The CyberWire Daily Briefing 7.25.18

Summary

By The CyberWire Staff

Warning comes from several official quarters that Russian hacking of American infrastructure, especially the power grid, is a looming threat. Several reports, rendered both to Congress and the media, describe extensive battlespace preparation and successful compromise of electrical power infrastructure control centers. Industry sources vigorously second the warnings. (Security industry comments run from, "well this is the new normal," to "we've known this for years—what took you so long?") In truth, as some point out, such alerts have been sounded for some years, but they're being delivered with unusual urgency this time around.

The warnings come as the US Congress shapes the defense authorization bill, in which cyber provisions figure prominently. Congress is in a mood to take a hard line, with calls for retaliation in kind (or worse) to cyberattacks. There is also a move afoot in the Senate to form a commission to study and develop advice on cybersecurity policy.

Several familiar criminal tools are resurfacing in updated form. Sophos is seeing a new version of the Red Alert banking Trojan (Red Alter 2.0). Proofpoint reports that Kronos is back. It's another banking Trojan, this one first observed in 2014, and it made its reappearance recently with attacks in Germany. And Palo Alto Networks and others note a resurgence of the Mirai and Gafgyt botnets.

The maritime shipping firm Cosco reports that a malware infection is impeding, but not stopping, its operations. The infestation apparently began at Cosco terminals in the US port of Long Beach, California.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Afghanistan, Australia, Bahrain, China, Czech Republic, Egypt, European Union, Finland, Germany, Iran, Israel, Kuwait, Qatar, Russia, Saudi Arabia, Singapore, United Kingdom, and United States.

Find out what midsized enterprises are doing right to hit the cybersecurity “sweet spot.”

Despite having bigger budgets and greater resources, large enterprises aren't better protected from cyberattacks than are their smaller counterparts. The sweet spot for cybersecurity is found among midsized businesses, which testing finds performed best at protecting their assets and mitigating their security risks. That's the conclusion of Coalfire's inaugural Coalfire Penetration Risk Report, based on more than 300 penetration tests in 148 companies worldwide. Download the report to gather data-driven insights and make informed decisions based on Coalfire’s innovative analysis.

On the Podcast

In today's podcast, we hear from our partners at the University of Bristol, as Awais Rashid discusses the convergence of IoT and OT. Our guest is Jason Morgan from Wiretap, who takes us through Wiretap's Human Behavior Risk Analysis Report.

Sponsored Events

Billington Automotive Cybersecurity Summit (Detroit, Michigan, United States, August 3, 2018) Top automotive executives and government representatives will detail the latest cybersecurity threats and best safety practices at the second Billington Automotive Cybersecurity Summit on Aug. 3 at Cobo Center in Detroit. In the age of connected and autonomous cars, cybersecurity is a top priority for automakers and their suppliers.

XM Cyber is coming to Black Hat (Las Vegas, Nevada, United States, August 4 - 9, 2018) Visit XM Cyber at the Innovation City, booth IC2233, to experience the first fully automated APT simulation platform to Simulate, validate and remediate every hacker’s path to organizational critical assets.

Schedule a meeting with Terbium Labs at Black Hat. (Las Vegas, Nevada, United States, August 8 - 9, 2018) Matchlight by Terbium Labs is the world's most comprehensive and only fully private dark web monitoring solution, capable of quickly detecting compromised account data and minimizing the damage caused by a data breach. Book a 1:1 session with Terbium Labs' leadership team to learn how Matchlight can help your organization assess its sensitive data exposure on the dark web.

CyberTexas Job Fair, August 14, San Antonio visit ClearedJobs.Net for details. (San Antonio, Texas, United States, August 14, 2018) Cleared and non-cleared cybersecurity pros make your next career move at the CyberTexas Job Fair, August 14 in San Antonio. Meet leading cyber employers including Bank of America, USCYBERCOM, USAA and more.

Cyber Security Summits: August 29 in Chicago & in NYC on September 25 (Chicago, Illinois, United States, August 29, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The NSA, Darktrace, CenturyLink and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com

Wombat Wisdom Conference, September 18 to 20, 2018, Pittsburgh, PA. (Pittsburgh, Pennsylvania, United States, September 18 - 20, 2018) Gain expert insights for strengthening your security awareness program at the Wombat Wisdom Conference, Sept. 18-20, 2018. Ideal for CISOs and infosec professionals looking to share ideas and actionable concepts for improving security awareness and training.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

How the Russian government allegedly attacks the American electric grid (Fifth Domain) The Russian government attacks America's electric grid by targeting the company's employees with phishing and malicious software.

