The CyberWire Daily Briefing 3.29.17

Summary

By The CyberWire Staff

Hong Kong's Registration and Electoral Office has disclosed that the loss of two laptops taken from a locked room in the AsiaWorld-Expo conference center has exposed the personal information of some 3.7 million voters. The laptops are said to be encrypted, but how strong that encryption might be is unknown.

Just as physical loss can pose a threat to data and systems, so too can things physically found. Canada's Carleton University sustained a ransomware attack in November 2016, but the university has now found another, hardware-delivered threat: USB sticks left strewn about the campus. The devices contain a keylogger. It's unclear whether there have been any successful infections.

Trend Micro reports that Microsoft Internet Information Services (IIS) 6.0 is vulnerable to a buffer overflow attack. This zero day is thought to have been exploited in the wild in July or August of 2016.

Trend Micro also reports that Cerber ransomware has shown signs of evolution into a more evasive form: it now has loaders delivered by self-extracting Dropbox files which seem designed to avoid detection by machine-learning security tools.

Researchers at Cure53 disclose bugs in Siemens RUGGEDCOM ROX I VPN industrial communication endpoints and firewalls. There are no patches, but Siemens has issued advice on mitigating the vulnerabilities.

VMWare has issued patches for moderate-to-critical vulnerabilities found in three of its products: ESXi, Workstation, and Fusion.

The Finnish Security Intelligence Services have released their annual report on national security. The cyber threat, especially from Finland's large Russian neighbor, receives prominent attention.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Canada, China, Colombia, European Union, Finland, Germany, Israel, Russia, United Kingdom, and United States.

A note to our readers: Once our current coverage of SINET ITSEF concludes this evening, we'll be headed to tomorrow's Billington International Cybersecurity Summit in Washington, DC, and to the annual Women in Cyber Security (WiCyS) conference in Tucson, Arizona, opening Friday.

On the Podcast

In today's podcast, our partners from the Johns Hopkins University, represented by Joe Carrigan, will tell us about the curious case of an Internet-of-toys (IoT) teddy bear that can't keep a secret. Our guest, David Kidd from Peak10, discusses how to navigate compliance issues.

Special editions of the podcast are also up. See Perspectives, Pitches, and Predictions from RSA, and an overview of how artificial intelligence is being applied to security.

Sponsored Events

SINET ITSEF 2017 (Silicon Valley, CA, USA, March 28 - 29, 2017) SINET – Silicon Valley provides a venue where entrepreneurs can meet and interact directly with leaders of government, business and the investment community in an open, collaborative environment focused on identifying solutions to Cybersecurity challenges.

The Cyber Security Summit: Atlanta and Dallas (Atlanta, GA, USA, April 6, 2017) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts.

Jailbreak Security Summit - Insecurity Tools (Laurel, Maryland, USA, April 28, 2017) Join some of the world's best security researchers as they talk about vulnerabilities in security tools at the only computer security event held at a production brewery. Attendance is limited to 100 to keep the Security Summit small and encourage conversation between speakers, attendees, and sponsors.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

Hong Kong’s 3.7 Million Voters Exposed in Massive Breach (Infosecurity Magazine) Hong Kong’s 3.7 Million Voters Exposed in Massive Breach. Encrypted details are stolen on two laptops

45% of Israeli firms preparing for Anonymous cyber attack (Globes) People associated with the hackers' organization are threatening to attack Israel's cyber infrastructure.

IIS 6.0 Vulnerability Leads to Code Execution (TrendLabs Security Intelligence Blog) Microsoft Internet Information Services (IIS) 6.0 is vulnerable to a zero-day Buffer Overflow vulnerability (CVE-2017-7269) due to an improper validation of an ‘IF’ header in a PROPFIND request.

One of the most dangerous forms of ransomware has just evolved to be harder to spot (ZDNet) Malicious loaders delivered by self-extracting Dropbox files enable payloads to bypass detection.

