The CyberWire Daily Briefing 3.2.17

Summary

By The CyberWire Staff

Russian banks are reported to be under attack (again) by the RTM gang, which operates a phased campaign: backdoor, compromise, reconnaissance, data exfiltration, and theft of funds.

Trustwave reports a "remotely exploitable issue in the Telnet administrative interface" of various DBLTek devices: a flawed proprietary challenge-and-response authentication system could give an attacker root access to a device.

ThreatGeek reports on how the privacy-friendly messaging app Telegraph is being exploited by phone scammers. Messaging apps are becoming more popular with scammers as a way of evading do-not-call rules. If a scammer already has a phone number in their contact list, Telegram will tell them if that number is associated with a Telegram account.

Sucuri researchers report finding an SQL injection vulnerability in the NextGEN Gallery WordPress plug-in.

ZScaler has patched a cross-site scripting bug in its admin portal. Rapid7 discloses eight vulnerabilities in its products and issues either patches or mitigations for them. Slack has fixed a cross-origin token-theft vulnerability in its popular cloud-based collaboration tool.

Yahoo!'s investigation of its breaches reveals little to the company's credit.

There are other issues of phone privacy and the regulation thereof under discussion in the US. The FCC, as expected, has voted to back away from privacy rules the broadband industry argued were unfairly burdensome. And in response to a series of bomb threats, some Senators (notably Charles Shumer, D-NY) are asking the FCC to grant Jewish Community Centers permission to bypass caller-ID blocking.

Mutual suspicious between Russia and the US in cyberspace continue.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, Canada, European Union, Finland, Netherlands, Russia, Switzerland, United Kingdom, United States

On the Podcast

In today's podcast, we hear from our partners at the University of Maryland Center for Health and Homeland Security, as Markus Rauschecker discusses the privacy implications of Smart Cities. We'll also speak to a guest, Tony Gauda from ThinAir, about the weaponization of data.

There's also a special edition up, with an overview of what we heard at RSA about artificial intelligence and its application to security.

Sponsored Events

Jailbreak Security Summit - Insecurity Tools (Laurel, Maryland, USA, April 28, 2017) Join some of the world's best security researchers as they talk about vulnerabilities in security tools at the only computer security event held at a production brewery. Attendance is limited to 100 to keep the Security Summit small and encourage conversation between speakers, attendees, and sponsors.

2nd Annual Cyber Investing Summit (New York, New York, USA, May 23, 2017) The 2nd Annual Cyber Investing Summit is an all-day conference focusing on investing in the cyber security industry. Attendees will explore the financial opportunities, trends, challenges, and investment strategies available in the high growth cyber security sector.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

RTM cyber gang targets Russian businesses that conduct remote banking (SC Magazine US) Preying on Russian businesses that rely on Remote Banking Systems, the cybercrime group RTM is using backdoor malware to first silently compromise systems, and then perform reconnaissance, swipe data and steal funds.

Million-Plus WordPress Sites Exposed by Vulnerable Plugin (Threatpost) The popular NextGEN Gallery WordPress plugin was recently patched to address a “severe” SQL injection vulnerability that put website databases at risk.

Undocumented Backdoor Account in DBLTek GoIP (Trustwave) Trustwave recently reported a remotely exploitable issue in the Telnet administrative interface of numerous DblTek branded devices. The issue permits a remote attacker to gain a shell with root privileges on the affected device due to a vendor backdoor in...

Unholy trinity of AKBuilder, Dyzap and Betabot used in new malware campaigns (Naked Security) Betabot, Dyzap and AKBuilder join forces – but keeping Office up to date should keep you protected

Modern Messaging OPSEC: Popular App Gives Scammers a Boost (Threat Geek) Modern messaging apps, many of which offer end-to-end encryption, are used every day by millions of people. These apps come with the expectation of privacy. However, we recently observed an interesting operational security issue involving one such popular messaging app, Telegram. We're posting our observations to alert users of this app to potential privacy concerns. Changing Scammer Tactics Relentless calls from telemarketing scammers are a bane of existence in modern life. Whether it's the "can you hear me now" scam, fake charity scams, or fake tech support scams, the pace of attacks on consumers is relentless. The problem is particularly...

