The CyberWire Daily Briefing 4.20.17

Summary

By The CyberWire Staff

Two unsurprising reminders about espionage nonetheless bear repeating. First, Rapid7 notes that intelligence services' cyberattacks operate at a "low, consistent hum," and that industries aligned with state interests are of greatest interest to other states. Second, the US Intelligence Community views "rogue insiders" as being at least as dangerous as external threats.

Flashpoint publishes a major study of how cybercriminal gangs communicate.

SurfWatch draws security lessons from the growing availability of source code and malware online—"Resenware," the joke ransomware a South Korean undergraduate put together serves as a cautionary example.

Tanium is again in the news in an unfortunate way: the company used a customer's network (a California hospital) to demo its security software without the customer's permission, potentially exposing sensitive data. Tanium's CEO acknowledges that mistakes were made, and also apologizes for his "hard-edged" manner. Triple-unicorn Tanium is preparing for an IPO.

Two intra-sector disputes continue to play out. In one, Google squabbles with Symantec over Google's revocation of trust in some Symantec certificates.

The other dispute involves what should count as adequate testing for security products. On one side is Cylance (with some quiet support from NSS Labs), which argues that traditional testing against known-bad signatures biases results in favor of signature-based and related legacy security products. On the other side are companies like Sophos and Carbon Black, who say that Cylance's preferred approach simply gooses test results in favor of Cylance. (Security testing is clearly more complex and contentious than the often-cited UL electrical safety model.)

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Argentina, Australia, Brazil, Canada, China, Germany, India, Iran, Japan, Republic of Korea, Russia, Switzerland, Taiwan, Thailand, Turkey, United Kingdom, United States, and and Vietnam.

A note to our readers: Robert William Taylor, the visionary who in the 1960s envisioned networked computers as a means of communication, passed away last Thursday at his home in California. Our condolences to his family and friends, and our thanks for a life well-lived.

On the Podcast

In today's podcast, we speak with Joe Carrigan from our partners at the Johns Hopkins University about the security limitations of fingerprint sensors. We also have a guest, Amit Rahav from Secret Double Octopus on the challenges of authentication.

Sponsored Events

Hacker Secrets Revealed: 5 Security Mistakes to Avoid (Webinar, April 27, 2017) Delta Risk research has identified the attack vectors bad actors most commonly use to get initial access to a network and spread across the rest of the organization.

The Cyber Security Summit: Dallas (Dallas, Texas, USA, May 5, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from the U.S. Dept of Justice, Proofpoint, CenturyLink, IBM and more. Register with promo code cyberwire50 for half off your admission (Regular price $350)

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

APT Attack Activity Occurs at 'Low, Consistent Hum,' Rapid7 Finds (Dark Reading) Organizations in industries aligned to nation-state interests are main targets of nation-state attack threats, new quarterly threat report shows.

US Intelligence Agencies Fear Rogue Insiders as Much as Spies (Military.com) A proliferation of U.S. intelligence and military insiders have gone rogue and spilled secrets to journalists or WikiLeaks.

Slew of Source Code and Malware Leaks Increases Risk for Organizations (SurfWatch Labs) Earlier this month, an undergraduate student in Korea apologized for creating and making public the joke ransomware “Resenware.” The malware didn’t ask for money to decrypt files; instead, it required victims to score more than 200 million points on the “lunatic” level of the shooting game Touhou Seirensen ~ Undefined Fantastic Object.

Flashpoint - An Analysis of Cybercriminal Communication Strategies (Flashpoint) The ubiquitous usage of encrypted communication tools among cybercriminal communities presents challenges for organizations seeking to combat cybercrime.

An Analysis of Cybercriminal Communications Strategies (Flashpoint) To understand the most common services used worldwide by criminals is to better understand what your organization can do to mitigate risk.

Cybersecurity Startup Tanium Exposed California Hospital’s Network in Demos Without Permission (Wall Street Journal) Cybersecurity firm Tanium spent years pitching its software by showing it working in a client’s network—something the client, a California hospital, says Tanium never had permission to do.

Tanium exposed hospital’s IT while using its network in sales demos (Ars Technica) CEO used client hospital's network in demo "hundreds of times," reports WSJ.

An Open Letter From Tanium’s CEO To Our Customers (Tanium Blog) I can imagine that many of you are getting tired of waking up to the bad Tanium press stories hitting your inbox in the last week. Most of you know our company well, and reading these stories can be disturbing to all of us.

Vigilante Hacker Uses Hajime Malware to Wrestle with Mirai Botnets (BleepingComputer) Hajime, an IoT malware strain discovered last October, appears to be the work of a vigilante who has set out to take over and neutralize as many smart devices as possible before other botnets like Mirai can get ahold of them.

