The CyberWire Daily Briefing 4.18.17

Summary

By The CyberWire Staff

Flashpoint has looked at how jihadist infosec group Horizon is reacting to Vault 7 on the dark web. ISIS adherents are being advised that favorite communication tools Telegram and WhatsApp may be vulnerable to interception. Whether Horizon will have better luck instilling sound opsec and digital hygiene into the terrorist pool than legitimate enterprises have with their employees seems doubtful. Sputnik piously opines that the leaked documents could be exploited by criminals, making us all less safe.

The ShadowBrokers' dump is thought by many to be bad news (and worse optics) for the US Intelligence Community. Both SWIFT and Microsoft reassure users that their systems are now safe against the exploits the ShadowBrokers' documents describe (and many observers note Microsoft's quietly proactive pre-leak patches). Motherboard notes that the ShadowBrokers' dump password is a typographic squeal associated with Pepe the Frog, and so the Brokers associate themselves with the alt-right. Pepe has appeared before in Russian information operations.

Speculation continues that the US hacked North Korea's weekend missile tests. The source of this wishful thinking seems to be former UK Foreign Secretary Sir Malcolm Rifkind.

Recorded Future reports discovery of “Karmen,” a low-cost ransomware-as-a-service product being hawked in the dark web souks by “DevBitox,” described as "a Russian-speaking cyber criminal."

Chrome, Firefox, and Opera are reported vulnerable to homograph attack in which malicious sites spoof ("undetectably") safe, legitimate ones.

VMWare has patched a remote-code-execution flaw in its VCenter Server platform.

Committee jurisdictional squabbles are inhibiting cyber legislation in the US Congress.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting China, European Union, Democratic Peoples Republic of Korea, Russia, Singapore, Spain, United Kingdom, and United States.

On the Podcast

In today's podcast, we speak with Charles Clancy from our partners at Virginia Tech's Hume Center. He offers a contrasting account of Vault 7 and the Shadow Brokers. And our guest, Bill Anderson from Optio Labs, talks about ways of securing Android devices on the battlefield (where Android devices increasingly find themselves).

Sponsored Events

Hacker Secrets Revealed: 5 Security Mistakes to Avoid (Webinar, April 27, 2017) Delta Risk research has identified the attack vectors bad actors most commonly use to get initial access to a network and spread across the rest of the organization.

The Cyber Security Summit: Dallas (Dallas, Texas, USA, May 5, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from the U.S. Dept of Justice, Proofpoint, CenturyLink, IBM and more. Register with promo code cyberwire50 for half off your admission (Regular price $350)

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

Jihadists and Vault 7: What it Means for the Rest of Us (Flashpoint) Stripping away the rhetoric, fanfare, and hype reveals one community to whom the Vault 7 revelations are particularly important: jihadists.

Vault 7: Why WikiLeaks' Exposure May Do Damage to Ordinary Users (Sputnik) WikiLeaks' exposure of the CIA's virus control system HIVE shed new light on the intelligence agency's cyber-espionage practices. Speaking to Radio Sputnik, security expert John Safa characterized the technology as "very sophisticated" highlighting that the CIA tools are unnervingly similar to those used by Longhorn, a cyberespionage group.

SWIFT and Microsoft bid to ease fears over 'NSA hacking' (Computing) SWIFT and EastNets deny Shadow Brokers' claims, while Microsoft says it has patched any vulnerabilities.

Microsoft patched 'NSA hack' Windows flaws before leak (BBC News) Tech firm says it fixed flaws in Microsoft Windows about a month before they were exposed.

Microsoft mysteriously fixed security gaps allegedly used by US spies a month before they leaked (Quartz) It somehow closed the loopholes a month ago.

Microsoft Patches Vulnerabilities After Hack (PYMNTS.com) A group known as the Shadow Brokers published on Good Friday a set of confidential hacking tools used by the NSA to exploit software vulnerabilities in Microsoft Windows software. According to Fortune, Microsoft announced on the same day that it had patched the vulnerabilities related to the NSA leak. It was especially important that the company moved quickly […]

Trove of Stolen NSA Data Is ‘Devastating’ Loss for Intelligence Community (Foreign Policy) Former intelligence officials say leaks are crippling U.S. espionage capabilities.

