The CyberWire Daily Briefing 8.28.17

Summary

By The CyberWire Staff

WikiLeaks' Vault7 dump last week featured descriptions of "ExpressLane," an (alleged) CIA program for installing liaisonware to (allegedly) extract information from partner agencies. Most of those agencies are believed to be other US organizations, but WikiLeaks suggests international partners were similarly affected. The strongest reaction so far seems to be from India, where the public is already skittish about several disclosed vulnerabilities in the national Aahaar identification program. Indian authorities deny that Aadhaar was affected, but observers in the media remain dubious.

The US Navy's investigation of the destroyer USS McCain's collision with a merchant tanker a week ago seems to be tending toward the painful conclusion that seamanship errors and not cyberattacks were the cause. This hasn't halted speculation about a cyberattack, with many observers offering suggestions as to how such an attack might have been accomplished. These are perhaps best regarded, absent further evidence, as hypothetical cautionary tales. Most will be familiar to those who have followed accounts of industrial control system vulnerabilities; there's a strong family resemblance.

New Sky Security researchers have noticed a large list containing "thousands" of working IoT-device Telnet credentials dumped online, an obvious distributed denial-of-service threat. Security experts are scrambling to forestall that possibility.

A new ransomware strain, "Defray," was detected late last week by Proofpoint. It uses unusually well-targeted spearphishing to spread. Another ransomware strain of unknown type and provenance has hit NHS Lanarkshire in Scotland; remediation is in progress.

In industry news, Forcepoint announces its acquisition of behavioral-analytics shop Red Owl.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, China, European Union, Germany, India, Iran, Japan, Russia, Syria, Ukraine, United Kingdom, and United States.

A note to our readers: if you're interested in what it might mean to create a security culture, watch this interview with CLTRe CEO Kai Roer, conducted by Cylance in partnership with the CyberWire.

Bank of America needs your cyber security experience.

As one of the world's leading financial institutions, Bank of America has built an extraordinary team of cyber security professionals focused on defending critical financial services infrastructure. That team is growing and needs your experience. Find exciting and rewarding opportunities across the United States for ethical hackers, intrusion analysts, malware analysts, crypto architects and more.

On the Podcast

In today's podcast, we talk with our partners at the University of Maryland's Center for Health and Homeland Security, as Ben Yelin takes up the creepy possibility of web sites logging form submissions even before you hit the “submit” button.

Sponsored Events

Incident Response 17: IR17 The First Operational Community-Driven Incident Response Conference (Pentagon City, VA, USA, Sep 11 - 12, 2017) IR17 is open to both commercial and government professionals. Join us to learn tips and best practices from industry leaders. IR17 features 30+ hours of practical training, 36 breakout sessions designed for all levels of experience, and you will leave the conference with a developed incident response plan.

Cyber Security Summit: New York and Boston (New York, New York, USA, Sep 15, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, Darktrace, Arbor Networks, CenturyLink and more. Register with promo code cyberwire50 for half off your admission (Regular price $350).

3rd European Cybersecurity Forum – CYBERSEC (Krakow, Poland, Oct 9 - 10, 2017) CYBERSEC is a unique Europe-wide, annual public policy conference dedicated to strategic aspects of cybersecurity. Conference’s mission is to foster the building of a Europe-wide cybsersecurity system and create a dedicated collaborative platform for governments, international organisations, and key private-sector organisations.

Florida’s Annual Cybersecurity Conference (Tampa, Florida, USA, Oct 27, 2017) Networking the Future, the Florida Center for Cybersecurity's fourth annual conference, will host hundreds of technical and non-technical stakeholders from industry, government, the military, and academia to explore emerging threats, best practices, and the latest research and trends.

Selected Reading

Dateline

From transcendentals to killbots: AI from Ars Magna to Maxim. (The CyberWire) Artificial intelligence and machine learning dominate so much conversation about cybersecurity that any CISO is faced with the necessity of explaining this family of technologies to the board. This is always challenging, especially with technologies so heavily hyped, and so liable to easy misunderstanding.

What do you say when they ask, "Are we secure?" (The CyberWire) Boards are in the business of managing risk, and they're accustomed to quantifying that risk in familiar business domains—financial risk, regulatory risk, and so on. But cybersecurity risk management remains in a relatively immature state. A panel on "Governance, Measurement, and Response" took up the issues surrounding cyber risk management.

Advice for boards: policy and the big picture. (The CyberWire) A fireside chat between Michael Chertoff (Executive Chairman and Co-Founder, The Chertoff Group) and Steve Daily (Chief Executive Officer, Ivanti—a company that traces its roots to Landesk) was nominally a chat about the boardroom's perspective on cybersecurity, but it proved much more far-ranging than that. Jim Pflaging (Principal and Technology Sector and Strategy Practice Lead, The Chertoff Group) moderated their discussion. They took questions from the audience and structured their discussion accordingly.