Researchers identify new variant of IoT/Linux botnet (MIS Asia) The Amnesia botnet targets an unpatched remote code execution vulnerability.

Fake Super Mario Run App Steals Credit Card Information (TrendLabs Security Intelligence Blog) Trend Micro has identified more malicious Android apps abusing the name of the popular mobile game Super Mario Run.

Android SMS Spyware Sees Millions of Downloads (Infosecurity Magazine) SMSVova can steal and relay a victim's location to an attacker in real time.

Flashlight App on Google Play Spreads Banking Malware (Cyware) Android users were the target of another banking malware, detected by ESET, with screen locking capabilities, masquerading as a flashlight app on Google Play.

Why Brand Monitoring is a Security Issue - Typosquatting (Anomali) Corporate brands are generally thought of as intangible objects that carry the company’s image and reputation.

Stalkerware Company FlexiSpy Calls Catastrophic Hack ‘Just Some False News' (Motherboard) In the aftermath of a damaging hack, the company is keeping it quiet.

Anonymous India Claims Snapchat Hack, Leaking Details of 1.7 Million users (HackRead) One of the biggest and most popular social networking platforms, Snapchat, has once again become the center of attention.

Neiman Marcus: 2015 Breach Exposed Full Card Details (Data Breach Today) Luxury clothing retailer Neiman Marcus has disclosed that a December 2015 breach compromised more sensitive information than first thought.

Imperva Incapsula uncovers elaborate 80,000-strong spam botnet (SC Magazine UK) Researchers at the security company find that making money online from fake Viagra not so hard.

Tracing Spam: Diet Pills from Beltway Bandits (KrebsOnSecurity) Reading junk spam messages isn’t exactly my idea of a good time, but sometimes fun can be had when you take a moment to check who really sent the email.

Fake Australian Securities and Investments Commission emails target business owners with malware (CRN Australia) Invites recipients to renew their business details.

HHS Watchdog Agency Issues Phone Scam Warning (GovInfo Security) The Department of Health and Human Services has issued a warning for consumers to be on alert for fraudsters

How tech support scammers have made millions of dollars (Naked Security) Researchers who spent eight months digging into the scammers’ techniques reveal the tools the bad guys use and the money they’ve made

Google: “Google Hire” Won't Share Browsing History with Employers (HackRead) Google is known to be in the spotlight for its success mostly, but this wasn’t the case last night.

Security Patches, Mitigations, and Software Updates

Researchers Find Multiple RCE Bugs in Linksys Routers (Infosecurity Magazine) Researchers Find Multiple RCE Bugs in Linksys Routers. IOActive works with manufacturer on issues with Smart Wi-Fi models

Report: Google will add an ad blocker to all versions of Chrome Web browser (Ars Technica) The owner of the Web's biggest advertising platform is building an ad blocker?

Mozilla: The Firefox Attacks Wikileaks Gave to Us Were Already Fixed (Motherboard) Turns out three potential Firefox vulnerabilities found in a cache of alleged CIA files were dealt with in 2012 and 2014.

LG G6 On Verizon Receives A Notable Update Adds April Security Patches (Droid Report) Verizon’s First LG G6 update with Android April security patches adds a couple of extra features.

Patched Flaw in Bosch Diagnostic Dongle Allowed Researchers to Shut Off Engine (Threatpost) Two vulnerabilities were identified in Bosch’s Drivelog Connect OBD-II dongle and smartphone app that allowed researchers to shut off the engine of a vehicle.

Microsoft Touts New Phone-Based Login Mechanism (Threatpost) Microsoft announced this week its giving users a new way to sign into their accounts without long and complicated passwords.

How to bypass Microsoft's update block for Windows 7, 8.1 (Network World) GitHub user Zeffy created a custom patch to defeat Microsoft's update block for Windows 7 and 8.1 users using devices powered by next-gen processors.

Microsoft's new Patch Tuesday gets mixed reviews (CRN Australia) Security bulletins replaced with updates guide.

Cyber Trends

Rapid7 Threat Report 2017 Q1 (Rapid7) The “threat landscape” is a moving, shifting form that will look different to different organizations—it all depends on where you are standing.

Organizations are not effectively dealing with open source security threats (Help Net Security) Black Duck open source audits of 1000+ applications show widespread weakness in addressing open source security vulnerability risks.

How secure are banks and financial services firms? (Help Net Security) Many senior bank executives are confident about their cybersecurity strategy, yet a lack of practical testing is leaving gaps in their defense.

Be Compromise Ready: Go Back to the Basics (BakerHostetler) Cybersecurity carries a certain mystique.

