The CyberWire Daily Briefing 4.17.17

Summary

By The CyberWire Staff

A weekend North Korean missile test failed when the weapon exploded seconds after launch. There is, again, much speculation that a US cyberattack compromised the system, but such speculation remains based more on a priori possibility than evidence of such an attack.

US policy toward the DPRK has hardened recently, and senior US officials are warning that a North Korean cyberattack against US infrastructure is likelier than a missile strike.

Observers spent the weekend mulling the ShadowBrokers' latest release of alleged NSA hacking tools, and their consensus conclusion is that the leaks have some relevance for financial systems and the industrial Internet-of-things. And the Microsoft vulnerabilities against which the released exploits could be used have for the most part been quietly patched by Microsoft.

Syria's Assad regime, and probably its Russian sustainers, have undertaken a social media campaign intended to convince the susceptible that the regime's use of nerve agent against civilian populations never happened, and if it did, it was a US provocation—so hoax or provocation, the Damascus line is that it's Washington's fault.

A study of ISIS recruitment of women as suicide bombers suggests that the approach is different from that used to induce men to martyrdom, but close-reading suggests a common theme: promising those who don't fit in meaning and transcendence.

In the ransomware black market, Locky's out, Cerber is big, and Forcepoint announces discovery of newcomer CradleCore.

In industry news, Bloomberg alleges that security unicorn Tanium is firing employees just before their stock options vest.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting China, Germany, India, Iran, Iraq, Democratic Peoples Republic of Korea, Nigeria, Russia, Slovakia, Syria, United Arab Emirates, United Kingdom, United States, and and Venezuela.

Podcast Summary

If you've wondered about how to think about automotive cybersecurity, in today's podcast, Rick Howard from our partners at Palo Alto Networks outlines some first principles for connected cars.

Cyber Attacks, Threats, and Vulnerabilities

North Korea's unsuccessful missile launch 'may have been thwarted by US cyber attack' (The Telegraph) A North Korean missile launch that failed shortly after it was fired may have been thwarted by cyber attacks from the US.

Behind North Korea’s Fizzled Missile: Has China Lost Control of Kim? (The Daily Beast) Kim Jong Un has shown that he doesn’t care what Washington and Beijing say, and he may have made himself an even bigger threat to these great powers.

North Korea more likely to launch cyberattack than military strike: DHS chief (The Washington Times) North Korea is more likely to wage a cyberattack against the United States than a military strike, according to Homeland Security Secretary John Kelly.

Homeland Sec. Kelly: N. Korea cyber attack could threaten U.S. (NBC News) Secretary of Homeland Security John Kelly said North Korea poses a cyber threat to the United States but that a military strike from the nuclear power is currently unlikely.

Six key security weaknesses in industrial systems (ComputerWeekly) Organisations should mitigate six key vulnerabilities in industrial control systems to reduce the risk of cyber attack, warns security firm FireEye

Analysts identify #SyriaHoax as Russian-fueled propaganda (ABC News) As Syrian president Bashar al-Assad called videos of last week’s chemical attack a “fabrication,” a piece of propaganda promoted by a Russian cyber operation and bearing the hashtag #SyriaHoax has gained traction in the United States, analysts tell ABC News.

How Terrorists Recruit Female Suicide Bombers (Observer) Terror groups brainwash vulnerable women cast out of society.

Shadow Brokers Release New Files Revealing Windows Exploits, SWIFT Attacks (BleepingComputer) On Good Friday and ahead of the Easter holiday, the Shadow Brokers have dumped a new collection of files, containing what appears to be exploits and hacking tools targeting Microsoft's Windows OS and evidence the Equation Group had gained access to servers and targeted the SWIFT banking system of several banks across the world.

What you need to know about that latest NSA data dump (Recode) This could make it even harder for Europe and Silicon Valley to trust the U.S. government.

New leak suggests NSA penetrated Mideast banking networks (Naples Herald) A new set of documents purportedly lifted from the U.S. National Security Agency suggests that American spies have burrowed deep into the Middle East’s financial network, apparently compromising the Dubai office of the anti-money laundering and financial services firm EastNets.

