The CyberWire Daily Briefing 8.24.17

Summary

By The CyberWire Staff

Today is Ukraine's independence day, and fears that the country would be subjected to another wave of cyberattacks haven't so far been realized, despite a scare. The web server of Crystal Finance Millennium, an accounting software firm based in Kyiv, has been found compromised with Purgen ransomware. But the attack seems simply criminal, not state-directed as was the case with NotPetya. Purgen has been in the servers since August 18th, according to Kaspersky Labs, and ISSP's analysis of the malware indicates that it's conventional ransomware.

The US Navy hasn't ruled out cyberattack as having contributed to the collision between a destroyer and a tanker in the Straits of Malacca this week, but that possibility seems increasingly unlikely. The commander of the US 7th Fleet has been relieved (his seniors have "lost confidence" in his leadership of the Fleet).

4iQ reports finding an accidental exposure of high-net-worth individuals' data by various banks.

Mimecast warns of "Ropemaker," a method of altering the content of emails after they've been received. A threat actor could inject malicious content via remote CSS files. (Mimecast hasn't seen Ropemaker used in the wild, yet.)

Microsoft cautions enterprises to be on their guard against "weaponized" virtual machines.

The US Government turns up the volume of warnings that Kaspersky products could be virtual FSB moles. Australia's Government still wants nothing to do, on security grounds, with a Huawei cable serving the Solomon Islands. Both Kaspersky and Huawei protest their innocence.

European countries remain on high alert for jihadist attacks.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, China, Finland, France, Italy, Kenya, Netherlands, Nigeria, Russia, Solomon Islands, Spain, Ukraine, United Kingdom, United States, and and Vietnam.

A note to our readers: for perspective on how one might open-source malware prevention, see this video discussion with AlienVault's Garrett Gross, produced by Cylance in partnership with the CyberWire.

Best Practices for Applying Threat Intelligence

Threat intelligence is one of the most talked about areas of information security today, but how do you actually use it? Learn best practices for applying threat intelligence with Recorded Future's latest white paper. Download your free copy now.

On the Podcast

In today's podcast we hare from our partners at the Johns Hopkins University, as Joe Carrigan offers perspective on medical device security legislation. Our guest, Christopher Pierson from Viewpost, shares his observations from DEF CON.

Sponsored Events

Incident Response 17: IR17 The First Operational Community-Driven Incident Response Conference (Pentagon City, VA, USA, September 11 - 12, 2017) IR17 is open to both commercial and government professionals. Join us to learn tips and best practices from industry leaders. IR17 features 30+ hours of practical training, 36 breakout sessions designed for all levels of experience, and you will leave the conference with a developed incident response plan.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

Another Ukrainian software maker's site compromised to spread malware (Help Net Security) The web server of Crystal Finance Millennium, a Ukraine-based accounting software firm, has been compromised and made to host different types of malware.

Ukraine Fears Second Ransomware Outbreak as Another Accounting Firm Got Hacked (BleepingComputer) Ukrainian authorities and businesses are on alert after a local security firm reported that another accounting software maker got hacked and its servers were being used to spread malware.

Navy leadership removes 7th fleet commander after 'loss of confidence' (FederalNewsRadio.com) Vice Adm. Joseph Aucoin has been relieved of command after a series of at-sea incidents including the recent USS John S. McCain collision.

Cyber suspicions floated after latest ship collision (GCN) The Navy says there is no sign of cyber intrusion, but 'all possibilities' will be investigated.

The Accidental Panama Papers – @4iQ (Medium) Panama broker accidentally exposed 52,000 financial and legal documents of wealthy individuals

ROPEMAKER Attack Turns Benign Emails Hostile Post-Delivery (Dark Reading) The intersection of email and Web technologies has given attackers a way to mess with your email after it has been delivered to your inbox, Mimecast says.

ROPEMAKER Lets Attackers Change Your Emails After Delivery (BleepingComputer) A new email attack scenario nicknamed ROPEMAKER allows a threat actor to change the content of emails received by targets via remote CSS files.

Chinese Advertising SDK Caught Stealing Data From Android Devices (BleepingComputer) An advertising software development kit (SDK) embedded in many legitimate apps has been secretly siphoning user data and sending it to the servers of a Chinese company.

Google Play Store Security Scans Tricked by ...Sigh... In-Dev Malware (BleepingComputer) Google has yet to remove two apps infected with dangerous malware that are currently still available for download via the official Google Play Store.

Free VPNs among eight hacked Chrome Extensions (VPNCompare) The Chrome extensions of two free VPN services are among eight which were hacked at the end of the last month, putting user data at risk.

