The CyberWire Daily Briefing 3.31.17

Summary

By The CyberWire Staff

SecureWorks has been tracking Fancy Bear's activity during the run-up to last year's US elections, and they've found that activity to have begun as early as March 2015, and to have prospected some 6730 people. While there was clearly a lot of interest in the US election, that was far from Fancy Bear's only interest. Targets are said (by Motherboard) to have included "members of the US military, diplomats all over the world, Russian government critics, Hillary Clinton campaign staffers, and even Hillary Clinton." It was a phishing campaign, thus typical of the commodity-level approach that continues to pay off well for espionage services. Only 2% of the marks took the phishbait, but when you've trolled through nearly 7000 accounts, 2% is enough. SecureWorks was able to get the details they did because FancyBear left its Bitly url-shortener accounts public.

Reports suggest the EU will soon mandate backdoors in encrypted comms, which seems in tension with stringent privacy protection.

The ISS 6.0 vulnerability is being actively exploited against Windows Server 2003. Windows Server 2003 is beyond its end-of-life (so no patch).

Researchers at Palo Alto Networks have found two remote access Trojans, Troichilus and MoonWind, in active use against utilities and other targets in Thailand.

Open-source developers using GitHub should beware: the Dimnie Trojan is there, and being used against them.

Gizmodo says it's found FBI Director Comey's Twitter account. (The Director's handle is an homage to theologian Reinhold Niebuhr; you'd think a Chicago man would have chosen Paul Tillich.)

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, European Union, Georgia, Germany, Israel, Moldova, NATO/OTAN, Russia, Slovakia, Thailand, Ukraine, United Kingdom, and United States.

A note to our readers: the CyberWire is in Tucson, Arizona, covering the Women in Cyber Security conference. We'll have reports on it next week. And next week we'll be dropping by the Navy League's annual SeaAirSpace expo to see what the sea services are working on in cyberspace. Finally, we'll be releasing new articles on both this week's SINET ITSEF 2017 conference and the just-concluded Billington International Cybersecurity Summit. Do watch those links.

On the Podcast

In today's podcast we hear from our partners at the University of Maryland, as Jonathan Katz tells us about a bug recently discovered in the Z-Coin crytocurrency (which seems already to have cost people half a million dollars). Our guest, Bob Ackerman of Allegis Capital and the DataTribe, offers his take on how investors currently view the evolving cyber ecosystem.

Special editions of the podcast are also up. See Perspectives, Pitches, and Predictions from RSA, and an overview of how artificial intelligence is being applied to security.

Sponsored Events

The Cyber Security Summit: Atlanta and Dallas (Atlanta, GA, USA, April 6, 2017) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts.

Jailbreak Security Summit - Insecurity Tools (Laurel, Maryland, USA, April 28, 2017) Join some of the world's best security researchers as they talk about vulnerabilities in security tools at the only computer security event held at a production brewery. Attendance is limited to 100 to keep the Security Summit small and encourage conversation between speakers, attendees, and sponsors.

Selected Reading

Dateline

Sophisticated threat actors are persistent threat actors (The CyberWire) Nation-states have earned their reputation as the most sophisticated and dangerous threat actors in cyberspace, but they're most distinguished not by their technology, but by their focus, determination, and persistence.

NSA technical director: Sharing hacker information isn't enough, we need a shared response - Cyberscoop (Cyberscoop) The nature of cyberthreats aimed at both the U.S. government and private American companies calls for a dramatic shift in how the larger cybersecurity community shares information about hackers and collectively responds to attacks, said Neal Ziring, technical director for the NSA’s Capabilities Directorate.

Cyber Attacks, Threats, and Vulnerabilities

New: Russian Hackers Targeted Hillary Clinton’s Campaign Email Ahead of the 2016 Election (Motherboard) New evidence shows that during their wide-ranging hacking campaign, Russian hackers tried to hack 6,730 people with 19,315 phishing links.

Trochilus and New MoonWind RATs Used In Attack Against Thai Organizations (Palo Alto Networks Blog) Troichilus and MoonWind RATS used to target utility and other organizations in Thailand.

Jerusalem's municipality digital services under cyber attack (Ynetnews) Jerusalem's municipality revealed that, for the second time this week, the city's digital services, among them the municipality's website, are currently down due to a cyber attack. The services were shut down to prevent harm to the servers and the city's residents.