Cerber Starts Evading Machine Learning (TrendLabs Security Intelligence Blog) CERBER is a ransomware family which has adopted a new technique to make itself harder to detect: it is now using a new loader which appears to be designed to evade detection by machine learning solutions. This loader is designed to hollow out a normal process where the code of CERBER is instead run.

DoubleAgent ‘vulnerability’ – just how bad is it? (Naked Security) The saga of DoubleAgent is, among other things, a good reminder that ordinary users shouldn’t have admin privileges

Adware Replaces Phone Numbers for Security Firms Returned in Search Results (BleepingComputer) A new adware family named Crusader will rewrite tech support phone numbers returned in Google search results, display ads, and show popups pushing tech support scams.

Siemens RUGGEDCOM industrial communication devices vulnerable to remote attacks (Help Net Security) Siemens RUGGEDCOM ROX I VPN endpoints and firewall devices sport flaws that can be exploited by attackers to perform actions with administrative privileges.

Microsoft Offers Analysis of Zero-Day Exploited By Zirconium Group (Threatpost) Microsoft patched a zero-day vulnerability actively used in a campaign by a hacking group known as Zirconium.

Cybercriminals Are Building an Army of Things Creating a Tipping Point for Cybersecurity (Fortinet Blog) Cybercrime is big business, and is growing at an exponential rate. British insurer Lloyd’s of London estimated the...

Stay safe - We spoke with Eset about the latest threats to mobile security (Pocket Gamer) Some of us may find ourselves guilty of taking a relaxed attitude to online security from time to time, perhaps even kidding ourselves into thinking that cyber-attacks are something that only really a...

Cybercrooks shifting to mobile malware, Nokia report (SC Magazine US) Nokia resarchers said threat actors are shifting from traditional malware to mobile malware

10 security risks of wearables (CSO Online) Fitness trackers may not present a huge security risk, but any connected device can be hacked. Here’s what you need to know to minimize those security and privacy threats.

Security flaws found in 'panic button' for Colombian activists, journalists (TheHill) The device can be reconfigured without a password and sensitive information can be accessed without much security.

Someone Left USB Keyloggers on Computers Across a University Campus in Canada (Motherboard) Carleton University fell victim to a ransomeware attack in November.

Hacker Steals Millions of Accounts from Yu-Gi-Oh Fan Project ‘Dueling Network’ (Motherboard) It appears the hacker made off with at least 6.5 million email addresses and poorly hashed passwords.

Phishers offer WoW players free in-game pets (Help Net Security) A WoW phishing email seemingly coming from Blizzard Entertainment, offering a gift of in-game pets, is targeting avid players.

6 reasons why phishing is so popular and successful (IT Governance Blog) Phishing attacks are increasing in number and evolving in variety (newer methods include spear phishing and CEO fraud), putting at risk millions of users worldwide – actually, everyone with an email...

Kaspersky: Criminals Make 95% Profit on DDoS (Infosecurity Magazine) Ordering a DDoS attack has become as easy as ordering the latest bestseller from Amazon—and can offer incredible ROI.

Russian Troll Factory Open for Business (Wapack Labs) Russian media source, RBC, is claiming English-speaking pro-Trump groups, Facebook Secured Borders, and Twitter Tea Party News are operated by a Russian “Troll Factory.”

Users of Microsoft Office 365 leaking their data onto Bing and Google after 'over sharing' (Computing) Office 365 users inadvertently sharing their documents with all and sundry

FBI warns InfraGard members of 'malicious,' copy cat website - CyberScoop (Cyberscoop) The FBI has warned members of its InfraGard program that a website is mimicking its genuine Infragard.org property, requesting login credentials for the bureau’s information sharing platform.

Expert: NY breach report highlights third-party risk (CSO Online) New York reported a record high number of breaches last year, just after a new set of cybersecurity regulations went into effect in the state.

Security Patches, Mitigations, and Software Updates

Critical VMware vulnerabilities disclosed (SANS Internet Storm Center) VMware released a security bulletin[1] with moderate to critical vulnerabilities. The following products are affected...