Cyber Attacks, Threats, and Vulnerabilities

Wikileaks Vault 7: CIA backdoored software updates to spy on allies (Computing) Another embarrassment for US intelligence dished up by Wikileaks.

Vault 7: CIA Used Fake Updates to Spy on Fellow US Intelligence Agencies (BleepingComputer) Wikileaks has released new files part of the Vault 7 series it claims it obtained from the CIA. The files dumped online yesterday reveal details about the inner workings of a biometrics system developed by the CIA, and which the agency has provided to various liaison services, such as the DHS, FBI, and NSA.

WikiLeaks hints at CIA access to Aadhaar data, officials deny it (The Times of India) WikiLeaks published reports on Thursday that claimed to “expose” that CIA is using tools devised by USbased technology provider Cross Match Technologies for cyber spying that may have comprised Aadhaar data. The claim was dismissed by official sources in India.

Aadhaar data base hacked by CIA? How UIDAI reacted to claims of leaks (The Financial Express) IDAI, while dismissing the allegations said, stated that the Aadhaar biometric capture system has adequate and robust security features to prevent the possibility of unauthorised capture and transmission of information linked to any biometric device being used.

WikiLeaks: Hostile is as hostile does (Jamaica Observer) “It is the sense of Congress,” according to the annual Intelligence Authorization Act now working its way through the US Senate, “that WikiLeaks and the senior leadership of WikiLeaks resemble a non-State hostile intelligence service often abetted by State actors and should be treated as such a service by the United States.”

Navy operations chief says there’s no evidence of a cyber attack on USS John S. McCain (Washington Times) Chief of Naval Operations Adm. John M. Richardson said Friday that there is still no evidence of a cyber attack in the accident on the USS John S. McCain.

How to hack a Navy vessel (TheHill) OPINION | A false sense of confidence enables the hacking of U.S. Navy ships.

U.S. Naval Mishaps – Human Error or Cyber Malfeasance? (CyberDB) 4 naval mishaps in 2017 plagued the U.S. Navy, and there is strong speculation that cyber malfeasance may have been the catalyst.

US destroyer collision: Some answers to a mystery at sea (Straits Times) 10 US sailors are presumed dead after the warship USS John S. McCain collided with oil tanker Alnic MC last Monday, in what could be the deadliest naval accident ever to occur in Singapore waters.

Maybe today’s Navy is just not very good at driving ships (Navy Times) The two collisions — and a total of 17 sailors lost at sea this summer — have raised concerns about whether this generation of surface fleet officers lack the basic core competency of their trade.

Cyber-attack alert weeks before USS John S McCain warship crashed (Times) Ship owners were warned about the threat of cyber-attacks only weeks before America began investigating the “possibility” that hackers caused the collision between one of its warships and an oil...

Hackers Will Take Advantage of Outdated Software (IT Business Edge) When the USS John McCain became the second naval ship to be involved with a deadly accident this summer, my first thought went to a potential cyberattack.

The Risk of an Unprotected Website: Ransomware Returns to Ukraine (eSecurity Planet) For the second time in as many months, a software developer's website was compromised and used to distribute malware.

As ‘Death to America’ Chants Lose Power, Iran Retools Propaganda With Rap Videos (New York Times) Forced to adapt or fizzle out, the country’s propaganda machine has embraced the latest trends and technologies to appeal to the sensibilities of young Iranians. Watch some of the most popular.

Russia’s propaganda machine amplifies alt-right (TheHill) Russia’s army of media influencers, social media bots and trolls are giving new voice to the far right.

Critical Vulnerabilities in SAP POS Allowing Hackers to Buy Everything for a Dollar (Payment Week) ERPScan researchers Dmitry Chastuhin and Vladimir Egorov identified several vulnerabilities in point of sale systems developed by SAP and Oracle. The most critical of them affects SAP POS solution allowing attackers not only to compromise customers’ data but gain unfettered control over the POS server.

Watch Someone Buy a Laptop for $1 Thanks to a Severe POS Vulnerability (BleepingComputer) A vulnerability in the SAP POS Xpress Server allows attackers to alter configuration files for SAP Point-of-Sale systems, alter prices, and collect payment card data and send it to one of their servers.

Someone Published a List of Telnet Credentials for Thousands of IoT Devices (BleepingComputer) A list of thousands of fully working Telnet credentials has been sitting online on Pastebin since June 11, credentials that can be used by botnet herders to increase the size of their DDoS cannons.