The Password to the Latest NSA Leak Is a 4chan Meme (Motherboard) REEEEEEEEEEEEEEEEEEEEEEEEEEEE.

North Korea's embarrassing missile failure may have been due to US cyber sabotage (Business Insider) "If you think that war is possible with a given state, you're going to be trying to prepare the battle space. ... In the internet age, that means hacking."

Did US hackers foil North Korea missile test? Cyber attack may have ruined Kim's launch (Express) Computer hackers working for the US security services could have been behind Kim Jong-un’s disastrous missile test failure, according to a former British foreign secretary.

The U.S. Is Probably Hacking North Korea's Missiles Out of the Sky (Maxim) In a statement issued Sunday, South Korea stated that the Hermit Kingdom to the north tried to launch a ballistic missile, but the communist dictatorship once again had a dud on its hands. It may have failed due to American cyber intervention.

Low-Cost Ransomware Service Discovered (Threatpost) A new ransomware-as-a-service called Karmen appeals to ransomware newbies with a low price, easy setup and developer updates.

Karmen Ransomware Variant Introduced by Russian Hacker (Recorded Future) On March 4, 2017, a member of the underground forum Exploit with the username “Dereck1” mentioned a new ransomware variant called “Karmen.” Further investigation revealed that “DevBitox,” a Russian-speaking cyber criminal, was the seller behind the Karmen malware on underground forums in March 2017. However, the first cases of infections with Karmen were reported as early as December of 2016 by victims in Germany and the United States.

Chrome, Firefox, and Opera Vulnerable to Undetectable Phishing Attack (BleepingComputer) Browsers such as Chrome, Firefox, and Opera are vulnerable to a new variation of an older attack that allows phishers to register and pass fake domains as the websites of legitimate services, such as Apple, Google, eBay, and others.

Chrome and Firefox Phishing Attack Uses Domains Identical to Known Safe Sites (Wordfence) This is a Wordfence public service security announcement for all users of Chrome and Firefox web browsers: There is a phishing attack that is receiving much attention today in the security community. As a reminder: A phishing attack is when an attacker sends you an email that contains a link to a malicious website. You click on …

Tool to Detect Active Phishing Attacks Using Unicode Look-Alike Domains (SANS Internet Storm Center) Currently there is a campaign going on where phishing attacks will use domains that look exactly like safe domains by using Punycode domains.

Malware Developers now Resort to Anti-emulation Techniques to Target Android users (The Merkle) It is no secret criminals are getting slightly more crafty when it comes to developing and deploying malware. Particularly malicious software on the Android operating system has become far more proble

The Large Bitcoin Collider Is a Security Nightmare (Motherboard) But not for the reason you think.

IoT malware clashes in a botnet territory battle (CSO Online) Mirai -- a notorious malware that’s been enslaving IoT devices -- has competition. A rival piece of programming has been infecting some of the same easy-to-hack products, with a resiliency that surpasses Mirai, according to security researchers.

Mirai, Bitcoin, and numeracy (Errata Security) Newsweek (the magazine famous for outing the real Satoshi Nakamoto) has a story about how a variant of the Mirai botnet is mining bitcoin. T...

Chinese Video Service Giant Youku Hacked; 100M Accounts Sold on Dark Web (HackRead) A few months ago we exclusively reported on a Dark Web vendor selling 1 Billion user accounts stolen from the Chinese Internet giants. Now, another vendor

Intercontinental Hotels Suffer Major Card Breach (Infosecurity Magazine) Intercontinental Hotels Suffer Major Card Breach. Franchises across the US and Puerto Rico affected

Someone Hacked Far-Right Group Britain First' Website, Twitter and YouTube (HackRead) The website and social media accounts of Britain First, a far-right group were hacked earlier yesterday by unknown hackers. Although it is unclear how the

Cars with Vulnerable WIFI Dongle can be Hacked via Bluetooth (HackRead) We have already seen a massive growth in the connected-car technology market over the past few years, and it is going to increase further more.

