The CyberWire Daily Briefing 4.10.17

Summary

By The CyberWire Staff

At the end of last week WikiLeaks issued another, smaller tranche of what purport to be CIA documents, but these don't arrive with the éclat that accompanied earlier releases. They're generally perceived as leaks intended simply to damage US intelligence services, without the aura of whistleblowing that colored some earlier WikiLeaks dumps.

The Shadow Brokers are back, this time with files they claim are "NSA passwords." The group resurfaced after punitive US airstrikes hit Syrian targets in response to the Assad regime's use of chemical weapons against mostly civilian targets. The Shadow Brokers have unpleasant things to say about US President Trump, saying in their communiqué (with familiar scriptwriter's broken English) that they're "no longer" his supporters, that he's abandoned "his base." So President Trump has either fallen out of favor with the Shadow Brokers' (by consensus Russian) masters or that he was never in that much favor to begin with. Motherboard, often in communication with the Brokers, has asked for clarification, but received none.

Al-Masdar News, an outlet based in the UAE but generally regarded as closely aligned with Syria's Assad regime and inter alia a mouthpiece for Russian policy in the area, claimed Friday it was the victim of a cyber attack that originated somewhere in the US. No other sources appear to have taken notice of the allegation.

Hackers set off emergency tornado-warning sirens in Dallas, Texas, early Saturday morning.

In industry news, Okta issues an IPO, the first major IPO in the cybersecurity sector this year.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, China, Germany, Democratic Peoples Republic of Korea, Nigeria, Russia, Slovakia, Spain, Syria, United Kingdom, United States

On the Podcast

In today's podcast, we speak with Joe Carrigan from the Johns Hopkins University on enhanced capabilities coming to the Waze GPS app. And we wrap up our coverage of WiCyS with Kathleen Smith from CyberSecJobs.com and ClearedJobs.net.

Sponsored Events

Cyber Warrior Women: Blazing the Trail (Catonsville, Maryland, USA, April 19, 2017) Hear stories of triumph and tribulation, advice and inspiration from some of Maryland’s diverse and dynamic female cybersecurity professionals. Join us in-person for this free event or register to view the live stream online.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

WikiLeaks just dropped the CIA’s secret how-to for infecting Windows (Ars Technica) Latest batch of documents details how CIA infects targets’ Windows-based computers.

Angry Shadow Brokers release password for suspected NSA hacking tools (CSO Online) Annoyed with the U.S. missile strike last week on an airfield in Syria, among other things, hacker group Shadow Brokers resurfaced on Saturday and released what they said was the password to files containing suspected National Security Agency tools they had earlier tried to sell.

They're Back: The Shadow Brokers Release More Alleged Exploits (Motherboard) In their new post, the NSA hackers pointed specifically to President Trump, and recent political events.

NSA Hacking Tools Leak Online But Are 'The Shadow Brokers' About To Be Unmasked? (Forbes) You may not know much about The Shadow Brokers - a secretive and mysterious...no-one is quite sure but let's say...group of hackers with alleged NSA data but you probably will over the coming days. While some believe the group to be a disgruntled intelligence agent, others say Russia and others say a collection of hackers.

Shadow Brokers return with new release of NSA hacking tools - and an open letter to President Trump (Computing) Russia-linked hacking group denies links to Russia.

Shadow Brokers Publish the Password for the Rest the Stolen NSA Hacking Tools (BleepingComputer) The Shadow Brokers (TSB) are back, and they've released the password for the rest of the hacking tools they claim to have stolen from the NSA last year.

US cyber attack shuts down Al-Masdar News for five hours (AMN - Al-Masdar News | المصدر نيوز) On Friday afternoon, Al-Masdar News experienced its biggest hacker attack ever, leaving the website inaccessible to its reade

How to Fight ISIS Online (Foreign Affairs) To begin countering ISIS' online threat, it is necessary to understand the external factors that have shaped the group's communications strategy.

Combating information and disinformation campaigns (C4ISRNET) Actions by ISIS and Russia have forced the West to combat efforts in the public and military information sphere.

