The CyberWire Daily Briefing 10.30.17

Summary

By The CyberWire Staff

An odd discovery about BadRabbit: FireEye and Cylance say that the ransomware skips encryption if it detects Dr. Web antivirus software (Dr. Web published the same findings). Cylance thinks it's a stealth measure having to do with the way Dr. Web protects the master boot record, and that BadRabbit also keeps an eye out for McAfee products that operate similarly to Dr. Web's. FireEye thinks it looks fishy, and that BadRabbit may not be the straightforwardly criminal ransomware this spawn of NotPetya represents itself as being.

India's Computer Emergency Response Team (CERT-In) has issued a medium security alert for BadRabbit, which seems about right.

The Reaper IoT botnet remains puzzlingly quiescent. It may also be smaller than initially believed. Check Point's tally of a million was based on extrapolation from an observed size of thirty thousand. NetLab 360 initially put the total somewhere between ten and twenty thousand devices, now up to nearly thirty thousand. Radware and Ixia have arrived at numbers similar to NetLab 360's. But the botnet could expand swiftly: NetLab 360 reports observing a queue of about two-million devices vulnerable to exploitation by a Reaper control server. While most researchers see signs of amateur missteps by Reaper's developers, the botnet's development platform lends itself to attacks other than the expected DDoS.

SANS Institute researchers describe malicious Chrome extension "Catch-All." It does what its name suggests: captures all user-browser interactions.

US Special Counsel Robert Mueller this morning announced charges against two individuals emerging from the Russian influence probe.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, India, Democratic Peoples Republic of Korea, Republic of Korea, Russia, Ukraine, United Kingdom, United States

The IOC and IOA playbook: making sense of your indicators.

Acronyms such as IOCs (indicators of compromise) and IOAs (indicators of attack) are ubiquitous in the security industry. However, a recent SANS survey revealed a vast majority of security professionals don't even know how many indicators they receive or can use. Join DomainTools Senior Security Researcher Kyle Wilhoit to get clarification on the use and value of IOCs and IOAs and how they can enrich your investigations and overall security strategy.

On the Podcast

In today's podcast we hear from our partners at Terbium Labs, as dark web expert Emily Wilson discusses third-party breaches, and points out that, even if it's not your breach, it's still your problem.

Sponsored Events

Cyber Security Summit: Boston and Los Angeles (Boston, Massachusetts, USA, November 8, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security on November 8 in Boston and November 29 in Los Angeles. Register with promo code cyberwire50 for half off your admission (Regular price $350).

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

BadRabbit Ransomware Decided to Avoid One Antivirus Vendor (PCMAG) BadRabbit will skip the encryption process when detecting the antivirus software from a Russian security firm.

Code flaws in BadRabbit aid file recovery (iTnews) Malware uses NSA exploit to spread.

Bad Rabbit malware used leaked alleged NSA tool (TheHill) The Bad Rabbit ransomware that tore through Russia and Eastern Europe this week used a leaked hacking tool known as EternalRomance, allegedly built by the NSA.

Indian Computer Emergency Response Team issues medium severity alert on 'Bad Rabbit' ransomware (Tech2) The ransomware infects a machine by pretending to be an Adobe Flash Installer and then encrypts the files and the drive.

Assessing the threat the Reaper botnet poses to the Internet—what we know now (Ars Technica) Whatever the threat posed by the new IoT botnet, a worse one has lurked for months.

Fear the Reaper, or Reaper Madness? (KrebsOnSecurity) Last week we looked at reports from China and Israel about a new “Internet of Things” malware strain called “Reaper” that researchers said infected more than a million organizations by targeting newfound security weaknesses in countless Internet routers, security cameras and digital video recorders (DVRs). Now some botnet experts are calling on people to stop the “Reaper Madness,” saying the actual number of IoT devices infected with Reaper right now is much smaller.

IoT Security is an Economic Issue (Peerlyst) IoTroop botnet from CVE-2017-8225 + Shodan demonstrate it is

UK Government Blames WannaCry on North Korea (Infosecurity Magazine) UK Government Blames WannaCry on North Korea. Security minister says London is “as sure as possible”

Malicious Chrome extension steals all data (Help Net Security) The "Catch-All" malicious Chrome extension goes after every piece of data the victim posts on any website, including login credentials.

