The CyberWire Daily Briefing 3.10.17

Summary

By The CyberWire Staff

WikiLeaks is apparently opening its own version of the Vulnerability Equities Process, offering to share what it says it learned from the Vault 7 leaks with affected software vendors. Companies are advised by US authorities that receiving classified information puts them on legal thin ice.

Some of the anti-virus companies mentioned in Vault 7 as having tough-to-bypass products, notably Bitdefender and Comodo, aren't being shy about letting prospective customers know their reputations as (to quote one leaked remark) "a pain in the posterior."

There's now some speculation about where WikiLeaks got the material it released in Vault 7. WikiLeaks itself says its source was a former US government "hacker." The Voice of America says a US intelligence official commented, on background, that there are some indications the leak came from a CIA contractor. A Federal criminal investigation is in progress.

Predictably, the Chinese government has admonished the Americans in a high-minded way that the US really ought to stop spying.

The Apache Struts remote code execution vulnerability is being actively exploited. Enterprises should patch.

Observers cast doubt on claims that US cyberattacks interfered with North Korean missile test launches.

Trend Micro and Interpol have an interesting report on West Africa's cybercriminal underground. The crooks divide essentially into two categories: "Yahoo Boys" (devoted to lonely-hearts, stranded traveler, and advance fee scams) and "next-level cybercriminals" (more sophisticated financial fraud and business email compromise capers). Both groups are adept at social engineering, although the Yahoo Boys do tend to engineer relatively naive marks.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, Azerbaijan, Canada, Chile, China, Denmark, European Union, France, Germany, Ghana, India, Italy, Democratic Peoples Republic of Korea, Republic of Korea, Nigeria, Pakistan, Russia, Saudi Arabia, Singapore, Spain, Switzerland, Trinidad and Tobago, Turkey, United Arab Emirates, United Kingdom, and United States.

A note to our readers: The CyberWire is a finalist for a Maryland Cybersecurity People's Choice Award, and so we're taking the liberty of asking for your vote. If you enjoy the CyberWire Daily News Briefing and and the CyberWire Podcast, we'd appreciate your support. You can cast your vote here through March 22 (and you don't need to be in Maryland, or even in the US, to do so). Thanks as always for reading and listening.

Podcast Summary

in today's podcast we hear from our partners at the Johns Hopkins University in the person of Joe Carrigan, who talks us through the implications of the SHA-1 collision attack Google recently demonstrated. We also speak with Comodo's Kenneth Geers, who gives us an overview of Comodo's 2016 threat research report.

Special editions we think may be worth your attention are also up. See Perspectives, Pitches, and Predictions from RSA, and an overview of artificial intelligence as it's being applied to security. You may also enjoy some video Cylance took on the RSA floor in partnership with the CyberWire: opinions from the conference.

Cyber Attacks, Threats, and Vulnerabilities

Wikileaks' Cache of Alleged CIA Files Includes Unredacted Names (Motherboard) Although Wikileaks has redacted portions of the cache, and explained why, some names can be found in the dump.

Assange: CIA had lost control of its cyberweapon documents (CSO Online) Information about purported CIA cyberattacks was "passed around" among members of the U.S. intelligence community and contractors before it was published by WikiLeaks this week, Julian Assange says.

Next WikiLeaks worry: the release of the code (USA TODAY) Security experts fear the worst if WikiLeaks releases the computer code for the cyberweapons.

WikiLeaks: We’ll Work With Software Makers on Zero-Days (KrebsOnSecurity) When WikiLeaks on Tuesday dumped thousands of files documenting hacking tools used by the U.S. Central Intelligence Agency, many feared WikiLeaks would soon publish a trove of so-called “zero days,” the actual computer code that the CIA uses to exploit previously unknown flaws in a range of software and hardware products used by consumers and businesses. But on Thursday, WikiLeaks editor-in-chief Julian Assange promised that his organization would work with hardware and software vendors to fix the security weaknesses prior to releasing additional details about the flaws.

Julian Assange Says WikiLeaks Will Help Tech Companies Stop CIA Snooping (WIRED) The big question is if and when Julian Assange follows through on his latest blockbuster promise.

WikiLeaks will share CIA hacking details with companies, but can they use it? (CSO Online) WikiLeaks plans to share details about what it says are CIA hacking tools with the tech companies so that software fixes can be developed. But will software companies want it?

