The CyberWire Daily Briefing 01.30.17

Summary

By The CyberWire Staff

The arrest of Kaspersky security researcher Stoyanov has begun, counter to some expectations late last week, to look like an actual espionage case as opposed to a corruption matter. Sergei MIkhailov, deputy chief of FSB's Center for Information Security, has also been arrested, and Novaya Gazeta reports the men are charged with passing information to the Americans.

Saudi Arabia's Sadara Chemical Company says it (or more precisely, Symantec, hired by Sadara) has completed remediation of the Shamoon attack the company recently sustained.

Guillaume Poupard, Director of French securtiy agency ANSSI, warned that, while jihadist groups have shown little hacking ability, this could change rapidly should digital "mercenaries" sell the groups their services. The mercenaries could do so inadvertently, given the anonymity of much black-market information sharing.

Cisco patches the TelePresence Multipoint Control Unit (MCU) software in its MSE 8510 and 5300 series models. The 4500 is also vulnerable to the remote code execution flaw, but it won't be patched: it reached its end-of-life last July.

U.S. Cellular confirms that the breach a hacker said the company suffered last week never in fact happened.

Ransomware attacks, may have taken down DC police surveillance cameras around the time of the Presidential inauguration. Ransomware also hit a hotel in Austria, but apparently did not, as early reports said, lock guests into (or out of) their rooms. Instead, the hotel's ability to make new keys was disrupted.

In industry news, Polaris Alpha buys Intelesys, and Harris sells its government IT unit to Veritas Capital.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Austria, Canada, Colombia, Denmark, European Union, France, Germany, Iran, Italy, Lithuania, Mexico, Norway, Poland, Russia, Saudi Arabia, Sudan, United Kingdom, and United States.

On the Podcast

Today's CyberWire daily podcast will feature our partners at the Johns Hopkins University, as Joe Carrigan makes everyone's flesh creep with stories about devices that are always listening (Siri, Alexa, he's looking at you).

A special edition of our Podcast will discuss how to become a smarter buyer of cyber security. Every day there seems to be a new security product on the market, with many of them claiming to provide something that you simply can’t live without. Companies appear and disappear, and businesses are faced with difficult, confusing, and often expensive choices. In this CyberWire special edition, we explore how businesses are navigating the process of choosing products and technologies in a crowded marketplace. We talk to some key stakeholders to find out what drives their purchasing decisions, and what they wished their vendors knew before they came knocking on their doors.

Sponsored Events

Atlantic Council Cyber 9/12 Student Challenge (Washington, DC, USA, March 17 - 18, 2017) The Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to allow students from around the world and various academic disciplines to understand the policy challenges associated with a cyber crisis. Register now as a competitor, judge or observer.

Women in Cyber Security (Tucson, AZ, USA, March 31 - April 1, 2017) With support from various industry, government and academic partners, WiCyS has become a continuing effort to recruit, retain and advance women in cybersecurity. It brings together women in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

Cause of Sadara Cyberattack Resolved by Symantec (Investopedia) The Saudi firm, targeted by a returning destructive cybervirus, got aid from Symantec.

Could jihadists paralyse a city - with help from ‘cyber mercenaries’? (South China Morning Post) Jihadists have yet to shut down a power grid, paralyse a transport network or banking system or take over a key industrial site from afar, but experts say the threat of such a cyber attack should be taken seriously....

Hackers have started a cyber war (Irish Examiner) A global industry has turned email hacking into a weapon for sale, writes Mattathias Schwartz.

Details come to light over Lloyds cyber attack - Acumin (Acumin) Lloyds Bank recently fell foul to cyber crime, which prevented a significant number of users from being able to access to their internet accounts. The break in service from Lloyds Group, which includes Bank of Scotland and Halifax, occurred after millions of website requests were made, and the fact that the issue lasted for three days will be especially concerning for banks. In spite of a flurry of complaints on Twitter, Lloyds kept information minimal.

Cisco Warns of Critical Flaw in Teleconferencing Gear (Threatpost | The first stop for security news) Cisco Systems is warning customers of a critical vulnerability affecting three of its TelePresence MCU platform models.

Black market Blackphones get sent a kill message that bricks them [Updated] (Ars Technica) Fighting unauthorized sellers, latest OS update checks IMEI of device.

Majority of Android VPNs can’t be trusted to make users more secure (Ars Technica) Study of nearly 300 apps finds shocking omissions, including a failure to encrypt.