"Catch-All" Google Chrome Malicious Extension Steals All Posted Data (SANS Internet Storm Center) It seems that malicious Google Chrome extensions are on the rise. A couple of months ago, I posted here about two of them [1][2] which stole user credentials posted on banking websites and alike. Now, while analyzing a phishing e-mail, I went through a new malware with a slight different approach: instead of monitoring specific URLs and focusing on credentials, it captures literally all data posted by the victim on any website – thus the name.

Coin Miner Mobile Malware Returns, Hits Google Play (TrendLabs Security Intelligence Blog) The efficacy of mobile devices to actually produce cryptocurrency in any meaningful amount is still doubtful.

LokiBot Banking Trojan Attacks Android Devices as Ransomware (Spyware-Technie) Although it seldom looks like it, Android devices are a lot safer than desktop computers, as they are less susceptible to malware infections.

DoubleLocker is a dangerous, yet innovative Android ransomware that changes the unlock code on your device (Tech2) The DoubleLocker malware replaces the default home button functionality. The malware is triggered when the user taps on the home button.

Matrix Ransomware Being Distributed by the RIG Exploit Kit (BleepingComputer) The Matrix Ransomware has started to be distributed through the RIG exploit kit. This article will provide information on what vulnerabilities are being targeted and how to protect yourself.

Hackers Can Steal Windows Login Credentials Without User Interaction (BleepingComputer) Microsoft has patched only recent versions Windows against a dangerous hack that could allow attackers to steal Windows NTLM password hashes without any user interaction.

Equifax Hack Hones In On Cyber Holes (CSO) With the recent news of huge conglomerates such as HBO and Equifax suffering from cyber attacks, companies are heavily arming themselves against the threat of a hack

Industrial Products of many vendors still vulnerable to KRACK attack (Security Affairs) Many industrial networking devices from various vendors are still vulnerable to the recently disclosed KRACK attack (Key Reinstallation Attack).

Researchers turn LG's Hom-Bot vacuum cleaner into a real-time spying device (Help Net Security) A vulnerability in LG’s smart home infrastructure could have allowed hackers to take control of all LG SmartThinQ home appliances.

Are Your Smart Devices Betraying You? (PRNewswire) When charged with a criminal defense, Stahl Criminal Defense Lawyers...

Mobile messaging apps new hideout of Dark Web activities: Study (CISO MAG) IntSights identified 9,046 dark web invite links sent via ‘Discord’ by criminal groups run from Brazil and one in Turkey.

Your spam is getting dangerous (Fox News) Spam, once just an annoyance, is becoming downright dangerous.

Routes used by the Queen and other top secret Heathrow security data found on memory stick lying in street (The Independent) Heathrow Airport’s secret security planning has been revealed in files on a memory stick found in a London street. The documents outline routes and safeguards for the Queen, foreign dignitaries and top politicians using Britain’s busiest airport. The USB drive also includes maps showing where CCTV cameras are located, and escape routes for the Heathrow Express railway serving the airport. Other files describe the ultrasound detection system for protecting the perimeter fence and the runways, and detail the ID requirements for accessing every area of the airport.

‘I Forgot My PIN’: An Epic Tale of Losing $30,000 in Bitcoin (WIRED) Veteran tech journalist Mark Frauenfelder tries everything, including hypnosis, to recover a small fortune from a locked bitcoin device.

The Dark Overlord hacks plastic surgery clinic; demands ransom (HackRead) Nude pictures never go unnoticed, and when these belong to celebrities and the mighty Royals, then people are bound to go crazy. This perhaps was in the mind...

Security Patches, Mitigations, and Software Updates

Google Patches ‘High Severity’ Browser Bug (Threatpost) Google began pushing out updates its desktop browser Friday with a patch that repairs a stack-based buffer overflow vulnerability.

Android takes aim at ISP surveillance with DNS privacy (Naked Security) Google turns its attention to your unencrypted DNS

Google to Remove Public Key Pinning (PKP) Support in Chrome (BleepingComputer) Late yesterday afternoon, Google announced plans to deprecate and eventually remove PKP support from the Chromium open-source browser, which indirectly means from Chrome.

