The CyberWire Daily Briefing 5.24.18

Summary

By The CyberWire Staff

Cisco's Talos research unit yesterday reported its discovery of VPNFilter, a modular and stealthy attack that's assembled a botnet of some five-hundred-thousand devices, mostly routers located in Ukraine. There's considerable code overlap with the Black Energy malware previously deployed in attacks against Ukrainian targets, and the US Government has attributed the VPNFilter campaign to the Sofacy threat group, a.k.a. Fancy Bear, or Russia's GRU military intelligence service.

Ukrainian cybersecurity authorities think, and a lot of others agree with them, that Russia was gearing up a major cyberattack to coincide with a soccer League Championship match scheduled this Saturday in Kiev as part of the run-up to the World Cup. They also think it possible an attack could be timed for Ukraine's Constitution Day, June 28th.

The US FBI has seized a key website used for VPNFilter command-and-control, which US authorities hope will cripple the campaign. The Justice Department says that VPNFilter could be used for "intelligence gathering, theft of valuable information, destructive or disruptive attacks, and the misattribution of such activities."

Dragos has an update on XENOTIME, the threat actor behind the TRISIS malware used to disable Schneider Electric Triconex instrumented industrial safety system. The TRISIS attack last December disrupted operations at a Middle Eastern petrochemical facility. Targeting safety systems represents a dangerous escalation. Dragos is moderately confident that XENOTIME will prepare further campaigns.

GDPR comes into full effect tomorrow, attended by much advice for enterprises.

A US Federal court says President Trump can't block you from his Twitter feed.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting China, European Union, Russia, Ukraine, United Kingdom, and United States.

Learn four incident response lessons from high-profile breaches.

Most enterprises know that they are constantly under attack but haven’t fully embraced some lessons to be learned from real-world, high-profile security incidents. Watch this free webinar, presented by experts from Coalfire and Arete Advisors, to learn four practical lessons that will help you avoid damaging losses and minimize negative impacts of cybersecurity incidents.

Podcast Summary

In today's podcast, we hear from our partners at Virginia Tech's Hume Center, as Charles Clancy discusses how cell towers track you even when you've disabled location services (and why he thinks that’s a good thing). Our guest is Erez Yalon from Checkmarx, presenting research into Amazon Echo eavesdropping vulnerabilities.

Cyber Attacks, Threats, and Vulnerabilities

Stealthy, Destructive Malware Infects Half a Million Routers (WIRED) Cisco researchers discover a new router malware outbreak that might also be the next cyberwar attack in Ukraine.

Exclusive: FBI Seizes Control of Russian Botnet (The Daily Beast) The FBI operation targets a piece of sophisticated malware linked to the same Russian hacking group that hit the Democratic National Committee in 2016.

New VPNFilter malware targets at least 500K networking devices worldwide (Talos) A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group

VPNFilter: a nation state campaign for surveillance and destruction (Juniper Networks) VPNfilter is a campaign to compromise small office and home routers as well as Network Attached Storage devices from several popular manufacturers. According to a Cisco Talos blog, there are upward of 500,000 infected devices already and the list may not be exhaustive. The malware used has survei...

VPNFilter – is a malware timebomb lurking on your router? (Naked Security) A Cisco paper reports on zombie malware that has apparently infected more than 500,000 home routers.

VPNFilter malware compromises over 500,000 networking devices around the world (Help Net Security) Cisco Talos researchers have flagged VPNFilter, a huge botnet of small and home office routers and NAS devices, capable of collecting communications and data and launching cyber attacks.

Destructive 'VPNFilter' Attack Network Uncovered (Dark Reading) More than 500K home/SOHO routers and storage devices worldwide commandeered in potential nation-state attack weapon - with Ukraine in initial bullseye.

Finger of blame pointed at Russia over malware infecting 500,000 routers and storage devices (Computing) Linksys, MikroTik, Netgear and TP-Link routers and storage devices affected

Kremlin planning Champions League cyber attack, Ukrainian state agency claims (Sky News) Security agencies and businesses are warning that an attack is being prepared to disrupt the final in Ukraine's capital.

U.S. seeks to take control of infected routers from hackers (Reuters) The U.S. government said late on Wednesday that it would seek to wrestle hundreds of thousands of infected routers and storage devices from the control of hackers who security researchers warned were planning to use the "botnet" to attack Ukraine.