Apple Patches Hundreds of Vulnerabilities Across Product Lines (Security Week) Apple on Monday released security patches for its macOS and macOS Server, iOS, watchOS, tvOS, Safari, and Pages, to address over 200 vulnerabilities.

Microsoft releases KB 3191855 to fix botched Excel 2010 security patch (InfoWorld) The new patch fixes KB 3178690 from March 14 that clobbers Excel 2010

Microsoft Security Update Guide Portal (The Windows Club) The new Microsoft Security Update Guide Portal outlines steps for deploying Security Updates & how to use available resources effectively to make an IT environment secure.

Here’s all the new stuff in Apple’s latest security document (TechCrunch) Hey guess what? Apple has a new security whitepaper! Apple only releases these things once every few years, and they represent the public's only window into..

Cyber Trends

Tributes Flood in as Industry Veteran Genes Passes Away (Infosecurity Magazine) Tributes Flood in as Industry Veteran Genes Passes Away. Trend Micro CTO was 54

Modern security programs: Artificial intelligence and machine learning (Help Net Security) Only 28% of researchers said they are “very confident” that their executive teams have a good handle on cybersecurity at their organization.

Carbon Black warns that artificial intelligence is not a silver bullet (SC Magazine UK) The research found that the roles of AI and ML in preventing cyber-attacks have been met with both hope and skepticism.

AI will transform information security, but it won’t happen overnight (CSO Online) Artificial Intelligence technologies are evolving quickly, but can they aid an InfoSec community still grappling with default passwords and SQLi attacks?

Cybersecurity Pros Brace for Non-Malware Attacks (eSecurity Planet) Today's IT security experts are wary about much more than dangerous viruses and other malware, finds a new survey from Carbon Black.

Traditional Defenses Can’t Keep Up With Modern Adversaries, Akamai CEO Says (MeriTalk) Due to the speed and sophistication of modern hackers along with increasing demands on government networks, traditional methods of cyber defense aren’t enough to protect agency data, according to Akamai CEO Tom Leighton.

Marketplace

Exclusive: Mach37 is striking out on its own — and raising a fund too (Washington Business Journal) Mach37, which was founded in 2013 and operates under the umbrella of Virginia’s Center for Innovative Technology, is looking for office space.

3 Hated Stocks That Could Make You Rich (The Motley Fool) JCPenney, Infinera, and Palo Alto Networks could be great rebound plays for contrarian investors.

Hewlett Packard Enterprise - A Double Spin-Off Offering At Least 50% Upside But Likely To Be Significantly More (Seeking Alpha) HPE shares are currently offering at least 50% share price upside even if management is unable to deliver on the proposed benefits of both of the spin-offs. The

Symantec Reaping the Benefits of Blue Coat Acquisition (eWEEK) Symantec Growing After Blue Coat Acquisition

Cyber-security firm ditches downtown office for suburbs (Indianapolis Business Journal) Rook Security has relocated to Carmel from downtown Indianapolis and ultimately hopes to land in Fishers.

OWL Cybersecurity Adds Two to Advisory Board (Yahoo! Finance) OWL Cybersecurity, a Denver-based cybersecurity company offering what it believes to be the world’s largest commercially available database of DARKINT, darknet intelligence, today announced D.

Products, Services, and Solutions

Virtru Receives 2016 Google Cloud Global Partner Award for Solution Innovation (BusinessWire) Virtru, a trusted provider of business privacy and data protection to more than 5,000 organizations around the world, has received the Google Cloud Gl

ESET/Eurosecure Partners With Mullvad Throughout Entire Nordic Region (PRNewswire) Mullvad is a VPN service that keeps your online activity, identity, and location private. Now Eurosecure, distributor of ESET antivirus software products in Scandinavia, has signed a partnership agreement with Mullvad.

NextLabs Releases New Entitlement Management Product for SAP S/4HANA (PRNewswire) NextLabs®, Inc. (www.nextlabs.com), an SAP partner and leading...