Fighting ‘the boy’s club’ mentality in cyber security (IT World Canada) Few IT leaders would deny that having staff with a wide range of backgrounds is an advantage. But with men still dominating

Marketplace

Feds face big obstacle in cyber efforts: Geography (TheHill) There’s a major overlooked challenge in the government’s struggle to shore up its cybersecurity, experts say: the location of the nation’s capital.

Tanium CEO Apologizes for Being ‘Hard-Edged’ After Executive Exodus (Bloomberg.com) Cybersecurity startup used hospital's computer network for sales pitches without permission

IBM Should Buy Palo Alto Networks (Seeking Alpha) IBM accomplished a rare feat of quarterly year-over-year revenue declines for 20 consecutive quarters. Instead of wasting money on share buybacks, IBM needs to

OCX May Pave Way For ‘Huge’ Raytheon Cyber Business (Breaking Defense) OCX, for the last two years the most troubled space acquisition program and a watchword for the high risks of being the first program to try and meet the Pentagon’s highest cyber security standards, may now open the way for Raytheon to plow its way deep into the rich fields of the cyber security market.

Dome9 Security nets $16.5 mln Series C (PE Hub) Mountain View, California-based Dome9 Security, a provider of cloud infrastructure security solutions, has raised $16.5 million in Series C funding. SoftBank led the round.

Cylance layoffs hit Australian shores (CRN Australia) Trusts distributor for marketing and sales approach.

How a high schooler hacked into a security company and ended up with a job (CNBC) When top security expert Dug Song found out he was hacked by student Jono Oberhide, he ended up teaming up and starting a company.

Ingram Micro signs distribution agreement with ESET to offer security for Canadian partners (Computer Dealer News) Ingram Micro is making sure its Canadian partners can choose from the most up to date security solutions available. The tech distributor

Ingram Micro Named Global Symantec Distribution Partner (IT Briefing) Building on its success in advanced IT security, Ingram Micro Inc. is now a key global distribution partner for Symantec and an authorized distributor for the network security portfolio Symantec gained through its acquisition of Blue Coat last August.

WISeKey to Leverage Zug Position in Switzerland as Crypto Valley by Establishing an IoT Blockchain Center of Excellence (Yahoo! Finance) WISeKey International Holding Ltd , a leading Zug domiciliated Swiss cybersecurity and Blockchain IoT company announced today its intention to establish an Internet of Things Blockchain Center of Excellence in the Canton of Zug aiming to deploy a Trusted Blockchain as a Service platform.

Software firm Corero bags multi-year contract with big-name internet service provider (Proactiveinvestors UK) Corero Network Security PLC (LON:CNS) - Corero will provide its SmartWall products and SecureWatch services to the internet service provider’s customers

CIO Applications Names Delta Risk LLC as Top 25 Cyber Security Company (Broadway World) CIO Applications names Delta Risk LLC as Top 25 Cyber Security Company

Splunk Named One of the “Best Places to Work” for 10th Consecutive Year (Yahoo! Finance) Splunk Inc. , provider of the leading software platform for real-time Operational Intelligence, today announced it has been named one of the “Best Places to Work” in the Bay Area by the San Francisco Business Times.

Teradata puts the swagger back in its step (BW CI World) From a technology focused company, Teradata took big strides in the past year to become more customer focused. It embraced open source technologies, the cloud and software defined analytics. Teradata also made a foray into consulting services.

iovation Appoints Dwayne Melancon as New Vice President of Product (MarketWired) Noted cybersecurity expert to lead innovation for growing fraud prevention and authentication provider

OWL Cybersecurity Appoints Andrew Lewman as Vice President (Businesswire) Executive to bring darknet expertise and business strategy to Vice President role

Karen Dayan Appointed Chief Marketing Officer of Trusona (PRNewswire) Trusona, the leader in simply secure identity authentication, today...

Robert Zitz Joins SSL as SVP and Chief Strategy Officer (WashingtonExec) Space Systems Loral, a provider of innovative satellites and spacecraft systems, announced this week it is increasing its commitment to support U.S. gov...

Here’s the businesswoman who will replace the longtime former CEO on Tech Data’s board (Tampa Bay Business Journal) Tech Data Corp. shareholders will vote on adding a top executive from a government technology consulting firm to the Tech Data board of directors.

Security Orchestration Automation & Response Leader CyberSponse, Inc. Has Raised the Bar by Electing Larry Johnson as the Company’s Next Chief Executive Officer (PRWeb) CyberSponse, Inc., the global leader in Security Orchestration Automation and Response, has raised the bar by electing Larry Johnson as the company’s next Chief Executive Officer.

Former Sourcefire CEO John Becker Joins Cyren Board as Outside Director (PRNewswire) Cyren (NASDAQ: CYRN), an internet Security as a Service provider,...

