event where we will demystify cybersecurity technology and policy issues while providing practical tools that board members and management can use to improve their resiliency to cyber risk and drive competitive advantage.

Cyber Security Conference for Executives (Baltimore, MD, USA, September 19, 2017) The Johns Hopkins University Information Security Institute and COMPASS Cyber Security are hosting the 4th Annual Cyber Security Conference for Executives on Tuesday, September, 19. It will be held on the Homewood Campus of Johns Hopkins University. This year’s theme is, “Emerging Global Cyber Threats.” The conference will feature thought leaders across a variety of industries to address current cyber security threats to organizations and how executives can work to better protect their data.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

Scottish Parliament targeted in 'brute force' cyber attack (BBC News) The Scottish Parliament is targeted in a "brute force" cyber attack, Holyrood's chief executive confirms.

Scottish parliament hit by cyber-attack similar to Westminster assault (the Guardian) MSPs and Holyrood staff warned hackers trying to access numerous email accounts in ongoing ‘brute force cyber-attack’

Fancy Bear bites hotel networks as EternalBlue mystery deepens (Naked Security) The attack, presumably to spy on high-value hotel guests, is textbook Fancy Bear, say researchers

NSA tools used to hack hotels; WikiLeaks in CIA Couch Potato dump (SC Media UK) An on-going malware campaign is targeting hotel and hospitality Wi-Fi networks and being used to glean guest and corporate information.

Leaked SMB exploits make malware powerful, warns Cylance (ComputerWeekly) Four key exploits at the heart of hacking tools leaked by the Shadow Brokers have given malware authors a lot of power, say security researchers.

Threat Spotlight: The Shadow Brokers and EternalPulsar Malware (Cylance) In this blog post, Threat Guidance outline all the SMB exploits leaked by The Shadow Brokers (EternalBlue/ EternalRomance/ EternalSynergy/ EternalChampion), focusing on the shellcode they use and the DoublePulsar backdoor installed by each of the exploits for remotely executing an arbitrary payload DLL.

Hospital cyber attack a matter of life and death (The Bakersfield Californian) A computer virus that infected systems throughout the world earlier this year caused millions of dollars in damages to companies in nearly every industry. It also demonstrated that hospitals may

Petya ransomware: Cyber attack costs could hit $300m for shipping giant Maersk (ZDNet) June's cyber attack will cost international shipping firm hundreds of millions in lost revenue.

Maersk shrugs off $300m cost of cyber attack as freight rates soar (Loadstar) Maersk Line posted a profit of $339m in the second quarter of the year, which compares with a loss of $151m in the same period last year.

FireEye data leaks continue - or are the hackers just trolling? (Security Brief) Hackers have released another batch of information supposedly belonging to cybersecurity firm FireEye, two weeks after the initial data dump.

How much HBO hackers have is hazy; what they want is clear – cash (Naked Security) ‘Mr Smith’, apparently the HBO hackers’ spokesman, is making extravagant claims and increasingly hostile demands

After Shutdown, Daily Stormer Users Are Moving to a Dark Web Version of Site (Motherboard) The past few days have triggered a debate around the responsibility of tech companies to host or provide services for extremist content.

Someone Appears to Be DDoSing the Dark Web Version of The Daily Stormer (Motherboard) "I don't really care about either side," the alleged attacker told Motherboard in an online chat.

Beheading of IRGC fighter unites Iranians (Al-Monitor) Iranians across the country and political spectrum have reacted to the death of Mohsen Hojjaji, an IRGC fighter who was beheaded by the Islamic State, with calls for revenge.

Microsoft PowerPoint exploit used to bypass antivirus and spread malware (ZDNet) It's the first time this exploit has been used to target PowerPoint users -- and it's being used to distribute powerful Trojan malware, say researchers.

Attackers experimenting with CVE-2017-0199 in recent phishing attacks (CSO Online) Researchers at Trend Micro and Cisco's Talos have identified a new wave of Phishing attacks leveraging CVE-2017-0199, a previously-patched remote code execution vulnerability in the OLE (Windows Object Linking and Embedding) interface of Microsoft Office. These latest attacks have paired the vulnerability with others in an attempt to bypass warning messages, but the results were less than stellar.

