Disputed questions of attribution. Social media and connected devices strike back (at ISIS). The future of ransomware.
The first week of 2017 continues to offer skeptical takes on various attributions. The conclusions being called into question range from the debunked (hacking of the Vermont power grid) through the newly controversial (Russian malware-enabled counterfire against Ukrainian guns) to the generally accepted (Russian intrusion into US political party networks).
KrebsOnSecurity has a particularly good round-up of the grid-hack-that-wasn't, with a reflective account of how the story gained currency.
Taia Global's Carr calls bunkum on CrowdStrike's "Danger Close" report on Android X-Agent targeting of artillery positions (more promised at Suits and Spooks—in the meantime SecurityWeek says that CrowdStrike stands by its report).
And many observers continue to express disappointment over the level of detailed evidence contained in the FBI-NCCIC Joint Analysis Report on Fancy Bear's election hacking (many of those same observers also note the difficulty of making such a case without disclosing more about sources and methods than would be prudent).
The Daily Beast has an account of how Islamist exploitation of social media and other online platforms for information operations has proven amphisbaenic: successful for recruiting and inspiration, but risky. Many leaders have been targeted when their phone chatter exposed their location.
Recorded Future publishes its forecast of ransomware's future—contra McAfee Labs, it sees digital extortion growing in 2017. Their first prediction is that "Ransomware will become just another tool in the hacker utility belt." Carbonite argues in its own study of ransomware trends that such attacks will serve increasingly as diversions (the way DDoS has).
Today's issue includes events affecting Brazil, China, Iran, Mozambique, Philippines, Russia, Ukraine, United Kingdom, and United States.
In today's CyberWire podcast, we hear from our partners at Accenture Labs, as Malek Ben Salem discusses Deep Learning.
If you've been enjoying the podcasts, please consider giving us an iTunes review.
A special edition of our Podcast is also available. It covers buying cyber security. Every day there seems to be a new security product on the market, with many of them claiming to provide something that you simply can’t live without. Companies appear and disappear, and businesses are faced with difficult, confusing, and often expensive choices. In this CyberWire special edition, we explore how businesses are navigating the process of choosing products and technologies in a crowded marketplace. We talk to some key stakeholders to find out what drives their purchasing decisions, and what they wished their vendors knew before they came knocking on their doors.
Cyber Attacks, Threats, and Vulnerabilities
Fatal Attraction: ISIS Just Can’t Resist Social Media (Daily Beast) From the Taliban to the so-called Islamic State, computers, cellphones, and social media are used as vital weapons—and offer critical vulnerabilities
Doubts cast on claim that Russia hacked Ukraine's military via Trojanised Android app (Computing) CrowdStrike report described as "delusional" by Ukrainian artillery officer
Experts Doubt Russia Used Malware to Track Ukrainian Troops (SecurityWeek) Experts have cast doubt on a recent report claiming that hackers linked to a Russian military intelligence agency used a piece of Android malware to track Ukrainian artillery units
The GRU-Ukraine Artillery Hack That May Never Have Happened (LinkedIn) Crowdstrike’s latest report regarding Fancy Bear contains its most dramatic and controversial claim to date; that GRU-written mobile malware used by Ukrainian artillery soldiers contributed to massive artillery losses by the Ukrainian military. “It’s pretty high confidence that Fancy Bear had to be in touch with the Russian military,” Dmitri Alperovich told Forbes. “This is exactly what the mission is of the GRU”
Philippine Military Website Hacked and Defaced (HackRead) The hacker behind this defacement wants admin to implement proper security on the site
Lone Hacker Defaces Google Brazil Domain (HackRead) The defacer says he did it to show nothing is secure
