The CyberWire Daily Briefing 3.8.17

Summary

By The CyberWire Staff

Today's news is all about WikiLeaks' dump Tuesday of Vault 7: alleged CIA cyber espionage documents and exploits. The material, if genuine (and early consensus held this to be the case even before Mr. Snowden offered his two cents), demonstrates several things, some surprising, some not so surprising. It is unsurprising, despite the screamer headlines, that the CIA uses cyber espionage tools in its intelligence collection. It's also unsurprising that the CIA cooperates with the other Five Eyes. The documents do suggest that most devices have been and can be hacked (and some in the security industry express concern that criminals will be able to exploit the revelations) but they don't appear to show the sort of global skeleton key into every encrypted system that some hasty reporting has claimed.

Ars Technica, in a sauce-for-the-ganderish mood, reviews CIA's eye-rolling over their NSA sisters' Equation Group mess. The material in WikiLeaks' Vault 7 does suggest that the CIA has significant cyber espionage capability. How the material exited the CIA is so far unknown, but tracking down the leak or leaks will keep investigators employed for some time. The serious security failure also represents the first crisis for new Director of Central Intelligence.

iOS exploits figure prominently in the dump, but Apple says those issues are mostly already patched.

Some maintain (implausibly) that Vault 7 proves Cozy and Fancy Bear were CIA provocations all along.

And Julian Assange says he's under cyberattack.

See the recommended reading for non-WikiLeaks news (there is some).

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, Austria, Canada, France, India, New Zealand, Russia, Saudi Arabia, Turkey, United Kingdom, United States

A note to our readers: The CyberWire is a finalist for a Maryland Cybersecurity People's Choice Award, so we're taking the liberty of asking you to consider voting for us. If you enjoy the CyberWire Daily News Briefing and and the CyberWire Podcast, we'd appreciate your support. You can cast your vote here through March 22. Thanks as always for reading and listening.

On the Podcast

In our podcast today, Dale Drew from our partners at Level 3 Communications talks us through shifts they're seeing in DDoS trends.

Some special editions are worth your attention: Perspectives, Pitches, and Predictions from RSA, and an overview of artificial intelligence as it's being applied to security. You may also enjoy some video Cylance took on the RSA floor in partnership with the CyberWire: opinions from the conference.

Sponsored Events

What we do matters. Join Booz Allen. (Tysons Corner, Virginia, USA, March 15, 2017) Calling all innovators, designers, and coders to solve tough problems. Come interview with Booz Allen and learn about their cutting edge cyber job opportunities.

Tech Talk: Ethereum & Graph Databases (Laurel, Maryland, USA, March 20, 2017) Join Novetta and Cyberwire at Jailbreak Brewery to learn about Ethereum and Graph databases, forward leaning technology transforming how we relate with our data. Mingle with like-minded techies and enjoy craft beer - See you then!

ThreatConnect Webinar: Threat Intelligence Isn’t One Size (Online, March 22, 2017) Threat intelligence (TI) can help any organization better protect themselves. With TI, you can identify threats and add context to them. Once you understand what you are facing, you can take decisive action to better protect your organization.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

WikiLeaks Releases Trove of Alleged C.I.A. Hacking Documents (New York Times) The documents describe agency tools used to hack into smartphones and TVs, as well as to bypass encryption on programs like Signal and WhatsApp.

WikiLeaks dump includes alleged CIA files on how to turn TVs into surveillance tools and crack into smartphones (Los Angeles Times) wikiLeaks has published thousands of documents that it says come from the CIA's Center for Cyber Intelligence

WikiLeaks claims to publish CIA cyber espionage toolkit (Fifth Domain | Cyber) WikiLeaks on Tuesday published thousands of documents purportedly taken from the Central Intelligence Agency's Center for Cyber Intelligence, a dramatic release that appears to provide an eye-opening look at the intimate details of America's cyberespionage toolkit.

How the CIA Can Hack Your Phone, PC, and TV (Says WikiLeaks) (WIRED) A new leak hints at the spooks' digital arsenal, from iOS and Android to Samsung smart TVs.

WikiLeaks Publishes Vault 7, Collection of Alleged CIA Hacking Tools (BleepingComputer) Earlier today, WikiLeaks published a collection of hacking tools which the organization claims belong to the United States Central Intelligence Agency (CIA).