New Trojan malware campaign sends users to fake banking site that looks just like the real thing (ZDNet) Trickbot is now redirecting to a counterfeit site that displays the correct URL and the digital certificate of its genuine equivalent.

Spam Domains Imitating Popular Banks Spreading Trickbot Banking Trojan (Threatpost) Researchers have analyzed spam campaigns utilizing plausible imitations of legitimate banking domains to spread the Trickbot banking malware.

New Disdain Exploit Kit Sold on Underground Hacking Forums (BleepingComputer) A malware developer using the pseudonym of Cehceny is currently advertising a new exploit kit on underground hacking forums.

Analysis of a Paypal phishing kit (SANS Internet Storm Center) They are plenty of phishing kits in the wild that try to lure victims to provide their credentials. Services like Paypal are nice targets and we can find new fake pages almost daily. Sometimes, the web server isn’t properly configured and the source code is publicly available.

Attackers Backdoor NetSarang Software Update Mechanism (Threatpost) Researchers said that the update mechanism for Korean server management software provider NetSarang was compromised and serving a backdoor called ShadowPad.

Security Exploit in July 18, 2017 Build (NetSarang) On Friday August 4th, 2017, our engineers in cooperation with Kaspersky Labs discovered a security exploit in our software specific to the following Builds which were released on July 18, 2017... As of Aug 15, 2017, Kaspersky Labs has discovered a single instance of this exploit being utilized in Hong Kong.

Seven More Chrome Extensions Compromised (Threatpost) The list of compromised Chrome extensions that hijack traffic and substitute advertisements on victims’ browsers grows.

IRS Phishing Scam Targets Tax Professionals (Email Marketing Daily) The Internal Revenue Service (IRS) is warning about a new email impersonation scam targeting tax professionals.

Blizzard Entertainment hit by massive DDoS attack (HackRead) The web servers of Blizzard Entertainment have suffered a series of massive distributed denial-of-service (DDoS) attacks over the weekend causing disconnec

The Crisis of Connected Cars: When Vulnerabilities Affect the CAN Standard (TrendLabs Security Intelligence Blog) In many instances, researchers and engineers have found ways to hack into modern, internet-capable cars, as has been documented and reported several times.

Hacker unlocks vehicle for family who'd lost keys months ago (HackRead) Our world is full of good and bad people and same applies for hackers. Where there are hackers eager to use their skills for wrong purposes and we have thi

BEC Attacks Don't Always Require Sophistication (Dark Reading) Simple business email compromise scams can con companies out of huge sums of money and don't require much hacking or even social engineering know-how.

The Silent Risk: The Risk of File-Less Cyber Attacks (Infosecurity Magazine) Silent attacks which make it past the gateway and pose the greatest risk to an organization?

Security Patches, Mitigations, and Software Updates

Once Android O arrives, the OnePlus 3 and 3T are getting left behind (TalkAndroid.com) The two 2016 phones from OnePlus will no longer receive major software updates after Android O begins rolling out this year.

Cyber Trends

Caution advised with information security surveys (CSO Online) Cybersecurity reports based on answers from respondents often produce misleading or inaccurate statistics, and they can lead to industry confusion.

IoT Medical Devices a Major Security Worry in Healthcare, Survey Shows (Dark Reading) Healthcare providers, manufacturers, and regulators say cybersecurity risks of IoT medical devices and connected legacy systems a top concern.

US, China and the UK are top regions affected by IoT security threats (Help Net Security) In the IoT ecosystem, cyberattacks are becoming more diverse with cybercriminals taking over home network routers to launch attacks on smart home devices.

Marketplace

Global cybersecurity spending to grow 7% to $86.4BN in 2017, says Gartner (TechCrunch) Analyst Gartner is projecting that worldwide spending on IT security products and services will grow seven per cent, year over year, to reach a total of $86.4..

A Cyber Security Investment Strategy For The Future (Seeking Alpha) Cyber Security ETF's have performed well on average, gaining 10%-17% since February. Having investments across all areas of cyber security is key to a diverse c

Andrew Ng is raising a $150M AI Fund (TechCrunch) We knew that Andrew Ng had more than just a series of deep learning courses up his sleeve when he announced the first phase of his deeplearning.ai last week...