Glance Technologies Appoints Former VP of Cisco Systems, Inc. to Board of Directors (Sys-Con Media) Glance Technologies Inc. (OTCQB:GLNNF) (CSE:GET.CN) (CSE:GET.RT) (FKT:GJT) is pleased to announce the appointment of Mr. Larry Timlick to its board of directors as of April 18th, 2017.

Products, Services, and Solutions

IIoT: New Industrial Security Solution for Secure Modbus Protocol Communication available from Rohde & Schwarz Cybersecurity (Rohde & Schwarz Cybersecurity) SCADA, CIS, ICS and similar Modbus protocol communication based industrial systems become much more vulnerable due to their increasing connection to the Internet.

Sophos Boosts Server Protection Products with Next-Gen Anti-Ransomware CryptoGuard Technology (Finanz Nachrichten) Sophos (LSE: SOPH), a global leader in network and endpoint security, today announced, that its next-generation anti-ransomware CryptoGuard

Cyphort Introduces the Anti-SIEM (Yahoo! Finance) Cyphort Inc. today unveiled a powerful security analytics platform that empowers enterprise security teams with the prioritized, actionable intelligence required for fast, interactive threat investigation ...

Balabit Introduces Shell Control Box 5 for Improved Incident Management (SecurityInfoWatch.com) New version of Balabit's Privileged Session Management solution speeds up forensic investigations, leverages existing security investments, and provides a best-of-breed user experience

ManagedMethods Announces Support of Gmail and Office 365 Email Featuring Check Point SandBlast Zero-Day Protection (Businesswire) Today at the CPX 2017 conference ManagedMethods, a provider of cloud security solutions, announced its new email scanning feature and an expansion of

Bay Dynamics and Grant Thornton to help companies make simpler, more cost-effective cyber decisions (Yahoo! Finance) Bay Dynamics® is partnering with professional services provider Grant Thornton LLP – the U.S. member firm of Grant Thornton International Ltd – to help companies make simpler, more cost-effective cyber security decisions.

IBM Security App Exchange Now Features Over 90 Custom Applications (PRNewswire) IBM (NYSE: IBM) announced today that the IBM Security App Exchange has grown to over 90 custom applications from IBM and Business Partners, fostering innovation and collaboration amongst the security community. Over 30,000 apps, content packs and tools have

RapidFire Tools Inc. Launches Unlimited-Use Internal Cyber Security Service Delivery System For MSPs (Yahoo! Finance) RapidFire Tools Inc. has bundled together a powerful new set of tools that, for the first time, allows MSPs to roll-out a high-value, automated and branded internal IT security service that can be offered ...

NIST Includes MobileIron and Entrust Derived Credentials in Reference Architecture (Yahoo! Finance) MobileIron (NASDAQ:MOBL), the security backbone for the digital enterprise, and Entrust Datacard, a leader of trusted identity and secure transaction ...

Malwarebytes Integrates with ForeScout to Deliver Real-Time Threat Visibility and Remediation (Businesswire) Malwarebytes™ today announced an integration with ForeScout Technologies, Inc.

Swimlane Achieves Cisco Compatibility Certification With the Cisco Solution Partner Program (Yahoo! Finance) Swimlane announced that its automated incident response and security orchestration platform, Swimlane, has successfully achieved Cisco compatibility certification with Cisco Threat Grid.

Sumo Logic Extends Support for SaaS Contracts on AWS Marketplace (Marketwired) New flexible subscription and procurement model enables AWS users to purchase the industry's leading cloud-native machine data analytics platform with a single click

Arrow Electronics Expands Security Offerings via Its Seneca Brand (IT Business Net) Dell EMC OEM video and surveillance products now available in Seneca-bundled solutions

Arrow Electronics Expands Security Offerings via Its Seneca Brand (null) Dell EMC OEM video and surveillance products now available in Seneca-bundled solutions

Arrow Electronics Expands Security Offerings via Its Seneca Brand (IT Business Net) Dell EMC OEM video and surveillance products now available in Seneca-bundled solutions

Arrow Electronics Expands Security Offerings via Its Seneca Brand (null) Dell EMC OEM video and surveillance products now available in Seneca-bundled solutions

HyTrust Helps Feds Meet Cloud Security Mandate (SDxCentral) HyTrust cloud security products aim to make it easier for public agencies to comply with a federal cloud security mandate.

Threat Sketch Creates Free, Custom Cybersecurity Plan for North Carolina Business (PRNewswire) One local business owner is grateful for having participated in...

BlueCat DNS Edge Pounces on Insider Threats (eSecurity Planet) The solution uses DNS data to detect suspicious behavior within enterprise networks.