Apache OpenOffice Update Patches Four Vulnerabilities (Threatpost) Apache OpenOffice patches four vulnerabilities tied its suite of free office applications impacting it word processing and graphics applications.

Rockwell Automation Patches Wireless Access Point against Krack (Threatpost) Rockwell Automation patched its Stratix wireless access point against the KRACK vulnerability.

Cyber Trends

It's Time to Change the Cybersecurity Conversation (Dark Reading) The IT security industry needs more balance between disclosure of threats and discussion of defense practices - and greater sharing of ideas

The cyber paradox: Reliance on new tech can quickly become a weakness (Fifth Domain) With the interconnected nature of the world, what happens if adversaries shut down networks? The Navy wants commanders to be prepared to operate if this occurs.

Top threats impacting endpoint security decisions (Help Net Security) Research shows that the majority of businesses across the globe are either currently or planning to incorporate machine learning in their endpoint defenses.

Machine vs. Machine: A War in the Offing (CSO) The rise of artificial intelligence (AI) is the great story of our time, thanks to the low cost of computing, storage, and off-the-shelf machine algorithms.

Shark Tank's Robert Herjavec: Cybersecurity at work is everyone's responsibility (TechRepublic) The investor and founder of cybersecurity firm Herjavec Group spoke with TechRepublic about the biggest threats facing businesses, and how all employees can get involved in security.

Marketplace

Uncle Sam Tries to Hire Hackers (Fortune) The U.S. government has a problem with hackers—but not the kind you think. The problem I refer to is Uncle Sam’s reputation of hostility towards hackers, which makes it difficult to hire the sort of people the country needs to tighten up its sprawling computer networks.

SAIC Wins $93M USCYBERCOM Task Order (WashingtonExec) SAIC has been awarded a $93 million U.S. Cyber Command task order to help secure the Department of Defense Information Network. SAIC will assist USCYBERCOM

Coinbase Offers $50,000 Hack the World Bug Bounty (Bitcoin News) Bug bounties are an increasingly used initiative by businesses to find code issues, security problems, hiccups, general mistakes through incentivized hacks.

Startup growth improves in metro Indy (Indianapolis Business Journal) The Kauffman Index of Growth Entrepreneurship says the area now ranks 10th among the 40 largest metro areas when it comes to what Kauffman calls growth entrepreneurship.

Career Briefs: RedLock Names Ankur Shah VP of Products (India West) RedLock, a cloud threat defense company, named Ankur Shah VP of products, where he will be responsible for driving the RedLock product roadmap. Shah has spent more than 15

SentryOne Names Bob Potter New Chief Executive Officer (PRNewswire) Charlotte-based SentryOne announced today the appointment of Bob...

Products, Services, and Solutions

New infosec products of the week: October 27, 2017 (Help Net Security) New infosec products of the week include products from the following vendors: AttackIQ, Blackpoint Cyber, Bomgar, Cloudera, Cygilant, Microsemi, Symantec.

Cygilant Launches New Vulnerability, Patch Management Cloud Service (eWEEK) Cygilant VPM provides IT teams with a single-service offering that combines continuous co-managed vulnerability management with auditable patch management

NetWars: GRID NetWars (SANS Institute) GridEx NetWars is a suite of hands-on, interactive learning scenarios that enable Operational Technology security professionals to develop and master the real-world, in-depth skills they need to defend real-time systems.

Technologies, Techniques, and Standards

Can DevOps Simplify the Operational Risk of Compliance? (SIGNAL Magazine) How applying the DevOps mindset and processes to digital planning address cybersecurity.

Is Your Agency Cyber EO-ready? (SIGNAL Magazine) By prioritizing network modernization, agencies bolster cybersecurity and meet the core mission requirements.

The Blockchain Is Only as Strong as Its Weakest Link (Security Intelligence) Blockchain technology depends on mutual trust between human participants, each of whom represents a potential weakness in the chain.

