The CyberWire Daily Briefing 5.16.17

Summary

By The CyberWire Staff

Investigations continue, with some experts suggesting the WannaCry ransomware campaign has the look of a targeted attack gone wrong. It seems far more indiscriminate in its infection rate, which amounts to a pandemic, than even the best-prepared criminal gang could handle. And the Bitcoin wallets established as repositories for ransom payments don't seem equal to the task either.

There's no clear attribution (yet) but several researchers from Google and elsewhere believe they've discerned a similarity between WannaCry's code and some similar cryptors thought to have been used by the Lazarus Group in 2015. The Lazarus Group, of course, is generally connected to North Korea's government, and has been blamed for Dark Seoul attacks against South Korea, the Bangladesh Bank fraudulent fund transfer caper, and the wiper attack against Sony Pictures. This attribution is preliminary and very circumstantial, but suggestive: North Korea is thought to see cybercrime as a source of badly needed revenue as Sino-US sanctions bite deeper into the DPRK's economy.

WannaCry's widely expected second wave hasn't to all appearances hit (yet). Check Point says it's found a less virulent successor version, and Bitdefender thinks last week's attacks are harbingers of many more to come.

The plaintiff's bar is expected to be paying close attention to negligent patching in enterprises that suffered from WannaCry, but Microsoft is not generally thought to have much exposure.

US targets were hit, although relatively lightly compared to Russia, China, India, and Britain. Various US security big-wigs again talk of a "Cyber Pearl Harbor."

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting basically every country on earth, but specifically Australia, China, India, Democratic Peoples Republic of Korea, Russia, United Kingdom, United States and Vietnam

On the Podcast

In today's podcast we hear from David Dufour (of our partners at Webroot) on the basics of exploits and scripts. We also have a guest, Paige Schaffer from Generali Global Assistance, who reviews the Identity Theft Assessment and Prediction Report published by the University of Texas at Austin Center for Identity.

Sponsored Events

The Cyber Security Summit: Seattle (Seattle, Washington, USA, June 1, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from the U.S. Dept of Justice, CenturyLink, root9B, IBM and more. Register with promo code cyberwire50 for half off your admission (Regular price $350)

CyberTech Fairfax (Fairfax, Virginia, USA, June 13, 2017) Cybertech Fairfax: meet tech execs, start-ups, investors & legal, media & mktg pros changing the global cyber landscape. Cybertech Fairfax is a thought-provoking conference on global cyber threats, solutions, innovations and technologies.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

The WannaCry Ransomware Pandemic: Attribution, Kill Switches, Crimes, and Torts (The CyberWire) Organizations continue their recovery from the WannaCry ransomware pandemic amid warnings that the first wave is unlikely to be the last. Enterprises that failed to protect themselves against the known vulnerabilities that enabled the worm to spread the crypto ransomware are thought by legal observers to bear considerable risk of civil litigation. There are also some preliminary gestures toward attribution, with some seeing the hand of the Lazarus Group (associated with North Korea's government) behind the campaign.

'Targeted attack gone wrong': Was the WannaCry ransomware epidemic an accident? (International Business Times UK) Hackers' bitcoin wallets may prove they were 'unprepared' for such a widespread attack.

Security Firms See Potential North Korea Link to Ransomware Attack (VOA) Thousands of computers hit in Asia as workers signed on for the first time since the attacks spread Friday

Researchers: WannaCry ransomware shares code with North Korean malware (Cyberscoop) The ransomware known as WannaCry that spread rapidly to 300,000 machines in 150 countries over the past few days shares code with malware written by a group of North Korean hackers known as the Lazarus Group. While the shared code is important, experts warned that it’s far from proof about who created and launched the ransomware attacks.

NHS computer hack: North Korea and Russia are implicated as phishing attack is ruled out (WIRED UK) The NHS computer hack using Wanna Decryptor ransomware shut down IT systems with 75,000 attacks in 99 countries

WannaCry and Lazarus Group – the missing link? (SecureList) A few hours ago, Neel Mehta, a researcher at Google posted a mysterious message on Twitter with the #WannaCryptAttribution hashtag...