Technologies, Techniques, and Standards

Cylance Battles Malware Testing Industry (Security Week) After a brief respite, the animosity between the incumbent anti-virus vendors and the newcomer machine learning (ML) endpoint protection vendors has returned; and the focus is still on testing.

Google Won't Trust Symantec and Neither Should You (Dark Reading) As bad as this controversy is for Symantec, the real damage will befall the company and individual web sites deemed untrustworthy by a Chrome browser on the basis of a rejected Symantec certificate.

The Cost Of Cyber Breach -- How Much Your Company Should Budget (Forbes) Ariel Evans is an American Israeli cybersecurity expert, entrepreneur and business developer. She recently took the helm of an Israeli cyber risk company that provide enterprises, cyber insurers and M&A teams quantification of cyber risk. Additionally, she consults for over 30 Israeli companies and is the go-to person in Israel that connects cyber startup companies to funding and business development opportunities.

What You Need To Know About Fourth-Party Vendor Risk (BitSight) Your third parties aren’t the only vendors you should be thinking about. Here’s what you need to know about monitoring fourth-party vendor risk.

DNS Query Length... Because Size Does Matter (SANS Internet Storm Center) n many cases, DNS remains a goldmine to detect potentially malicious activity.

Five Principles for Improving Medical Device Cybersecurity (HealthcareInfo Security) Medical device manufacturers and healthcare entities should take five key cyber-related steps to help ensure patient safety, says Beau Woods of the grassroots

Improve employee device access, security for happier workplace, customers: Dell (Techgoondu) Better devices for employees and improved security are the priorities for Southeast Asian firms seeking workplace transformation to better serve customers.

Design and Innovation

Security and the human factor: Creating a positive user experience (Help Net Security) Despite the myriad of security solutions deployed, breaches are still happening. Even with robust security solutions, we’re failing with the fundamentals.

Venafi: automate cryptographic functions in DevOps, or die, basically (Computer Weekly) DevOps is, obviously, a coming together of Developers and Operations teams. All well and good, but what about security?

MasterCard trials biometric bankcard with embedded fingerprint reader (TechCrunch) MasterCard is trialling a Chip and PIN bankcard that includes an embedded fingerprint reader, introducing a biometric authentication layer for card payments..

Blockchain: 'Overhyped' buzzword or real-deal enterprise solution? (CSO Online) While blockchain technology may be a hotspot in data privacy, experts disagree about whether it’s a good fit for enterprises that have traditionally relied on centralized data control.

Weaknesses in Bitcoin and blockchain might undermine efforts to expand their use (MIT Technology Review) An expert who is studying Bitcoin and blockchain technologies says those looking to commercialize them need to be aware of potentially dangerous technical issues.

What are Schnorr Signatures? (The Merkle) Every bitcoin user knows the popular currency is based on cryptographic standards and technology. As a result, bitcoin developers can regularly introduce new features to make the currency more secure

Academia

ICMCP Announces Cybersecurity Educational Scholarship Award Provided by Conventus Corporation (PRWeb) Award provides $5,000 for selected ICMCP member student over 2 years for undergraduate degree program

Legislation, Policy and Regulation

How Israeli Conscription Drives Innovation (Foreign Affairs) The IDF’s conscription system has brought great benefits to Israel’s economy. In European countries, a selective draft has the potential to produce the same results.

Intelligence Community Pushes to Keep Surveillance Powers (Foreign Policy) Maintaining existing foreign intelligence powers is "the intelligence community’s top legislative priority for 2017," a new document notes.

The FISA Amendments Act: Q&A (IC on the Record) The Intelligence Community’s top legislative priority for 2017 is reauthorization of the FISA Amendments Act.

Schiff advocates for NSA, Cyber Command split (TheHill) The top Democrat on the House Intelligence Committee is calling for the National Security Agency (NSA) to be split from U.S. Cyber Command.

Army looks to revamp its intelligence enterprise from the 'bottom-up' (FederalNewsRadio.com) Interviews and surveys are asking commanders at every level what they'll need from the intelligence corps over the next decade.

A Plan to Tamp Down Defense Network Cyberthreats (SIGNAL Magazine) The Defense Department should adapt this two-phase plan to make network security more agile and automated in the rapidly evolving threat landscape.

(ISC)2 Issues Recommendations to Trump Administration (Infosecurity Magazine) (ISC)2 urges prioritization of workforce development within the pending cybersecurity executive order.

Huge new boost for cyber sector (InnovationsAus.com) The Turnbull government’s $230 million Cyber Security Strategy turns one this week and the industry scores a boost from a new Cyber Security Sector Competitiveness Plan launched today.

Tech firms are our next line of defence (Times (London)) Driving a tank is an unenviable task. The commander must decide where to go and where to direct fire, based on limited visual information. Recently FFI, the Norwegian government’s defence research...

