The CyberWire Daily Briefing 4.24.17

Summary

By The CyberWire Staff

WikiLeaks' release of alleged CIA cyberespionage tools in Vault 7 continues to prompt concerns over the risk all enterprises face when such tools hit the wild. Similar concerns surround the presumably independent release by the ShadowBrokers of what the group claims are NSA tools. One of those, the "DoublePulsar" backdoor affects large numbers (36,000, according to estimates by security firm Below0Day) of unpatched Windows machines worldwide. Countercept has released a tool that promises to determine whether a system has the DoublePulsar implant. And, of course, users are advised to patch their systems.

US investigations of the apparent leaks proceed, but without much public comment about progress. The US Justice Department has taken a renewed interest in indicting and prosecuting WikiLeaks' Julian Assange, still resident in Ecuador's London embassy.

A US court at the end of last week handed down the stiffest sentence on record (twenty-seven years) to Roman Valeryevich Seleznev, Russian carder and son of Valery Seleznev, an influential member of Russia's Duma. Seleznev fils was arrested in the Maldives in 2014, extradited to Seattle, and convicted in August 2016. In mitigation he unsuccessfully pleaded a difficult Vladivostok childhood.

Google has ejected SMSVova spyware from the PlayStore.

Researchers at security company Incapsula report finding a large and evasive spam campaign hawking counterfeit pharmaceuticals. More than 80,000 unique IP addresses are serving the spam. It's a large criminal campaign, the latest iteration of the "Canadian pharmacy" scam long pursued by organized gangs, most of which appear headquartered in Russia and Ukraine.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, Belgium, Brazil, China, France, Germany, India, Indonesia, Ireland, Italy, Japan, Democratic Peoples Republic of Korea, Republic of Korea, Malaysia, Netherlands, Poland, Romania, Russia, Singapore, Switzerland, Taiwan, Thailand, Turkey, Ukraine, United Kingdom, United States and Vietnam

On the Podcast

In today's podcast, we hear from Emily Wilson of our partners at Terbium Labs. She'll talk about the Dallas emergency siren incident and the unintended consequences people bring about when they hack for spectacle, for the lulz.

Sponsored Events

Hacker Secrets Revealed: 5 Security Mistakes to Avoid (Webinar, April 27, 2017) Delta Risk research has identified the attack vectors bad actors most commonly use to get initial access to a network and spread across the rest of the organization.

The Cyber Security Summit: Dallas (Dallas, Texas, USA, May 5, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from the U.S. Dept of Justice, Proofpoint, CenturyLink, IBM and more. Register with promo code cyberwire50 for half off your admission (Regular price $350)

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

United States remains vulnerable to North Korean cyber-attack, analysts say (ABC News) As North Korea blusters about launching missile strikes against the United States and its allies, experts are warning that aggressive action from North Korea is more likely to come from cyber space.

Researchers claim China trying to hack South Korea missile defense efforts (Ars Technica) Deployment of THAAD upsets China, seen as espionage tool.

Al Qaeda chief urges jihadists to use guerrilla tactics in Syria (Reuters) Al Qaeda leader Ayman al-Zawahri has called on Syrian Sunni jihadists to wage guerrilla war against enemies ranging from Syrian President Bashar al Assad and his Iranian-backed allies to Western powers.

Why the Wikileaks CIA dump was the most damaging one yet (TechCrunch) There are no hackers anymore -- now it's all about the spies we in the intelligence and security communities are trying to stop. The “insiders” have known..

Over 36,000 Computers Infected with NSA's DoublePulsar Malware (BleepingComputer) DOUBLEPULSAR, one of the NSA hacking tools leaked last Friday by the Shadow Brokers, has been used in the wild by ordinary hackers, who infected over 36,000 computers across the world.

Leaked NSA backdoor spreads throughout the world (iTnews) Exploit code infects tens of thousands of systems.

There's now a tool to test for NSA spyware (CSO Online) Has your computer been infected with a suspected NSA spying implant? A security researcher has come up with a free tool that can tell.