Cyber attack: Latest evidence indicates 'phishing' emails not to blame for global hack (The Telegraph) Latest evidence suggests "phishing" emails are unlikely to have caused the global cyber attack that wreaked havoc at dozens of NHS trusts and hit hundreds of thousands of computers in 150 countries.

New variant of WannaCry ransomware surfaces (CRN Australia) Already stopped from doing damage, says Check Point.

Bitdefender: Recent WannaCry attack is only the first in a series of similar ones (Romania Insider) The recent WannaCry ransomware attack, which spread to more than 100 countries, is only the beginning in a series of similar attacks.

Future cyberattacks will be more complex (Deccan Herald) The components of the global cyberattack that seized thousands of computer systems recently may be more complex than originally believed, a Trump administration official said on Sunday, and experts warned that the effects of the malicious software could linger for some time.

North Korea linked to WannaCry attack, as experts say the NHS should have done more to protect itself (Computing) The Lazarus Group, resposible for the Sony pictures hack of 2014, suspected of perpetrating WannaCry hack

In Ransomware Attack, Where Does Microsoft’s Responsibility Lie? (New York Times) For years, the company has tried to change the perception that its software was vulnerable to hackers. A global cyberattack renewed those issues.

WannaCry could spark lawsuits, but Microsoft not to blame (CRN Australia) Legal experts say software vendor is free from guilt.

What Is WannaCry? Analyzing the Global Ransomware Attack (Recorded Future) What is WannaCry and how does it work? We provide analysis and insight for what has become the largest ransomware attack in history.

WannaCry: here’s what we know now about the outbreak (Naked Security) As the dust settles after Friday’s outbreak, things are becoming clearer and it seems this was an unsophisticated use of a sophisticated tool

What’s next after ‘massive disruption’ from cyber-attack? A view from the trenches (Miami Herald) As the cyber-attack continues to spread around the globe causing massive damage for universities, hospitals, automakers and many other businesses including FedEx, only one thing is certain: It won’t be the last, says Yuri Frayman, CEO of Aventura-based cybersecurity company Zenedge.

Protecting Your Organization from the WCry Ransomware (Fortinet Blog) Ransomware has become the fastest growing malware threat, targeting everyone from home users to healthcare systems to corporate...

What We Know About the WannaCry Ransomware Attack and What You Should Do To Protect Yourself (Securonix) By now, anyone in cybersecurity and many who are not, know that on Friday, May 12, 2017, a large-scale ransomware cyberattack involving the #WannaCry aka WannaCrypt aka WannaCrypt0r 2.0 aka Wanna Decryptor was launched, infecting over 230k systems in 150+ countries.

WannaCry? Three Actions You Can Take Right Now to Prevent Ransomware (Tenable) By now everyone has heard about the ransomware called Wanna, WannaCry or WCry spreading across the globe and locking down the data of some of the world’s largest companies

Understanding the Effect of DoublePulsar and WannaCry Across Industries is the Key to Protecting your Supply Chain (BitSight) This blog examines how the DoublePulsar vulnerability and the WannaCry ransomware worm are affecting major industries.

5 Emergency Mitigation Strategies to Combat WannaCry Outbreak (Data Breach Today) Drop everything and patch all Windows devices against the SMB flaw or else shut them down, security experts warn in the wake of the global outbreak of WannaCry

WannaCry: Sizing Up the Impact in India, Asia (InfoRisk Today) Researchers say India apparently is one of the top five countries affected by the WannaCry ransomware outbreak, which has infected more than 200,000 endpoints

Europol estimates that WannaCry cyber attack has hit about 2,00,000 systems in 150 countries (Tech2 ⋆ New York city blog) Friday’s cyber attack hit 200,000 victims in at least 150 countries and that number could grow when people return to work on Monday, the head of the European Union’s police agency said on Sunday. Cyber security experts say the spread of the virus dubbed WannaCry – “ransomware” which locked up computers in car factories, hospitals, …

The Latest: More US firms believed hit by cyberattack (KLTV) The latest on the global extortion cyberattack that hit dozens of countries (all times local):