Fake Bank Statements Spam Leads to Keylogger, Bitcoin Wallet & Browser Infostealer (BleepingComputer) A spam campaign posing as convincing bank transfer statements is tricking users into installing malware on their devices, malware that's capable of several damaging functions.

XSender: The Source of All the Recent XMPP Spam (BleepingComputer) In recent months, security researchers, hackers, and other dwellers of the cyber-criminal underground have noticed an uptick in XMPP (formerly Jabber) spam.

New VirLocker Ransomware Version Still Effective Despite Uncovered Flaw (Virus Guides) VirLocker ransomware came back with a vengeance last week after a lengthy absence. The virus was first spotted in 2014. It is part of a ransomware family

Remote attackers can force Samsung Galaxy devices into never-ending reboot loop - Help Net Security (Help Net Security) A single SMS sent to a Samsung Galaxy device can force it into a crash and reboot loop, and leave the owner with no other option than to reset it.

HummingWhale Malware Infect Millions Of Android Devices, Here's How To Avoid It (iTech Post) HummingWhale is an Android malware infection that blows through millions of devices and found inside 20 different apps in Google Play. Security firm Check Point issued two warnings regarding this matter to all Android users.

Phishers' new social engineering trick: PDF attachments with malicious links - Help Net Security (Help Net Security) The latest attacks through PDF attachments are geared towards pushing users to enter their email account credentials into well-crafted phishing pages.

Linux devices with standard settings infected by Linux.Proxy.10 malware (HackRead) Linux operating system was once known to be the most secure OS in the world, but things have changed since security researchers have found malware like Mir

That Heartbleed problem may be more pervasive than you think (CSO Online) 200,000 devices with the OpenSSL Heartbleed vulnerability may include commercial software you are running.

MongoDB ransom attacks continue to plague administrators (CSO Online) Earlier this month, Salted Hash reported on a surge in attacks against publicly accessible MongoDB installations. Since January 3, the day of that first report, the number of victims has climbed from about 200 databases to more than 40,000. In addition to MongoDB, those responsible for the attacks have started targeting Elasticsearch and CouchDB.

Hackers hit D.C. police closed-circuit camera network, city officials disclose (Washington Post) Intrusion was detected Jan. 12 and investigation into source continues.

Ransomware Took DC Cameras Offline Ahead of Inauguration (Infosecurity Magazine) Ransomware Took DC Cameras Offline Ahead of Inauguration. US capital exposed after police network was attacked

US Marketer Exposes 400,000 Audio Recordings in Privacy Snafu (Infosecurity Magazine) US Marketer Exposes 400,000 Audio Recordings in Privacy Snafu. Some of the calls contained credit card details and personal info

Hotel ransomed by hackers as guests locked in rooms (The Local) One of Europe's top hotels has admitted they had to pay thousands in Bitcoin ransom to cybercriminals who managed to hack their electronic key system, locking hundreds of guests in or out of their rooms until the money was paid.

Luxury Hotel Goes Analog to Fight Ransomware Attacks (Motherboard) A luxury Austrian hotel was forced to pay thousands of euros after a ransomware attack.

Hotel guests locked in their rooms by ransomware? It doesn't make sense (Graham Cluley) It's a great story, but it's almost certainly not true.

About 150 Delta flights in the US canceled after systems outage (CSO Online) About 150 flights of Delta Air Lines in the U.S. were canceled and some others were delayed on Sunday on account of an IT systems outage, the airline reported.

Data Privacy Day: know the risks of Amazon Alexa and Google Home (Naked Security) Have you invited Google or Amazon’s AI assistants into your home? We offer some tips to help protect your privacy

WTF is a backdoor? (TechCrunch) For the authorities, encryption is a calamity. Where once they could pry open drawers to find incriminating letters, or force a company to reveal private..

Security Patches, Mitigations, and Software Updates

Cisco starts patching critical flaw in WebEx browser extension (CSO Online) Cisco Systems has patched a critical vulnerability in its WebEx collaboration and conferencing extension for Google Chrome and is working on similar patches for the Internet Explorer and Firefox versions.

WordPress 4.7.2 Update Fixes XSS, SQL Injection Bugs (Threatpost | The first stop for security news) WordPress fixed three security issues, including a XSS and SQL injection, with WordPress 4.7.2 this week.