WikiLeaks publishes thousands of documents, claims they come from CIA cyber center (Washington Examiner) WikiLeaks on Tuesday began releasing information it says is the largest ever publication of documents from the CIA, starting with more than 8,700 documents from the agency's high-security network. In a press release, WikiLeaks said the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized 'zero day' exploits, malware remote control systems and associated documentation

WikiLeaks dump shows CIA can use IoT to hack ‘anything, anywhere’ (Naked Security) Documents are evidence that the CIA has been building a stockpile of cyberweapons – and the agency ‘would have been remiss’ not to build these capabilities

Vault 7: Wikileaks reveals details of CIA's hacks of Android, iPhone Windows, Linux, MacOS, and even Samsung TVs (Computing) You name it, the CIA seems to have hacked it - and left their backdoors behind for others to use,Security,Cloud and Infrastructure,Hacking,Threats and Risks ,Android,Apple,Cloud Computing,hacking,Samsung,Security,security,Windows,Edward Snowden,WikiLeaks,Julian Assange

Did WikiLeaks just unmask CIA cyberoperations? (The Christian Science Monitor Passcode) The antisecrecy site released a trove of alleged CIA hacking tools to break into iPhones, Android devices, and connected TV sets to carry out espionage operations.

WikiLeaks Just Dumped a Mega-Trove of CIA Hacking Secrets (WIRED) In a leak of nearly 9,000 documents, WikiLeaks puts the CIA's secrets in the open.

WikiLeaks dump first big test for new CIA head (Fifth Domain | Cyber) The WikiLeaks release poses one of the first big tests for Mike Pompeo, a former GOP congressman from Kansas, who is President Donald Trump's new CIA director.

Alleged CIA hacks rekindle security fears over Silicon Valley tech products (The Mercury News) New WikiLeaks documents, which allegedly reveal CIA efforts to hack into devices made by some of Silicon Valley’s biggest tech companies, are renewing cybersecurity concerns.

Wikileaks’ dump of CIA exploits exposes enterprises to new risks (CSO Online) Corporations concerned about the release of thousands of CIA documents detailing hacks against Apple iOS and Mac OSX, Google’s Android, Microsoft’s Windows, Linux and Solaris need to conduct a fresh round of risk assessment that takes the new revelations into account.

CIA-made malware? Now antivirus vendors can find out (CSO Online) Thanks to WikiLeaks, antivirus vendors will soon be able to figure out if you have been hacked by the CIA.

Exposure of CIA hacking tools renews debate over Americans’ cybersecurity vs. national security (Washington Post) Some advocates argue that the government should reveal, not exploit,vulnerabilities.

Wikileaks, CIA documents and some sober thoughts (CSO Online) So, my less than favorite topic found itself at the top of my reading list today. Wikileaks released a treasure trove of documents today that purport to outline all manner of CIA related operations.

Is the CIA's Weeping Angel spying on TV viewers? (Graham Cluley) Yesterday, WikiLeaks published thousands of pages of what appeared to be leaked internal CIA documents.

Edward Snowden says WikiLeaks’ CIA documents look legit (The Washington Times) Documents released by WikiLeaks alleging the CIA’s ability to compromise and commandeer the world’s most popular electronic devices appear to be authentic examples of its vast but “reckless” hacking prowess, former employee Edward Snowden said Tuesday.

WikiLeaks CIA Dump Gives Russian Hacking Deniers the Perfect Ammo (WIRED) The latest document dump doesn't prove the CIA faked the Russian hacking scandal, but online it doesn't have to.

Twitter reactions to the WikiLeaks CIA data dump (Help Net Security) Here are some interesting Twitter reactions regarding the WikiLeaks release of 8,761 documents and files they claim originate from the CIA.

Global elites' love of iPhone made iOS a prime target of CIA (Cult of Mac) The CIA targeted iPhones and iPads for spying because of the popularity of Apple's devices among the global elite, according to WikiLeaks.

Apple says most vulnerabilities in Wikileaks docs are already patched (TechCrunch) Wikileaks today published a trove of documents, allegedly taken from the CIA, that detail the government's efforts to hack popular devices like iPhones,..

WIKILEAKS 'UNDER ATTACK': Julian Assange press conference SABOTAGED by cyber strike (Express.co.uk) A WikiLeaks press conference where Julian Assange is set to reveal its latest 'Vault7 Year Zero' documents is being rescheduled after it suffered a "cyber attack", the whistleblowing organisation has claimed.

After NSA hacking exposé, CIA staffers asked where Equation Group went wrong (Ars Technica) CIA hackers wasted no time analyzing the blunders made by their NSA counterparts.

