The CyberWire Daily Briefing 01.27.17

Summary

By The CyberWire Staff

SecureWorks reports that Fancy Bear, the Russian GRU outfit famous for compromising the US Democratic Party's National Committee last spring, has been found in a British television network (unnamed for legal considerations). Fancy Bear established persistence in July 2015 and wasn't detected for a year, which is interesting given Fancy Bear's relative noisiness compared to its sibling Cozy Bear. German authorities are also seeing an increase in activity that looks like Fancy Bear's. Diplomatic sources in Russia's London embassy dismiss the allegations as Western nostalgia for the Cold War. ThreatConnect has devoted some attention to fleshing out indicators of compromise by Fancy Bear; their report is interesting (and a reminder of the distinction between evidence and intelligence).

Saudi worries about Shamoon persist. Intel Security has an overview of their current research into Shamoon 2's details, and Wapack Lab reports signs that the malware is turning up in the shipping industry as well.

The well-known banking Trojan Dridex is back, and Flashpoint says the malware now employs a new user account control bypass method.

DoubleFlag, the criminal group who's been selling data stolen from large Chinese ISPs, claims to have data on 126 million U.S. Cellular customers. U.S. Cellular tells HackRead they've investigated, and DoubleFlag's wares are bogus: there's been no breach.

LeakedSource, grey market purveyors of access to stolen passwords, is down, possibly for good. Someone (handle "LTD") claiming to be in a position to know said yesterday on the OGFlip forum that LeakedSource had been raided by US authorities.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting European Union, Germany, Israel, Moldova, Netherlands, Romania, Russia, Saudi Arabia, Taiwan, United Kingdom, United States and Venezuela

On the Podcast

Today's CyberWire daily podcast will feature Dale Drew from our partners at Level 3. He'll be discussing threats from the Asia Pacific region. We'll also have a guest, Vince Crisler from Dark Cubed, who'll review the lessons learned from the Grizzly Steppe report on Russian election hacking and influence operations.

A special edition of our Podcast is still up and available, and it's all about how to buy cyber security. Every day there seems to be a new security product on the market, with many of them claiming to provide something that you simply can’t live without. Companies appear and disappear, and businesses are faced with difficult, confusing, and often expensive choices. In this CyberWire special edition, we explore how businesses are navigating the process of choosing products and technologies in a crowded marketplace. We talk to some key stakeholders to find out what drives their purchasing decisions, and what they wished their vendors knew before they came knocking on their doors.

Sponsored Events

Women in Cyber Security (Tucson, AZ, USA, March 31 - April 1, 2017) With support from various industry, government and academic partners, WiCyS has become a continuing effort to recruit, retain and advance women in cybersecurity. It brings together women in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

Russia-linked Fancy Bear hackers had access to UK television station for 'almost a year' (International Business Times UK) Malware used by DNC hackers linked to attack UK on media.

Stepping to FANCY BEAR (or how to efficiently validate and enrich a jumbled list of indicators) (ThreatConnect) Over the last few weeks the U.S. government released two reports on Russian hacking and influence operations related to the U.S. election. Most notably, the unclassified version of the Intelligence Community Assessment (ICA) “Assessing Russian Activities and Intentions in Recent US Elections” released on January 6, mirrored assessments we have made over the last seven months in our blog series on FANCY BEAR, their operations, faketivists, and motivations.

Analysis of new Shamoon infections - Help Net Security (Help Net Security) All of the initial analysis pointed to Shamoon emerging in the Middle East. This however was not the end of the story since the campaign continues to target...

Shamoon and Essex Shipping (Wapack Lab) On 17 January 2017 the Saudi Arabia Computer Emergency Response Team (CERT), Abdulrahman al-Friah, confirmed that close to 22 b...

Flashpoint - Dridex Banking Trojan Returns, Leverages New UAC Bypass Method (Flashpoint) First observed in July 2014, “Dridex,” a financial banking Trojan, is considered the successor to the “GameOver ZeuS” (GoZ) malware.