Old Windows malware may have tampered with 132 Android apps (CSO Online) More than 130 Android apps containing some malicious coding managed to infiltrate the Google Play store, possibly because the developers’ tools that built them were tainted, according to security researchers.

Malware Kits, Advertising Trojans Drive Mobile Risk (Dark Reading) Kaspersky Lab research and INTERPOL analysis highlight growth in advertising Trojans and mobile malware kit sales on the Dark Web.

Phishing for Big Money Wire Transfers is Still Alive and Well (or: For Want of Good Punctuation, all was Lost) (SANS Internet Storm Center) I recently had a client get an interesting phishing message. They had received a fake message from their CEO to their Controller - a "start the conversation" email to end up with a wire transfer. This sort of email is not common, but is frequent enough in Sr Management circles, especially if you are in the middle of merger or acquisition discussions with another company.

Ransomware for Dummies: Anyone Can Do It (KrebsOnSecurity) Among today’s fastest-growing cybercrime epidemics is “ransomware,” malicious software that encrypts your computer files, photos, music and documents and then demands payment in Bitcoin to recover access to the files.

The Reemergence of a Threat Actor: Six More Weeks of DDoS (Wapack Labs) Wapack Labs research is observing the reemergence of a known threat actor. After a year-long hiatus, he is displaying habitual activity onl...

Hacker sells access to databases at UCLA, other universities (Daily Bruin) A Russian-speaking hacker sold unauthorized access to databases for more than 60 universities and government agencies in the United States and United Kingdom, including UCLA. The hacker, called Rasputin, sold…

Boeing investigates security breach impacting thousands (Defense News) Boeing is investigating an internal security breach impacting thousands of workers in four U.S. states, including Washington.

CloudPets' woes worsen: Webpages can turn kids' stuffed toys into creepy audio bugs (Register) Warnings about leaky Bluetooth Web API all-too-accurate

CloudPets Notifies California AG of Data Breach (Threatpost) Spiral Toys has filed a breach notification with the California Attorney General’s office informing them of the CloudPets data breach.

6 dangerous toys that are not child's play (CSO Online) Here is a look back at six toys that were breached.

Multiple security flaws found in mainstream robotic technologies (Help Net Security) IOActive exposed numerous vulnerabilities found in multiple home, business, and industrial robots available on the market today.

Robots Rife With Cybersecurity Holes (Threatpost) IOActive Labs released a report Wednesday warning that consumer, industrial, and service robots in use today have serious security vulnerabilities.

Hacked robots vulnerable to turning on their owners (Financial Times) Security group’s tests show possibility of physical harm or stalled operations

Yahoo cookie hacks affected 32 million accounts, CEO foregoes bonus (Ars Technica) Nation-sponsored attackers targeted 26 specific accounts.

Yahoo execs botched its response to 2014 breach, investigation finds (CSO Online) The internet pioneer, which reported a massive data breach involving 500 million user accounts in Sept., actually knew an intrusion had occurred back in 2014, but allegedly botched a proper response.

Yahoo Execs ‘Ignored’ Security Team Over 2014 Breach (Infosecurity Magazine) Yahoo Execs ‘Ignored’ Security Team Over 2014 Breach. SEC filing reveals failures in communication, management, inquiry and internal reporting

Google reCaptcha Bypass Technique Uses Google’s Own Tools (Threatpost) A proof of concept bypass of Google’s CAPTCHA verification system uses Google’s own web-based tools to pull off the skirting of the system.

Dear Kaspersky Lab: Yours is a very bad installer [Updated] (Ars Technica) Installing Kaspersky Internet Security reveals some gaps in software security practices.

Security Patches, Mitigations, and Software Updates

Slack Fixes Cross-Origin Token Theft Bug (Threatpost) The cloud-based collaboration tool Slack was quick to fix a bug earlier this month that could have let an attacker steal a user’s private Slack token.

Tricksy bugs in Zscaler admin portal let you ruin a coworker's day (Register) Cloudy with a chance of XSS

Multiple Vulnerabilities Affecting Four Rapid7 Products (Rapid7) Today, we'd like to announce eight vulnerabilities that affect four Rapid7 products, as described in the table below.