Part 1 – Top Three Things Cyber Teams Should Do to Implement a Risk Based Program? (Bay Dynamics) October is National Cyber Security Awareness Month (follow #NCSAM on Twitter), and the perfect time for cyber security pros to start shifting their cyber security programs and investments so that they focus on risk management.

Part 2 – Top Three Things to Do to Overcome Vulnerability Risk Management Challenges (Bay Dynamics) Welcome to the second chapter of our video Q&A series featuring Retired Brigadier General Gregory Touhill, appointed by President Obama as America’s first federal CISO, and our newest board member.

How to focus C-Suite attention on the issue of cyber security (CSO) With large-scale cyber attacks becoming increasingly common, having an effective defence strategy in place has never been more important.

Design and Innovation

Cyber Moonshot: Taking a proactive approach to cybersecurity [Commentary] (Federal Times) With concerted leadership, sustained investment, and clear incentives that spark action, we can achieve the Cyber Moonshot.

Researchers Devise 2FA System That Relies on Taking Photos of Ordinary Objects (BleepingComputer) Scientists from Florida International University and Bloomberg have created a custom two-factor authentication (2FA) system that relies on users taking a photo of a personal object.

Research and Development

Best-Ever Algorithm Found for Huge Streams of Data (WIRED) To efficiently analyze a firehose of data, scientists first have to break big numbers into bits.

Artificial intelligence fools security (BBC News) Researchers developed an algorithm that imitates how the human brain responds to these visual clues.

'Darknet' and quantum communications could enhance grid cybersecurity, scientists tell Senate (Utility Dive) The Department of Energy's national labs are working to develop a private grid communication system called "darknet" they say could automatically detect, isolate and defend against cyber intrusions.

Two New Facilities Highlight SSC Atlantic’s Commitment to Cybersecurity (DVIDS) Space and Naval Warfare Systems Center (SSC) Atlantic Commanding Officer Capt. Scott Heller marked the opening of two new facilities on Joint Base Charleston – Naval Weapons Station for teams providing cutting edge cybersecurity capabilities to prevent and mitigate cyber-attacks for our Navy and our nation. The ribbon cutting event took place Oct. 27.

Academia

University of New Haven Hacking Team Finishes Third in Regional Competition, Advances to Nationals (University of New Haven) A group of computer science and cyber security majors defeated teams from Penn State, Drexel, the University of Buffalo, and Carnegie Mellon, which is regarded as one of the top universities worldwide in cybersecurity and technology education.

Legislation, Policy and Regulation

Can an international cyber convention ever succeed? (Help Net Security) How can sanctions and other standard international responses be levied if the suspected perpetrator has complete deniability of their involvement?

Experts call for filtering of online content at national level (The Times of India) Thiruvananthapuram: Even as the Supreme Court has issued an interim order directing the government to check online video tapes of sexual violence and child porno, cyber security experts indicated that such material were still available online and it was not easy to remove these in one go.

AI Development in Dire Need of Cybersecurity Regulations (Infosecurity Magazine) As the AI development industry rapidly expands, hopefully regulations will emerge soon.

Debate rages over divisive US surveillance law renewal (Naked Security) The lines are drawn, with predictable players on each side

Ron Wyden urges NSA and DHS to defend Trump administration officials from hackers (The Washington Times) Sen. Ron Wyden, a Democratic member of the Senate Intelligence Committee, is demanding that national security leaders adopt a plan to protect the personal devices and internet accounts of top Trump administration officials.

Dems see opportunity on cyber (FCW) The moderate New Democrat Coalition is looking for bipartisan support for a cybersecurity agenda focused on public-private cooperation.

Litigation, Investigation, and Enforcement

Probe finds 701 more cyber reports (Korea JoongAng Daily) Materials were sent from Cyber Command to Lee Blue House

Defense ministry to expand probe into military intelligence, cyber agents over political activities (Yonhap News Agency) A recent inquiry has found military intelligence agents were involved in a clandestine campaign to write pro-government online comments under former President Lee Myung-bak, the defense ministry said Sunday.

Watch: Trump’s top intelligence officials confirm Russia meddled in the US election (Quartz) Russia's efforts to influence the US election have been unequivocally confirmed on the record by all top US intelligence officials.