Microsoft Sounds Alarm on Weaponized Virtual Machines on the Cloud (eWEEK) To prevent widespread cyber-attacks, enterprises are advised to protect their cloud credentials and tighten up their security policies.

Malware uncovered by ESET researchers aimed at gamers (WeLiveSecurity) ESET researchers have discovered a new malware that can download and install virtually any other malicious code on the victim’s the malware computer.

China Is Boosting Its Phishing Attacks — Against Vietnam (BuzzFeed) The efforts to gain access to computers in Vietnam reflects how commonplace cyberespionage has become among nations.

Android Ransomware Jumps Over 100% in 2017 (Infosecurity Magazine) Android Ransomware Jumps Over 100% in 2017. Malwarebytes stats show growing threat to mobile ecosystem

CryptoMix Variant Can Communicate Offline (Infosecurity Magazine) Error can encrypt files with no network communication

New Ransomware Strand Could Affect Government Through Phishing Attempts (MeriTalk) Comodo Threat Intelligence Labs discovered a new strand of ransomware that was used in email phishing campaigns in the beginning of August and is being used in a current hacking campaign.

BEC Campaigns Target Organizations Using Credential Phishing (Flashpoint) Flashpoint identified a BEC campaign that relied on PDFs containing links that redirected victims to credential-harvesting phishing sites.

RiskIQ Warns: Don't Bite The Phish Hook (PYMNTS.com) You there, corporate decision-maker. Are you ready to respond to a cyber threat? How confident do you feel in your ability to handle and mitigate the situation? If the answer is “not very,” you’re in good company. Recent research by San Francisco-based cyber security company RiskIQ, aggregated in the company’s 2017 State of Enterprise Digital […]

WH cyber czar warns against Kaspersky products (TheHill) "[T]hey have a lot of control and latitude over the information that goes to companies in Russia," said Cyber Czar Rob Joyce.

W.H. cybersecurity coordinator warns against using Kaspersky Lab software (CBS News) Rob Joyce says the U.S. is lacking 300,000 cybersecurity experts needed to defend the country

Vetting Code Libraries, Not Just Kaspersky, Will Improve Security (Wall Street Journal) The Trump administration removed Kaspersky Labs from the list of approved cybersecurity vendors because of alleged ties to Russian intelligence. But experts say the true risk of foreign code lies in code libraries that provide the foundation for countless apps and corporate programs.

Storm breaks over AccuWeather phoning home without consent (Naked Security) Data-sucking service partner says it’s been misunderstood – but you might still want to double-check your settings

Pulse Wave Techniques Allow Cybercriminals to Quickly Ramp Up DDoS Attacks (Security Intelligence) The traditional slow crescendo of malicious traffic in DDoS attacks is being replaced by a technique that hits organizations in multiple places at once.

A reversal? Large-scale DDoS attacks take recent dip (Cyberscoop) Massive denial of service attacks were largely missing from the internet this summer, according to new research from Akamai.

Russian hackers expose allegedly doping footballers (ComputerWeekly) Russian hacking group Fancy Bear has exposed 150 footballers worldwide for allegedly taking banned substances, underlining the importance of protecting personal data

HBO's twitter account gets hacked - The chronological order of cyber-attacks (The FurmanPaladin) Earlier in July HBO’s security was breached. Hacker’s stole 1.5 terabytes of data from HBO’s US servers, including TV episodes and scripts.

WPP on ‘solidifying the fences’ post-cyber attack (The Drum) WPP has said that it understands the

Daily Stormer has officially retreated to the dark web (TechCrunch) The battle against the Daily Stormer has ended in retreat as the racist website has pulled back to the dark web where it is available only via Tor. Former..

Here’s What Russia’s Propaganda Network Wants You to Read (POLITICO Magazine) How a new system for tracking Kremlin influence operations reveals what Moscow is thinking.

Security Patches, Mitigations, and Software Updates

Google’s App Engine gets a firewall (TechCrunch) Google's App Engine service, one of its longest-running public cloud computing platforms, is finally getting a fully featured firewall. Until now,..

Google bakes in sweeter security for Android Oreo (Naked Security) The latest version of Android should be coming to a device near you soon – how does it stack up on the security front?

Facebook is making its Safety Check feature permanent (Naked Security) Safety Check is here to stay – is it a good thing that reassures loved ones, or a feature that causes unnecessary anxiety?

Cyber Trends

Budget and Talent Shortfalls Undermine Public-Sector Cybersecurity, Study Says (FedTech) A lack of IT security professionals means there are fewer around to investigate threats, a Cisco study finds.