Qualys Delivers Continuous Security and Compliance to Google Cloud Platform Customers (PRNewswire) Certified Virtual Scanner Appliance available today in Google Cloud Launcher

Cyber security package unveiled for industrial networks (Marine Electronics & Communications) Waterfall Security Solutions has teamed up with insurance provider CNA Hardy and risk management group THB to create industrial cyber protection. Together they will provide cyber security packages to industrial businesses, including offshore and maritime.

Website Performance Bootcamp: Quiz-based training course (Help Net Security) The Website Performance Bootcamp is an online portal that provides quiz-based technical training for website acceleration and content optimization.

Comodo launches no-cost DNS security for businesses (BetaNews) Malicious websites provide a haven for malware and other threats to lurk, waiting for users to click links in emails or on other sites to contract an infection.

Cloud Distribution signs up AV replacement player CrowdStrike (MicroscopeUK) Cloud Distribution has extended its security coverage with the signing of endpoint protection player CrowdStrike

Sophos Intercept X Brings an End to Ransomware (eSecurity Planet) Intercept X from Sophos brings a bandolier of silver bullets to the ransomware fight, leaving cybercriminals scattering for cover.

OPSWAT Partners with Light Point Security to Offer Full Browser Isolation with Threat-Free Downloads via Content Disarm and Reconstruction (OPSWAT) OPSWAT and Light Point Security offer a joint solution that combines Light Point Security's browsing isolation solution with OPSWAT's data sanitization.

Callsign integrates its IDA technology with ForgeRock platform (Planet Biometrics) Digital authentication provider Callsign has announced it has integrated its Intelligence Driven Authentication (IDA) with the identity management firm ForgeRock’s platform.

enSilo Adds NGAV Support to Remove Redundant Security and Remediation Expenditures (Yahoo! Finance) enSilo, the company that has redefined endpoint security, today announced the release of its expanded platform, which includes a built-in next-generation antivirus (NGAV) solution. This addition gives enSilo the most effective preventative endpoint security

nuPSYS Collaborates with Bosch (Yahoo! Finance) nuPSYS—an innovation leader in Internet of Things (IoT) solutions for physical security, infrastructure, and networks—is pleased to announce its 3D-Advanced Mapping is now integrated with the Bosch Video Management System (Bosch VMS).

Technologies, Techniques, and Standards

Feds to battle cybersecurity with analytics (CSO Online) With more real-time information sharing, officials envision cyber defenses moving from 'vaccine' to 'immune system,' a big analytics project that could achieve something like automatic security.

Don't forget to pack security for the journey to the cloud (Help Net Security) The Qualys Cloud Platform provides consistent, uniform, scalable, and effective visibility of security and compliance posture for cloud IT environments.

Commercial IoT: Big Trouble in Small Devices (Dark Reading) There are endless scenarios where hackers could wreak havoc on the industrial Internet of Things. There's also a readily available solution called 'HIP.'

Europe struggles to tackle cyber attacks in aviation (EURACTIV.com) Cyber threats to the aviation sector are rapidly becoming a major issue for airlines, aircraft manufacturers and authorities. But Europe is finding legacy problems and new challenges to address cyber risks for its air transportation systems.

Is your Cloud Governance Agility Enough to Keep up with DevOps? (Infosecurity Magazine) Agility rules when it comes to DevOps, yet cloud governance models follow structured methods.

Cyberspace: An unregulated playing field (SC Magazine US) A fifth domain serving as a great force multiplier for free expression and commerce, cyberspace is also an open, unregulated playing field for criminals as well as malicious state and non-state actors.

Design and Innovation

Digital linguist translates on the spot (C4ISRNET) The Machine Foreign Language Translation System achieves basic communication between two languages.

The hackers trying to build a hack-proof operating system (The Christian Science Monitor Passcode) A team of Canadian security researchers is set to unveil a computer operating system called Subgraph designed to protect its users from the most common types of digital attacks.