What would a cyberattack in Ukraine mean for the U.S. government? (Fifth Domain) U.S. tech company Cisco says that hundreds of thousands of routers have been compromised in preparation for what could be a major cyberattack against Ukraine.

XENOTIME (Dragos) XENOTIME is an activity group targeting ICS operations.

Backdoor Account Found in D-Link DIR-620 Routers (BleepingComputer) Security researchers have found a backdoor account in the firmware of D-Link DIR-620 routers that allows hackers to take over any device reachable via the Internet.

Proofpoint uncovers new cryptocurrency scam (iTWire) Cybersecurity firm Proofpoint has uncovered a new cryptocurrency giveaway scam targeting Ethereum and Bitcoin which it says uses emails and Twitter to...

CryptON Ransomware Installed Using Hacked Remote Desktop Services (BleepingComputer) A new and active campaign for the CryptON Ransomware is currently underway where attackers are hacking into computers with Internet accessible Remote Desktop Services. Once the attackers gain access to the computer they manually execute the ransomware and encrypt your files.

Malicious Edge and Chrome Extension Used to Deliver Backdoor (TrendLabs Security Intelligence Blog) The downloader malware's payload is what makes it notable. It delivers a version of the Revisit remote administration tool, which is used to hijack the infected system. More importantly, it also delivers a malicious extension that could serve as a backdoor, stealing information keyed in on browsers.

Bombs away: A closer look at terror tatics used by cyber criminals on you (AMEInfo) In the last four months, 35 cyber attacks had a low impact on UAE businesses, and another 85 had a medium effect, as reported by WAM. Low or Medium, these attacks are always scary.

Hackers Find New Method of Installing Backdoored Plugins on WordPress Sites (BleepingComputer) Hackers have come up with a never-before-seen method of installing backdoored plugins on websites running the open-source WordPress CMS, and this new technique relies on using weakly protected WordPress.com accounts and the Jetpack plugin.

Corporation Service Company breach exposes PII on 5,678 customers (SC Media US) During routine security monitoring, the company, whose clients include Fortune 500 firms, discovered that an unauthorized third party had infiltrated its systems and stolen PII.

Facebook Sites Dominate Social Network Phishing in Q1 2018: Kaspersky Lab (Dark Reading) The findings come from Kaspersky Lab's new 'Spam and Phishing in Q1 2018' report.

Security Patches, Mitigations, and Software Updates

VPNFilter botnet has hacked 500,000 routers. Reboot and patch now! (The State of Security) VPNFilter, is believed to be likely to be controlled by a state-sponsored hacking group variously known variously as APT28, Pawn Storm, Sandworm, Fancy Bear and Sofacy.

Remotely exploitable flaw patched in Dell EMC RecoverPoint (iTWire) A senior penetration tester at security vendor Foregenix has found six vulnerabilities, one of them remotely exploitable, in Dell EMC RecoverPoint dev...

Surprise! Student receives $36,000 Google bug bounty for RCE flaw (Naked Security) What’s the only thing better than a bug bounty reward? A bug bounty reward you weren’t expecting. Especially one that’s worth $36,337.

Cyber Trends

OPINION: Listen to the police (Funds Europe) It’s not often that police address an asset management conference, but Sergeant Charlie Morrison of the City of London police did so this month at the Investment Association’s (IA) first cyber security conference for asset management.

Pressures impacting security pros are up, threats are turning up the heat (Help Net Security) Pressures impacting security pros are up, driven largely by a steep rise in sophisticated malware, continued deficit of high-level security talent and budget constraints. This report marks the fifth consecutive year pressures have increased year over year.

Survey Reveals More Than 1 in 3 Healthcare Organizations Have Suffered a Cyberattack While 1 in 10 Have Paid a Ransom (BusinessWire) Imperva announced a survey showing more than 1:3 healthcare organizations suffered a cyberattack within the last year while 1 in 10 paid a ransom

Cybersecurity Threats: 85 Percent of Security Professionals Predict a Major Attack (Security Intelligence) Eighty-five percent of security professionals believe cybersecurity threats will lead to an attack on major critical infrastructure within the next five years, according to a recent survey.