Dimnie Trojan targeting open source developers publishing on Github (Computing) Trojan targeting developers steals passwords, exfiltrates files, takes screenshots and can even self-destruct when it has served its purpose.

Malware campaign targets open source developers on GitHub (WeLiveSecurity) Be on your guard if you're a developer who uses GitHub - someone could be trying to infect your computer with malware.

Gizmodo found what looks to be FBI Director James Comey’s Twitter account (Ars Technica) Either way, this shows how difficult it is to maintain bulletproof operational security.

This Is Almost Certainly James Comey’s Twitter Account (Gizmodo) Digital security and its discontents—from Hillary Clinton’s emails to ransomware to Tor hacks—is in many ways one of the chief concerns of the contemporary FBI. So it makes sense that the bureau’s director, James Comey, would dip his toe into the digital torrent with a Twitter account. It also makes sense, given Comey’s high profile, that he would want that Twitter account to be a secret from the world, lest his follows and favs be scrubbed for clues about what the feds are up to. What is somewhat surprising, however, is that it only took me about four hours of sleuthing to find Comey’s account, which is not protected.

Here's How Not to Get Doxed Like FBI Director Comey (Motherboard) Separating your pseudonymous Twitter account from your real life identity can be tricky.

Developer Leaks Source Code for Nuclear Bot to Get Avowal From His Peers (Virus Guides) After falling victim to peer pressure, the creator of the Nuclear Bot banking Trojan decided to release its source code. Now everyone who wishes can use th

Actively exploited zero-day in IIS 6.0 affects 60,000+ servers (Help Net Security) CVE-2017-7269 won't be patched by Microsoft, because they stopped supporting Windows Server 2003 a few years ago (IIS 6.0 was included in the OS).

Millions of websites affected by unpatched flaw in Microsoft IIS 6 web server (InfoWorld) A proof-of-concept exploit has been published for a zero-day vulnerability in Microsoft Internet Information Services 6.0, a version of the web server that's no longer supported

Microsoft Zero Day to Stay Unpatched (ISS Source) Microsoft Internet Information Services (IIS) 6.0 has a Zero Day vulnerability attackers leveraged last summer and is likely undergoing exploitation now, researchers said.

How Mobile Phones Turn Into A Corporate Threat (TrendLabs Security Intelligence Blog) Over the last year, the number of mobile phones overtook the world population. In countries like the United States, mobile subscribers outnumbered traditional landline users and half of Americans shifted to mobile-only to communicate. In modern smart cities, wireless-only buildings are becoming the new construction standard for homes, factories, and organizations in general. Landline phones are going away—sooner rather than later.

Escaping a Python sandbox with a memory corruption bug (Hacker Noon) A few weeks ago I decided to scratch an itch I’ve been having for a while — to participate in some bug bounty programs. Perhaps the most…

Let’s Encrypt issues certs to ‘PayPal’ phishing sites: how to protect yourself (Naked Security) Checking that a website uses HTTPS is one way of checking if it’s legitimate – but what happens when the scammers are buying SSL certificates that include the name of the company they…

Nintendo Switch emulator bait used to spread malware and ransomware, warns Norton (Computing) All bait and no Switch, warn security researchers.

Blizzard's World of Warcraft fans hit by phishing scam (HackRead) Hackers have centered their attention towards a famous game “World of Warcraft, ” and things aren’t looking good for its fans. According to the Graham Clul

7 sexy high-tech enterprise ‘surveillance engineering’ techniques that criminal hackers use (CSO Online) 7 ways criminal hackers use high-tech surveillance—sometimes with a social engineering element—to tap into the enterprise to get the keys to your kingdom, or sensitive information.

Aviation-Related Phishing Campaigns Seeking Credentials (Threatpost) Researchers warn of a wave in aviation-themed phishing attacks that aim to steal credentials and install malware.

UK residents hit with extremely personalized scam emails (Help Net Security) A compelling and potentially very successful email spam campaign is being leveraged against UK residents, urging them to download a malicious attachment.

The scam that knows your name and home address – here’s what to do (Naked Security) The scam that knows your name and home address – here’s what to do

Falling in love online? Don’t get caught out by the Tinder scammers (Naked Security) Don’t join the guys who were daft enough to hand over $5 each to a woman online – here are some tips to avoid falling into a trap

IoT: The blind spots in your network (IT Pro Portal) Connected devices may be easy to use but they come at a security cost.