Cisco WebEx code execution hole – what you need to know (Naked Security) Google’s Project Zero found a serious hole in Cisco’s WebEx browser extension that is nearly but not yet fully fixed. Here’s what to do.

Can you trust your Android VPN client? - Help Net Security (Help Net Security) Do you trust your Android VPN client to keep your data secure and your online browsing private? Well, perhaps you shouldn't.

Hacker Selling 126 Million Cell Phone Details of "U.S. Cellular" Customers (HackRead) A few hours ago we exclusively reported on a Dark Web vendor DoubleFlag selling more than 1 Billion accounts stolen from Chinese Internet giants. Now, the

Cross-Site Request Forgery: What Happened to the Sleeping Giant? (Network Security Blog | Qualys, Inc.) A decade ago, cross-site request forgery (CSRF, often pronounced “c-surf”) was considered to be a sleeping giant, preparing to wake and inflict havoc on the Worldwide Web. But the doom…

How one man could have deleted any public Facebook video (Naked Security) And then Dan Melamed did the right thing: he reported it to Facebook

More mobe malware creeps into Google Play – this time, ransomware (Register) Charger seeks to drain bank accounts of unlucky 'droids

Ransom attacks double in Europe as SMEs are targeted (Small Business) Radware finds ransom attacks was the #1 motivation behind cyber attacks and IoT botnets are now a major concern for CIOs.

Police Department Loses Years Worth of Evidence in Ransomware Incident (BleepingComputer) Police in Cockrell Hill, Texas admitted yesterday in a press release that they lost years worth of evidence after the department's server was infected with ransomware.

“You took so much time to joke me”—two hours trolling a Windows support scammer (Ars Technica) "Albert Morris" and team get taken for a ride while we tried to track their tradecraft.

Exploring the Cybercrime Underground: Part 3 – Into the RAT Nest - Palo Alto Networks Blog (Palo Alto Networks Blog) In this third part of Unit 42’s Cybercrime Underground blog series, we’re taking a slightly different approach. In this blog we begin with data from a real attack in the wild, and use the evidence from that attack to make a connection back to underground forums and the actors who are using them. Rather than starting from an attack we had already explored, we looked into a third-party research report linking an Adwind malware sample to a specific command and control (C2) domain and loosely associating a number of other domains. …

Get ready for the next White House e-mail (and Twitter) scandal (Ars Technica) An insecure phone, a press secretary posting his password, and private e-mail—really?

The security of President Trump's Android smartphone (Graham Cluley) The New York Times reports that US President Donald Trump is still using an old, poorly-secured Android smartphone.

Trump’s Personal Phone Is a National Security Risk (Motherboard) Trump might be using a totally easy to hack phone, according to security researchers.

Security Patches, Mitigations, and Software Updates

Facebook Adds Physical Key Security For Member Accounts (Dark Reading) Social media site now supports security keys to boost multifactor authentication.

Firefox flags Web of Trust add-on as suspicious, blocks by default (Graham Cluley) Firefox blocks WOT completely, in an attempt to protect users against malicious activity.

Google to Block .js Attachments in Gmail (Threatpost) Citing security concerns, Google announced that it will soon block JavaScript (.js) file attachments in Gmail.

Clock’s ticking for MD5-signed JAR files, says Oracle (Naked Security) Oracle’s delay in dropping support for the hash seems strange, but it’s finally named the day

Uber.com Backup Bug Nets Researcher $9K (Threatpost) A researcher earned $9K for identifying a XXE vulnerability in third party backup software used by Uber.

Cyber Trends

Is Your Network Protected? Cyber Crime in the Age of Information (Media Center) Within the last four years, online security and data breaches have grown increasingly threatening, compromising big name companies such as Target, Home Depot and Sony Corporation. Yahoo became the most recently identified victim of a major hacking in mid- December of 2016, although the breach dates back as far as 2013. The attack compromised 1.5 …

Five emerging technology trends essential to business success - Help Net Security (Help Net Security) Accenture Technology Vision 2017 predicts the most significant technology trends that people will apply to disrupt business over the next three years.