How the CIA’s Hacking Hoard Makes Everyone Less Secure (WIRED) By keeping dozens of its spying tools secret, the CIA may have left billions of people open to being hacked.

Spy Agency Warns WikiLeaks Dump Designed to Damage US Intelligence (VOA) Concern also mounting at White House, which vows to ‘go after people who leak classified information'

WikiLeaks' Vault 7: CIA Gives a Free Lesson in Personal Cyber Security (CircleID) CIA Hacking Tools are the Biggest "So What" of 2017: WikiLeaks' newly released Vault 7 trove is a tantalizing study in how one of the world's premiere intelligence agencies hacks devices.

Newer car tech opens doors to CIA attacks (CSO Online) The revelation that the CIA has looked into hacking vehicles, possibly for the purpose of assassinations, flies in the face of a presidential order requiring U.S. agencies to reveal flaws to manufacturers to protect Americans.

Ga. Experts: Cyber Risks Detailed In Leak Are The New Normal (WABE) WikiLeaks just released thousands of pages it says details how the CIA spies on people using their smartphones, smart TVs and other devices.

Lawmakers Concerned C.I.A. Leaks Could Impact National Security (WJLA) The launch of a full investigation into the leak of a secret C.I.A program is bringing more assurance those documents released on Wikileaks are indeed authentic.While the White House isn’t saying much, concerns about potential harm are becoming more clear.

Wikileaks' Vault 7: What Are 'Zero Day' Vulnerabilities? (Benzinga) A lot of terms on cyberhacking are thrown around these days, especially after the Wikileaks report regarding software tools the CIA used to break into smartphones, computers and...

Azerbaijan: Activists targeted by ‘government-sponsored’ cyber attack (Amnesty International) Azeri human rights activists, journalists and political dissidents have been the targets of a fraudulent and sustained ‘spear phishing’ campaign using emails and Facebook chat, apparently aimed at gaining access to their personal information and private communications, said Amnesty International in a new report launched today.

False Friends: How Fake Accounts and Crude Malware Targeted Dissidents in Azerbaijan – Amnesty Insights (Medium) Rasul Jafarov is a prominent lawyer and human rights defender in Azerbaijan. In mid-October 2016, he received an unexpected phone call.

Did cyber attacks slow down North Korea’s missile progress? (NK PRO) On March 6, 2017, the New York Times published an article arguing that the United States had deployed cyber attacks against North Korea’s missile tests. The article implied that these attacks might have succeeded in causing the failure of several North Korean missile tests, stating: “The North’s missiles soon began to fail at a remarkable pace. Some […]

New Linux Malware Exploits CGI Vulnerability (TrendLabs Security Intelligence Blog) by Jeanne Jocson and Jennifer Gumban Linux has long been the preferred operating system for enterprise platforms and Internet of Things (IoT) manufacturers. Linux-based devices are continually being deployed in smart systems across many different industries, with IoT gateways facilitating connected solutions and services central to different businesses. In connection to their widespread use, we’ve...

Danes targeted by malware spread through Dropbox (CSO Online) Earlier this week, Danish-speaking users were hit by malware spread through Dropbox, but the company responded quickly to shut down the attack

Report: Combatant commands vulnerable to cyber attacks (FCW) Despite making progress against cyber red teams, military combatant command missions are coming up short in defending against nation-state adversaries in training exercises.

Zero Days Have Staying Power (Threatpost) A look at 200 zero day vulnerabilities reveals key details on longevity, value and how long it takes to create one after a software vulnerability has been identified.

Zero-days? Sexy, sure, but crap passwords and phishing are probably more pressing (Register) Security experts poke holes in RAND vulnerability study

We're Secure: Digicel Denies Security Breach (Caribbean360) Telecommunications company Digicel insists its network is safe, reliable and secure, following a claim that Trinidad and Tobago’s prime minister may have had some of his text messages and emails intercepted.

Are you customer of a firm that’s been breached? Look out for more attacks (Naked Security) Customers of the UK telecoms provider TalkTalk have found themselves targeted by scammers – and the advice applies to other firms too

Warning over Apache Struts 2 remote-code execution vulnerability seen being exploited in the wild (Computing) Apache users urged to update ASAP as evidence emerges of increasingly widespread attacks.