Project Zero calls out Kaspersky AV for SSL interception practices (ZDNet) Using an SSL proxy that simplistically stored certificates, Kaspersky Anti-Virus left its users open TLS certificate collisions
Caution: Cybercriminals may use ransomware as a diversion (Carbonite) Ransomware computer viruses are becoming more sophisticated—and so are the attacks that make use of ransomware. In some cases, ransomware is used to disable access to a machine so criminals can perform further actions without being tracked. Criminals have also used ransomware to cause chaos and avoid detection after hacking into a network and stealing data
Ransomware on smart TVs is here and removing it can be a pain (CSO) This Christmas brought one of the first documented cases of an Android-based smart TV being infected with ransomware
Thugs developing cat-themed ransomware for androids and hitler ransomware for pcs _ computerworld bitcoin as a currency (Financial Handbook) Thugs developing cat-themed ransomware for androids and hitler ransomware for pcs _ computerworld bitcoin as a currency What do a cute cat and Hitler have in common? Both are featured in ransomware; Hitler targets PCs and the cat-themed ransomware targets Androids. Both are also considered to be under development at this time, meaning neither are currently big, bad boogeyman threats let loose in the wild to infect the masses. Accept bitcoin Things could change if either ransomware is fully developed
Leet IoT Botnet Bursts on the Scene with Massive DDoS Attack (Infosecurity Magazine) Just 10 days before the end of 2016, researchers from Imperva uncovered a massive 650Gbps DDoS attack generated by a new internet of things (IoT) botnet, dubbed “Leet” after a character string in the payload. It’s the first that can rival Mirai
Dyn DDoS: What It Means for Supply Chain Security (Tripwire: the State of Security) By now, you have probably heard about one, maybe two massive Distributed Denial of Service (DDoS) attacks that occurred near the end of 2016. The first was Brian Krebs being subjected to a 620 Gbps DDoS. The second, and more noticeable, attack targeted DNS provider Dyn and took down parts of Twitter, Amazon, and other Dyn clients’ infrastructure on the East Coast in the process
Kaspersky warning on Switcher Trojan that uses Android devices to compromise routers (Inquirer) Android malware? That's unusual, isn't it?
Latest iMessage Hack Crashes iPhone within Minutes (HackRead) The hack targets iPhones on iOS8 to iOS10.2.1
Attacks on Phones of Bitcoin Moguls Continue with Recent KeepKey Security Breach (Bleeping Computer) On the last day of 2016, KeepKey, a vendor of Bitcoin hardware wallets, has notified users of a security breach that inadvertently exposed some of its customers' details
Topps Data Breach Exposes Months of Credit Card Data (eSecurity Planet) Customers who shopped at the company's website between July 30 and October 12 of 2016 may be affected
Pentagon subcontractor leaks classified personnel data (Federal Times) A security researcher at the MacKeeper Security Research Center has revealed a Pentagon subcontractor exposed sensitive U.S. military health care personnel data thanks to an insecure server backup protocol
LA Valley College Hit By Cyber Attack (CBS Los Angeles) Los Angeles Valley College in Valley Glen was subject to a cyber attack over the winter break but it is not known how large the breach was, officials said Tuesday
ICO ‘Breached Public Data’ Several Times Since 2013 (Infosecurity Magazine) Data protection watchdog the Information Commissioner’s Office (ICO) has been forced to take action several times over the past few years to prevent breaches at its own offices, according to a new investigation
Security Patches, Mitigations, and Software Updates
Mozilla to scrap Firefox support on Windows XP and Vista in 2017 (Computerworld) One of the last hold-outs finally sets retirement date for senior citizen XP
Box[.]com Plugs Account Data Leakage Flaw (Threatpost) Box.com has changed the way it handles publicly shared accounts and folders after a researcher found confidential documents and data belonging to Box.com users via Google, Bing and other search engines. While Box.com maintains this is a case of its customers unintentionally over-sharing, it says it has “fixed” the issue