Hackers Release Files Indicating NSA Monitored Global Bank Transfers (VOA) The release included computer code that could be adapted by criminals to break into SWIFT interbank messaging system and monitor activity

The New Shadow Brokers Leak Connects the NSA to the Stuxnet Cyber Weapon Used on Iran (Motherboard) Researchers have found an hidden gem inside the treasure trove of the new alleged NSA hacking tools dumped by the Shadow Brokers.

NSA's arsenal of Windows hacking tools have leaked (ZDNet) The NSA used the Windows hacking tools to target several banks.

Leaked NSA exploits plant a bull's-eye on Windows Server (PCWorld) Friday’s release of suspected NSA spying tools is bad news for companies running Windows Server. The cyberweapons, which are now publicly available, can easily hack older versions of the OS.

Leaked NSA Malware Threatens Windows Users Around the World (The Intercept) More than half of all desktop computers may be vulnerable to the hacking tools, some of which exploit unpatched vulnerabilities.

Mysterious Microsoft patch killed zero-days released by NSA-leaking Shadow Brokers (Ars Technica UK) Microsoft fixed critical vulnerabilities in uncredited update released in March.

We Can Calm Down: Microsoft Already Patched Most of the Shadow Brokers Exploits (Motherboard) And the three remaining exploits are only designed for unsupported systems, the company says.

Why Did Microsoft Wait Six Months To Patch a Critical Word Zero-Day? (Motherboard) The strange life and afterlife of a Microsoft Word Zero-Day that ended up in the hands of criminal and government hackers.

Detecting SMB Covert Channel ("Double Pulsar") (SANS Internet Storm Center) With Friday's release of additional Shadowbroker tools, a lot of attention was spent on exploits with names like "Eternalblue", which exploited only recently patched vulnerabilities. Another item of interest however, is the command and control channel used to communicate with systems post exploitation.

Newly Leaked Hacking Tools Were Worth $2 Million on the Gray Market (Motherboard) The new Windows hacking tools allegedly stolen from the NSA were worth a lot of money before they were dropped for free on the internet.

'Amateurish' espionage campaign launched with leaked Hacking Team tools (Cyberscoop) A mysterious group appears to be relying on hacking tools that were originally stolen from Italian surveillance company Hacking Team — and leaked online two years ago — to spy on European government officials, think tanks and journalists, according to new research published Thursday by cybersecurity firm F-Secure. Dubbed the “Callisto Group,” the hackers were first discovered by F-Secure after they sent a wave of phishing emails to a wide array of different targets that were all similarly involved in either discussing or reporting on government policies related to foreign affairs and national security.

Callisto Group Repurposed Dumped Hacking Team Spying Tool (BankInfo Security) Cyberattackers love not having to reinvent the wheel. At least, that's the tactic favored by the Callisto group, an "advanced threat actor" that's been

Blog: Cyber-thugs blow out access to Venezuelan oil data at Johns Hopkins (American Thinker) What happens when you dig a little too deeply into Venezuelan state oil company data posted online?

Increase in jRAT Campaigns (Cloud Security Solutions | Zscaler) The Zscaler ThreatLabZ team has detected a rise in Java-based remote access Trojan variants — jRATs — which give attackers a backdoor into a victim's system and can be capable of remotely taking control of the system once it's infected.

CLDAP Protocol Allows DDoS Attacks with 70x Amplification Factor (BleepingComputer) In a report released on Tuesday, Akamai says it spotted DDoS attacks leveraging the CLDAP protocol for the first time, and attacks using this protocol have the potential to incur serious damage, based on the opinion of its experts.

IoT Global Round-Up: Mirai Accepts Capitalism as Botnets Boom (Cyware) Mirai is the name of the botnet that silenced US infosec journalist Brian Krebs, of Krebs on Security, in a 620Gbps DDOS attack late last year. The same botnet took French hosting provider OVH offline after enlisting around 145,000 IoT devices to hack CCTV cameras. According to IBM, a new variant called the ELF Linux/Mirai malware is designed to scan for devices running Telnet services and compromise them.