Austria condemns Turkish 'cyber attack' on foreign ministry - BelfastTelegraph.co.uk (BelfastTelegraph.co.uk) Turkish hackers have again attacked the Austrian foreign ministry's internet pages amid simmering tensions between the two countries, authorities said.

Report: Democrat Groups Paid Ransoms to Hide Protester Funding (Tennessee Star.) Over a dozen Democratic groups were approached with ransom demands by Russian hackers over protester funding information, according to a Monday report from Bloomberg.

Researchers critique security in messaging app Confide (TechCrunch) White House staffers have been drawn to Confide by its security features, which include messages that require a reader to run their finger over the text as..

FireEye Uncovers Phishing Campaign Targeted at SEC (TheStreet) The firm identified 11 targeted organizations affected by the phishing scheme

Multiple Unpatched Vulnerabilities Discovered in Western Digital NAS Hard Drives (BleepingComputer) Multiple Western Digital MyCloud Networked Attached Storage (NAS) devices are affected by several security flaws, varying in severity, that allow attackers to bypass authentication, execute code on the device, and upload or download user data.

Microsoft suffers authentication outage as Outlook, Hotmail and Skype users are locked out of accounts (Computing) Comms grind to a standstill. Again.,Cloud and Infrastructure ,NetscoutCollaboration,Cloud,Microsoft,Azure

Payments Giant Verifone Investigating Breach (KrebdOnSecurity) Credit and debit card payments giant Verifone [NYSE: PAY] is investigating a breach of its internal computer networks that appears to have impacted a number of companies running its point-of-sale solutions, according to sources.

Verifone security breach may have compromised retail payments systems (Computing) Company admits security breach, but claims that cyber intrusion was only limited.

Honeypot catches social engineering scams on social media (CSO Online) Research company investigates 40,000 fake accounts to find impersonator tactics.

Satan ransomware: old name, new business model (Naked Security) Malware families with occultic names aren’t new, but this ‘Satan’ has a new business model for ransomware: royalties.

Research Scientists Show that Intel SGX can Leak Cryptography Keys ([H]ard|OCP) Intel's SGX or Software Guard Extensions were designed to hide sensitive data such as RSA keys. A team of researchers from Austria's Graz University

The Dark Web Has Shrunk by 85% (BleepingComputer) The number of Dark web services has gone down significantly following the Freedom Hosting II hack that took place at the start of February, and is only around 4,400 services, according to a recently published OnionScan report.

Security Patches, Mitigations, and Software Updates

Dahua security camera owners urged to update firmware after vulnerability found (The State of Security) For its part, Dahua has acknowledged that 11 of its devices with the following model numbers are vulnerable and made firmware updates available for download

WordPress webmasters urged to upgrade to version 4.73 to patch six security holes (WeLiveSecurity) Another day, another important security update for WordPress. Oh boy.

Don't worry, slowpoke Microsoft, we patched Windows bug for you, brags security biz (Register) You snooze, you lose

Google leads ‘guerilla patching’ of big vulnerability in open source projects (Naked Security) Third-party patching of vulnerabilities includes another group patching a Microsoft flaw – and provides a glimpse into a new way of dealing with flaws

Verizon starts rolling March security patch to Google Pixel and Pixel XL (GSMArena.com) Aside from the latest security patch, the update also includes a Bluetooth-related improvement.

Android Nougat released to Verizon Samsung Galaxy S7, S7 edge; update for Galaxy S6, S6 edge delayed (International Business Times, India Edition) Android Nougat has been made available to Verizon subscribers owning Samsung Galaxy S7 and the S7 edge, while the update for the Galaxy S6 and the S6 edge has been deferred indefinitely.

Cyber Trends

Watch Journalists in the 90s Freak Out Over the Destructive ‘Michelangelo’ Virus That Wasn’t - Motherboard (Motherboard) Pheeeeew.

As cyberattacks become more sophisticated, energy industry's controls provide an alluring target (SecurityInfoWatch.com) Vastness of oil and gas operations makes them difficult to secure

Fortune 1000 Companies Breached Nearly Twice As Often As Their Peers (TheStreet) Latest BitSight Insights Report Highlights the Importance of Continuous, Third Party Cyber Risk Assessment When Doing Business with the Fortune 1000

Marketplace

How Has Singapore Telecommunications Limited’s 2015 Trustwave Acquisition Fared So Far? (The Motley Fool Singapore) Singapore Telecommunications Limited (SGX:Z74) spent US$810 million to acquire cyber-security firm Trustwave in late 2015. Let's check in on its progress.