BrickerBot.3: The Janit0r is back, with a vengeance (Radware Blog) In early April, we identified a new botnet designed to comprise IoT devices and corrupt their storage. Over a four-day period, our honeypots recorded 1,895 PDoS attempts performed from several locations around the world. Its sole purpose was to compromise IoT devices and corrupt their storage. Besides this intense, short-lived bot (BrickerBot.1), our honeypots recorded …

BrickerBot author claims two million bricked IoT devices (Computing) 'The Janitor' claims to have removed two million insecure IoT devices from circulation

Mirai and Hajime Locked Into IoT Botnet Battle (Threatpost) A white hat hacker is believed responsible for the Hajime IoT botnet because its main objective appears to be to secure IoT devices vulnerable to the notorious Mirai malware.

Malicious Documents: A Bit Of News (SANS Internet Storm Center) This week I saw again a PDF containing a malicious Word document with macros (a downloader).

Giant [counterfeit pharma] Botnet Claims 80K Devices (Infosecurity Magazine) Researchers were able intercept payloads with details of 51 websites used by spammers to sell counterfeit drugs.

Cardinal RAT reigns under the radar two years (SC Magazine US) Palo Alto Networks researchers spotted a previously unknown remote access trojan (RAT) dubbed the Cardinal RAT which uses a unique technique involving malicious Excel macros.

RawPOS malware has new data-grabbing capabilities (Help Net Security) RawPOS has been equipped with the capability to steal data contained in the victims' driver's license's 2-dimensional bar code.

Top-ranked programming Web tutorials introduce vulnerabilities into software (Help Net Security) Researchers have checked 64,000+ GitHub projects, and found 117 vulnerabilities introduced through the use of code from popular programming tutorials.

Locky ransomware makes a comeback, courtesy of Necurs botnet (Help Net Security) The Necurs botnet has, once again, begun pushing Locky ransomware. It has been slinging thousand upon thousand of emails in the last three or four days.

The Locky Ransomware is Back and Still Adding OSIRIS to Encrypted Files (BleepingComputer) After almost an almost non-existent presence in 2017 and a few weeks off, Locky is back with a fresh wave of SPAM emails containing malicious docs. While it is not known what caused Locky's hiatus, if they plan on pushing the ransomware like they previously did, then we all need to pay close attention.

SMSVova Spyware Hiding in ‘System Update’ App Ejected From Google Play Store (Threatpost) An Android app that falsely claimed to be a tool for keeping smartphones up-to-date with the latest version of the OS was found surreptitiously tracking the physical location of it users using spyw…

Android Geo-Location Spyware Installed By Up To 5 Million Users (Dark Reading) SMSVova, disguised itself as a system update app and duped between 1 million and 5 million users into downloading it from the Google Play store.

Be careful on Google Play (Help Net Security) Google scrutinizes the apps submitted to Google Play for malicious behavior, but malware peddlers are constantly finding new ways to bypass these checks.

Email-based attacks exploit unpatched vulnerability in Microsoft Word (Normangee Star) This vulnerability was identified by the researchers at McAfee, who disclosed the previously unpatched exploit to give Office users a heads-up.

Linksys WiFi routers contain at least 10 bugs in more than 20 models (HackRead) The IT security researchers have discovered that more than 20 different Linksys' routers models are leaving thousands of devices vulnerable to outside atta

EFF Says Google Chromebooks Are Still Spying on Students (Softpedia) In the past two years since a formal complaint was made against Google, not much has changed in the way they handle this

Spying on Students: School-Issued Devices and Student Privacy (Electronic Frontier Foundation) Students and their families are backed into a corner. As students across the United States are handed school-issued laptops and signed up for educational cloud services, the way the educational system treats the privacy of students is undergoing profound changes—often without their parents’ notice or consent, and usually without a real choice to opt out of privacy-invading technology.Students are using technology in the classroom at an unprecedented rate.