Unit 42 Uncovers New Google Android Malware, Bit.ly And ‘Fake News’ Strategies (Information Security Buzz) Unit 42, Palo Alto Networks’ threat intelligence research arm, has uncovered evidence of links between attacks using two new malware families and two families of Google Android malware. This has been discovered as part of work on preventing and detecting targeted attacks in the Middle East. The attackers favour using URL shortening services to disguise …

Baseband Zero Day Exposes Millions of Mobile Phones to Attack (Threatpost) A previously undisclosed baseband vulnerability impacting Huawei smartphones, laptop WWAN modules and IoT components was revealed Thursday at the Infiltrate Conference

Booby-trapped Word documents in the wild exploit critical Microsoft 0day (Ars Technica) There’s currently no patch for the bug, which affects most or all versions of Word.

Hackers are attacking Word users with new Microsoft Office zero-day vulnerability (ZDNet) The bug affects all supported versions of Microsoft Word, but will be fixed this week.

Attacks Detected with New Microsoft Office Zero-Day (BleepingComputer) Cyber-security firms McAfee and FireEye have both disclosed in-the-wild attacks with a new Microsoft Office zero-day that allows attackers to silently execute code on targeted machines and secretly install malware.

Matrix Ransomware Expands to Affects Other PCs Using Malicious Shortcut (Cyware) Brad Duncan, a Threat Intelligence Analyst for Palo Alto Networks Unit 42, has recently started seeing the EITest campaign use the RIG exploit kit to distribute the Matrix ransomware. What was found is interesting as Matrix Ransomware has the worm like features that allow it to spread outside of the originally infected machine via Windows shortcuts and uploads stats about the types of files that are encrypted. According to Brad Duncan, Matrix is distributed via hacked sites that have the EITest scripts injected into them.

Forcepoint Warn Of Healthcare Targeting Ransomware (Information Security Buzz) Forcepoint security labs has identified a form of ransomware, first documented back in September 2016 that targets healthcare organisations. ‘Philadelphia’, believed to be a new version of ‘Stampedo’ currently shows patterns that could be the beginning of a widening targeting campaign, extending beyond US perimeters. Sold for just a few hundred dollars and promoted on …

Assessing The Ransomware Threat On IBM i (IT Jungle) How would you like to be given the choice of paying a $200,000 ransom or having your server down for a month? Those are real outcomes from two recent ransomware attacks on IBM i servers, which cybercriminals may be starting to target. “We certainly have seen a trend recently in malware and specifically ransomware, just

IoT devices under attack: Amnesia hijacks, BrickerBot destroys (Help Net Security) Every hour of every day, computer systems and IoT devices are under attack by bots trying to recruit them into growing botnets.

DDoS Attacks Increase In Profitability (PYMNTS.com) One of the main drivers in the popularity of distributed denial-of-service (DDoS) attacks among cybercriminals is the favorable cost-profit ratio. Companies that are targeted by this type of extortion can expect to lose thousands, if not millions of dollars, while the perpetrators of the attack can invest as little as $7 an hour to get […]

Irresponsible Chinese DVR Vendor Still the Target of IoT Botnets One Year Later (BleepingComputer) A Chinese company that manufactures white-labeled DVRs still hasn't patched a security flaw that's been targeted by IoT botnets for over a year.

FAFSA Tool Taken Offline After Breach Report (Dark Reading) Personal data of 100,000 taxpayers compromised after IRS' students financial aid tool hacked.

Pay day loan firm Wonga suffers data breach affecting up to 270,000 (TechCrunch) Payday loan firm Wonga has suffered a data breach affecting up to 245,000 customers in the UK. A further 25,000 customers in Poland may also be affected,..

Wonga at a Loss After Suspected Data Breach (Infosecurity Magazine) Wonga at a Loss After Suspected Data Breach. Short term loans company warns customers

GameStop Investigates a Potential Card Heist (Infosecurity Magazine) Three-digit CVV2 verification codes are thought to be part of the cache, which allow crooks to make fraudulent purchases immediately.

North Korean hackers attack banks in Nigeria, 17 other countries - Kaspersky (Premium Times Nigeria) The Central Bank said it is not aware of the attacks.

Hackers set off Dallas’ 156 emergency sirens over a dozen times (Ars Technica) Twice the normal volume of 911 calls came into the system early Saturday morning.

Malvertising campaign pushes data-collecting VPN on iOS users (Graham Cluley) A malvertising campaign is targeting iOS devices with a VPN that doesn't hide the fact it collects large quantities of users' information.

Scareware/Malvertising Campaign Targets iPhones (Infosecurity Magazine) A scareware campaign has been uncovered that pushes a ‘free’ VPN app called MyMobileSecure to iOS users via rogue ads on popular torrent sites.