WannaCry: What's the Impact on U.S. Healthcare? (Data Breach Today) As organizations around the globe – including hospitals in the United Kingdom - recover from the WannaCry ransomware campaign, healthcare entities in the United

Wanna Decrypter 2.0 ransomware attack: what you need to know (Naked Security) Security experts are firefighting the global outbreak of ransomware that is apparently exploiting a recently patched flaw in Windows

Global cyber attack: Here's how experts are analysing it (Money Control) In an interview to CNBC-TV18, S Ramadorai, Former Chairman of Tata Consultancy Services (TCS) shared his readings and outlook on global cyber attack.

Wanna Cry Ransomware Outbreak Paralyses 2 Lakh Computers Across 150 Countries; India Issues Red Alert (Trak.in - Indian Business of Tech, Mobile & Startups) Wanna Cry, the deadly ransomware which has affected more than 2 lakh computers across 150 countries, has been declared as a critical threat in India. Computer Emergency Response Team of India (CERT-In) has red alert warning against this ransomware, which denotes maximum threat level.

The Latest: 29,000 Chinese institutions hit by cyberattack (Fox Business) The Latest on the global extortion cyberattack that hit dozens of countries on Friday

WanaCry Observations: Big Worm = Big Problems (Anomali) NOTE: Anomali is continuing to investigate and monitor the WanaCry worm and will update this page as we have more information to share. Visit www.anomali.com/wanacry for the latest.On the morning of Friday May 12th a new ransomware threat emerged infecting tens of thousands of computers across the globe at an alarming rate.Figure 1 - WanaDecrypt0r 2.0 Pop up window and splash screen.Named “Wana Decrypt0r 2.0” (a.k.a “WannaCry”, "WCry"), the ransomware was unique

WannaCry benefits from unlearned lessons of Slammer, Conficker (Naked Security) We’ve been here before with malware – so why was WannaCry able to cause such havoc around the world?

The Windows worm is back – and this time it’s serious (Naked Security) Worms are a malware tactic from back in the day – but they still remain tricky to mitigate against

()

Security resellers rally to halt WannaCry ransomware outbreak in Australia (CRN Australia) Channel partners worked through the weekend to protect customers.

'WannaCry': update systems warn Africa's security specialists (ITWeb Africa) The global ransomware attack 'WannaCry', described by cyber security experts as the biggest recorded of its kind and which affected global networks over the weekend, has triggered warnings for African business owners and organisations to be vigilant and update their systems.

WannaCry: How To Defend Against The Ransomware Attack (ValueWalk) WannaCry is arguably the most frightening ransomware attack the world has ever seen. Since Friday, it has hit more than 200,000 victims in

WannaCry? Latest cyberattack is ‘just the beginning’ (Arab News) “This is just the beginning. We are in a cyberwar as we speak,” said Amir Kolahzadeh, founder and chief executive of internet security firm IT Sec. “We expect to see more sophisticated attacks, possibly with targeted demographics or location. Our smart buildings, our smart cars, our smart everything is a target.”

CISO Lessons From The World's Biggest Ransomware Attack (CXO Today) What is termed by experts as the ‘biggest ransomware attack in history’ has put cyber security professionals to a rigorous weekend saving credentials.

Keeping Third-Party Risk First in Cybersecurity (PYMNTS.com) As companies expand and interact with an ever-widening web of vendors, third-party risk deepens as data is shared and, potentially, exposed. In the latest Topic TBD, Gayle Woodbury, managing director at Crowe Horwath, weighed in with PYMNTS’ Karen Webster on why risk control needs to have broad horizons.

Cyberattack has not affected U.S. government, White House says (PBS NewsHour) A global cyberattack has now affected an estimated 300,000 machines in 150 countries.

The United States Is Not Ready for a Cyber-Pearl Harbor (Foreign Policy) The weekend’s massive “ransomware” attack exposed the glaring vulnerabilities in our cybersecurity readiness.

U.S. Cyber Command: Russia hacking “the new normal” (Defense Systems) The head of U.S. Cyber Command argues stronger data protection needed in new threat environment.