Google Enhances Safe Browsing for Chrome on MacOS (Dark Reading) The Chrome Settings API for Mac will give developers tools to ensure users have full control of their settings and know about intrusions.

Virtual Patching in the Spotlight Due to Unpatched Microsoft Vulnerabilities - TrendLabs Security Intelligence Blog (TrendLabs Security Intelligence Blog) Due to three recently disclosed Microsoft vulnerabilities, the use of Intrusion prevention system (IPS) protection to shield against vulnerabilities (often referred to as Virtual Patching) is back in the spotlight. These allow systems to be protected even if patches have not yet been released by vendors.

Cyber Trends

Email and IoT security issues persist (Help Net Security) 50% of businesses have not changed their cybersecurity protections in over 3 years. Seemingly simple threats like phishing have become a major threat.

MWC: IoT security message drowned out by noise of nostalgia (Naked Security) Vendors at Barcelona mobile show stress security while hardware firms tout new-but-old ideas

Survey Finds Disconnect Between Security Strategy and Execution (Dark Reading) Report from Intel Security and CSIS discovers 93% of businesses have cybersecurity strategies, but only 49% fully implement them.

Radware Supports Australian Prime Minister’s Declaration That “Cyber Warfare is the New Frontier” (Radware Blog) The Australian Prime Minister, Malcolm Turnbull, recently warned that all Australians should be concerned about the threat of a cyber-attack. Mr Turnbull described cyber warfare as the new frontier, with families, governments and businesses equally at risk. From a public perspective, there is a greater expectation placed on the government to ensure that the networks …

Threats to Healthcare Data Security in India are more real and complex - ET HealthWorld (ETHealthworld.com) Due to prevalent complacency, culture, politics and budget, ensuring data security is viewed as a cost factor that can wait

Marketplace

PE-backed Salient CRGT completes Information Innovators - PE Hub (PE Hub) Salient CRGT Inc has closed its previously announced acquisition of Springfield, Virginia-based Information Innovators Inc, a provider of solutions and services to IT and health-focused clients across the federal government. No financial terms were disclosed. Salient CRGT is backed by Bridge Growth Partners LLC and Frontenac Co, while Information Innovators’ was backed by DFW Capital Partners.

Here's Why Palo Alto Networks Plunged 20% After Reporting Earnings (Forbes) Palo Alto Networks plunged 20% in after-hours trading after the cyber security giant reported earnings. The company reported 2nd Quarter January 2017 earnings of $0.63 per share on revenue of $422.6 million. The consensus earnings estimate was $0.62 per share on revenue of nearly $430 million. On face value that was not that bad but investors dumped the stock because of forward guidance.

Palo Alto Networks Acquires LightCyber For $105M, Adds Behavioral Attack Detection Capabilities (CRN) Palo Alto Networks announced that it has acquired LightCyber for $105 million, adding behavioral attack detection capabilities to its network security platform.

Cisco Gobbles Up AppDynamics Intelligence Software Platform (An F1 Blog) Cisco says the purchase supports its own transition to software-centric solutions

IBM Is Focusing on Cybersecurity: Here’s Why (Market Realist) Earlier in this series, we discussed IBM’s acquisition of Agile 3 Solutions, which is in line with the company’s focus on cybersecurity and its Strategic Imperatives segment. Cybersecurity is a rapidly growing market. With Donald Trump as president, cybersecurity is likely to be the highlight of the technology industry in 2017.

Bank blockchain choices may come down to IBM vs. Microsoft (American Banker) IBM's work with Northern Trust and Hyperledger and Microsoft's alliance with JPMorgan and others show the different approaches the tech giants are taking with the technology.

Should You Be Watching Fortinet Too? (Market Realist) Shares of Fortinet rose 14% in February 2017. Fortinet (FTNT) declared its 4Q16 and fiscal 2016 results last month, reporting revenue of $362.8 million—a rise of 22.4% YoY (year-over-year), as compared to the analyst estimate of $352 million.

Fortscale Raises $7 Million Round (Silicon Valley Daily) Fortscale Security Ltd., a developer of machine learning-based User & Entity Behavior Analytics (UEBA) for security, has secured $7 million dollars in its latest round of funding led by Evolution Equity Partners and Valor Capital Group.