Apache Struts bug is under attack, patch now (InfoWorld) Due to the Jakarta Multipart parser in Apache Struts mishandling Content-Type headers, an attacker can remotely execute code on vulnerable systems

Uber Rides Can Expose Key Company Data, Appthority Says (Xconomy) Businesses may want to limit their employees’ use of Uber’s ride-hailing service to protect secrets such as merger discussions and the medical conditions o

640,000 Decrypted PlayStation Accounts Being Sold on DarkWeb (HackRead) Researchers are claiming that Dark Web marketplaces may be disappearing after the cyber attack by Anonymous on 10,000 websites last month but as far as hac

Trojan Android App Bullies Google Play Users Into Giving It 5 Stars (Dark Reading) Users who download Music Mania get pounded by ads until they say uncle.

Security Fail: Hackers Drawn to Energy Sector's Lack of Controls (NewsFactor) Oil and gas companies, including some of the most celebrated industry names in the Houston area, are facing increasingly sophisticated hackers seeking to steal trade secrets and disrupt operations.

Cybercrime in West Africa: Poised for an Underground Market (Trend Micro and Interpol) In some regions of the world, it is a fact that cybercriminal underground markets where criminals sell and/or buy products and services for committing cybercrime exist. But when the phrase “cybercriminal underground market” is uttered, Africa probably would not come to mind.

The West African cybercriminal ecosystem is unlike any other (Help Net Security) While there is still not an actual underground marketplace, cybercrime is pervasive in the West African region. Specifically, scamming operations.

Inside the world of Ghana's internet fraudsters (BBC News) Internet fraudsters in Ghana have their own subculture called the Sakawa boys renowned for partying and conspicuous consumption.

Security Patches, Mitigations, and Software Updates

Google Patched Hundreds of Android Security Flaws in March Update (HackRead) Google is busy in updating its Android OS with the third and probably the largest security patch update that the company will be releasing this year. March

Privilege Escalation Flaw Patched in Schneider Wonderware (Threatpost) Schneider Electric patched a vulnerability in the Tableau Server running in its Wonderware analytics and visualization platform that could allow an attacker to elevate privileges.

Waratek makes virtual patch available for new Struts 2 vulnerability CVE-2017-5638 (Yahoo! Finance) Waratek, the virtualization-based application security company, is offering a Virtual Patch for customers to address a new high severity vulnerability announced this week that exposes organizations using the Struts 2 framework to any general code injection

Cyber Trends

New voke Research Highlights Need for Secure Operations Automation to Close Gap Between Security and Operations Teams (Businesswire) New research from analyst firm voke finds 82% of discovered breaches occurred due to patches pending for months or years, highlights need for secure o

The Connected Toy Conundrum Is Beginning to Boil (Security Week) The prediction business is a tricky thing. You can be right, but until you are proven right, you’re either early or wrong. Being early feels just like being wrong—up until the moment you are right.

A Look Back at RSA 2017: 3 Things I Wish I Saw Less Of (Security Week) Every year, the RSA Conference is an exciting opportunity to get the security industry together to debrief on the past year and look ahead toward how we can ensure more security in the coming months.

Banks spend on IT security is 3x higher than non-financial organisations (Information Age) New research from Kaspersky Lab has revealed the extent to which financial institutions are under pressure to ramp up security

5 cybersecurity predictions for FSI (Networks Asia) Fortinet offers the Top 5 Cybersecurity Threat Predictions for the financial services industry in 2017.

UK Code is Least Secure, Report Finds (Infosecurity Magazine) UK sits bottom of the league table for code security, while financial institutions have worst code overall, Cast report reveals

Marketplace

WikiLeaks Generates Tailwinds for Small-Cap, Tech Stock Qualys (TheStreet) This week's release of U.S. spy secrets by WikiLeaks is yet another indication that cyber security firms will enjoy a bonanza of business. This small-cap is especially appealing.

CISO Transiting From IT Head To Risk Compliance Enabler (CXO Today) With the sophistication of cyber crime syndicates touching new heights, it is imperative for organizations think security beyond an IT issue.

Cisco Live: Attackers have gotten professional about security – so why aren’t more businesses doing the same? (CSO) CSOs that take a reactive approach to security are setting themselves up to fail in the face of attacks from an increasingly agile and professional cybercrime industry, warned speakers at a packed Security Innovation Day that helped to kick off the Cisco Live! 2017 conference in Melbourne.