Water Utility Cyberattack Rings Up Hefty Data Charges (Circle of Blue) Money is often the root of cyberattacks on water utilities, experts say. By Brett Walton, Circle of Blue Hackers that stormed the digital defenses of an American water authority and took control of its cellular routers late last year were not interested in disrupting water supply and wastewater treatment. Instead they were intent on stealing …

ClearEnergy - The "In The Wild" SCADA Ransomware Attacks That Never Existed (BleepingComputer) A mini-controversy broke out this week in the infosec community after cyber-security firm CRITIFENCE led journalists and other security experts to believe that they've detected in-the-wild attacks with a new ransomware called ClearEnergy, specialized in targeting ICS/SCADA industrial equipment.

Power grid leaders worry that a cyberattack is looming (Houston Chronicle) The Department of Energy continues to work on developing what Patricia Hoffman, acting assistant secretary at the Department of Energy's Office of Electricity Delivery and Energy Reliability, called "an ecosystem of resilience," by developing security standards and improve information sharing between government officials and the companies that operate the grid.

Researcher Warns SIEMs Are Weak Link In Network Security Chain (Threatpost) Security information and event management solutions are supposed to boost security, but researchers say the network analysis tools are ripe attack targets.

The New Shadow IT: Custom Data Center Applications (Dark Reading) If you think you've finally gotten control of unsanctioned user apps, think again. The next wave of rogue apps is on its way from your data center to the cloud.

SCAM ALERT - If you get this phone call from 'Microsoft', do NOT answer (Express.co.uk) 'EPIDEMIC' of criminals are targeting victims with a devious new phone scam, top security researcher tells Express.co.uk.

Apple Mac OS Malware Spiked in Q4 (Dark Reading) Malware samples sharply increased for Mac OS devices in Q4 2016 as threat actors expand their targets outside Windows PCs, new McAfee report says.

Security Patches, Mitigations, and Software Updates

Compared to last month's Patch Tuesday, April will be a light drizzle (Help Net Security) There is no greater threat of exposure than software that is no longer being updated. Software is like milk - it has an expiration date.

Cisco Aironet 1830 Series and 1850 Series Access Points Mobility Express Default Credential Vulnerability (Cisco) A vulnerability in Cisco Aironet 1830 Series and Cisco Aironet 1850 Series Access Points running Cisco Mobility Express Software could allow an unauthenticated, remote attacker to take complete control of an affected device.

Broadcom fixes wi-fi exploit for Android and iOS devices (CRN Australia) Vulnerabilities could potentially allow remote code execution on devices.

Cyber Trends

NSA cyber-defense chief: ‘I have never been more busy’ (Fedscoop) This report first appeared on CyberScoop. The man responsible for leading the National Security Agency’s defensive mission says his team is fielding more calls than ever from agencies across the government. Dangerous, highly capable hackers and a desire by agencies to adopt cloud technology have increased the workload for Information Assurance chief Paul Pitelli and his …

Cybersecurity nears tipping point (CSO) As data breaches increase in size, frequency and impact, Centrify CEO Tom Kemp calls for a fundamental rethink of security to maintain our trust in current and emerging technologies.

Public vs. private blockchains: It could all prove a bit like the cloud (IDG Connect) Blockchain is one of those hot new areas which an awful lot of companies are getting interested in.

When will self-aware AI develop its own instinct? (Computing) This will be the tipping point of synthetic learning, argues Peter Cochrane.

Marketplace

Heed the warning signs: Defense and commercial cyber just don’t mix (Washington Business Journal) For decades, defense contractors have helped the government protect its most sensitive networks from the most sophisticated of adversaries. It didn't turn out so well when they tried to do the same for the private sector.

Okta goes public after successful IPO (CRN Australia) First big cybersecurity IPO of the year.

Armor Raises $89M to Bolster Secure Hosting (eSecurity Planet) Secure cloud hosting provider Armor announced on April 5 that it has raised $89 million in a new round of equity financing. The money will be used to help grow Armor's global business efforts.

TASER changes name in shift to software, services for police (Reuters) TASER International, themaker of electrical weapons for police officers, is changing itsname to Axon as it pushes further into the software business.