Switzerland’s 'Crypto Valley' Wants to Be the World’s Leading Blockchain and Cryptographic Ecosystem – CoinSpeaker (CoinSpeaker) Thomson Reuters, PwC, UBS and other companies have established a new blockchain group in Switzerland to facilitate the growth of the blockchain ecosystem.

Former CEO bets on building cyber product companies in DC (Federal News Radio) A cybersecurity CEO-turned-investor says he wants to grow D.C. from a region loaded with cybersecurity services-based companies into one packed with product-based companies.

Raytheon Plays War Games (The Motley Fool) Raytheon's CCEWIF could help determine a battle's outcome before the first shot is fired.

UAE's DarkMatter plans 35% increase in headcount this year (Gulf Business) The firm is continuing to snap up cyber security talent after hundreds of hires last year

Products, Services, and Solutions

Exploring the new era of endpoint security: Dell and Cylance Protect (BrianMadden) Catching up with Dell about their Cylance partnership shows that big vendors are fully behind the new era of endpoint security. Are you?

Passages Honored as Winner of Cutting Edge Anti-Malware Solution in 2017 Cyber Defense Magazine InfoSec Awards (BusinessWire) Ntrepid Corporation, provider of cutting-edge cybersecurity solutions, today announced that Cyber Defense Magazine named Passages winner of the award

Carbon Black CTO: Why it’s time to kill legacy antivirus - Computer Business Review (Computer Business Review) Carbon Black are standing firm amid the changing threat environment, offering new antivirus technologies to survive the new frontier.

Informatica Enhances Big Data Security with Behavioral Analytics (eSecurity Planet) Secure@Source bulks up its data security intelligence offering to better identify risks to a business' sensitive data.

The most l33t phone of MWC: DarkMatter's Katim (Register) The secure, self destructing mobe for heads of state... and big enterprises

How A New Super Secure Phone Blocks Hackers, Crooks And Spies (Fortune) Push a button to frustrate the NSA

Technologies, Techniques, and Standards

Connected medical device security: The usefulness of unenforceable guidance (IoT Agenda) The United States Food & Drug Administration (FDA), which oversees approval of medical devices for the healthcare industry, recently published “post-market” guidelines for development of medical devices. These guidelines are merely “non-binding recommendations,” and are certainly not requirements, which has led some experts to ponder the usefulness of such guidance without an enforcement clause.

RBI sets up panel to review cyber threats (DDI News) RBI has announced setting up of an Inter-disciplinary Standing Committee on Cyber Security.

GDPR: The Data Protection Officer shouldn't be your in-house lawyer, advises expert (Computing) Robert Bond, partner at Bristows LLP also describes the Panama Papers incident as a wake up call, stating that lawyers are very good at getting round rules,Cloud and Infrastructure,Legislation and Regulation ,law,GDPR,Cyber security,SMB Spotlight,smb-server

GDPR: How to squeeze security budget from the business (Computing) Bridget Kenyon, head of information security at University College London explains how the impending GDPR can help security teams increase their budgets,Cloud and Infrastructure,Security ,GDPR,Cyber security

Guarantee Data Security When Data is in an External or Public Cloud (Infosecurity Magazine) The key tips to consider when looking to outsource your data to the cloud.

Operatively-sourced threat intelligence: Using human awareness (Help Net Security) In this podcast recorded at RSA Conference 2017, Mike Kirschner, Senior Vice President of Sales and Marketing, Advanced Threat Intelligence at InfoArmor, t

Best Practices for Lowering Ransomware Risk (Dark Reading) The first step is to avoid falling prey in the first place. That means teaching your entire organization - from IT staff to executive management - how not to be a victim.

Treating Ransomware in the Healthcare Sector (Infosecurity Magazine) Steps to take to help in the instance of a ransomware infection.

Fighting sophisticated phishing threats during the digital revolution (Help Net Security) Damien Hugoo from Easy Solutions talks about what organizations can do in order to take a proactive approach in defending against phishing attacks.

How can we build a secure IoT world? (Help Net Security) The Internet of Things, as it is now, is a minefield of security issues that are just waiting to be exploited. How can we build a secure IoT world?