Reporters dox WannaCry ransomware kill switch guy (Network World) What kind of sickness causes publications to show gratitude by doxing the “hero” responsible for stopping the WannaCry ransomware attack?

Breach at DocuSign Led to Targeted Email Malware Campaign (KrebsOnSecurity) DocuSign, a major provider of electronic signature technology, acknowledged today that a series of recent malware phishing attacks targeting its customers and users was the result of a data breach at one of its computer systems.

Analysis of Chrysaor Keylogging Mechanism Shows Power of Simple Malicious Code (McAfee) Many attacks on mobile devices use social engineering to initially infect a victim’s system. They download malware and elevate privileges by exploiting vulnerabilities. Mobile malware often uses persistence mechanisms to hide and monitor the victim’s behavior.

Who’s targeting you on Facebook? A browser extension wants your data (Naked Security) But hang on – what happens to the data the campaign collects via its Chrome extension to learn more about election ads on Facebook? We asked the founders

Stealing Windows credentials using Google Chrome (Help Net Security) Attacks that leak authentication credentials using the SMB file sharing protocol on Windows OS are an ever-present issue, exploited in various ways...

Ecommerce: Credit card stealing malware (Media Trust) Ecommerce payment security processes breached resulting in unauthorized access to sensitive information.

Vietnam-Aligned Hackers Attack Foreign Firms, FireEye Says (Bloomberg.com) Cyber espionage attacks against foreign companies operating in Vietnam have been traced to a group of hackers “aligned with Vietnamese state interests,” according to a report from cyber-security provider FireEye.

Cyber Trends

Cybersecurity Studies in Threat Hunting (Bricata) This post reviews several recent cyber security studies including threat hunting, the deluge of alerts, ransomware, insider threats and the skills gap.

Marketplace

Cybersecurity stocks rise in the wake of WannaCry ransomware attack (CRN Australia) Increased trading for Cisco, Sophos and FireEye.

Inside Yahoo's Terrible, Horrible, No Good, Very Bad Security Year (PCMAG) At TechCrunch Disrupt, Yahoo Chief Information Security Officer Bob Lord talks Yahoo's massive data breach and state-sponsored Russian hacking.

Navy buys electronic warfare management system (C4ISRNET) The deal includes 38 ALQ-213 tactical threat displays for the Navy, with 27 going to the U.S. Navy, three to the U.K. and eight to Australia.

Akamai CSO Details Cyber-Security Challenges and Improvements (eWeek) Akamai Technologies operates one of the world's largest content delivery networks (CDNs), as well as providing organizations with security services including distributed denial-of-service (DDoS) protection and web application firewall (WAF) capabilities.

AKUA raises $3 million to bring IoT to shipping containers (Technical.ly Baltimore) The CyberPoint International spinout is looking to disrupt supply chain management. This could be a Baltimore story worth watching.

MasterPeace LaunchPad Showcases Cutting-Edge Technologies During Spring Demo Day (BusinessWire) MasterPeace LaunchPad celebrated a successful spring demo day, which took place on Wednesday, May 10 from 5:00-7:00pm. Attendees were joined by a notable group of state and local influencers and industry speakers to discuss the growing Maryland Cyber startup eco-system.

Quantum entrepreneurs show their stuff (TechSPARK.co) Three of the entrepreneurs on this year’s programme at the Quantum Technology Enterprise Centre (QTEC) have been discussing their technology developments. The entrepreneurs have been using quantum technology to develop handheld sensors to measure water quality and detect bacteria in hospitals, for detecting gas leaks from pipelines via drones and for quantum cryptography. You may …

Austrade, Data61 to promote Australian blockchain talent in New York | ZDNet (ZDNet) Australia will be sending 26 representatives to Consensus 2017 in New York later this month to showcase what the nation has to offer in blockchain technology.