Healthcare records for sale on Dark Web (CSO Online) A clinic in Baltimore is just one example of a healthcare provider having its records stolen, only to find them on the Dark Web for less than one cent per record.

Cyber attack on Buffalo hospital has Rochester facilities on high alert (WHAM) A Buffalo area hospital was targeted by a cyber attack and now has other hospitals on alert.Even two weeks after the virus was detected, the Erie County Medical Center, or ECMC, is still using pen and paper for each patient's reports.Thursday, they're stil

Authorities rule out cyber attack as cause of StarHub's 2016 broadband disruption (The Straits Times) The two disruptions in October last year (2016) to StarHub's home broadband network were not due to cyber attacks as the telco had suspected, an investigation has shown...

What Are we Doing to Protect the Power Grid from Cyber-Attacks? (Inverse) Friday's outages in NYC, SF, and LA showed what an attack could look like.

Uber responds to report that it tracked devices after its app was deleted (TechCrunch) Uber tracked former users even after they deleted the app from their iPhones, a practice that eventually earned CEO Travis Kalanick a scolding from Apple..

How Cybercrooks Put the Beatdown on My Beats (KrebsOnSecurity) Last month Yours Truly got snookered by a too-good-to-be-true online scam in which some dirtball hijacked an Amazon merchant’s account and used it to pimp steeply discounted electronics that he never intended to sell.

Phishing attacks using internationalized domains are hard to block (CSO Online) The latest version of Google Chrome restricts how domain names that use non-Latin characters are displayed in the browser in response to a recently disclosed technique that could allow attackers to create highly credible phishing websites.

Security Patches, Mitigations, and Software Updates

Skype Fixes ‘SPYKE’ Credential Phishing Remote Execution Bug (Threatpost) Microsoft fixed a bug in Skype last month that could have allowed an attacker to execute code on the system it was running on, phish Skype credentials and crash the application.

LinkedIn Apologizes After Privacy Snafu (Infosecurity Magazine) LinkedIn Apologizes After Privacy Snafu. “Find nearby” feature accidentally included in latest update

Android O Will Contain Special Feature to Fight Off Ransomware (BleepingComputer) Google has removed a feature of the Android operating system that has been used in the past in ransomware attacks.

Cyber Trends

Proofpoint CEO: Cyberattackers are now targeting individuals, not companies (CNBC) Jim Cramer spoke with Gary Steele, CEO of Proofpoint, about the company's growth and today's cyber threats.

Marketplace

Palantir’s Relationship With The Intelligence Community Has Been Worse Than You’d Think (BuzzFeed) The Silicon Valley data miner no longer works with the NSA, and its chief executive described the CIA as “recalcitrant” in the summer of 2015, BuzzFeed News has learned.

Cyber firms behaving badly (Fortune) A bad week

The Cyber Witch Hunts 2017 (Security Magazine) The Salem Witch trials began in the spring of 1692, a group of girls in Salem, Massachusetts, unhappy in the way they perceived that they were being treated, claimed to be possessed by the devil and accursed a bunch of the local village woman of witchcraft, mass hysteria prevailed. Eventually resulting in nineteen woman put …

Augusta’s burgeoning cyber community is rightly gaining wide notice (Augusta Chronicle) Augusta needs to think of itself differently – if for no other reason than to keep up with the rest of the world’s thinking about us.

AWS CEO Andy Jassy says VMware partnership will eliminate "binary decision" of hybrid cloud (CRN Australia) Takes swipe at Oracle for vendor lock-in.

The Missing Link opens new office to support Melbourne customers (CRN Australia) Sales and technical staff lead the expansion.

EiQ Networks, Bay Dynamics sign up cybersecurity partners (SearchITChannel) EiQ Networks and Bay Dynamics join numerous other security vendors that are expanding relationships with cybersecurity partners.

Raytheon's top cybersecurity exec saw compensation double to $12.5M (Boston Business Journal) David Wajsgras, an executive at Waltham-based defense contractor Raytheon Co., saw his total compensation jump by nearly $7 million to a total of $12.5 million in 2016, according to a recent filing with the U.S. Securities and Exchange Commission.