Online Trust Alliance Finds Consumer Data Breaches Level Off While Other Cyberattacks Skyrocket (OSINT) OTA documents 82,000 “cyber incidents” in 2016 negatively impacted businesses and organizations; admits there could have been more than 250,000 when accounting for unreported incidents

Marketplace

Microsoft to continue to invest over $1 billion a year on cyber security (Reuters) U.S. software firm Microsoft Corp (MSFT.O) will continue to invest over $1 billion annually on cyber security research and development in the coming years, a senior executive said.

KeyW Announces Public Offering of Common Stock (Yahoo! Finance) The KeyW Holding Corporation today announced that it has commenced an underwritten public offering of 8,500,000 shares of its common stock. The Company expects to grant the ...

Former Bartender and Psychiatrist Among Those Selected for New Cyber Retraining Academy (Business News Wales) SANS Institute, the global cyber security training organisation, has its European HQ in Swansea and the UK operation is headed up by Cardiff’s Stephen Jones.

Security Industry Veteran David DeWalt Joins ForgeRock as Vice Chairman (Yahoo! Fnance) ForgeRock®, the leading open platform provider of digital identity management solutions, today announced that Executive Chairman of FireEye David DeWalt has joined the company board of directors as Vice ...

Check Point hires high profile Canadian channel chief (Computer Dealer News) CDN has learned Ang Valentini has left Avaya Canada for a big role at Israeli security vendor Check Point Software Technologies Ltd.

Products, Services, and Solutions

Verizon Digital Media Solutions, Distil Networks to mitigate bad bots (TECHSEEN) Verizon Digital Media Services & Distil Networks have partnered for bot detection and mitigation on Verizon's Edgecast Content Delivery Network

New infosec products of the week: January 27, 2017 - Help Net Security (Help Net Security) Here are some of the most interesting infosec products released in the fourth week of January, including RiskSense, Watchguard, Infoblox, and more.

Dome9 Achieves SOC 2 Type 2 Certification (Marketwired) Independent attestation of SOC 2 Type 2 compliance demonstrates Dome9's continued commitment to protecting its customers and their data confidentiality

UK to get high-grade cryptographic solutions - Enterprise Times (Enterprise Times) Becrypt and Cyber1st are to work together in order to design and deliver new high-grade cryptographic solutions to market.

OPSWAT Releases New Content Disarm & Reconstruction Report (Benzinga) OPSWAT's Content Disarm & Reconstruction Report is a new report that demonstrates the benefits of OPSWAT's data sanitization (CDR) technology. This technology reconstructs...

Malwarebytes 3.0.6 with stability and performance improvements - gHacks Tech News (gHacks Technology News) Malwarebytes 3.0.6 is the latest version of the popular security program for Windows that is available as a free and premium version.

Technologies, Techniques, and Standards

For Utility Solution Providers, Who is Policing the Cyber Police? (Transmission and Distribution World) How well are manufacturers providing cyber protection for the equipment they provide to utilities?

Former Mozilla Engineer: Disable Your Antivirus Software, Except Microsoft's (BleepingComputer) "Antivirus software vendors are terrible; don't buy antivirus software, and uninstall it if you already have it (except for Microsoft's)." This is how Robert "Roc" O'Callahan, a former Mozilla bigwig engineer started a blog post today, in which he details a long list of issues that antivirus software have caused to browser vendors.

No, disabling your anti-virus software does not make security sense (Graham Cluley) Don’t throw the baby out with the bath water.

How I Would Hack Your Network (If I Woke Up Evil) (Dark Reading) How would an attacker target your company? Here's a first-person account of what might happen.