7 Ransomware Trends to Watch for in 2017 (Recorded Future) In November McAfee Labs released its 2017 Threat Predictions report and one of the predictions that has gotten a lot of press is that McAfee expects ransomware attacks to decrease in 2017
Cloudmark Security Predictions for 2017 (Cloudmark) The Internet of Things will be an ever-increasing threat
Sophos cautions firms against increased cybercrimes menace (Guardian) Sophos Group, a security software and hardware company, has called on organisations to prepare adequately well against possible attacks from cyber criminals in 2017
Will the cloud be a safe haven for data in 2017? (CSO) Experts offer differing opinions on where cloud security is headed
CEOs Reveal Cyber Naiveté as Incidents Rise and Losses Mount (Information Management) A new cybersecurity study from RedSeal finds that more than 80 percent of CEOs are very confident in their firm’s cybersecurity strategies, despite the fact that security incidents have surged 66 percent since 2009 according to PricewaterhouseCoopers’ 2017 Global State of Information Security Survey
The Biggest Security Threats Coming in 2017 (Wired) Whether it was a billion compromised Yahoo accounts or state-sponsored Russian hackers muscling in on the US election, this past year saw hacks of unprecedented scale and temerity. And if history is any guide, next year should yield more of the same
Cybersecurity Stocks for 2017 (Investopedia) Investors were drawn to cybersecurity stocks in 2016 in light of headline-making data breaches and a heightened demand for cloud and Internet of Things (IoT) protection. But at the same time, many cybersecurity stocks suffered from increasing competition, slowing sales growth and low profitability as they evolved to meet the demands of a disrupted sector
Top 5 Vendors in the E-mail Encryption Market from 2017 to 2021: Technavio (BusinessWire) Technavio has announced the top five leading vendors in their recent global e-mail encryption market report. This research report also lists 12 other prominent vendors that are expected to impact the market during the forecast period
Why Verizon Could Press Yahoo for a Discount in Buyout Deal (Market Realist) Yahoo’s password reset move could trigger user outflow
Yahoo Customer Database Unaffected By Breaches (Dark Reading) Verto Analytics study reveals longtime users prefer sticking to Yahoo despite hacks to avoid switching hassles
Sirius Acquires Continuum Security Solutions (Military & Aerospace Electronics) Sirius Computer Solutions, Inc., a leading national IT solutions integrator, has acquired Continuum Worldwide Corporation, dba Continuum Security Solutions (Continuum), an information security company based in Omaha, Nebraska. The acquisition was finalized on December 30 and expands Sirius' security and compliance solutions portfolio
Clearlake Capital Buys Security Software Company LANDesk (Wall Street Journal) The private-equity firm is buying the security software company for more than $1.1 billion
Virginia cybersecurity firm keeps growing with deal to buy Linthicum company (Baltimore Business Journal) International cybersecurity company MacAulay-Brown Inc. acquired a Linthicum-based cloud engineering, software and data analytics firm, marking its third acquisition in four years
Intercede Raises £5M (Insider Media) Lutterworth-based digital identity software business Intercede Group has conditionally raised £5m through the issue of convertible loan notes
CYBERCOM setting up new acquisition office for rapid procurement funds (Federal News Radio) U.S. Cyber Command will soon be hiring an acquisition expert to handle the $75 million Congress afforded the command in last year’s defense authorization act
Cyber security career has massive potential (Belfast Telegraph) OWASP's AppSec EU conference coming to Belfast in May
Peerlyst to Sponsor Experts Building InfoSec Tools (PRNewswire) Peerlyst has launched a program that will pay up to $10,000 to information security professionals developing tools that will benefit others in the field
MetricStream Recognized as a Leader in Gartner 2016 Magic Quadrant for Operational Risk Management Solutions Report (PRNewswire) MetricStream is a leader in the Gartner 2016 ORMS Magic Quadrant for the third consecutive year