Products, Services, and Solutions

Preempt Launches Global Reseller Program to Eliminate Insider Threats and Boost Security Team Effectiveness (Preempt) Leading advanced UEBA provider signs over a dozen partners to new reseller program

Cyberbit’s new Endpoint Detection and Response Release Advances Cybersecurity with Adaptive, Automated Capabilities (Cyberbit) Cyberbit EDR uses adaptive behavioral analysis to detect fileless, signature-less attacks

Easy Solutions Launches Artificial Intelligence Anti-Fraud Service (Businesswire) Easy Solutions today unveiled its new Detect TA Artificial Intelligence (AI) Fraud Assessment Service for banks and other financial institutions

Check Point Launches New Infinity Architecture, Brings Together Security Portfolio Under Single Platform (CRN) The new platform includes Check Point's technologies for security management, mobile, cloud, threat prevention and its network security appliances.

Intel To Unwrap Coffee Lake, Basin Falls Earlier Than Planned Due To AMD Ryzen (Tech Times) Intel is rumored to unveil its Basin Falls platform and Coffee Lake chips earlier than expected. The scheduling adjustments is purportedly due to the increasing popularity of AMD’s new chips.

Protecting the treasure trove (Sophos News) Ransomware has been on the computer security radar for some time now but are you aware that it’s increasingly targeting servers?

Cybersecurity firm LogRhythm partners with University of Massachusetts (BizWest) LogRhythm, a cybersecurity solutions and intelligence company, was selected by a major university to provide centralized network security. The University of Massachusetts System Office selected the Boulder-based firm for to provide complete security to its network — something made all the more necessary because as a university, there’s a lot of people who have access.

Technologies, Techniques, and Standards

Don't Shoot The Messenger: Cylance Didn't Break AV Testing (Forbes) There has been some controversy recently around Cylance and the methodology it recommends to test the efficacy of Cylance Protect compared with other endpoint security solutions. There are certainly issues with how antimalware tools are compared and evaluated—especially by the accepted, industry-standard measurements—but those issues are neither unique to, nor a function of Cylance itself.

Forget signatures for malware detection. SparkCognition says AI is 99% effective (CIO) The volume of malicious software in the wild has exceeded researchers’ ability to write signatures for all of it. The most effective way to detect malware today is through the use of artificial intelligence

National Cyber Security Alliance Offers Tips for Successful 'Digital Spring Cleaning' (Government Technology) Digital spring cleaning could be the key to protecting your data from theft this year.

Humans Join Systems On The Hunt for Threats (SIGNAL Magazine) Threat hunting allows cyber attacks to be discovered earlier with the goal of stopping them before intruders are able to carry out their attack objectives.

DISA's plan to replace CAC to come together this year (FederalNewsRadio.com) DISA is moving toward multi-factor authentication, including biometrics and other “patterns of life” type of technologies.

Design and Innovation

Want to Stop Facebook Violence? You Won’t Like the Choices (WIRED) No one wants murder videos on Facebook. But no one wants Facebook to censor their baby videos, either.

Elon Musk's Neuralink Wants to Fight Brain Conditions Using Cloud-Based A.I. (Inc.com) Musk announced he's running the latest venture, making him the CEO of three companies.

Legislation, Policy and Regulation

Geeks v government: The battle over public key cryptography (BBC News) The technology which underpins the internet's security has always been disputed.

Feds wait on Trump's cyber plan (FCW) While agencies and industry continue to wait for the Trump administration's cyber executive order, another cybersecurity report the president promised is nowhere to be found, raising more questions about the administration's focus on cyber.

Army releases new cyber, EW field manual (C4ISRNET) The Army has released its new updated field manual for cyber and electronic warfare.

Navy to begin JRSS migration this fall (C4ISRNET) After some initial resistance from the Navy, a top Defense Information Systems Agency official said the service is scheduled to begin migration to the Joint Regional Security Stacks in the fall.

