The CyberWire Daily Briefing 10.19.17

Summary

By The CyberWire Staff

A recently patched .NET vulnerability, CVE-2017-8759, is being exploited in the wild by a threat actor believed to be operating from China, possibly under Chinese government control. Most recently Proofpoint has seen this threat group active against a US research center and shipbuilding industry targets. Proofpoint calls the cyber espionage group "Leviathan." Leviathan is using "torpedo recovery programs" as phishbait.

F-Secure last year observed the group's NanHaiShu malware deployed against Philippine targets. F-Secure hasn't attributed the activity to the Chinese government, but others perceive connections between the threat actor and attempts to advance Chinese interests in disputes over territorial waters in the South China Sea.

The ATM malware "Cutlet Maker" is able to jackpot the cash machines (a video of what this looks like is available on Bleeping Computer) and Kaspersky has found it for sale in criminal markets for $5000. Cutlet Maker comes bundled with a password generator and an app that can tell the crooks what's inside the particular ATM they're working.

Locky seems to be holding its place atop the ransomware leaderboard.

A New York judge is shocked to learn that the NYPD's large evidence database isn't backed up.

CyberArk describes a proof-of-concept it's calling "BoundHook" that enables post-intrusion application hooking and stealthy manipulation in Intel’s Skylake microprocessor. Microsoft calls BoundHook more stealth technique than exploit, since it functions to conceal activity in an already compromised machine.

More malicious apps surface in Google's Play Store, among them Sockbot, malware that ropes Minecraft-playing devices into a botnet.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, China, European Union, Iraq, Philippines, Russia, Syria, United States

Are your needs being addressed at every stage of the cyber attack cycle?

Security organizations face numerous challenges, from increasingly large volumes of data and lack of tools and trained staff to validate intelligence, to the inability to operationalize threat intelligence. Learn how the threat intelligence-as-a-service model can strengthen and complement security postures of varying maturity levels in a webinar with Intellyx’s Principal Analyst Charles Araujo and LookingGlass’ Doug Dangremond, Senior Vice President of Threat Intelligence Services. Thursday, November 9 @ 2PM ET. Sign up now.

On the Podcast

In today's podcast, we hear from our partners at the University of Maryland's Center for Health and Homeland Security, as Ben Yelin offers some follow-up on President Trump’s cybersecurity executive orders. Our guest is Dinah Davis from Code Like a Girl with an update on their educational activities.

Sponsored Events

SecurityWeek’s 2017 ICS Cyber Security Conference (Atlanta, Georgia, USA, October 23 - 26, 2017) As the largest and longest-running cyber security-focused conference for the ICS/SCADA sector, SecurityWeek’s ICS Cyber Security Conference caters to the energy, utility, chemical, transportation, manufacturing, and other industrial and critical infrastructure organizations, including the military.

Earn a master’s degree in cybersecurity from SANS (Online, October 30, 2017) Earn a master’s degree in cybersecurity from SANS, the world leader in information security training. Learn more at a free online information session on Monday, October 30th, at 3:00 pm ET. For complete information on master’s degree and graduate certificate programs, visit www.sans.edu.

Cyber Security Summit: Boston and Los Angeles (Boston, Massachusetts, USA, November 8, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security on November 8 in Boston and November 29 in Los Angeles. Register with promo code cyberwire50 for half off your admission (Regular price $350).

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

Parsing the North Korean Cyber Threat (The Diplomat) To combat North Korea's cyber activity, we must first understand it.

Could North Korea be framed for global cyberattacks? (International Business Times UK) "Attribution of these attacks is extremely difficult," warns Trend Micro researchers.

Recently Patched .NET Flaw Exploited by China-Linked Cyberspies (Security Week) A cyber espionage group previously linked to China has been using a recently patched .NET vulnerability in attacks aimed at organizations in the United States, including a shipbuilding company and a university research center with ties to the military.

Mysterious cyber espionage campaign uses 'torpedo' lure to trick you into downloading malware (ZDNet) Researchers at Proofpoint say the 'Leviathan' threat group is regularly launching phishing and malware attacks in an effort to steal sensitive data

SourceClear: How we found exploitable zero-days in the open-source GlassFish server with the Security Graph Language (SourceClear) We have long had a thesis that when free open-source software projects are forked into commercial versions, then the free open-source version no longer gets the …

ATM Malware Sold on Underground Markets for $5K (Security Week) A recently discovered piece of malware targeting automated teller machines (ATM) is being sold on underground markets for $5,000, Kaspersky Lab reports.