Race is On To Notify Owners After Public List of IoT Device Credentials Published (Threatpost) A list of device IPs and credentials has gone viral, kicking off an effort by researchers to notify the owners of these connected devices before they're hacked.

This expensive new ransomware targets organisations with specially crafted phishing lures (ZDNet) The Defray ransomware demands $5,000 from victims and has targeted hospitals, manufacturing companies, and even an aquarium with small-scale but highly-customised campaigns.

New ransomware strain targeting healthcare (Healthcare Finance News) The new variant, Defray, uses incredibly targeted attacks with lures that are custom-crafted to appeal to intended victims - making it much harder to spot, Proofpoint says.

WannaCrypt NHS victim Lanarkshire infected by malware again (Register) Infect me once, shame on you. Infect me twice …

Operations cancelled as cyber attack hits NHS Lanarkshire hospitals and GPs (BBC News) Operations are cancelled as services run by NHS Lanarkshire are affected by malware in computer systems.

Health chief says sorry after NHS Lanarkshire cyber attack (Scotsman) A health board chief has apologised after a malware attack led to procedures and appointments being cancelled.

Increase in malicious spam after WannaCry ransonware attack, report says (The National) Cyber criminals using public's fear over cyber attacks to their advantage by sending emails offering protection

Android Banking Trojan MoqHao Spreading via SMS Phishing in South Korea | McAfee Blogs (McAfee Blogs) Last month, a number of users started posting on South Korean sites screenshots of suspicious SMS messages phishing texts (also known as smishing) to lure

HBO hackers leak script and spoilers of Game of Thrones Season Finale (HackRead) Who doesn’t want to know what’s going to happen in Game of Thrones (GoT) Season 7’s upcoming episode? And, when it's The Finale of GoT season 7, viewers wo

HBO hackers made $3.2 million, leak ‘Game of Thrones’ Season 7 (TechObserver) HBO hackers who have been threatening to leak yet to be telecasted Season 7 finale of Game of Thrones, have leaked the data

Chinese Cyber-Espionage Group Uses Game of Thrones as Phishing Lure (BleepingComputer) A cyber-espionage unit is using the recent Game of Thrones episode leaks to lure targets into opening malicious documents sent via email.

Deprecated, Insecure Apple Authorization API Can Be Abused to Run Code at Root (Threatpost) An insecure Apple authorization API is used by numerous popular third-party application installers and can be abused by attackers to run code as root.

Mac Malware On The Rise (Information Security Buzz) It has been reported that more Mac malware has been seen in 2017 than in any year beforehand, according to a new report from information-security firm Malwarebytes says, and one of the company’s security experts told us that Apple’s current strategies may not be enough to stop the rising tide. James, Security Specialist at ESET commented …

Adware Spreading Via Social Engineering, Facebook Messenger (Threatpost) Attackers have taken to Facebook Messenger with a combination of social engineering and malicious JavaScript to spread adware.

Security Alert: Facebook Users, Don’t Click on This Link Spreading on Messenger (Heimdal Security Blog) A recently discovered adware is targeting Facebook users and spreading on Messenger.

App Install Advertising Fraud is a $300M Problem (eSecurity Planet) New report from DataVisor on the underworld of app install advertising reveals the techniques used by fraudsters.

Malicious AutoIT script delivered in a self-extracting RAR file (SANS Internet Storm Center) Here is another sample that hit my curiosity.

Touchscreens ‘at risk from chip in the middle attack’, warn researchers (Naked Security) Researchers call for manufacturers to recognize that compromised hardware is a real possibility

Mac's Biggest Threats Lurk in the Apple App Store (Dark Reading) Mac malware is on the rise, especially adware and potentially unwanted programs in the App Store.

How to hide backdoor in AI software (WIRED) Malicious machine learning can hide nasty surprises.

Apparent cyber attack sheds light on village security (Herald Community Newspapers) The Village of Rockville Centre appears to have been the victim of a broadly targeted cyber attack last month originating from a server in Russia, though cybersecurity experts said the attempt was …

Leaked: Private Photos of Nicole Scherzinger, Dakota Johnson and Addison Timlin (HackRead) Hackers have leaked private pictures of Fifty Shades of Grey's Dakota Johnson, Pussycat Dolls member Nicole Scherzinger, actress Faye Alicia Brookes and Ad

Facebook Figured Out My Family Secrets, And It Won't Tell Me How (Gizmodo) Rebecca Porter and I were strangers, as far as I knew. Facebook, however, thought we might be connected. Her name popped up this summer on my list of “People You May Know,” the social network’s roster of potential new online friends for me.

Smart grids more vulnerable to cyber attack (Digital Journal) Several electricity distribution systems are gradually transposed to smart grids. These allow for two-way communication and computer processing. However, this process makes smart grids increasingly vulnerable to cyberattacks.