Lessons to learn as McAfee's LinkedIn page is hijacked (Graham Cluley) For any corporate brand to have its social media account hijacked by mischief makers is embarrassing, but for it to happen to a major computer security company is downright humiliating.

Inside the 'Stalkerware' Surveillance Market, Where Ordinary People Tap Each Other's Phones (Motherboard) Surveillance starts at home.

Security Patches, Mitigations, and Software Updates

VMware Fixes Critical RCE in vCenter Server (Threatpost) VMware patched a critical vulnerability in its vCenter Server platform late last week that could have let an attacker execute arbitrary code in some scenarios.

Critical VMware Flaw Opens Virtual Infrastructures to Attack (Infosecurity Magazine) The flaw in its vCenter Server platform allows a remote attacker to execute arbitrary code and take control of a system.

Verizon Has Sent Out The April Security Patch To The LG G6 (AndroidHeadlines.com |) Verizon's version of the LG G6 comes with Android Nougat out of the box and Android O isn't ready yet, so it's only natural that the phone's first update w

Cyber Trends

38% of consumers affected by ransomware pay up (Help Net Security) As consumers get increasingly targeted by cybercriminals, 38% of those infected are delivering ransomware payouts to the attackers.

One in five Norfolk businesses hit by cyber attacks in last year (Eastern Daily Press) Nearly one in five Norfolk businesses have fallen victim to cyber-attacks in the past year, according to a survey by the British Chambers of Commerce (BCC).

Latest from the Cybersecurity Tech Analysts (Bricata) From emerging threats, to the options for deterring or remediating those threats, it’s a full-time job to catalog and analyze emerging vulnerabilities, the technology options for resolving them, and what it means for the industry. We’ve canvased the public facing blogs of several prominent analyst firms to see what’s on been on their radar of late. Here’s what we found:

Marketplace

Cyber Insurance Becomes a Must for More Manufacturers (WSJ) The recent exposure of cybersecurity threats to some Abbott Laboratories implanted heart devices helps explain why manufacturers have been rushing to make sure they are protected by cyber insurance.

86 Percent of Financial Services Firms to Increase Cyber Security Spend in 2017 (eSecurity Planet) That's far higher than 2016, when less than 60 percent said they planned to do so.

Security M&A: Intel parks in the collision avoidance space for $15 billion (CSO Online) Intel acquires mobileye, Apple and Cisco cybersecurity acquisitions

Maryland's federal workforce offers state a source of cyber entrepreneurs (Baltimore Sun) Numerous businesses is Maryland's growing cybersecurity industry were founded by former government workers or government contractors and count such workers among their current and prospective employees. The state's proximity to the federal government and its concentration of federal workers, especially those working in intelligence, security or defense roles, has created a unique pipeline for cybersecurity companies.

SecureAuth Appoints Robert Block as SVP of Identity Strategy (SecureAuth) SecureAuth Corp., the leader in adaptive access control, today announced the appointment of Robert Block as senior vice president of identity strategy.

root9B Holdings Announces 2016 Financial Results (PRNewswire) root9B Holdings, Inc. (Nasdaq: RTNB) ("RTNB") today announced...

Products, Services, and Solutions

ISACA Launches Real-time, Real-world Cyber Security Training Platform and Assessment Tool (ISACA) ISACA’s Cybersecurity Nexus Training Platform and Assessment Tool offer on-demand, hands-on training and skills assessment in live lab environment

Vanguard Integrity Professionals Announce Vanguard Analyzer™ Provides Expert-Level Vulnerability Assessments (Yahoo! Finance) Vanguard Integrity Professionals is pleased to announce the immediate availability of its Vanguard Analyzer™ solution available across its enterprise-wide cybersecurity software suite. Vanguard Analyzer™ delivers expert-level vulnerability assessments of z/OS

ThreadFix Platform Provides Application Security at DevOps Speed (BusinessWire) Denim Group, the leading independent application security firm, today announced the release of the latest version of ThreadFix, the company&

SafeBreach Partners with Mitre (SafeBreach) SafeBreach contributes to the Mitre ATT&CK Framework. ATT&CK “connects-the-dots” between vulnerabilities and attacker tools and techniques to better visualize and mitigate compromise attempts.