NextLabs Announces Industry Veteran Patrick Ball Joins Company as Senior Vice President of Global Sales (Le Lézard) NextLabs, a leading provider of data-centric security software to protect business critical data and applications, announced that Patrick Ball joined NextLabs to run global sales operations for the company. Ball's responsibilities will include day-to-day operations for all aspects of direct and indirect sales to enable NextLabs to continue its rapid growth on a global scale
Corero Network Security director Andrew Lloyd to take up executive roles (Proactive Investors) "We are delighted that Andrew has agreed to join Corero as president and executive vice president sales and marketing,” said chairman Jens Montanana
GlobalPlatform Announces 2017 Board of Directors (Bobsguide) Focus remains on safeguarding connected devices and establishing a security baseline for protection of digital assets
Products, Services, and Solutions
The Kudelski Group Launches IoT Security Center of Excellence to Address Demand for Increased Protection of Connected Devices (PRNewswire) Security pioneer leverages more than 20 years of expertise in protecting devices and content to bring customers end-to-end approach for overcoming emerging threats and capitalizing on lucrative IoT market
Dashlane and Intel Collaborate to Create Unrivaled Password Protection (PRNewswire) Dashlane's patented security architecture bolstered with addition of Intel SGX technology
Md. firm gets Verizon certification for ‘game-changing’ IoT device (Baltimore Record) An Annapolis company specializing in low-power networking has received certification for a device that lets manufacturers connect sensors or embedded apps to the internet through a cellular network. Link Labs Inc.'s low power LTE Cat-M1 sensor suite has been certified by Verizon for its 4G LTE Network
Symantec's Norton Core router aims to protect the connected home (Engadget) It looks like a disco ball
Bitdefender’s Box 2 promises to be the security solution for your smart home (Yahoo! Tech) Bitdefender on Tuesday announced the second-generation Box, a revamped security system for your home network and smart home devices. Promising to provide unparalleled protection from fraud, phishing, and network attacks, the Box 2 could be the security solution for your superconnected smart home
Fortinet’s Michael Xie: How to secure the cloud (Network World) Fortinet President and CTO Michael Xie discusses the challenges and the role of the security fabric for cloud environments
ClickSSL Announces Platinum Partnership with Comodo – #1 Certification Authority (Sat Press Releases) ClickSSL, a foremost leader in SSL certificate providers, today unveils its new gem named Comodo CA to be added to its authenticated certificate authorities — now becoming a platinum partner of Comodo certificate authority to support its current and potential customer base by providing vast SSL certificate products
FireMon Announces Future Support for Check Point R80 Devices (Marketwired) Company extends industry lead with most comprehensive support for large, complex networks
Attivo Networks and Check Point Software Team Up to Improve Detection and Accelerate the Incident Response of Advanced Threats (Marketwired) ThreatMatrix and Check Point R80 Integration automates the identification, blocking and data exfiltration of attacks
Gemalto helps AT&T for secure IoT applications (Business Standard) Digital security giant Gemalto is supplying American telecommunication giant AT&T with a remote subscription management solution that will enable its customers to deploy a secure Internet of Things (IoT) applications in the US and globally
Technologies, Techniques, and Standards
How to Build a Culture of Cybersecurity (Infosecurity Magazine) It is clear from the headlines about breaches that many people still do not take cybersecurity seriously. The majority of these breaches were enabled by an employee inadvertently taking an action that enabled the breach. In spite of the highest levels of management insisting that it is a priority to protect data, why is it that some of us take those enabling actions? Why isn't everyone on board with cybersecurity?
Design and Innovation
2017: The Year of Self-Driving Cars and Trucks (IEEE Spectrum) Connected cars and driverless fleet cars are on the way. How will we deal with them?