9/11 Level Cyber Attack Imminent: Warns President Trump’s National Infrastructure Advisory Council (The Inquisitr) President Trump’s National Infrastructure Advisory Council (NIAC) releases a report to the U.S. National Security Council (NSC) warning of an imminent 9/11 level cyber attack crippling the ...

Artificial intelligence cyber attacks are coming – but what does that mean? (San Francisco Chronicle) The next major cyberattack could involve artificial intelligence systems. It could even happen soon: At a recent cybersecurity conference, 62 industry professionals, out of the 100 questioned, said they thought the first AI-enhanced cyberattack could come in the next 12 months.

Cyber Trends

Why the Honor Code Among Hackers Has Broken Down (Fortune) No rules anymore.

Lax security leaving Japanese information exposed on darknet (Kyodo News+) Japan is playing catch-up in the fight to protect its citizens from having their private information accessed in the internet's darkest corners.

Fire, Maneuver - and FireChat (Small Wars Journal) [Orson-and-H.G.Well(e)sian alert: this article is illustrative fiction, not a factual report of an invasion.] The “little green men” have been filtering into Druskininkai for at least the last eighteen hours. The Lithuanian government first identified the infiltration by mining local dash-cam footage taken from Uber-drivers transporting clientele in vicinity of the Lithuanian-Belarusian border.

Marketplace

Forcepoint Acquires RedOwl, Extends Global Human-Centric Security Leadership (PRNewswire) Global cybersecurity leader Forcepoint today announced the acquisition...

Versive Raises $12.7 Million, Uses AI to Hunt Security Threats (eSecurity Planet) Another company attracts VC funding for AI technologies that help enterprises mount effective defenses against today's complex cybersecurity threats.

Intercede raises £500k (Insider Media Ltd) Lutterworth-based digital identity software business Intercede has raised £500,000 through a share placing.

GenDyn wins $52M Navy contract for IT support (Gears of Biz) General Dynamics Information Technology is to provide cyber-security and IT support to the U.S. Naval Meteorology and Oceanography Command.

Cyber Command Split An Opportunity For Industry (Aviation Week) The direction by President Donald Trump to make U.S. Cyber Command a unified combatant command enables the command to equip its forces, making this a business opportunity for the likes of Raytheon and BAE Systems ...

CSRA Emerges as U.S. IT Powerhouse (EnterpriseTech) A well connected IT services provider formed through the merger of established government contractors is steadily extending its reach from providing cloud

Why Splunk, Inc. Stock Popped Today (The Motley Fool) The operational intelligence platform company jumped after its 11th straight quarterly beat.

Corvid wants to remove the weak link from cyber: the users (Computing) It's unrealistic to train users to recognise every threat, especially with modern hackers' levels of sophistication, argues CTO Andrew Nanson.

Products, Services, and Solutions

DNS Tunneling Detection Feature of Rohde & Schwarz Cybersecurity's Network Traffic Analysis Software Eliminates Weak Spots of Firewalls to Preserve Security (Presse Box) The OEM deep packet inspection software R&S PACE 2 now improves the reliability and credibility of network protection solutions. When embedded in a firewall,...

CenturyLink enhances VMware-based DCC platform, touts software-defined data center approach (FierceTelecom) CenturyLink is giving businesses the option to migrate to a hybrid cloud environment that balances public cloud agility with the security and dedicated infrastructure of a private offering with its DCC (Dedicated Cloud Compute) Foundation.

Technologies, Techniques, and Standards

Integrating GDPR into your day to day IT practices (Help Net Security) Although GDPR comes into force in May 2018, you need to think about integrating GDPR into your IT practices today, in order to be prepared.

Is Your Mobile Carrier Your Weakest Link? (KrebsOnSecurity) More online services than ever now offer two-step authentication — requiring customers to complete a login using their phone or other mobile device after supplying a username and password. But with so many services relying on your mobile for that second factor, there has never been more riding on the security of your mobile account.

R1P P455word: Keeping an eye on the hackers (Metro Newspaper UK) FOR years we’ve been told to make passwords as complex as possible, using upper and lower case characters, numbers and various other symbols to make it as cryptic as an MI5 code — only to find out that most of the trusted tricks we employ when crafting custom passwords actually make us more vulnerable to... View Article

Ransomware Insurance: Cyber Insurance May Be the Best Protection (eSecurity Planet) Next to reliable data backups, a good cyber insurance policy may be your best protection against the damage wrought by ransomware attacks.

Security leaders need better visibility of risk before the board asks (CSO Online) Kevin Cunningham, president of SailPoint, discusses how security leaders need better visibility of risks so they can advise their boards and protect their companies.