Cyberspace’s most dangerous places put your personal data at risk (Dayton Daily News) Anyone with a mobile device is at risk of having private personal and financial information stolen. But dangerous software and applications often lurk

Report: Criminals find profit rates of up to 95 percent with DDoS attacks (CSO Online) The emergence of the DDoS-as-a-service industry has lowered the costs for attacks to $25 or less, allowing criminals with no technical expertise to reach profit margins of up to 95 percent, according to a report released last week

Security Patches, Mitigations, and Software Updates

More fun in the sandbox: Experts praise security improvements to Edge (Register) Time will tell if Microsoft's browser is less ez2pwn

Cyber Trends

Gemalto releases findings of 2016 Breach Level Index (Gemalto) Almost 1.4 billion data records compromised in 2016 as hackers targeted large-scale databases across industries

The Business of Security: How your Organization Is Changing beneath You (Dark Reading) And why it's your job to change with it and 'skate where the puck is headed.'

Insider Threat Fear Greater Than Ever, Survey Shows (Dark Reading) More than half of security pros say insider threat incidents have become more frequent in the past 12 months.

49 Percent of Organizations Don't Know if They've Experienced Insider Attacks (eSecurity Planet) And 74 percent feel vulnerable to such attacks, a recent survey found.

Internet's Security Woes are Not All Technical (Dark Reading) Google engineer Halvar Flake told Black Hat Asia attendees that flaws in organizational structure and market power put enterprises at risk.

‘Cyber criminals will prey on future homes’ (The Times of India) With 1.3 billion connected devices and Internet of Things (IoT) devices expected to populate homes in India by 2021, home networks can become easy targets for cyber criminals, said global cyber security agency Fortinet.

Law Firms Face Increase in Attacks (Infosecurity Magazine) One in four of all legal firms have been the subject of a cyber-attack

Marketplace

Worldwide spending on security technology to reach $81.7 billion in 2017 (Help Net Security) IDC forecasts worldwide revenues for security-related hardware, software, and services will reach a whopping $81.7 billion in 2017.

Mastercard acquires NuData Security (Help Net Security) Mastercard has entered into an agreement to acquire NuData Security, a technology company that helps businesses prevent online and mobile fraud.

Extreme Networks to acquire Brocade's networking business (CRN Australia) Expand its assault on Cisco, HPE, others.

ESET-DESlock acquisition pays off in data encryption test (Security Brief) “Given the growing importance of IT and data security, this is the first time AV-Comparatives has conducted a test on business encryption."

Corero Network rises as chairman signals plan to back share placing (Proactiveinvestors UK) Corero Network Security PLC (LON:CNS) - Chairman Jens Montanana already holds 34.1% of the company but wants to pump more money into Corero, which would take his stake above 50%.

Yes, FireEye Inc (FEYE) Stock Is for Real (InvestorPlace) A few months ago, you couldn't give FireEye away. Now it's a struggle to buy FEYE stock at a price you can live with.

Proofpoint Growing On The Back Of Human Error (Seeking Alpha) Proofpoint continues to gain share in its target markets like email security, advanced threat detection, archiving, and data loss prevention as bigger rivals fo

The 3 Best Firewall Companies to Buy in 2017 (Madison) The total number of data breaches in the U.S. rose 40% in 2016 to hit a record high according to the Identity Theft Resource Center. That's why research firm Markets

Palantir Officials Reject Investor's Request for Records (Bloomberg) The secretive data-analytics company Palantir Technologies Inc. is intent on keeping its information private.

Greystones awarded DIA contract at undisclosed value (C4ISRNET) Greystones Group has been awarded a prime contract for visual media analysis software.

General Dynamics Selected to Provide Enterprise IT and Cloud Services to NATO (General Dynamics) General Dynamics Information Technology, a business unit of General Dynamics (NYSE: GD), was awarded a contract by the NATO Communications and Information Agency (NCI Agency) to deliver the most significant upgrade to the organization’s technical infrastructure in decades.

Lastline Announces Lastline Labs -- Research Team Fuels Innovation (Yahoo! Finance) Lastline Inc., the leader in advanced malware protection, today introduced Lastline Labs, its internal research group and innovative core. Lastline Labs brings together some of the most brilliant minds ...

Ministry of Justice ups salary for CISO role in a bid to flush out qualified candidates (Computing) New job ad with higher salary of up to £117,800 for MoJ CISO.