California State University, Stanislaus Deploys Kensington Master Keyed Lock System to Protect Valuable Classroom Equipment (Kensington) Kensington’s MicroSaver 2.0 master keyed lock helps simplify access to locked equipment, while deterring theft and keeping devices secure

HSN to Offer Exclusive VIPRE® WiFi Shield to Protect Customers' Online Privacy at Home and On-The-Go (PRNewswire) Consumers can now get the advantages of Virtual Private Network...

Honeywell launches USB security solution for industrial control systems (Security Brief) "Plants need solutions that let people work efficiently, but also don’t compromise cyber security and, with it, industrial safety."

UMass deploys centralized service to tackle campus cyberthreats (EdScoop) The 76,000-student university gains forensic data analysis and real-time monitoring of possible cyberthreats with LogRhythm services deployment.

Observable Networks Releases Security Support for Amazon Web Services (AWS) Lambda Functions (PRWeb) Capability helps users of AWS Lambda recognize and understand behavioral anomalies when they occur

Twistlock delivers enhanced security and compliance for container environments (BetaNews) In recent years containerization has seen increased popularity thanks to its ability to deliver an agile, flexible environment in which software can be reliably moved from development to testing to live, or from in-house to the cloud.

Twistlock 2.0 Sharpens Its Focus on Container Security and Compliance (eSecurity Planet) The latest version offers improved visibility into their application container environments and helps organizations ensure that they take security and compliance into consideration from the start.

DarkMatter Says That Its KATIM Phone Is The World’s ‘Most Secure’ - Forbes Middle East (Forbes Middle East) DarkMatter for integrated digital defense and cyber security consultancy is saying that its newly-launched KATIM phone is the world’s most secure phone.

Technologies, Techniques, and Standards

Feeding Frenzy: The Inside Scoop on Threat Intelligence Feeds (Recorded Future) In this episode, we give you the scoop on threat intelligence feeds including how to select the right ones and how to separate the signal from the noise.

How to turn threat information into threat intelligence (IT World Canada) Infosec teams face a deluge of data every day from an array of network and application sensors as well as warnings from...

Lawyers, malware, and money: The antivirus market’s nasty fight over Cylance (Ars Technica) On the front lines of the antivirus industry's "testing wars."

Threat hunting still maturing and mostly ad-hoc (Help Net Security) Threat hunting is becoming an integral part of defensive activities in larger enterprises or those that have been heavily targeted in the past.

12 ways to keep Wikileaks out of your network (CSO Online) Wikileaks is consistently sharing information with the public that was intended to remain confidential, if not top secret, by organizations thought to have the toughest security in place. Add in the numerous other breaches reported in the past month and the message is clear: securing the perimeter doesn’t always work.

DevOps: Failure to integrate security creating a 'bow wave of future problems' (Computing) Industry figures react to Computing's DevSecOps research findings

Rules for secure coding in the C++ programming language (Help Net Security) The SEI CERT C++ Coding Standard reflects research. It includes 83 rules that consider features of the C++ language that are not part of the C language.

The Second Coming of Managed File Transfer Has Arrived (Dark Reading) Sometimes, a mature, embedded technology still makes the most sense, especially when it comes to data security.

Ransomware resiliency and Availability for Linux and Windows (Veeam Software Official Blog) Learn how you can increase ransomware resiliency on Linux- or Windows-based endpoints and servers using Veeam Agents.

Traps Prevents Cerber Ransomware's Bite (Palo Alto Networks Blog) Protect your organization from Cerber Ransomware with Traps from Palo Alto Networks.

Everything You Need to Know About the Latest Internet Privacy Laws (WonderHowTo) For the past few years, net neutrality has been a topic of hot debate. The Federal Communications Commission (FCC) strongly pushed in favor for regulation of service providers, but thanks to Congress and President Trump, the security portion of the FCC's Open Internet Order has been axed. As many find themselves with serious concerns regarding the impact on privacy, we will break down what this all means with respect to your data. The most recent bill favoring net neutrality was a massive document for defining broadband providers (including mobile networks), how content is delivered over data

Intelligence Exploitation Analysts: Creating cyberspace warriors (DVIDS) As one of Air Combat Command’s integral assets, the 70th Intelligence, Surveillance and Reconnaissance Wing is home to several cyberspace warriors, including the exploitation analysts of the 41st Intelligence Squadron.