Firewall Efficacy Increased When Deployed with a Firewall Management Tool, FireMon Study Finds (Yahoo! Finance) FireMon, the leader in Network Security Policy Management , has released a commissioned study entitled Automate Zero Trust Policy and Enforcement conducted by independent, research-based consultancy, Forrester ...

Tip: Secure Your Microsoft Account with Two-Step Verification (Thurott) If you’re using a Microsoft account (MSA), you need to secure it with two-step verification. And then use an authenticator app to make it painless.

INFOGRAPHIC: Improve Network Security and Staff Productivity with a Firewall Auditing Tool - FireMon (FireMon) In a study commissioned by FireMon, Forrester Consulting found that organizations with firewall auditing and configuration tools realize more benefits that those without. For the study, Forrester surveyed more than 188 IT security decision makers at US enterprise companies. Results …

Army Reserve pilots management tool for cyber talent -- GCN (GCN) Working with Carnegie Mellon University, the Army Reserve has developed the Cyber Warrior Database, a master repository to track the skills soldiers acquire in their civilian jobs and match them to potential military applications.

Design and Innovation

Google pressure on devs to fix security issues bears fruit (Naked Security) Google’s App Security Improvement program has grown some real teeth since it was launched in 2014

Quantum Computers Versus Hackers, Round One. Fight! (WIRED) Can the nascent consumer quantum computing industry help cybersecurity firms with optimization problems like threat detection?

Indegy to Present Industrial Cyber Attack Demos at RSA 2017 ICS Sandbox (BusinessWire) Founders to discuss industrial cyber security measures on ICS Sandbox stage, Birds of Feather session and live Sandbox demo

For the Next Election, Don’t Recount the Vote. Encrypt It (WIRED) A new voting system promises to avoid unnecessary recounts---and prove when they're necessary, too.

Craig Newmark puts $500K towards reducing harassment on Wikipedia (TechCrunch) Craigslist founder Craig Newmark has donated half a million dollars towards Wikipedia's "Community health initiative," aimed at reducing harassment and..

Research and Development

In a bad mood? You might not be allowed to log on (Naked Security) ‘Brainwave biometrics’ could one day be used to gauge our fitness to access certain resources

Whitewood Announces the Awarding of a U.S. Patent for Quantum Key Management (Yahoo! Finance) Whitewood, a developer of solutions focused on improving the use of cryptography, is pleased to announce that the U.S. Patent and Trademark Office granted a new patent entitled, Quantum Key Management.

Academia

DCC earns designation as National Center of Excellence in Cyber Defense (GoDanRiver.com) Gov. Terry McAuliffe announced the National Security Agency and the U.S. Department of Homeland Security had officially designated Danville Community College as a National Center of Academic Excellence in Cyber

Senior Homeland Security official named UAlbany dean (Times Union) A senior official from the U.S. Department of Homeland Security has been named dean of the new University at Albany College of Emergency Preparedness, Homeland Security and Cybersecurity. Before coming to the federal government, Griffin held several high-ranking leadership and first responder posts for local governments in Arlington and Loudon counties in Virginia, and the towns of Tyngsborough and Townsend, Mass. The College of Emergency Preparedness, Homeland Security and Cybersecurity will work to educate and train students in the skills needed to prepare for, protect against, respond to and recover from natural and human-caused risks and threats in New York and around the world.

Legislation, Policy and Regulation

Election Hacks, Artificial Intelligence, and Fake News Move Doomsday Clock Closer to Midnight (Meritalk) Every year since 1947, the Bulletin of the Atomic Scientists has adjusted the minute hand on the so-called Doomsday Clock to depict how close the world is to midnight—a metaphor for the increasing or decreasing threats to humanity.

Trump Order Sparks Privacy Shield Fears (Infosecurity Magazine) Trump Order Sparks Privacy Shield Fears. Data sharing agreement not in jeopardy, European Commission assures

Cyber Espionage and the Very Real Risk to Our Critical Infrastructure - Carbon Black (Carbon Black) As technology has become more sophisticated, the battlefield has increasingly shifted from the physical to the digital. With cyber war now being fought on a global scale, there is more onus on security than ever, and too many organizations (and governments) are not taking the threat as seriously as they should, especially when it comes...