Protecting Wealthy Clients From Cyber Attack (Wealth Management) Family offices and high-net-worth individuals are at substantially increased risk of cyber attacks.

Are you spending enough on app security? Probably not (Real Business) As anyone with a website will know, app security is always a concern, whether it's your website being disrupted by a DDoS attack or a cyber criminal hack.

Research and Development

This Smart AI Can Now Steal Code to Write Its Own Programs (ScienceAlert) Our artificial intelligence systems are continuing to get smarter, with scientists demonstrating that a system called DeepCoder is now clever enough to borrow bits of code from other programs to solve basic problems.

Quantum code-breaking could be blocked, maybe (Electronics Weekly) Encryption that could defeat future code-cracking quantum computers is possible, claims Washington State University mathematician Nathan Hamlin. A hacker a

Bastille Networks Receives DHS Grant for IoT Security Project (ExecutiveBiz) Bastille Networks has secured a $196,760 grant from the Department of Homeland Security to help optimize internet of things wireless protocols. DHS said Monday it awarded the funds through the department’s Silicon Valley Innovation Program, which aims to encourage “non-traditional performers” to offer technologies that could help DHS address threats. Melissa Ho, SVIP managing director, said Bastille Networks seeks to help DHS gain ...

Academia

Central Coast Cyber Forensics Lab to open at Camp San Luis Obispo (A-Town Daily News) The Central Coast Cyber Forensics Lab (CCCFL), the first active facility in the new California Cyber Training Complex (CCTC), will be opening on March 1 at Camp San Luis Obispo.

DMC professor chosen by FBI to lead cyber-security group (Corpus Christi Caller-Times) David Abarca, assistant professor and Information Security Program director at Del Mar College, was recruited by the FBI. Abarca has been tasked with leading the lead a local cyber security group as part of the InfraGard program.

Legislation, Policy and Regulation

Opinion: No, Russia didn't hack the election (The Christian Science Monitor Passcode) Moscow carried out a digital campaign to disrupt our democracy, but did not change vote counts. That's a key distinction because the US needs to accurately identify weaknesses to sharpen national cyberdefenses.

Trump, Putin, and the New Cold War (The New Yorker) What lay behind Russia’s interference in the 2016 election—and what lies ahead?

The New Yorker’s Big Cover Story Reveals Five Uncomfortable Truths About U.S. and Russia (The Intercept) The most astonishing aspect of the discourse on Russia is how little attention is paid to the risks of fueling a new Cold War.

Why Is Finland Able to Fend Off Putin’s Information War? (Foreign Policy) Helsinki has emerged as a resilient front against Kremlin spin. But can its successes be translated to the rest of Europe?

No Govt Plan for Cyber Skills: Experts Slam Digital Strategy (Infosecurity Magazine) No Govt Plan for Cyber Skills: Experts Slam Digital Strategy. No plan to address chronic skill shortages

How an Illegal Canadian Spy Program Sailed Through Regulatory Checks (Motherboard) The system failed.

House hearing gives glimpse into cyberwar threats, challenges, opportunities (Fifth Domain | Cyber) Cyber continues to be a domain of warfare in which there are more questions than answers and in which defining the specific problems is as tricky as finding the solutions will prove to be.

DNI nominee puts cyberwarfare at top of threat list (Fifth Domain | Cyber) President Donald Trump's nominee to be the nation's top spy chief, former GOP Sen. Dan Coats, said cyberwar will be one of the top threats facing the U.S. in the years to come, along with terrorism.

Caller ID blocks could be bypassed to trace bomb threats to Jewish centers (Ars Technica) After dozens of bomb threats, FCC considers waiving caller ID privacy rule.

US surveillance law may see no new protections for foreign targets (CSO Online) Any reform of a controversial U.S. law allowing the National Security Agency to spy on people overseas will likely focus on its impact on U.S. residents, without curbing its use elsewhere.

Mass Spying Isn’t Just Intrusive—It’s Ineffective (WIRED) Mass surveillance seems like it would be a valuable national security tool. In reality, it's doesn't help much at all.

FCC stays data security regulations for broadband providers (CSO Online) The U.S. Federal Communications Commission has halted new rules that would require high-speed internet providers to take 'reasonable' steps to protect customer data.