Products, Services, and Solutions

New infosec products of the week: March 31, 2017 (Help Net Security) Here are some exciting new information security products from ClearSky Data, Core Security, ManageEngine, Qualys, ViaSat and Waterfall Security.

Bricata adds AI to its cybersecurity tools (Technical.ly Baltimore) The Columbia-based startup inked a deal with buzzy cybersecurity company Cylance.

Chain Integrates Blockchain Technology with Thales Hardware Security Modules (Thales) Collaboration allows leading institutions to launch blockchain networks in production

Deloitte announces next generation cyber risk platform enabled by Dragos for Industrial Control Systems and Operational Technologies Security (Deloitte United States) Deloitte and Dragos offer combined services and technology to bolster cybersecurity in Industrial Control Systems (ICS) and Operational Technology (OT) networks.

Deloitte to expand cyber risk platform for industrial control systems, operational technologies security (World Oil) Deloitte has announced plans to expand its cyber risk platform for end-to-end industrial control systems (ICS) and operational technologies (OT) security with next generation technology enabled by Dragos, a cybersecurity company focusing on securing ICS and OT networks.

An AI Startup is About to Make Robbery More Difficult (PRNewswire) We've all watched the movie scene where the bank teller attempts to reach a silent alarm while a robbery takes place. Deep Science AI is about to make that scenario a thing of the past with its AI surveillance (AIS) platform for businesses.

Namecheap Offers Free Comodo SSLs for Symantec Customers (Fox 34) Free SSLs allow continuation of 'trusted site status' on Google

Norton By Symantec Launches Wi-Fi Security Software Starting From ₹2,999 (Huffington Post India) The software works on all the platforms including Android, iOS, Windows and Mac

cStor and Cylance Win Bid to Implement Advanced Cybersecurity and Endpoint Protection Solution for State of Arizona Agencies - Press Release Rocket (Press Release Rocket) cStor and CylancePROTECT® to help advance cybersecurity strategy and secure state agency data, systems and endpoint device (PRWEB) March 30, 2017 cStor, a leading provider of data center, cloud and cybersecurity solutions, today announced that the company and its channel partner, Cylance® Inc., have been selected to implement an advanced endpoint protection and cybersecurity solution …

CylancePROTECT® selected by SANS Community as Best Endpoint Protection Product of 2016 (SAT PR News) Nominees and winners selected by actual product users in SANS community of security specialists

All tech giants fail on security disclosure, but Microsoft and Google do best (CIO New Zealand) A new report ranking of a dozen tech giants finds that all of them could do better at explaining how user data is secured.

Technologies, Techniques, and Standards

US Border Policy Shifts May Drive Changes in Laptop Security (Dark Reading) In-cabin laptop ban and requirements to unlock devices for border patrol could have enterprises revisiting their on-device data policies.

Post-FCC Privacy Rules, Should You VPN? (KrebsOnSecurity) Many readers are understandably concerned about recent moves by the U.S. Congress that would roll back privacy rules barring broadband Internet service providers (ISPs) from sharing or selling customer browsing history, among other personal data.

Payment Card Industry Security Compliance: What You Need to Know (Dark Reading) A quick refresher on all the different PCI SSC security standards that are relevant for organizations that accept electronic payments.

The cost of compromised credentials creeps up (Third Certainty) The most common credentials are a combination of username and password, but those have lost a good bit of their protective powers. Next-generation credentials also are edging toward a precarious place. Here’s what you need to know about the dangers of compromised credentials and how to mitigate those risks. The speed of work these days …

2 Common Barriers to Effective Threat Intelligence (Recorded Future) Creating insight from threat data is easier said than done. There are two main barriers that stand in the way of creating effective threat intelligence.

Smart Whitelisting Using Locality Sensitive Hashing (TrendLabs Security Intelligence Blog) Trend Micro Locality Sensitive Hashing (TLSH) is a kind of fuzzy hashing that can be employed in machine learning extensions of whitelisting.

Ways To Maintain Your Cybersecurity Infrastructure (Anomali) Network security is a great undertaking early on. The benefits to protecting your network are immediate as well as beneficial in the long term. However, the systems and practices which defend your organization and its network are not a “set it and forget it” machine. As threats are continually evolving, so must your defenses. Don’t let complacency set in to the point where you’re relying on an outdated cyber security infrastructure.One component of a security plan that

A strong cyber recipe starts with a base of planning and a dash of creativity (FederalNewsRadio.com) Cyber experts from agencies and industry say the best defense starts with basic "blocking and tackling," and then adding a layer of creativity.