Lastline Survey Finds More Than Half of Organizations Have Suffered a Cyberattack (GlobeNewswire News Room) Black Hat 2017 attendees describe how cybercrime continues unabated while enterprises remain ill prepared to defend against it

Independent Research Quantifies Growing Security Management Gap and Business Impact of External Web, Social, and Mobile Threats; Digital Transformation Emboldens Cyber Adversaries (Benzinga) RiskIQ, the leader in digital threat management, today announced that it has published its 2017 State of Enterprise Digital...

KPMG Report States That Majority Of FTSE 350 Boards Lack Cyber Incident Training (Information Security Buzz) Majority of the borad members (68%) in the FTSE 350 said they have not been trained in responding to a cyber attack, according to the research by accountants KPMG on behalf of the government.

Poor cyber security could mean fines of £17m (UKFast) Businesses risk hefty government fines as new research shows a continuing failure to prepare for cyber attacks

Marketplace

Mind the gap: Top cybersecurity vendors report 'epidemic' of staff shortages (CRN) Cybersecurity Ventures flags up worsening skills gap as it unveils its latest Cybersecurity 500 list

Security outfit Root9B on the brink after default, may de-list (Register) Listed company's creditors are circling so it's auctioning assets

ISRAEL : NSO chiefs' Founders Group invests in cybersecurity firms (Intelligence Online) The founders of NSO, the Israeli spyware leader, are also angel investors in startup computer security firms.

FireEye's Management Thinks Its New Product Rocks -- and So Do Its Customers (The Motley Fool) FireEye’s big bet on its new product to overhaul of its legacy software products, called Helix, is paying off.

Cisco Still Doesn't Have Any High-Growth Engines (Seeking Alpha) Last quarter's earnings report confirmed across-the-board tepidness. Cisco's huge cash hoard is the best thing working in its favor right now. The oddly decent

Verizon sets SD-WAN sights on small and medium business branches, adds Versa to growing product portfolio (FierceTelecom) Verizon added Versa Networks to its SD-WAN solution set, reflecting its desire to extend managed services to a broader group of small and medium businesses that are implementing consumer-grade services into their network environments.

Exostar grows cyber security capability (Jane's 360) A joint venture (JV) founded to manage defence supply chains is increasingly focusing on cyber security, as interactions between major primes and smaller companies open potential vulnerabilities.

Meet CrowdStrike's Dmitri Alperovitch, Cyber Spy Hunter (Fortune) Dmitri Alperovitch, CrowdStrike cofounder and tech chief, names and shames nation states—like Russia, China, and North Korea—for hacking.

Why this growing tech company has remained headquartered in Houston (Houston Business Journal) "It's a very large city, and the talent pools that we look for have good representation in Houston."

Forcepoint eyes human factor for global government cyber growth (Washington Technology) The Raytheon-backed Forcepoint venture focuses on defending the people in cybersecurity and sees that as its angle to expand in global government markets.

Forcepoint snaps up former Fortinet APAC sales VP to lead local growth (Security Brief) "George and his team will help lead the charge in delivering the most intelligent systems that facilitate business and foster productivity."

Sophos Appoints Clarissa A. Peterson as Senior Vice President and Chief Human Resources Officer (1888 Press Release) Sophos Appoints Clarissa A. Peterson as Senior Vice President and Chief Human Resources Officer

Cybersecurity Veteran Gord Boyce Joins RedSeal to Lead Commercial Business Unit (Broadway World) Cybersecurity Veteran Gord Boyce Joins RedSeal to Lead Commercial Business Unit

Motorola Solutions hires head of product cybersecurity (BusinessWire) Motorola Solutions (NYSE: MSI) today announced the leader of its new products and services cybersecurity team. Troy Mattern joins Motorola Solutions a

Palo Alto Networks Sales SVP To Retire, Will Be Replaced By Salesforce EVP (CRN) The transition comes as Palo Alto Networks looks to revamp its sales leadership for the second half of the year in the wake of sales-related challenges in early 2017.

Products, Services, and Solutions

Kensington VeriMark Fingerprint Key Honored as New Product of the Year (Top Tech News) Kensington VeriMark Fingerprint Key named Security Today 2017 New Product of the Year Award Winner -- Chosen for outstanding product development and its ability to improve security, the VeriMark Fingerprint Key offers simple, best-in-class biometric authentication for incomparable protection against cyber-thieves and unauthorized access on uncompromised devices

Elcomsoft Phone Breaker 7.0 Extracts and Decrypts iCloud Keychain (Business Insider) ElcomSoft's latest release of Elcomsoft Phone Breaker gains the ability to extract, decrypt and access passwords stored in Apple's cloud password storage, the iCloud Keychain.