Manafort and former business partner charged with conspiracy in connection with special counsel probe (Washington Post) The charges were the first criminal allegations in the investigation into possible links between the Trump campaign and Russia.

U.S. v. Paul J. Manafort, Jr., and Richard W. Gates III (1:17-cr-201, District of Columbia) (US Department of Justice) Paul J. Manafort, Jr., of Alexandria, Va., and Richard W. Gates III, of Richmond, Va., have been indicted by a federal grand jury on Oct. 27, 2017, in the District of Columbia.

How to Interpret Mueller’s Charges Against Paul Manafort (WIRED) What to expect from the special counsel's first indictments in the Russia inquiry.

FBI Probe Of Paul Manafort Focuses On 13 “Suspicious” Wire Transfers (BuzzFeed) BuzzFeed News has learned of a series of wire transfers, made by companies linked to Donald Trump’s former campaign chairman Paul Manafort, that federal officials deemed suspicious. Many of the wires

Angus King: First charges under Robert Mueller Russia probe 'really just the beginning' (Washington Examiner) 'Like everyone else in Washington, I'll be watching tomorrow to see what comes out of the Mueller investigation, but I think it's important...

Fusion GPS, House intel reach subpoena agreement (CNN) Fusion GPS, the research firm behind the dossier containing allegations about President Donald Trump and Russia, its bank and the House intelligence committee have reached an agreement over the panel's subpoena of Fusion's financial records.

Fusion GPS and the Washington Free Beacon (Washington Free Beacon) Since its launch in February of 2012, the Washington Free Beacon has retained third party firms to conduct research on many individuals and institutions of interest to us and our readers. In that capacity, during the 2016 election cycle we retained Fusion GPS to provide research on multiple candidates in the Republican presidential primary, just as we retained other firms to assist in our research into Hillary Clinton.

FINALLY, A Definitive Timeline Showing When Clinton, DNC Started The Russian Dossier (The Daily Caller) There has been much confusion in the media -- and thereby, the public -- about who funded the infamous Trump dossier. Some outlets have incorrectly reported that Republicans began financing the dossie

Analysis | The ‘dossier’ and the uranium deal: A guide to the latest allegations (Washington Post) After a week of twists and turns in the Russia probe, here's everything you need to know to catch up.

Collins wants more testimony from DNC and Clinton campaign officials (POLITICO) “It’s difficult to imagine that a campaign chairman, that the head of the DNC would not know of an expenditure of this magnitude and significance," she said.

Facebook struggles to contain Russia narrative (POLITICO) Hearings this week will increase the pressure for the company to explain how bots and fake news exploited its network — beyond a narrow focus on political ads.

Kaspersky Says Its Hand Was in the Cookie Jar, But … (Security Boulevard) Kaspersky Lab has been bombarded with an unending stream of claims that its Russian roots equate to being part of the Russian national team when it comes to national security interests.

Lessons of Parliament's missing security manual (The Sydney Morning Herald) The far more concerning problem is the mega-theft of digital data from contractors.

Officials shut down Oklahoma Corporation Commission website after cyber attack (Oklahoma News 4) A cyber attack was detected this week at the Oklahoma Corporation Commission, causing the Office of Management and Enterprise Services to shut the network down.

Cellebrite requires trust in law enforcement (Northwest Missourian) Recent news of the three law-enforcement offices having joint control over new technology used for confiscated cell phones have left us wondering if this may be a serious violation of privacy.

Woman's ID stolen 15 times after Equifax breach (KLTV) The woman's lawyer Fleming has filed a class-action lawsuit against Equifax, saying the company was negligent when it lost private information on more than 140 million Americans.

Insider information leads to fraud scheme, arrests and conviction (CSO Online) Employees at HSBC Bank plc used insider information to their benefit, defrauding a client and generating millions of dollars for themselves.

Apple iPhone X engineer fired after daughter’s hands-on video went viral (CSO Online) It's like a double cautionary tale about NDAs and losing control of content once you post it online.