Know your adversary: Focus on social engineering (Help Net Security) If you want to truly understand all the threats your organization faces, a focus on social engineering is essential. Tim Roberts from NTT Security explains.

New tack in cyber safety (Perth Now) Parents have been urged not to block websites or ban social media, even when it seems the best way to ensure kids are safe in cyberspace.

Nothing as Safe as Houses From Spear-Phishers (Infosecurity Magazine) Why spear-phishers are now targeting wannabe homeowners.

Design and Innovation

‘Clever’ TapDance approach to web censorship that works at ISP level (Naked Security) The TapDance approach is just a proof of concept at the moment, but observers have welcomed it as a potentially useful tool

Hash of the Titan: How Google bakes security all the way into silicon (Register) Locking down servers and cloud with this itty-bitty chip

Research and Development

Smart algorithms for exploiting mass data will be available this year (Defense Systems) The algorithmic warfare program is embedding smart algorithms in weapons software to augment data analysis.

Why Quantum Computing's Threat To Bitcoin And Blockchain Is A Long Way Off (Forbes) Quantum computing could someday far surpass the processing power of today’s classical computers. And that thought has some cryptographers, and cryptocurrency users, worried.

A step toward practical quantum encryption over free-space networks (Help Net Security) Researchers have sent a quantum-secured message containing more than one bit of information per photon through the air above a city.

Navy seeks lightweight, jam resistant antennae (Defense Systems) Ultra-wideband phased array antennae could reduce costs and electronic footprint of weapons systems

Academia

Rochester students win national computer competition (Rochester Post-Bulletin) Rochester Public School students took first place at the National High School Computer Competition in Cincinnati, Ohio, at the end of July.

Air Force, private sector join in Alabama 'hackathon' (San Francisco Chronicle) The Air Force is joining with the private sector in Alabama to team up against cyber-security threats.

Legislation, Policy and Regulation

China doubles down on real-name registration laws, forbidding anonymous online posts (TechCrunch) China's crackdown on Internet freedom is getting even more intense. Last Friday, the country's top Internet censor announced a new set of regulations (link..

NY's New Cybersecurity Regs for Banks, Insurers Take Effect (New York Law Journal) Banks, insurance companies and other financials services providers will have to comply with groundbreaking new cybersecurity rules established by the state D...

Victoria pushes whole-of-government approach for cyber security (Computerworld) Victoria’s government today unveiled the state’s first cyber security strategy. At the heart of the strategy is a shift to a whole-of-government approach for information security.

US security aid to Pakistan 'will be conditioned': White House official (The Economic Times) "There have been long standing relationships between the Pakistani intelligence officials and these terrorist groups. So, we don't expect things to change overnight."

Trump Cybersecurity Advisors Resign, Citing 'Insufficient Attention' to Looming Threats (Fortune) The President's denial of Russian election hacking was among their frustrations.

DISA taps rear admiral as its new vice chair - Fedscoop (Fedscoop) The agency selected communications specialist Rear Adm. Nancy Norton to help oversee its information technology and cyber operations.

OP-ED: A Cyber Terrorism Strategy in WV is Important to Safeguarding Election Systems and Voter Databases (Huntington News) The most challenging war we may need to fight in the future will be in cyberspace. It’s a fight I am preparing for as your Secretary of State.

Army breaking down network defense siloes (FederalNewsRadio.com) The Army Cyber Center of Excellence became fully operational and published its first doctrine for how it fights in cyberspace to include electronic warfare.

Litigation, Investigation, and Enforcement

Hezbollah Has Been Active in America for Decades (The National Interest) Hezbollah has suffered serious casualties in Syria, but also feels emboldened by its battlefield successes and may seek to flex its muscles globally.

FBI arrest may be first linked to OPM hack (FederalNewsRadio.com) The FBI may have made its first arrest in connection with the OPM hack that stole the data of 21.5 million current and former federal employees.

UNITED STATES OF AMERICA, Plaintiff, v. YU PINGAN a.k.a. "GoldSun" Defendant () COMPLAINT FOR VIOLATION OF: Title 18, U.S.C., Section 371 - Conspiracy; Title 18, U.S.C., Section 1030(a)(5)(A)-Computer Hacking; Title 18, U.S.C., Sections 982 and 1030(i) and Title 21, U.S.C., Section 853 - Forfeiture

U.S. state election officials still in the dark on Russian hacking (Reuters) The federal government has not notified U.S. state election officials if their voting systems were targeted by suspected Russian hackers during the 2016 presidential campaign, and the information will likely never be made public, a top state election chief told Reuters.