Skyhigh Networks brings security features to Cisco Spark (Cloud Pro) The integration gives admins more control over the collaboration platform

SonicWall and Dell EMC Announce OEM Launch of Next-Generation Firewall and Global Management Systems Software Portfolio (BusinessWire) SonicWall announced that Dell EMC will OEM and resell its next-generation cyber security firewall solutions in the United States and Canada.

Webroot and NinjaRMM Expand Partnership to Help MSPs Implement Profitable Security Practices (PRNewswire) Webroot, the market leader in next-generation endpoint security,...

Mercury Systems Announces First Secure Intel Xeon-based Single Board Computer for VME Technology Insertions (GlobeNewswire News Room) Low-power SBC brings performance and secure technology to VME legacy systems

Telos Corporation Partners with Sequoia Holdings, Inc. to Help Software Vendors Address Intelligence Community Requirements (BusinessWire) Telos Corporation partners with Sequoia Holdings, Inc. to help software vendors address intelligence community requirements.

Google touts Titan security chip to market cloud services (REUTERS) Alphabet Inc’s (GOOGL.O) Google this week will disclose technical details of its new Titan computer chip, an elaborate security feature for its cloud computing network that the company hopes will enable it to steal a march on Amazon.com Inc (AMZN.O) and Microsoft Corp (MSFT.O).

Zerto accelerates hybrid cloud resilience with new disaster recovery tech (Channel Life) “The release of Zerto Virtual Replication 5.5 is the latest proof point of what’s possible in the cloud as we build upon our disaster recovery roots."

ZeroDown® Software joins forces with Fortinet to Deliver Always Available and Always Secure Services for the Cloud (PRWeb) ZeroDown Software announced today that it has joined Fortinet's Technology Alliance Partner program, paving the way for ZeroDown’s Multi-Cloud with Business-Continuity services to be woven into Fortinet’s Security Fabric. For organizations seeking a safe and rapid pathway to the clouds, these complementary technologies and services bring an unmatched level of business assurance and data security.

‘Push-to-delete’ feature improves cyber security (indiannewslink.co.nz) Supplied Content Lucerne, Switzerland August 23, 2017 Leading encrypted messaging app SafeSwiss (http://www.safeswiss.com) is doing away with email attachments being sent to the wrong person, with its

NeuVector Takes Initial Stab at Securing VMware Container Environ (SDxCentral) NeuVector said it was able to demonstrate monitoring and protecting of applications running in VMware's VIC environment.

Ironshore establishes computer emergency response team to help policyholders with cyber response (Canadian Underwriter) New York-based Ironshore Inc. is taking steps to help manage cyber claims for all in-force policies, regardless of line, with the launch of a dedicated computer response team. Comprised of cyber claims co-ordinators representing each of the insurer’s specialty lines…

Bugcrowd Launches Bug Bounty Program for eero (Benzinga) eero's bug bounty program will allow researchers to submit bugs in a visible, predictable and scalable system

Zerodium Offers $500K for Secure Messaging App Zero Days (Threatpost) Zerodium announced new $500,000 payouts for zero days in secure messaging apps such as Signal, WhatsApp and others.

InfoZen enables pre-deployment patching for DevOps coding (CSO Online) For this review, InfoZen was brought in to create a fully-end-to-end DevOps scanning solution using their InfoZen Cloud and DevOps Practice service. Even within our admittedly tiny test environment, the benefits of the InfoZen toolset and automatic processes were obvious.

Illumio Improves Security With New Visualization and Policy Features (eWEEK) The micro-segmentation security technology vendor updates its platform with new capabilities to understand and create security policies.

Technologies, Techniques, and Standards

Garrett Gross: Open-Sourcing Malware Prevention – Why Sharing is Caring (Cylance) Matt Stephenson gets the low-down from AlienVault's Garrett Gross on how much stronger we can be as a security community, rather than fighting the battles as individuals and companies.

IPs Aren't People (Anomali) If you watch a lot of CSI Cyber or hacking movies you might be lead to believe that the IP address is the missing link between an activity on the Internet and identifying who acted. In reality this is rarely the case.There are at least 4 common technologies that obscure who is tied to an IP.There are many other less transient signatures of a system than an IP address.Once a computer is identified it does not always identify who is using it.What is an IP address?IP stands for Internet

Understanding The Dark Web And How It Factors Into Cybersecurity (LookingGlass Cyber Solutions Inc.) Eric Olson, VP of Intelligence Operations at LookingGlass Cyber Solutions, talks about the dark net and how it factors into cyber security.