In Cybersecurity, 'Sales Engineers' Rake in Higher Salaries Than Tech Workers (Dark Reading) Stop coding, start selling, and you could earn 50 percent more.

Cradlepoint Raises $89M to Advance Overlay Network Security (eWeek) Cradlepoint raises $89M in a Series C to grow its cloud managed network overlay service that can help manage and protect devices and organizations.

CrowdStrike Accelerates Significant Growth and Momentum in APAC Region (Yahoo! Finance) CrowdStrike Inc., the leader in cloud-delivered endpoint protection, today announced triple-digit growth in the Asia Pacific region and the appointment of Andrew Littleproud as vice president of APAC.

Google tries to beat AWS at cloud security (CSO Online) New tools that protect enterprise applications running on Google Cloud Platform may help take the spotlight away from AWS and Microsoft Azure

Google adds cloud customers, nabbing Verizon from Microsoft (Information Management) Selling a package of products is the firm's attempt to lure customers from its larger competitors.

Fortscale Named to CRN's "20 Coolest SIEM and Threat Detection Vendors" List (Businesswire) Fortscale Security Ltd., the innovator in machine learning-based user and entity behavior analytics (UEBA) for security, today announced that CRN has

Radware Named Top Provider of Managed Security Services in 13th Annual 2017 Info Security PG’s Global Excellence Awards® (Businesswire) Radware ®, a leading provider of cyber security and application delivery solutions, announced today that Info Security Products Guide, a leading information security research ...

IBM QRadar Named as a Leader in Security Analytics Platforms by Independent Research Firm (Yahoo! Finance) IBM Security (NYSE: IBM ) today announced IBM QRadar , the company's security intelligence platform, has been named a "Leader" and received the ...

Tenable Network Security hires seasoned tech execs to lead revenue, marketing (Technical.ly Baltimore) The Columbia-based cybersecurity company just named its first Chief Revenue Officer and Chief Marketing Officer. They each bring experience with Silicon Valley.

Trend Micro hires former Darktrace country manager Peter Hewett as its new channel director (CRN Australia) Formerly country manager for Darktrace.

Products, Services, and Solutions

New infosec products of the week: March 10, 2017 (Help Net Security) Here's a collection of interesting new products from Adaptiva, Arsenal Recon, Getac, High-Tech Bridge, ioSafe, Veriato and Waterfall Security.

CyberGRX Unveils World’s First Third-Party Cyber Global Risk Exchange (BusinessWIre) CyberGRX, provider of the most comprehensive third-party cyber risk management platform, today unveiled the world’s first cyber risk assessment

Imperva Wins Best Web Application Solution at SC Awards 2017 (Businesswire) Imperva Web Application Firewall (WAF) solutions, SecureSphere WAF and Incapsula WAF, won the Trust Award for best Web Application Solutions at the SC

Thales in deal to provide transparent critical information encryption to BT customers worldwide (VanillaPlus) Thales, a provider of critical information systems, cybersecurity and data security, announced a new global agreement with communications services and solu

Catch emerging strains of ransomware with RansomFree (Help Net Security) Yoel Eilat, Senior Product Manager at Cybereason, talks about RansomFree – free, anti-ransomware protection software, which works on PCs running Windows.

Facebook to listen out for posts from people vulnerable to suicide (Naked Security) Scheme rolling out in the US will refer posts flagged by algorithms to human beings for response

Twitter tests a feature that warns users of profiles with ‘potentially sensitive content’ (TechCrunch) Twitter confirmed it's testing a new feature that flags users' profiles as potentially including "sensitive content." When you click on one of these..

Bolstering security across Google Cloud (Google) Today at Google Cloud Next '17 we launched Identity-Aware Proxy, Data Loss Prevention API, general availability of Key Management System and Security Key enforcement and more.

Darktrace finds more attacks, cuts response time, saves money for Blackhawk Network (Network World) Blackhawk Network gets better visibility into threats with Darktrace Enterprise Immune System, more productivity out of its security analysts and saves money by getting rid of multiple other security platforms.

Kaspersky launches a perfume to help punters sniff out security threats (Inquirer) We sure can smell something

Technologies, Techniques, and Standards

After CIA leak, Intel Security releases detection tool for EFI rootkits (CSO Online) Intel Security has released a tool that allows users to check if their computer's low-level system firmware has been modified and contains unauthorized code.