It’s the technology, stupid (The Hindu Business Line) Eleven reasons why the Aadhaar is not just non-smart but also insecure

Design and Innovation

Silicon Valley begins putting cyberbullies in the crosshairs (The Christian Science Monitor Passcode) With the rate of digital bullying increasing, tech firms escalate efforts to build automated tools that can detect and flag online harassment.

Research and Development

A more connected military means new battlefield glitches, too (The Christian Science Monitor Passcode) With its $52 million initiative to vastly expand connectivity and technology on the front lines, the US Army knows it may also give enemies new digital targets to hack or manipulate. Is it up for the challenge?

Vancore Labs to conduct research for DARPA (C4ISRNET) The U.S. Defense Advanced Research Projects Agency (DARPA) has awarded Vencore Labs contracts valuing $17.7 million for research in cyber defense.

AM General, Army to test autonomous vehicle system (UPI) An autonomous vehicle for transporting personnel and equipment within U.S. military facilities is being developed by AM General and the Army.

Army awards deals for autonomous reasoning (C4ISRNET) The contracts are for Charles River's Figaro open-source, probabilistic programming language for probabilistic modeling.

Elon Musk Isn’t the Only One Trying to Computerize Your Brain (WIRED) These companies are applying the Silicon Valley playbook to neuroscience.

Academia

LSU Applied Research Center positions Louisiana as a U.S. Cybersecurity Hub (BRPROUD) An organization at LSU that provides solutions for the defense and intelligence communities has received contracts totaling nearly $5 million from the U.S. Department of Defense for the university's growing cybersecurity expertise. Two large cybersecurity contracts have been awarded to Nascent Technologies Corporation, or NTC.

Coppin State University offers new cyber security program (WMAR) A new cyber security program at Coppin State University will train and employ graduates with the Department of Defense.

Israel teaches cybersecurity skills to its high schoolers (Public Radio International) A program for gifted 10th-graders teaches them coding, encryption and how to defend a computer network against hacking. Many of the students will end up in Israel's equivalent of the NSA.

Legislation, Policy and Regulation

Now Europe is Looking to Undermine Encryption (Infosecurity Magazine) Now Europe is Looking to Undermine Encryption. Commission may look to force the hand of tech giants

Encryp-xit: Europe will go all in for crypto backdoors in June (Register) App-makers get a choice: Open up voluntarily or we'll pass laws forcing you to

GDPR: What to do with conflicting legislation (Computing) 'GDPR says to delete data after a certain period, while other regulations demand we keep data forever.' An IT leader explains his conundrum.

Privacy Babel: Making Sense of Global Privacy Regulations (Dark Reading) Countries around the world are making their own privacy laws. How can a global company possibly keep up?

German military to unveil new cyber command as threats grow (Reuters) Germany's military will launch a cyber command next week as part of an effort to beef up online defenses at a time when German spy agencies are warning of increasing cyber attacks by Russia.

'It's in our COMMON INTEREST' Germany warns security WILL NOT be used as bargaining chip (Express) The German Defence Minister has warned security will not be used as a bargaining chip during Brexit negotiations and called for greater military cooperation with the UK.

Ukrainian cybersecurity slowed by need to replace Soviet-era tech (C4ISRNET) The effort to upgrade intelligence capabilities and cyber protections is especially complex in Ukraine, as most existing Ukraine systems are, in fact, Russian in origin.

Countering Information War: Lessons Learned from NATO and Partner Countries (Globsec Policy Institute) In 2013, General Valery Gerasimov published an article, now know famously as “Gerasimov’s Doctrine”, which defined information warfare as the combination of electronic warfare, cyberwarfare and psychological operations into a single, coordinated military effort.

DHS issued two more Binding Operational Directives on cyber in final months of Obama term (FederalNewsRadio.com) DHS told Congress it’s seeing dividends from the legal authority to force agencies to take steps to improve their cybersecurity posture.

TRANSCOM worried about cybersecurity gap between DoD and civilian networks (FederalNewsRadio.com) U.S. Transportation Command uses a lot of civilian businesses, but is their difference in cybersecurity standards harming national security?

Confirmation of DHS intelligence head is too important to politicize (TheHill) OPINION | Grilling David Glawe on Trump's travel ban is just for legislators to levy political opinions unrelated to his role.