Cyber Trends

4GW is Groundless, and Here’s Why (Strategy Bridge) “War has changed” has become a common refrain in modern pop culture. Defence analysts and armchair generals alike tell us that the character of modern war is unlike that of any previous era.

Cybersecurity in 2017: Interview with OWASP Author Jim Manico (Checkmarx) As the software world still reels from the major hacks and breaches that occurred, and surfaced, in 2016, it’s critical …

Mondays with Authors: Ted Koppel sounds a warning about cyberattacks on U.S. (My Central Jersey) At 8 p.m. Thursday, March 23, he will be at NJPAC in Newark as part of the New Jersey Speakers Series presented by Fairleigh Dickinson University.

Half of IT pros don't know how to improve their security posture - Help Net Security (Help Net Security) 50 percent of the respondents said that security is so complex, they don’t know where to start to improve their organization’s security posture.

Saler: Financial world focuses on quick recovery from a cyber attack (Milwaukee Journal Sentinel) The fast-evolving nature of digital commerce makes it nearly impossible to ward-off a well-planned, coordinated cyber-attack.

Internet users lose $476 on average per cyber attack: Study (The Indian Express) With the variety and sophistication of online financial threats against consumers growing, losses from online fraud, identity theft and hacking are now running at billions a year.

Trump’s unsecure Android phone highlights common security dilemma (CSO Online) As CIOs and IT security pros already know, strong security technology can still be undermined if end users don't follow safe cyber practices.

Marketplace

Microsoft: We're investing $1bn a year in cybersecurity R&D and "that spending has to go up" (Neowin) As the number of attempted cyberattacks has risen from 20,000 to around 700,000 a week in the last three years, Microsoft is spending huge sums on its cybersecurity efforts - and plans to spend more.

Are businesses spending their money on the wrong IT security? - Help Net Security (Help Net Security) There's an ongoing disconnect between the security solutions organisations spend money on and the ability of those solutions to protect sensitive data.

Cyber startups selected for GCHQ accelerator - Acumin (Acumin) Seven startups in the UK, all focusing on cyber security threats and other cyber issues, have been chosen for a new accelerator led by the Government Communications Headquarters (GCHQ). The startups on the shortlist include Verimuchme, StatusToday, Spherical Defence, FutureScaper, Cyberowl, and CounterCraft.

ISR firm buys intel community tech provider (C4ISRNET) Defense ISR company Polaris Alpha has acquired Intelesys Corporation, which provides technology for the U.S. intelligence community.

Harris quiets speculation, sheds Herndon government IT division (Washington Business Journal) After months of speculation, Melbourne, Florida-based Harris Corp. (NYSE: HRS) announced Friday it is selling its government IT services division to New York private equity group Veritas Capital for $690 million in cash.

How Risky Is Palo Alto Networks Inc.? (Fox Business) So far, so good in 2017 for the data security provider, but with its latest run-up comes more risk.

Survey Roundup: Looking to Work? Look to Cyber (WSJ) A survey of 147 IT decision makers found 33% said they have trouble identifying the IT security skills and competencies their organization needs today.

Products, Services, and Solutions

Cyberbit to showcase hyper-realistic cybersecurity simulator at Cybertech 2017 (Yahoo! Finance) Cyberbit , whose cybersecurity solutions protect the world's most sensitive systems, today announced that it will be demonstrating its new Cyberbit Range ...

Flashpoint - Flashpoint Introduces Advisory Services to Empower Organizations with Greater Business Risk Intelligence (Flashpoint) Trusted Advisors Help Intelligence Teams Accelerate and Mature Capabilities to Achieve Objectives New York, NY – January 30, 2017 – Flashpoint, the global leader in Business Risk Intelligence (BRI) from the Deep & Dark Web, today introduced its new Advisory Services offering, which includes a BRI Services Practice and a Strategic Engagement Services Practice.

Google to Operate its Own Root CA (Threatpost) Google announced that it will operate its own root Certificate Authority, stood up by the acquisition of two root CAs from GlobalSign.

Why isn't Trump only using the self-destructing phone Obama had? (Mashable) Trump likely isn't exclusively using the phone made with presidents in mind.

F5 Networks Defends Applications with New Herculon Appliances (eSecurity Planet) The company debuts new appliances that help businesses keep cyber-attackers away from their critical applications.