Small businesses should invest in cyber security (The Telegraph) Paying attention to cyber security should be a key concern for businesses of any size – and it needn’t cost the Earth

Why investing in cybersecurity is cheaper than dealing with a breach (The Nation) At the turn of this millennium, the biggest cybersecurity threats were happening at the network layer and could be easily minimized as IT had complete visibility into the network and an iron grip on access to applications and data. Today's landscape has a starker contrast.

‘Govt files, communication must be encrypted to fend off data breach’ (The Hindu Business Line) Given the large amount of data government agencies keep and confidentiality levels of various projects, they need to adopt new data encryption capabilities designed to address the global epidemic of data breaches. Has

The Changing Face & Reach of Bug Bounties (Dark Reading) HackerOne CEO Marten Mickos reflects on the impact of vulnerability disclosure on today's security landscape and leadership.

Design and Innovation

Researchers devise app to protect PINs and passwords (Help Net Security) Researchers at the NYU Tandon School of Engineering have announced an application to combat shoulder-surfing, whether in person or via a video camera.

United States Air Force Starts Artificial Intelligence Project To Analyze Flow Of Information (Forbes) In June 2017, artificial intelligence (AI) startup, SparkCognition raised $32.5 million Series B funding for its AI powered cyber-physical software (CPS). The round led by Verizon Ventures with participation by Boeing's HorizonX unit. In July 2017, the company announced an eight to 10-month project with the United States Air Force (USAF) to bring AI by the DiuX, which accelerates commercial innovation for national defense.

Here’s Why People Don’t Buy Things With Bitcoin (Motherboard) Thankfully, a potential fix is about to kick in.

Research and Development

Ntrepid Awarded Patent for Innovative and Interactive Timeline Visualization (BusinessWire) Ntrepid Corporation today announced it has been granted US Patent 9,646,394 B2 for unique contextual display of information using digital timelines.

Microsoft's speech recognition is as good as a person (CRN Australia) The technology that powers Cortana has supposedly achieved "human parity".

Legislation, Policy and Regulation

Sorry, Banning ‘Killer Robots’ Just Isn’t Practical (WIRED) Elon Musk and others seek restrictions on use of autonomous weapons

Banks given up to Nov 30 to present cybersecurity plans (The Star, Kenya) All commercial banks in the country have until end of November to present their elaborate cybersecurity plans. The Central Bank, in new regulations, said the move seeks to increase the industry’s stability on the back of increased application of digital technology that comes with higher risks of cyber crimes.

FG to deploy relevant technologies to curb financial crime (Vanguard News) Dr Ogbonnaya Onu, the Minister of Science and Technology, says the ministry will fabricate and deploy relevant technologies to assist in the fight against financial crime in the country.

Cyber initiatives roll on, despite political uncertainties (Washington Examiner) Positive indicators include work on an update to the cyber framework and outreach efforts to the private sector on cyber initiatives at the...

McCain slams slow pace of cyber policy (FCW) The chairman of the Senate Armed Services Committee wants to see the Trump administration move faster on implementing cybersecurity policy.

All the Ways US Government Cybersecurity Falls Flat (WIRED) A new study shows not only that federal cybersecurity is as dismal that you thought, but why.

Elevation of US Cyber Command recognizes its 'coming of age' (FederalNewsRadio.com) U.S. Cyber Command's elevation to a unified combatant command is "mostly symbolic," but the symbolism is important.

Questions surround Trump NSA director’s job (TheHill) President Trump’s decision to elevate the U.S. Cyber Command has thrust National Security Agency director Mike Rogers into the spotlight.

No US-Russia cyber unit without Trump notifying Congress, bill says (The Indian Express) The annual Intelligence Authorization Act requires approval by the full Senate and House and the president's signature before it can become law. No vote has been scheduled and the last act was passed by Congress in March.

Statement on Solomon Islands undersea cable (Huawei) Huawei Technologies rejects the baseless allegations made in the Fairfax newspapers (20/8) regarding the Solomon Islands undersea cable project.

Litigation, Investigation, and Enforcement

Dutch police cancel Rotterdam rock concert over terror fears (Times) Dutch police issued a terrorism alert last night after stopping a van packed with gas cylinders outside a rock concert venue in Rotterdam. The Spanish driver of the van was arrested after a tip-off...

Shout ‘Allahu akbar’ and you will be shot, warns Luigi Brugnaro, mayor of Venice (Times) The right-wing mayor of Venice has courted controversy by claiming anyone who yells “Allahu Akhbar” in the city’s St Mark’s Square will be shot. Speaking at a conference, Luigi Brugnaro said Venice...