Russian hackers are ready to disrupt US energy utilities, says DHS (Naked Security) Jonathan Homer says Russian hackers have snared “hundreds of victims” in the utilities and equipment sectors and “got to the point where they could have thrown switches” in a way that could h…

Russian Hackers Reach U.S. Utility Control Rooms, Homeland Security Officials Say (Wall Street Journal) Hackers working for Russia claimed “hundreds of victims” last year in a long-running campaign that put them inside the control rooms of U.S. electric utilities where they could have caused blackouts, federal officials said.

Russian Hackers Breach US Utility Networks via Trusted Vendors (GTM) Hackers were able to access confidential information, such as the equipment being used and how utility networks are configured.

Russian cyber activity against critical infrastructure – what’s new? (Control Global) The Russians planted malware in our electric grids in at least the October 2014 timeframe. What’s new and why the disclosures now?

Russian Cyber Attacks on Critical Infrastructure: The “New Normal” (Nozomi Networks) According to new information just reported by the Wall Street Journal, Russian cyber attacks have impacted hundreds, rather than dozens, of U.S. energy facilities. Nozomi Networks Chief Product Officer, Andrea Carcano, thinks the attackers have all the tools needed to cause power outages – the only thing holding them back is their fear of consequences.

Cyber-Attacks on Finland Intensified Before the Trump-Putin Summit (BleepingComputer) Prior to the Trump-Putin summit that took place on July 16 in Helsinki, Finland, cyber-attacks on the host country saw an uncharacteristic spike of activity.

Leafminer: New Espionage Campaigns Targeting Middle Eastern Regions (Symantec) Active attack group is eager to make use of available tools, research, and the work of other threat actors.

Cyberwar: What happens when a nation-state cyber attack kills? (ZDNet) A cyber attack that kills someone is getting ever more likely. What happens then is a big -- and scary --question.

Warnings about a massive cyberattack aren't new – intelligence officials have raised red flags for years (CNBC) According to a former top DHS cybersecurity official, the fact that Russians successfully accessed "hundreds" of utilities in the U.S. represents a possible change of tactics, from targeted attacks to a "blanket strategy."

Singapore disconnects healthcare computers from the Internet after... (Reuters) Singapore has disconnected computers from the internet at public healthcare centers to prevent cyberattacks of the kind that caused its worst breach of personal data, a government official said on Tuesday.

Kronos Reborn (Proofpoint) Proofpoint researchers examine a new version of the Kronos banking Trojan.

Red Alert 2.0: Android Trojan targets security-seekers (Sophos News) A malicious, counterfeit version of a VPN client for mobile devices targets security-minded victims with a RAT.

Mirai, Gafgyt IoT Botnet Attacks Intensify (SecurityWeek) Security researchers are warning of a new wave of attacks associated with the Mirai and Gafgyt Internet of Things (IoT) botnets.

Threat Brief: Office Documents Can Be Dangerous (But We’ll Continue to Use Them Anyway) (Palo Alto Networks Blog) Unit 42 Threat Brief: Office Documents can be dangerous, however, we'll continue to use them anyway.

Cosco caught in new cyber attack as email and telephone systems go down (The Loadstar) Cosco’s UK systems are down following a cyber attack which affected its US operations late last night. The company’s Pier J Terminal at the Californian port of Long Beach was the first to be affected. The port said it was monitoring the situation, while local media reported that it did not seem as severe as a previous cyber attack on Maersk. A notice sent by Cosco to its customers said “local” network systems and some email services had been ...

Cosco Cyber Attack: Cosco responds to cyber attack on US operations (JOC.com) Since Cosco’s overseas operations have not been affected, communication with US offices is able to take place, although at a slower pace, a key Cosco official said Tuesday.

Attacks on Oracle WebLogic Servers Detected After Publication of PoC Code (BleepingComputer) Oracle WebLogic servers are under attack from hackers who are trying to take over vulnerable installations that have not received a recent patch for a critical vulnerability.

Crimson Hexagon banned by Facebook over user data concern (Naked Security) Facebook is probing whether the firm’s government contracts comply with its policies, which nix use of user data for government surveillance.

An Incredibly Simple Hack Had the Potential to Manipulate Cryptocurrency Markets (Motherboard) Visitors to Ethereum blockchain explorer Etherscan.io on Monday were shown a pop-up that said, “l337,” but the hackers could have tricked site visitors by superficially changing values on the blockchain record.