Is Threat Intelligence Garbage? (Dark Reading) Most security professionals in a recent survey said that threat intelligence doesn't work. So why all the hype?

Marketplace

GDPR Inc.: Profiting From Strict New Security Rules (Barron's) While most chief privacy officers are sweating bullets, some firms couldn't be more delighted by the looming May 25 deadline for General Data Privacy Regulation.

Brick by Brick - Israel and its Cybersecurity Powerhouse (Innovation & Tech Today) Israel is blessed with many opponents, and as such, it developed core competencies mostly in the defense sector in order to be able to protect itself ” – Dudu Mimran, CTO of the Cyber Security Research Center at Ben-Gurion University...

Huawei founder urges employees not to harbour anti-US sentiments (South China Morning Post) Ren Zhengfei, the founder and chief executive of telecoms equipment maker Huawei, says employees must possess a “sense of crisis” amid simmering tensions between China and the US

The DC Cybersecurity Think Tank Caught Using Fake Twitter Accounts Has Lost Sponsors, And Its Shady Cofounder Is Gone (BuzzFeed) Following a BuzzFeed News investigation, Institute for Critical Infrastructure Technology cofounder James Scott has “voluntarily decided to step away” and a law firm will review claims about him.

Parsons expands in cyber, C5ISR markets (Jane's 360) Parsons announced on 21 May that it had expanded its business operations in the cyber, space, and command, control, communications, computers, combat systems, intelligence, surveillance, and reconnaissance (C5ISR) domains through the acquisition of Polaris Alpha from Arlington Capital Partners.

Sentry raises $16M Series B from NEA and Accel to help developers squash bugs more quickly (TechCrunch) Created to help app developers find and fix bugs more efficiently, Sentry announced today that it has raised a $16 million Series B led by returning investors NEA and Accel. Both firms participated in Sentry’s Series A round two years ago. Co-founder and CEO David Cramer tells TechCrunch that the n…

Mitek Systems acquires French artificial intelligence firm for $50 million (San Diego Union-Tribune) The deal boosts Mitek's document verification capabilities for digital transactions and expands its footprint overseas.

Fast-growing California cybersecurity firm set to hire 50 in Eugene (Portland Business Journal) A California cybersecurity firm is setting up shop in Eugene.

Products, Services, and Solutions

Facebook is asking users worldwide to review their privacy settings (TechCrunch) Starting this week, Facebook will begin asking users worldwide to review their privacy settings with a prompt that appears within the Facebook app. The experience will ask you to review how Facebook uses your personal data across a range of products, from ad targeting to facial recognition. This re…

iovation Introduces New Capabilities to its Fraud Prevention Solution (PR Newswire) iovation, the leading provider of device reputation and behavioral...

Silent Circle Launches GoSilent Server: The New Standard for Security-Minded Enterprises (BusinessWire) Silent Circle today announced the general availability of the GoSilent Server.

UL and Cybersecurity – Who Knew? (Brilliance Security) It’s very possible that you have spent your entire career in the building electronic security business and never associated UL with anything other than that little UL-in-a-circle sticker that shows up on electronic system components.

Industry Leaders Develop First Blockchain-based GDPR Solution (BusinessWire) BDO USA, LLP and IntraEdge today announced a strategic collaboration to support the launch of GDPR Edge™, powered by Intel® Software Guard Extensions

New Lastline Breach Protection Provides Security Teams With Superior Awareness of Threats Operating Inside Their Networks (PR Newswire) Lastline®, the leader in advanced network-based malware...

VMware, Okta Unveil Pact to Take on Microsoft in Mobile Security (Bloomberg.com) VMware Inc. and Okta Inc. unveiled a partnership meant to challenge Microsoft Corp. in the market for mobile-device security systems, as corporate employees increasingly work at home or on the road.

The 6 best apps for keeping your private messages safe from hackers, spies, and trolls (Business Insider) The best secure messaging services have end-to-end encryption, which only lets the sender and the intended recipient see the message. Here are 6 ways to have a truly private conversation.

Technologies, Techniques, and Standards

It's time to embrace GDPR (Help Net Security) It’s time to embrace GDPR, it affects everyone. Consumers should hold organizations responsible for the way their data is treated, and businesses need to take this opportunity to get their houses in order.