In Barcelona and Finland, Europe's New Normal (Foreign Affairs) The frequency of Islamic State (ISIS) attacks in Europe remains exceptionally steady, with authorities struggling to respond to the scale of the threat. The incidents in Spain and Finland last week epitomized the trend.

Terror in the Terroir (Foreign Affairs) The roots of France’s problem with terrorism lie in a complex mixture of religion, social pressures, and alienation. But the solutions need not be so convoluted. Better policing, coordination, and community outreach can all make the jihadist threat less lethal.

Finjan files patent infringement suit against Bitdefender as part of campaign to protect online security IP (IPWatchdog) Finjan asserts four patents, alleging that Bitdefender marketing of antivirus, cloud and sandboxing technologies infringes the patents in suit.

Is James Damore's Law Firm Preparing a Class Action Lawsuit Against Google? (Motherboard) The firm is looking for employees who have been “defamed/slandered/smeared/blacklisted at Google for political views, or views about affirmative action at Google.”

Feds: Son teaches dad how to sell drugs on AlphaBay, they both get busted (Ars Technica) From his iPad, son allegedly searched “safest wallet to transfer tumble.”

Suspect in Yahoo Breach Pleads Not Guilty (Dark Reading) Karim Baratov enters his plea in US Courts today, after waiving his extradition hearing in Canada last week.

Man gets 25 years for hacking lottery computers and winning $2.2 million (HackRead) In April 2015, it was reported that Eddie Raymond Tipton, a lottery computer programmer from Texas was arrested for hacking Lottery computers to win $14.3

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

U.S. Department of Commerce Cybersecurity Awareness Day (Washington, DC, USA, August 24, 2017) On August 24, 2017, the Department of Commerce headquarters is planning the Cybersecurity Awareness Day event which will host guest speakers from throughout the Cybersecurity community. The 2017 Cybersecurity Awareness Day and Expo will feature timely, topical, and thought-provoking presentations, bringing together cybersecurity workforce, training, and educational leaders from academia, business, and government for one day of focused discussions. In light of current events involving unauthorized disclosures, sensitive and/or classified information leaks, and breaches of personally identifiable information in cyberspace, it is imperative that sound practices are incorporated. The agenda will include speakers from Industry and Government.

7th Annual Cybersecurity Training and Technology Forum (Colorado Springs, Colorado, USA, August 30 - 31, 2017) CSTTF is designed to further educate Cybersecurity, Information Management, Information Technology, and Communications Professionals by providing a platform to explore and enhance cyber resilience, collaboration, threat intelligence, information sharing, workforce development, and risk management. This will be accomplished through a number of in-depth sessions and panel discussions, along with cybersecurity exhibits provided by industry and government partners.

SANS Network Security 2017 (Las Vegas, Nevada, USA, September 10 - 17, 2017) SANS is recognized around the world as the best place to develop the deep, hands-on cybersecurity skills most in need right now. SANS Network Security 2017 offers more than 45 information security courses taught by SANS' world-class instructors, with dynamic content on the hottest information security issues. Join us for immersion training that will provide you with the cutting-edge skills to defend your organization against security breaches and prevent future attacks.

Finovate Fall 2017 (New York, New York, USA, September 11 - 14, 2017) FinovateFall 2017 will begin with the traditional short-form, demo-only presentations that more than 20,000 attendees from 3,000+ companies have enjoyed for the past decade. After two days of Finovate’s inspiring short-form demos, stay on for another day and a half of practical advice from your peers and industry gurus alike. Determine just how you will incorporate the latest fintech innovations into your product road map.

Insider Threat Program Management With Legal Guidance Training Course (Laurel, Maryland, USA, September 12 - 13, 2017) Insider Threat Defense will hold a two-day training class, Insider Threat Program (ITP) Management With Legal Guidance (National Insider Threat Policy (NITP), NISPOM Conforming Change 2). For a limited time the training is being offered at a $1295. This training will provide the ITP Manager / Senior Official and Facility Security Officer with the knowledge and resources to achieve compliance with NITP /NISPOM CC2, and go beyond these regulations to establish a robust and effective ITP. Any individual involved with supporting an ITP will also gain valuable knowledge. A licensed attorney with extensive experience in Insider Threats and Employment Law will provide legal guidance related to ITP's, the collection, use and sharing of employee information, and employee computer user activity monitoring. Any organization (State Government Agencies, Businesses, Etc.) that are not required to implement an ITP, but are concerned with Insider Threat Risk Mitigation will also benefit greatly from this training.

PCI Security Standards Council: 2017 North America Community Meeting (Orlando, Florida, USA, September 12 - 14, 2017) Join your industry colleagues for three days of networking and one-of-a-kind partnership opportunities. Whether you want to learn more about updates in the payment industry or showcase a new product, you’ll find it all at the 2017 Community Meetings.