Blog: Time for cyber risk rethink as new data laws loom (Scottish Legal News) Martin Sloan explains why data risk compliance should be at the top of the boardroom agenda. A recent survey by BAE Systems revealed confusion within many organisations as to who should be responsible for dealing with their response to a cyber-attack. The survey, which obtained responses from over 1,000 IT managers and C-suite executives from across …

Want to improve risk management? Do the basics (CSO Online) Managing security takes time and focus, but “reasonable” efforts will yield significant results, a cybersecurity panel said Wednesday at Boston College.

Cybersecurity: Step One is Collaboration (Power Engineering) Cybersecurity affects many aspects of our society, but perhaps none as significantly as that of power generation.

Automated Next Gen Cybersecurity Will be Based on Intent (Security Week) Implementing intent-based network security (IBNS) takes planning, consideration, and incremental implementation

How to patch your security blind spots (Help Net Security) Despite a lack of foresight about how data protection and security will evolve, organizations have the opportunity to assess their own blind spots.

How to Avoid Becoming the Next Data Breach Headline (Palo Alto Networks Blog) Danielle Kriz shares how to avoid becoming the next data breach headline.

DevSecOps: Building continuous security into IT and app infrastructures (Help Net Security) In this podcast recorded at RSA Conference 2017, Chris Carlson, VP of Product Management, Cloud Agent Platform at Qualys, talks about DevSecOps. Instead of

Deep packet inspection: The smart person's guide (TechRepublic) This comprehensive guide covers everything you need to know about deep packet inspection, the practice of sniffing web connections to reveal sensitive user data and fend off cyberattacks.

How to lower your company’s risk of a cyber attack (Orlando Business Journal) When Donald Trump mused during the first presidential debate that the culprit behind the hack of the Democratic National Committee could be “somebody sitting on their bed that weighs 400 pounds,” he may have echoed a common stereotype of the hacker as couch potato.

Intellipedia Is Wikipedia for Spies, But Could Have Been So Much More (WIRED) Yes, the intelligence community crowdsources, too.

Design and Innovation

Teaching robots to trust (TechCrunch) Robots have begun to play an increasing role in life and death scenarios, from rescue missions to complex surgical procedures. But the question of trust has..

Research and Development

Unisys, Data61 announce security partnership (MICE & BTN) IT firm Unisys and Australia’s CSIRO's Data61 are collaborating on a data analytics solution for automated security risk assessment “capable of detecting potential border security risks posed by travellers, visa applicants, cargo and parcels”.

Academia

Raytheon to Sponsor Collegiate Cyber Defense Competition; Dave Wajsgras Comments (GovCon Executive) Raytheon will sponsor a national cybersecurity competition for college students from more than 220 s

Want a Career in Cybersecurity? Find Out Which Degrees Can Get You There (HackRead) Demand for cybersecurity professionals is high. This is set to continue growing for the foreseeable future and the salaries on offer are generally on the h

Legislation, Policy, and Regulation

After WikiLeaks' CIA dump, China tells U.S. to stop spying (CSO Online) China today asked the U.S. government to stop spying on it, its first reaction to WikiLeaks' disclosure this week of a trove of CIA documents.

CIA hacking shows need for cyber rules (Global Times) WikiLeaks exposes US double standard

Peter Dutton talks up 'homeland security' agency, including Asio and federal police (Guardian) Australia’s immigration minister says mega-department would break down intelligence silos but it’s opposed by attorney general George Brandis

Coming to Terms with the Snooper's Charter (Infosecurity Magazine) The ISPA exists and the IT sector will need to comply with it

China mulls national cryptocurrency in race to digital money (Naked Security) Governments getting involved in cryptocurrencies is a tricky line to walk – so is China doing the right thing give its fraught history with Bitcoin users?

U.S. Digital Service Co-Founder To Stay On (Nextgov) Haley Van Dyck is re-joining the agency.

Uncle Sam May Want You for Cyber War (Military.com) Fears of an "electronic Pearl Harbor" have been with us for years, and cyber security threats grow more profound by the day.

Litigation, Investigation, and Law Enforcement

How Post-Nixon Reforms Created Today's Spy Agency Monsters (Reason.com) The Foreign Intelligence Surveillance Act (FISA) unleashed demons that now seem beyond the government's control.

