The CyberWire Daily Briefing 4.4.17

Summary

By The CyberWire Staff

The British government warns infrastructure operators, especially those concerned with power plants and airports, to be alert for ICS cyberattacks mounted by ISIS. If the concerns prove real, they would indicate considerable increase in ISIS cyber capabilities, which have hitherto been largely confined to information operations.

Russian authorities investigate jihadist links to yesterday's suicide bombing in St. Petersburg.

Kaspersky offers more evidence connecting the Bangladesh Bank fraudulent funds transfers to the North Korean government. As US pressure on the DPRK over recent missile launches increases (including efforts to work with China on a bilateral response) and as the Chinese coal embargo bites Pyongyang harder, observers expect a corresponding rise in cyber activity targeting North Korea and its adversaries.

More warnings, this time from SecureWorks, of continued espionage from Fancy Bear (which they're calling "Iron Twilight," but it's the same GRU set). A recent victim, the IAAF, apologizes for the loss of athletes' medical records to the Russian espionage service.

Another Russian espionage group (where it would appear in a state-cum-criminal organization chart is unclear) has been connected to 1998's Midnight Maze operation against the US Department of Defense. It's the familiar Turla APT (also known as Snake, Uroburos, Venomous Bear, or Krypton) and it's still using, effectively, versions of the venerable LOKI backdoor.

Researchers report finding forty zero-day vulnerabilities in Samsung's Tizen OS.

Apple issues an emergency iOS patch to close a Wi-Fi drive-by vulnerability.

US Congressional hearings into Russian influence operations continue, with plenty of ugliness to go around.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, Bangladesh, Canada, China, Ecuador, Israel, Democratic Peoples Republic of Korea, New Zealand, Russia, United Arab Emirates, United Kingdom, United States

On the Podcast

In today's podcast, we talk with our partners at Virginia Tech's Hume Center, as Charles Clancy discusses telephony DDoS. Our guest, Amanda Rousseau from Endgame will describe her career as a malware researcher.

Special editions of the podcast are also up. See Perspectives, Pitches, and Predictions from RSA, and an overview of how artificial intelligence is being applied to security.

Sponsored Events

Cyber Warrior Women: Blazing the Trail (Catonsville, Maryland, USA, April 19, 2017) Hear stories of triumph and tribulation, advice and inspiration from some of Maryland’s diverse and dynamic female cybersecurity professionals. Join us in-person for this free event or register to view the live stream online.

2nd Annual Cyber Investing Summit (New York, New York, USA, May 23, 2017) The 2nd Annual Cyber Investing Summit is an all-day conference focusing on investing in the cyber security industry. Attendees will explore the financial opportunities, trends, challenges, and investment strategies available in the high growth cyber security sector.

Borderless Cyber USA (New York, New York, USA, June 21 - 22, 2017) Is your enterprise investing enough to protect against cyber-attack? Are you putting your resources where they have the most impact? How can you be sure? Senior security executives come together at Borderless Cyber to uncover new strategies, make new connections, and leave better prepared to defend their cyber practices--in the computer room and the Board room. The conference will take place at the historic U.S. Customs House in lower Manhattan on 21-22 June. Receive an extra $100 off the corporate rate. Use the discount code Cyberwire when registering. Special government rates and Early Bird savings are also available. We look forward to seeing you this June in NYC!

Selected Reading

Dateline

Raytheon looks to cyber intrusion detection system for pilots (IHS Jane's 260) Raytheon is funding a research and development effort to produce an Avionics Intrusion Detection System that could provide commercial and military pilots with a cyber-attack warning capability within the next year.

Cyber Attacks, Threats, and Vulnerabilities

Britain’s airports and nuclear power stations on cyber terror alert (Information Age) Airports and nuclear power stations across the UK have been told to bolster their defences in the face of increased terror threats

Power plant cyber threat: Lock up your ICSs and SCADAs (Register) That's not worrying at all

Digital Clue Links North Korea to Theft at New York Fed, Security Firm Says (Wall Street Journal) A newly discovered digital clue links the hacking group blamed for a multimillion-dollar cyberattack on Bangladesh central bank’s account at the New York Fed to a computer in North Korea, according to Russian cybersecurity company Kaspersky.