Database provider MongoDB has filed confidentially for IPO (TechCrunch) MongoDB has filed confidentially for IPO, sources tell TechCrunch. The company has submitted an S-1 filing in the past few weeks and is aiming to go public..

ClearSky raises $168M for security vehicle (PitchBook News) ClearSky Capital has raised $168.3 million of a $300 million target for its latest fund, per an SEC filing, which the firm will use to back companies in the cybersecurity, industrial security and...

LPC: DigiCert to back Symantec unit buy with US$1.59bn loan (Reuters) US internet security companyDigiCert's banks have begun sounding out prospective investorsabout the debt financing that will support the company'sacquisition of Symantec’s web certification business, accordingto four sources familiar with the matter.

It looks like Amazon used a small acquisition to catch up with Microsoft Azure on security (CNBC) Amazon Web Services has introduced a data security tool based on a recent acquisition.

3 Key Takeaways From FireEye's Q2 Earnings (The Motley Fool) FireEye is pulling the right strings to get profitable.

Cybersecurity Leader from Slovakia to Build the Next Hub of the Industry (Military Technologies) ESET, a leader in cybersecurity, has today announced its plans to build state of the art new company headquarters on the nine hectare site of the former military hospital at Patronka, close to Forest Park, Bratislava.

NHS Digital signs cyber security agreement with Microsoft (ComputerWeekly) In the wake of the global WannaCry ransomware attacks, NHS Digital has signed a new cyber security support agreement with Microsoft

Akamai Could Get Boost From ESPN Stream (Barron's) A direct-to-consumer offering of ESPN could move the market. Akamai shines as a content delivery network.

Blockchain And IBM's Comeback (Seeking Alpha) IBMs quarter 2 findings are indicative of the corporate future that we can expect. To what extent should the negative press be validated, according to strategic

It's 'curtains' for start-ups as Microsoft 'plugs the gaps' in Office 365 (Computing) Tony Pepper, CEO and co-founder of Egress says that if Microsoft keeps plugging gaps in its Office 365 support offering, it could be 'curtains for a bunch of start-ups'

Give Aussie cyber firms a fair go, says government growth network CEO (CIO) The CEO of the government's Australian Cyber Security Growth Network today implored hundreds of IT professionals to give Aussie security firms a fair go.

World’s Largest Nonprofit Association of Certified Cybersecurity Professionals Surpasses 125,000 Members ((ISC)2) (ISC)2 empowers the cyber, IT, infrastructure and software security experts strengthening the cyber defenses of businesses and government agencies worldwide

vArmour Continues to Showcase Innovation and Momentum with its Unique Security Solutions (Marketwired) Company recognized by the International Business Awards for Product Innovations and Marketing Success

Booz Allen's U.S. Commercial Team Adds Strong Cyber Leadership to Help Clients Protect Against Advanced Cyber Threats (BusinessWire) Booz Allen announced four new senior hires, part of its strategy to build the most skilled and experienced cyber team for commercial clients.

Unisys Names Shalabh Gupta as Vice President and Treasurer (IT Business Net) Unisys Corporation (NYSE: UIS) today announced that Shalabh Gupta has joined the company as vice president and treasurer.

M&T Bank Corp. (MTB) Elects Richard Ledgett to Board of Directors (Street Insider) M&T Bank Corporation (NYSE: MTB) announced the election of Richard H. Ledgett, Jr. of Crownsville, Maryland to its Board of Directors, effective August 15, 2017. Mr. Ledgett was also elected to the Board of Directors of M&T Bank, M&T's principal banking subsidiary.

Products, Services, and Solutions

Q2 2017 Results: Netwrix Auditor 9.0 Released to Combat Ransomware, Contributes to Sales Growth (PRNewswire) Netwrix Corporation, provider of a visibility platform for user...