Here's a Video of the Latest ATM Malware Sold on the Dark Web (BleepingComputer) A hacker or hacker group is selling a strain of ATM malware that can make ATMs spit out cash just by connecting to its USB port and running the malware.

A Look at Locky Ransomware’s Recent Spam Activities (TrendLabs Security Intelligence Blog) Locky ransomware has come a long way since first emerging in early 2016. Despite the apparent hiatuses, Locky remains a relevant and credible threat.

New Locky Ransomware Strain Emerges (Dark Reading) Latest version goes by the .asasin extension and is collecting information on users' computer operating system and IP address.

BoundHook Attack Exploits Intel Skylake MPX Feature (Threatpost) A new attack method takes advantage a feature in Intel’s Skylake microprocessor allowing for post-intrusion application hooking and stealth manipulation of applications.

CyberArk Discovers New Rootkit-Enabling Hooking Technique For Intel Processors (Tom's Hardware) CyberArk discovered a new hooking technique for Intel processors that allows attackers to create persistent malware (rookits) on Windows machines.

Necurs Malware Will Now Take a Screenshot of Your Screen, Report Runtime Errors (BleepingComputer) Malware families evolve on a daily basis, but some updates catch your eye more than others. Necurs has just gone through one of these "interesting" updates, according to US security firm Symantec.

Google Play apps with as many as 2.6m downloads added devices to botnet (Ars Technica) Your periodic reminder: Google is chronically unable to detect untrustworthy apps.

Malicious Minecraft Apps on Google Android Could Turn Devices into Bots (Dark Reading) New 'Sockbot' malware has 'highly flexible proxy topology' that might be leveraged for a variety of nefarious purposes.

Android malware on Google Play adds devices to botnet (Symantec Security Response) Symantec has found eight apps infected with the Sockbot malware on Google Play that can add compromised devices to a botnet and potentially perform DDoS attacks.

88 Percent of Java Apps Susceptible to Widespread Attacks from Known Security Defects, According to New Research from CA Veracode (Marketwired) Study finds that less than 28 percent of organizations are actively monitoring the components that could lead to security breaches

YouTube Suspends Account of Chinese Dissident (Washington Free Beacon) YouTube has suspended the video account of popular Chinese dissident Guo Wengui amid a mounting pressure from the Beijing government.

Domino's blames data breach on former supplier's systems (Guardian) Customers complain about ‘eerie’ personalised spam emails and lack of communication from pizza seller

Reckitt Benckiser sees ongoing impact from cyber attack (Yorkshire Post) Household goods giant Reckitt Benckiser has warned over sales for the second time in three months as it grapples with “challenging” markets and the ongoing impact of a recent cyber attack.

BeyondTrust Reveals SMB IT Cybersecurity Lapses (PYMNTS.com) Corporate fraud is at new highs. Cybersecurity threats are burdening small and large businesses (SMBs) alike. And yet, according to analysts at BeyondTrust, professionals are still using passwords like “12345” to protect their systems. While cybersecurity experts recommend that organizations deploy a Privileged Access Management (PAM) solution — a tool that enables businesses to consolidate and […]

Al-Qaida set to gain as Islamic State group disintegrates (Military Times) Over several nights in September, some 10,000 men, women and children fled areas under Islamic State control, hurrying through fields in northern Syria and risking fire from government troops to reach a province held by an al-Qaida-linked group.

Cyber Trends

Top 5 cybersecurity facts, figures and statistics for 2017 (CSO Online) Predictions and observations provide a 30,000-foot view of the cybersecurity industry.

The Global State of Information Security Survey 2018 (PwC) Strengthening digital society against cyber shocks

Most organizations don't have SSH security policies in place (Help Net Security) Most organizations have not implemented SSH security policies and restricted SSH access configurations because they do not understand the risks.