University CIO: 'If I had a pound for every time I heard a piece of software can make you GDPR compliant…' (Computing) Heidi Fraser-Krauss, Director of Information Services & Acting Academic Registrar at the University of York, describes her organisation's journey towards GDPR compliance

The irony of the non-compliant GDPR consent email (Computing) GDPR desperation is reaching fever pitch

Cyber warfare in payments gets intelligent (bobsguide) Artificial intelligence has come on leaps and bounds in the past few years, with big data and cyber security adding much to financial service firms’ means of protection.

Surviving a Ransomware Attack (CIO) A ransomware attack can be devastating, and no business is immune from the threat. Here’s how to avert disaster.

Security spring cleaning: Tidying up messy firewall rules to reduce complexity (Help Net Security) At the core of each firewall is a policy made up of rules designed to enforce what access is permitted. Although there is risk associated with any access, by limiting permitted access, organizations can strengthen their risk profile. However, poor firewall management can have the opposite effect.

Are DoD’s cyber forces too focused on the network? (Fifth Domain) Some believe the Department of Defense should move away from typical information network defense and expand its coverage to include industrial control and data acquisition systems more extensively.

Design and Innovation

Down to the Wire: Can this Encrypted Messenger Kill Email? (Computer Business Review) Wire specialises in encrypted communications ranging from video calls to file sharing. So what's the business model - and is it secure?

Facebook’s new two-factor authentication process no longer requires a phone number (The Verge) You can use an authenticator app instead

IBM combines AI and blockchain to turn your phone into a counterfeit detector (The Next Web) IBM Research today unveiled its Crypto Anchor Verifier, an AI-powered counterfeit detector that verifies an item’s authenticity using your phone’s camera and blockchain technology. How it works: You pull out your phone, open an app, and take a pic of, for example, a diamond. IBM’s AI determines what is unique about this particular diamond, and …

The ultimate insomnia cure? New GDPR law becomes bedtime story for grown-ups (Calm Blog) New laws aren’t meant to be exciting – but this one could sedate a buffalo. GDPR, the new EU legal regulation on data privacy, has been keeping many folks awake at night of late – including many who work for North American businesses, since they also have to comply if they have EU customers.

Research and Development

New York University Scientists Trace Cybercrime Banking Networks and Win Best Research Paper Award (BusinessWire) New York University researchers at the APWG cybercrime research conference demonstrated their method for exposing fraudsters' bank accounts

GRIMM’s New Michigan Cybersecurity Research Lab (GRIMM & SCYTHE) GRIMM has been a long time advocate of building Connected and Automated Vehicles (CAV) with a security-by-design approach.

Cloud Security Alliance Releases The State of Post-Quantum Cryptography (PR Newswire) The Cloud Security Alliance (CSA), the world's leading organization dedicated...

What Should Post-Quantum Cryptography Look Like? (Dark Reading) Researchers are tackling the difficult problem of transitioning toward a new mode of cryptographic protections that won't break under the pressure of quantum computing power.

GUEST ESSAY: DHS tackles supply-chain issues over malware-laden smartphones (Security Boulevard) At the Black Hat security conference last August, researchers from the security firm Kryptowire announced that they’d discovered Amazon’s #1-selling unlocked Android phone, the BLU R1 HD, was sending Personally Identifiable Information (PII) to servers in China. The culprit was a piece of firmware update software created by AdUps Technologies, a company based in Shanghai.

Academia

Number of women on the rise in DSU’s Beacom College (Dakota State University) Cyber sciences may be a male-dominated field, but the number of women majoring in technology programs at Dakota State University is on the rise.

Legislation, Policy, and Regulation

Brit Attorney General: Nation state cyber attack is an act of war (Register) And we'll, erm, name and shame bad actors MORE LOUDLY

UK: States Attacked in Cyberspace Have Right to Self-Defense – Military Official (Sputnik) The United Kingdom believes that countries targeted by cyberattacks can resort to the right of self-defense to retaliate against the state which attacked them, UK Attorney General Jeremy Wright said on Wednesday.

A Data Protection Officer's Guide to the Post-GDPR Deadline Reality (Dark Reading) The EU's General Data Protection Regulation deadline is here -- now what? These four tips can help guide your next steps.

GDPR Enforcement Priorities: What Will Regulators Be Looking For? (eSecurity Planet) We look at the actions regulators are most likely to take to enforce the new EU data privacy and security rule that takes effect this week.