Infoblox Bolsters Threat Intelligence by Collaborating with Department of Homeland Security (Infoblox) Infoblox Inc., the network control company that provides Actionable Network Intelligence, today announced it is collaborating with The Department of Homeland Security’s (DHS) Automated Indicator Sharing (AIS) program to share feeds on indicators of compromise (IP Addresses and hostnames). Infoblox ActiveTrust® suite provides real-time automated sharing of threat intelligence to deliver stronger and more effective …

Orca Tech signs Forcepoint as its third security vendor since launch (CRN Australia) New security distie gains vendor's full security range.

Wi-Fi hackers halted: Kaspersky Lab introduces secure connection Freemium App for android devices | Latest News & Updates at Daily News & Analysis (dna) Kaspersky Lab introduces its new freemium application, Kaspersky Secure Connection for Android, designed to protect user data transmitted via the Internet.

The Power of Pervasive Encryption (Security Intelligence) The new z14 mainframe from IBM includes a revamped coprocessor that enables pervasive encryption of both at-rest and in-transit data.

AWS launches data security service called Macie with machine learning (ZDNet) Macie is AWS' managed service designed to protect sensitive data across S3 with more data repositories to follow.

Integrating Wapack Labs CTAC with ThreatQ (ThreatQuotient) Most threat intelligence providers just offer curated intelligence, CTAC gives you direct access to the raw data which allows analysts a lot of flexibility.

Maximizing Efficiency with Siemens Cloud-Hosted Security Solutions (Campus Safety Magazine) Siemens cloud solutions allow campus personnel to simplify the security technology installation process and get more done with fewer resources.

New ZoneAlarm Anti-Ransomware Protects Home PCs Against Extortion Attacks (NASDAQ.com) ZoneAlarm adds a critical layer of protection to safeguard consumers against fast-evolving ransomware such as WannaCry and Petya; works alongside installed anti-virus software

WatchGuard’s New Fireboxes Chew Through Encrypted Traffic 94 Percent Faster Than Competitors (CSO) New Firebox M Series appliances help SMBs keep up with the rising tide of encrypted traffic with best-in-class performance and security

Portnox Ensures Secure and Trusted User Access with Continuous Risk Assessment with WatchGuard Integration (BusinessWire) Portnox, a market leader for network visibility, access control and device risk management solutions, today announced its partnership with WatchGuard&

Rackspace rolls out new service for coming European data protection rules (SiliconANGLE) Rackspace rolls out new service for coming European data protection rules - SiliconANGLE

Splunk Beefs Up Cloud Monitoring Tool (EnterpriseTech) As enterprises accelerate the shift to a hybrid private/public cloud model, a growing list of data analytics vendors are stepping up to offer cloud monitor

How an AI-driven industrial immune system could protect oil & gas from cyber attacks (Offshore Technology) Siemens has partnered with Darktrace to bring the AI-driven Industrial Immune System technology to more customers in the oil and gas industry. As critical energy infrastructure is a target for hackers, the importance of securing it should not be...

MozyEnterprise finds a new key for backup security (Search Storage) Dell EMC’s Mozy has unlocked a new encryption key security feature for its enterprise backup product.

Technologies, Techniques, and Standards

NIST Crafts Next-Generation Safeguards for Information Systems and the Internet of Things (NIST) Information systems—from communications platforms to internet-connected devices—require both security and privacy safeguards to work successfully and protect users in our increasingly complex and interconnected world. Toward these ends, the National Institute of Standards and Technology (NIST) has issued a new draft revision of its widely used Special Publication (SP) 800-53,

Here's why the scanners on VirusTotal flagged Hello World as harmful (CSO Online) Last week, on August 10, a security researcher who goes by the handle "zerosum0x0" posted an interesting image to Twitter, it was the code behind a debug build of an executable. The code was 'Hello World' – the training example used to teach new coders. When the executable was submitted to VirusTotal, several firms flagged it as a problem.

Achieve GDPR Compliance with a Data-centric Approach to Security (TechSpective) As companies engage with customers and collect data, it’s important to respect and protect individual privacy. The members of the European Union (EU) are e

What is OAuth? What security pros need to know (CSO Online) The OAuth open authorization framework allows websites and services to share assets among users. It is widely accepted, but be aware of its vulnerabilities.