MalwareTech’s legal defense fund bombarded with fraudulent donations (Ars Technica) At least $150,000 in donations were from stolen or fake credit card numbers.

DHS has not yet notified states about Russian election hacks (TheHill) The Department of Homeland Security has not yet notified all states whose systems it knows Russian hackers breached during the 2016 elections that they were victims.

Court: Locating suspect via stingray definitely requires a warrant (Ars Technica) But, judge rules in Ellis, cops didn't need warrant due to "exigent circumstances."

Microsoft loses German case over force-feeding Windows upgrades (Computing) But will Microsoft extend the ruling to its twice-yearly operating system updates?

Alt-Right Chat Logs Are Key to Charlottesville Lawsuits (WIRED) Leaked documents describe weapons and cite potential "gunfight."

Guilty in Absence: Pirate Bay Founders to pay €405,000 to Record Labels (HackRead) The file sharing giant, The Pirate Bay, is in the news again for all the wrong reasons. This time, two of its founders Fredrik Neij and Gottfrid Svartholm

VW engineer sentenced to 40 months in prison for role in emissions cheating (Ars Technica) German automaker asked its US employee to perfect the cheat code, and he did it.

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

Maryland Cyber Day Marketplace (Baltimore, Maryland, USA, Oct 10, 2017) Hundreds of cybersecurity providers and buyers in one location on one day. Maryland Cyber Day Marketplace provides the opportunity for cybersecurity buyers to connect with, get to know and purchase cybersecurity solutions from Maryland's cybersecurity providers. This event combines face-to-face meetings, technology demos, brief educational sessions, "Ask an Expert" information stations, networking with a keynote and a wrap-up luncheon.

upcoming Events

Create and Maintain a Secure Facility: It Takes a Village (Ashburn, Virginia, USA, Aug 30, 2017) Obtaining and maintaining a facility clearance is a major obstacle faced by government contractors seeking prime contract awards. Hosted by Telos Corporation, a 2017 Cogswell Award winner, this event will leave attendees with practical knowledge and best practices from industry experts who have successfully navigated the facility clearance process. Join the Loudoun County Chamber of Commerce GovCon Initiative and explore what a facility clearance could mean to your business.

7th Annual Cybersecurity Training and Technology Forum (Colorado Springs, Colorado, USA, Aug 30 - 31, 2017) CSTTF is designed to further educate Cybersecurity, Information Management, Information Technology, and Communications Professionals by providing a platform to explore and enhance cyber resilience, collaboration, threat intelligence, information sharing, workforce development, and risk management. This will be accomplished through a number of in-depth sessions and panel discussions, along with cybersecurity exhibits provided by industry and government partners.

SANS Network Security 2017 (Las Vegas, Nevada, USA, Sep 10 - 17, 2017) SANS is recognized around the world as the best place to develop the deep, hands-on cybersecurity skills most in need right now. SANS Network Security 2017 offers more than 45 information security courses taught by SANS' world-class instructors, with dynamic content on the hottest information security issues. Join us for immersion training that will provide you with the cutting-edge skills to defend your organization against security breaches and prevent future attacks.

Finovate Fall 2017 (New York, New York, USA, Sep 11 - 14, 2017) FinovateFall 2017 will begin with the traditional short-form, demo-only presentations that more than 20,000 attendees from 3,000+ companies have enjoyed for the past decade. After two days of Finovate’s inspiring short-form demos, stay on for another day and a half of practical advice from your peers and industry gurus alike. Determine just how you will incorporate the latest fintech innovations into your product road map.

Insider Threat Program Management With Legal Guidance Training Course (Laurel, Maryland, USA, Sep 12 - 13, 2017) Insider Threat Defense will hold a two-day training class, Insider Threat Program (ITP) Management With Legal Guidance (National Insider Threat Policy (NITP), NISPOM Conforming Change 2). For a limited time the training is being offered at a $1295. This training will provide the ITP Manager / Senior Official and Facility Security Officer with the knowledge and resources to achieve compliance with NITP /NISPOM CC2, and go beyond these regulations to establish a robust and effective ITP. Any individual involved with supporting an ITP will also gain valuable knowledge. A licensed attorney with extensive experience in Insider Threats and Employment Law will provide legal guidance related to ITP's, the collection, use and sharing of employee information, and employee computer user activity monitoring. Any organization (State Government Agencies, Businesses, Etc.) that are not required to implement an ITP, but are concerned with Insider Threat Risk Mitigation will also benefit greatly from this training.

PCI Security Standards Council: 2017 North America Community Meeting (Orlando, Florida, USA, Sep 12 - 14, 2017) Join your industry colleagues for three days of networking and one-of-a-kind partnership opportunities. Whether you want to learn more about updates in the payment industry or showcase a new product, you’ll find it all at the 2017 Community Meetings.