Cyber security firm - more evidence North Korea linked to Bangladesh heist (Eye Witness News) Kaspersky released a 58-page report on Lazarus, a group linked to the heist in Bangladesh and the 2014 attack on Sony’s Hollywood studio.

Lazarus APT Spinoff Linked to Banking Hacks (Threatpost) The Lazarus Group has splintered off a group whose mission is to attack banks and steal money in order to fund its operations.

Chinese Hackers Target Global Firms Via Supply Chain (Infosecurity Magazine) Chinese Hackers Target Global Firms Via Supply Chain. APT10 group pegged for massive Operation Cloud Hopper campaign

IAAF Says Hit By Cyberattack From Russian Group (RadioFreeEurope/RadioLiberty) The world governing body of track and field says it has become the victim of a cyberattack by a Russian hacking group linked to other incidents, including the hacking of the World Anti-Doping Agency and the U.S. Democratic Party.

IAAF says medical records compromised by Fancy Bear hacking group (Reuters) The governing body of global athletics (IAAF) said on Monday it had suffered a cyber attack that it believes has compromised information about athletes' medical records.

Russian Military-Linked APT28 Group to Wreak Havoc in 2017 (Infosecurity Magazine) Russian Military-Linked APT28 Group to Wreak Havoc in 2017. Dell SecureWorks urges best practice security measures

IRON TWILIGHT Supports Active Measures (SecureWorks) The IRON TWILIGHT threat group has targeted non-governmental organizations (NGOs), journalists, politicians, political organizations, governments, and militaries since at least 2009. SecureWorks® Counter Threat Unit™ (CTU) researchers assess it is highly likely that IRON TWILIGHT is sponsored by the Russian government.

New details emerge about 2014 Russian hack of the State Department: It was ‘hand to hand combat’ (Washington Post) Officials fear aggressive espionage tactics could spill over into the private sector.

Russian Hackers Are Still Using a Backdoor From the 90s (WIRED) A twenty-year-old record of one of the earliest ever cyberespionage campaigns suggests the same spy group still be alive and hacking.

New Evidence Links a 20-Year-Old Hack on the US Government to a Modern Attack Group (Motherboard) A UK company's vintage web server kept in storage for over 20 years connects the 'Moonlight Maze' attacks of the 90s to the 2000s hacker group Turla.

Russian-Speaking Turla Joins APT Elite (Threatpost) Researchers may have found a link between Moonlight Maze of the late ’90s and the Turla APT, which would elevate Turla to the ranks of the Equation Group as an elite nation-state attacker.

Researchers Disclose Vulnerabilities in GIGABYTE BRIX Systems (Cylance) Researchers have disclosed two vulnerabilities in two different models of the GIGABYTE BRIX platform. These vulnerabilities allow an attacker to elevate privileges, execute arbitrary code in System Management Mode, and install a backdoor at the firmware level. We have reported these vulnerabilities to the vendor.

Flatbed Scanners Used as Relay Point for Controlling Malware in Air-Gapped Systems (BleepingComputer) Scientists from two Israeli universities have come up with a way to use flatbed scanners as relay points when sending commands to malware installed on an air-gapped computer. Further research also revealed the scanner could also be used to relay stolen data to a nearby attacker.

Audit Finds Over a Dozen NTP Vulnerabilities (Security Week) Researchers at Germany-based security firm Cure53 have conducted a 32-day audit of the Network Time Protocol (NTP) and the NTPsec project and discovered more than a dozen vulnerabilities.

European companies hit with highly customizable ransomware (Help Net Security) Researchers have been analyzing ransomware attacks that have been targeting European business for a few months now, and have tied them to the same group.

Weak social network password security is more trouble than you think (Help Net Security) 53 percent of users haven't changed their social network passwords in more than one year – with 20 percent having never changed their passwords at all.

Phishing alert: Appears to be from Microsoft (Georgia College) Many people at GC are receiving one of the more popular phishing scam emails. It appears to be from Microsoft, a “Security Alert” wanting you to revalidate your account. Know that this is not from Microsoft.