5 cybersecurity predictions (that might actually come true) (Naked Security) We asked some security professionals what they’re actually planning to deal with

The hard truth about cyberattacks, says Tanium CEO: There’s no complete fix (SiliconANGLE) The hard truth about cyberattacks, says Tanium CEO: There’s no complete fix

How Do Hacked Companies Get Hacked? (Northrop Grumman) Cyberattacks make for big headlines. Hacked companies (and other organizations) get hit with a triple whammy.

Marketplace

Dodging Russian Spies, Customers Are Ripping Out Kaspersky (The Daily Beast) Inadvertently or not, Kaspersky has betrayed customer trust.

Duo Security Raises $70 Million, Earning Valuation of More than $1 Billion (GlobeNewswire News Room) Duo will use round of funding led by Meritech Capital Partners and Lead Edge Capital to expand global operations and fund increased innovation in the Trusted Access space

CSRA To Buy Application Development Firm For $235M To Strengthen Intelligence Capabilities (CRN) Praxis Engineering Technologies is an IBM Tier 1 service provider and holds more than 50 technical certifications around IBM's Rational Software Platform, which govern best practices for software development.

Resolver Acquires RiskVision, a Recognized Leader in Integrated Risk Management Software for Security Operations (BusinessWire) Resolver finalizes the acquisition of RiskVision Inc, increasing their market position in IT Risk and Compliance markets.

SAIC takes in $93M Cybercom support task order (Washington Technology) Science Applications International Corp. wins a potential five-year, $93 million Cyber Command support services task order.

Salient CRGT Awarded Contract to Provide Engineering Support (PRNewswire) Salient CRGT announced the award of a $3.2 million subcontract to...

Fortinet's Underappreciated Growth Story (Benzinga) Fortinet Inc (FTNT) is an underappreciated subscription growth story, Deutsche Bank said in a Tuesday note.

Microsoft Takes Jab Back at Google's Security Team (BleepingComputer) No good deed remains unpunished, they say, and so is the case of the recent spat between Google and Microsoft's security teams.

Boston cybersecurity firm Rapid7 is considering new HQ options (Boston Business Journal) The company first leased 43,000 square feet at 100 Summer St. in late 2013, and has since expanded its headquarters to 66,138 square feet across two floors.

John Czupak: A Serial Entrepreneur’s Adventures in Cybersecurity (Robert H. Smith School of Business, University of Maryland) On this episode of Bootstrapped, we interviewed UMD alumnus and serial entrepreneur John Czupak, the President and CEO of ThreatQuotient. Before ThreatQuotient, John worked at Sourcefire in a variety of roles from 2002 to 2013, until he ultimately engineered a $2.7 billion acquisition with Cisco, the 3rd largest pure play cybersecurity acquisition ever. In this episode, John discusses the approach, mindset and key factors that cybersecurity startups must implement to be successful in a competitive environment.

Goldman Sachs Recognizes Cylance Chairman and CEO Stuart McClure for Entrepreneurship (4-Traders) Cylance® Inc., the company that revolutionized the antivirus industry with AI-powered prevention that blocks everyday malware along with today’s most advanced cyberthreats, announced that Goldman Sachs (NYSE:GS) is recognizing Cylance Chairman and CEO Stuart McClure as one of the 100 Most Intriguing Entrepreneurs of 2017 at its Builders + Innovators Summit in Santa Barbara, California.

Appthority Names Anne Bonaparte as CEO (BusinessWire) Appthority, the global leader in enterprise mobile threat protection, announced that Anne Bonaparte has joined the company as its new CEO.

Products, Services, and Solutions

Duo Security Enhancements Shine Light on Unauthorized Devices and Introduce Single Sign-On for All (Duo Security) On the heels of a $70 million Series D funding round at $1.17 billion valuation, Duo Security today also announced enhancements to its flagship Duo Mobile app and new innovations which help harden user and mobile device security as attackers poke holes in the traditional, perimeter-based security model.

InfoArmor Delivers Operatively-Sourced Advanced Intelligence Feature Sets to SIO4 for Their New Mid-Market Offering of Safe House™ - Total Threat Intelligence (Marketwired) SiO4 to brand SAFE HOUSE in part "Powered by InfoArmor"

Opus Helps Companies Respond to May 2018 Regulatory Deadline with New GDPR Solution (Sys-Con Media) Opus launches Third Party GDPR Compliance solution to prepare for May 2018 deadline, facilitating easy, effective management of third-party risk.