Cyber probes gain traction on the Hill -- FCW (FCW) Cyber is front and center as the 115th Congress completes its first month, with multiple investigations into Russia’s election-related hacking and now a resolution to create a Senate Select Committee on Cybersecurity.

President Outlines Vague Cyber Mission (Meritalk) President Donald Trump released his Making Our Military Strong Again and America First Foreign Policy last week, which hint at potential changes to the Federal cybersecurity community.

6 Myths About National Security Intelligence (Fifth Domain | Cyber) These false expectations could damage the credibility of the U.S. intelligence community and its ability to fulfill its mission.

Bill Calls for Study of Cybersecurity Standards for Cars (Threatpost) A bipartisan bill was introduced this week in the House calling for the NHTSA to conduct a study that would determine appropriate cybersecurity standards for motor vehicles.

New SPY Bill Aims to Improve Connected Car Security (Infosecurity Magazine) New SPY Bill Aims to Improve Connected Car Security. Proposed legislation calls for new standards

Navy committed to DoD-wide network security plan (C4ISRNET) The Navy is committed to JRSS migration, though on their own terms.

The Army is looking for AGR officers, warrants to go cyber (Army Times) Army Reserve officers and warrant officers in the Active Guard and Reserve can for the first time apply for a voluntary transfer to the Army’s cyber branch.

FBI director James Comey will be interviewed at SXSW (The Verge) FBI Director James Comey will be interviewed at the SXSW conference in Austin this year on March 13th. This would be the public’s first opportunity to really hear from Comey post-inauguration. The...

Litigation, Investigation, and Enforcement

The Strange Case of a Hacked Dark Web Child Porn Site Just Got Stranger (Motherboard) Europol confirms it has documents related to Giftbox, a dark web child abuse site that was recently used to deploy a Tor Browser zero-day exploit.

Breach notification website LeakedSource allegedly raided (CSO Online) LeakedSource, a breach notification service that exposed some of 2016’s largest data breaches, might be facing a permanent shutdown. According to a forum post on a well-known marketplace, the owner of LeakedSource was raided earlier this week, though exact details of the law enforcement action remain a mystery.

LeakedSource website goes dark amid claims of police raid (Register) Breach-and-tell database is offline for good, claims post

Site that sold access to 3.1 billion passwords vanishes after reported raid (Ars Technica) LeakedSource garnered criticism for actively cracking the passwords it sold.

Anomali Publishes Comprehensive Analysis of Evidence in 2016 Election Hacks (Yahoo! Finance) Anomali, provider of market-leading threat intelligence platforms, today announced the publication of Election Security in an Information Age, authored by Anomali Director of Security Strategy Travis Farral. ...

Election Security in an Information Age (Anomali) Over the last two years, there have been an increasing number of information security attacks on political organizations, government institutions, and political operatives. Learn more about governments interfering with foreign politics in this special report.

Author of Trump’s Favorite Voter Fraud Study Says Everyone’s Wrong (WIRED) At first, Jesse Richman was excited by all the attention his research was getting. Now he has days when he wishes he had never published it.

The NSA Has Found a New Way to Categorically Deny FOIA Requests (Gizmodo) The notoriously secretive National Security Agency is raising “security concerns” to justify an apparent new policy of pre-emptively denying Freedom of Information Act requests about the agency’s contractors.

Rogue tweeters in government could be prosecuted as hackers (Sacramento Bee) Who are the federal government's rogue tweeters, using official agency social media accounts to poke President Donald Trump? Are these acts of civil disobedience, or federal crimes?

'Rogue' Government Twitter Accounts Should Verify Themselves (Motherboard) AltNatParkSer and other 'rogue' science agency Twitter accounts have done nothing to gain the public's trust.