Scammers pwn verified Fox Twitter account to scam cryptocurrency (Naked Security) Scammers have been exploiting Twitter for months now to steal digital currencies from naïve users, but this month one attacker pulled off a rare coup by compromising a verified Twitter account.

Mind your company's old Twitter accounts, rather than allowing them to be hijacked by hackers (Graham Cluley) There were only 13 episodes of the science fiction TV show "Almost Human" aired before it was pulled from the schedules in 2014.But its Twitter account lives on, under the control of cryptocurrency giveaway scammers.

BYOD: Are Thousands of Rogue Devices Lurking on Your Network? (Security Intelligence) While securing the variety of known devices on your network is hard work, it may feel impossible to manage uninvited guests. Here's how to effectively manage rogue devices.

Quarterly Incident Response Threat Report, July 2018 (Carbon Black) Quarterly Incident Response Threat Report, July 2018

KnowBe4 Releases Q2 2018 Top-Clicked Phishing Report (ResponseSource Press Release Wire) Messages Playing into Human Psyche of Being Popular or Wanted Continue to Sail Through Security Defences York, UK July 24, 2018 – KnowBe4, provider of the world’s largest security awareness train...

Security Patches, Mitigations, and Software Updates

Chrome 68 Released With Warnings on HTTP Sites, But Also Other Security Features (BleepingComputer) Google has released today version 68 of the Chrome browser. This marks a milestone release for the browser maker, being the first version where Chrome will mark HTTP sites as "Not Secure."

Sony Patches Remotely Exploitable Vulnerabilities in Network Cameras (SecurityWeek) Two serious, remotely exploitable vulnerabilities in Sony IPELA E Series Network Camera products could allow attackers to execute commands or arbitrary code on affected devices.

AVEVA Patches Critical Flaws in HMI/SCADA Tools Following Schneider Merger (SecurityWeek) AVEVA, which recently merged with Schneider Electric and took over the Wonderware products, patched critical vulnerabilities in the InduSoft and InTouch HMI/SCADA tools

Cyber Trends

Mimecast Unveils Second-Annual State of Email Security Report (GlobeNewswire News Room) More than 90 Percent of Global Organizations Reported the Volume of Phishing Attacks Have Increased or Stayed the Same in Past 12 Months

The State of Email Security (Mimecast) The latest threats, confidence killers and bad behaviors – and a cyber resilience strategy to fix them

The attacks of the future (SecurityCurrent) What might the most damaging attacks of the future look like? The answer to the question may lie somewhere between the known patterns that attackers have established over the years, and signs that we are starting to see today. A look back It started with the sun and the moon. Solar Sunrise was discovered in…

Larry Ponemon Goes Behind the Scenes of the 2018 Cost of a Data Breach Study (Security Intelligence) Dr. Larry Ponemon takes you behind the scenes of the Ponemon Institute's 2018 Cost of a Data Breach Study on this week's SecurityIntelligence podcast.

Marketplace

How private companies handle attributing governments to hacking operations (Cyberscoop) Cybersecurity companies are becoming increasingly capable of burning intelligence collection efforts by governments, But with this new found influence, what responsibilities do they hold?

Concerns grow over cyber security skills gap (Personnel Today) Last week in parliament, MPs and peers accused the government of lacking urgency in its work to tackle the shortage of skilled cyber security workers. And, separately, accountancy giant Deloitte has expanded a scheme to encourage more women to enter the sector. Parliament’s Joint Committee on the National Security Strategy said ministers had “no real sense …

This gig can pay more than $130K — but you’ve probably never heard of it (Moneyish) Eighty percent of U.S. adults have never considered a cybersecurity job, a new survey finds. Here’s why so few women have jobs in the industry

Wanted: More Female Cyber Warriors (Forbes) IBM’s Allison Ritter helps create cyber attack simulations to prepare companies for coming threats

Trending: ZTE Agrees with U.S. Commerce Department to $1.4 Billion in Penalties (Global Trade Magazine) The Chinese telecommunications group ZTE has agreed to additional penalties and compliance measures to replace the United States Commerce Department’s denial order imposed as a result of ZTE’s violations of a March 2017 settlement agreement. Under the new agreement, ZTE must pay $1 billion and place an additional

Gigamon Acquires Security Start-Up ICEBRG (PRNewswire) SaaS solution empowers customers to leverage the power of network traffic analytics to decrease complexity of security stack

First Look At Safe-T Group's $10 Million IPO (Seeking Alpha) Safe-T Group, an Israeli cybersecurity software company, has filed for its IPO in the U.S. It is offering 1 million American Depository Shares at $9.50-10.50 ap

Israeli cyber startup NSO 'kills merger talks' with software company Verint (Haaretz) A secretive company, NSO is best known as a supplier of mobile surveillance tools to governments and law enforcement agencies

EU pushes Thales/Gemalto to Phase II (Global Competition Review) Europe’s antitrust enforcer has opened an in-depth review of Thales’s €4.8 billion takeover of Gemalto, on the grounds that the companies’ combined shares in the...