Microsoft adds classified, blockchain, more to government cloud platform (Fifth Domain) At its annual Government Cloud Forum, Microsoft announced new advances for its Azure Government program, a U.S. government based cloud system.

AvePoint Launches the Latest Release of the Privacy Impact Assessment System with Newly Integrated Microsoft GDPR Detailed Assessment at the IAPP P.S.R. Conference 2017 (PRWeb) AvePoint to share its expertise about the importance of metadata and profile three GDPR-focused solutions that will help organizations prepare for regulations on the horizon for May 2018.

Anomali Furthers Collaboration with McAfee to Provide Real-Time Threat Intelligence to Joint Customers (Marketwired) Integrated solutions deliver enhanced threat intelligence capabilities to enable faster cyber threat detection

ZeroFOX Added to UK Digital Marketplace as Official Cloud-9 Vendor to Support Digital and Social Media Security Needs in the UK Public Sector (BusinessWire) ZeroFOX, the innovator of social media security & digital risk monitoring, is proud to announce its inclusion in the UK Digital Marketplace as

OPSWAT Unveils New Offering for Device Security and Access Control for SaaS Application Use (PRWeb) OPSWAT today announced the immediate availability of MetaAccess™, a cloud security solution facilitating an enterprise’s move to the cloud with deeper security checks around managed and unmanaged endpoints.

Tanium Expands Security Platform With Asset Module (eWEEK) Tanium CEO Orion Hindawi wants his customers to focus their efforts on fixing the things they actually can control, to help improve security.

Technologies, Techniques, and Standards

NIST Cybersecurity Framework not just for large organizations (CSO Online) Small and mid-sized businesses are at most risk and so have greater need.

Post Cyberattack: The Next Steps Your Business Needs to Take (HackRead) Technology has transformed the face of modern business, and thanks to the internet, it’s easier and faster to share data than ever before. However, sending

3 Tactics to Avoid Insider Threats Posed by Third-Party Contractors (Force 3) “The balance between too much security and too little is delicate. Overzealous access policies can … Continue reading "3 Tactics to Avoid Insider Threats Posed by Third-Party Contractors"

3 Types of Insider Threats & How to Stop Them (Force 3) When we think about insider threats, we typically think about Edward Snowden and Chelsea Manning … Continue reading "3 Types of Insider Threats & How to Stop Them"

Design and Innovation

Another KRACK in the network perimeter (Help Net Security) If we’re going to get out of this infinite loop, we need a different perspective on corporate security architectures that completely breaks from tradition.

Is security on the verge of a fuzzing breakthrough? (Naked Security) Smart, efficient fuzzing could give every developer the opportunity to find bugs efficiently, during development

Research and Development

The time for quantum computing investment 'is now,' experts say (CIO Dive) In the security sphere, a complete rollout of quantum encryption and post-quantum cryptography requires a retrospective update of old systems.

Quantum computing is coming for your encryption, it’s a matter of when (Fedscoop) Everyone knows the age of quantum computing is coming, when it does, today’s most secure encryption on the planet will shattered.

DARPA announces software defined radio UAV hacking event - Homeland Preparedness News (Homeland Preparedness News) The Defense Advanced Research Projects Agency (DARPA) recently announced a week-long event to challenge teams from academia, industry, and the software defined radio (SDR) enthusiast community through a series of hacking sessions called the DARPA Bay Area SDR Hackfest on … Read More »

Academia

IUP team wins cybersecurity grant, will train Western PA workers (TribLIVE.com) Cybersecurity education in Southwest Pennsylvania is getting a boost from the National Security Agency. A team of faculty from Indiana University of Pennsylvania was awarded ...

Legislation, Policy and Regulation

Australia’s breach disclosure policy has major holes, expert says (Security Brief) Australia’s breach disclosure policy doesn’t go nearly far enough in protecting consumers and pales in comparison to the European Union’s GDPR.

Deterring Cyberattacks (Foreign Affairs) For years, the United States has failed to devise a strategy to deter or respond to cyberattacks. In the future, it must communicate what behavior is acceptable and what is not—and what Washington will do about it.