Data compliance top of mind for Japanese enterprises as legal deadline looms (Security Brief) More than half of Japanese enterprises are increasing their security spending – and topping the list is compliance.

Who cares about Directives? Why UK companies will benefit from the harmonisation of trade secret law (Computing) Anette Gaertner of Reed Smith explains how the Trade Secrets Directive of 2018 will have a two-fold effect on UK firms

Startup Action Plan: What It Means to Security Practitioners (InfoRisk Today) Despite a slew of measures announced by the Modi government last year to encourage cybersecurity startups in the region, security experts argue that converting

Litigation, Investigation, and Enforcement

The Doxing of Equation Group Hackers Raises Questions About the Legal Role of Nation-State Hackers (Empty Wheel) Update: I should have caveated this post much more strongly. I did not confirm the names and IDs released in the dump are NSA’s hackers. It could be Shadow Brokers added names to cast blame on someone else. So throughout, take this as suspected doxing, with the possibility that it is, instead, disinformation.

Trend Micro Sponsors First Ever Guide for Cybercriminal Investigations (Businesswire) Trend Micro today announced the release of the first edition Cybercrime Investigation Body Of Knowledge (CIBOK) book by the CIBOK editorial committee.

Siemens employee catches coworker trying to sell secrets to China (CSO Online) China's hand was caught in the cookie jar, again. In early April 2017, an employee of Siemens was arrested on suspicion of espionage, the theft of trade secrets and intellectual property.

Bose in court for alleged eavesdropping (CRN Australia) Selling users' information without permission.

You Probably Shouldn’t Forge a Judge’s Signature to Solve Your SEO Problems (Motherboard) A jewelry company CEO was arrested on Monday and charged with forging court orders in order to de-index negative reviews on Google.

Lawsuit: Neo-Nazi website owner is liable for harassing Montana real estate agent (Ars Technica) "It's that time, fam... ready for an old fashioned Troll Storm?"

PGP public key and self-service postal kiosk expose online drug dealers (Ars Technica) Second of 2 AlphaBay sellers arrested in 2016 pleads guilty: Abdullah Almashwali.

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

(ISC)2 Security Congress (Austin, Texas, USA, September 25 - 27, 2017) (ISC)² Security Congress cybersecurity conference brings together nearly 1,500 cybersecurity professionals, offers 100+ educational and thought-leadership sessions, and fosters collaboration with forward-thinking organizations. The goal of our conference is to advance security leaders by arming them with the knowledge, tools and expertise to protect their organizations. (ISC)² members are eligible for special discounted pricing and will have opportunities to attend exclusive member events.

upcoming Events

ISSA CISO Executive Forum: Information Security, Privacy and Legal Collaboration (Washington, DC, USA, April 20 - 21, 2017) Information Security, Privacy and Legal programs must be closely aligned to be successful in today’s world. Customer and vendor contracts require strong security language. Privacy has moved to the forefront of a global stage. Response to data breaches are often coordinated through Legal departments to protect privilege. Increasing global regulations drives change to Information Security and Privacy practices. Join your Information Security, Legal and Privacy leadership peers to discuss timely issues in these areas.

International Conference on Cyber Engagement 2017 (Washington, DC, USA, April 24, 2017) Georgetown University's seventh annual International Conference on Cyber Engagement promotes dialogue among policymakers, academics, and key industry stakeholders from across the globe, and explores the worldwide community’s increasing interconnectivity in this domain.Drawing on the experience of government practitioners, industry representatives and academic scholars, this event brings a multidisciplinary and international approach to the challenges in cyberspace from technical, corporate, legal, and policy perspectives in both the United States domestic and international realms – with several topics targeting private sector interests.

SANS Baltimore Spring 2017 (Baltimore, Maryland, USA, April 24 - 29, 2017) SANS Institute, the global leader in information security training, today announced the course line-up for SANS Baltimore Spring 2017 taking place April 24 – 29. All courses offered at SANS Baltimore are open to civilians and veterans. Included among the course line-up are several master's degree and graduate certificate courses that are eligible for GI Bill benefits through the SANS Technology Institute graduate school.

(ISC)2 Cyber Security Congress 2017 (Calgary, Alberta, Canada, April 26, 2017) The aim of the Cyber Security Congress 2017 is to strengthen cyber security leaders by arming them with the knowledge, tools, and expertise to protect their organizations. In April, 2017 over 150 like-minded professionals will gather for the 1-day congress in Calgary, Alberta, Canada where cyber security experts and industry leaders will share their knowledge, experience and best practices through presentations and interactive panel discussions.