Booz Allen Hamilton (BAH) Secures $92M Task Order from U.S. Navy for Cybersecurity and Technical Support (StreetInsider.com) As a leader in the field of information warfare, the U.S. Navy is constantly evolving capabilities to defend naval information systems in the hostile environment of cyberspace. To safeguard maritime systems against adversarial cyberattacks, the Navy relies on the Information Assurance and Cyber Security Program Office (PMW 130) to acquire cybersecurity products and services. In support of the mission of PMW 130, the Space and Naval Warfare Systems Command (SPAWAR) has awarded Booz Allen Hamilton (NYSE: BAH) a $92M task order in February to provide cybersecurity, technical, and program management services to PMW 130 over a five-year period.

Accenture hires FBI vet Marshall as cyber intell team lead (Washington Technology) Accenture brings aboard two-decade FBI veteran Howard Marshall as director of the company's iDefense cyber threat intelligence team.

San Diego Airport Responds to Being Ranked Worst in Country For Cybersecurity (NBC 7 San Diego) A new article released by CNBC ranked the San Diego International Airport as the worst airport for cybersecurity and the number one airport in the country where travelers are most likely to be hacked.

Products, Services, and Solutions

Venafi and Gemalto Partner to Expand Machine Identity Protection (BusinessWire) New partnership and integration allows customers to protect the growing number of connected machines

Netskope and SentinelOne Partner to Bring Cloud Security and Endpoint Protection to the Global Enterprise (Virginian-Pilot) Netskope, the leader in cloud security, today announced a partnership and product integration with SentinelOne, the autonomous endpoint protection company, to give

Detected, blocked, quarantined, cleaned? (SE Labs) Security testing lab specialising in anti-malware and targeted attack testing of endpoints, appliances and cloud services.

Gemalto Helps Companies Gain Valuable Data Insights, Reduce Cost and Time with Automatic Software Updates (BusinessWIre) Gemalto today announced the launch of Sentinel Up, an enterprise-grade software update solution for software vendors and device manufacturers. Designe

EnduraData Ports Its Replication Software to OpenBSD, Announces Ransomware Solution (PRNewswire) EnduraData, a leader in cross-platform data replication solutions and data management software, today announced the availability of its EDpCloud™ software for the OpenBSD operating system, joining its Windows, Linux, Mac, and Unix versions. It also announced a major disaster-tolerance solution to help businesses, hospitals, and government entities survive ransomware attacks.

New Xacta 360 Application Operationalizes NIST Cybersecurity Framework v1.1 (BusinessWire) New application for Xacta 360 cyber risk management platform operationalizes NIST Cybersecurity Framework.

Mocana Supports TPM 2.0 (Mocana) Mocana supports TCG's TPM 2.0 specification. Using Mocana TrustPoint's simple set of APIs, IoT device engineers can use certified TPM keys to secure storage, SSL/TLS, IPsec, authentication, and applications, including containers and virtual machines.

Kaspersky launches adaptive security product through cloud (iTWire) Security firm Kaspersky Lab has launched a new product called Kaspersky Security Cloud which operates as a service and is not attached to a device, bu...

ProtectWise Joins CrowdStrike's Elevate Partner Program (PRNewswire) Companies to Deliver a Compelling Combination of Next-Generation Endpoint and Network Protection, Threat Intelligence and Response Services

Technologies, Techniques, and Standards

Unpacking the Impact of NIST 1.1 Updates on ICS (SecurityWeek) The National Institute of Standards and Technology (NIST) has updated its cybersecurity framework (CSF), rolling out changes to all five pillars: Identify, Protect, Detect, Respond, and Recover.