7 things startups need to know about cybersecurity (CIO) Cybersecurity is now simply one the many realities of doing business today. You should know the risks, and put programs in place that will help you avoid getting hit by cyberattacks down the line.

When it all kicks off: What happens at a security firm when a global malware outbreak occurs? (Computing) McAfee chief scientist Raj Samani explains how security firms respond to a global security crisis

How CFOs Can Partner With CISOs to Strengthen Cybersecurity (Equities) Earlier this year, New York became the first state in the nation to establish cybersecurity regulations to protect consumers and financial institutions. The regulations stipulate that companies must not only implement protocols for mitigating cybersecurity breaches, but also designate a chief information security officer.

Why CEOs need to talk to their CTOs about cybersecurity now (IT Pro Portal) Cybersecurity is one of the biggest threats to businesses right now and CEOs must make it a top priority.

20 Tactical Questions SMB Security Teams Should Ask Themselves (Dark Reading) Or why it pays for small- and medium-sized businesses to plan strategically but act tactically.

It's the doctors who need help as breach notification looms (CRN Australia) [Comment] Mandatory data breach legislation will put huge pressure on healthcare companies of any size.

LA Cyber Lab: New Program to Tackle Cyber Threats (NBC Southern California) Mayor Eric Garcetti announced on Tuesday an unprecedented initiative to freely share information about cybersecurity threats with businesses in the city.

The Cyber Security Of Our Electricity Grid (KnowBe4) Guest Blogger Craig Reeds commented on the safety of our Electricity Grid.

Is your security strategy keeping up? (CSO Online) Has your organization revisited its security strategy to ensure it is founded on the latest in experience, knowledge and security capabilities? Much like your best employees, successful cybercriminals are always evolving their skill sets, uncovering new inroads into your network. Learn about the most effective security controls for your organization.

The best enterprise anti-virus protection may not be enough (CSO Online) Ransomware and other threats often get through signature-based anti-virus protection, giving it a bad rap. However, anti-virus tools still play an important role in the enterprise security strategy.

Design and Innovation

WANs, tunnels and tags are things of the past (Network World) A look at WAN deployments through the ages. The future of WANs is no-WAN.

Toronto Just Got Its First Ethereum ATMs (Motherboard) But... why?

Research and Development

Quantum Internet Is 13 Years Away. Wait, What's Quantum Internet? (WIRED) A Chinese physicist hopes that quantum communications will span multiple countries by 2030. So ... what's it for?

Qubitekk Licenses Oak Ridge Photon Production Method (Photonics) Quantum computing and cryptography technology developer Qubitekk Inc. has non-exclusively licensed a method developed by Oak Ridge National Laboratory (ORNL) to produce photons in a controlled, deterministic manner that promises improved speed and security when sharing encrypted data.

Stanford researchers identify 'ultrathin' semiconductor materials that could enable transistors ten times smaller than anything possible today (Computing) Materials could help shrink electrical circuits from five nanometers to three atoms thick

Intel teases market with 10nm microprocessors codenamed Ice Lake to debut by 2019 (Computing) Coffee Lake, coming within weeks, was supposed to be built on 10nm process architectures

DHS S&T Awards Metronome Software $750K To Strengthen Security Of First Responder Sensor Systems (Electronic Component News) Metronome Software is developing a technology solution that will significantly enhance the security of mobile device-based sensor systems used by first responders with funding provided by the Department...

Academia

UGA named National Center of Academic Excellence in Cyber Defense Research (UGA Today) One of 71 institutions nationwide to hold joint NSA/DHS designation

'Welcome to the future': Dakota State teases big announcement Sunday (Argus Leader) Dakota State University will soon solidify its national standing as a forerunner in cyber security.

Military hack simulated in latest UK cyber challenge (The Engineer) Cyber Security Challenge UK has staged the latest semi-final in its competition to seek out the best young cyber talent in the country.

Legislation, Policy and Regulation

Cyberspace aggression adds to North Korea's threat to global security (The Conversation) Reports of North Korea's capability of firing nuclear weapons are not the only serious threat to global security. North Korea has also become an aggressive cyber power.

Opinion | China’s Intellectual Property Theft Must Stop (New York Times) Trump is right to crack down on a $600 billion drain on the American economy.