New Ransomware Discovery From Forcepoint (Information Security Buzz) Forcepoint Security Labs has identified a new form of ransomware called “CradleCore” – a crimeware kit that is currently being offered to cybercriminals looking to own custom ransomware. “Cradle Ransomware” as it is also being known is peculiar in the sense that it is being sold as source code. Typically, ransomware is monetised by developers using …

Cerber Dominates Ransomware Landscape After Locky's Demise (BleepingComputer) The Cerber ransomware family has risen to take Locky's place at the top of the ransomware mountain after new Locky versions stopped coming out last year, and spam operations spreading Locky have slowed down to a trickle in 2017.

Ransomware Recap: Tougher Tactics and Evasion Techniques (Trend Micro) Ransomware authors are nothing if not persistent. They continue to try new evasion techniques, new programming languages, new naming conventions, and even more forceful demand tactics to pressure victims into paying.

Rise In Hospital Cyber Attacks (Information Security Buzz) Following the news about the rise in hospital cyber attacks, Wieland Alge, General Manager EMEA at Barracuda Networks commented below. Wieland Alge, General Manager EMEA at Barracuda Networks: “Healthcare records holding sensitive and personal data are 100 times more valuable than stolen credit card details, so it comes as no surprise to us that the NHS is …

Bitcoin Wallets Under Siege From 'Collider' Attack (Forbes) Scary if this works.

McAfee LinkedIn page hijacked (CSO Online) On Sunday evening, the LinkedIn page for McAfee was hijacked by a single person or an unknown number of individuals who apparently watched Twitter for reactions. The business page was defaced with random remarks, and at one point made a passive reference to a Twitch hack in 2016.

OurMine strikes again, hundreds of popular Youtube accounts hacked (HackRead) OurMine hackers who also call themselves "An online security group" performed “The biggest hack in the history of Youtube.” As a result, hundreds of popula

Steal from the Rich, to Give to the Poor: A Cyber Brotherhood's Tale (Wapack Labs) Wapack Labs is researching a self-proclaimed cyber brotherhood that has pledged to halt the unjust distribution of money. For the past year...

The spirit of Robin Hood (CIGTR) A year ago, today ... Although his origin is not very clear, the figure of Robin Hood has become a common reference in the popular culture...

A Wretched Bin of Scum and Villainy (OpenDNS Umbrella Blog) A Brief History of Pastes For more than 25 years, people looking to share computer code and snippets of text have used pastebins, web applications designed to store text. Often chosen because they would preserve formatting, pastebins were also an attractive option for IRC enthusiasts who wanted to talk about problems they were having with their …

Cyber Trends

A Carpe Diem Moment for the IoT and Cybersecurity (SIGNAL Magazine) Now is the time, while the Internet of Things is still in its early stages of development, to take bold action to reduce quantum computing threats.

How cybercriminals are hurting businesses (The Nation Nigeria) Experts have raised the alarm that the activities of cybercriminals which currently result in an estimated loss of over N127b in the country annually is bound to get worse judging by the increasing level of sophistication by the practitioners. Ibrahim Apekhade Yusuf in this report examines the clear and present dangers Almost everyone is veryRead More

The Long Slog To Getting Encryption Right (Dark Reading) Encryption practices have improved dramatically over the last 10 years, but most organizations still don't have enterprise-wide crypto strategies.

Cleaning up shadow IT (CSO Online) Citizen developers may help enterprises to develop apps more quickly, but what is this new breed of developer going to do to enterprise security?

Malware forces Slovak internet (Incita Security) Nowadays, when about three quarters of Slovaks use internet and the technology is spreading to many items of everyday use, malware threats are greatly increasing their power.

Marketplace

Tanium’s Family Empire Is in Crisis (Bloomberg.com) Orion Hindawi and his dad built the world’s most valuable cybersecurity startup. Now they’re grappling with employee unrest and an executive exodus.

The CEO of a $3.7 billion startup is accused of firing employees right before their stock options vest, report says (Business Insider) An exposé of the hot security startup Tanium paints a picture of a house of horrors for some employees.