Mosaic451 Opens New Cybersecurity Headquarters in Heart of Phoenix (WMC 5 Action News) Bespoke managed security services provider upgrades facilities with state of the art Security Operations Center to support its worldwide cybersecurity services

Digital Defense, Inc. Named Top Security Company in Skyhigh Cybersecurity Post (PRWeb) Analyst reports, surveys and market share studies put VMaaS leader on top.

CRN Honors LookingGlass' Laurie Potratz with Women of the Channel Distinction (BusinessWire) LookingGlass™ Cyber Solutions, a leader in threat intelligence-driven security, announced today that CRN®, a brand of The Channel Company...

Forcepoint Expands Operations in Europe with New Sales Leadership (PRNewswire) Stefan Maierhofer joins as Area Vice President of Sales for Central and Eastern Europe

Products, Services, and Solutions

Dunbar Releases First Open Source Active Response Platform for Cybersecurity (BusinessWire) To address the security risks caused by "alert fatigue," and to extend enterprise-grade incident management capabilities to businesses of all sizes, Dunbar Security Solutions today launched Cyphon, the industry’s first open source active response platform for collecting data, identifying cyber-attacks and tracking all subsequent work performed.

Guidance Software Announces EnCase® Endpoint Security Version 6 (BusinessWire) Guidance Software, the makers of EnCase®, the gold standard in forensic security, today announced EnCase® Endpoint Security Version 6, a significant redesign of the company’s flagship endpoint detection and response (EDR) product.

eGlobalTech Announces Availability of "DevOps Factory ™" Across U.S. Federal Government, Accelerating Delivery of Secure IT Solutions (PRNewswire) With advanced security and cloud deployment automation tools, this proven DevOps framework provides secure, scalable and cost-effective IT solutions for federal customers

Announcing a USB Drive Appliance to Protect Against Ransomware (PRNewswire) The hacker attacks that hit global networks with ransomware in a dozen nations last Friday, crippling operations from telecommunications and transportation to hospitals, underscores the need for effective protection from malware such as this.

Technologies, Techniques, and Standards

What is NIST's guidance on lightweight cryptography? (SearchSecurity) A recent report on lightweight cryptography from NIST offers recommendations for cryptographic standards. Here's a closer look at the findings and advice.

Protecting Patient Information in the Age of Breaches (University of Illinois at Chicago) In recent times, over 1,000 health care organizations have experienced network breaches causing overwhelming amounts of protected health data to be compromised. Infiltrating the networks of health care facilities is an alarming trend among hackers, but what is the allure? Health care facilities carry some of the most sensitive reserves of data files across the board, supplying hackers with the kind of sensitive information that has limitless potential to not only effect the health care organization that they have infiltrated, but also the patients involved in the breach.

Assessing and Mitigating Risks for Electronic Health Records (University of Illinois at Chicago) Electronic Health Records (EHR) have become common in the US with nine out of every 10 physicians surveyed saying that they have adopted the technology. In fact, EHR adoption and usage has more than doubled from 42% in 2008 to 87% in 2016. What’s more, up to 90% of hospitals have already integrated EHR technology into their systems. American consumers have also jumped onto the digital health bandwagon. In fact, by 2018, 50% of mobile device users will have downloaded 3.4 billion health apps, industry experts forecast. Some of these apps link to wearable devices that track metrics such as steps taken, distance covered, and even heart rate. Industry analysts expect the Internet-of-things era to usher in more ways of capturing and accessing health data.

Cloud Encryption: Bring Your Own Key Is No Longer Enough (IT Security Guru) ‘Trust’ can be both a terrific enabler and a severe inhibitor in cloud services adoption.

Research and Development

Deep Secrets and the Thrill of Discovery | Quanta Magazine (Quanta Magazine) The biologist and author Sean B. Carroll recounts the joys of unexpected revelations.

Academia

OnlineSchoolsCenter.com Name Best Online Schools for Master's in Cyber Security Degree Programs (PRNewswire) OnlineSchoolsCenter.com has released their picks of the 20 best online...

Legislation, Policy and Regulation

How Germany Is Tackling Hate Speech (Foreign Affairs) In April 2017, the German cabinet passed new legislation that enables Germany to fine social media companies up to 50 million euros ($55 million) for not reacting swiftly enough to reports of illegal content or hate speech.