Security vendor RSA introduces new strategy for businesses to take on digital challenges (Financial Post) During his keynote at the 2017 RSA Conference, CTO Zulfikar Ramzan told the crowd that any enterprise has to be a joint venture between business and security

Northrop, Digit All City to Develop Cybersecurity Training Program Under DoD Mentor-Protege Initiative (ExecutiveBiz) Northrop Grumman and Digit All City have partnered under the Defense Department‘s Mentor-Protege program in efforts to boost the nonprofit small disadvantaged business’ capacity to administer cybersecurity training and testing. Northrop said Monday it will help DAC develop the Cyber Warrior Diversity Program that aims to train, test and certify individuals for cybersecurity careers in accordance with DoD’s Information Assurance...

Cylance Taps Industry Leader Christopher Bray to Launch Consumer Division (BusinessWire) Cylance® Inc., the company that revolutionized traditional antivirus with AI-powered prevention that blocks everyday malware along with today&rsqu

Salient CRGT Expands Leadership Role of SVP Larry Rose to Commercial Division (Yahoo! Finance) Salient CRGT, Inc., a leading provider of Agile software development, data analytics, mobility, cyber security, and infrastructure solutions, today announced that Larry Rose, Ph.D. will expand his leadership role at the company. In addition to his Senior Vice

Products, Services, and Solutions

DataEndure and Komprise Provide Complementary Dark Data Assessment To Identify and Address Overspend on Storage and Data Management (PRNewswire) Joint solution delivers customers' savings as much as 70% or more for fast growing data management

Cybrary Launches Cybersecurity Training Management and Skills Assessment Platform (PRWeb) Teams to include micro certifications on critical cybersecurity topics

South River Technologies Releases WebDrive 2017 (Yahoo! Finance) South River Technologies, Inc. , an innovator in secure file transfer, has released WebDrive 2017, a new version of the popular WebDrive File Access Client. WebDrive 2017 adds productivity benefits, including ...

ERPScan Debuts in Gartner Magic Quadrant for Application Security Testing (Yahoo! Finance) ERPScan, a leading provider of Cybersecurity solutions for ERP systems, today announced that it has been positioned by Gartner, Inc. in its February 2017 Application Security Testing Magic Quadrant based on Ability to Execute and Completeness of Vision

Veriato Launches RansomSafe for Ransomware Detection and Protection (Yahoo! Finance) Veriato® today announced Veriato RansomSafe™. RansomSafe detects and stops ransomware attacks on file servers as they occur.

WhiteSource Offers Secure DevOps Release Pipeline with Microsoft Visual Studio 2017 (PRNewswire) WhiteSource, the leader in continuous open source security and...

Varonis Helps the City of San Diego Stop Hundreds of Thousands of Breaches Daily (GlobeNewswire News Room) Varonis Systems, Inc. (NASDAQ:VRNS), a leading provider of software solutions that protect data from insider threats and cyberattacks, today released details on its role in helping the City of San Diego address hundreds of thousands of daily cybersecurity threats.

CorreLog, Inc. Announces Partnership with Micro Focus, Adding Mainframe Security Auditing for ChangeMan SSM Solution (PRWeb) Integration of CorreLog’s zDefender™ for z/OS sends mainframe security event messages from ChangeMan SSM to any client SIEM system in real time, providing security compliance and auditing of z/OS application change tracking

Sophos branches out into unified endpoint management (SearchMobileComputing) Sophos now supports Android containers to separate work and business on BYO devices. The company also bolstered its EMM offering to add unified endpoint management.

OPSWAT's New Metadefender Client Feature Protects Endpoints from Malware on USB Drives (PRWeb) OPSWAT has announced the release of a powerful new Metadefender Client feature that protects endpoints by blocking access to USB drives until they have been scanned by Metadefender.

Interface Masters Technologies Announces Sierra 3352, a Dual Port 10G Encryption NIC Based on Cavium Nitrox III (Benzinga) Interface Masters Technologies, an industry leader and innovator in networking solutions, has announced its second encryption Network Interface Card (NIC) product in the newly re-branded NICs series, Sierra.

CFC unveils cyber response app (Insurance Business) New app allows clients to report a claim in just seconds and receive support within minutes

Check Point Delivers Advanced Cloud Security to Google Cloud Platform (Yahoo! Finance) Check Point ® Software Technologies Ltd. today introduced Check Point vSEC for Google Cloud Platform, delivering advanced security integrated with Google Cloud Platform. ...