Lawyer for “inventor of e-mail” sends threat letter over social media posts (Ars Technica) Shiva Ayyadurai's attorney, who sued Techdirt, goes after another blogger.

Three Men Jailed for Taiwan ATM Heist (Infosecurity Magazine) Three Men Jailed for Taiwan ATM Heist. Eastern Europeans part of a suspected international gang

Fugitive Arrested In $200 Million Credit Card Fraud Scam (U.S. Department of Justice) A New York man was arrested for his role in one of the largest credit card fraud schemes ever charged by the Justice Department, U.S. Attorney Paul J. Fishman announced

Venezuelan officials arrest four Bitcoin miners on charges of stealing electricity (Ars Technica) With the economy in shambles, Bitcoin miners have tried to side-step currency woes.

Dutch secret service tries to recruit Tor-admin (Buro Jansen & Jansen) Recently a Dutch man with an MSc (Master of Science) at the Delft University of Technology and admin of Tor-exit nodes was approached by two agents of the Dutch intelligence service, the AIVD. They wanted to recruit the man as an informant or undercover agent, who would also infiltrate foreign hacker communities. The person tells his story.

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

Cyber Protect Conference (Nottingham, England, UK, February 9, 2017) Business owners have been invited to attend Nottinghamshire's first-ever cybercrime conference to learn how to better protect their data. The Cyber Protect Conference is being jointly hosted by the county's Police and Crime Commissioner Paddy Tipping and Nottinghamshire Police, and will include presentations from cyber security experts. The event, which takes place on Thursday, February 9, at The Atrium in Nottingham, is free of charge and open to small and medium-sized enterprises (SMEs) across the county.

The 2nd China Automotive Cyber Security Summit 2017 (Shanghai, China, February 24, 2017) CACSS2017 will Provide a platform for Automotive OEMs, Tier 1 suppliers, Automotive security solution/ technology/products developers,Automotive electronics companies, IT companies, Mobile data suppliers, Automotive insurance companies, and automotive cyber security experts to address government regulations developing trends, Automotive cyber security standards, updated vulnerabilities, “Black Hat” behaviour motivations, State-of-the-Art technology solutions, critical cyber security challenges and collaboration initiatives; Help you to understand tailored smart car cyber security products and solutions, build up a set of effective cyber security management system and improve the capability of protecting smart cars. This second to non Automotive cyber security industry event will assure you to understand China Automotive cyber security industry business opportunities, network with China local customers and consolidate your worldwide leadership.

Investing in America’s Security: Cybersecurity Issues (Jersey City, New Jersey, USA, March 10, 2017) Please join us for the 5th Annual Northeast Regional Security Education Symposium hosted by the Professional Security Studies Department at New Jersey City University. The Symposium’s keynote address will be delivered by Milan Patel of K2 Intelligence, formerly the FBI’s Cyber Division Chief Technology Officer. Speakers include NJCCIC Director Michael Geraghty. NJCU students pursuing their D.Sc. degree will present academic research posters and a panel of experts will discuss careers in cyber security.

upcoming Events

CyberTech (Tel Aviv, Israel, January 30 - 31, 2017) Cybertech is the most significant conference and exhibition of cyber technologies outside of the United States. Cybertech provides attendees with a unique and special opportunity to get acquainted with the latest innovations and solutions featured by the international cyber community. The conference's main focuses are on networking, strengthening alliances and forming new connections. Cybertech also provides an incredible platform for Business to Business interaction.

Enigma (Oakland, CA, USA, January 30 - February 1, 2017) Join a diverse mix of experts and enthusiasts from industry, academia, and government for three days of presentations and open sharing of ideas. Our focus is on current and emerging threats and defenses in the growing intersection of society and technology. Our goal is to foster an intelligent and informed conversation with the community and with the world, including a wide variety of perspectives, backgrounds, and experiences.