Agency Battles Hackers With Short-term Workers, Industry Collaboration (Meritalk) The average hacker spends eight months in a network before getting caught, according to Jason Hess, chief of cloud security at the National Geospatial-Intelligence Agency.

Business Leaders See Encryption as Security Layer for Data in the Cloud (IT Business Edge) To start 2017, the Chicago Tribune made a prediction. The paper said that this is the year we collectively embrace cybersecurity and encrypting our digital lives.

A computer security tip for those campaigning in the UK general election (Graham Cluley) There are lessons that British politicians can learn from the security snafus of the US presidential election.

Research and Development

DARPA Seeks Information on Interactive Wargaming (SIGNAL Magazine) The DARPA Defense Sciences Office is requesting information on scalable, interactive gaming or wargaming approaches simultaneously spanning a large number of space and time scales with the goal of assessing a wide range of possible competitive outcomes and strategies using a range of human decision-making strategies.

Getting power to the grid after a cyber attack (GCN) DARPA is building a secure network that aims to operate without power or internet connectivity across disparate IT networks and grid infrastructure technologies.

Academia

RIT students compete in 2017 National Collegiate Cyber Defense Competition (RIT University News) Read more about this story on the RIT University News website.

Legislation, Policy and Regulation

Jurisdictional issues tie up cyber efforts on Capitol Hill (Washington Examiner) Congressional committees continue to lock horns over who has jurisdiction over cybersecurity, a recurring problem and frustration for lawmakers trying to deal in this policy space.

NASA's chief cyber executive to leave (FederalNewsRadio.com) Jeannette Hanna-Ruiz, NASA associate CIO for IT security and senior agency information security official, is leaving after only eight months.

Reservists and the National Guard offer untapped resources for cybersecurity (TechCrunch) Cyber threats have metastasized worldwide. In the U.S., they have presented as security issues for critical infrastructure, such as industrial sites, and..

Litigation, Investigation, and Enforcement

How a man' life was ruined due to a typo in IP address by Police (HackRead) You probably remember Amazon's engineer who's typo messed up the entire AWS (Amazon Web Service). But what happened in the United Kingdom ruined a man's li

Meet Babel Street, the Powerful Social Media Surveillance Used by Police, Secret Service, and Sports Stadiums (Motherboard) Newly released records from the Seattle Police Dept. illustrate the formidable capabilities of Babel Street’s software and offers a look into who is using it.

Facebook video of elderly man being murdered gets over 1.6 million views (Ars Technica) Grandson urges the public to stop sharing footage of his grandfather being killed.

Facebook releases timeline of Cleveland shooting videos (TechCrunch) Facebook is facing backlash after a Cleveland man uploaded a video of himself shooting someone to the social network, and followed it with a Live video..

The Mercury Effect (TechCrunch) Facebook hosted a murder. But for all the talk about content moderation, machine learning, flag-monitoring algorithms, the problem isn't the platform, and it..

Google loses Android Russian anti-trust case to Yandex - agrees to open up Android to rival apps and search engines (Computing) Settlement with Russian anti-trust authority followed £6.2bn fine

Google reaches $7.8 million settlement in its Android antitrust case in Russia (TechCrunch) Google has reached a settlement with Russia’s Federal Antimonopoly Service (FAS) agency in the antitrust case the Russian search rival Yandex had originally..

Cyber criminals in UK and Spain arrested after Europol investigation (Computing) Five arrested for designing and selling malicious software tools in exchange for bitcoins

Man Admits Hacking into His Former Employer's Network (Dark Reading) Tennessee man pleads guilty in federal court, acknowledging he illegally accessed his former employer's networks to gain an edge over his rival.

Singtel vendor fined $10k for data breach (The Straits Times) Singapore's privacy watchdog has fined India-based Tech Mahindra $10,000 for failing to protect the personal details of 2.78 million Singtel customers from unauthorised changes, which inadvertently caused the personal data of one customer to be leaked online.