DSEI 2017 (London, England, UK, September 12 - 15, 2017) Defence and Security Equipment International (DSEI) is the world leading event that brings together the global defence and security sector to innovate and share knowledge. DSEI represents the entire supply chain on an unrivalled scale.

8th Annual Billington CyberSecurity Summit (Washington, DC, USA, September 13, 2017) The 8th Annual Billington CyberSecurity Summit September 13 in Washington D.C. brings together world-class cybersecurity thought leaders for high-level information sharing, unparalleled networking and public-private partnerships from a cross-section of civilian, military and intelligence agencies, industry and academia. Keynotes from The Honorable Daniel Coats, Director of National Intelligence, Representative William Hurd, R-Texas, General Joseph Votel, Commander, United States Central Command, Robert Joyce, Special Assistant to the President and Cybersecurity Coordinator, The White House, Grant Schneider, Acting CISO, Office of Management and Budget, (invited), plus CISOs from DHS, DoD, HHS and the CIO for USCYBERSOM. Full agenda <a href="http://www.billingtoncybersecurity.com/8th-annual-billington-cybersecurity-summit/agenda/" target="_blank">here</a>.

Cyber Security Summit: New York (New York, New York, USA, September 15, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: New York. Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: New York is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

Cyber Security Conference for Executives (Baltimore, Maryland, USA, September 19, 2017) The Johns Hopkins University Information Security Institute and COMPASS Cyber Security are hosting the 4th Annual Cyber Security Conference for Executives on Tuesday, September, 19. It will be held on the Homewood Campus of Johns Hopkins University. This year’s theme is, “Emerging Global Cyber Threats.” The conference will feature thought leaders across a variety of industries to address current cyber security threats to organizations and how executives can work to better protect their data.

4th Annual Industrial Control Cybersecurity Europe (London, England, UK, September 19 - 20, 2017) Against a backdrop of targeted Industrial Control System cyber attacks against energy firms in the Ukraine power industry, the massive attacks against the Norway oil and gas industry, cyber attacks on Saudi Aramco and the new and continued threats such as Crash Override malware, Stuxnet, Havex, Dragonfly, Black Energy, and the potential impact of ransomware like #Wannacry on industrial control systems, the Cyber Senate return for the 4th Annual Industrial Control Cybersecurity Europe meeting to bring key stakeholders together to address our responsibility in ensuring the safety, reliability and stability of our Critical National Infrastructure.

Cyber Everywhere: Collaboration, Integration, Automatio (Washington, DC, USA, September 20, 2017) We’ve seen all of the cyber headlines this year – new policies emerging, old policies evolving, the cyber workforce is multiplying, and rapidly growing connected devices are complicating governance. While the Federal government is focused on security, new adversaries and attack vectors still emerge hourly. What are the early grades on the new Administration’s response to the growing cyber threat? How can collaborative tactics and integrated intelligence tools strengthen a proactive cyber defense? Join us at the sixth annual Cyber Security Brainstorm on September 20 at the Newseum to discuss the cyber strategies and opportunities that can keep our Federal government one step ahead at all times.

10th Cyber Defence Summit (Dubai, UAE, September 20, 2017) Naseba’s 10th Cyber Defence Summit will address the importance of protecting critical infrastructure and sensitive information, help companies procure cyber security solutions and services, and create further awareness of cyber security among the youth of the UAE.

2017 Washington, D.C. CISO Executive Leadership Summit (Washington, DC, USA, September 21, 2017) Highly interactive sessions will provide many opportunities for attendees, speakers and panelists to be engaged in both learning and discussion. The objective for the day is to deliver high quality useful information that attendees can develop into an action plan. Key Areas of Focus Include: Strategy, Process Improvement and Alignment, Innovation and Technology; Career Management and Leadership Development.

Connect Security World (Marseille, France, September 25 2017 - September 27 2014) As IoT solutions are transitioning from hype to real deployments, the “Internet of insecure things” threat is gaining ground. To address unlimited risks, threats and vulnerabilities surrounding IoT, a new generation of connected devices and services is required, with better security and privacy by design. In its 6th edition, Connect Security World invites both digital security experts and IoT developers to discuss and define a true end-to-end security, from sensors to Cloud, from design and development to deployment.

(ISC)2 Security Congress (Austin, Texas, USA, September 25 - 27, 2017) (ISC)² Security Congress cybersecurity conference brings together nearly 1,500 cybersecurity professionals, offers 100+ educational and thought-leadership sessions, and fosters collaboration with forward-thinking organizations. The goal of our conference is to advance security leaders by arming them with the knowledge, tools and expertise to protect their organizations. (ISC)² members are eligible for special discounted pricing and will have opportunities to attend exclusive member events.