Technologies, Techniques, and Standards

Intelligence as a SOC Function (LinkedIn) Masoud Ostad discusses how the intelligence function is becoming more and more accepted as an essential task in SOC Operations. I totally agree with him but disagree on this one point. He emphasizes that network defenders should mostly use intelligence for detection and response and not for prevention. His assertion is that network defenders can use intelligence to find the unknown playbooks in use by cyber adversaries on your network.

Study shows 'BYOK' can unlock public cloud market for businesses (Out-Law) Businesses would be more likely to use store data in a public cloud environment if they were allowed to "manage and control their own encryption keys", a new study has found.

Is it time to call an MSSP? Five signs that it can't wait - Help Net Security (Help Net Security) Small and midsize businesses (SMBs) are fighting an uphill battle when it comes to managing their network security. According to a 2016 Ponemon study, 69 p

Increasingly sophisticated attacks call for advanced protection tools - Help Net Security (Help Net Security) A new NTT Security report underscores the need for more advanced tools to protect from the evolving tactics, techniques and procedures used by attackers.

Do you have a cyber A-team? (CSO Online) The stakes are too high, especially for public companies, not to have a true cyber A-team. Companies of all sizes should ask themselves: do we have a real cyber A-team of executives and outside experts?

7 Ways To Protect Your Private Cellphone Data From Hackers (Forbes) With so many scary headlines about data breaches and ID theft hitting the news cycle, you've probably loaded your home computer with antivirus software, installed a firewall and created strong password protection.

Four simple steps to stop a cyber thief (Standard Journal) In recognition of National Data Privacy Day on Jan. 28, The Bank of Commerce is urging consumers and business owners to take an active role in

New York State releases tips for protecting online privacy, information (WHAM) A host of New York State government agencies released tips for consumers and businesses on Saturday to recognize National Data Privacy Day. The day was created to raise awareness of privacy and data protection issues that could affect everyone in an increa

How to prevent phishing and keep thieves away from your money (Panda Security Mediacenter) Phishing remains a serious threat to your online identity – and bank balance. Here there are a few steps you can take to better protect yourself.

Centrify warns against ignoring ‘security fatigue’ (CSO) ‘Security fatigue’ is a growing threat to protecting identities and confidential information for businesses and individuals warns Centrify, the leader in securing enterprise identities against cyberthreats.

7 Tips For Getting Your Security Budget Approved (Dark Reading) How to have a productive conversation with business leaders and get your security budget approved.

Design and Innovation

AI-based typing biometrics might be authentication's next big thing (CSO Online) Thanks to advances in artificial intelligence identifying people based on how they type can now be done with a very high level of accuracy, making it a viable replacement for other forms of authentication on the Web.

Quantum Computers Versus Hackers, Round One. Fight! (WIRED) Can the nascent consumer quantum computing industry help cybersecurity firms with optimization problems like threat detection?

Privacy by design: How fashion combats surveillance (The Christian Science Monitor Passcode) Designers, artists, and students around the world are creating accessories and clothing meant to hide wearers' identities from mass surveillance.

Research and Development

The Data That Turned the World Upside Down (Motherboard) Psychologist Michal Kosinski developed a method to analyze people in minute detail based on their Facebook activity. Did a similar tool help propel Donald Trump to victory?

Academia

Phi Beta Cyber Provides Top Names in Cybersecurity to High Schools Nationwide (Cybersecurity Ventures) Luminaries, media personalities, top military cyber experts, and America’s largest corporations come together to convince high school students to fill future jobs void

Legislation, Policy and Regulation

Cyber: Iran’s Weapon of Choice (Cipher Brief) Cyber is emerging as Iran’s weapon of choice for dealing with both domestic and foreign opponents.

Nordic NATO Members Alert to Risk of Russian Cyberattacks (Defense News) Russia has the willingness and capacity to launch serial cyberattacks against Denmark and any neighboring Nordic or Baltic state that it regards as too close to NATO or an imminent threat, according to security intelligence aggregated by Danish defense intelligence services.

Merkel: Security will be key issue in Germany's 2017 election campaign (Reuters) German Chancellor Angela Merkel said on Friday that security would be a major issue in the campaign leading up to a federal election on Sept. 24, in which she is seeking a fourth term.

Cyber Commission Remains Bullish Trump Team Will Take Some Recommendations (Defense One) The cyber review, ordered by Obama, may have a future under the new president, even if Obama doesn't get credit.

Trump administration faces early test for negotiating fix to Wassenaar cyber-export controls (Inside Cybersecurity) The Trump administration faces an early deadline for renewing negotiations on an international solution to cyber export controls that former President Obama left largely unresolved, according to industry sources following the issue.