US and allies on high alert as cyberattacks threaten 2017 elections (WJLA) Democratic societies have long been seen as the champions of free speech and the open exchange of information, but those very qualities have increasingly become a vulnerabilities in the digital age, where cyberspace is being used to undermine confidence in

Lead Story – Preventing “A Cyber Pearl Harbor” (Hawaii Herald) Three-star Army General with Hawai‘i roots is leading the charge

Post-WannaCry, Microsoft Slams Spy Agency Exploit-Hoarding (Data Breach Today) Microsoft's chief legal officer has slammed U.S. spy agencies, warning that civilians are at risk if governments stockpile libraries of software vulnerabilities

To Path, or Not to Patch? (Niskanen Center) The world is reeling from tens of thousands of ransomware attacks across almost 100 countries. The attack infected computers at hospitals, companies, and even government ministries in Russia, forcibly encrypting users’ files and demanding ransom be paid in order to access the contents.

Tales From the Crypto Community (Foreign Affairs) If the allegations that the NSA worked to weaken international cryptographic standards and deliberately introduced backdoors into security-critical software and hardware are correct, then the agency has harmed the computer security of the United States (and the world) as much as any malicious attacks to date.

Countering 'little green men': Pentagon special ops studies Russia ‘gray zone’ conflict (Defense News) The Pentagon is studying gray zone conflict – otherwise known as hybrid warfare – beginning with a focus on Russia and later moving on to study Iran and China.

Litigation, Investigation, and Enforcement

Trump revealed highly classified information to Russian foreign minister and ambassador (Washington Post) The president was boasting of the “great intel” he receives when he discussed intelligence provided by a U.S. partner.

White House pushes back against report Trump shared classified info with Russians (POLITICO) "The president did not disclose any military operations that were not already publicly known," national security adviser H.R. McMaster says.

Second Circuit Declares Retailer Victory in Data Breach Case (Sidley Austin LLP) The U.S. Court of Appeals for the Second Circuit ruled on May 3 that a plaintiff who claimed that her credit card information was stolen in a data breach, but who failed to point to any particular out-of-pocket expense or inconvenience, does not have Article III standing to sue.

Chelsea Manning to return to active duty after prison release (Army Times) Pvt. Chelsea Manning is getting out of prison on Wednesday, and because her court-martial conviction is still under appeal, she'll be staying in the Army for the forseeable future.

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

DC CyberWeek (Washington, DC, USA, October 16 - 20, 2017) Join us October 16-20, 2017 for DC CyberWeek, a week-long festival in our nation's capital focused on bringing together cybersecurity experts, decision makers and leaders from the government and tech communities. DC CyberWeek is a series of hundreds of distributed events powered by the tech community and complemented by core conferences, parties and projects created by the festival organizer, CyberScoop. DC CyberWeek is about big ideas and coming together to make an impact on the greater good of our connected world.

upcoming Events

Global Cybersecurity Innovation Summit Advancing International Collaboration (London, England, UK, May 16 - 17, 2017) SINET – London creates a forum to build and maintain international relationships required to foster vital information sharing, broad awareness and the adoption of innovative Cybersecurity technologies.

Public Sector Cyber Security Conference: Defending the Public from Cyber-Attacks (Salford, England, UK, May 17, 2017) Join us for the Public Sector Cyber Security Conference where leading experts will explain how to protect the vital services provided by central Government, local councils and the NHS. Learn how to safeguard sensitive data such as medical records and keep IT systems safe from cyber-attacks by states, criminal gangs and cyber terrorists.

PCI Security Standards Council: 2017Asia-Pacific Community Meeting (Bangkok, Thailand, May 17 - 18, 2017) Two days of networking and one-of-a-kind partnership opportunities await you. Whether you want to learn more about updates in the payment card industry or showcase a new product, you’ll find it all at the 2017 Asia-Pacific Community Meeting.