The Impact Of Geopolitics On Lockheed Martin (Seeking Alpha) Today the U.S. initiated air strikes in Syria. Lockheed Martin reaps 71% of its net sales from U.S. government contracts, and is profoundly impacted by geopolit

Palo Alto Networks (PANW) Board Announces Share Repurchase Program (The Cerbat Gem) Palo Alto Networks (NYSE:PANW) declared that its board has initiated a share buyback plan, which allows the company to repurchase $500 million in shares on Tuesday, February 28th, EventVestor reports. This repurchase authorization allows the company to purchase up to 3.6% of its shares through open market purchases.

Cylance Cuts Jobs (Orange County Business Journal) Cylance Inc. in Irvine has initiated a round of job cuts in a restructuring. It’s unclear if this was the first layoffs for the fast-growing, five-year-old security software maker, which declined to disclose the number of cuts.

Startup founded by FireEye alum goes after FireEye (Network World) SlashNext, a startup formed by a former FireEye engineer, uses machine learning and artificial intelligence to detect and prevent threats from causing harm.

New Lease of Life: Wynyard Prepares for Second Innings (Yahoo! Finance) Luxembourg-based investment company, Boundary Holding SARL SPF, has completed the acquisition of Wynyard Advanced Crime Analytics software from the New Zealand-based software firm, Wynyard Limited.

Software company Eset wants a Silicon Valley in Bratislava (Spectator) The Interior Ministry's stance that it's all about the money seems strange compared to the value they want to provide, says Eset.

Port S.A. launches cyber security infrastructure roots (LaPrensa) Port San Antonio announced a major new development that supports job creation and economic growth in the next century, exactly 100 years since the beginning of Kelley Air Force Base. Port S.A. staff, dignitaries and members of the cybersecurity industry broke ground on “Project Tech” on Wednesday afternoon, discussing what the plan entails. The first …

Infosec careers: There is no one true path (CSO Online) It would sure make things simple if there were one easy and obvious way to get a job or start a successful business in IT security.

Cybersecurity vendors spin up channel partner programs (SearchITChannel) Cybersecurity vendors are reaching out to channel partners such as managed service providers to promote their offerings to more customers.

Suthan Naganayagam returns to SAP after running Netlinkz for six months (CRN Australia) Suthan Naganayagam returns to SAP.

Products, Services, and Solutions

ConsentIQ Eases SME Privacy Compliance with Integrated GDPR & 'Cookie Law' Consent Management (Broadway World) ConsentIQ Eases SME Privacy Compliance with Integrated GDPR & 'Cookie Law' Consent Management

AlphaBay to Begin Accepting Ethereum as the Bitcoin Alternative Grows More Popular (SurfWatch Labs, Inc.) Beginning next month, malicious actors using the dark web marketplace AlphaBay will be able to buy and sell their goods using the growing cryptocurrency platform Ethereum. Ethereum will become the …

TrapX Security Achieves Cisco Compatible Certification, Integrates DeceptionGrid with Cisco ISE pxGrid and Threat Grid (Cisco Blogs) A core responsibility in my role at Cisco Security is guiding ecosystem partners through the Solution Partner Program, executing daily on the Open and Automated pillars of the Cisco Effective Cybersecurity strategy.

Wandera Offers Security For Mobile Enterprise Clients (Military Technologies) With the fast paced business world of today, it has become imperative that companies extend their workability to mobile devices, such as tablets and smartphones. For some professions, working in an office is just not feasible.

New weapon from Darktrace in AI arms race (Business Weekly) Cambridge cyber security firm Darktrace has broadened availability of a new weapon to fight tech terrorists in an escalating global AI arms race.

Technologies, Techniques, and Standards

Last Chance to Comment on NIST's Updated Cyber Framework (SIGNAL Magazine) The comment period deadline is Monday for changes introduced to the National Institute of Standards and Technology's draft update to its cybersecurity framework.

Mitigate threats by using Windows 10 security features (Microsoft Windows IT Center) This topic provides an overview of some of the software and firmware threats faced in the current security landscape, and the mitigations that Windows 10 offers in response to these threats.

Do Threat Intelligence Exchanges Really Work? (Security Intelligence) Threat intelligence exchanges enable companies to detect and respond to incidents more effectively, but only if they take the necessary steps to prepare.

Information sharing is complicated, even inside government (FCW) Sharing cybersecurity threat information among federal law enforcement agencies generates tension, but that's not a bad thing, say FBI, DOJ and DHS cyber officials.

Predictive analytics can stop ransomware dead in its tracks (CSO Online) Predictive analytics is a necessity because the malware of tomorrow is unknown and will surely evolve to our detriment. Find out how it finds traces of ransomware before the network goes down.