US No Longer Has Geography as Defense in Cybercombat (Military.com) U.S. lawmakers have argued that, without an official policy, responses to cyber-attacks can be slow and ultimately ineffectual.

House readies wave of bills to boost national security (Washington Examiner) The House of Representatives will take up a series of bills next week aimed at beefing up the Department of Homeland Security, including by improving the U.S. response to cyberattacks, preventing terror attacks that use nuclear weapons, and improving airport security.

Draft White House cyber order signals pending re-org -- FCW (FCW) A draft White House executive order on cybersecurity points to some possible changes in how civilian government agencies protect infrastructure and networks.

What's in President Trumps cyber draft executive order? (C4ISRNET) What's in President Trumps cyber draft executive order?

Draft Cyber Executive Order calls for immediate 60-day cyber miracle (Ars Technica) Cabinet panel to identify “cyber adversaries,” fix government cybers now.

Reform Agenda for the Department of Homeland Security (Forbes) Newly confirmed Homeland Security Secretary John Kelly will have a full plate.

Why one executive order won't be enough to secure the federal government (Vox) A president with an outdated Android phone might struggle to secure the federal government.

US has 'no strategy' for dealing with Russian cyber attack, says McCain (IT PRO) Trump administration blasted by former candidate

Litigation, Investigation, and Enforcement

Троянский код (Новая газета) Хакеров и чекистов подозревают в государственной измене и передаче секретных данных американцам

A Shakeup in Russia’s Top Cybercrime Unit (KrebsOnSecurity) A chief criticism I heard from readers of my book, Spam Nation: The Inside Story of Organized Cybercrime, was that it dealt primarily with petty crooks involved in petty crimes, while ignoring more substantive security issues like government surveillance and cyber war. But now it appears that the chief antagonist of Spam Nation is at the dead center of an international scandal involving the hacking of U.S. state electoral boards in Arizona and Illinois, the sacking of Russia’s top cybercrime investigators, and the slow but steady leak of unflattering data on some of Russia’s most powerful politicians

Reports: Second FSB Agent Arrested; Possible Links To U.S. Election Hacking (RadioFreeEurope/RadioLiberty) Russian media have reported that another Federal Security Service (FSB) officer has been arrested on treason charges in a case that may be linked to cyberattacks targeting the U.S. presidential election campaign.

Russians suspected of aiding investigations into hacking are being arrested and possibly murdered (AOL.com) The fallout from the U.S.-Russian hacking scandal continues, as The Telegraph reported an ex-KGB chief who is reported to have helped former spy Christopher Steele compile the infamous dossier on Donald Trump, was reportedly murdered. The latest development peels back another layer to the controversial Russian hacking scandal, as experts believe the Kremlin may have covered it up.

Mystery death of ex-KGB chief linked to MI6 spy's dossier on Donald Trump (The Telegraph) An ex-KGB chief suspected of helping the former MI6 spy Christopher Steele to compile his dossier on Donald Trump may have been murdered by the Kremlin and his death covered up.

Russian treason probe results in arrests of FSB officials, Kaspersky cyber expert: Reports (The Washington Times) Russian media reported the arrests this week of three individuals suspected of treason, including a researcher employed by the nation’s leading cybersecurity firm and two employees of the former KGB.

Have Russians arrested a source in U.S. probe of election meddling? (Mcclatchydc) Russia arrests senior cybersecurity experts, and veteran American cyber warriors say it may have been a blow directed at the United States. Did U.S. intelligence just suffer a “humongous loss” of a spy in Russia?

GSA cloud computing gaps leaked personal information, OIG says (Federal Times) Four reports outline how employee and building security information was accessible across the agency.

NSA Keeps Contractor Records Secret Over ‘Changing Security Concerns’ (The Daily Caller) National Security Agency (NSA) officials refuse to release any information about its private contractors or even conduct search for related records. NSA Freedom of Information Act (FOIA) chief li

Ex-NSA lawyer says US border plans to collect browser history, phone data would be unlawful (ZDNet) One former intelligence lawyer said the move would be 'tremendously intrusive' and could have a 'real cost' to effective intelligence gathering.

LeakedSource's shutdown is a blow to amateur hackers (CSO Online) Amateur hackers are alarmed with the apparent demise of LeakedSource, a controversial breach notification site that’s been accused of doing more harm than good.