Lawmakers press budget chief on cybersecurity guidance for federal acquisitions (TheHill) The OMB never finalized the guidance in 2015.

Cyber Command looking to equip its cyber warriors (C4ISRNET) Cyber Command is now looking to equip its cyber warriors with tools and platforms to conduct full spectrum cyber operations.

Privacy activist wants to unveil lawmakers' browser histories (CSO Online) When members of Congress approved a resolution that would toss out significant online privacy protections, one Internet user decided to do something about it.

Litigation, Investigation, and Enforcement

Senator: Russia used 'thousands' of internet trolls during US election (CSO Online) The Russian government used "thousands" of internet trolls and bots to spread fake news, in addition to hacking into political campaigns leading up to the 2016 U.S. election, one senator said.

Russian experts paint sinister picture of Russian meddling (WRAL.com) Russian experts painted a sinister picture of Russian meddling in the 2016 election Thursday, telling the Senate intelligence committee about fake news, cyber trolls, smear campaigns and even slayings they say could have ties to the Kremlin.

Opinion | Today’s Russia hearings actually revealed something new and important (Washington Post) Senate Republicans now seem to be taking this story very, very seriously.

White House tells Russia probers: Come see intel yourselves (Military Times) The White House refused to say on Thursday whether it secretly fed intelligence reports to a top Republican investigating possible coordination between Russia and the 2016 Trump campaign. Fending off growing criticism, the administration invited lawmakers from both parties to view classified material it said relates to surveillance of the president's associates.

A Brief Timeline of Devin Nunes’ Odd White House Ties (WIRED) The House Intelligence Committee chair has had himself quite a week.

Mike Flynn Offers to Testify in Exchange for Immunity (Wall Street Journal) Mike Flynn, President Donald Trump’s former national security adviser, has told the FBI and congressional committees investigating the Trump campaign’s potential ties to Russia that he is willing to be interviewed in exchange for a grant of immunity from prosecution, according to officials with knowledge of the matter.

Flynn’s Public Offer to Testify for Immunity Suggests He May Have Nothing to Say (Just Security) The Wall Street Journal is reporting that former National Security Advisor Mike Flynn told the FBI and Congress that he is willing to testify in

Meet the Midwestern Contractor That Appears Hundreds of Times in the CIA WikiLeaks Dump (The Intercept) At Northrop Grumman's Xetron, some employees were suddenly asked to take polygraph tests. The company contracts with the CIA.

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

WiCyS 2017: Women in Cybersecurity (Tucson, Arizona, USA, March 31 - April 1, 2017) The WiCyS initiative has, since 2013, become a continuing effort to recruit, retain and advance women in cybersecurity. It brings together women (students/faculty/researchers/professionals) in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring.

GITECH Summit 2017: Revolution of Solutions (Annapolis, Maryland, USA, April 2 - 4, 2017) The GITEC Summit “Revolution of Solutions: Transforming Government” will be held April 2-4, 2017 at the Westin Annapolis. This year’s summit will focus on the continued transition and transformation surrounding the development, implementation, management and use of information technology for mission-critical functions.

SeaAirSpace (National Harbor, Maryland, USA, April 3 - 5, 2017) The Navy League's Sea-Air-Space Exposition brings the U.S. defense industrial base, private-sector U.S. companies and key military decision makers together for an annual innovative, educational, professional and maritime based event. The exposition will include, among other topics, exhibits and presentations on cybersecurity.

InfoSec World Conference and Expo 2017 (ChampionsGate, Florida, USA, April 3 - 5, 2017) The conference will feature security practitioners who speak from experience on the real-world challenges companies are facing today. The conference is most suitable for those whose responsibilities include creating solutions. The organizers bill it as a training conference.

Cyber Security Summit: Atlanta (Atlanta, Georgia, USA, April 6, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Atlanta. Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: Atlanta is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

SANS 2017 (Orlando, Florida, USA, April 7 - 14, 2017) Success in information security requires making a commitment to a career of learning, from the fundamentals to advanced techniques. To put you firmly on that learning path, join us at SANS 2017 in Orlando, Florida from April 7-14. This event features over 40 different cutting-edge courses taught by top industry professionals who will provide you with the best available information and software security training. SANS 2017 also features numerous opportunities to learn new skills, techniques, and trends at the SANS@Night talks, Vendor Expo, and Lunch-and-Learn sessions. You will hear about the latest and most important issues in talks led by SANS practitioners who are leading the global conversation on cybersecurity.