European Commission: A Firm “No” to Backdoors (Infosecurity Magazine) European Commission: A Firm “No” to Backdoors. Executive wants more decryption expertise to be shared across region

Trump Team 'Dispels' EU Doubts on Data Protection Deal (Security Week) US President Donald Trump's administration has "dispelled" doubts over whether it will stand by a hard-won personal data protection accord with Europe struck during Barack Obama's presidency, the EU said Wednesday.

Jim Mattis says Senate bill hamstrings US cyber action (Washington Examiner) Mattis objected to language in a bill that would require the U.S. to give prior notification to foreign governments before acting on cyber t...

Legislation would let companies cyber-attack their hackers (Compliance Week) With a backdrop of high-profile breaches and October’s designation as “Cyber-Security Awareness Month,” Rep. Tom Graves (R-Georgia) and Rep. Kyrsten Sinema (D-Ariz.) have announced the formal introduction of the Active Cyber Defense Certainty Act (H.R. 4036). The bipartisan bill makes” targeted changes to the Computer Fraud and Abuse Act to allow use of limited defensive measures that exceed the boundaries of one’s network in order to monitor, identify and stop attackers.”

A Turf War Is Tearing Apart the Intel Community’s Watchdog Office (Foreign Policy) Internal scuffling threatens to dismantle the Intelligence Community Inspector General.

DSCA head looking at creating security cooperation university, among other ideas (Defense News) The new head of the Defense Security Cooperation Agency is seriously considering the creation of a security cooperation university, as he looks for ways to speed the famously deliberate foreign military sales system.

Senator: Why won’t DOJ answer my emails on cyber? (Fifth Domain) Sen. Sheldon Whitehouse criticized the Justice Department’s lack of a cybersecurity representative to coordinate with Congress on legislative issues at a Department of Justice Oversight hearing on Wednesday.

Litigation, Investigation, and Enforcement

Many Equifax Hack Victims Had Info Stolen Prior to Breach: IRS (Security Week) The U.S. Internal Revenue Service (IRS) believes the recent Equifax breach will not make a significant difference in terms of tax fraud considering that many victims already had their personal information stolen prior to the incident.

38 attorneys general ask Experian, TransUnion to stop credit-freeze fees (Mortgage Professional America) Illinois’ attorney general also initiated a state bill that would eliminate such fees

OPINION: It’s time we penalize, not reward, corporate negligence (Dayton Daily News) Does the number 143 million sound familiar?

FBI Asks Businesses to Share Details About DDoS Attacks (Threatpost) The FBI has made an appeal to organizations victimized by DDoS attacks to share details and characteristics of those incidents,

Vladimir Putin’s rage triggered by President Obama’s diplomatic moves (The Washington Times) In interview after interview with top U.S. intelligence officials and foreign diplomats about the downward spiral in U.S.-Russian relations, one date keeps resurfacing: January 2012.

What's Next after the SEC 'Insider Trading' Breach? (Dark Reading) Last month's hack of the Security Exchange Commission may prove to be the most high-profile corporate gatekeeper attack to date. But it definitely won't be the last.

Judge shocked to learn NYPD’s evidence database has no backup (Ars Technica) All data would be lost if PETS’ DB2 server went down or data corrupted.

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

Cyber Security Opportunities in Mexico Webinar (Washington, DC, USA, November 15, 2017) Learn about the cyber security opportunities in Mexico. Mexico is ranked 28th out of 164 countries in the ITU's 2017 Global Cyber Security Index. Companies spend approximately 3.5% of their IT budgets on cyber security products and services. Currently, the cost to Mexico's overall economy imposed by cyber attacks is more than US$3 billion. The country is a manufacturing powerhouse and is increasingly implementing automated processes. It is also highly integrated with the global financial system.

upcoming Events

Cyber Security Summit Los Angeles (Los Angeles, California, USA, November 30, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Los Angeles. Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: Los Angeles is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

Cyber Security, Oil, Gas & Power 2017 (London, England, UK, November 29 - 30, 2017) ACI’s Cyber Security - Oil, Gas, Power Conference will bring together key stakeholders from energy majors and technology industries, to discuss the challenges and opportunities found in the current systems. The conference will also promote essential collaboration between decision makers and technology experts, in order to streamline solutions to resist cyber threats and attacks.