()

Why ransomware increasingly targets the little guys (The Parallax) Ransomware, the “biggest cyberthreat” of the year, doesn't just go for big businesses. Cybercriminals are increasingly targeting small groups and consumers.

Microsoft Friday false positive: Bluber-A ballsup makes sysadmins blub (Register) Benign and fine but alarms do double-time

Found: Quite possibly the most sophisticated Android espionage app ever (Ars Technica) Discovery of Pegasus for Android comes 8 months after similar iOS app was found.

Notorious iOS spyware has an Android sibling (ITworld) Security researchers have uncovered the Android version of an iOS spyware known as Pegasus in a case that shows how targeted electronic surveillance can be.

An Update on Verizon's AppFlash: Pre-Installed Spyware Is Still Spyware (Electronic Frontier Foundation) This post is an UPDATE to a piece we originally published last week. Verizon recently rolled out a new pilot project to pre-install on customers’ devices an app launcher/search tool that, we believe, is really just spyware. This software, called AppFlash, is preloaded on a new model of LG device—the LG K20 V—rather than in all of their Android line as we previously reported.

Samsung's Android Replacement Is a Hacker's Dream (Motherboard) A security researcher has found 40 unknown zero-day vulnerabilities in Tizen, the operating system that runs on millions of Samsung products.

Security Researcher Finds 40 Zero-Day Vulnerabilities in Samsung's Tizen OS (xda-developers) A security researcher has found as many as 40 zero-day vulnerabilities and exploits in Samsung's Tizen OS that Samsung has not yet acknowledged! Read on!

Still using IIS 6.0? Stop right now – the latest zero-day won’t be patched (Naked Security) Unpatched vulnerability is an echo of how users failed to wean themselves off Windows XP after Microsoft stopped patching the OS

If A Phone's Facial Recognition Security Can Be Defeated By A Picture Of A Face, What Good Is It? (Techdirt.) No technology is perfect and facial recognition software is obviously no exception. But whereas law enforcement groups use this flawed technology in too many instances, device manufacturers are beginning to ship out security features that rely on...

Hackers Stole $800,000 From Russian ATMs With Disappearing Malware (Motherboard) The method was a complete mystery, and the only clues left behind were files containing a single line of English text: "Take the money, bitch."

From hackers' point of views: New study exposes their strategies (Trend Micro Simply Security) A recently released survey interviewed black-hat hackers to get a better sense of the strategies and methodologies today's cyber criminals are using.

Security Patches, Mitigations, and Software Updates

iOS 10.3.1 includes bug fixes and improves the security of your iPhone or iPad (Ars Technica) Bugs? Fixed 'em. Security? Improved it.

Splunk Patches Information Theft and XSS Flaws (Security Week) Splunk last week released an update for Splunk Enterprise to address an information theft bug and a persistent Cross Site Scripting (XSS) vulnerability.

Cyber Trends

Not just a load of old COBOLers: systems are still running on old code (Naked Security) Old code still underpins systems from airlines to banking, presenting not just a potential security risk, but also a risk that you might not be able to find developers to fix the issues

Marketplace

()

This Map Shows the UK’s Surveillance Exports (Motherboard) IMSI catchers, intrusion software, internet monitoring solutions: UK companies provide it all.

Yahoo and AOL are part of Verizon's new 'Oath' brand (updated) (Engadget) Verizon has apparently had with with the Yahoo name (and AOL, apparently).

McAfee reborn as Intel spin-off closes (iTnews) Returns to being one of the largest pure-play security firms.

Hewlett Packard Enterprise (HPE) Completes Spin-off, Merger of Enterprise Services Business with CSC (CSC) (StreetInsider) Hewlett Packard Enterprise (NYSE: HPE) today announced that it has successfully completed the previously announced separation of its Enterprise Services business (“ES” or “Everett Spinco”), and merged it with Computer Sciences Corporation (NYSE: CSC) to create DXC Technology (“DXC”).

CSC and HPE Enterprise Services new company launch date revealed (CRN Australia) DXC Technology coming down under.