Four Key Practices for Stronger Retail Cybersecurity (SecureWorks) Marry long-term vision with short-term actions for stronger retail cybersecurity now and in the future.

How to Measure the Effectiveness of Security Programs? (Infosecurity Magazine) Organizations struggle to measure the investment in security programs and resources.

Using Deception to Hunt Cyber Attackers (Infosecurity Magazine) Deception enables the organization to thwart attacks even if it is lacking experienced hunters

Looking for value in EV Certificates (Adam Caudill) When you are looking for TLS (SSL) certificates, there are three different types available, and vary widely by price and level of effort required to acquire them. Which one you choose impacts how your certificate is treated by browsers; the question for today is, are EV certificates worth the money? To answer this, we need… Continue reading Looking for value in EV Certificates →

Design and Innovation

Microsoft's Project Sopris aims to secure low-cost IoT devices (Internet of Business) Microsoft has announced a new initiative to tackle the security risks posed by microcontrollers in low-cost connected devices.

IoT Needs Embedded Cryptography (Design And Reuse) Security is a top concern for the Internet of Things, as essential as low power consumption, affordability, and wireless connectivity. Because IoT devices ...

Anatomy of a secure internet-connected thing (Electronics Weekly) Lars Lydersen was a part of the team that broke into 'unbreakable' commercial quantum cryptographic systems. Now working as director of product security at

Pentagon tech advisers target how the military digests data (Defense News) Technology advisory group says DoD needs to store data in new ways.

Research and Development

Smart Dust: A revolution that’s blowing in the wind? (IDG Connect) ‘Smart Dust’ is a term you’d expect to hear in a Mission Impossible movie or Michael Crichton’s 2003 novel Prey.

Academia

Youth Cyber Defense National Champions Crowned in Baltimore (MarketWired) The Air Force Association's (AFA) CyberPatriot Program announced this week the winners of the CyberPatriot IX National Youth Cyber Defense Competition.

The 2016-2017 iCTF DDoS (UC Santa Barbara iCTF Competition) On March 3rd, 2017, we ran the iCTF of the 2016-2017 school year. It was one of the largest online attack/defense CTF ever run, and definitely the largest hosted one. This blog post will cover the events that brought us here, the main issue the iCTF ran into, and the in-depth analysis that we ran in order to understand what exactly went wrong.

Marquette University establishes Milwaukee area's first cyber security center (Milwaukee Journal Sentinel) The Center for Cyber Security Awareness and Cyber Defense will focus on education, community involvement and research.

Legislation, Policy and Regulation

'Geneva Conventions for Cyberspace': IT Experts Call for an End to Cyberwars (Sputnik) The buildup of digital weapons poses a serious threat to the IT -systems of entire nations and can also damage urban systems of life support, experts warn.

The relationship between third offset strategy and multi-domain battle (C4ISRNET) What is the relationship between the Pentagon's third offset strategy and the multi-domain battle concepts being developed by the services?

Summit was not quite the meeting of equals Xi would have wanted (South China Morning Post) The two nations remain near-peers in the realm of contemporary great powers, and not absolute peers as China would will it

We’ll fight them on the internet: Germany’s first cyber general (The Irish Times) Germany has appointed its first cyber general to combat the threat of global online attack

Litigation, Investigation, and Enforcement

Detailed paper trail for Rice unmasking requests likely exists, according to controversial intel sharing document (Fox News) An extensive and complex paper trail for requests to the National Security Agency about the identities of people in President Trump’s transition team in sensitive intelligence surveillance probably exists, including requests made by former National Security Advisor Susan Rice, according to information sharing procedures signed into law by the outgoing Obama Administration.

Perspective | What intelligence officials really mean when they talk about ‘unmasking’ (Washington Post) Here's how to understand the debate about intelligence reports and foreign intercepts.

These Are the Questions Susan Rice Needs to Answer Under Oath (Reason) We've been incessantly assured there's nothing to this story. Perhaps.

Sorry, Democrats, The Obama Spying Scandal Isn't Going Away (The Federalist) Devin Nunes stepped away from the Russia probe. But he's still investigating the Obama administration's leak campaign against the Trump administration.

Thompson pushes to step up committee's Russia probe (The Clarion Ledger) Rep. Bennie Thompson, the top Democrat on the House Homeland Committee: At some point, we will need to do our job.