Defence Information 2017 (Cranfield, England, UK, April 26 - 27, 2017) Defence Information 2017 is the major annual communications event of Joint Information Group activities (the JIG reports to the Defence Suppliers Forum) and the Event’s content spans both Information and Support. Our DI’17 Event examines some of the ‘people, process and technology’ issues critical to Team Defence being able to adopt, embed and exploit new (and often disruptive) Information and Communications Technology (ICT) capabilities and associated new ways of working - to productive effect.

Houston Cyber Summit (Houston, Texas, USA, April 27, 2017) Cyber security strategy is a term most often associated with the operational levels of an organization – firewalls, encryption, internal assessments and so on. But even the best technology and monitoring processes won’t mean a thing unless the cyber security strategy aligns with the business strategy. How can organizations prioritize cyber security from the top down and the bottom up at the same time? The Houston Cyber Summit is a one-day conference designed for executives to learn how to protect the business through a proactive cyber security strategy.

Crimestoppers Conference (Eden Project, Bodelva, St Austell , April 27, 2017) Crimestoppers is organising a major one-day conference designed to help local businesses shore up their online security. A range of expert speakers will pinpoint typical cyber pitfalls to avoid. 80% of cyber crime is preventable and just a few key security steps can help avoid damaging your business reputation and finances

Atlantic Security Conference (Halifax, Nova Scotia, Canada, April 27 - 28, 2017) Atlantic Canada's non-profit, annual information security conference. AtlSecCon, the first security conference in Eastern Canada focusing on bringing some of the worlds brightest and darkest minds together with one common goal – to expand the pool of IT Security knowledge beyond its typical confines. AtlSecCon provides an unmatched opportunity for IT Professionals and Managers to collaborate with their peers and learn from their mentors.

SANS Automotive Cybersecurity Summit 2017 (Detroit, Michigan, USA, May 1 - 8, 2017) SANS will hold its inaugural Automotive Cybersecurity Summit to address the specific issues and challenges around securing automotive organizations and their products. Join us for a comprehensive look at automotive assembly, industry suppliers, embedded systems, and safeguarding extended customer and product data. The Summit will include two-days of in-depth presentations from top security experts and seasoned practitioners, hands-on learning exercises, and exclusive networking opportunities.

cybergamut Tech Tuesday: Distributed Responder ARP: Using SDN to Re-Engineer ARP from within the Network (Elkridge, Maryland, USA, and online at various local nodes, May 2, 2017) We present the architecture and initial implementation of distributed responder ARP (DR-ARP), a software defined networking (SDN) enabled enhancement of the standard address resolution protocol (ARP) intended to improve network security and performance by exerting much greater control over how ARP traffic flows through the network as well as over what actually delivers the ARP service. Presented by Mark Alan Matties, PhD of The Johns Hopkins University Applied Physics Lab.

Cyber Security Summit in Dallas (Dallas, Texas, USA, May 5, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from Proofpoint, CenturyLink, IBM and more. Register with promo code cyberwire50 for half off your admission (Regular price $350)

OWASP Annual AppSec EU Security Conference (Belfast, UK, May 8 - 12, 2017) Welcome to OWASP Annual AppSec EU Security Conference, the premier application security conference for European developers and security experts. AppSec EU provides thought leadership, amazing talks, informative sessions, and great social experiences. During the pre-conference (Monday 8th - Wednesday 10th May 2017) there is the opportunity to attend one of the many trainings courses on offer from industry experts, plus project summits and outreach sessions to the future pioneers of the application security industry. The main conference (Thursday 11th & Friday 12th May) offers four full tracks of talks, for pentesters and ethical hackers, developers and security engineers, DevOps practices and GRC/risk level talks for managers and CISOs.

SANS Security West 2017 (San Diego, California, USA, May 9 - 18, 2017) Cybersecurity skills and knowledge are in high demand. Cyber attacks and data breaches are more frequent and sophisticated, and organizations are grappling with how to best defend themselves. As a result, cybersecurity is more vital to the growth of your organization than ever before. Now is the perfect time to take the next step to protect your organization and advance your career. Join us at SANS Security West 2017 (May 9-18) to gain the skills and knowledge needed to help your organization succeed. Choose from over 30 information security courses taught by SANS’ world-class instructors. At SANS Security West 2017, you will get the best hands-on, immersion training and learn what it takes to stop cyber threats.

OWASP AppSec EU (Belfast, Northern Ireland, UK, May 12 - 18, 2017) Welcome to OWASP Annual AppSec EU Security Conference, the premier application security conference for European developers and security experts. AppSec EU provides thought leadership, amazing talks, informative sessions, and great social experiences. During the pre-conference (Monday 8th - Wednesday 10th May 2017) there is the opportunity to attend one of the many trainings courses on offer from industry experts, plus project summits and outreach sessions to the future pioneers of the application security industry. The main conference offers four full tracks of talks, for pentesters and ethical hackers, developers and security engineers, DevOps practices and GRC/risk level talks for managers and CISOs.