National Credit Union - Information Sharing & Analysis Organization - 2017 Tech Conference (Cape Canaveral, Florida, USA, January 31 - February 2, 2017) Join us for three days of Cyber Security topics that are pertinent to Credit Union cyber resilience, real-time security situational awareness information sharing, and coordinated response in the global credit union community! Protecting the Credit Union’s global infrastructure to sustain cyber resilience requires an unprecedented level of public- and private-sector cooperation, collaboration and coordination and includes access to the real-time availability of proactive “actionable” threat intelligence; analysis of potential impacts; coordinated countermeasure solutions and response; cybersecurity best practice adoption and role-based workforce education.

Southern Virginia - Cyber Security Lunch & Learn (Norfolk, Virginia, USA, February 2, 2017) Cyber security experts discuss security incident response. Dealing with cyber security risk is an exercise in managing daily chaos. Organizations know they need to improve their posture but common roadblocks often get in the way. Join us for lunch and an action-oriented discussion about ways you can improve your security incident response program in 2017. The conversation will be led by certified SANS instructor Alissa Torres, and Rsam CISO Bryan Timmerman. Attend and earn CPE credits towards your ISACA and (ISC)2 certifications.

Insider Threat Program Development Training For NISPOM CC 2 (Toms River, NJ, USA, February 6 - 7, 2017) Insider Threat Defense announced it will hold a 2 day training class on Insider Threat Program Development (NISPOM Conforming Change 2) on Feb. 6-7, 2017, in Toms River, NJ. For a limited time the training is being offered at a discounted rate of $795 (Normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop, implement and manage a robust Insider Threat Program / Working Group. Insider Threat Defense has trained over 500+ organizations and has become the "Leader-Go To Company" for Insider Threat Program Development Training.

The Risks and Benefits of Artificial Intelligence and Robotics (Cambridge, England, UK, February 6 - 7, 2017) The Risks and Benefits of Artificial Intelligence and Robotics Workshop aims to provide media and security professionals with an in-depth understanding of the implications that the rapid advancement of AI technology may affect the global community in both the physical and structural spheres and the potential impact of the future evolution of such technology, especially in terms of security. Emphasis will be given to the way in which AI and autonomous robotics can be represented and communicated in the media.

SANS Southern California - Anaheim 2017 (Anaheim, California, USA, February 6 - 11, 2017) Learn practical, relevant tips and techniques from industry leaders. Join us for SANS Southern California - Anaheim 2017, and choose from eight courses on cyber defense, penetration testing, incident response, threat hunting, ethical hacking, IT management and ICS/SCADA security. Some of our courses are in alignment with DoD Directive 8570 requirements for Baseline IA Certifications, and most courses have GIAC Certification attempts available. Take advantage of this opportunity to sharpen your skills and advance your career.

Workplace Violence & Response To Active Shooter Events Meeting (Laurel, Maryland, USA, February 9, 2017) The National Insider Threat Special Interest Group (NITSIG) will be hosting a meeting on February 9, 2017, at the Johns Hopkins University Applied Physics Laboratory, Laurel, MD. The meeting will be exclusively focused on workplace violence and responding to an active shooter event. Presenters include experts from the Occupational Safety and Health Administration (OSHA), and the Maryland State Police. It's free to attend. Prominent among the topics to be discussed will be threats directed from the Internet.

RSA Conference 2017 (San Francisco, California, USA, February 13 - 17, 2017) The current state of cybersecurity means there are many opportunities for the industry as a whole to collaborate on new innovations. Discovering the next great opportunity will require everyone to embrace new and unique perspectives from a broadly diverse base of people and sources. RSA Conference 2017 provides the opportunity for all attendees at all levels to grow their knowledge, exchange ideas with peers and further their careers. With opportunity comes great responsibility for the future. Our actions today will have a lasting impact on the strength of the industry—and the safety of the world—tomorrow. At RSA Conference 2017, you will learn about new approaches to info security, discover the latest technology and interact with top security leaders and pioneers. Hands-on sessions, keynotes and informal gatherings allow you to tap into a smart, forward-thinking global community that will inspire and empower you.