Ford and Toyota launch consortium to help developers build in-car apps (TechCrunch) Drivers expect their cars and smartphones to seamlessly work together. Both Apple and Google offer their respective services for connecting phones to a car’s infotainment system, but the car industry isn’t ready to completely cede the center console to Silicon Valley. Ford and Toyota have long been unlikely allies in this area. A few years ago, with AppLink, Ford started giving a select number of mobile app developers the ability to integrate their smartphone apps with its Sync infotainment system. It then open-sourced it under the SmartDeviceLink moniker back in 2013 and Toyota was one of the first third-party car manufacturers to adopt it for its cars
Ford to build hybrid Mustang, all-electric SUV and autonomous ride-sharing vehicle by 2021 (International Business Times) Electrified Mustang, Transit and F-150 to arrive by 2020 with 300-mile range electric SUV due a year later
FEV North America, Inc. becoming one-stop shop for smart vehicle technology (PRNewswire) Smart / connected vehicle development and cyber security to be a highlight of FEV exhibit at CES
You can’t unsee Tedlexa, the Internet of Things/AI bear of your nightmares (Ars Technica) A Teddy Ruxpin + an Arduino + a Raspberry Pi + Amazon Alexa = What could go wrong?
Backbytes: Samsung doubles-down on ghastly internet-connected fridges (Computing) Taking no notice of us, Samsung introduces connected refrigerators you can talk to
Legislation, Policy, and Regulation
Weaponized Narrative Is the New Battlespace (Defense One) And the U.S. is in the unaccustomed position of being seriously behind its adversaries
Chinese Information Warfare: The Panda That Eats, Shoots, and Leaves (Washnigton Free Beacon) Chinese hackers stole Google search engine secrets
The End of the End of the Cold War (Foreign Policy) Twenty-five years ago this week, the Soviet Union lost the Cold War. And 25 years later, Russia renegotiated the terms of surrender
Sen. Mike Rounds: Time for a real strategy to keep Americans safe from cyber threats (Fox News) It is alleged that in recent months, the Russian government conducted cyber hacks of the Democratic National Committee (DNC) server and attempted to hack the Republican National Committee (RNC) email system
Donald Trump uses Twitter to cast new doubt on US intelligence agencies ahead of meeting over alleged Russian hacking (Independent) President-elect has repeatedly attacked claims Russia interfered in election in his favour
Inside the Secret Service’s First Cyber Strategy (SIGNAL) The new action plan supports the protective agency’s high operational tempo
Watch out hackers: Deploying ransomware is now a crime in California (Ars Technica) Previously, prosecutors had to rely on the state's extortion statute
Litigation, Investigation, and Law Enforcement
Russian Election Hacking Allegations Top US Senate Agenda (Defense News) Russian hacking allegations will take center stage in the US Senate this week, and in the coming weeks, as Armed Services, Foreign Relations and Intelligence committee leaders meet to set an agenda for a series of cybersecurity hearings
The Download on the DNC Hack (KrebsOnSecurity) Over the past few days, several longtime readers have asked why I haven’t written about two stories that have consumed the news media of late: The alleged Russian hacking attacks against the U.S. Democratic National Committee (DNC) and, more recently, the discovery of malware on a laptop at a Vermont power utility that has been attributed to Russian hacker groups
Obama’s Disclosure About Russian Hacking Is A Cybersecurity Gold Mine (Huffington Post) Public disclosures like this enable collective cyber defense through information sharing
Ex-CIA head: More than one country could be behind hacking (The Hill) Former CIA Director James Woolsey says political hacks in the U.S. could be the work of more than one foreign country
What the Washington Post’s Hacked Electrical Grid Report Got Wrong (Fortune) A Washington Post report on Friday said that Russian hackers had breached the nation's power grid via a utility in Vermont, citing unnamed U.S. officials. Almost immediately, digital security experts panned the story, criticizing it as prematurely alarmist and lacking key details
Claims that Russia hacked the US election and power grid are ‘overblown’ (Naked Security) The Washington Post has walked back a story claiming Russian malware was found in the systems of a Vermont utility. The paper earlier linked it to the same operation US officials say was used to interfere with the 2016 presidential election, and flagged it as a potentially larger threat to the nation’s power grid
Washington Post backtracks on frenzied reporting of Russian hack attack against power grid (Graham Cluley) Don’t panic
Vermont Grid 'Hack' Latest Tumble Down Attribution Rabbit Hole (Threatpost) A Vermont utility was for a brief moment last week at the center of a geopolitical scandal in which the Russian government was implicated in an attack against a U.S. electric grid
Russia did not hack Vermont electric utility: report (The Hill) Russian hackers do not appear to be behind an attack on a Vermont electric utility, reports the Washington Post, citing officials close to the investigation of a potential activity first reported by the Post last week
Trump Says Intelligence Officials Delayed Briefing on Russian Hacking (New York Times) President-elect Donald J. Trump said Tuesday that intelligence officials had delayed briefing him on their conclusion that Russia interfered in the 2016 election and suggested, with no evidence, that they might be buying time to assemble a more substantial case
Donald Trump’s Team Now Says He Won’t Reveal Anything About Hacking (GQ) Which he knows “a lot” about, apparently!