Secrecy Obligation For The Digital Piggy Bank (Eurasia Review) “Do you collect bonus points?” This question is part of daily purchasing routine. More than 80% of German households participate in bonus programs. They run the risk of disclosing sensitive information

My Experience as a Cryptocurrency Developer (The Merkle) Cryptography, it’s all around us, and it's here to stay. My name is Carsen Klock, I am a developer, designer, and crypto entrepreneur. I want to share several things I've learned about developing cr

Responsibility in the IoT: Why security can’t be treated as an afterthought (Computer Business Review) Security is simply too important to be treated as an afterthought in the IoT. If security features are added on like an extra coating of paint to...

Research and Development

Sandia Labs Deploys Brain-Inspired Cybersecurity System (SIGNAL Magazine) Researchers at Sandia National Laboratories helped develop a potentially game-changing cybersecurity system that mimics the human brain’s ability to analyze data.

Academia

Tech helps organize Tucson Women in Cybersecurity conferences (Herald-Citizen) Tennessee Tech will have a distinct presence in Tucson, Ariz. this week at the fourth annual Women in Cybersecurity conference.

London Students Declared Most Talented in UK for IT Security (Acumin Recruitment, London) Imperial College London students have been named the country’s IT security top cats at the Inter-ACE contest, after beating rivals from 11 top universities.

Carnegie Mellon's CyLab challenges high school students to give hacking a try (PRNewswire) Carnegie Mellon University aims to build a talent pipeline into the cyber...

#brainbabe Introduces STEAM-Con Connection Helping Fill the Need for Cybersecurity Talent (PRNewswire) New program links students and cyber job seekers with employers to staff booths at conferences

Legislation, Policy and Regulation

SuPo 2016: National Security is a Joint Effort (Finnish Security Intelligence Service) The Republic of Finland celebrates the centenary of its independence in 2017. The theme of the celebration year is ‘together’. The Finnish security intelligence service also wants to assure national security together with Finnish people. Recent news from the world have shown that national sovereignty can no longer be taken for granted even though no physical violation of state borders takes place.

Ministry of Defence on the hunt for data scientists with expertise in AI (Computing) Four data scientists ought to be enough to keep the UK safe, believes the MoD.

Amber Rudd accused of adopting Sir Humphrey Appleby-style obfuscation in Snoopers' Charter codes consultation (Computing) Government trying to intimidate people into silence by adopting bureaucratic legalese in Investigatory Powers Act codes of conduct consultation.

India extends ‘Orwellian’ ID card scheme as critics warn of risks (Naked Security) ‘Voluntary’ ID scheme soon to be mandatory for a huge range of everyday activities, from buying a train ticket online to getting a new Sim card

DHS misses deadline to submit cyber strategy to Congress (TheHill) Department official acknowledges it failed to submit strategy by last week.

DHS cyber reorg bill coming (FCW) A top DHS cybersecurity official and a leading lawmaker are pushing a plan to reorganize federal cyber protection.

Should Trump Tackle Air-Gapped Critical Infrastructure? (Dark Reading) MIT experts issue recommendations to the president, urging him to take elements of the electric grid and gas pipeline offline - but other security experts say that ship has sailed.

US House votes to undo broadband privacy rules (CSO Online) The U.S. House of Representatives has voted to repeal privacy rules that can prevent broadband providers from selling customers’ internet-browsing histories and other data without their permission.

Here’s the Data Republicans Just Allowed ISPs to Sell Without Your Consent (Motherboard) Privacy watchdogs blasted the vote as a brazen GOP giveaway to the broadband industry.

How to Protect the Internet (Motherboard) What normal people can do to stop the concerted effort by Republicans and big telecom to destroy the open internet.

Why we should define our right to privacy now, before it’s too late (Help Net Security) What we need is a constitutional amendment that very clearly defines a right to privacy. Without one, we’ll forever be looking over our digital shoulders.

Litigation, Investigation, and Enforcement

UK Cops Arrest Man Potentially Linked to Apple Extortion (Motherboard) The man is suspected of blackmail and hacking offenses.