Cirrus Networks acquires NGage Technology Group (CRN Australia) Deal brings together two veterans of CRN Fast50.

Accenture Completes Acquisition of iDefense Security Intelligence Services, Expands Ability to Provide Clients with Faster, More Complete Threat Intelligence (Yahoo! Finance) In a move to provide clients with better and more comprehensive threat intelligence, Accenture has completed its acquisition of the iDefense Security Intelligence Services business from VeriSign, Inc.

Accenture to boost its security capabilities with acquisition of Arismore and iDefense (ZDNet) Accenture announced on Monday that it has completed its purchase of security businesses Arismore and iDefense.

WISeKey Completes Acquisition of Cybersecurity Company QuoVadis And Becomes A PKI/ Internet of Things Security Industry Leader (Yahoo! Finance) WISeKey International Holding Ltd , a leading Swiss cybersecurity and IoT company, whose Class B Shares are listed on the SIX Swiss Exchange, announced today that it has completed the previously announced acquisition of QuoVadis Holdings Ltd , a leading cybersecurity company with strong focus in next

Israel's Cybergym picks Melbourne as global headquarters ahead of ASX IPO (Financial Review) ASX-bound Cybergym will now call Australia home, with Melbourne as its global HQ after Victoria trumped NSW for incentives.

3 Top Artificial Intelligence Stocks to Buy in 2017 (The Motley Fool) Computer-assisted data analysis is not exactly a new thing, but these tools are becoming incredibly powerful. Here are three ideas for investors who want to jump aboard this careening bandwagon.

Terbium Labs Sees Industry Award Boon in First Quarter (PRWeb) Terbium Labs, the company behind Matchlight, the world’s first fully private, fully automated data intelligence system, has finished a strong first quarter marked by rapid growth and industry recognition.

Cisco’s Security Approach Gaining Traction, Says Cowen (Barrons) Cowen & Co. analyst Paul Silverstein, citing data this morning from his colleague Gregg Moskowitz, writes that the latest trends in network security bode well for Cisco Systems (CSCO), whose shares he rates Outperform, with a $39 price target.

Overseas investor says Wynyard's failure largely down to 'financial crisis' in NZ (Stuff) New European owner of Wynyard's crime-fighting software has an explanation for the company's troubles.

Boeing Wins $42Mln for Cryptography Used in US Combat Survival System (Sputnik) Pentagon said that Boeing Defense, Space & Security has received a $42.5 million US Air Force contract to develop more secure codes on systems to locate and rescue downed air crew and help them escape pursuers.

Products, Services, and Solutions

Verizon launches national IoT network (Yahoo! Finance) On Friday, Verizon launched the first national LTE Cat-M1 network in the US. LTE Cat-M1 is a low-power variant of 4G LTE designed specifically for enterprise IoT use.

Carbon Black Named Best Endpoint Detection and Response Solution by Security Professionals in SANS Institute Awards (Yahoo! Finance) Carbon Black, the leader in next-generation endpoint security, today announced it has been named Best Endpoint Detection and Response Solution by security professionals in the SANS Institute’s Best of 2016 Awards.

Allied Mission Group LLC Becomes Authorized Reseller for RedOwl to Address Growing Insider Threat Risk (Yahoo! Finance) RedOwl, the leader in insider risk solutions, today announced a reseller partnership with Allied Mission Group , which brings critical technology to the public sector.

Technologies, Techniques, and Standards

How backup can help businesses never be held hostage by ransomware (IT SECURITY GURU) Paying ransom fees to regain access to data in the vague hope that criminals will release files from...

Visiting Random Sites to Confuse Trackers Won’t Protect Your Privacy (Motherboard) Obfuscation won’t likely stop marketers from figuring out your browsing habits.

Security Sense: Encrypted Web Traffic Doesn’t Necessarily Hide Your Weird Fetishes (WIndows IT Pro) The amount of encryption we use on the web is growing at a pretty rapid rate these days.

Managed Services: a Security Problem and Solution () Almost any IT function can be purchased as a service, even security. We look at security issues posed by managed services, and the shortcut to comprehensive IT security that managed security services providers offer.