Police mull gathering crime evidence from smart home devices (Naked Security) Detectives are being trained to process data gathered from Internet of Things (IoT) “smart” devices for use in criminal investigations, Scotland Yard’s forensic head Mark Stokes has told The Times
Washing machine will turn detective (Times) Fridges, coffee makers, washing machines and lightbulbs will soon provide alibis or important crime scene evidence, according to Scotland Yard’s head of digital forensics
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
S4X17 ICS Security Conference (Miami Beach, Florida, USA, Jan 10 - 12, 2017) Three Days of advanced ICS cybersecurity on three stages with the top 500 people in ICS security. Main Stage - The big names (Richard Clarke, Renee Tarun, ...) and forward looking topics (ICS certification, machine learning, ExxonMobil project, securing IoT, industrial drones, cyber PHA, workforce development). Stage 2: Technical Deep Dives - the classic S4 sessions in gory technical detail. If you ever said you wanted more at an ICS event, this is where you get it. Sponsor Stage - the sessions on this stage alone rival what you would see at most other ICS security events. They are the same speakers you might see at other events, but they up their game for the advanced S4 crowd. Social Events - We all attend conferences as much to establish and renew relationships with our peers as to see the sessions. The people you want to meet and know in ICS cybersecurity are all at S4.
OWASP Annual AppSec EU Security Conference (Belfast, UK, May 8 - 12, 2017) Welcome to OWASP Annual AppSec EU Security Conference, the premier application security conference for European developers and security experts. AppSec EU provides thought leadership, amazing talks, informative sessions, and great social experiences. During the pre-conference (Monday 8th - Wednesday 10th May 2017) there is the opportunity to attend one of the many trainings courses on offer from industry experts, plus project summits and outreach sessions to the future pioneers of the application security industry. The main conference (Thursday 11th & Friday 12th May) offers four full tracks of talks, for pentesters and ethical hackers, developers and security engineers, DevOps practices and GRC/risk level talks for managers and CISOs.
CES® CyberSecurity Forum (Las Vegas, Nevada, USA, Jan 5, 2017) Now in its second year, the CES® CyberSecurity Forum presented by CyberVista is designed to ensure all stakeholders in developing high tech solutions understand the complexity and the need for action in the cybersecurity arena. The IoT, connected cars, new payment systems, VR and AR, wearables and our mobile devices all add new levels of concern to protecting our personal and corporate data. In this day-long conference, we’ll tackle the world of cybersecurity that demands we go far beyond the simple passwords and anti-virus protection of yesterday.
SANS Security East 2017 (New Orleans, Louisiana, USA, Jan 9 - 14, 2017) Start the year off right by choosing from outstanding, cutting-edge courses presented by our top-rated instructors. SANS is looking forward to an exciting kickoff of 2017 with SANS Security East 2017 in the "Big Easy" in January. Now is the time to improve your information security skills and laissez les bons temps rouler!