Why government plans to spy on WhatsApp will fail (Naked Security) After last week’s attack in London, the home secretary called on television for cryptographic regression – but that won’t deliver what she wants

182,000 Joblink accounts exposed in cyber attack (Brattleboro Reformer) The Vermont Department of Labor has announced that as many as 182,000 Joblink accounts dating back to 2003 may have been breached in a cyberattack.As a result of the breach, personal information such as names, addresses, dates of birth and Social

Man loses appeal over Facebook threat to kill Obama (Naked Security) The lesson from this failed appeal is that threats on social media will be taken very seriously by the authorities – so be careful when blowing off steam

Russian Hacker Pleads Guilty to Ebury Botnet Role (Infosecurity Magazine) Russian Hacker Pleads Guilty to Ebury Botnet Role. Maxim Senakh said to have benefitted from scams that made millions

Yes, Burglars Read Your Social Media to Learn When You're Away (Lifestyle) Keep your home safe when you travel.

‘Siri, please dial 999 and save Mummy’s life’ (Naked Security) Four-year-old boy used his unconscious mother’s thumb to unlock her iPhone and call the emergency services

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

PCI Security Standards Council: 2017 Middle East and Africa Forum (Cape Town, South Africa, March 29, 2017) Join your industry colleagues for a full day of networking and one-of-a-kind partnership opportunities. Whether you want to learn more about updates in the payment card industry or showcase a new product, you’ll find it all at the 2017 Middle East and Africa Forum (MEAF).

Insider Threat 2017 Summit (Monterey, California, USA, March 29 - 30, 2017) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical security considerations. A heightened awareness of insider threats due to numerous newsworthy attacks and unauthorized leaks has brought us together for one main purpose: To better understand security challenges in order to better defend against insider threats.

2nd Annual Billington International Cybersecurity Summit (Washington, DC, USA, March 30, 2017) The 2nd Annual Billington International Cybersecurity Summit on March 30, 2017 at the National Press Club in Washington, DC will feature over 300 world class cybersecurity decision-makers from allied nations and the US in an intensive day of knowledge exchange and relationship building. NOTE: Attendees must be citizens of the U.S. or allied nations to attend this event. The summit, which will attract senior influencers in cybersecurity from allied nations across the world, has as its theme: Protecting Critical Infrastructure in a Connected World.

Yale Cyber Leadership Forum: Bridging the divide between law, technology, and business (New Haven, Connecticut, USA, March 30 - April 1, 2017) The Yale Cyber Leadership Forum will take place on Yale University's campus and will focus on bridging the divide between law, technology and business in cybersecurity. With McKinsey & Company as our knowledge partner, the Forum will integrate McKinsey’s extensive knowledge of best practices in cybersecurity with Yale’s scholarly expertise. The Forum will expose participants to effective approaches to recognizing, preparing for, preventing, and responding to cyber threats.

WiCyS 2017: Women in Cybersecurity (Tucson, Arizona, USA, March 31 - April 1, 2017) The WiCyS initiative has, since 2013, become a continuing effort to recruit, retain and advance women in cybersecurity. It brings together women (students/faculty/researchers/professionals) in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring.

GITECH Summit 2017: Revolution of Solutions (Annapolis, Maryland, USA, April 2 - 4, 2017) The GITEC Summit “Revolution of Solutions: Transforming Government” will be held April 2-4, 2017 at the Westin Annapolis. This year’s summit will focus on the continued transition and transformation surrounding the development, implementation, management and use of information technology for mission-critical functions.

SeaAirSpace (National Harbor, Maryland, USA, April 3 - 5, 2017) The Navy League's Sea-Air-Space Exposition brings the U.S. defense industrial base, private-sector U.S. companies and key military decision makers together for an annual innovative, educational, professional and maritime based event. The exposition will include, among other topics, exhibits and presentations on cybersecurity.

InfoSec World Conference and Expo 2017 (ChampionsGate, Florida, USA, April 3 - 5, 2017) The conference will feature security practitioners who speak from experience on the real-world challenges companies are facing today. The conference is most suitable for those whose responsibilities include creating solutions. The organizers bill it as a training conference.