Europol coordinated operation against international cybercrime ring (Security Affairs) Five members of an international cybercrime gang have been arrested as a result of an investigation coordinated by the Europol

Trump told to stop gov’t lawsuit over Qualcomm patent licensing (Ars Technica) Action or inaction on Qualcomm could be a bellwether of Trump patent policy.

Ultranet scandal exposes network of senior officials (CRN Australia) IBAC investigation could end with criminal charges.

Celebgate hacker who stole nude photos gets nine months in jail (Naked Security) 29-year-old man hacked into 300 private accounts in ‘abhorrent’ crime

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

Yale Cyber Leadership Forum: Bridging the divide between law, technology, and business (New Haven, Connecticut, USA, March 30 - April 1, 2017) The Yale Cyber Leadership Forum will take place on Yale University's campus and will focus on bridging the divide between law, technology and business in cybersecurity. With McKinsey & Company as our knowledge partner, the Forum will integrate McKinsey’s extensive knowledge of best practices in cybersecurity with Yale’s scholarly expertise. The Forum will expose participants to effective approaches to recognizing, preparing for, preventing, and responding to cyber threats.

upcoming Events

CyberTech (Tel Aviv, Israel, January 30 - 31, 2017) Cybertech is the most significant conference and exhibition of cyber technologies outside of the United States. Cybertech provides attendees with a unique and special opportunity to get acquainted with the latest innovations and solutions featured by the international cyber community. The conference's main focuses are on networking, strengthening alliances and forming new connections. Cybertech also provides an incredible platform for Business to Business interaction.

Enigma (Oakland, CA, USA, January 30 - February 1, 2017) Join a diverse mix of experts and enthusiasts from industry, academia, and government for three days of presentations and open sharing of ideas. Our focus is on current and emerging threats and defenses in the growing intersection of society and technology. Our goal is to foster an intelligent and informed conversation with the community and with the world, including a wide variety of perspectives, backgrounds, and experiences.

National Credit Union - Information Sharing & Analysis Organization - 2017 Tech Conference (Cape Canaveral, Florida, USA, January 31 - February 2, 2017) Join us for three days of Cyber Security topics that are pertinent to Credit Union cyber resilience, real-time security situational awareness information sharing, and coordinated response in the global credit union community! Protecting the Credit Union’s global infrastructure to sustain cyber resilience requires an unprecedented level of public- and private-sector cooperation, collaboration and coordination and includes access to the real-time availability of proactive “actionable” threat intelligence; analysis of potential impacts; coordinated countermeasure solutions and response; cybersecurity best practice adoption and role-based workforce education.

Southern Virginia - Cyber Security Lunch & Learn (Norfolk, Virginia, USA, February 2, 2017) Cyber security experts discuss security incident response. Dealing with cyber security risk is an exercise in managing daily chaos. Organizations know they need to improve their posture but common roadblocks often get in the way. Join us for lunch and an action-oriented discussion about ways you can improve your security incident response program in 2017. The conversation will be led by certified SANS instructor Alissa Torres, and Rsam CISO Bryan Timmerman. Attend and earn CPE credits towards your ISACA and (ISC)2 certifications.

Insider Threat Program Development Training For NISPOM CC 2 (Toms River, NJ, USA, February 6 - 7, 2017) Insider Threat Defense announced it will hold a 2 day training class on Insider Threat Program Development (NISPOM Conforming Change 2) on Feb. 6-7, 2017, in Toms River, NJ. For a limited time the training is being offered at a discounted rate of $795 (Normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop, implement and manage a robust Insider Threat Program / Working Group. Insider Threat Defense has trained over 500+ organizations and has become the "Leader-Go To Company" for Insider Threat Program Development Training.

The Risks and Benefits of Artificial Intelligence and Robotics (Cambridge, England, UK, February 6 - 7, 2017) The Risks and Benefits of Artificial Intelligence and Robotics Workshop aims to provide media and security professionals with an in-depth understanding of the implications that the rapid advancement of AI technology may affect the global community in both the physical and structural spheres and the potential impact of the future evolution of such technology, especially in terms of security. Emphasis will be given to the way in which AI and autonomous robotics can be represented and communicated in the media.