Suits and Spooks DC 2017 (Arlington, Virginia, USA, Jan 11 - 12, 2017) “What we are creating now is a monster whose influence is going to change history, provided there is any history left.” (John von Neumann) When John von Neumann said those words in 1952, he didn’t mean the Atomic bomb that he helped create as a scientist with the Manhattan Project. He was referring to his revolutionary work in high speed computing. Over sixty years later, the computer has revolutionized every aspect of our life – from currency to medicine to warfare. Our almost total reliance upon insecure software and hardware has made the world less safe, and has fundamentally changed the power equations between State and Non-State actors. Suits and Spooks 2017 will focus on identifying the world’s most valuable new technologies, who the threat actors are that are looking to acquire them, and what can be done to stop them.
Global Institute CISO Series Accelerating the Rise & Evolution of the 21st Century CISO (Scottsdale, Arizona, USA, Jan 11 - 12, 2017) These intimate workshops address the challenges that Board of Directors are placing on security and risk executives, and how to successfully manage and communicate today’s enterprise and organizational threats. These are an intense “roll your sleeves up” thought leadership discussions on How Cyber is Driving the New Board Perspective on Enterprise Risk Management. Attendance is limited to 30 Security and Risk Executives from Global 2000 corporations. For Chief Security Information Officers, Chief Information Officers, and Chief Risk Officers, by invitation only (apply to attend).
Cybersecurity of Critical Infrastructure Summit 2017 (College Station, Texas, USA, Jan 11 - 13, 2017) An inaugural event to convene thought-leaders, experts, and strategic decision makers from government, industry, and academia to discuss the technology and policy implications of the ever-evolving cyber-threats to critical infrastructures. This summit will focus on two sectors that are among those at greatest risk, the energy and manufacturing sectors. Highlighting emerging technologies and policy initiatives, this event will foster the development of high impact strategies to address the many interrelated cybersecurity challenges we face in the protection of our nation’s critical infrastructures.
ShmooCon 2017 (Washington, DC, USA, Jan 15 - 17, 2017) ShmooCon is an annual east coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software and hardware solutions, and open discussions of critical infosec issues. The first day is a single track of speed talks called One Track Mind. The next two days bring three tracks: Build It, Belay It, and Bring It On.
SANS Las Vegas 2017 (Las Vegas, Nevada, USA, Jan 23 - 28, 2017) Attend SANS Las Vegas 2017, where SANS will provide outstanding courses in IT security, forensics, and security management presented by the best cybersecurity teachers in the country. At SANS events you get the kind of hands-on, immersion training that you can put to work immediately.
BlueHat IL (Tel Aviv, Israel, Jan 24 - 25, 2017) Announcing BlueHat IL – a special edition of Microsoft's leading cyber security conference for top professionals, to be held for the very first time in Tel Aviv, Israel. Over the past 10 years, BlueHat conferences have drawn the brightest minds in security to discuss key industry challenges. And now, BlueHat IL is here to crank it up by exploring and creating new cyber security thoughts and boundaries. This exclusive, by invitation only, single track event will host top cyber security professionals from around the world, who will come together to tackle the present and peek into the future. It will feature brilliant speakers and focus on breakthrough research, key trends and emerging threats in the field. Registration closes December 28.
SANS Cyber Threat Intelligence Summit & Training 2017 (Arlington, Virginia, USA, Jan 25 - Feb 1, 2017) Join SANS at this innovative Summit as we focus on enabling organizations to build effective cyber threat intelligence analysis capabilities. Most organizations are familiar with threat intelligence, but have no real concept of how to create and produce proper intelligence. The 2017 Summit will focus on specific analysis techniques and capabilities that can be used to properly create and maintain Cyber Threat Intelligence in your organization. Attend this summit to learn and discuss directly with the experts who are doing the CTI analysis in their organizations. What you learn will help you detect and respond to all ranges of adversaries including some of the most sophisticated threats targeting your networks
Blockchain Protocol and Security Engineering (Stanford, California, USA, Jan 26 - 27, 2017) This conference will explore the use of formal methods, empirical analysis, and risk modeling to better understand security and systemic risk in blockchain protocols. The conference aims to foster multidisciplinary collaboration among practitioners and researchers in blockchain protocols, distributed systems, cryptography, computer security, and risk management.