DSEI 2017 (London, England, UK, Sep 12 - 15, 2017) Defence and Security Equipment International (DSEI) is the world leading event that brings together the global defence and security sector to innovate and share knowledge. DSEI represents the entire supply chain on an unrivalled scale.

8th Annual Billington CyberSecurity Summit (Washington, DC, USA, Sep 13, 2017) The 8th Annual Billington CyberSecurity Summit September 13 in Washington D.C. brings together world-class cybersecurity thought leaders for high-level information sharing, unparalleled networking and public-private partnerships from a cross-section of civilian, military and intelligence agencies, industry and academia. Keynotes from The Honorable Daniel Coats, Director of National Intelligence, Representative William Hurd, R-Texas, General Joseph Votel, Commander, United States Central Command, Robert Joyce, Special Assistant to the President and Cybersecurity Coordinator, The White House, Grant Schneider, Acting CISO, Office of Management and Budget, (invited), plus CISOs from DHS, DoD, HHS and the CIO for USCYBERSOM. Full agenda <a href="http://www.billingtoncybersecurity.com/8th-annual-billington-cybersecurity-summit/agenda/" target="_blank">here</a>.

Cyber Security Summit: New York (New York, New York, USA, Sep 15, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: New York. Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: New York is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

Cyber Security Conference for Executives (Baltimore, Maryland, USA, Sep 19, 2017) The Johns Hopkins University Information Security Institute and COMPASS Cyber Security are hosting the 4th Annual Cyber Security Conference for Executives on Tuesday, September, 19. It will be held on the Homewood Campus of Johns Hopkins University. This year’s theme is, “Emerging Global Cyber Threats.” The conference will feature thought leaders across a variety of industries to address current cyber security threats to organizations and how executives can work to better protect their data.

4th Annual Industrial Control Cybersecurity Europe (London, England, UK, Sep 19 - 20, 2017) Against a backdrop of targeted Industrial Control System cyber attacks against energy firms in the Ukraine power industry, the massive attacks against the Norway oil and gas industry, cyber attacks on Saudi Aramco and the new and continued threats such as Crash Override malware, Stuxnet, Havex, Dragonfly, Black Energy, and the potential impact of ransomware like #Wannacry on industrial control systems, the Cyber Senate return for the 4th Annual Industrial Control Cybersecurity Europe meeting to bring key stakeholders together to address our responsibility in ensuring the safety, reliability and stability of our Critical National Infrastructure.

Cyber Everywhere: Collaboration, Integration, Automatio (Washington, DC, USA, Sep 20, 2017) We’ve seen all of the cyber headlines this year – new policies emerging, old policies evolving, the cyber workforce is multiplying, and rapidly growing connected devices are complicating governance. While the Federal government is focused on security, new adversaries and attack vectors still emerge hourly. What are the early grades on the new Administration’s response to the growing cyber threat? How can collaborative tactics and integrated intelligence tools strengthen a proactive cyber defense? Join us at the sixth annual Cyber Security Brainstorm on September 20 at the Newseum to discuss the cyber strategies and opportunities that can keep our Federal government one step ahead at all times.

10th Cyber Defence Summit (Dubai, UAE, Sep 20, 2017) Naseba’s 10th Cyber Defence Summit will address the importance of protecting critical infrastructure and sensitive information, help companies procure cyber security solutions and services, and create further awareness of cyber security among the youth of the UAE.

2017 Washington, D.C. CISO Executive Leadership Summit (Washington, DC, USA, Sep 21, 2017) Highly interactive sessions will provide many opportunities for attendees, speakers and panelists to be engaged in both learning and discussion. The objective for the day is to deliver high quality useful information that attendees can develop into an action plan. Key Areas of Focus Include: Strategy, Process Improvement and Alignment, Innovation and Technology; Career Management and Leadership Development.

Connect Security World (Marseille, France, Sep 25 2017 - Sep 27 2014) As IoT solutions are transitioning from hype to real deployments, the “Internet of insecure things” threat is gaining ground. To address unlimited risks, threats and vulnerabilities surrounding IoT, a new generation of connected devices and services is required, with better security and privacy by design. In its 6th edition, Connect Security World invites both digital security experts and IoT developers to discuss and define a true end-to-end security, from sensors to Cloud, from design and development to deployment.

(ISC)2 Security Congress (Austin, Texas, USA, Sep 25 - 27, 2017) (ISC)² Security Congress cybersecurity conference brings together nearly 1,500 cybersecurity professionals, offers 100+ educational and thought-leadership sessions, and fosters collaboration with forward-thinking organizations. The goal of our conference is to advance security leaders by arming them with the knowledge, tools and expertise to protect their organizations. (ISC)² members are eligible for special discounted pricing and will have opportunities to attend exclusive member events.