IoT Security: All You Need to Know and Apply (Heimdal Security Blog) Learn about the biggest IoT cyber threats out there, and how to protect yourself from them in this comprehensive guide on IoT security.

Design and Innovation

Tim Compston talks biometrics for security with Suprema, Genie, BioCatch, CEM Systems, Hitachi and more (Security News Desk) Tim Compston has his finger on the pulse of the latest developments in biometrics. He speaks to Suprema, Genie, BioCatch, CEM Systems and more.

Daimler and Bosch: fully autonomous cars within 5 years (TechCrunch) Look out, startups. The big guns are taking on autonomous driving with serious intent. Daimler, one of the largest vehicle manufacturers in the world,..

Research and Development

New Study to Explore Relationship Between Autism and Cybercrime (Infosecurity Magazine) New Study to Explore Relationship Between Autism and Cybercrime. Bath university researchers will start project today

Discussing the limits of artificial intelligence (TechCrunch) It's hard to visit a tech site these days without seeing a headline about deep learning for X, and that AI is on the verge of solving all our problems. Gary..

Academia

10 schools top new ranking of best cybersecurity programs (Military Times) UNO is one of 10 universities listed in our new ranking of the best college cybersecurity programs, coming in second behind Syracuse University.

Bristol University to play pivotal role in protecting the country from cyber attack (Bristol University) The University of Bristol has once again been recognised by the National Cyber Security Centre (NCSC) and the EPSRC as an Academic Centre for Excellence in Cyber Security Research (ACE-CSR).

Legislation, Policy and Regulation

Trump puts China, North Korea on notice (Washington Examiner) As President Trump prepares for a week of intensive meetings with foreign leaders, he has issued a blunt ultimatum to China to step up and use its influence to bring North Korea to heel.

China Pivots its Hackers from Industrial Spies to Cyber Warriors (Cipher Brief) China continues to deploy military equipment to contested islands in the South China Sea, raising concerns among regional players and U.S. forces stationed in the Pacific.

Air Force considers merging cyber, electromagnetic spectrum activities (Fifth Domain | Cyber) The service is evaluating a merger of the 24th and 25th Air Force.

Trump Signs Anti-Privacy Bill into Law (Infosecurity Magazine) President Trump signed into law a measure that repeals the Federal Communications Commission’s broadband privacy rules.

German Army Gets New Cyber Command (Defense World) German Defense Minister Ursula von der Leyen will assemble the new cyber command later this week for a celebratory installation in Bonn.

Lines Around Cyber Threat Intelligence Sharing Blurring (Threatpost) The lines between between information shared between intelligence services, companies, and the government are getting increasingly blurry, a Georgetown professor warned.

Robots are in our future. Will policymakers keep denying that? (TheHill) OPINION | Policymakers will have to decide whether they will let artificial intelligence transform the way we work, or slow development in the name of protecting traditional jobs or cushioning workers.

Litigation, Investigation, and Enforcement

St Petersburg metro explosion kills 11 in Russia (BBC News) Eleven people are killed and dozens injured by the explosion on a train between two stations.

Suicide bomber from Kyrgyzstan blamed for Metro attack (Times (London)) A young suicide bomber was behind the explosion that killed 11 people on a crowded train in St Petersburg, Kyrgyzstan’s security services have said. Akbarjon Djalilov, born in Kyrgyzstan in 1995...

Week ahead: Russia storm swirls (TheHill) The focus will firmly be on the investigations into Russian election interference in the coming week.

Susan Rice Sought Names of Trump Associates in Intel (Bloomberg View) Investigators saw a pattern behind requests from Susan Rice.

UNMASKED: Susan Rice Requested Intelligence On Trump Associates (The Daily Caller) Susan Rice, the national security advisor for President Obama, made dozens of requests seeking to unmask the identities of Donald Trump associates identified in raw intelligence reports.