Gemalto LTE Cat. 1 solution wins IoT Evolution Connected Home & Building Award (Broadway World) Gemalto LTE Cat. 1 solution wins IoT Evolution Connected Home & Building Award

Game-changing Cambridge technology helps Bromium beat hackers (Cambridge Independent) Bromium pick-up seven new awards

Thales’ Dutch Cybersecurity Operation Center Obtains Two Certificates for Managed Security Services (Sat PR) The cybersecurity operation center of Thales located in Huizen Netherlands, that detects and deals with security incidents around the clock, 24/7, and 365 days a year wherever they may arise, has been awarded ISO 27001:2013 and NEN 7510:2011 certificates by the accreditation provider Lloyds LRQA.

G6 Hospitality Leverages RedOwl to Prevent Insider Threats (Yahoo! Finance) RedOwl, the leading provider of insider risk solutions, today announced that G6 Hospitality, known for its iconic economy lodging brands, Motel 6 and Studio 6 in the U.S. and Canada, has deployed the RedOwl ...

Webroot Security Product Integrates with Kaseya VSA (Channel Partners) Together, Kaseya and Webroot say they will offer customers the security, efficacy, ease of management and cost savings endpoint administrators need to

Prevoty Garners Industry Recognition including Best Web Application Solution from 2017 SC Awards and Info Security Product Guide's 2017 Global Excellence Awards(R) (Yahoo! Finance) Prevoty announced today that Info Security Products Guide, a leading information security research and advisory guide, has named Prevoty a Gold winner of the 2017 Global Excellence Awards® for Best Web ...

Technologies, Techniques, and Standards

What's the value in attack attribution? (CSO Online) Does attack attribution and knowing your adversaries really matter when it comes to securing the enterprise?

GDPR will drive data privacy culture change, warns ICO head Elizabeth Denham (Computing) Data protection and privacy will soon be just good business practice, argues Elizabeth Denham.

What to do when the cloud goes wrong (Computing) Outages even at the biggest vendors can happen, as we saw when much of AWS went down last month. So how should you prepare for these eventualities?

New Research from Security Compass Benchmarks Application Security Practices within the Financial Services Industry (Marketwired) Study to act as a guide for CISOs uncertain of how to begin an application security program, prioritize budget, and set appropriate goals, governance and metrics

The Role of the Security Intelligence Analyst and the Three Main Elements of Cybersecurity (Security Intelligence) Security intelligence analysts must know the three elements of cybersecurity — threat intelligence, event intelligence and enrichment — to thwart threats.

Fighting attackers in the era of data jacking (Help Net Security) Zohar Alon, CEO at Dome9 Security, talks about how attackers can compromise systems, and what security pros can do in order to prevent them.

The CIA Can’t Crack Signal and WhatsApp Encryption, No Matter What You’ve Heard (WIRED) Despite some initial confusion, the CIA hasn't undermined Signal and other important end-to-end encrypted apps.

Want to chat securely? Here’s what to look for in an app (Gant Daily) You’ve probably heard that everyone from activists to White House staff is using secure messaging apps. You might want to start using them, too.

Research and Development

Booz Allen Hamilton to Research Cyber Warfare Applications for US Air Force (Sputnik) Pentagon said that US strategy consultancy Booz Allen Hamilton received a $10 million US Air Force contract to explore new uses for high power electromagnetics and cyber electronic warfare applications.

SK Telecom, Nokia team on quantum cryptography (Telecom Asia) Aim to ensure interoperability and develop solutions for optical transport and the IoT

Legislation, Policy and Regulation

France Abandons Electronic Voting for Citizens Abroad, Cites Security (Dark Reading) The French government made its decision after the national cybersecurity agency warned of a high risk of cyberattacks.

Observations on China’s New International Cyberspace Cooperation Strategy (Lawfare) The Chinese government last week released a new, wide-ranging strategy document (in English and Chinese) for international cooperation on cyberspace issues.

India open to widest cyber security collaboration, says IT minister Ravi Shankar Prasad (Firstpost) The government is open for international collaboration in the field of cyber security and favours handling issue of cyber terrorism in cooperation with other countries, IT Minister Ravi Shankar Prasad said on Tuesday

Comment: Security-agencies oversight legislation lacking (Times Colonist) This week brings a showdown in Parliament that’s been building for nine months. At issue is a bill that many Canadians have never heard of, but is crucial to our national security and intelligence . . .

Peta Credlin: US-style spy agency not needed right now (NewsComAu) Political commentator and former chief-of-staff to Tony Abbott, Peta Credlin, has shut down the need for a US-style Department of Homeland Security in Australia, saying it’s a distraction from more important issues the government faces.