US spies still won’t tell Congress the number of Americans caught in dragnet (Ars Technica) Electronic surveillance programs Prism, Upstream hang in the congressional balance.

Parsing Clapper (National Review) What he said was probably true, but what he didn’t say was more revealing.

FBI Director Addresses Cyber Security Gathering (Federal Bureau of Investigation) James Comey discussed the current cyber threat landscape, the FBI’s efforts to stay ahead of the threat, and the importance of strong private sector partnerships at the Boston Conference on Cyber Security.

Technology Plays Role in Every Aspect of Crime, Europol Says (Infosecurity Magazine) From the highest levels of organized crime to burglary, criminals are using technology more than ever, Europol report warns

Microsoft allies with Chile government to fight cybercrime (BNamericas) BNamericas is the business intelligence tool for Latin America with data, news, analysis and events to identify job opportunities, projects, companies and contacts

Software results in mistaken arrests, jail time? No fix needed, says judge (Ars Technica) "Clerical errors… will occur regardless of the case management system used by the court."

Could Cyber Command help the military's harassment issues? (The Stack) Marine Corps Sgt. Maj. Ronald Green testifies before hearing that legal recourse is so limited, Cyber Command should be considered as prosecutorial option.

Woman's disturbing story of blackmail shows the dangers of spear phishing (Comparitech) [Note: this article contains disturbing language.] Spear phishing can happen to anyone, as one woman learned when an imposter on Facebook stole all of her accounts and blackmailed her for sexual favors.

The Great Physical Bitcoin Robbery (Motherboard) How do you steal bitcoin, when it's on a coin?

UK Based Carder Boasts Decades of Experience (Wapack Labs) Wapack Labs Analyst is following an established carder who lives in the northwest region of England. He actively posts on various hacker/ca...

Industry Events

For a complete running list of events, please visit the Event Tracker.

Newly Noted Events

4th Annual Cybersecurity Summit (Arlington, Virginia, USA, Mar 14, 2017) Federal agencies are facing ever more sophisticated adversaries and threats that place our privacy, our economy, and our Nation at risk. These cyber threats are diverse and include the prevalence of malicious actors who operate globally at will; the growth of risks from the Internet of Things, and increasingly complex networks, all elevating the security and resilience of cyberspace to a critical homeland security imperative. Exacerbating these challenges is a shortfall in cybersecurity and IT talent that effects not on the Federal government, but the private sector as well. This in-depth, half-day session will gather an all-star line-up of chief information officers, chief information security officers, and other thought leaders from government and industry who will explore growing threats as well as innovative approaches to attract and retain the best cyber talent.

Upcoming Events

ISSA Mid Atlantic Security Conference (Rockville, Maryland, USA, Mar 10, 2017) Join us for a full day of training by industry leaders discussing some of the latest topics in tactics and techniques for preparing for cyber-attacks. This conference will feature a variety of presentations and cutting edge training opportunities, including hands-on demonstrations and workshops.

Investing in America’s Security: Cybersecurity Issues (Jersey City, New Jersey, USA, Mar 10, 2017) Please join us for the 5th Annual Northeast Regional Security Education Symposium hosted by the Professional Security Studies Department at New Jersey City University. The Symposium’s keynote address will be delivered by Milan Patel of K2 Intelligence, formerly the FBI’s Cyber Division Chief Technology Officer. Speakers include NJCCIC Director Michael Geraghty. NJCU students pursuing their D.Sc. degree will present academic research posters and a panel of experts will discuss careers in cyber security.

IAPP Europe Data Protection Intensive 2017 (London, Englan, UK, Mar 13 - 16, 2017) Set in London, the Data Protection Intensive delivers innovative solutions to today’s top privacy and data protection challenges. Known for its exceptional programming, the Intensive has come into its own as a leading forum for practical data protection education.

Rail Cyber Security Summit (London, England, UK, Mar 14 - 15, 2017) Now in its second year, the event will take place at the Copthorne Tara Kensington hotel in London between March 14th and 15th 2017 and will feature a range of experts from the rail transport industry, as well as leading Government and global cyber security leaders and academics working in the field.

CyberUK 2017 (Liverpool, England, USA, Mar 14 - 16, 2017) Announcing the UK government's flagship IA and cyber security event, for 2017. This is a three day event that will bring together cyber security leaders and professionals from across the UK’s information security communities from both the public and private sector. The NCSC’s partnership with information security businesses of all sizes is essential in strengthening the UK’s cyber resilience. CyberUK 2017 will play a key role in defining the role industry must play in achieving this step change, and is expected to attract 1,600 information assurance (IA) and cyber security leaders and professionals.