Cyber Security Summit: Atlanta (Atlanta, Georgia, USA, April 6, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Atlanta. Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: Atlanta is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

SANS 2017 (Orlando, Florida, USA, April 7 - 14, 2017) Success in information security requires making a commitment to a career of learning, from the fundamentals to advanced techniques. To put you firmly on that learning path, join us at SANS 2017 in Orlando, Florida from April 7-14. This event features over 40 different cutting-edge courses taught by top industry professionals who will provide you with the best available information and software security training. SANS 2017 also features numerous opportunities to learn new skills, techniques, and trends at the SANS@Night talks, Vendor Expo, and Lunch-and-Learn sessions. You will hear about the latest and most important issues in talks led by SANS practitioners who are leading the global conversation on cybersecurity.

Unprecedented Counterintelligence Threats: Protecting People, Information and Assets in the 21st Century. (Arlington, Virginia, USA, April 10, 2017) This full day symposium will provide insights into evolving threats to the nations security and identify effective ways of addressing them. Highlights Include: A keynote address from National Counterintelligence Executive (NCIX) Bill Evanina. The presentation of a new paper from INSA’s Security Policy Reform Council, “Assessing the Mind of the Malicious Insider,” which discusses the psychological traits and stressors that lead to malicious behavior and identifies continuous evaluation methodologies that can provide early warning of destructive acts. A review of best practices in implementing insider threat programs in the public and private sectors. An assessment of the risks to key supply chains and the prospects of delivering goods uncompromised. A discussion of the greatly overlooked long-term impacts of the 2015 theft of OPM personnel data.

Hack In the Box Security Conference (Amsterdam, the Netherlands, April 10 - 14, 2017) Back again at the NH Grand Krasnapolsky, HITB2017AMS takes place from the 10th till 14th of April 2017 and features a new set of 2 and 3-day technical trainings followed by a 2-day conference with a Capture the Flag competition, technology exhibition with hackerspaces, lock picking villages and hardware related exhibits plus a free-to-attend track of 30 and 60 minute talks!

Cyber Warrior Women: Blazing the Trail (Catonsville, Maryland, USA, April 19, 2017) Join the Cybersecurity Association of Maryland, Inc. (CAMI), in partnership with The CyberWire, Fort Meade Alliance, and presenting sponsor Exelon Corporation, for "Cyber Warrior Women: Blazing the Trail." This special program is designed to spotlight some of Maryland’s diverse and dynamic female cybersecurity professionals with stories of triumph and tribulation, advice and inspiration. Can't join us in person? Host a viewing party with your colleagues or fellow students, or tune in individually.

ISSA CISO Executive Forum: Information Security, Privacy and Legal Collaboration (Washington, DC, USA, April 20 - 21, 2017) Information Security, Privacy and Legal programs must be closely aligned to be successful in today’s world. Customer and vendor contracts require strong security language. Privacy has moved to the forefront of a global stage. Response to data breaches are often coordinated through Legal departments to protect privilege. Increasing global regulations drives change to Information Security and Privacy practices. Join your Information Security, Legal and Privacy leadership peers to discuss timely issues in these areas.

International Conference on Cyber Engagement 2017 (Washington, DC, USA, April 24, 2017) Georgetown University's seventh annual International Conference on Cyber Engagement promotes dialogue among policymakers, academics, and key industry stakeholders from across the globe, and explores the worldwide community’s increasing interconnectivity in this domain.Drawing on the experience of government practitioners, industry representatives and academic scholars, this event brings a multidisciplinary and international approach to the challenges in cyberspace from technical, corporate, legal, and policy perspectives in both the United States domestic and international realms – with several topics targeting private sector interests.

SANS Baltimore Spring 2017 (Baltimore, Maryland, USA, April 24 - 29, 2017) SANS Institute, the global leader in information security training, today announced the course line-up for SANS Baltimore Spring 2017 taking place April 24 – 29. All courses offered at SANS Baltimore are open to civilians and veterans. Included among the course line-up are several master's degree and graduate certificate courses that are eligible for GI Bill benefits through the SANS Technology Institute graduate school.