Kremlin-backed media turns on Trump (POLITICO) News outlets funded by Putin’s government rooted for Trump’s election but now relish the chaotic first weeks of his administration.

Cyberwar and Peace (Foreign Affairs) Forget the hype about cyberwar. The cyber era has been defined by the opposite trend: a computer-enabled reduction of political violence, which hacking diminishes by making it easier to engage in sabotage and espionage, two kinds of aggression that fall short of war.

The Cyberwar Information Gap (Defense One) Unlike a conventional military strike, state-on-state cyberattacks can go unreported for years.

Journalism after Snowden: A new age of cyberwarfare (Columbia Journalism Review) Editor’s note: This piece is a chapter in Journalism After Snowden: The Future of Free Press in the Surveillance State, a recently released book from Columbia University Press. The book was part of the Journalism After Snowden initiative, a yearlong series of events and projects from the Tow Center for Digital Journalism in collaboration with...

Terrorism's Terminology (Foreign Affairs) Donald Trump and most of his senior advisers have made a point of using the term “radical Islamic terrorism.” National Security Adviser H. R. McMaster rejects the term, arguing that the terrorists to whom Trump would apply it are, in fact, un-Islamic. Both approaches are flawed. Trump’s use of the term wrongly implies that Islam is somehow inherently associated with terrorism, but McMaster's approach ignores the clear religious dimensions that this phenomenon possesses.

Only lobbyist and politicians matter, not techies (Errata Security) The NSA/CIA will only buy an 0day if they can use it. They can't use it if they disclose the bug. I point this out, yet again, because of ...

The Cyber Coordinator: Let the Dog Bite (who's watching the watchdog?) (cyberdb.co) Recent appointment of US cyber coordinator raise old questions about the impact of this position on of the United States’ overall cyber security posture

Which US states best protect privacy online? - Comparitech (Comparitech) Laws governing online privacy in the US vary widely from state to state. We evaluated each and every state based on 14 key criteria.

Say goodbye to enhanced data privacy, US web surfers (Naked Security) US government halts ruling aimed at giving users control over who has access to their data

WhiteSpace Alliance Predicts United States will Rapidly Move Forward with TV White Space Deployments (PRWeb) Significant license exempt spectrum for TV band Internet access will become available.

Top Marine on video: If you abuse others on social media, 'Do you really want to be a Marine?' (Marine Corps Times) Gen. Robert Neller issued a stern message in the wake of a scandal rocking the Marine Corps.

Risk-Based Cybersecurity Approach Key in HHS IT Strategic Plan (HealthITSecurity) HHS released a new IT strategic plan, including a risk-based approach to cybersecurity and privacy, as well as changes to IT management and shared services.

Litigation, Investigation, and Enforcement

Republicans shrug off Trump wiretap claims (TheHill) “We are laser focused and won’t be distracted by sideshows,” said one GOP lawmaker.

House intel chair: Media take Trump tweets too literally (Military Times) The top Republican on the House intelligence committee said he has not seen any evidence to back President Donald Trump's claim that the Obama administration wiretapped him during the 2016 campaign and suggested the news media were taking the president's weekend tweets too literally.

NSA Whistleblower Backs Trump Up on Wiretap Claims (US News and World Report) Bill Binney, who resigned from NSA in 2001, did not elaborate on President Obama’s specific role in surveilling Trump.

Man behind explosive Trump-Russia dossier breaks silence, is going back to work (Business Insider) Christopher Steele, the former British spy who authored the explosive — and largely unverified — Trump-Russia dossier, goes back to work at Orbis...

FireEye close to settling lawsuit (Register) Nice chunk of change

The Ascendency of Accessibility: Surge in Website Lawsuits Continues (Retail Law Advisor) The proliferation of accessibility lawsuits under Title III of the Americans with Disabilities Act (ADA) has not abated.

Alleged Fort Myers hacker arrested for cyber attack on Calif. company (The News-Press) A 29-year-old Fort Myers man was arrested after an FBI investigation found he allegedly shut down a San Diego software company's website.

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

PCI Security Standards Council: 2017 Middle East and Africa Forum (Cape Town, South Africa, March 29, 2017) Join your industry colleagues for a full day of networking and one-of-a-kind partnership opportunities. Whether you want to learn more about updates in the payment card industry or showcase a new product, you’ll find it all at the 2017 Middle East and Africa Forum (MEAF).