Okta, Inc. IPO: What Investors Need to Know (Madison.com) Investors interested in technology have had a nice surprise this year -- initial public offerings. As the trough of 2016 moves further into memory, companies such as Snap and MuleSoft

Where Is Watson? The Mystery Behind IBM’s Numbers (247wallst.com) nternational Business Machine Corp. (NYSE: IBM) is about to announce earnings for the first quarter of 2017. Most eyes will be on Watson revenue. It is an umbrella brand, and it covers some large portion of IBM’s cloud and so-called artificial intelligence operations.

Report: Use of big data among public safety, intelligence agencies expected to grow (Federal Times) New report from Research & Markets forecasts continued growth of big data and data analytics industry for use by public safety and intelligence organizations.

Trend Micro Recognized as One of the National Capital Region's Top Employers for 2017 (Sys-Con Media) Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global leader in cybersecurity solutions, today announced its recognition in the National Capital Region's Top Employers for 2017. Trend Micro’s employee philosophy, “Be the best part of you,” drives the company culture and helped propel the organization to this prestigious list.

CyberRx and Wapack Labs Launch Partnership to Strengthen SMB Cybersecurity (Yahoo! Finance) CyberRx and Wapack Labs are announcing a strategic partnership to improve cybersecurity among small and medium-sized businesses . The CyberRx software platform helps U.S. and international businesses to assess their cyber capabilities within the Cybersecurity Framework, developed by the National Institute

Products, Services, and Solutions

Interset Expands Support for Compromised Account Detection with More Probabilistic Models for Unsupervised Machine Learning (Marketwired) With its latest release, the automated, intelligent security analytics platform intensifies compromised account attack detection

SAS Tackles the Cybersecurity Analytics Challenge (eSecurity Planet) Cybersecurity analytics is far from perfect, so data analytics pioneer SAS is hoping its expertise can help make it easier.

LifeStatus360 Receives Comprehensive Security Certification (Yahoo! Finance) LifeStatus360 is pleased to announce their receipt of the Comprehensive Security Certification awarded from AltiusIT, a leader in security and compliance ...

Technologies, Techniques, and Standards

Certification Marks for IoT Devices – A Suggestion to the FTC and California (Fortinet Blog) According to a recent prediction detailed in the Deloitte Global TMT Predictions 2017 report, incidents of DDoS are expected...

‘FG should create framework for cryptocurrency trading’ (Guardian (Nigeria)) The slowness in the adoption and trading in Crypto currency in Nigeria has been blamed on the Federal Government’s failure to adopt a framework for the implementation of blockchain that can give rise to its participation.

Like Gold, Bitcoin’s Cryptography Has Been Valued for a Millenia (Nigeria Today) When people debate the value of gold and bitcoin some often cite that gold has been valuable to humans for millennia. Yet people fail to realize that bitcoin’s backbone of cryptography has been valued for thousands of years as well.

Part 2: Artificial Intelligence Techniques Explained | Deloitte (Deloitte Nederland) In this second AI blog we will discuss some fundamental AI techniques: Heuristics, Support Vector Machines, Neural Networks, the Markov Decision Process, and Natural Language Processing.

Potentially conflicting pressures in incident response. (Infosecurity Magazine) Understanding the nature and extent of the cybersecurity incident is critical for successful eradication.

Why we should let our walls down when it comes to cybersecurity (TheHill) OPINION | The reality is that threats are bound to find their way in, so companies must find ways to build layers and adapt.

Research and Development

Pentagon taking steps to secure US cyber infrastructure from attacks as war looms with North Korea (Business Insider) War between the US and an adversary like North Korea "wouldn’t begin with a bang, but begin silently."

Getting ready: Pentagon to protect electric grid from massive attack (Washington Examiner) The Pentagon is taking steps to both protect the nation's communications and power lifeline and create a backup.

Academia

University of Maryland, Baltimore County wins 2017 National Collegiate Cyber Defense Championship (PRNewswire) University of Maryland, Baltimore County defeated nine other finalist...

Lee's Summit Team Wins National Cyber Security Competition (KSHB) Lee's Summit middle schoolers took home top prize at this year's CyberPatriot IX National Finals Competition in Baltimore.

Final Week to Compete in Cyber Quests Competition (USCC) The annual Cyber Quests online competition is underway and open to competitors, but only for one more week. Cyber Quests determines who qualifies for the U.S. Cyber Challenge (USCC) Summer Cyber Camps, a leading nationwide program in cybersecurity workforce development. The competition continues through Sunday, April 23, 2017, with registration closing the day before on Saturday, April 22, 2017.