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

Houston Cyber Summit (Houston, Texas, USA, April 27, 2017) Cyber security strategy is a term most often associated with the operational levels of an organization – firewalls, encryption, internal assessments and so on. But even the best technology and monitoring processes won’t mean a thing unless the cyber security strategy aligns with the business strategy. How can organizations prioritize cyber security from the top down and the bottom up at the same time? The Houston Cyber Summit is a one-day conference designed for executives to learn how to protect the business through a proactive cyber security strategy.

Cyber 8.0 Conference (Columbia, Maryland, USA, June 7, 2017) Join the Howard County Chamber of Commerce for their 8th annual cyber conference, where they will explore innovation, funding, and growth. Participants can expect riveting discussions from cyber innovators and entrepreneurs, from leading venture capitalists and financiers, and from government agencies who look to our industry base for technologies and solutions.

upcoming Events

Cyber Warrior Women: Blazing the Trail (Catonsville, Maryland, USA, April 19, 2017) Join the Cybersecurity Association of Maryland, Inc. (CAMI), in partnership with The CyberWire, Fort Meade Alliance, and presenting sponsor Exelon Corporation, for "Cyber Warrior Women: Blazing the Trail." This special program is designed to spotlight some of Maryland’s diverse and dynamic female cybersecurity professionals with stories of triumph and tribulation, advice and inspiration. Can't join us in person? Host a viewing party with your colleagues or fellow students, or tune in individually.

ISSA CISO Executive Forum: Information Security, Privacy and Legal Collaboration (Washington, DC, USA, April 20 - 21, 2017) Information Security, Privacy and Legal programs must be closely aligned to be successful in today’s world. Customer and vendor contracts require strong security language. Privacy has moved to the forefront of a global stage. Response to data breaches are often coordinated through Legal departments to protect privilege. Increasing global regulations drives change to Information Security and Privacy practices. Join your Information Security, Legal and Privacy leadership peers to discuss timely issues in these areas.

International Conference on Cyber Engagement 2017 (Washington, DC, USA, April 24, 2017) Georgetown University's seventh annual International Conference on Cyber Engagement promotes dialogue among policymakers, academics, and key industry stakeholders from across the globe, and explores the worldwide community’s increasing interconnectivity in this domain.Drawing on the experience of government practitioners, industry representatives and academic scholars, this event brings a multidisciplinary and international approach to the challenges in cyberspace from technical, corporate, legal, and policy perspectives in both the United States domestic and international realms – with several topics targeting private sector interests.

SANS Baltimore Spring 2017 (Baltimore, Maryland, USA, April 24 - 29, 2017) SANS Institute, the global leader in information security training, today announced the course line-up for SANS Baltimore Spring 2017 taking place April 24 – 29. All courses offered at SANS Baltimore are open to civilians and veterans. Included among the course line-up are several master's degree and graduate certificate courses that are eligible for GI Bill benefits through the SANS Technology Institute graduate school.

(ISC)2 Cyber Security Congress 2017 (Calgary, Alberta, Canada, April 26, 2017) The aim of the Cyber Security Congress 2017 is to strengthen cyber security leaders by arming them with the knowledge, tools, and expertise to protect their organizations. In April, 2017 over 150 like-minded professionals will gather for the 1-day congress in Calgary, Alberta, Canada where cyber security experts and industry leaders will share their knowledge, experience and best practices through presentations and interactive panel discussions.

Defence Information 2017 (Cranfield, England, UK, April 26 - 27, 2017) Defence Information 2017 is the major annual communications event of Joint Information Group activities (the JIG reports to the Defence Suppliers Forum) and the Event’s content spans both Information and Support. Our DI’17 Event examines some of the ‘people, process and technology’ issues critical to Team Defence being able to adopt, embed and exploit new (and often disruptive) Information and Communications Technology (ICT) capabilities and associated new ways of working - to productive effect.