Unprecedented Counterintelligence Threats: Protecting People, Information and Assets in the 21st Century. (Arlington, Virginia, USA, April 10, 2017) This full day symposium will provide insights into evolving threats to the nations security and identify effective ways of addressing them. Highlights Include: A keynote address from National Counterintelligence Executive (NCIX) Bill Evanina. The presentation of a new paper from INSA’s Security Policy Reform Council, “Assessing the Mind of the Malicious Insider,” which discusses the psychological traits and stressors that lead to malicious behavior and identifies continuous evaluation methodologies that can provide early warning of destructive acts. A review of best practices in implementing insider threat programs in the public and private sectors. An assessment of the risks to key supply chains and the prospects of delivering goods uncompromised. A discussion of the greatly overlooked long-term impacts of the 2015 theft of OPM personnel data.

Hack In the Box Security Conference (Amsterdam, the Netherlands, April 10 - 14, 2017) Back again at the NH Grand Krasnapolsky, HITB2017AMS takes place from the 10th till 14th of April 2017 and features a new set of 2 and 3-day technical trainings followed by a 2-day conference with a Capture the Flag competition, technology exhibition with hackerspaces, lock picking villages and hardware related exhibits plus a free-to-attend track of 30 and 60 minute talks!

Cyber Warrior Women: Blazing the Trail (Catonsville, Maryland, USA, April 19, 2017) Join the Cybersecurity Association of Maryland, Inc. (CAMI), in partnership with The CyberWire, Fort Meade Alliance, and presenting sponsor Exelon Corporation, for "Cyber Warrior Women: Blazing the Trail." This special program is designed to spotlight some of Maryland’s diverse and dynamic female cybersecurity professionals with stories of triumph and tribulation, advice and inspiration. Can't join us in person? Host a viewing party with your colleagues or fellow students, or tune in individually.

ISSA CISO Executive Forum: Information Security, Privacy and Legal Collaboration (Washington, DC, USA, April 20 - 21, 2017) Information Security, Privacy and Legal programs must be closely aligned to be successful in today’s world. Customer and vendor contracts require strong security language. Privacy has moved to the forefront of a global stage. Response to data breaches are often coordinated through Legal departments to protect privilege. Increasing global regulations drives change to Information Security and Privacy practices. Join your Information Security, Legal and Privacy leadership peers to discuss timely issues in these areas.

International Conference on Cyber Engagement 2017 (Washington, DC, USA, April 24, 2017) Georgetown University's seventh annual International Conference on Cyber Engagement promotes dialogue among policymakers, academics, and key industry stakeholders from across the globe, and explores the worldwide community’s increasing interconnectivity in this domain.Drawing on the experience of government practitioners, industry representatives and academic scholars, this event brings a multidisciplinary and international approach to the challenges in cyberspace from technical, corporate, legal, and policy perspectives in both the United States domestic and international realms – with several topics targeting private sector interests.

SANS Baltimore Spring 2017 (Baltimore, Maryland, USA, April 24 - 29, 2017) SANS Institute, the global leader in information security training, today announced the course line-up for SANS Baltimore Spring 2017 taking place April 24 – 29. All courses offered at SANS Baltimore are open to civilians and veterans. Included among the course line-up are several master's degree and graduate certificate courses that are eligible for GI Bill benefits through the SANS Technology Institute graduate school.

Defence Information 2017 (Cranfield, England, UK, April 26 - 27, 2017) Defence Information 2017 is the major annual communications event of Joint Information Group activities (the JIG reports to the Defence Suppliers Forum) and the Event’s content spans both Information and Support. Our DI’17 Event examines some of the ‘people, process and technology’ issues critical to Team Defence being able to adopt, embed and exploit new (and often disruptive) Information and Communications Technology (ICT) capabilities and associated new ways of working - to productive effect.

Crimestoppers Conference (Eden Project, Bodelva, St Austell , April 27, 2017) Crimestoppers is organising a major one-day conference designed to help local businesses shore up their online security. A range of expert speakers will pinpoint typical cyber pitfalls to avoid. 80% of cyber crime is preventable and just a few key security steps can help avoid damaging your business reputation and finances

Atlantic Security Conference (Halifax, Nova Scotia, Canada, April 27 - 28, 2017) Atlantic Canada's non-profit, annual information security conference. AtlSecCon, the first security conference in Eastern Canada focusing on bringing some of the worlds brightest and darkest minds together with one common goal – to expand the pool of IT Security knowledge beyond its typical confines. AtlSecCon provides an unmatched opportunity for IT Professionals and Managers to collaborate with their peers and learn from their mentors.