2017 Georgetown Cybersecurity Law Institute (Washington, DC, USA, May 17 - 18, 2017) It is more important than ever that in-house and outside counsel stay abreast of the most current developments and best practices in cybersecurity. At our Institute you will receive insights on the best governance, preparedness, and resilience strategies from experienced government officials, general counsels, and cybersecurity practitioners who face these issues on a daily basis.

Northsec Applied Security Event (Montreal, Québec, Canada, May 18 - 21, 2017) The conference will feature technical and applied workshops hosted in parallel for the most motivated attendees. Topics include application and infrastructure (pentesting, network security, software and/or hardware exploitation, web hacking, reverse engineering, malware/virii/rootkits), cryptography and obfuscation (from theoretical cryptosystems to applied cryptography exploitation, cryptocurrencies, steganography and covert communication systems), and society and ethics.

SANS Northern Virginia - Reston 2017 (Reston, Virginia, USA, May 21 - 26, 2017) This event features comprehensive hands-on technical training from some of the best instructors in the industry and includes courses that will prepare you or your technical staff for DoD 8570 and GIAC approved certification exams. Start making your plans now to attend SANS Northern Virginia - Reston 2017.

Enfuse 2017 (Las Vegas, Nevada, USA, May 22 - 25, 2017) Enfuse™ is a three-day security and digital investigations conference where specialists, executives, and experts break new ground for the year ahead. Enfuse offers unsurpassed networking opportunities, hands-on training, and in-depth exploration of current topics.

cybergamut Technical Tuesday: Future of System Exploitation (Elkridge, MD, USA, May 23, 2017) This talk describes recent trends in vulnerability research and system exploitation, provides case studies of systems that were compromised that were not believed to be vulnerable (or in novel ways), discusses implications and makes some predictions regarding future trends in the area. It will be presented by: Jason Syversen of Siege Technologies. He's a computer security technologist and entrepreneur with 20 years of experience in technical and leadership roles with cybersecurity, research, and development organizations.

SC Cyber 2017 Summit (Columbia, South Carolina, USA, May 23, 2017) SC Cyber, in partnership with the U.S. Chamber of Commerce and the South Carolina Chamber of Commerce, will host a cybersecurity summit that brings together top experts nationally from government, law enforcement, and the private sector to help small and mid-size business owners develop, evaluate, and strengthen cybersecurity programs. More than 300 attendees are expected, representing industry, government, military, and academia.

2017 Cyber Investing Summit (New York, New York, USA, May 23, 2017) The 2nd Annual Cyber Investing Summit is an all-day conference focusing on investing in the $100+ billion dollar cyber security industry. Attendees will explore the financial opportunities, trends, challenges, and investment strategies available in the high growth cyber security sector. The 2016 Inaugural Cyber Investing Summit welcomed 180+ of the leading cyber professionals, technology analysts, venture capitalists, fund managers, investment advisors, government experts, and more. New this year: separate panels offered throughout the day highlighting publicly traded firms as well as privately owned entities, opportunities to meet one-on-one with corporate executives, and new panel topics (including Investment Strategies & Opportunities, M&A Landscape, Funding for Startups, Government Spending Review, Cyber Sale Lifecycle, and more). Network with investment professionals, asset managers, industry experts, financial analysts, media and more.

Citrix Synergy (Orlando, Florida, USA, May 23 - 25, 2017) Learn how to solve your IT flexibility, workforce continuity, security and networking challenges—and power your business like never before—with the workspace of the future.

CyberSmart 2017 (Fredericton, New Brunswick, Canada, May 24 - 25, 2017) As cybersecurity grows as a significant global challenge, the growing gap between Canada’s cyber workforce demand and supply offers our country both a challenge and an opportunity. CyberSmart 2017 will convene leaders from industry, academia and government to identify and discuss priorities for a Canadian cybersecurity education and workforce development strategy.