Westminster killer’s link to Luton mosque (Sunday Times) The Westminster terrorist had a key role at a mosque that urges Muslims to take up weapons to gain “victory over the Jews and the rest of the enemies of Islam”. Khalid Masood was a public contact...

Alleged Spam King Pyotr Levashov Arrested (KrebsOnSecurity) Alleged Spam King Pyotr Levashov Arrested

Questioning Plaintiffs' Privacy Expectations Could Be Viable Part of Defense Strategies in Data-Breach Cases, Attorney Writes (Yahoo! Finance) A major data-breach lawsuit highlights an intriguing question for defense teams—whether plaintiffs are attempting to hold companies to unrealistic standards of data-privacy protection, writes LeClairRyan business litigator Chad Mandell

An Impossible Standard? (Corporate Compliance Insights) Data breach defense raises an important question

NCIS: 15 active-duty troops may have broken the law in 'Marines United' case (Marine Corps Times) Separately, 29 Marines could be disciplined by their commands for non-criminal activity.

Russians may now control the trove of photos showing naked U.S. troops (Military Times) The compromising images are for sale on AlphaBay, raising serious questions about the extent to which they could be exploited by foreign entities seeking to undermine the U.S.

Teradata pays ex-prez €4.2m to close 'invalid termination' settlement (Register) German court finds against the chopping of German man

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

Unprecedented Counterintelligence Threats: Protecting People, Information and Assets in the 21st Century. (Arlington, Virginia, USA, April 10, 2017) This full day symposium will provide insights into evolving threats to the nations security and identify effective ways of addressing them. Highlights Include: A keynote address from National Counterintelligence Executive (NCIX) Bill Evanina. The presentation of a new paper from INSA’s Security Policy Reform Council, “Assessing the Mind of the Malicious Insider,” which discusses the psychological traits and stressors that lead to malicious behavior and identifies continuous evaluation methodologies that can provide early warning of destructive acts. A review of best practices in implementing insider threat programs in the public and private sectors. An assessment of the risks to key supply chains and the prospects of delivering goods uncompromised. A discussion of the greatly overlooked long-term impacts of the 2015 theft of OPM personnel data.

Hack In the Box Security Conference (Amsterdam, the Netherlands, April 10 - 14, 2017) Back again at the NH Grand Krasnapolsky, HITB2017AMS takes place from the 10th till 14th of April 2017 and features a new set of 2 and 3-day technical trainings followed by a 2-day conference with a Capture the Flag competition, technology exhibition with hackerspaces, lock picking villages and hardware related exhibits plus a free-to-attend track of 30 and 60 minute talks!

cybergamut Technical Tuesday – 18 April 2017 – Operationalizing Deception for Advanced Breach Detection by Joe Carson of TrapX Security (Elkridge, Maryland, USA, April 18, 2017) Organizations continue to struggle with visibility of lateral movement inside their networks. When prevention technologies fail to stop the initial breach, an independent network based technology is needed to provide this visibility. Operationalizing deception as part of an organization’s overall cyber defense provides exemplary early breach detection when preventative controls fail. It is a well-known adage that the defender must be right 100% of the time and the attacker must be right only once. When deception is deployed throughout an organization, now the attacker must be right 100% of the time. This session will discuss the different aspects of deception, and how they are applied. It will show the value of establishing a deception strategy that approaches it holistically. The event will be available at Elkridge and Calverton, Maryland, Middletown, New Jersey, and other cybergamut nodes.

Cyber Warrior Women: Blazing the Trail (Catonsville, Maryland, USA, April 19, 2017) Join the Cybersecurity Association of Maryland, Inc. (CAMI), in partnership with The CyberWire, Fort Meade Alliance, and presenting sponsor Exelon Corporation, for "Cyber Warrior Women: Blazing the Trail." This special program is designed to spotlight some of Maryland’s diverse and dynamic female cybersecurity professionals with stories of triumph and tribulation, advice and inspiration. Can't join us in person? Host a viewing party with your colleagues or fellow students, or tune in individually.

ISSA CISO Executive Forum: Information Security, Privacy and Legal Collaboration (Washington, DC, USA, April 20 - 21, 2017) Information Security, Privacy and Legal programs must be closely aligned to be successful in today’s world. Customer and vendor contracts require strong security language. Privacy has moved to the forefront of a global stage. Response to data breaches are often coordinated through Legal departments to protect privilege. Increasing global regulations drives change to Information Security and Privacy practices. Join your Information Security, Legal and Privacy leadership peers to discuss timely issues in these areas.