Artificial Intelligence More Dangerous Than North Korea, Elon Musk Tweets (CleanTechnica) We would expect Elon Musk to be a champion of artificial intelligence. After all, it is the cornerstone of the autonomous driving system known as Autopilot that is featured in Tesla automobiles. But he has been warning about the potential dangers of AI since 2014, when he called it the “biggest existential threat” to humanity

China’s new cybersecurity law lacks detail, says Tencent VP (South China Morning Post) Separate report also claims new law only adds to a web of complex data protection laws and regulations, aimed at defending against threats to Chinese sovereignty

Auto Security: Do Feds Have Our Back? (EETimes) Government agencies in the U.S. and the U.K. are working to get ahead of the curve and let the public know that they are concerned about vehicle cybersecurity.

Home Office on the lookout for £80k data protection officer ahead of May 2018 GDPR deadline (Computing) Is an £80k salary really enough for the combination of skills and responsibilities required for the role?

Litigation, Investigation, and Enforcement

Hutchins pleads not guilty in Milwaukee court on six charges of writing and distributing malware (Computing) Marcus Hutchins appears in court a week after his release on bail following his airport arrest

Marcus Hutchins Pleads Not Guilty in Milwaukee to Malware Creation Charges, Following FBI Las Vegas Arrest (Casino.org) Marcus Hutchins has found out the hard way that what happens in Vegas definitely does not stay in Vegas.

Obama team was warned in 2014 about Russian interference (POLITICO) In 2014, the administration got a report of Russia’s intention to disrupt Western democracies, including the United States.

New report claims DNC hack was an inside job — not Russia (New York Post) A group of former US intelligence officials contend that the hack of the Democratic National Committee’s computers in 2016 was an inside job.

Former Top NSA Lawyer Talks Spying, Leaks and Cybersecurity in the Age of Trump (Law.com) When Rajesh De was first approached about joining the National Security Agency as its general counsel advisers warned him he might be the last person…

Privacy advocates advise Supreme Court to protect phone location data under the 4th Amendment (TechCrunch) Among the Supreme Court's many upcoming cases is Carpenter v. United States, which will settle the question of whether your location and movements, as..

‘Get rich or die trying’ – Check Point Researchers Uncover International Cyber Attack Campaign (GlobeNewswire News Room) A Nigerian national based near the country’s capital masterminded a wave of attacks on over 4,000 companies in oil & gas, mining, construction and transportation sectors

Uber agrees to 20 years of privacy audits to settle FTC data mishandling probe (TechCrunch) The legacy of Travis Kalanick's fast and loose management style at Uber continues to serve up fresh embarrassments for the embattled, still CEO-less company.

American accused of faking eBay sales to fund US terror pleads guilty (Ars Technica) It’s “first known time ISIS had given money to someone in the US for an attack.”

Secret Service agent, corrupted by Silk Road case, cops to second heist (Ars Technica) Shaun Bridges, who already was given 71 months in prison, awaits a new sentence.

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

TechFest (Louisville, Kentucky, USA, August 16 - 17, 2017) TechFest is a biannual summit designed to bring together technology professionals for learning and networking. Attendees will have opportunities to explore economic development avenues for their businesses, connect with regional IT leaders, and learn about emerging technology. Among the topics addressed will be cybersecurity- hacking, malware, exploits, skimmers, new standards and policies in key industries.

The Chertoff Group Security Series: Security In The Boardroom (Palo Alto, California, USA, August 23, 2017) The Chertoff Group Security Series will aim to enhance and add to the Security in the Boardroom conversation by applying our insights into technology, threat, and policy to help executives respond to the evolving threat environment.

U.S. Department of Commerce Cybersecurity Awareness Day (Washington, DC, USA, August 24, 2017) On August 24, 2017, the Department of Commerce headquarters is planning the Cybersecurity Awareness Day event which will host guest speakers from throughout the Cybersecurity community. The 2017 Cybersecurity Awareness Day and Expo will feature timely, topical, and thought-provoking presentations, bringing together cybersecurity workforce, training, and educational leaders from academia, business, and government for one day of focused discussions. In light of current events involving unauthorized disclosures, sensitive and/or classified information leaks, and breaches of personally identifiable information in cyberspace, it is imperative that sound practices are incorporated. The agenda will include speakers from Industry and Government.