Exclusive: U.S. Government Can’t Get Controversial Kaspersky Lab Software Off Its Networks (The Daily Beast) The law says American agencies must eliminate the use of Kaspersky Lab software by October. U.S. officials say that’s impossible—it’s embedded too deep in our infrastructure.

Is the (Temporary) Elimination of a Cyber Coordinator a Bad Thing? (CyberDB) In May 2018, the White House eliminated the position of National Cybersecurity Coordinator. The move has been met with much pushback from some in the cybersecurity community and even politicians. Democratic lawmakers were seeking to propose legislation to restore the position. In a statement made by the National Security Council the move was to “streamline …

White House doesn’t like Congress’ plan to kill DISA (C4ISRNET) The White House wants to eliminate a provision in the House’s draft of the annual Pentagon policy bill that would shutter the Defense Information Systems Agency.

US Senator Ron Wyden to Pentagon: Encrypt your websites (Register) CIO Dana Deasy, your certificate is from Akamai. Why?

Lawmakers look to fortify federal cyber defenses ahead of 2018 midterms (Cyberscoop) The bill is an effort to shore up U.S. cyber defenses by, among other measures, urging agencies to fully implement an executive order on cybersecurity that President Donald Trump issued last year.

Litigation, Investigation, and Law Enforcement

Google in court over ‘clandestine tracking’ of 4.4m iPhone users (Naked Security) The search giant could be looking at a giant fine of up to $4.3b.

Trump Cannot Block Twitter Users From His Account, Court Rules (New York Law Journal) U.S. District Judge Naomi Buchwald ruled Wednesday that the @realDonaldTrump Twitter account falls under the U.S. Supreme Court's public forum doctrine.

Blocking of Twitter Users from @RealDonaldTrump Violates First Amendment (Reason.com) So holds a federal district court today, in Knight First Amendment Institute v. Trump.

Pompeo Affirms, Reluctantly, That Russia Tried to Help Trump Win (Bloomberg.com) Secretary of State Mike Pompeo acknowledged after prodding by lawmakers that he backs the finding by U.S. intelligence agencies.

Dem, GOP leaders to get classified briefing on Russia probe (CTVNews) House and Senate lawmakers from both parties are set to meet with top intelligence officials Thursday for classified briefings as U.S. President Donald Trump raises new suspicions about the federal investigation into his 2016 campaign.

Sources: FBI Agents Want Congress To Issue Them Subpoenas So They Can Reveal The Bureau’s Dirt (The Daily Caller) Sources tell The Daily Caller several FBI agents want congressional subpoenas to testify about the agency's problems. The sources claim there is a demand within the agency to prosecute former Deputy

Pompeo: No 'deep state' at State or CIA (POLITICO) “The employees that worked for me at the CIA nearly uniformly were aimed at achieving the president’s objectives and America’s objectives,“ Pompeo said.

Trump Son-In-Law Kushner To Regain Top Clearance Following Mueller Interview (NPR.org) White House senior adviser Jared Kushner met with the special counsel's office for seven or eight hours and may now be out of the woods legally — or on his way.

Server? What server? Site forgotten for 12 years attracts hacks, fines (Naked Security) The University of Greenwich might not have noticed the website but hackers did.

Few Rules Govern Police Use of Facial-Recognition Technology (WIRED) Groups call for Amazon to stop selling facial-recognition tech to police departments after documents reveal the practice.

'Poor culture' rife in justice department, investigation finds (The Age) A "clearly inappropriate" culture at the justice department was uncovered during an investigation into a cyber attack on the road safety camera system.

Industry Events

For a complete running list of events, please visit the Event Tracker.

Upcoming Events

SecureWorld Atlanta (Atlanta, Georgia, USA, May 30 - 31, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

RISKSEC (New York, New York, USA, May 31, 2018) Welcome to the 2018 New York City RiskSec Conference. As SC Media approaches our 30th anniversary, we fully understand the avalanche of cybersecurity-related problems, responsibilities and aspirations you face. Like no other time before, data security is crucial to you and your corporate executives. With an avalanche of massive data breaches that compromised millions of users’ data and cost senior-level executives their jobs and the endless other types of attacks that leveraged both new and traditional techniques, 2017 seemed yet another banner year for the infosec industry. We expect this year will be just as active as our attendees will face the challenge of both the criminal element and nation states stepping up their aggressive activities. On top of these, insider threats, supply chain vulnerabilities, regulatory demands and increasing dependence on IoT, AI, cloud apps, mobile devices and still other technologies will continue to convolute your tactical and strategic cybersecurity aims.