Trump Supporter Labeled ‘Fake News’ By ’60 Minutes’ Beats Everyone To Susan Rice Scoop (The Daily Caller) Mike Cernovich, a journalist who has promoted conspiracy theories and was deemed "fake news" by "60 Minutes," was the first to break the news that Obama's former national security advisor Susan Rice m

Trump campaign adviser Carter Page met with Russian spy in 2013 (Chicago Tribune) Carter Page, a foreign policy adviser to Donald Trump's presidential campaign met with a Russian intelligence operative in 2013, according to court filings.

Blackwater founder held secret Seychelles meeting to establish Trump-Putin back channel (Washington Post) Erik Prince met with a Russian close to the Kremlin in a meeting brokered by the United Arab Emirates.

Dubai Police Arrest Hackers Who Targeted White House Staff (VOA) Officials say suspects are part of an 'African gang' who broke into emails of five senior officials and 'got highly confidential information'

Cybersecurity companies sometimes wreck FBI investigations. Here's how. - CyberScoop (Cyberscoop) Publishing research can boost a cybersecurity firm's reputation but muddle the hard work of federal law enforcement agencies — and the problem is likely to get worse.

Assange to learn this week whether he faces likely eviction from Ecuadorian embassy following presidential vote (Computing) Challenger in Ecuadorian presidential election has vowed to evict Assange from London embassy

IT Admin Guilty of Hacking of Former Employer (Infosecurity Magazine) IT Admin Guilty of Hacking of Former Employer. El Paso bootmaker suffered serious downtime and extra costs after incident

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

Cyber Security Summit: Atlanta (Atlanta, Georgia, USA, April 6, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Atlanta. Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: Atlanta is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

SANS 2017 (Orlando, Florida, USA, April 7 - 14, 2017) Success in information security requires making a commitment to a career of learning, from the fundamentals to advanced techniques. To put you firmly on that learning path, join us at SANS 2017 in Orlando, Florida from April 7-14. This event features over 40 different cutting-edge courses taught by top industry professionals who will provide you with the best available information and software security training. SANS 2017 also features numerous opportunities to learn new skills, techniques, and trends at the SANS@Night talks, Vendor Expo, and Lunch-and-Learn sessions. You will hear about the latest and most important issues in talks led by SANS practitioners who are leading the global conversation on cybersecurity.

Unprecedented Counterintelligence Threats: Protecting People, Information and Assets in the 21st Century. (Arlington, Virginia, USA, April 10, 2017) This full day symposium will provide insights into evolving threats to the nations security and identify effective ways of addressing them. Highlights Include: A keynote address from National Counterintelligence Executive (NCIX) Bill Evanina. The presentation of a new paper from INSA’s Security Policy Reform Council, “Assessing the Mind of the Malicious Insider,” which discusses the psychological traits and stressors that lead to malicious behavior and identifies continuous evaluation methodologies that can provide early warning of destructive acts. A review of best practices in implementing insider threat programs in the public and private sectors. An assessment of the risks to key supply chains and the prospects of delivering goods uncompromised. A discussion of the greatly overlooked long-term impacts of the 2015 theft of OPM personnel data.

Hack In the Box Security Conference (Amsterdam, the Netherlands, April 10 - 14, 2017) Back again at the NH Grand Krasnapolsky, HITB2017AMS takes place from the 10th till 14th of April 2017 and features a new set of 2 and 3-day technical trainings followed by a 2-day conference with a Capture the Flag competition, technology exhibition with hackerspaces, lock picking villages and hardware related exhibits plus a free-to-attend track of 30 and 60 minute talks!

Cyber Warrior Women: Blazing the Trail (Catonsville, Maryland, USA, April 19, 2017) Join the Cybersecurity Association of Maryland, Inc. (CAMI), in partnership with The CyberWire, Fort Meade Alliance, and presenting sponsor Exelon Corporation, for "Cyber Warrior Women: Blazing the Trail." This special program is designed to spotlight some of Maryland’s diverse and dynamic female cybersecurity professionals with stories of triumph and tribulation, advice and inspiration. Can't join us in person? Host a viewing party with your colleagues or fellow students, or tune in individually.