Commandant says future warfare needs better communications gear (Marine Corps Times) Gen. Robert Neller reflected on the Corps’ communication needs when he arrived at his first unit in the mid-1970s – when a rifle company carried radios, field phones and slash wire.

Overhaul of $6B cyber program gets off to encouraging start (FederalNewsRadio.com) GSA and DHS held an industry day to explain how the new process under the Continuous Diagnostics and Mitigation (CDM) program would work.

Litigation, Investigation, and Enforcement

Russian man gets longest-ever US hacking sentence, 27 years in prison (Ars Technica) Roman Seleznev bankrupted businesses, did $170 million in damage.

Russian carding industry pioneer sentenced to 27 years in prison (Help Net Security) 32-year-old Roman Valeryevich Seleznev, aka Track2, has been handed the longest US hacking sentence to date: 27 years in prison.

10-Year U.S. Secret Service Cyber-Crime Investigation Culminated in 27 Year Prison Sentence for Russian Hacker (US Secret Service) Over 400 victim companies defrauded of more than $169 million

Are Terrorists Using Cryptocurrencies? (Foreign Affairs) Greater pressure on existing terrorist finance methods coupled with easier-to-use cryptocurrencies that give users greater anonymity may well lead to a large-scale adoption of the technology by terrorists and extremists such as ISIS.

NYT: Russian hack didn't immediately raise alarms with FBI (TheHill) Russia’s hacking of the Democratic National Committee (DNC) during the presidential election did not instantly raise concerns at the FBI or the Department of Justice.

Ryan: Russian meddling probes can help US allies (TheHill) Speaker Paul Ryan (R-Wis.) said Saturday that ongoing federal investigations into Russia's meddling in the 2016 presidential election could help prevent similar interference in the elections of U.S. allies.

FBI, NSA call for further testimony on Trump-Russia investigation (The Washington Times) Ramping up their Congressional investigation into alleged Russian meddling in the 2016 election, lawmakers have invited directors of the FBI and National Security Agency to testify again, in addition to expressing a desire to hear from the Obama administration’s top intelligence officials.

House intel panel to hear from top officials on Russia probe (Newsday) The House intelligence committee has asked top law enforcement and intelligence officials to testify in open and closed hearings next week on Russian activities to

Justice Department close to criminal charges against WikiLeaks, Julian Assange (Washington Examiner) The Justice Department is considering arresting and filing criminal charges against members of WikiLeaks, including founder Julian Assange, according to reports Thursday.

If the U.S. Could Prosecute Assange, It Would Have Already Done So (Foreign Policy) Trump’s team has gone from cheerleading WikiLeaks to excoriating it in a matter of months, just as the Russiagate investigation heats up.

Senators seek data on Americans caught up in surveillance (WCVB) A Democratic privacy advocate and libertarian-minded Republican are asking the nation's top intelligence official to release more information about the communications of American citizens swept up in surveillance operations

Unmasking the Unmaskers (Foreign Policy) What Susan Rice did used to be unusual, but it was encouraged by years of expanding access to signals intelligence.

NYT: Comey distrusted Lynch on Clinton (TheHill) Comey reportedly thought that Lynch attempted to downplay the Clinton investigation.

Interpol Spots Thousands of C&C Servers Across Asean (Infosecurity Magazine) Interpol Spots Thousands of C&C Servers Across Asean. Public-private operation also discovers hundreds of compromised sites

Google Pleads for Better Cross-Border Exchange of Digital Evidence (Threatpost) Google asked for MLAT reform, and released its biannual Transparency Report revealing it received a record number of government requests for user data.

Wall Street IT Engineer Hacks Employer to See If He Will Be Let Go (BleepingComputer) On Friday, April 7, the FBI arrested Zhengquan Zhang, a 31-year-old IT engineer, who now stands accused of installing malware on his employer's servers to steal proprietary source.

Teenage boy brought down websites of Cambridge University, Microsoft and Sony then made £386k selling the software to criminals (The Telegraph) A teenage boy brought down the websites of Cambridge University, Microsoft and Sony then made £386k selling the software to criminals.