SANS Automotive Cybersecurity Summit 2017 (Detroit, Michigan, USA, May 1 - 8, 2017) SANS will hold its inaugural Automotive Cybersecurity Summit to address the specific issues and challenges around securing automotive organizations and their products. Join us for a comprehensive look at automotive assembly, industry suppliers, embedded systems, and safeguarding extended customer and product data. The Summit will include two-days of in-depth presentations from top security experts and seasoned practitioners, hands-on learning exercises, and exclusive networking opportunities.

cybergamut Tech Tuesday: Distributed Responder ARP: Using SDN to Re-Engineer ARP from within the Network (Elkridge, Maryland, USA, and online at various local nodes, May 2, 2017) We present the architecture and initial implementation of distributed responder ARP (DR-ARP), a software defined networking (SDN) enabled enhancement of the standard address resolution protocol (ARP) intended to improve network security and performance by exerting much greater control over how ARP traffic flows through the network as well as over what actually delivers the ARP service. Presented by Mark Alan Matties, PhD of The Johns Hopkins University Applied Physics Lab.

Cyber Security Summit in Dallas (Dallas, Texas, USA, May 5, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from Proofpoint, CenturyLink, IBM and more. Register with promo code cyberwire50 for half off your admission (Regular price $350)

OWASP Annual AppSec EU Security Conference (Belfast, UK, May 8 - 12, 2017) Welcome to OWASP Annual AppSec EU Security Conference, the premier application security conference for European developers and security experts. AppSec EU provides thought leadership, amazing talks, informative sessions, and great social experiences. During the pre-conference (Monday 8th - Wednesday 10th May 2017) there is the opportunity to attend one of the many trainings courses on offer from industry experts, plus project summits and outreach sessions to the future pioneers of the application security industry. The main conference (Thursday 11th & Friday 12th May) offers four full tracks of talks, for pentesters and ethical hackers, developers and security engineers, DevOps practices and GRC/risk level talks for managers and CISOs.

SANS Security West 2017 (San Diego, California, USA, May 9 - 18, 2017) Cybersecurity skills and knowledge are in high demand. Cyber attacks and data breaches are more frequent and sophisticated, and organizations are grappling with how to best defend themselves. As a result, cybersecurity is more vital to the growth of your organization than ever before. Now is the perfect time to take the next step to protect your organization and advance your career. Join us at SANS Security West 2017 (May 9-18) to gain the skills and knowledge needed to help your organization succeed. Choose from over 30 information security courses taught by SANS’ world-class instructors. At SANS Security West 2017, you will get the best hands-on, immersion training and learn what it takes to stop cyber threats.

OWASP AppSec EU (Belfast, Northern Ireland, UK, May 12 - 18, 2017) Welcome to OWASP Annual AppSec EU Security Conference, the premier application security conference for European developers and security experts. AppSec EU provides thought leadership, amazing talks, informative sessions, and great social experiences. During the pre-conference (Monday 8th - Wednesday 10th May 2017) there is the opportunity to attend one of the many trainings courses on offer from industry experts, plus project summits and outreach sessions to the future pioneers of the application security industry. The main conference offers four full tracks of talks, for pentesters and ethical hackers, developers and security engineers, DevOps practices and GRC/risk level talks for managers and CISOs.

EnergySec Security Education Week (Austin, Texas, USA, May 14 - 19, 2017) The Energy Sector Security Consortium, Inc.'s Security Education Week is designed for early to mid career cybersecurity professionals currently employed at electric utilities in North America. Students will receive technical instruction on various topics including threat hunting, network packet analysis, and security assessments. Sessions will also cover operational technology used in the electric sector, and instructional workshops from industry vendors. Students will also participate in facility tours hosted by the Lower Colorado River Authority (LCRA), and evening activities designed to build relationships within industry and strengthen the community of cybersecurity professionals.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

Notes from the Billington International Cybersecurity Summit. FancyBear leaves its spoor in Bitly. Investigation of Russian influence operations heats up. EU may be taking a strong stand for backdoors in the crypto wars. Trojans in Thailand and on GitHub. ISS 6.0 bug hits Windows Server 2003.