Cybersecurity: The Leadership Imperative (New York, New York, USA, Mar 16 - 17, 2017) Cyber risk impacts every element of your organization – and even the most brilliant information security expertise must be supported by a cross-functional cybersecurity structure and culture to succeed. Cybersecurity: The Leadership Imperative will provide case studies and actionable insights on building and maintaining a structure in which leaders across the organization are able to work together seamlessly to comprehend, measure and respond to cyber risk challenges.

BSides Canberra (Canberra, Australia, Mar 17 - 18, 2017) BSidesCbr is a conference designed to advance the body of Information Security knowledge, by providing an annual, two day, open forum for discussion and debate for security engineers and their affiliates. We produce a conference that is a source of education, collaboration, and continued conversation for information technologists and those associated with this field. The technical and academic presentations at BSidesCbr are given in the spirit of peer review and advanced knowledge dissemination. This allows the field of Information Security to grow in breadth and depth, and continue in its pursuit of highly advanced scientifically based knowledge.

Cyber Resilience Summit: Securing Systems inside the Perimeter (Reston, Virginia, USA, Mar 21, 2017) As the journey to secure our nation’s IT cyber infrastructure gains momentum, it is important to apply proven standards and methodologies that reduce risk and help us meet objectives for acquiring, developing and sustaining secure and reliable software-intensive systems. The theme of our upcoming Cyber Resilience Summit is Securing Systems inside the Perimeter. Defending the network is NOT enough. The most damaging of system failures and security breaches are caused by vulnerabilities lurking inside the network at the application layer.

European Smart Grid Cyber Security (London, England, UK, Mar 21 - 22, 2017) European Smart Grid Cyber Security 2017 offers a unique opportunity to network with senior experts in cyber security from government, utilities, TSOs, regulators, solution providers, security consultants, senior engineers and more. Join us to hear from a range of European utility companies present what their strategic programmes are doing regarding cyber security. As well as discuss how communication issues between IT and OT departments can be overcome and learn how to make your company compliant.

Maryland Cybersecurity Awards Celebration (Baltimore, Maryland, USA, Mar 22, 2017) Help us celebrate the best and brightest of the Maryland cyberscurity community as we honor the companies, organizations, and individuals that have protected businesses and government agencies with their cutting-edge technologies; thwarted cyber criminals with their outstanding cybersecurity services; demonstrated exemplary knowledge, expertise, leadership and innovative thinking; or made a significant contribution to Maryland’s cybersecurity ecosystem.

Integrated Adaptive Cyber Defense (IACD) Community Day (Laurel, Maryland, USA, Mar 23, 2017) Advancing cyber operations through secure automation & interoperability. Government agencies, commercial firms, research organizations, academic institutions and cyber security experts align in community efforts demonstrating cyber defenses art-of-the-possible, through automation and interoperability. Learn how to dramatically change the timeline and effectiveness of cyber defenses, increase community awareness and defensive capabilities. Free event, registration requested.

SANS Pen Test Austin 2017 (Austin, Texas, USA, Mar 27 - Apr 1, 2017) Every organization needs skilled people who know how to find vulnerabilities, understand risk, and help prioritize resources based on mitigating potential real-world attacks. That's what SANS Pen Test Austin is all about! If you like to break things, put them back together, find out how they work, and mimic the actions of real-world bad guys, all the while providing real business value to your organization, then this event is exactly what you need.

IT Security Entrepreneurs' Forum Bridging the Gap Between Silicon Valley & the Beltway (Mountain View, California, USA, Mar 28 - 29, 2017) SINET – Silicon Valley provides a venue where entrepreneurs can meet and interact directly with leaders of government, business and the investment community in an open, collaborative environment focused on identifying solutions to Cybersecurity challenges.

PCI Security Standards Council: 2017 Middle East and Africa Forum (Cape Town, South Africa, Mar 29, 2017) Join your industry colleagues for a full day of networking and one-of-a-kind partnership opportunities. Whether you want to learn more about updates in the payment card industry or showcase a new product, you’ll find it all at the 2017 Middle East and Africa Forum (MEAF).