INsecurity (National Harbor, Maryland, USA, November 29 - 30, 2017) INsecurity is for the defenders of enterprise security—those defending corporate networks—and offers real-world case studies, peer sharing and practical, actionable content for IT professionals grappling with security concerns. INsecurity will feature some of the industry’s most recognized and knowledgeable CISOs and IT security experts, in a setting that is conducive to interaction and conversation.You’ll have a chance to meet colleagues in the cybersecurity profession to discuss the everyday challenges you face in protecting enterprise data. And you’ll get in-depth insights on how other organizations perform security best practices, and how they manage their teams.

INsecurity (National Harbor, Maryland, USA, November 29 - 30, 2017) Organized by Dark Reading, the web’s most trusted online community for the exchange of information about cybersecurity issues. INsecurity focuses on the everyday practices of the IT security department, and real-life methods that you can use to shore up your own enterprise defenses. It will also feature some of the industries most recognized and knowledgeable CISOs and IT security experts, in a setting that is conducive to interaction and conversation. Use Promo Code CYBERWIRE100 for $100 off the current rate.

AutoMobility LA (Los Angeles, California, USA, November 27 - 30, 2017) The Los Angeles Auto Show Press & Trade Days and Connected Car Expo have MERGED to form AutoMobility LA, the new auto industry’s first true trade show. Register to join us in Los Angeles this November.

Global Conference on Cyberspace (GCCS) (New Dehli, India, November 23 - 24, 2017) The Global Conference on Cyberspace (GCCS) aims to deliberate on the issues related to promotion of cooperation in cyberspace, norms for responsible behaviors in cyberspace and to enhance cyber capacity building. The fifth conference, planned to be the biggest in magnitude, shall take place at New Delhi, India on 23-24 November 2017.

Aviation Cyber Security (London, England, UK, November 21 - 22, 2017) Join us on November 21/22 in London, England for the Cyber Senate Aviation Cyber Security Summit. We will address key issues such as the importance of information sharing and collaboration, supply chain and third party risk, incident response, integrating of cyber security and safety, IT and OT convergence, Security Operations Centres and much more as we further develop our collective insight in how we can mitigate risk and develop resilient end to end networks capable of delivering safety and value to all stakeholders.

Federal IT Security Conference (Columbia, Maryland, USA, November 14, 2017) The Federal IT Security Institute (FITSI) in partnership with Phoenix TS in Columbia, MD is hosting the second annual Federal IT Security Conference. Speakers from NIST, DHS, the Defense Department as well as private industry will be in attendance discussing the themes and trends that are influencing the Federal/DoD cyber landscape.

Sector (Toronto, Ontario, Canada, November 13 - 15, 2017) Illuminating the Black Art of Security. Now entering its 11th year, SecTor has built a reputation of bringing together experts from around the world to share their latest research and techniques involving underground threats and corporate defences. The conference provides an unmatched opportunity for IT Professionals and Managers to connect with their peers and learn from their mentors.

Countermeasure (Ottawa, Ontario, Canada, November 9 - 10, 2017) Now into its sixth year in Ottawa, and consistently advancing in both size and content quality, COUNTERMEASURE continues to be the national capital's premier IT security event. As in years past, attendees can expect up to three days of professional skills training prior to the two-day main conference. All content will be delivered by some of the world's most knowledgeable and influential IT security experts in private, public, and research sectors.

2017 ICIT Gala & Benefit (Washington, DC, USA, November 9, 2017) The Annual ICIT Gala and Benefit is the year’s most prestigious and intimate gathering of legislative, agency and private sector leaders committed to protecting our Nation’s critical infrastructures. This black-tie event will celebrate the accomplishments of the most influential members of our community as well as the efforts of today’s most impactful cybersecurity leaders. The funds raised from this Benefit will be used to help sustain and grow the Institute’s research, publications, and educational activities for the communities it serves.