Cyber:Secured Forum (Denver, Colorado, USA, Jun 4 - 6, 2018) Cyber:Secured Forum will feature in-depth content on cybersecurity trends and best practices as related to the delivery of physical security systems and other integrated systems. Content is being collaboratively developed by SIA and PSA Security Network’s education teams and will feature top cybersecurity leaders. Additionally, sponsor exhibits will help showcase solutions related to cybersecurity, integrated systems and physical security solutions.

Campaign Cyber Defense Workshop (Boston, Massachussetts, USA, Jun 4, 2018) The Campaign Cyber Defense Workshop brings together experts from the region’s industry, university, and government organizations to address campaign security and effective practices for maintaining campaign integrity -- covering everything from data security to countering reputation attacks.

Gartner Security and Risk Management Summit 2018 (National Harbor, Maryland, USA, Jun 4 - 7, 2018) Prepare to meet the pace and scale of today’s digital business at Gartner Security & Risk Management Summit 2018. Transform your cybersecurity, risk management and compliance strategies and build resilience across the enterprise through leading-edge research and thinking on key topics such as agile architectures, BCM, cloud security, privacy and securing Internet of Things (IoT).

Securing Federal Identity (Washington, DC, USA, Jun 5 - 6, 2018) Securing Federal Identity 2018, a highly focused and high-energy event, will feature an in-depth view of the future of federal government policies and technology developments for securing federal identity and access control of facilities and network systems. Experts from the federal government and the security industry will fill the conference agenda and exhibits area to present and future direction of the government’s efforts to manage identities and control access across all federal agencies.

New York State Cybersecurity Conference (Albany, New York, USA, Jun 5 - 7, 2018) June 2018 marks the 21st annual New York State Cyber Security Conference and 13th Annual Symposium on Information Assurance (ASIA). Hosted by the New York State Office of Information Technology Services, in partnership with the University at Albany's School of Business, and The New York State Forum, Inc., the conference is part of a statewide effort to boost cyber security awareness and empower state and local governments, academia, organizations and citizens to take better control of their digital security.

The Cyber Security Summit: Boston (Boston, Massachusetts, USA, Jun 5, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts. Learn from cyber security thought leaders and Engage in panel discussions focusing on trending cyber topics such as Sr. Leadership’s Best Approach to Cyber Defense, What’s Your Strategic Incident Response Plan?, Protecting your Enterprise from the Human Element and more. Your registration includes a catered breakfast, lunch, and cocktail reception. Receive half off your admission with promo code cyberwire50 at CyberSummitUSA.com and view details including the full agenda, participating solution providers & confirmed speakers. Tickets are normally $350, but only $175 with promo code.

SecureWorld Chicago (Chicago, Illinois, USA, Jun 5, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

NSA 2018 Enterprise Discovery Conference (Ft. Meade, Maryland, USA, Jun 5 - 6, 2018) Hosted by the National Security Agency and the Federal Business Council (FBC). The EDC is the largest event held at NSA with over 1500 attendees from around the world. EDC provides a collaborative learning experience for professionals in the SIGINT Development field across the U.S. Intelligence Community and the other 5-Eyes partner nations: Australian Signals Directorate (ASD), Communications Security Establishment, Canada (CSE), Government Communications Headquarters, Great Britain (GCHQ), and Government Communications Security Bureau, New Zealand (GCSB).

Cyber//2018 (Columbia, Maryland, USA, Jun 6, 2018) Cyber touches all aspects of our life from the myriad of devices we have brought into our homes to those we employ on the job to increase and improve our productivity. Please join us for our 9th annual cyber conference, where we tackle some of the most relevant topics surrounding operating within the cyber landscape.

TU-Automotive Cybersecurity (Novi, MIchigan, USA, Jun 6 - 7, 2018) Co-located with the world's largest automotive technology conference & exhibition. The conference unites players from research labs, automakers, tier 1’s, security researchers, and the complete supply chain to plan for the imminent future.