Brazen Coachella thief steals 100 phones, is defeated with the help of 'Find My Phone' (Mashable) Some dude at Coachella stuffed 100 stolen phones in his backpack but forgot people can track those things.

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

SECON 2017 (Jersey City, New Jersey, USA, May 25, 2017) Social engineering impacts security. (ISC)2 New Jersey Chapter is a 501(c)(3) not-for-profit charitable organization. Our chapter’s mission is to disseminate knowledge, exchange ideas, and encourage community outreach efforts, for advancement of information security practice and awareness in our society. We also strive to provide enjoyable opportunities for professional networking and growth.

Global Cybersecurity Summit 2017 (Kiev, Ukraine, June 14 - 15, 2017) During the two-day summit, participants will be exposed to cybersecurity best practices, cutting-edge advancements, and emerging innovations in defensive security across a series of categories, including policy and government, Internet of Things (IoT), industrial controls, and more.

upcoming Events

International Conference on Cyber Engagement 2017 (Washington, DC, USA, April 24, 2017) Georgetown University's seventh annual International Conference on Cyber Engagement promotes dialogue among policymakers, academics, and key industry stakeholders from across the globe, and explores the worldwide community’s increasing interconnectivity in this domain.Drawing on the experience of government practitioners, industry representatives and academic scholars, this event brings a multidisciplinary and international approach to the challenges in cyberspace from technical, corporate, legal, and policy perspectives in both the United States domestic and international realms – with several topics targeting private sector interests.

SANS Baltimore Spring 2017 (Baltimore, Maryland, USA, April 24 - 29, 2017) SANS Institute, the global leader in information security training, today announced the course line-up for SANS Baltimore Spring 2017 taking place April 24 – 29. All courses offered at SANS Baltimore are open to civilians and veterans. Included among the course line-up are several master's degree and graduate certificate courses that are eligible for GI Bill benefits through the SANS Technology Institute graduate school.

(ISC)2 Cyber Security Congress 2017 (Calgary, Alberta, Canada, April 26, 2017) The aim of the Cyber Security Congress 2017 is to strengthen cyber security leaders by arming them with the knowledge, tools, and expertise to protect their organizations. In April, 2017 over 150 like-minded professionals will gather for the 1-day congress in Calgary, Alberta, Canada where cyber security experts and industry leaders will share their knowledge, experience and best practices through presentations and interactive panel discussions.

Defence Information 2017 (Cranfield, England, UK, April 26 - 27, 2017) Defence Information 2017 is the major annual communications event of Joint Information Group activities (the JIG reports to the Defence Suppliers Forum) and the Event’s content spans both Information and Support. Our DI’17 Event examines some of the ‘people, process and technology’ issues critical to Team Defence being able to adopt, embed and exploit new (and often disruptive) Information and Communications Technology (ICT) capabilities and associated new ways of working - to productive effect.

Houston Cyber Summit (Houston, Texas, USA, April 27, 2017) Cyber security strategy is a term most often associated with the operational levels of an organization – firewalls, encryption, internal assessments and so on. But even the best technology and monitoring processes won’t mean a thing unless the cyber security strategy aligns with the business strategy. How can organizations prioritize cyber security from the top down and the bottom up at the same time? The Houston Cyber Summit is a one-day conference designed for executives to learn how to protect the business through a proactive cyber security strategy.

Crimestoppers Conference (Eden Project, Bodelva, St Austell , April 27, 2017) Crimestoppers is organising a major one-day conference designed to help local businesses shore up their online security. A range of expert speakers will pinpoint typical cyber pitfalls to avoid. 80% of cyber crime is preventable and just a few key security steps can help avoid damaging your business reputation and finances

Atlantic Security Conference (Halifax, Nova Scotia, Canada, April 27 - 28, 2017) Atlantic Canada's non-profit, annual information security conference. AtlSecCon, the first security conference in Eastern Canada focusing on bringing some of the worlds brightest and darkest minds together with one common goal – to expand the pool of IT Security knowledge beyond its typical confines. AtlSecCon provides an unmatched opportunity for IT Professionals and Managers to collaborate with their peers and learn from their mentors.