JSU Calls for Applications for Second GenCyber Security Camp (Jacksonville State University) Jacksonville State University is excited to announce that the second GenCyber camp will take place July 10-14 in Ayers Hall on the university’s campus. The week-long camp will provide cyber security training for 25 high school and middle school teachers in the fields of math, computer science, technology and social studies.

Legislation, Policy, and Regulation

Merkel had secret briefing from MI6 on terrorism strategy (Times (London)) Angela Merkel sought secret intelligence on terrorist threats to Germany from British spy chiefs above the heads of her own security services on at least two occasions, according to reports.

After years of US failure, Donald Trump is finally playing North Korea at its own game (The Telegraph) It’s been a big weekend in Pyongyang.

India urgently needs a data security policy: V.C. Gopalratnam (The Hindu) Identity and access management, as well as data storage standards should be well-defined, says Cisco’s senior IT executive

Pentagon, Fearing Cyber Attack, Moves to Find Alternative Comms Network (IJR - Independent Journal Review) The new technology would be able to preemptively "sense" cyberattacks.

For China, Trump realises trade and security do mix (Today) The news media have been quick to note United States President Donald Trump’s embrace of bombing in Syria and the need for the North Atlantic Treaty Organization (Nato) as reversals of the foreign policy he advocated on the stump.

Will Congress Help Fund New State and Local Cyberprograms? (Government Technology) Back in early March, a bipartisan group introduced the State Cyber Resiliency Act. If passed and funded, the legislation would provide grants for state and local governments to improve cybersecurity protections and incident response. Here’s what you need to know.

US Air Force Announces New NORAD, Cyber Command Intelligence Directors (Sputnik) US Air Force Chief of Staff Gen. David Goldfein assigned new intelligence directors for the US Cyber Command and North American Aerospace Defense Command (NORAD), the Department of Defense said in a press release on Friday.

Army taps reservists with cyber skills to fight IS militants (Star Tribune) A decade ago, he was a young Army soldier training Iraqi troops when he noticed their primitive filing system: handwritten notes threaded with different colors of yarn, stacked in piles. For organization's sake, he built them a simple computer database.

Military seeks civilians with high-tech skills to counter IS (Spokesman-Review) The American military is looking for new ways to bring in more civilians with high-tech skills who can help fight Islamic State militants and prepare for the new range of technological threats the U.S. will face.

Marine social media training to be in person, not on MarineNet (Marine Corps Times) Small unit leaders will hold unit discussions on social media and six other topics.

Microsoft Outlines Cyber Geneva Convention Proposal (Nextgov) The company is also promoting an international nonpolitical body for cyber attribution.

Litigation, Investigation, and Law Enforcement

Facebook Streams a Murder, and Must Now Face Itself (WIRED) With a man's death come questions about the limits and responsibilities of social media.

Geheimtreffen: Merkel übergibt Dossier über Putin an britische Spione (Deutsche Wirtschafts Nachrichten) Geheimtreffen: Merkel übergibt britischen Spionen Putin-Dossier. (Dieser Artikel ist nur für Abonnenten zugänglich)

How the FBI relies on dark web intel firms as frontline investigators (Cyberscoop) A cadre of former intelligence officers is lurking on the dark recesses of the internet on behalf of government and a shortlist of wealthy clients.

Microsoft says U.S. foreign intelligence surveillance requests more than doubled (Reuters) Microsoft Corp (MSFT.O) said on Thursday it had received at least a thousand surveillance requests from the U.S. government that sought user content for foreign intelligence purposes during the first half of 2016.

Microsoft publishes first National Security Letter in transparency report (TechCrunch) Microsoft's biannual transparency report was just released and, like many other major tech companies that have been putting out their reports recently, the..

Turkish Journalists Acquitted After Six Years on Trial Based on Arsenal Consulting's Digital Forensics (PRNewswire) An Istanbul court on April 12 ordered the acquittal of the 13 remaining...