Connect Security World (Marseille, France, September 25 - 27, 2017) As IoT solutions are transitioning from hype to real deployments, the “Internet of insecure things” threat is gaining ground. To address unlimited risks, threats and vulnerabilities surrounding IoT, a new generation of connected devices and services is required, with better security and privacy by design. In its 6th edition, Connect Security World invites both digital security experts and IoT developers to discuss and define a true end-to-end security, from sensors to Cloud, from design and development to deployment. (Note: the call for speakers is open through April 4, 2017.)

SINET61 2017 (Sydney, Australia, September 26 - 27, 2017) Promoting cybersecurity on a global scale. SINET – Sydney provides a venue where international solution providers can engage with leaders of government, business and the investment community to advance innovative solutions to cybersecurity challenges.

O'Reilly Velocity Conference (New York, New York, USA, October 1 - 4, 2017) Learn how to manage, grow, and evolve your systems. If you're building and managing complex distributed systems and want to learn how to bake in resiliency, you need to be at Velocity.

24th International Computer Security Symposium and 9th SABSA World Congress (COSAC 2017) (Naas, County Kildare, Ireland, October 1 - 5, 2017) If you thought symposiums on information security and risk were all the same, look again! COSAC is an entirely different experience. Conceived by practising professionals for experienced professionals, it is the most participative and productive event of the year. Undoubtedly the world's best annual source of advice in Information Security, COSAC makes available to you, in a fully residential format, presenters and facilitators who are the very best in the world. Collectively they have many hundreds of years of practical experience, have published thousands of major articles and books, and have proven records of success all over the globe.

Cybersecurity Nexus North America 2017 (CSX) (Washington, DC, USA, October 2 - 4, 2017) Be a part of a global conversation with professionals facing the same challenges as you at the nexus—where all things cyber security meet. Cyber security doesn’t take a vacation and it doesn’t sleep. You need to be aware of the most effective tactics and tools to meet the ever-growing threat. CSX 2017 offers keynote speakers and sessions that dive deep into what you need to know now.

Atlanta Cyber Week (Atlanta, Georgia, USA, October 2 - 6, 2017) Atlanta Cyber Week is a public-private collaboration hosting multiple events during the first week of October that highlight the pillars of the region’s cybersecurity ecosystem and create an opportunity for meaningful interaction between growth oriented cybersecurity companies and our Fortune 1000 client base.

4th Annual Industrial Control Cyber Security USA Summit (Sacramento, California, USA, October 3 - 4, 2017) Against a backdrop of targeted Industrial Control System cyber attacks, such as those against energy firms in the Ukraine power industry, the massive attacks against the Norway oil and gas industry, cyber attacks on Saudi Aramco and the new and continued threats such as Crash Override malware, Stuxnet, Havex, Dragonfly, Black Energy, and the potential impact of ransomware like #Wannacry on industrial control systems, the Cyber Senate return for the 4th Annual Industrial Control Cybersecurity USA meeting to bring key stakeholders together to address our responsibility in ensuring the safety, reliability and stability of our Critical National Infrastructure

4th Annual Industrial Control Cyber Security Summit USA (Sacramento, California, USA, October 3 - 4, 2017) Against a backdrop of continued ICS targeted cyber attacks against energy firms in the Ukraine power industry (CRASHOVERRIDE), the massive attacks against the Norway oil and gas industry, cyber attacks on Saudi Aramco and the continued threats such as Stuxnet, Havex, Dragonfly, Black Energy, and the potential impact of ransome ware like #Wannacry on industrial control systems, the Cyber Senate return for the 4th Annual Industrial Control Cybersecurity Europe meeting to bring key stakeholders together to address our responsibility in ensuring the safety, reliability and stability of our Critical National Infrastructure.

CyberSecurity4Rail (Brussels, Belgium, October 4, 2017) Facilitated by Hit Rail, this conference will bring together experts in cybercrime and digital security, plus leaders in ICT and representatives from transport and railway companies, European organisations and international bodies, to discuss the threats and set out a vision for safer, more secure digital communications and data networks in the transport industry. CyberSecurity4Rail will draw on the experience of recent incidents and the expertise of those who are working to protect systems and prevent cyberthreat.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

No NotPetya rerun in Ukraine (not yet, anyway). Cyberattack seems less likely in USS McCain collision. Accidental Panama Papers? Ropemaker alters delivered email. Weaponized VMs. US, Australian governments mistrust two major vendors. Jihad alert continues in Europe.