SANS Automotive Cybersecurity Summit 2017 (Detroit, Michigan, USA, May 1 - 8, 2017) SANS will hold its inaugural Automotive Cybersecurity Summit to address the specific issues and challenges around securing automotive organizations and their products. Join us for a comprehensive look at automotive assembly, industry suppliers, embedded systems, and safeguarding extended customer and product data. The Summit will include two-days of in-depth presentations from top security experts and seasoned practitioners, hands-on learning exercises, and exclusive networking opportunities.

cybergamut Tech Tuesday: Distributed Responder ARP: Using SDN to Re-Engineer ARP from within the Network (Elkridge, Maryland, USA, and online at various local nodes, May 2, 2017) We present the architecture and initial implementation of distributed responder ARP (DR-ARP), a software defined networking (SDN) enabled enhancement of the standard address resolution protocol (ARP) intended to improve network security and performance by exerting much greater control over how ARP traffic flows through the network as well as over what actually delivers the ARP service. Presented by Mark Alan Matties, PhD of The Johns Hopkins University Applied Physics Lab.

Cyber Security Summit in Dallas (Dallas, Texas, USA, May 5, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from Proofpoint, CenturyLink, IBM and more. Register with promo code cyberwire50 for half off your admission (Regular price $350)

OWASP Annual AppSec EU Security Conference (Belfast, UK, May 8 - 12, 2017) Welcome to OWASP Annual AppSec EU Security Conference, the premier application security conference for European developers and security experts. AppSec EU provides thought leadership, amazing talks, informative sessions, and great social experiences. During the pre-conference (Monday 8th - Wednesday 10th May 2017) there is the opportunity to attend one of the many trainings courses on offer from industry experts, plus project summits and outreach sessions to the future pioneers of the application security industry. The main conference (Thursday 11th & Friday 12th May) offers four full tracks of talks, for pentesters and ethical hackers, developers and security engineers, DevOps practices and GRC/risk level talks for managers and CISOs.

SANS Security West 2017 (San Diego, California, USA, May 9 - 18, 2017) Cybersecurity skills and knowledge are in high demand. Cyber attacks and data breaches are more frequent and sophisticated, and organizations are grappling with how to best defend themselves. As a result, cybersecurity is more vital to the growth of your organization than ever before. Now is the perfect time to take the next step to protect your organization and advance your career. Join us at SANS Security West 2017 (May 9-18) to gain the skills and knowledge needed to help your organization succeed. Choose from over 30 information security courses taught by SANS’ world-class instructors. At SANS Security West 2017, you will get the best hands-on, immersion training and learn what it takes to stop cyber threats.

OWASP AppSec EU (Belfast, Northern Ireland, UK, May 12 - 18, 2017) Welcome to OWASP Annual AppSec EU Security Conference, the premier application security conference for European developers and security experts. AppSec EU provides thought leadership, amazing talks, informative sessions, and great social experiences. During the pre-conference (Monday 8th - Wednesday 10th May 2017) there is the opportunity to attend one of the many trainings courses on offer from industry experts, plus project summits and outreach sessions to the future pioneers of the application security industry. The main conference offers four full tracks of talks, for pentesters and ethical hackers, developers and security engineers, DevOps practices and GRC/risk level talks for managers and CISOs.

EnergySec Security Education Week (Austin, Texas, USA, May 14 - 19, 2017) The Energy Sector Security Consortium, Inc.'s Security Education Week is designed for early to mid career cybersecurity professionals currently employed at electric utilities in North America. Students will receive technical instruction on various topics including threat hunting, network packet analysis, and security assessments. Sessions will also cover operational technology used in the electric sector, and instructional workshops from industry vendors. Students will also participate in facility tours hosted by the Lower Colorado River Authority (LCRA), and evening activities designed to build relationships within industry and strengthen the community of cybersecurity professionals.