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

Third International Conference on Information Security and Digital Forensics (ISDF 2017) (Thessaloniki, Greece, December 8 - 10, 2017) A 3 day event, with presentations delivered by researchers from the international community, including presentations from keynote speakers and state-of-the-art lectures.

Cyber Security Indonesia 2017: Shaping National Capacity for Cyber Security (Jakarta, Indonesia, December 6 - 7, 2017) Cyber Security Indonesia 2017 exhibition and conference, brought to you by the organisers of the Indonesia Infrastructure Week, will bring cyber security solutions providers together with key government and private sector decision makers, buyers, and influencers in order to meet and do business and to advance resilience against cyber attack.

National Insider Threat Special Interest Group Meeting (Virginia Chapter) (Herndon, Virginia, USA, December 5, 2017) The National Insider Threat Special Interest Group (NITSIG) is excited to announce it has established a Virginia Chapter. NITSIG Members and others may attend meetings at no charge. Attendees will receive comprehensive guidance and best practices for establishing and managing an Insider Threat Program. Anyone concerned with employee threat identification and mitigation will gain valuable knowledge from attending meetings. This meeting will focus on human resources interaction with an insider threat program and behavioral indicators of insider threat.

Cyber Security Summit Los Angeles (Los Angeles, California, USA, November 30, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Los Angeles. Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: Los Angeles is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

Cyber Security, Oil, Gas & Power 2017 (London, England, UK, November 29 - 30, 2017) ACI’s Cyber Security - Oil, Gas, Power Conference will bring together key stakeholders from energy majors and technology industries, to discuss the challenges and opportunities found in the current systems. The conference will also promote essential collaboration between decision makers and technology experts, in order to streamline solutions to resist cyber threats and attacks.

INsecurity (National Harbor, Maryland, USA, November 29 - 30, 2017) INsecurity is for the defenders of enterprise security—those defending corporate networks—and offers real-world case studies, peer sharing and practical, actionable content for IT professionals grappling with security concerns. INsecurity will feature some of the industry’s most recognized and knowledgeable CISOs and IT security experts, in a setting that is conducive to interaction and conversation.You’ll have a chance to meet colleagues in the cybersecurity profession to discuss the everyday challenges you face in protecting enterprise data. And you’ll get in-depth insights on how other organizations perform security best practices, and how they manage their teams.

INsecurity (National Harbor, Maryland, USA, November 29 - 30, 2017) Organized by Dark Reading, the web’s most trusted online community for the exchange of information about cybersecurity issues. INsecurity focuses on the everyday practices of the IT security department, and real-life methods that you can use to shore up your own enterprise defenses. It will also feature some of the industries most recognized and knowledgeable CISOs and IT security experts, in a setting that is conducive to interaction and conversation. Use Promo Code CYBERWIRE100 for $100 off the current rate.

AutoMobility LA (Los Angeles, California, USA, November 27 - 30, 2017) The Los Angeles Auto Show Press & Trade Days and Connected Car Expo have MERGED to form AutoMobility LA, the new auto industry’s first true trade show. Register to join us in Los Angeles this November.

Global Conference on Cyberspace (GCCS) (New Dehli, India, November 23 - 24, 2017) The Global Conference on Cyberspace (GCCS) aims to deliberate on the issues related to promotion of cooperation in cyberspace, norms for responsible behaviors in cyberspace and to enhance cyber capacity building. The fifth conference, planned to be the biggest in magnitude, shall take place at New Delhi, India on 23-24 November 2017.

Aviation Cyber Security (London, England, UK, November 21 - 22, 2017) Join us on November 21/22 in London, England for the Cyber Senate Aviation Cyber Security Summit. We will address key issues such as the importance of information sharing and collaboration, supply chain and third party risk, incident response, integrating of cyber security and safety, IT and OT convergence, Security Operations Centres and much more as we further develop our collective insight in how we can mitigate risk and develop resilient end to end networks capable of delivering safety and value to all stakeholders.

Cyber Security Opportunities in Mexico Webinar (Washington, DC, USA, November 15, 2017) Learn about the cyber security opportunities in Mexico. Mexico is ranked 28th out of 164 countries in the ITU's 2017 Global Cyber Security Index. Companies spend approximately 3.5% of their IT budgets on cyber security products and services. Currently, the cost to Mexico's overall economy imposed by cyber attacks is more than US$3 billion. The country is a manufacturing powerhouse and is increasingly implementing automated processes. It is also highly integrated with the global financial system.