International Conference on Cyber Engagement 2017 (Washington, DC, USA, April 24, 2017) Georgetown University's seventh annual International Conference on Cyber Engagement promotes dialogue among policymakers, academics, and key industry stakeholders from across the globe, and explores the worldwide community’s increasing interconnectivity in this domain.Drawing on the experience of government practitioners, industry representatives and academic scholars, this event brings a multidisciplinary and international approach to the challenges in cyberspace from technical, corporate, legal, and policy perspectives in both the United States domestic and international realms – with several topics targeting private sector interests.

SANS Baltimore Spring 2017 (Baltimore, Maryland, USA, April 24 - 29, 2017) SANS Institute, the global leader in information security training, today announced the course line-up for SANS Baltimore Spring 2017 taking place April 24 – 29. All courses offered at SANS Baltimore are open to civilians and veterans. Included among the course line-up are several master's degree and graduate certificate courses that are eligible for GI Bill benefits through the SANS Technology Institute graduate school.

(ISC)2 Cyber Security Congress 2017 (Calgary, Alberta, Canada, April 26, 2017) The aim of the Cyber Security Congress 2017 is to strengthen cyber security leaders by arming them with the knowledge, tools, and expertise to protect their organizations. In April, 2017 over 150 like-minded professionals will gather for the 1-day congress in Calgary, Alberta, Canada where cyber security experts and industry leaders will share their knowledge, experience and best practices through presentations and interactive panel discussions.

Defence Information 2017 (Cranfield, England, UK, April 26 - 27, 2017) Defence Information 2017 is the major annual communications event of Joint Information Group activities (the JIG reports to the Defence Suppliers Forum) and the Event’s content spans both Information and Support. Our DI’17 Event examines some of the ‘people, process and technology’ issues critical to Team Defence being able to adopt, embed and exploit new (and often disruptive) Information and Communications Technology (ICT) capabilities and associated new ways of working - to productive effect.

Crimestoppers Conference (Eden Project, Bodelva, St Austell , April 27, 2017) Crimestoppers is organising a major one-day conference designed to help local businesses shore up their online security. A range of expert speakers will pinpoint typical cyber pitfalls to avoid. 80% of cyber crime is preventable and just a few key security steps can help avoid damaging your business reputation and finances

Atlantic Security Conference (Halifax, Nova Scotia, Canada, April 27 - 28, 2017) Atlantic Canada's non-profit, annual information security conference. AtlSecCon, the first security conference in Eastern Canada focusing on bringing some of the worlds brightest and darkest minds together with one common goal – to expand the pool of IT Security knowledge beyond its typical confines. AtlSecCon provides an unmatched opportunity for IT Professionals and Managers to collaborate with their peers and learn from their mentors.

SANS Automotive Cybersecurity Summit 2017 (Detroit, Michigan, USA, May 1 - 8, 2017) SANS will hold its inaugural Automotive Cybersecurity Summit to address the specific issues and challenges around securing automotive organizations and their products. Join us for a comprehensive look at automotive assembly, industry suppliers, embedded systems, and safeguarding extended customer and product data. The Summit will include two-days of in-depth presentations from top security experts and seasoned practitioners, hands-on learning exercises, and exclusive networking opportunities.

cybergamut Tech Tuesday: Distributed Responder ARP: Using SDN to Re-Engineer ARP from within the Network (Elkridge, Maryland, USA, and online at various local nodes, May 2, 2017) We present the architecture and initial implementation of distributed responder ARP (DR-ARP), a software defined networking (SDN) enabled enhancement of the standard address resolution protocol (ARP) intended to improve network security and performance by exerting much greater control over how ARP traffic flows through the network as well as over what actually delivers the ARP service. Presented by Mark Alan Matties, PhD of The Johns Hopkins University Applied Physics Lab.

Cyber Security Summit in Dallas (Dallas, Texas, USA, May 5, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from Proofpoint, CenturyLink, IBM and more. Register with promo code cyberwire50 for half off your admission (Regular price $350)

OWASP Annual AppSec EU Security Conference (Belfast, UK, May 8 - 12, 2017) Welcome to OWASP Annual AppSec EU Security Conference, the premier application security conference for European developers and security experts. AppSec EU provides thought leadership, amazing talks, informative sessions, and great social experiences. During the pre-conference (Monday 8th - Wednesday 10th May 2017) there is the opportunity to attend one of the many trainings courses on offer from industry experts, plus project summits and outreach sessions to the future pioneers of the application security industry. The main conference (Thursday 11th & Friday 12th May) offers four full tracks of talks, for pentesters and ethical hackers, developers and security engineers, DevOps practices and GRC/risk level talks for managers and CISOs.