FCC votes to negate broadband privacy rules (TechCrunch) As new FCC Commissioner Aji Pai telegraphed last week, the commission voted today to stay a set of privacy rules for broadband providers, adopted last year,..

The FCC Graciously Sets Internet Providers Free to Sell Your Data (WIRED) Comcast, Verizon, and other ISPs can now sell your personal information without your permission—at least for now.

Time for a cybersecurity grant program for the states (TheHill) OPINION | Good government in the form of infrastructure investment means you need to spend money to save money in the long run – as insurance against galloping innovation and evolving threats and vulnerabilities.

Litigation, Investigation, and Enforcement

Intelligence community seeks answers in aftermath of Harold Martin case - Cyberscoop (Cyberscoop) The arrest and then recent indictment of Harold T. Martin III, a 20-year veteran of the intelligence community who is accused of carrying out the biggest theft of classified information in U.S. history, is causing leaders on Capitol Hill and in the Office of the Director of National Intelligence to re-examine exactly how the government defends …

Obama Administration Rushed to Preserve Intelligence of Russian Election Hacking (New York Times) Obama administration officials scrambled to ensure intelligence of connections between the Trump campaign and Russian officials was preserved after they left office.

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

National Insider Threat Special Interest Group - Insider Threat Symposium & Expo (Laurel, Maryland, USA, July 18, 2017) The National Insider Threat Special Interest Group (NITSIG) is excited to announce that it will hold a 1 day Insider Threat Symposium & Expo (ITS&E), on July 18, 2017, at the Johns Hopkins University Applied Physics Laboratory, (JHU-APL) in Laurel, Maryland. This is a MUST ATTEND event if you are involved in Insider Threat Program Management or are interested in Employee Threat Identification and Mitigation.

upcoming Events

International Cyber Risk Management Conference (ICRMC) (Toronto, Ontario, Canada, March 2 - 3, 2017) The third annual International Cyber Risk Management Conference (ICRMC) brings together a world class roster of experts with cross-sector, global and multidisciplinary expertise to share knowledge, lessons learned, and methodology on cyber security. We are delighted to build on last year’s very successful ICRMC. Cyber security has grown into a global pandemic and organizations of all sizes are struggling with questions on how to mitigate, manage, and transfer cyber risk. We’ve structured our agenda based on delegate feedback and our exceptional 2017 Advisory Committee is determined to provide engaging high-profile speakers and compelling content to share knowledge, captivate and educate. Visit www.icrmc.com for details.

SANS San Jose 2017 (Milpitas, California, USA, March 6 - 11, 2017) Securing and defending your network has never been more important as attacks and breaches make the news daily. Gain the skills and tools you need to win the battle against the wide range of cyber adversaries who want to harm your environment. SANS San Jose 2017 offers six hands-on, intensive cyber security training courses.

Cybersecurity: Defense Sector Summit (Troy, Michigan, USA, March 7 - 8, 2017) Don’t miss out on the opportunity to be a part of the conversation regarding how cybersecurity is impacting not only ground vehicles, but air and maritime platforms. What are the synergies amony Army, Air Force, Navy, and Marine platform cybersecurity initiatives? What can we learn from connected car and autonomous initiatives in the automotive industry? Who and what is driving acquisition reform to ensure agility and speed? What are the supply chain impacts? What are the “seams” that create vulnerabilities? Who and what is driving cybersecurity platform requirements? What is being done to assess execution readiness? What are platform stakeholders doing technically to address vulnerabilities?

15th annual e-Crime & Cybersecurity Congress (London, England, UK, March 7 - 8, 2017) Europe's largest and most sophisticated gathering of senior cybersecurity professionals from international business, governments, law enforcement and intelligence agencies.

ISSA Mid Atlantic Security Conference (Rockville, Maryland, USA, March 10, 2017) Join us for a full day of training by industry leaders discussing some of the latest topics in tactics and techniques for preparing for cyber-attacks. This conference will feature a variety of presentations and cutting edge training opportunities, including hands-on demonstrations and workshops.