Federal IT Security Conference (Columbia, Maryland, USA, November 14, 2017) The Federal IT Security Institute (FITSI) in partnership with Phoenix TS in Columbia, MD is hosting the second annual Federal IT Security Conference. Speakers from NIST, DHS, the Defense Department as well as private industry will be in attendance discussing the themes and trends that are influencing the Federal/DoD cyber landscape.

Sector (Toronto, Ontario, Canada, November 13 - 15, 2017) Illuminating the Black Art of Security. Now entering its 11th year, SecTor has built a reputation of bringing together experts from around the world to share their latest research and techniques involving underground threats and corporate defences. The conference provides an unmatched opportunity for IT Professionals and Managers to connect with their peers and learn from their mentors.

Countermeasure (Ottawa, Ontario, Canada, November 9 - 10, 2017) Now into its sixth year in Ottawa, and consistently advancing in both size and content quality, COUNTERMEASURE continues to be the national capital's premier IT security event. As in years past, attendees can expect up to three days of professional skills training prior to the two-day main conference. All content will be delivered by some of the world's most knowledgeable and influential IT security experts in private, public, and research sectors.

2017 ICIT Gala & Benefit (Washington, DC, USA, November 9, 2017) The Annual ICIT Gala and Benefit is the year’s most prestigious and intimate gathering of legislative, agency and private sector leaders committed to protecting our Nation’s critical infrastructures. This black-tie event will celebrate the accomplishments of the most influential members of our community as well as the efforts of today’s most impactful cybersecurity leaders. The funds raised from this Benefit will be used to help sustain and grow the Institute’s research, publications, and educational activities for the communities it serves.

4th Annual Journal of Law & Cyber Warfare Conference (New York, New York, USA, November 9, 2017) Join thought leaders across the industry for a day of collaboration and education with an outstanding group of cyber security experts. In this one-day program, we continue JLCW's 5+ year reputation for presenting cutting-edge, practical, and balanced training for cyber security lawyers, in-house legal personnel, cyber security service providers, law enforcement, military, members of the bar, bench, and ambassadors and consul generals from all over the world.

Fourth Annual JLCW Conference (New York, New York, USA, November 9, 2017) The 2017 Journal of Law and Cyber Warfare symposium speakers represent an unparalleled group of cyber security experts with a wide variety of industry expertise and knowledge. Attendees will hear from experts on cyber security and cyber warfare from the military, government, private industry, and the public sector. Our panels are designed to provide attendees with thought leadership from a diverse group of experts who will share their experience and knowledge-base regarding topical cyber security issues.

SINET Showcase 2017 (Washington, DC, USA, November 8 - 9, 2017) SINET – Washington DC provides a platform to identify and highlight “best-of-class” security companies that are addressing the most pressing needs and requirements in Cybersecurity. As always, this event showcases the SINET 16, the annual list of the most innovative young companies in the industry.

CyCon US (Washington, DC, USA, November 7 - 8, 2017) The 2017 International Conference on Cyber Conflict U.S. (CyCon U.S.) will take place 7-8 Nov 2017 at the Ronald Reagan Building in Washington D.C. CyCon U.S. facilitates knowledge generation and information exchange across the cyber community, and includes participation from military, government, academia, and industry from around the world. The conference promotes security initiatives and furthers research on cyber threats and opportunities. CyCon U.S. is a collaborative effort between the Army Cyber Institute at the United States Military Academy and the NATO Cooperative Cyber Defence Centre of Excellence in Tallinn, Estonia.

RSA Conference 2017 Abu Dhabi (Abu Dhabi, UAE, November 7 - 8, 2017) RSA Conference 2017 Abu Dhabi is the leading information security event in the region. This year's Conference will take place 7 to 8 November at the Emirates Palace in Abu Dhabi. Join us for two days of engaging sessions and intense networking. Get exposure to innovative technologies and leadership that will help secure your organization and your future.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.