Connect Security World (Marseille, France, Sep 25 - 27, 2017) As IoT solutions are transitioning from hype to real deployments, the “Internet of insecure things” threat is gaining ground. To address unlimited risks, threats and vulnerabilities surrounding IoT, a new generation of connected devices and services is required, with better security and privacy by design. In its 6th edition, Connect Security World invites both digital security experts and IoT developers to discuss and define a true end-to-end security, from sensors to Cloud, from design and development to deployment. (Note: the call for speakers is open through April 4, 2017.)

SINET61 2017 (Sydney, Australia, Sep 26 - 27, 2017) Promoting cybersecurity on a global scale. SINET – Sydney provides a venue where international solution providers can engage with leaders of government, business and the investment community to advance innovative solutions to cybersecurity challenges.

O'Reilly Velocity Conference (New York, New York, USA, Oct 1 - 4, 2017) Learn how to manage, grow, and evolve your systems. If you're building and managing complex distributed systems and want to learn how to bake in resiliency, you need to be at Velocity.

24th International Computer Security Symposium and 9th SABSA World Congress (COSAC 2017) (Naas, County Kildare, Ireland, Oct 1 - 5, 2017) If you thought symposiums on information security and risk were all the same, look again! COSAC is an entirely different experience. Conceived by practising professionals for experienced professionals, it is the most participative and productive event of the year. Undoubtedly the world's best annual source of advice in Information Security, COSAC makes available to you, in a fully residential format, presenters and facilitators who are the very best in the world. Collectively they have many hundreds of years of practical experience, have published thousands of major articles and books, and have proven records of success all over the globe.

Cybersecurity Nexus North America 2017 (CSX) (Washington, DC, USA, Oct 2 - 4, 2017) Be a part of a global conversation with professionals facing the same challenges as you at the nexus—where all things cyber security meet. Cyber security doesn’t take a vacation and it doesn’t sleep. You need to be aware of the most effective tactics and tools to meet the ever-growing threat. CSX 2017 offers keynote speakers and sessions that dive deep into what you need to know now.

Atlanta Cyber Week (Atlanta, Georgia, USA, Oct 2 - 6, 2017) Atlanta Cyber Week is a public-private collaboration hosting multiple events during the first week of October that highlight the pillars of the region’s cybersecurity ecosystem and create an opportunity for meaningful interaction between growth oriented cybersecurity companies and our Fortune 1000 client base.

4th Annual Industrial Control Cyber Security USA Summit (Sacramento, California, USA, Oct 3 - 4, 2017) Against a backdrop of targeted Industrial Control System cyber attacks, such as those against energy firms in the Ukraine power industry, the massive attacks against the Norway oil and gas industry, cyber attacks on Saudi Aramco and the new and continued threats such as Crash Override malware, Stuxnet, Havex, Dragonfly, Black Energy, and the potential impact of ransomware like #Wannacry on industrial control systems, the Cyber Senate return for the 4th Annual Industrial Control Cybersecurity USA meeting to bring key stakeholders together to address our responsibility in ensuring the safety, reliability and stability of our Critical National Infrastructure

4th Annual Industrial Control Cyber Security Summit USA (Sacramento, California, USA, Oct 3 - 4, 2017) Against a backdrop of continued ICS targeted cyber attacks against energy firms in the Ukraine power industry (CRASHOVERRIDE), the massive attacks against the Norway oil and gas industry, cyber attacks on Saudi Aramco and the continued threats such as Stuxnet, Havex, Dragonfly, Black Energy, and the potential impact of ransome ware like #Wannacry on industrial control systems, the Cyber Senate return for the 4th Annual Industrial Control Cybersecurity Europe meeting to bring key stakeholders together to address our responsibility in ensuring the safety, reliability and stability of our Critical National Infrastructure.

CyberSecurity4Rail (Brussels, Belgium, Oct 4, 2017) Facilitated by Hit Rail, this conference will bring together experts in cybercrime and digital security, plus leaders in ICT and representatives from transport and railway companies, European organisations and international bodies, to discuss the threats and set out a vision for safer, more secure digital communications and data networks in the transport industry. CyberSecurity4Rail will draw on the experience of recent incidents and the expertise of those who are working to protect systems and prevent cyberthreat.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

Reports on Security in the Boardroom. Notes on "ExpressLane." Probably not a cyberattack, but a cautionary tale from USS McCain. IoT credentials exposed. "Defray" ransomware described. NHS Lanarkshire disrupted by ransomware. Forcepoint acquires Red Owl.