Defence Information 2017 (Cranfield, England, UK, April 26 - 27, 2017) Defence Information 2017 is the major annual communications event of Joint Information Group activities (the JIG reports to the Defence Suppliers Forum) and the Event’s content spans both Information and Support. Our DI’17 Event examines some of the ‘people, process and technology’ issues critical to Team Defence being able to adopt, embed and exploit new (and often disruptive) Information and Communications Technology (ICT) capabilities and associated new ways of working - to productive effect.

Crimestoppers Conference (Eden Project, Bodelva, St Austell , April 27, 2017) Crimestoppers is organising a major one-day conference designed to help local businesses shore up their online security. A range of expert speakers will pinpoint typical cyber pitfalls to avoid. 80% of cyber crime is preventable and just a few key security steps can help avoid damaging your business reputation and finances

Atlantic Security Conference (Halifax, Nova Scotia, Canada, April 27 - 28, 2017) Atlantic Canada's non-profit, annual information security conference. AtlSecCon, the first security conference in Eastern Canada focusing on bringing some of the worlds brightest and darkest minds together with one common goal – to expand the pool of IT Security knowledge beyond its typical confines. AtlSecCon provides an unmatched opportunity for IT Professionals and Managers to collaborate with their peers and learn from their mentors.

SANS Automotive Cybersecurity Summit 2017 (Detroit, Michigan, USA, May 1 - 8, 2017) SANS will hold its inaugural Automotive Cybersecurity Summit to address the specific issues and challenges around securing automotive organizations and their products. Join us for a comprehensive look at automotive assembly, industry suppliers, embedded systems, and safeguarding extended customer and product data. The Summit will include two-days of in-depth presentations from top security experts and seasoned practitioners, hands-on learning exercises, and exclusive networking opportunities.

cybergamut Tech Tuesday: Distributed Responder ARP: Using SDN to Re-Engineer ARP from within the Network (Elkridge, Maryland, USA, and online at various local nodes, May 2, 2017) We present the architecture and initial implementation of distributed responder ARP (DR-ARP), a software defined networking (SDN) enabled enhancement of the standard address resolution protocol (ARP) intended to improve network security and performance by exerting much greater control over how ARP traffic flows through the network as well as over what actually delivers the ARP service. Presented by Mark Alan Matties, PhD of The Johns Hopkins University Applied Physics Lab.

Cyber Security Summit in Dallas (Dallas, Texas, USA, May 5, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from Proofpoint, CenturyLink, IBM and more. Register with promo code cyberwire50 for half off your admission (Regular price $350)

OWASP Annual AppSec EU Security Conference (Belfast, UK, May 8 - 12, 2017) Welcome to OWASP Annual AppSec EU Security Conference, the premier application security conference for European developers and security experts. AppSec EU provides thought leadership, amazing talks, informative sessions, and great social experiences. During the pre-conference (Monday 8th - Wednesday 10th May 2017) there is the opportunity to attend one of the many trainings courses on offer from industry experts, plus project summits and outreach sessions to the future pioneers of the application security industry. The main conference (Thursday 11th & Friday 12th May) offers four full tracks of talks, for pentesters and ethical hackers, developers and security engineers, DevOps practices and GRC/risk level talks for managers and CISOs.

SANS Security West 2017 (San Diego, California, USA, May 9 - 18, 2017) Cybersecurity skills and knowledge are in high demand. Cyber attacks and data breaches are more frequent and sophisticated, and organizations are grappling with how to best defend themselves. As a result, cybersecurity is more vital to the growth of your organization than ever before. Now is the perfect time to take the next step to protect your organization and advance your career. Join us at SANS Security West 2017 (May 9-18) to gain the skills and knowledge needed to help your organization succeed. Choose from over 30 information security courses taught by SANS’ world-class instructors. At SANS Security West 2017, you will get the best hands-on, immersion training and learn what it takes to stop cyber threats.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

Notes on SINET ITSEF. Lost laptops; bad USB sticks. IIS 6.0 vulnerable to buffer overflow. Cerber evolves to evade machine-learning solutions. Siemens system vulnerabilities disclosed. A view of cyberspace conflict from Finland.