ISSA CISO Executive Forum: Information Security, Privacy and Legal Collaboration (Washington, DC, USA, April 20 - 21, 2017) Information Security, Privacy and Legal programs must be closely aligned to be successful in today’s world. Customer and vendor contracts require strong security language. Privacy has moved to the forefront of a global stage. Response to data breaches are often coordinated through Legal departments to protect privilege. Increasing global regulations drives change to Information Security and Privacy practices. Join your Information Security, Legal and Privacy leadership peers to discuss timely issues in these areas.

International Conference on Cyber Engagement 2017 (Washington, DC, USA, April 24, 2017) Georgetown University's seventh annual International Conference on Cyber Engagement promotes dialogue among policymakers, academics, and key industry stakeholders from across the globe, and explores the worldwide community’s increasing interconnectivity in this domain.Drawing on the experience of government practitioners, industry representatives and academic scholars, this event brings a multidisciplinary and international approach to the challenges in cyberspace from technical, corporate, legal, and policy perspectives in both the United States domestic and international realms – with several topics targeting private sector interests.

SANS Baltimore Spring 2017 (Baltimore, Maryland, USA, April 24 - 29, 2017) SANS Institute, the global leader in information security training, today announced the course line-up for SANS Baltimore Spring 2017 taking place April 24 – 29. All courses offered at SANS Baltimore are open to civilians and veterans. Included among the course line-up are several master's degree and graduate certificate courses that are eligible for GI Bill benefits through the SANS Technology Institute graduate school.

Defence Information 2017 (Cranfield, England, UK, April 26 - 27, 2017) Defence Information 2017 is the major annual communications event of Joint Information Group activities (the JIG reports to the Defence Suppliers Forum) and the Event’s content spans both Information and Support. Our DI’17 Event examines some of the ‘people, process and technology’ issues critical to Team Defence being able to adopt, embed and exploit new (and often disruptive) Information and Communications Technology (ICT) capabilities and associated new ways of working - to productive effect.

Crimestoppers Conference (Eden Project, Bodelva, St Austell , April 27, 2017) Crimestoppers is organising a major one-day conference designed to help local businesses shore up their online security. A range of expert speakers will pinpoint typical cyber pitfalls to avoid. 80% of cyber crime is preventable and just a few key security steps can help avoid damaging your business reputation and finances

Atlantic Security Conference (Halifax, Nova Scotia, Canada, April 27 - 28, 2017) Atlantic Canada's non-profit, annual information security conference. AtlSecCon, the first security conference in Eastern Canada focusing on bringing some of the worlds brightest and darkest minds together with one common goal – to expand the pool of IT Security knowledge beyond its typical confines. AtlSecCon provides an unmatched opportunity for IT Professionals and Managers to collaborate with their peers and learn from their mentors.

SANS Automotive Cybersecurity Summit 2017 (Detroit, Michigan, USA, May 1 - 8, 2017) SANS will hold its inaugural Automotive Cybersecurity Summit to address the specific issues and challenges around securing automotive organizations and their products. Join us for a comprehensive look at automotive assembly, industry suppliers, embedded systems, and safeguarding extended customer and product data. The Summit will include two-days of in-depth presentations from top security experts and seasoned practitioners, hands-on learning exercises, and exclusive networking opportunities.

cybergamut Tech Tuesday: Distributed Responder ARP: Using SDN to Re-Engineer ARP from within the Network (Elkridge, Maryland, USA, and online at various local nodes, May 2, 2017) We present the architecture and initial implementation of distributed responder ARP (DR-ARP), a software defined networking (SDN) enabled enhancement of the standard address resolution protocol (ARP) intended to improve network security and performance by exerting much greater control over how ARP traffic flows through the network as well as over what actually delivers the ARP service. Presented by Mark Alan Matties, PhD of The Johns Hopkins University Applied Physics Lab.

Cyber Security Summit in Dallas (Dallas, Texas, USA, May 5, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from Proofpoint, CenturyLink, IBM and more. Register with promo code cyberwire50 for half off your admission (Regular price $350)

OWASP Annual AppSec EU Security Conference (Belfast, UK, May 8 - 12, 2017) Welcome to OWASP Annual AppSec EU Security Conference, the premier application security conference for European developers and security experts. AppSec EU provides thought leadership, amazing talks, informative sessions, and great social experiences. During the pre-conference (Monday 8th - Wednesday 10th May 2017) there is the opportunity to attend one of the many trainings courses on offer from industry experts, plus project summits and outreach sessions to the future pioneers of the application security industry. The main conference (Thursday 11th & Friday 12th May) offers four full tracks of talks, for pentesters and ethical hackers, developers and security engineers, DevOps practices and GRC/risk level talks for managers and CISOs.