AFCEA/GMU Critical Issues in C4I Symposium (Fairfax, Virginia, USA, May 24 - 25, 2017) The AFCEA/GMU Critical Issues in C4I Symposium brings academia, industry and government together annually to address important issues in C4I technology and systems R&D. The agenda for 2017 will include: Challenges of Increasingly Autonomous Systems, The Collaborative Spectrum Grand Challenge, Spectrum Usage as a Critical Enabler for the US, Modernization of the Global C4ISR Enterprise, Breakthroughs in Military Simulation, Government Solutions to the Optics of ISR, Emerging Solutions and Challenges in SCADA/IOT, Cloud Migration and Interoperability, Modeling & Simulation to Streamline Procurement, and Secure Mobility Challenges.

SECON 2017 (Jersey City, New Jersey, USA, May 25, 2017) Social engineering impacts security. (ISC)2 New Jersey Chapter is a 501(c)(3) not-for-profit charitable organization. Our chapter’s mission is to disseminate knowledge, exchange ideas, and encourage community outreach efforts, for advancement of information security practice and awareness in our society. We also strive to provide enjoyable opportunities for professional networking and growth.

Cyber Southwest (Tucson, Arizona, USA, May 27, 2017) CSW will be dedicated to furthering the discussion on cyber education and workforce development in Arizona, healthcare cybersecurity, and technical training in areas such as threat intelligence, insider threats, and protecting critical infrastructure. CSW will focus on creating a positive, unique, and highly productive unification point to further Arizona’s developing leadership in cybersecurity. Subject Matter Experts (SMEs) will be on hand to share information on the latest cybersecurity trends, best practices, and key innovations.

SANS Atlanta 2017 (Atlanta, Georgia, USA, May 30 - June 4, 2017) Learn the most effective steps to prevent attacks and detect adversaries with actionable techniques that you can directly apply when you get back to work. Take advantage of tips and tricks from the experts so that you can win the battle against a wide range of cyber adversaries who want to harm your digital environment.

Cyber Security Summit: Seattle (Seattle, Washington, USA, June 1, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Seattle. Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: Seattle is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

SANS Houston 2017 (Houston, Texas, USA, June 5 - 10, 2017) At SANS Houston 2017, SANS offers hands-on, immersion-style security, security management, and pen testing training courses taught by real-world practitioners. The site of SANS Houston 2017, June 5-10, is Royal Sonesta Hotel Houston, located in the heart of the Galleria area of Uptown Houston.

Cyber Resilience Summit: Measuring and Managing Software Risk, Security and Technical Debt (Brussels, Belgium, June 6, 2017) The Consortium for IT Software Quality is bringing the Cyber Resilience Summit to Europe, to take place on 6 June 2017 in Brussels, Belgium, the vibrant heart of political Europe and headquarters of the European Commission. All are invited to attend! The theme of the Summit is “Measuring and Managing Software Risk, Security and Technical Debt.” Discussion will focus on the latest strategic thinking from innovative American and European CIOs and IT policy makers.

National Cyber Security Summit (Huntsville, Alabama, USA, June 6 - 8, 2017) The National Cyber Summit is the preeminent event for cyber training, education and workforce development aimed at protecting our nation’s infrastructure from the ever-evolving cyber threat. The summit attracts commercial and defense companies as well as healthcare, automotive and energy industries.

Infosecurity Europe 2017 (London, England, UK, June 6 - 8, 2017) Infosecurity Europe is the region's number one information security event featuring Europe's largest and most comprehensive conference programme and over 360 exhibitors showcasing the most relevant information security solutions and products to 13,500 visitors.

Cyber 8.0 Conference (Columbia, Maryland, USA, June 7, 2017) Join the Howard County Chamber of Commerce for their 8th annual cyber conference, where they will explore innovation, funding, and growth. Participants can expect riveting discussions from cyber innovators and entrepreneurs, from leading venture capitalists and financiers, and from government agencies who look to our industry base for technologies and solutions.

2017 ICIT Forum: Rise of The Machines (Washington, DC, USA, June 7, 2017) The 2017 ICIT Forum brings together over 300 cybersecurity executives from across critical infrastructure sectors to receive the latest ICIT research from our experts, share knowledge, develop strategies and identify next-generation technologies to improve their resiliency. Topics include Artificial Intelligence, IoT, Advanced Analytics, APT Profiles, Blockchain, Cloud and more!

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.