SINET Innovation Summit 2018 (New York, New York, USA, Jun 7, 2018) Connecting Wall Street, Silicon Valley and the Beltway. SINET New York connects the United States’ three most powerful institutions and evangelizes the importance of industry, government and academic collaboration on security initiatives.

Transport Security and Safety Expo (Washington, DC, USA, Jun 11 - 12, 2018) Security incidents are expected to cost the world $6 trillion annually by 2021, making now the time to find out more at the 2018 Transport Security and Safety Expo. The transportation industry is rapidly digitizing, leading to greater risks and potential impacts from cyber and physical events. Understanding how to better safeguard operations and protect critical networks and infrastructure from damage is paramount, and opportunities like TSSX18 that bring the industry together for training and solutions are welcomed by SANS.

Transport Security & Safety Expo (Washington, DC, USA, Jun 11 - 12, 2018) The conference is devoted to the challenges and opportunities surrounding ensuring the safety and security of passengers and cargo in the digital age.

Dynamic Connections 2018 (Palm Springs, California, USA, Jun 12 - 14, 2018) Together with you, our customers and partners, we’ll come together for 2 ½ days to learn, explore and create the possible at Dynamic Connections 2018 (DC18). To get ahead of the most critical, most pervasive threat we face in the digital domain today, we must reach into the future and pull tomorrow’s innovation forward.

Norwich University Cyber Security Summit (Northfield, Vermont, USA, Jun 18 - 20, 2018) Norwich University’s College of Graduate and Continuing Studies (CGCS) is pleased to announce the second annual Cyber Security Summit in June 2018. The summit, presented in a continuing education format, welcomes Norwich alumni and others interested in exploring and discussing the latest in cyber security policy from both the federal level and the practical application of that policy on a local or business level.

Insider Threat Program Management With Legal Guidance Training Course (Tyson's Corner, Virginia, USA, Jun 19 - 20, 2018) This training will provide the ITP Manager, Facility Security Officer, and others (CIO, CISO, Human Resources, IT, Etc.) supporting an ITP, with the knowledge and resources to develop, manage, or enhance an ITP. A licensed attorney with extensive experience in Insider Threats and Employment Law, will provide legal guidance related to ITP's, the collection, use and sharing of employee information, and employee computer user activity monitoring. Insider Threat Defense has trained over 500+ organizations and has become the "Leader-Go To Company" for ITP Management Training.

GovSummit (Washington, DC, USA, Jun 27 - 28, 2018) GovSummit -- the government security conference hosted annually by the Security Industry Association -- brings together government security leaders with private industry technologists for top-quality information sharing and education on security topics affecting federal, state and even local agencies.

The Cyber Security Summit: DC Metro (Tysons Corner, Virginia, USA, Jun 28, 2018) Learn from cyber security experts from The U.S. Department of Justice, The NSA, Pulse Secure, CenturyLink and more as they brief you on the latest security threats facing your business. This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers. Receive $95VIP admission with promo code cyberwire95 at CyberSummitUSA.com ($350 without code). Your registration includes a catered breakfast, lunch, and cocktail reception. Passes are limited. Secure your ticket while space permits.

Impact Optimize2018 (Rosemont, Illinois, USA, Jun 28, 2018) Impact Optimize2018, the first-ever IT and Business Security Summit hosted by Impact, will provide attendees with actionable steps that enable the betterment of information, network and cybersecurity. All of the information presented will be designed to facilitate growth and eliminate risk for organizations of all sizes and across all vertical markets, with security as the firm foundation of every solution. The event will include presentations by subject matter experts, breakout sessions among business leaders and live demonstrations of enterprise security and business software.

Nuclear Asset Information Monitoring and Maintenance (Warrington, England, UK, Jul 3 - 4, 2018) On July 3rd and 4th in Warrington United Kingdom, nuclear industry leaders will meet for the IoE Events Nuclear Asset Information, Monitoring and Maintenance conference to further develop the sector’s strategic ability to leverage the appropriate people, processes and technology to achieve organisational goals through an enterprise wide integrated asset information strategy.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listeners all over the world, companies trust the CyberWire to get the message out. Learn more.

VPNFilter looks like battlespace prep. XENOTIME, the threat group behind TRISIS, may return. GDPR is coming.