PCI Security Standards Council: 2017Asia-Pacific Community Meeting (Bangkok, Thailand, May 17 - 18, 2017) Two days of networking and one-of-a-kind partnership opportunities await you. Whether you want to learn more about updates in the payment card industry or showcase a new product, you’ll find it all at the 2017 Asia-Pacific Community Meeting.

upcoming Events

ISSA Mid Atlantic Security Conference (Rockville, Maryland, USA, March 10, 2017) Join us for a full day of training by industry leaders discussing some of the latest topics in tactics and techniques for preparing for cyber-attacks. This conference will feature a variety of presentations and cutting edge training opportunities, including hands-on demonstrations and workshops.

Investing in America’s Security: Cybersecurity Issues (Jersey City, New Jersey, USA, March 10, 2017) Please join us for the 5th Annual Northeast Regional Security Education Symposium hosted by the Professional Security Studies Department at New Jersey City University. The Symposium’s keynote address will be delivered by Milan Patel of K2 Intelligence, formerly the FBI’s Cyber Division Chief Technology Officer. Speakers include NJCCIC Director Michael Geraghty. NJCU students pursuing their D.Sc. degree will present academic research posters and a panel of experts will discuss careers in cyber security.

IAPP Europe Data Protection Intensive 2017 (London, Englan, UK, March 13 - 16, 2017) Set in London, the Data Protection Intensive delivers innovative solutions to today’s top privacy and data protection challenges. Known for its exceptional programming, the Intensive has come into its own as a leading forum for practical data protection education.

Rail Cyber Security Summit (London, England, UK, March 14 - 15, 2017) Now in its second year, the event will take place at the Copthorne Tara Kensington hotel in London between March 14th and 15th 2017 and will feature a range of experts from the rail transport industry, as well as leading Government and global cyber security leaders and academics working in the field.

CyberUK 2017 (Liverpool, England, USA, March 14 - 16, 2017) Announcing the UK government's flagship IA and cyber security event, for 2017. This is a three day event that will bring together cyber security leaders and professionals from across the UK’s information security communities from both the public and private sector. The NCSC’s partnership with information security businesses of all sizes is essential in strengthening the UK’s cyber resilience. CyberUK 2017 will play a key role in defining the role industry must play in achieving this step change, and is expected to attract 1,600 information assurance (IA) and cyber security leaders and professionals.

Cybersecurity: The Leadership Imperative (New York, New York, USA, March 16 - 17, 2017) Cyber risk impacts every element of your organization – and even the most brilliant information security expertise must be supported by a cross-functional cybersecurity structure and culture to succeed. Cybersecurity: The Leadership Imperative will provide case studies and actionable insights on building and maintaining a structure in which leaders across the organization are able to work together seamlessly to comprehend, measure and respond to cyber risk challenges.

BSides Canberra (Canberra, Australia, March 17 - 18, 2017) BSidesCbr is a conference designed to advance the body of Information Security knowledge, by providing an annual, two day, open forum for discussion and debate for security engineers and their affiliates. We produce a conference that is a source of education, collaboration, and continued conversation for information technologists and those associated with this field. The technical and academic presentations at BSidesCbr are given in the spirit of peer review and advanced knowledge dissemination. This allows the field of Information Security to grow in breadth and depth, and continue in its pursuit of highly advanced scientifically based knowledge.

Cyber Resilience Summit: Securing Systems inside the Perimeter (Reston, Virginia, USA, March 21, 2017) As the journey to secure our nation’s IT cyber infrastructure gains momentum, it is important to apply proven standards and methodologies that reduce risk and help us meet objectives for acquiring, developing and sustaining secure and reliable software-intensive systems. The theme of our upcoming Cyber Resilience Summit is Securing Systems inside the Perimeter. Defending the network is NOT enough. The most damaging of system failures and security breaches are caused by vulnerabilities lurking inside the network at the application layer.

European Smart Grid Cyber Security (London, England, UK, March 21 - 22, 2017) European Smart Grid Cyber Security 2017 offers a unique opportunity to network with senior experts in cyber security from government, utilities, TSOs, regulators, solution providers, security consultants, senior engineers and more. Join us to hear from a range of European utility companies present what their strategic programmes are doing regarding cyber security. As well as discuss how communication issues between IT and OT departments can be overcome and learn how to make your company compliant.

Maryland Cybersecurity Awards Celebration (Baltimore, Maryland, USA, March 22, 2017) Help us celebrate the best and brightest of the Maryland cyberscurity community as we honor the companies, organizations, and individuals that have protected businesses and government agencies with their cutting-edge technologies; thwarted cyber criminals with their outstanding cybersecurity services; demonstrated exemplary knowledge, expertise, leadership and innovative thinking; or made a significant contribution to Maryland’s cybersecurity ecosystem.