K(no)w Identity Conference (Washington, DC, USA, May 15 - 17, 2017) To converge identity experts from across all industries in one space, to be at the nexus of ideas and policies that will fundamentally change identity around the world. Provides business leaders, privacy and security experts, tech innovators, and senior policy makers the forum to discuss the future of identity. By utilizing the world’s best event technology, K(NO)W connects attendees digitally and physically unlike ever before.

Global Cybersecurity Innovation Summit Advancing International Collaboration (London, England, UK, May 16 - 17, 2017) SINET – London creates a forum to build and maintain international relationships required to foster vital information sharing, broad awareness and the adoption of innovative Cybersecurity technologies.

Public Sector Cyber Security Conference: Defending the Public from Cyber-Attacks (Salford, England, UK, May 17, 2017) Join us for the Public Sector Cyber Security Conference where leading experts will explain how to protect the vital services provided by central Government, local councils and the NHS. Learn how to safeguard sensitive data such as medical records and keep IT systems safe from cyber-attacks by states, criminal gangs and cyber terrorists.

PCI Security Standards Council: 2017Asia-Pacific Community Meeting (Bangkok, Thailand, May 17 - 18, 2017) Two days of networking and one-of-a-kind partnership opportunities await you. Whether you want to learn more about updates in the payment card industry or showcase a new product, you’ll find it all at the 2017 Asia-Pacific Community Meeting.

2017 Georgetown Cybersecurity Law Institute (Washington, DC, USA, May 17 - 18, 2017) It is more important than ever that in-house and outside counsel stay abreast of the most current developments and best practices in cybersecurity. At our Institute you will receive insights on the best governance, preparedness, and resilience strategies from experienced government officials, general counsels, and cybersecurity practitioners who face these issues on a daily basis.

Northsec Applied Security Event (Montreal, Québec, Canada, May 18 - 21, 2017) The conference will feature technical and applied workshops hosted in parallel for the most motivated attendees. Topics include application and infrastructure (pentesting, network security, software and/or hardware exploitation, web hacking, reverse engineering, malware/virii/rootkits), cryptography and obfuscation (from theoretical cryptosystems to applied cryptography exploitation, cryptocurrencies, steganography and covert communication systems), and society and ethics.

SANS Northern Virginia - Reston 2017 (Reston, Virginia, USA, May 21 - 26, 2017) This event features comprehensive hands-on technical training from some of the best instructors in the industry and includes courses that will prepare you or your technical staff for DoD 8570 and GIAC approved certification exams. Start making your plans now to attend SANS Northern Virginia - Reston 2017.

Enfuse 2017 (Las Vegas, Nevada, USA, May 22 - 25, 2017) Enfuse™ is a three-day security and digital investigations conference where specialists, executives, and experts break new ground for the year ahead. Enfuse offers unsurpassed networking opportunities, hands-on training, and in-depth exploration of current topics.

2017 Cyber Investing Summit (New York, New York, USA, May 23, 2017) The 2nd Annual Cyber Investing Summit is an all-day conference focusing on investing in the $100+ billion dollar cyber security industry. Attendees will explore the financial opportunities, trends, challenges, and investment strategies available in the high growth cyber security sector. The 2016 Inaugural Cyber Investing Summit welcomed 180+ of the leading cyber professionals, technology analysts, venture capitalists, fund managers, investment advisors, government experts, and more. New this year: separate panels offered throughout the day highlighting publicly traded firms as well as privately owned entities, opportunities to meet one-on-one with corporate executives, and new panel topics (including Investment Strategies & Opportunities, M&A Landscape, Funding for Startups, Government Spending Review, Cyber Sale Lifecycle, and more). Network with investment professionals, asset managers, industry experts, financial analysts, media and more.

Citrix Synergy (Orlando, Florida, USA, May 23 - 25, 2017) Learn how to solve your IT flexibility, workforce continuity, security and networking challenges—and power your business like never before—with the workspace of the future.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.