SANS Southern California - Anaheim 2017 (Anaheim, California, USA, February 6 - 11, 2017) Learn practical, relevant tips and techniques from industry leaders. Join us for SANS Southern California - Anaheim 2017, and choose from eight courses on cyber defense, penetration testing, incident response, threat hunting, ethical hacking, IT management and ICS/SCADA security. Some of our courses are in alignment with DoD Directive 8570 requirements for Baseline IA Certifications, and most courses have GIAC Certification attempts available. Take advantage of this opportunity to sharpen your skills and advance your career.

Cyber Protect Conference (Nottingham, England, UK, February 9, 2017) Business owners have been invited to attend Nottinghamshire's first-ever cybercrime conference to learn how to better protect their data. The Cyber Protect Conference is being jointly hosted by the county's Police and Crime Commissioner Paddy Tipping and Nottinghamshire Police, and will include presentations from cyber security experts. The event, which takes place on Thursday, February 9, at The Atrium in Nottingham, is free of charge and open to small and medium-sized enterprises (SMEs) across the county.

Workplace Violence & Response To Active Shooter Events Meeting (Laurel, Maryland, USA, February 9, 2017) The National Insider Threat Special Interest Group (NITSIG) will be hosting a meeting on February 9, 2017, at the Johns Hopkins University Applied Physics Laboratory, Laurel, MD. The meeting will be exclusively focused on workplace violence and responding to an active shooter event. Presenters include experts from the Occupational Safety and Health Administration (OSHA), and the Maryland State Police. It's free to attend. Prominent among the topics to be discussed will be threats directed from the Internet.

RSA Conference 2017 (San Francisco, California, USA, February 13 - 17, 2017) The current state of cybersecurity means there are many opportunities for the industry as a whole to collaborate on new innovations. Discovering the next great opportunity will require everyone to embrace new and unique perspectives from a broadly diverse base of people and sources. RSA Conference 2017 provides the opportunity for all attendees at all levels to grow their knowledge, exchange ideas with peers and further their careers. With opportunity comes great responsibility for the future. Our actions today will have a lasting impact on the strength of the industry—and the safety of the world—tomorrow. At RSA Conference 2017, you will learn about new approaches to info security, discover the latest technology and interact with top security leaders and pioneers. Hands-on sessions, keynotes and informal gatherings allow you to tap into a smart, forward-thinking global community that will inspire and empower you.

Using STIX/TAXII to share automated cyber threat data (San Francisco, California, USA, February 15, 2017) Cybersecurity experts representing the financial sector, healthcare, utilities, software providers, government, academia and nonprofits continue to define/develop the STIX/TAXII specifications as the solid foundation for standardizing threat information. This large group of public and private sector organizations and companies are working together to advance the STIX/TAXII specifications in the OASIS Cyber Threat Intelligence Technical Committee. These specs have already dramatically streamlined the analysis of threat data. We invite cybersecurity experts and decision makers to be part of the conversation.

Insider Threat Program Development Training For NISPOM CC 2 (Simi Valley, CA, USA, February 22 - 23, 2017) Insider Threat Defense announced it will hold a 2 day training class on Insider Threat Program Development (NISPOM Conforming Change 2) on Feb. 22-23, 2017, in Simi Valley, CA. For a limited time the training is being offered at a discounted rate of $795 (Normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop, implement and manage a robust Insider Threat Program / Working Group. Insider Threat Defense has trained over 500+ organizations and has become the "Leader-Go To Company" for Insider Threat Program Development Training.

Risky Business (London, England, UK, February 23, 2017) How are you tackling Cyber Crime in the Property Transaction? Join our panel of expert speakers at the IET in London to find out more about cyber crime in the property transaction and the steps you can take to protect the best interests of your firm and your client.

The 2nd China Automotive Cyber Security Summit 2017 (Shanghai, China, February 24, 2017) CACSS2017 will Provide a platform for Automotive OEMs, Tier 1 suppliers, Automotive security solution/ technology/products developers,Automotive electronics companies, IT companies, Mobile data suppliers, Automotive insurance companies, and automotive cyber security experts to address government regulations developing trends, Automotive cyber security standards, updated vulnerabilities, “Black Hat” behaviour motivations, State-of-the-Art technology solutions, critical cyber security challenges and collaboration initiatives; Help you to understand tailored smart car cyber security products and solutions, build up a set of effective cyber security management system and improve the capability of protecting smart cars. This second to non Automotive cyber security industry event will assure you to understand China Automotive cyber security industry business opportunities, network with China local customers and consolidate your worldwide leadership.