Hacked: How $171 mn stolen from Union Bank was recovered (The Hindu) Details emerge of how the money was retrieved from accounts in four different countries after government intervention

Engineer Arrested for Attempted Theft of Trade Secrets (Dark Reading) Software engineer Dmitry Sazonov has been arrested for trying to steal valuable code from his employer, a financial services firm.

Courts Are Using AI to Sentence Criminals. That Must Stop Now (WIRED) Opinion: Courts should pause the use of algorithms for criminal sentencing.

Industry Events

For a complete running list of events, please visit the Event Tracker.

Newly Noted Events

Black Hat USA 2017 (Las Vegas, Nevada, USA, Jul 26 - 27, 2017) Now in its 20th year, Black Hat is the world’s leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2017 kicks off with four days of technical Trainings (July 22-25) followed by the two-day main conference (July 26-27) featuring Briefings, Arsenal, Business Hall, and more.

Upcoming Events

Cyber Warrior Women: Blazing the Trail (Catonsville, Maryland, USA, Apr 19, 2017) Join the Cybersecurity Association of Maryland, Inc. (CAMI), in partnership with The CyberWire, Fort Meade Alliance, and presenting sponsor Exelon Corporation, for "Cyber Warrior Women: Blazing the Trail." This special program is designed to spotlight some of Maryland’s diverse and dynamic female cybersecurity professionals with stories of triumph and tribulation, advice and inspiration. Can't join us in person? Host a viewing party with your colleagues or fellow students, or tune in individually.

ISSA CISO Executive Forum: Information Security, Privacy and Legal Collaboration (Washington, DC, USA, Apr 20 - 21, 2017) Information Security, Privacy and Legal programs must be closely aligned to be successful in today’s world. Customer and vendor contracts require strong security language. Privacy has moved to the forefront of a global stage. Response to data breaches are often coordinated through Legal departments to protect privilege. Increasing global regulations drives change to Information Security and Privacy practices. Join your Information Security, Legal and Privacy leadership peers to discuss timely issues in these areas.

International Conference on Cyber Engagement 2017 (Washington, DC, USA, Apr 24, 2017) Georgetown University's seventh annual International Conference on Cyber Engagement promotes dialogue among policymakers, academics, and key industry stakeholders from across the globe, and explores the worldwide community’s increasing interconnectivity in this domain.Drawing on the experience of government practitioners, industry representatives and academic scholars, this event brings a multidisciplinary and international approach to the challenges in cyberspace from technical, corporate, legal, and policy perspectives in both the United States domestic and international realms – with several topics targeting private sector interests.

SANS Baltimore Spring 2017 (Baltimore, Maryland, USA, Apr 24 - 29, 2017) SANS Institute, the global leader in information security training, today announced the course line-up for SANS Baltimore Spring 2017 taking place April 24 – 29. All courses offered at SANS Baltimore are open to civilians and veterans. Included among the course line-up are several master's degree and graduate certificate courses that are eligible for GI Bill benefits through the SANS Technology Institute graduate school.

(ISC)2 Cyber Security Congress 2017 (Calgary, Alberta, Canada, Apr 26, 2017) The aim of the Cyber Security Congress 2017 is to strengthen cyber security leaders by arming them with the knowledge, tools, and expertise to protect their organizations. In April, 2017 over 150 like-minded professionals will gather for the 1-day congress in Calgary, Alberta, Canada where cyber security experts and industry leaders will share their knowledge, experience and best practices through presentations and interactive panel discussions.

Defence Information 2017 (Cranfield, England, UK, Apr 26 - 27, 2017) Defence Information 2017 is the major annual communications event of Joint Information Group activities (the JIG reports to the Defence Suppliers Forum) and the Event’s content spans both Information and Support. Our DI’17 Event examines some of the ‘people, process and technology’ issues critical to Team Defence being able to adopt, embed and exploit new (and often disruptive) Information and Communications Technology (ICT) capabilities and associated new ways of working - to productive effect.