Investing in America’s Security: Cybersecurity Issues (Jersey City, New Jersey, USA, March 10, 2017) Please join us for the 5th Annual Northeast Regional Security Education Symposium hosted by the Professional Security Studies Department at New Jersey City University. The Symposium’s keynote address will be delivered by Milan Patel of K2 Intelligence, formerly the FBI’s Cyber Division Chief Technology Officer. Speakers include NJCCIC Director Michael Geraghty. NJCU students pursuing their D.Sc. degree will present academic research posters and a panel of experts will discuss careers in cyber security.

IAPP Europe Data Protection Intensive 2017 (London, Englan, UK, March 13 - 16, 2017) Set in London, the Data Protection Intensive delivers innovative solutions to today’s top privacy and data protection challenges. Known for its exceptional programming, the Intensive has come into its own as a leading forum for practical data protection education.

Rail Cyber Security Summit (London, England, UK, March 14 - 15, 2017) Now in its second year, the event will take place at the Copthorne Tara Kensington hotel in London between March 14th and 15th 2017 and will feature a range of experts from the rail transport industry, as well as leading Government and global cyber security leaders and academics working in the field.

CyberUK 2017 (Liverpool, England, USA, March 14 - 16, 2017) Announcing the UK government's flagship IA and cyber security event, for 2017. This is a three day event that will bring together cyber security leaders and professionals from across the UK’s information security communities from both the public and private sector. The NCSC’s partnership with information security businesses of all sizes is essential in strengthening the UK’s cyber resilience. CyberUK 2017 will play a key role in defining the role industry must play in achieving this step change, and is expected to attract 1,600 information assurance (IA) and cyber security leaders and professionals.

Cybersecurity: The Leadership Imperative (New York, New York, USA, March 16 - 17, 2017) Cyber risk impacts every element of your organization – and even the most brilliant information security expertise must be supported by a cross-functional cybersecurity structure and culture to succeed. Cybersecurity: The Leadership Imperative will provide case studies and actionable insights on building and maintaining a structure in which leaders across the organization are able to work together seamlessly to comprehend, measure and respond to cyber risk challenges.

BSides Canberra (Canberra, Australia, March 17 - 18, 2017) BSidesCbr is a conference designed to advance the body of Information Security knowledge, by providing an annual, two day, open forum for discussion and debate for security engineers and their affiliates. We produce a conference that is a source of education, collaboration, and continued conversation for information technologists and those associated with this field. The technical and academic presentations at BSidesCbr are given in the spirit of peer review and advanced knowledge dissemination. This allows the field of Information Security to grow in breadth and depth, and continue in its pursuit of highly advanced scientifically based knowledge.

Cyber Resilience Summit: Securing Systems inside the Perimeter (Reston, Virginia, USA, March 21, 2017) As the journey to secure our nation’s IT cyber infrastructure gains momentum, it is important to apply proven standards and methodologies that reduce risk and help us meet objectives for acquiring, developing and sustaining secure and reliable software-intensive systems. The theme of our upcoming Cyber Resilience Summit is Securing Systems inside the Perimeter. Defending the network is NOT enough. The most damaging of system failures and security breaches are caused by vulnerabilities lurking inside the network at the application layer.

European Smart Grid Cyber Security (London, England, UK, March 21 - 22, 2017) European Smart Grid Cyber Security 2017 offers a unique opportunity to network with senior experts in cyber security from government, utilities, TSOs, regulators, solution providers, security consultants, senior engineers and more. Join us to hear from a range of European utility companies present what their strategic programmes are doing regarding cyber security. As well as discuss how communication issues between IT and OT departments can be overcome and learn how to make your company compliant.

Maryland Cybersecurity Awards Celebration (Baltimore, Maryland, USA, March 22, 2017) Help us celebrate the best and brightest of the Maryland cyberscurity community as we honor the companies, organizations, and individuals that have protected businesses and government agencies with their cutting-edge technologies; thwarted cyber criminals with their outstanding cybersecurity services; demonstrated exemplary knowledge, expertise, leadership and innovative thinking; or made a significant contribution to Maryland’s cybersecurity ecosystem.