Integrated Adaptive Cyber Defense (IACD) Community Day (Laurel, Maryland, USA, March 23, 2017) Advancing cyber operations through secure automation & interoperability. Government agencies, commercial firms, research organizations, academic institutions and cyber security experts align in community efforts demonstrating cyber defenses art-of-the-possible, through automation and interoperability. Learn how to dramatically change the timeline and effectiveness of cyber defenses, increase community awareness and defensive capabilities. Free event, registration requested.

SANS Pen Test Austin 2017 (Austin, Texas, USA, March 27 - April 1, 2017) Every organization needs skilled people who know how to find vulnerabilities, understand risk, and help prioritize resources based on mitigating potential real-world attacks. That's what SANS Pen Test Austin is all about! If you like to break things, put them back together, find out how they work, and mimic the actions of real-world bad guys, all the while providing real business value to your organization, then this event is exactly what you need.

IT Security Entrepreneurs' Forum Bridging the Gap Between Silicon Valley & the Beltway (Mountain View, California, USA, March 28 - 29, 2017) SINET – Silicon Valley provides a venue where entrepreneurs can meet and interact directly with leaders of government, business and the investment community in an open, collaborative environment focused on identifying solutions to Cybersecurity challenges.

Insider Threat 2017 Summit (Monterey, California, USA, March 29 - 30, 2017) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical security considerations. A heightened awareness of insider threats due to numerous newsworthy attacks and unauthorized leaks has brought us together for one main purpose: To better understand security challenges in order to better defend against insider threats.

2nd Annual Billington International Cybersecurity Summit (Washington, DC, USA, March 30, 2017) The 2nd Annual Billington International Cybersecurity Summit on March 30, 2017 at the National Press Club in Washington, DC will feature over 300 world class cybersecurity decision-makers from allied nations and the US in an intensive day of knowledge exchange and relationship building. NOTE: Attendees must be citizens of the U.S. or allied nations to attend this event. The summit, which will attract senior influencers in cybersecurity from allied nations across the world, has as its theme: Protecting Critical Infrastructure in a Connected World.

Yale Cyber Leadership Forum: Bridging the divide between law, technology, and business (New Haven, Connecticut, USA, March 30 - April 1, 2017) The Yale Cyber Leadership Forum will take place on Yale University's campus and will focus on bridging the divide between law, technology and business in cybersecurity. With McKinsey & Company as our knowledge partner, the Forum will integrate McKinsey’s extensive knowledge of best practices in cybersecurity with Yale’s scholarly expertise. The Forum will expose participants to effective approaches to recognizing, preparing for, preventing, and responding to cyber threats.

WiCyS 2017: Women in Cybersecurity (Tucson, Arizona, USA, March 31 - April 1, 2017) The WiCyS initiative has, since 2013, become a continuing effort to recruit, retain and advance women in cybersecurity. It brings together women (students/faculty/researchers/professionals) in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring.

InfoSec World Conference and Expo 2017 (ChampionsGate, Florida, USA, April 3 - 5, 2017) The conference will feature security practitioners who speak from experience on the real-world challenges companies are facing today. The conference is most suitable for those whose responsibilities include creating solutions. The organizers bill it as a training conference.

Cyber Security Summit: Atlanta (Atlanta, Georgia, USA, April 6, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Atlanta. Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: Atlanta is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

SANS 2017 (Orlando, Florida, USA, April 7 - 14, 2017) Success in information security requires making a commitment to a career of learning, from the fundamentals to advanced techniques. To put you firmly on that learning path, join us at SANS 2017 in Orlando, Florida from April 7-14. This event features over 40 different cutting-edge courses taught by top industry professionals who will provide you with the best available information and software security training. SANS 2017 also features numerous opportunities to learn new skills, techniques, and trends at the SANS@Night talks, Vendor Expo, and Lunch-and-Learn sessions. You will hear about the latest and most important issues in talks led by SANS practitioners who are leading the global conversation on cybersecurity.

Hack In the Box Security Conference (Amsterdam, the Netherlands, April 10 - 14, 2017) Back again at the NH Grand Krasnapolsky, HITB2017AMS takes place from the 10th till 14th of April 2017 and features a new set of 2 and 3-day technical trainings followed by a 2-day conference with a Capture the Flag competition, technology exhibition with hackerspaces, lock picking villages and hardware related exhibits plus a free-to-attend track of 30 and 60 minute talks!

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.