SANS Security West 2017 (San Diego, California, USA, May 9 - 18, 2017) Cybersecurity skills and knowledge are in high demand. Cyber attacks and data breaches are more frequent and sophisticated, and organizations are grappling with how to best defend themselves. As a result, cybersecurity is more vital to the growth of your organization than ever before. Now is the perfect time to take the next step to protect your organization and advance your career. Join us at SANS Security West 2017 (May 9-18) to gain the skills and knowledge needed to help your organization succeed. Choose from over 30 information security courses taught by SANS’ world-class instructors. At SANS Security West 2017, you will get the best hands-on, immersion training and learn what it takes to stop cyber threats.

OWASP AppSec EU (Belfast, Northern Ireland, UK, May 12 - 18, 2017) Welcome to OWASP Annual AppSec EU Security Conference, the premier application security conference for European developers and security experts. AppSec EU provides thought leadership, amazing talks, informative sessions, and great social experiences. During the pre-conference (Monday 8th - Wednesday 10th May 2017) there is the opportunity to attend one of the many trainings courses on offer from industry experts, plus project summits and outreach sessions to the future pioneers of the application security industry. The main conference offers four full tracks of talks, for pentesters and ethical hackers, developers and security engineers, DevOps practices and GRC/risk level talks for managers and CISOs.

EnergySec Security Education Week (Austin, Texas, USA, May 14 - 19, 2017) The Energy Sector Security Consortium, Inc.'s Security Education Week is designed for early to mid career cybersecurity professionals currently employed at electric utilities in North America. Students will receive technical instruction on various topics including threat hunting, network packet analysis, and security assessments. Sessions will also cover operational technology used in the electric sector, and instructional workshops from industry vendors. Students will also participate in facility tours hosted by the Lower Colorado River Authority (LCRA), and evening activities designed to build relationships within industry and strengthen the community of cybersecurity professionals.

K(no)w Identity Conference (Washington, DC, USA, May 15 - 17, 2017) To converge identity experts from across all industries in one space, to be at the nexus of ideas and policies that will fundamentally change identity around the world. Provides business leaders, privacy and security experts, tech innovators, and senior policy makers the forum to discuss the future of identity. By utilizing the world’s best event technology, K(NO)W connects attendees digitally and physically unlike ever before.

Global Cybersecurity Innovation Summit Advancing International Collaboration (London, England, UK, May 16 - 17, 2017) SINET – London creates a forum to build and maintain international relationships required to foster vital information sharing, broad awareness and the adoption of innovative Cybersecurity technologies.

Public Sector Cyber Security Conference: Defending the Public from Cyber-Attacks (Salford, England, UK, May 17, 2017) Join us for the Public Sector Cyber Security Conference where leading experts will explain how to protect the vital services provided by central Government, local councils and the NHS. Learn how to safeguard sensitive data such as medical records and keep IT systems safe from cyber-attacks by states, criminal gangs and cyber terrorists.

PCI Security Standards Council: 2017Asia-Pacific Community Meeting (Bangkok, Thailand, May 17 - 18, 2017) Two days of networking and one-of-a-kind partnership opportunities await you. Whether you want to learn more about updates in the payment card industry or showcase a new product, you’ll find it all at the 2017 Asia-Pacific Community Meeting.

2017 Georgetown Cybersecurity Law Institute (Washington, DC, USA, May 17 - 18, 2017) It is more important than ever that in-house and outside counsel stay abreast of the most current developments and best practices in cybersecurity. At our Institute you will receive insights on the best governance, preparedness, and resilience strategies from experienced government officials, general counsels, and cybersecurity practitioners who face these issues on a daily basis.

Northsec Applied Security Event (Montreal, Québec, Canada, May 18 - 21, 2017) The conference will feature technical and applied workshops hosted in parallel for the most motivated attendees. Topics include application and infrastructure (pentesting, network security, software and/or hardware exploitation, web hacking, reverse engineering, malware/virii/rootkits), cryptography and obfuscation (from theoretical cryptosystems to applied cryptography exploitation, cryptocurrencies, steganography and covert communication systems), and society and ethics.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.