Crimestoppers Conference (Eden Project, Bodelva, St Austell , April 27, 2017) Crimestoppers is organising a major one-day conference designed to help local businesses shore up their online security. A range of expert speakers will pinpoint typical cyber pitfalls to avoid. 80% of cyber crime is preventable and just a few key security steps can help avoid damaging your business reputation and finances

Atlantic Security Conference (Halifax, Nova Scotia, Canada, April 27 - 28, 2017) Atlantic Canada's non-profit, annual information security conference. AtlSecCon, the first security conference in Eastern Canada focusing on bringing some of the worlds brightest and darkest minds together with one common goal – to expand the pool of IT Security knowledge beyond its typical confines. AtlSecCon provides an unmatched opportunity for IT Professionals and Managers to collaborate with their peers and learn from their mentors.

SANS Automotive Cybersecurity Summit 2017 (Detroit, Michigan, USA, May 1 - 8, 2017) SANS will hold its inaugural Automotive Cybersecurity Summit to address the specific issues and challenges around securing automotive organizations and their products. Join us for a comprehensive look at automotive assembly, industry suppliers, embedded systems, and safeguarding extended customer and product data. The Summit will include two-days of in-depth presentations from top security experts and seasoned practitioners, hands-on learning exercises, and exclusive networking opportunities.

cybergamut Tech Tuesday: Distributed Responder ARP: Using SDN to Re-Engineer ARP from within the Network (Elkridge, Maryland, USA, and online at various local nodes, May 2, 2017) We present the architecture and initial implementation of distributed responder ARP (DR-ARP), a software defined networking (SDN) enabled enhancement of the standard address resolution protocol (ARP) intended to improve network security and performance by exerting much greater control over how ARP traffic flows through the network as well as over what actually delivers the ARP service. Presented by Mark Alan Matties, PhD of The Johns Hopkins University Applied Physics Lab.

Cyber Security Summit in Dallas (Dallas, Texas, USA, May 5, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from Proofpoint, CenturyLink, IBM and more. Register with promo code cyberwire50 for half off your admission (Regular price $350)

OWASP Annual AppSec EU Security Conference (Belfast, UK, May 8 - 12, 2017) Welcome to OWASP Annual AppSec EU Security Conference, the premier application security conference for European developers and security experts. AppSec EU provides thought leadership, amazing talks, informative sessions, and great social experiences. During the pre-conference (Monday 8th - Wednesday 10th May 2017) there is the opportunity to attend one of the many trainings courses on offer from industry experts, plus project summits and outreach sessions to the future pioneers of the application security industry. The main conference (Thursday 11th & Friday 12th May) offers four full tracks of talks, for pentesters and ethical hackers, developers and security engineers, DevOps practices and GRC/risk level talks for managers and CISOs.

SANS Security West 2017 (San Diego, California, USA, May 9 - 18, 2017) Cybersecurity skills and knowledge are in high demand. Cyber attacks and data breaches are more frequent and sophisticated, and organizations are grappling with how to best defend themselves. As a result, cybersecurity is more vital to the growth of your organization than ever before. Now is the perfect time to take the next step to protect your organization and advance your career. Join us at SANS Security West 2017 (May 9-18) to gain the skills and knowledge needed to help your organization succeed. Choose from over 30 information security courses taught by SANS’ world-class instructors. At SANS Security West 2017, you will get the best hands-on, immersion training and learn what it takes to stop cyber threats.

OWASP AppSec EU (Belfast, Northern Ireland, UK, May 12 - 18, 2017) Welcome to OWASP Annual AppSec EU Security Conference, the premier application security conference for European developers and security experts. AppSec EU provides thought leadership, amazing talks, informative sessions, and great social experiences. During the pre-conference (Monday 8th - Wednesday 10th May 2017) there is the opportunity to attend one of the many trainings courses on offer from industry experts, plus project summits and outreach sessions to the future pioneers of the application security industry. The main conference offers four full tracks of talks, for pentesters and ethical hackers, developers and security engineers, DevOps practices and GRC/risk level talks for managers and CISOs.

EnergySec Security Education Week (Austin, Texas, USA, May 14 - 19, 2017) The Energy Sector Security Consortium, Inc.'s Security Education Week is designed for early to mid career cybersecurity professionals currently employed at electric utilities in North America. Students will receive technical instruction on various topics including threat hunting, network packet analysis, and security assessments. Sessions will also cover operational technology used in the electric sector, and instructional workshops from industry vendors. Students will also participate in facility tours hosted by the Lower Colorado River Authority (LCRA), and evening activities designed to build relationships within industry and strengthen the community of cybersecurity professionals.