7th Annual Cybersecurity Training and Technology Forum (Colorado Springs, Colorado, USA, August 30 - 31, 2017) CSTTF is designed to further educate Cybersecurity, Information Management, Information Technology, and Communications Professionals by providing a platform to explore and enhance cyber resilience, collaboration, threat intelligence, information sharing, workforce development, and risk management. This will be accomplished through a number of in-depth sessions and panel discussions, along with cybersecurity exhibits provided by industry and government partners.

SANS Network Security 2017 (Las Vegas, Nevada, USA, September 10 - 17, 2017) SANS is recognized around the world as the best place to develop the deep, hands-on cybersecurity skills most in need right now. SANS Network Security 2017 offers more than 45 information security courses taught by SANS' world-class instructors, with dynamic content on the hottest information security issues. Join us for immersion training that will provide you with the cutting-edge skills to defend your organization against security breaches and prevent future attacks.

Finovate Fall 2017 (New York, New York, USA, September 11 - 14, 2017) FinovateFall 2017 will begin with the traditional short-form, demo-only presentations that more than 20,000 attendees from 3,000+ companies have enjoyed for the past decade. After two days of Finovate’s inspiring short-form demos, stay on for another day and a half of practical advice from your peers and industry gurus alike. Determine just how you will incorporate the latest fintech innovations into your product road map.

Insider Threat Program Management With Legal Guidance Training Course (Laurel, Maryland, USA, September 12 - 13, 2017) Insider Threat Defense will hold a two-day training class, Insider Threat Program (ITP) Management With Legal Guidance (National Insider Threat Policy (NITP), NISPOM Conforming Change 2). For a limited time the training is being offered at a $1295. This training will provide the ITP Manager / Senior Official and Facility Security Officer with the knowledge and resources to achieve compliance with NITP /NISPOM CC2, and go beyond these regulations to establish a robust and effective ITP. Any individual involved with supporting an ITP will also gain valuable knowledge. A licensed attorney with extensive experience in Insider Threats and Employment Law will provide legal guidance related to ITP's, the collection, use and sharing of employee information, and employee computer user activity monitoring. Any organization (State Government Agencies, Businesses, Etc.) that are not required to implement an ITP, but are concerned with Insider Threat Risk Mitigation will also benefit greatly from this training.

PCI Security Standards Council: 2017 North America Community Meeting (Orlando, Florida, USA, September 12 - 14, 2017) Join your industry colleagues for three days of networking and one-of-a-kind partnership opportunities. Whether you want to learn more about updates in the payment industry or showcase a new product, you’ll find it all at the 2017 Community Meetings.

8th Annual Billington CyberSecurity Summit (Washington, DC, USA, September 13, 2017) The 8th Annual Billington CyberSecurity Summit September 13 in Washington D.C. brings together world-class cybersecurity thought leaders for high-level information sharing, unparalleled networking and public-private partnerships from a cross-section of civilian, military and intelligence agencies, industry and academia. Keynotes from The Honorable Daniel Coats, Director of National Intelligence, Representative William Hurd, R-Texas, General Joseph Votel, Commander, United States Central Command, Robert Joyce, Special Assistant to the President and Cybersecurity Coordinator, The White House, Grant Schneider, Acting CISO, Office of Management and Budget, (invited), plus CISOs from DHS, DoD, HHS and the CIO for USCYBERSOM. Full agenda <a href="http://www.billingtoncybersecurity.com/8th-annual-billington-cybersecurity-summit/agenda/" target="_blank">here</a>.

Cyber Security Summit: New York (New York, New York, USA, September 15, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: New York. Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: New York is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

Cyber Security Conference for Executives (Baltimore, Maryland, USA, September 19, 2017) The Johns Hopkins University Information Security Institute and COMPASS Cyber Security are hosting the 4th Annual Cyber Security Conference for Executives on Tuesday, September, 19. It will be held on the Homewood Campus of Johns Hopkins University. This year’s theme is, “Emerging Global Cyber Threats.” The conference will feature thought leaders across a variety of industries to address current cyber security threats to organizations and how executives can work to better protect their data.