Insider Threat 2017 Summit (Monterey, California, USA, Mar 29 - 30, 2017) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical security considerations. A heightened awareness of insider threats due to numerous newsworthy attacks and unauthorized leaks has brought us together for one main purpose: To better understand security challenges in order to better defend against insider threats.

2nd Annual Billington International Cybersecurity Summit (Washington, DC, USA, Mar 30, 2017) The 2nd Annual Billington International Cybersecurity Summit on March 30, 2017 at the National Press Club in Washington, DC will feature over 300 world class cybersecurity decision-makers from allied nations and the US in an intensive day of knowledge exchange and relationship building. NOTE: Attendees must be citizens of the U.S. or allied nations to attend this event. The summit, which will attract senior influencers in cybersecurity from allied nations across the world, has as its theme: Protecting Critical Infrastructure in a Connected World.

Yale Cyber Leadership Forum: Bridging the divide between law, technology, and business (New Haven, Connecticut, USA, Mar 30 - Apr 1, 2017) The Yale Cyber Leadership Forum will take place on Yale University's campus and will focus on bridging the divide between law, technology and business in cybersecurity. With McKinsey & Company as our knowledge partner, the Forum will integrate McKinsey’s extensive knowledge of best practices in cybersecurity with Yale’s scholarly expertise. The Forum will expose participants to effective approaches to recognizing, preparing for, preventing, and responding to cyber threats.

WiCyS 2017: Women in Cybersecurity (Tucson, Arizona, USA, Mar 31 - Apr 1, 2017) The WiCyS initiative has, since 2013, become a continuing effort to recruit, retain and advance women in cybersecurity. It brings together women (students/faculty/researchers/professionals) in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring.

InfoSec World Conference and Expo 2017 (ChampionsGate, Florida, USA, Apr 3 - 5, 2017) The conference will feature security practitioners who speak from experience on the real-world challenges companies are facing today. The conference is most suitable for those whose responsibilities include creating solutions. The organizers bill it as a training conference.

Cyber Security Summit: Atlanta (Atlanta, Georgia, USA, Apr 6, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Atlanta. Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: Atlanta is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

SANS 2017 (Orlando, Florida, USA, Apr 7 - 14, 2017) Success in information security requires making a commitment to a career of learning, from the fundamentals to advanced techniques. To put you firmly on that learning path, join us at SANS 2017 in Orlando, Florida from April 7-14. This event features over 40 different cutting-edge courses taught by top industry professionals who will provide you with the best available information and software security training. SANS 2017 also features numerous opportunities to learn new skills, techniques, and trends at the SANS@Night talks, Vendor Expo, and Lunch-and-Learn sessions. You will hear about the latest and most important issues in talks led by SANS practitioners who are leading the global conversation on cybersecurity.

Unprecedented Counterintelligence Threats: Protecting People, Information and Assets in the 21st Century. (Arlington, Virginia, USA, Apr 10, 2017) This full day symposium will provide insights into evolving threats to the nations security and identify effective ways of addressing them. Highlights Include: A keynote address from National Counterintelligence Executive (NCIX) Bill Evanina. The presentation of a new paper from INSA’s Security Policy Reform Council, “Assessing the Mind of the Malicious Insider,” which discusses the psychological traits and stressors that lead to malicious behavior and identifies continuous evaluation methodologies that can provide early warning of destructive acts. A review of best practices in implementing insider threat programs in the public and private sectors. An assessment of the risks to key supply chains and the prospects of delivering goods uncompromised. A discussion of the greatly overlooked long-term impacts of the 2015 theft of OPM personnel data.

Hack In the Box Security Conference (Amsterdam, the Netherlands, Apr 10 - 14, 2017) Back again at the NH Grand Krasnapolsky, HITB2017AMS takes place from the 10th till 14th of April 2017 and features a new set of 2 and 3-day technical trainings followed by a 2-day conference with a Capture the Flag competition, technology exhibition with hackerspaces, lock picking villages and hardware related exhibits plus a free-to-attend track of 30 and 60 minute talks!

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listeners all over the world, companies trust the CyberWire to get the message out. Learn more.

WikiLeaks offers its version of responsible disclosure. (Speculation about source of leaks centers on unspecified CIA contractor.) Apache Struts RCE flaw being exploited in the wild. Observers doubt US cyber ops interfered with DPRK missile launches. A look at West African cybercrime.