EnergySec Security Education Week (Austin, Texas, USA, May 14 - 19, 2017) The Energy Sector Security Consortium, Inc.'s Security Education Week is designed for early to mid career cybersecurity professionals currently employed at electric utilities in North America. Students will receive technical instruction on various topics including threat hunting, network packet analysis, and security assessments. Sessions will also cover operational technology used in the electric sector, and instructional workshops from industry vendors. Students will also participate in facility tours hosted by the Lower Colorado River Authority (LCRA), and evening activities designed to build relationships within industry and strengthen the community of cybersecurity professionals.

K(no)w Identity Conference (Washington, DC, USA, May 15 - 17, 2017) To converge identity experts from across all industries in one space, to be at the nexus of ideas and policies that will fundamentally change identity around the world. Provides business leaders, privacy and security experts, tech innovators, and senior policy makers the forum to discuss the future of identity. By utilizing the world’s best event technology, K(NO)W connects attendees digitally and physically unlike ever before.

Global Cybersecurity Innovation Summit Advancing International Collaboration (London, England, UK, May 16 - 17, 2017) SINET – London creates a forum to build and maintain international relationships required to foster vital information sharing, broad awareness and the adoption of innovative Cybersecurity technologies.

Public Sector Cyber Security Conference: Defending the Public from Cyber-Attacks (Salford, England, UK, May 17, 2017) Join us for the Public Sector Cyber Security Conference where leading experts will explain how to protect the vital services provided by central Government, local councils and the NHS. Learn how to safeguard sensitive data such as medical records and keep IT systems safe from cyber-attacks by states, criminal gangs and cyber terrorists.

PCI Security Standards Council: 2017Asia-Pacific Community Meeting (Bangkok, Thailand, May 17 - 18, 2017) Two days of networking and one-of-a-kind partnership opportunities await you. Whether you want to learn more about updates in the payment card industry or showcase a new product, you’ll find it all at the 2017 Asia-Pacific Community Meeting.

2017 Georgetown Cybersecurity Law Institute (Washington, DC, USA, May 17 - 18, 2017) It is more important than ever that in-house and outside counsel stay abreast of the most current developments and best practices in cybersecurity. At our Institute you will receive insights on the best governance, preparedness, and resilience strategies from experienced government officials, general counsels, and cybersecurity practitioners who face these issues on a daily basis.

Northsec Applied Security Event (Montreal, Québec, Canada, May 18 - 21, 2017) The conference will feature technical and applied workshops hosted in parallel for the most motivated attendees. Topics include application and infrastructure (pentesting, network security, software and/or hardware exploitation, web hacking, reverse engineering, malware/virii/rootkits), cryptography and obfuscation (from theoretical cryptosystems to applied cryptography exploitation, cryptocurrencies, steganography and covert communication systems), and society and ethics.

SANS Northern Virginia - Reston 2017 (Reston, Virginia, USA, May 21 - 26, 2017) This event features comprehensive hands-on technical training from some of the best instructors in the industry and includes courses that will prepare you or your technical staff for DoD 8570 and GIAC approved certification exams. Start making your plans now to attend SANS Northern Virginia - Reston 2017.

Enfuse 2017 (Las Vegas, Nevada, USA, May 22 - 25, 2017) Enfuse™ is a three-day security and digital investigations conference where specialists, executives, and experts break new ground for the year ahead. Enfuse offers unsurpassed networking opportunities, hands-on training, and in-depth exploration of current topics.

2017 Cyber Investing Summit (New York, New York, USA, May 23, 2017) The 2nd Annual Cyber Investing Summit is an all-day conference focusing on investing in the $100+ billion dollar cyber security industry. Attendees will explore the financial opportunities, trends, challenges, and investment strategies available in the high growth cyber security sector. The 2016 Inaugural Cyber Investing Summit welcomed 180+ of the leading cyber professionals, technology analysts, venture capitalists, fund managers, investment advisors, government experts, and more. New this year: separate panels offered throughout the day highlighting publicly traded firms as well as privately owned entities, opportunities to meet one-on-one with corporate executives, and new panel topics (including Investment Strategies & Opportunities, M&A Landscape, Funding for Startups, Government Spending Review, Cyber Sale Lifecycle, and more). Network with investment professionals, asset managers, industry experts, financial analysts, media and more.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

Reminders about cyber espionage. How cybercriminals communicate. Malware source code proliferation. Tanium deals with a mistake in its demo practices. Google, Symantec, continue cert squabble. Security firms argue over the nature of product testing.