SANS Security West 2017 (San Diego, California, USA, May 9 - 18, 2017) Cybersecurity skills and knowledge are in high demand. Cyber attacks and data breaches are more frequent and sophisticated, and organizations are grappling with how to best defend themselves. As a result, cybersecurity is more vital to the growth of your organization than ever before. Now is the perfect time to take the next step to protect your organization and advance your career. Join us at SANS Security West 2017 (May 9-18) to gain the skills and knowledge needed to help your organization succeed. Choose from over 30 information security courses taught by SANS’ world-class instructors. At SANS Security West 2017, you will get the best hands-on, immersion training and learn what it takes to stop cyber threats.

OWASP AppSec EU (Belfast, Northern Ireland, UK, May 12 - 18, 2017) Welcome to OWASP Annual AppSec EU Security Conference, the premier application security conference for European developers and security experts. AppSec EU provides thought leadership, amazing talks, informative sessions, and great social experiences. During the pre-conference (Monday 8th - Wednesday 10th May 2017) there is the opportunity to attend one of the many trainings courses on offer from industry experts, plus project summits and outreach sessions to the future pioneers of the application security industry. The main conference offers four full tracks of talks, for pentesters and ethical hackers, developers and security engineers, DevOps practices and GRC/risk level talks for managers and CISOs.

EnergySec Security Education Week (Austin, Texas, USA, May 14 - 19, 2017) The Energy Sector Security Consortium, Inc.'s Security Education Week is designed for early to mid career cybersecurity professionals currently employed at electric utilities in North America. Students will receive technical instruction on various topics including threat hunting, network packet analysis, and security assessments. Sessions will also cover operational technology used in the electric sector, and instructional workshops from industry vendors. Students will also participate in facility tours hosted by the Lower Colorado River Authority (LCRA), and evening activities designed to build relationships within industry and strengthen the community of cybersecurity professionals.

Global Cybersecurity Innovation Summit Advancing International Collaboration (London, England, UK, May 16 - 17, 2017) SINET – London creates a forum to build and maintain international relationships required to foster vital information sharing, broad awareness and the adoption of innovative Cybersecurity technologies.

Public Sector Cyber Security Conference: Defending the Public from Cyber-Attacks (Salford, England, UK, May 17, 2017) Join us for the Public Sector Cyber Security Conference where leading experts will explain how to protect the vital services provided by central Government, local councils and the NHS. Learn how to safeguard sensitive data such as medical records and keep IT systems safe from cyber-attacks by states, criminal gangs and cyber terrorists.

PCI Security Standards Council: 2017Asia-Pacific Community Meeting (Bangkok, Thailand, May 17 - 18, 2017) Two days of networking and one-of-a-kind partnership opportunities await you. Whether you want to learn more about updates in the payment card industry or showcase a new product, you’ll find it all at the 2017 Asia-Pacific Community Meeting.

2017 Georgetown Cybersecurity Law Institute (Washington, DC, USA, May 17 - 18, 2017) It is more important than ever that in-house and outside counsel stay abreast of the most current developments and best practices in cybersecurity. At our Institute you will receive insights on the best governance, preparedness, and resilience strategies from experienced government officials, general counsels, and cybersecurity practitioners who face these issues on a daily basis.

Northsec Applied Security Event (Montreal, Québec, Canada, May 18 - 21, 2017) The conference will feature technical and applied workshops hosted in parallel for the most motivated attendees. Topics include application and infrastructure (pentesting, network security, software and/or hardware exploitation, web hacking, reverse engineering, malware/virii/rootkits), cryptography and obfuscation (from theoretical cryptosystems to applied cryptography exploitation, cryptocurrencies, steganography and covert communication systems), and society and ethics.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.