4th Annual Journal of Law & Cyber Warfare Conference (New York, New York, USA, November 9, 2017) Join thought leaders across the industry for a day of collaboration and education with an outstanding group of cyber security experts. In this one-day program, we continue JLCW's 5+ year reputation for presenting cutting-edge, practical, and balanced training for cyber security lawyers, in-house legal personnel, cyber security service providers, law enforcement, military, members of the bar, bench, and ambassadors and consul generals from all over the world.

Fourth Annual JLCW Conference (New York, New York, USA, November 9, 2017) The 2017 Journal of Law and Cyber Warfare symposium speakers represent an unparalleled group of cyber security experts with a wide variety of industry expertise and knowledge. Attendees will hear from experts on cyber security and cyber warfare from the military, government, private industry, and the public sector. Our panels are designed to provide attendees with thought leadership from a diverse group of experts who will share their experience and knowledge-base regarding topical cyber security issues.

SINET Showcase 2017 (Washington, DC, USA, November 8 - 9, 2017) SINET – Washington DC provides a platform to identify and highlight “best-of-class” security companies that are addressing the most pressing needs and requirements in Cybersecurity. As always, this event showcases the SINET 16, the annual list of the most innovative young companies in the industry.

Connected Medical Device & IOT Security Summit (Baltimore, Maryland, USA, January 25 - 26, 2018) The Summit will offer practical solutions to many of the daunting security challenges facing medical device and connected health technology companies, healthcare providers, payers and patients. The program brings together healthcare, medical device and security experts to offer a unique complete end-to-end perspective on the cybersecurity environment – from the economics and motivations of ransomware authors to the needs of the patient. Supporting organizations of the Summit include the American College of Clinical Engineering, INCOSE and The Society for Participatory Medicine. Keynote speakers include Ron Williams, IBM Security Systems and Matthew Green, PhD, Johns Hopkins University.

CyCon US (Washington, DC, USA, November 7 - 8, 2017) The 2017 International Conference on Cyber Conflict U.S. (CyCon U.S.) will take place 7-8 Nov 2017 at the Ronald Reagan Building in Washington D.C. CyCon U.S. facilitates knowledge generation and information exchange across the cyber community, and includes participation from military, government, academia, and industry from around the world. The conference promotes security initiatives and furthers research on cyber threats and opportunities. CyCon U.S. is a collaborative effort between the Army Cyber Institute at the United States Military Academy and the NATO Cooperative Cyber Defence Centre of Excellence in Tallinn, Estonia.

RSA Conference 2017 Abu Dhabi (Abu Dhabi, UAE, November 7 - 8, 2017) RSA Conference 2017 Abu Dhabi is the leading information security event in the region. This year's Conference will take place 7 to 8 November at the Emirates Palace in Abu Dhabi. Join us for two days of engaging sessions and intense networking. Get exposure to innovative technologies and leadership that will help secure your organization and your future.

National Initiative for Cybersecurity Education Conference and Expo (Dayton, Ohio, USA, November 7 - 8, 2017) Cybersecurity has emerged as one of the leading creators of jobs and opportunity for all economic sectors. The demand for cybersecurity positions in both the public and private sector is large and growing, but the talent pool of cybersecurity workers is not yet able to keep up. The NICE 2017 Conference and Expo features thought leaders from education, government, industry and non-profits who are addressing the cybersecurity education, training, and workforce needs of the nation.

POC 2017 (Seoul, Korea, November 2 - 3, 2017) POC started in 2006 and has been organized by Korean hackers & security experts. It is an international security & hacking conference in Korea. POC doesn't pursue money. POC concentrates on technical and creative discussion and shows real hacking and security. POC wears both black hat and white hat. POC will share knowledge for the sake of the power of community. POC believes that the power of community will make the world safer. POC has been making a history with sincere staffs, hackers from the world, and sponsors since2006. POC will be a unique conference.

Exploring Health IT Innovation and Cybersecurity in the Digital Era (Kalamzoo, MIchigan, USA, November 2 - 3, 2017) Government, industry and academic leaders in health information technology and cybersecurity will headline a conference focused on "Exploring Health IT Innovation and Cybersecurity in the Digital Era" at Western Michigan University. The joint Western Michigan IT Forum and International Conference on Health IT Advancement will be held at WMU's Fetzer Center with sessions for industry, academic and student participants.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.