SANS Dallas 2017 (Dallas, Texas, USA, February 27 - March 4, 2017) We are pleased to invite you to attend SANS Dallas 2017, on February 27- March 4 at The Westin Dallas Downtown, located in the heart of the city. We have selected several of our top information security courses to provide you with the training and certification that you need to boost your career by learning from the best! SANS instructors are industry professionals who will ensure that you not only learn the material, but that you will also be able to apply what you learn your first day back in the office.

Autonomous Vehicles Silicon Valley (Santa Clara, California, USA, February 28 - March 2, 2017) The road to autonomy: Regulation. Consumer Acceptance. Safety & Security. Explore the latest technologies and hottest issues for the autonomous vehicles industry.

The Cyber Security Summit: Denver (Denver, Colorado, USA, March 1, 2017) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. Learn from cyber security thought leaders including: Mary McCord, Asst. Attorney General for National Security, U.S. Dept. of Justice & Chad Alvarado, Supervisory Special Agent, Cyber Task Force, FBI Denver Division. Engage in panel discussions focusing on trending cyber topics including Emerging Threats to IoT & Big Data, Insider Threats, and Compliance. Receive half off your admission with promo code cyberwire50 at CyberSummitUSA.com and view details including the full agenda, participating solution providers & confirmed speakers

International Cyber Risk Management Conference (ICRMC) (Toronto, Ontario, Canada, March 2 - 3, 2017) The third annual International Cyber Risk Management Conference (ICRMC) brings together a world class roster of experts with cross-sector, global and multidisciplinary expertise to share knowledge, lessons learned, and methodology on cyber security. We are delighted to build on last year’s very successful ICRMC. Cyber security has grown into a global pandemic and organizations of all sizes are struggling with questions on how to mitigate, manage, and transfer cyber risk. We’ve structured our agenda based on delegate feedback and our exceptional 2017 Advisory Committee is determined to provide engaging high-profile speakers and compelling content to share knowledge, captivate and educate. Visit www.icrmc.com for details.

SANS San Jose 2017 (Milpitas, California, USA, March 6 - 11, 2017) Securing and defending your network has never been more important as attacks and breaches make the news daily. Gain the skills and tools you need to win the battle against the wide range of cyber adversaries who want to harm your environment. SANS San Jose 2017 offers six hands-on, intensive cyber security training courses.

15th annual e-Crime & Cybersecurity Congress (London, England, UK, March 7 - 8, 2017) Europe's largest and most sophisticated gathering of senior cybersecurity professionals from international business, governments, law enforcement and intelligence agencies.

Investing in America’s Security: Cybersecurity Issues (Jersey City, New Jersey, USA, March 10, 2017) Please join us for the 5th Annual Northeast Regional Security Education Symposium hosted by the Professional Security Studies Department at New Jersey City University. The Symposium’s keynote address will be delivered by Milan Patel of K2 Intelligence, formerly the FBI’s Cyber Division Chief Technology Officer. Speakers include NJCCIC Director Michael Geraghty. NJCU students pursuing their D.Sc. degree will present academic research posters and a panel of experts will discuss careers in cyber security.

IAPP Europe Data Protection Intensive 2017 (London, Englan, UK, March 13 - 16, 2017) Set in London, the Data Protection Intensive delivers innovative solutions to today’s top privacy and data protection challenges. Known for its exceptional programming, the Intensive has come into its own as a leading forum for practical data protection education.

Rail Cyber Security Summit (London, England, UK, March 14 - 15, 2017) Now in its second year, the event will take place at the Copthorne Tara Kensington hotel in London between March 14th and 15th 2017 and will feature a range of experts from the rail transport industry, as well as leading Government and global cyber security leaders and academics working in the field.

CyberUK 2017 (Liverpool, England, USA, March 14 - 16, 2017) Announcing the UK government's flagship IA and cyber security event, for 2017. This is a three day event that will bring together cyber security leaders and professionals from across the UK’s information security communities from both the public and private sector. The NCSC’s partnership with information security businesses of all sizes is essential in strengthening the UK’s cyber resilience. CyberUK 2017 will play a key role in defining the role industry must play in achieving this step change, and is expected to attract 1,600 information assurance (IA) and cyber security leaders and professionals.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

Russian arrest of FSB official tied to espionage. Symantec remediates Shamoon 2. ANSSI director warns of cyber jihad. Cisco patches telepresence software. U.S. Cellular not breached. Ransomware updates. Industry notes.