Integrated Adaptive Cyber Defense (IACD) Community Day (Laurel, Maryland, USA, March 23, 2017) Advancing cyber operations through secure automation & interoperability. Government agencies, commercial firms, research organizations, academic institutions and cyber security experts align in community efforts demonstrating cyber defenses art-of-the-possible, through automation and interoperability. Learn how to dramatically change the timeline and effectiveness of cyber defenses, increase community awareness and defensive capabilities. Free event, registration requested.

SANS Pen Test Austin 2017 (Austin, Texas, USA, March 27 - April 1, 2017) Every organization needs skilled people who know how to find vulnerabilities, understand risk, and help prioritize resources based on mitigating potential real-world attacks. That's what SANS Pen Test Austin is all about! If you like to break things, put them back together, find out how they work, and mimic the actions of real-world bad guys, all the while providing real business value to your organization, then this event is exactly what you need.

IT Security Entrepreneurs' Forum Bridging the Gap Between Silicon Valley & the Beltway (Mountain View, California, USA, March 28 - 29, 2017) SINET – Silicon Valley provides a venue where entrepreneurs can meet and interact directly with leaders of government, business and the investment community in an open, collaborative environment focused on identifying solutions to Cybersecurity challenges.

Insider Threat 2017 Summit (Monterey, California, USA, March 29 - 30, 2017) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical security considerations. A heightened awareness of insider threats due to numerous newsworthy attacks and unauthorized leaks has brought us together for one main purpose: To better understand security challenges in order to better defend against insider threats.

2nd Annual Billington International Cybersecurity Summit (Washington, DC, USA, March 30, 2017) The 2nd Annual Billington International Cybersecurity Summit on March 30, 2017 at the National Press Club in Washington, DC will feature over 300 world class cybersecurity decision-makers from allied nations and the US in an intensive day of knowledge exchange and relationship building. NOTE: Attendees must be citizens of the U.S. or allied nations to attend this event. The summit, which will attract senior influencers in cybersecurity from allied nations across the world, has as its theme: Protecting Critical Infrastructure in a Connected World.

Yale Cyber Leadership Forum: Bridging the divide between law, technology, and business (New Haven, Connecticut, USA, March 30 - April 1, 2017) The Yale Cyber Leadership Forum will take place on Yale University's campus and will focus on bridging the divide between law, technology and business in cybersecurity. With McKinsey & Company as our knowledge partner, the Forum will integrate McKinsey’s extensive knowledge of best practices in cybersecurity with Yale’s scholarly expertise. The Forum will expose participants to effective approaches to recognizing, preparing for, preventing, and responding to cyber threats.

WiCyS 2017: Women in Cybersecurity (Tucson, Arizona, USA, March 31 - April 1, 2017) The WiCyS initiative has, since 2013, become a continuing effort to recruit, retain and advance women in cybersecurity. It brings together women (students/faculty/researchers/professionals) in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring.

InfoSec World Conference and Expo 2017 (ChampionsGate, Florida, USA, April 3 - 5, 2017) The conference will feature security practitioners who speak from experience on the real-world challenges companies are facing today. The conference is most suitable for those whose responsibilities include creating solutions. The organizers bill it as a training conference.

Cyber Security Summit: Atlanta (Atlanta, Georgia, USA, April 6, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Atlanta. Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: Atlanta is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

SANS 2017 (Orlando, Florida, USA, April 7 - 14, 2017) Success in information security requires making a commitment to a career of learning, from the fundamentals to advanced techniques. To put you firmly on that learning path, join us at SANS 2017 in Orlando, Florida from April 7-14. This event features over 40 different cutting-edge courses taught by top industry professionals who will provide you with the best available information and software security training. SANS 2017 also features numerous opportunities to learn new skills, techniques, and trends at the SANS@Night talks, Vendor Expo, and Lunch-and-Learn sessions. You will hear about the latest and most important issues in talks led by SANS practitioners who are leading the global conversation on cybersecurity.

Hack In the Box Security Conference (Amsterdam, the Netherlands, April 10 - 14, 2017) Back again at the NH Grand Krasnapolsky, HITB2017AMS takes place from the 10th till 14th of April 2017 and features a new set of 2 and 3-day technical trainings followed by a 2-day conference with a Capture the Flag competition, technology exhibition with hackerspaces, lock picking villages and hardware related exhibits plus a free-to-attend track of 30 and 60 minute talks!

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.