K(no)w Identity Conference (Washington, DC, USA, May 15 - 17, 2017) To converge identity experts from across all industries in one space, to be at the nexus of ideas and policies that will fundamentally change identity around the world. Provides business leaders, privacy and security experts, tech innovators, and senior policy makers the forum to discuss the future of identity. By utilizing the world’s best event technology, K(NO)W connects attendees digitally and physically unlike ever before.

Global Cybersecurity Innovation Summit Advancing International Collaboration (London, England, UK, May 16 - 17, 2017) SINET – London creates a forum to build and maintain international relationships required to foster vital information sharing, broad awareness and the adoption of innovative Cybersecurity technologies.

Public Sector Cyber Security Conference: Defending the Public from Cyber-Attacks (Salford, England, UK, May 17, 2017) Join us for the Public Sector Cyber Security Conference where leading experts will explain how to protect the vital services provided by central Government, local councils and the NHS. Learn how to safeguard sensitive data such as medical records and keep IT systems safe from cyber-attacks by states, criminal gangs and cyber terrorists.

PCI Security Standards Council: 2017Asia-Pacific Community Meeting (Bangkok, Thailand, May 17 - 18, 2017) Two days of networking and one-of-a-kind partnership opportunities await you. Whether you want to learn more about updates in the payment card industry or showcase a new product, you’ll find it all at the 2017 Asia-Pacific Community Meeting.

2017 Georgetown Cybersecurity Law Institute (Washington, DC, USA, May 17 - 18, 2017) It is more important than ever that in-house and outside counsel stay abreast of the most current developments and best practices in cybersecurity. At our Institute you will receive insights on the best governance, preparedness, and resilience strategies from experienced government officials, general counsels, and cybersecurity practitioners who face these issues on a daily basis.

Northsec Applied Security Event (Montreal, Québec, Canada, May 18 - 21, 2017) The conference will feature technical and applied workshops hosted in parallel for the most motivated attendees. Topics include application and infrastructure (pentesting, network security, software and/or hardware exploitation, web hacking, reverse engineering, malware/virii/rootkits), cryptography and obfuscation (from theoretical cryptosystems to applied cryptography exploitation, cryptocurrencies, steganography and covert communication systems), and society and ethics.

SANS Northern Virginia - Reston 2017 (Reston, Virginia, USA, May 21 - 26, 2017) This event features comprehensive hands-on technical training from some of the best instructors in the industry and includes courses that will prepare you or your technical staff for DoD 8570 and GIAC approved certification exams. Start making your plans now to attend SANS Northern Virginia - Reston 2017.

Enfuse 2017 (Las Vegas, Nevada, USA, May 22 - 25, 2017) Enfuse™ is a three-day security and digital investigations conference where specialists, executives, and experts break new ground for the year ahead. Enfuse offers unsurpassed networking opportunities, hands-on training, and in-depth exploration of current topics.

2017 Cyber Investing Summit (New York, New York, USA, May 23, 2017) The 2nd Annual Cyber Investing Summit is an all-day conference focusing on investing in the $100+ billion dollar cyber security industry. Attendees will explore the financial opportunities, trends, challenges, and investment strategies available in the high growth cyber security sector. The 2016 Inaugural Cyber Investing Summit welcomed 180+ of the leading cyber professionals, technology analysts, venture capitalists, fund managers, investment advisors, government experts, and more. New this year: separate panels offered throughout the day highlighting publicly traded firms as well as privately owned entities, opportunities to meet one-on-one with corporate executives, and new panel topics (including Investment Strategies & Opportunities, M&A Landscape, Funding for Startups, Government Spending Review, Cyber Sale Lifecycle, and more). Network with investment professionals, asset managers, industry experts, financial analysts, media and more.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

Vault 7 and jihadist opsec. ShadowBrokers and Pepe the Frog. Wishful speculation about North Korean missile test failures. "Karmen" ransomware for sale. Homograph phishing. US Congressional committees squabble over cyber equities.