4th Annual Industrial Control Cybersecurity Europe (London, England, UK, September 19 - 20, 2017) Against a backdrop of targeted Industrial Control System cyber attacks against energy firms in the Ukraine power industry, the massive attacks against the Norway oil and gas industry, cyber attacks on Saudi Aramco and the new and continued threats such as Crash Override malware, Stuxnet, Havex, Dragonfly, Black Energy, and the potential impact of ransomware like #Wannacry on industrial control systems, the Cyber Senate return for the 4th Annual Industrial Control Cybersecurity Europe meeting to bring key stakeholders together to address our responsibility in ensuring the safety, reliability and stability of our Critical National Infrastructure.

Cyber Everywhere: Collaboration, Integration, Automatio (Washington, DC, USA, September 20, 2017) We’ve seen all of the cyber headlines this year – new policies emerging, old policies evolving, the cyber workforce is multiplying, and rapidly growing connected devices are complicating governance. While the Federal government is focused on security, new adversaries and attack vectors still emerge hourly. What are the early grades on the new Administration’s response to the growing cyber threat? How can collaborative tactics and integrated intelligence tools strengthen a proactive cyber defense? Join us at the sixth annual Cyber Security Brainstorm on September 20 at the Newseum to discuss the cyber strategies and opportunities that can keep our Federal government one step ahead at all times.

10th Cyber Defence Summit (Dubai, UAE, September 20, 2017) Naseba’s 10th Cyber Defence Summit will address the importance of protecting critical infrastructure and sensitive information, help companies procure cyber security solutions and services, and create further awareness of cyber security among the youth of the UAE.

2017 Washington, D.C. CISO Executive Leadership Summit (Washington, DC, USA, September 21, 2017) Highly interactive sessions will provide many opportunities for attendees, speakers and panelists to be engaged in both learning and discussion. The objective for the day is to deliver high quality useful information that attendees can develop into an action plan. Key Areas of Focus Include: Strategy, Process Improvement and Alignment, Innovation and Technology; Career Management and Leadership Development.

Connect Security World (Marseille, France, September 25 2017 - September 27 2014) As IoT solutions are transitioning from hype to real deployments, the “Internet of insecure things” threat is gaining ground. To address unlimited risks, threats and vulnerabilities surrounding IoT, a new generation of connected devices and services is required, with better security and privacy by design. In its 6th edition, Connect Security World invites both digital security experts and IoT developers to discuss and define a true end-to-end security, from sensors to Cloud, from design and development to deployment.

(ISC)2 Security Congress (Austin, Texas, USA, September 25 - 27, 2017) (ISC)² Security Congress cybersecurity conference brings together nearly 1,500 cybersecurity professionals, offers 100+ educational and thought-leadership sessions, and fosters collaboration with forward-thinking organizations. The goal of our conference is to advance security leaders by arming them with the knowledge, tools and expertise to protect their organizations. (ISC)² members are eligible for special discounted pricing and will have opportunities to attend exclusive member events.

Connect Security World (Marseille, France, September 25 - 27, 2017) As IoT solutions are transitioning from hype to real deployments, the “Internet of insecure things” threat is gaining ground. To address unlimited risks, threats and vulnerabilities surrounding IoT, a new generation of connected devices and services is required, with better security and privacy by design. In its 6th edition, Connect Security World invites both digital security experts and IoT developers to discuss and define a true end-to-end security, from sensors to Cloud, from design and development to deployment. (Note: the call for speakers is open through April 4, 2017.)

SINET61 2017 (Sydney, Australia, September 26 - 27, 2017) Promoting cybersecurity on a global scale. SINET – Sydney provides a venue where international solution providers can engage with leaders of government, business and the investment community to advance innovative solutions to cybersecurity challenges.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

Holyrood hit with brute-force. Equation Group exploits likely to continue to cause trouble. Compromise or trolling? Terrorist inspiration finds its outlets. Trickbot's convincing counterfeits. PowePoint malware a test?