Crimestoppers Conference (Eden Project, Bodelva, St Austell , Apr 27, 2017) Crimestoppers is organising a major one-day conference designed to help local businesses shore up their online security. A range of expert speakers will pinpoint typical cyber pitfalls to avoid. 80% of cyber crime is preventable and just a few key security steps can help avoid damaging your business reputation and finances

Atlantic Security Conference (Halifax, Nova Scotia, Canada, Apr 27 - 28, 2017) Atlantic Canada's non-profit, annual information security conference. AtlSecCon, the first security conference in Eastern Canada focusing on bringing some of the worlds brightest and darkest minds together with one common goal – to expand the pool of IT Security knowledge beyond its typical confines. AtlSecCon provides an unmatched opportunity for IT Professionals and Managers to collaborate with their peers and learn from their mentors.

SANS Automotive Cybersecurity Summit 2017 (Detroit, Michigan, USA, May 1 - 8, 2017) SANS will hold its inaugural Automotive Cybersecurity Summit to address the specific issues and challenges around securing automotive organizations and their products. Join us for a comprehensive look at automotive assembly, industry suppliers, embedded systems, and safeguarding extended customer and product data. The Summit will include two-days of in-depth presentations from top security experts and seasoned practitioners, hands-on learning exercises, and exclusive networking opportunities.

cybergamut Tech Tuesday: Distributed Responder ARP: Using SDN to Re-Engineer ARP from within the Network (Elkridge, Maryland, USA, and online at various local nodes, May 2, 2017) We present the architecture and initial implementation of distributed responder ARP (DR-ARP), a software defined networking (SDN) enabled enhancement of the standard address resolution protocol (ARP) intended to improve network security and performance by exerting much greater control over how ARP traffic flows through the network as well as over what actually delivers the ARP service. Presented by Mark Alan Matties, PhD of The Johns Hopkins University Applied Physics Lab.

Cyber Security Summit in Dallas (Dallas, Texas, USA, May 5, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from Proofpoint, CenturyLink, IBM and more. Register with promo code cyberwire50 for half off your admission (Regular price $350)

OWASP Annual AppSec EU Security Conference (Belfast, UK, May 8 - 12, 2017) Welcome to OWASP Annual AppSec EU Security Conference, the premier application security conference for European developers and security experts. AppSec EU provides thought leadership, amazing talks, informative sessions, and great social experiences. During the pre-conference (Monday 8th - Wednesday 10th May 2017) there is the opportunity to attend one of the many trainings courses on offer from industry experts, plus project summits and outreach sessions to the future pioneers of the application security industry. The main conference (Thursday 11th & Friday 12th May) offers four full tracks of talks, for pentesters and ethical hackers, developers and security engineers, DevOps practices and GRC/risk level talks for managers and CISOs.

SANS Security West 2017 (San Diego, California, USA, May 9 - 18, 2017) Cybersecurity skills and knowledge are in high demand. Cyber attacks and data breaches are more frequent and sophisticated, and organizations are grappling with how to best defend themselves. As a result, cybersecurity is more vital to the growth of your organization than ever before. Now is the perfect time to take the next step to protect your organization and advance your career. Join us at SANS Security West 2017 (May 9-18) to gain the skills and knowledge needed to help your organization succeed. Choose from over 30 information security courses taught by SANS’ world-class instructors. At SANS Security West 2017, you will get the best hands-on, immersion training and learn what it takes to stop cyber threats.

OWASP AppSec EU (Belfast, Northern Ireland, UK, May 12 - 18, 2017) Welcome to OWASP Annual AppSec EU Security Conference, the premier application security conference for European developers and security experts. AppSec EU provides thought leadership, amazing talks, informative sessions, and great social experiences. During the pre-conference (Monday 8th - Wednesday 10th May 2017) there is the opportunity to attend one of the many trainings courses on offer from industry experts, plus project summits and outreach sessions to the future pioneers of the application security industry. The main conference offers four full tracks of talks, for pentesters and ethical hackers, developers and security engineers, DevOps practices and GRC/risk level talks for managers and CISOs.

EnergySec Security Education Week (Austin, Texas, USA, May 14 - 19, 2017) The Energy Sector Security Consortium, Inc.'s Security Education Week is designed for early to mid career cybersecurity professionals currently employed at electric utilities in North America. Students will receive technical instruction on various topics including threat hunting, network packet analysis, and security assessments. Sessions will also cover operational technology used in the electric sector, and instructional workshops from industry vendors. Students will also participate in facility tours hosted by the Lower Colorado River Authority (LCRA), and evening activities designed to build relationships within industry and strengthen the community of cybersecurity professionals.