Using STIX/TAXII to share automated cyber threat data (San Francisco, California, USA, February 15, 2017) Cybersecurity experts representing the financial sector, healthcare, utilities, software providers, government, academia and nonprofits continue to define/develop the STIX/TAXII specifications as the solid foundation for standardizing threat information. This large group of public and private sector organizations and companies are working together to advance the STIX/TAXII specifications in the OASIS Cyber Threat Intelligence Technical Committee. These specs have already dramatically streamlined the analysis of threat data. We invite cybersecurity experts and decision makers to be part of the conversation.

Insider Threat Program Development Training For NISPOM CC 2 (Simi Valley, CA, USA, February 22 - 23, 2017) Insider Threat Defense announced it will hold a 2 day training class on Insider Threat Program Development (NISPOM Conforming Change 2) on Feb. 22-23, 2017, in Simi Valley, CA. For a limited time the training is being offered at a discounted rate of $795 (Normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop, implement and manage a robust Insider Threat Program / Working Group. Insider Threat Defense has trained over 500+ organizations and has become the "Leader-Go To Company" for Insider Threat Program Development Training.

Risky Business (London, England, UK, February 23, 2017) How are you tackling Cyber Crime in the Property Transaction? Join our panel of expert speakers at the IET in London to find out more about cyber crime in the property transaction and the steps you can take to protect the best interests of your firm and your client.

SANS Dallas 2017 (Dallas, Texas, USA, February 27 - March 4, 2017) We are pleased to invite you to attend SANS Dallas 2017, on February 27- March 4 at The Westin Dallas Downtown, located in the heart of the city. We have selected several of our top information security courses to provide you with the training and certification that you need to boost your career by learning from the best! SANS instructors are industry professionals who will ensure that you not only learn the material, but that you will also be able to apply what you learn your first day back in the office.

Autonomous Vehicles Silicon Valley (Santa Clara, California, USA, February 28 - March 2, 2017) The road to autonomy: Regulation. Consumer Acceptance. Safety & Security. Explore the latest technologies and hottest issues for the autonomous vehicles industry.

The Cyber Security Summit: Denver (Denver, Colorado, USA, March 1, 2017) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. Learn from cyber security thought leaders including: Mary McCord, Asst. Attorney General for National Security, U.S. Dept. of Justice & Chad Alvarado, Supervisory Special Agent, Cyber Task Force, FBI Denver Division. Engage in panel discussions focusing on trending cyber topics including Emerging Threats to IoT & Big Data, Insider Threats, and Compliance. Receive half off your admission with promo code cyberwire50 at CyberSummitUSA.com and view details including the full agenda, participating solution providers & confirmed speakers

International Cyber Risk Management Conference (ICRMC) (Toronto, Ontario, Canada, March 2 - 3, 2017) The third annual International Cyber Risk Management Conference (ICRMC) brings together a world class roster of experts with cross-sector, global and multidisciplinary expertise to share knowledge, lessons learned, and methodology on cyber security. We are delighted to build on last year’s very successful ICRMC. Cyber security has grown into a global pandemic and organizations of all sizes are struggling with questions on how to mitigate, manage, and transfer cyber risk. We’ve structured our agenda based on delegate feedback and our exceptional 2017 Advisory Committee is determined to provide engaging high-profile speakers and compelling content to share knowledge, captivate and educate. Visit www.icrmc.com for details.

SANS San Jose 2017 (Milpitas, California, USA, March 6 - 11, 2017) Securing and defending your network has never been more important as attacks and breaches make the news daily. Gain the skills and tools you need to win the battle against the wide range of cyber adversaries who want to harm your environment. SANS San Jose 2017 offers six hands-on, intensive cyber security training courses.

15th annual e-Crime & Cybersecurity Congress (London, England, UK, March 7 - 8, 2017) Europe's largest and most sophisticated gathering of senior cybersecurity professionals from international business, governments, law enforcement and intelligence agencies.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.