K(no)w Identity Conference (Washington, DC, USA, May 15 - 17, 2017) To converge identity experts from across all industries in one space, to be at the nexus of ideas and policies that will fundamentally change identity around the world. Provides business leaders, privacy and security experts, tech innovators, and senior policy makers the forum to discuss the future of identity. By utilizing the world’s best event technology, K(NO)W connects attendees digitally and physically unlike ever before.

Global Cybersecurity Innovation Summit Advancing International Collaboration (London, England, UK, May 16 - 17, 2017) SINET – London creates a forum to build and maintain international relationships required to foster vital information sharing, broad awareness and the adoption of innovative Cybersecurity technologies.

Public Sector Cyber Security Conference: Defending the Public from Cyber-Attacks (Salford, England, UK, May 17, 2017) Join us for the Public Sector Cyber Security Conference where leading experts will explain how to protect the vital services provided by central Government, local councils and the NHS. Learn how to safeguard sensitive data such as medical records and keep IT systems safe from cyber-attacks by states, criminal gangs and cyber terrorists.

PCI Security Standards Council: 2017Asia-Pacific Community Meeting (Bangkok, Thailand, May 17 - 18, 2017) Two days of networking and one-of-a-kind partnership opportunities await you. Whether you want to learn more about updates in the payment card industry or showcase a new product, you’ll find it all at the 2017 Asia-Pacific Community Meeting.

2017 Georgetown Cybersecurity Law Institute (Washington, DC, USA, May 17 - 18, 2017) It is more important than ever that in-house and outside counsel stay abreast of the most current developments and best practices in cybersecurity. At our Institute you will receive insights on the best governance, preparedness, and resilience strategies from experienced government officials, general counsels, and cybersecurity practitioners who face these issues on a daily basis.

Northsec Applied Security Event (Montreal, Québec, Canada, May 18 - 21, 2017) The conference will feature technical and applied workshops hosted in parallel for the most motivated attendees. Topics include application and infrastructure (pentesting, network security, software and/or hardware exploitation, web hacking, reverse engineering, malware/virii/rootkits), cryptography and obfuscation (from theoretical cryptosystems to applied cryptography exploitation, cryptocurrencies, steganography and covert communication systems), and society and ethics.

SANS Northern Virginia - Reston 2017 (Reston, Virginia, USA, May 21 - 26, 2017) This event features comprehensive hands-on technical training from some of the best instructors in the industry and includes courses that will prepare you or your technical staff for DoD 8570 and GIAC approved certification exams. Start making your plans now to attend SANS Northern Virginia - Reston 2017.

Enfuse 2017 (Las Vegas, Nevada, USA, May 22 - 25, 2017) Enfuse™ is a three-day security and digital investigations conference where specialists, executives, and experts break new ground for the year ahead. Enfuse offers unsurpassed networking opportunities, hands-on training, and in-depth exploration of current topics.

2017 Cyber Investing Summit (New York, New York, USA, May 23, 2017) The 2nd Annual Cyber Investing Summit is an all-day conference focusing on investing in the $100+ billion dollar cyber security industry. Attendees will explore the financial opportunities, trends, challenges, and investment strategies available in the high growth cyber security sector. The 2016 Inaugural Cyber Investing Summit welcomed 180+ of the leading cyber professionals, technology analysts, venture capitalists, fund managers, investment advisors, government experts, and more. New this year: separate panels offered throughout the day highlighting publicly traded firms as well as privately owned entities, opportunities to meet one-on-one with corporate executives, and new panel topics (including Investment Strategies & Opportunities, M&A Landscape, Funding for Startups, Government Spending Review, Cyber Sale Lifecycle, and more). Network with investment professionals, asset managers, industry experts, financial analysts, media and more.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

DPRK tensions with US, China, rise; missile launch fails amid nuclear, cyberattack fears. ShadowBrokers' leaks reviewed. Syrian implausible information ops. Ransomware update. Troubled unicorn?