Design and Innovation

Microsoft developed an AI to catch Xbox Live cheaters (The Next Web) Microsoft recently filed for a patent for an AI that detects Xbox cheaters by combing through their gaming history for suspicious ranks or achievements. The patent application was published by the US Patent and Trademark Office last month. Unlike other efforts by the likes of Valve, this AI wouldn’t just look for cheaters within active games. Instead, …

Legislation, Policy and Regulation

Proposed EU Cybersecurity Act Released (Lexology) On May 29, 2018, the Council of the European Union released a proposal for the future of cybersecurity regulation in Europe (the “EU Cybersecurity…

In cyber, Germany needs to counter-attack, minister says (Reuters) Germany is considering laws that would let it respond actively to foreign cyber-attacks, Interior Minister Horst Seehofer as he presented a domestic intelligence agency report showing Iran was the latest power to ramp up hack attacks on German systems.

Statement for the Record: The Honorable Christopher C. Krebs Under Secretary National Protection and Programs Directorate U.S. Department of Homeland Security (US House of Representatives Committee on Oversight and Government Reform) Chairman Gowdy, Ranking Member Cummings, and members of the Committee, thank you for today’s opportunity to testify regarding the U.S. Department of Homeland Security’s (DHS) ongoing efforts to assist with reducing and mitigating risks to our election infrastructure.

Without evidence, Trump claims Russia ‘will be pushing very hard for the Democrats’ in 2018 midterms (Washington Post) The president trotted out a new line on Russian interference as the uproar over his shifting stances on the issue entered its second week.

Analysis | The Cybersecurity 202: Congress isn't happy with Trump's cyber strategy. It wants a commission to help. (Washington Post) Sen. Sasse's proposal appears likely to succeed.

Trump-Putin summit marked by cybersecurity missteps (Washington Examiner) President Trump's public skepticism about his own intelligence services' conclusions on Russian hacking in the 2016 election, combined with an ad hoc approach to last week's summit with Vladimir Putin, created a political fiasco for the administration and a missed opportunity to address serious…

Ted Cruz says Trump shouldn't be 'apologizing for Russia' (Dallas News) WASHINGTON - Eight days into the uproar over Donald Trump's surprisingly gentle stance toward Vladimir Putin, Sen. Ted Cruz again tweaked him for...

Lawmakers: Use Cyber Attacks on Countries That Meddle in US Elections (Military.com) The SASC wants the U.S. to launch cyber attacks against any country that tries to disrupt the functioning of our society.

What the new defense bill means for cyber (Fifth Domain) U.S. House and Senate negotiators boosted funding for cybersecurity in the annual defense authorization bill, which serves as a repudiation of the Trump administration’s foreign policy.

NDAA Conference Report Strengthens U.S. Cyber, Electronic Warfare Defenses (MeriTalk) The National Defense Authorization Act (NDAA) for FY 2019 took a big step toward passage with the release of the conference report late yesterday that unifies House and Senate NDAA legislation and places in sharp focus concerns about growing cyber and electronic warfare threats and ways that the United States should address them.

How Congress wants DoD to tackle AI and machine learning in 2019 (C4ISRNET) The 2019 National Defense Authorization Act includes funding to the Air Force and the establishment of an independent commission on artificial intelligence.

House bill would make DHS’s CDM cyber program law (FedScoop) A new House bill aims to codify the Department of Homeland Security’s signature cybersecurity program.

Homeland Security Committee Forwards Bill to Prevent the Next Kaspersky (Nextgov.com) The committee also forwarded legislation to codify Homeland Security’s CDM program.

Former Trump cyber adviser tapped for top intelligence role in UK (CNN) Rob Joyce, President Donald Trump's former cybersecurity coordinator, has been tapped to serve as the National Security Agency's top representative in the United Kingdom, according to a former senior intelligence official and a second source familiar with the matter.

Israelis to train Czech cyberspace fight specialists (Prague Monitor) The Czech Defence Ministry plans to have dozens its officers trained in anti-hacking methods by experts from the Czech-Israeli company CyberGym Europe, a step showing the state's efforts to enhance its cyberspace protection, daily Hospodarske noviny (HN) wrote on Monday.

Security concerns drive growing concern over mandatory health records (CSO) In the wake of a series of healthcare data breaches, the Electrical Trades Union (ETU) of Australia has joined the chorus of critics pushing back against the government’s plans to mandate use of its My Health Record (MHR) scheme.

Litigation, Investigation, and Enforcement

Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M (KrebsOnSecurity) Hackers used phishing emails to break into a Virginia bank in two separate cyber intrusions over an eight-month period, making off with more than $2.4 million total. Now the financial institution is suing its insurance provider for refusing to fully cover the losses.

LinkedIn hacking suspect refuses to cooperate with his lawyers (Cyberscoop) Yevgeniy Nikulin, the Russian hacker accused of stealing data from three U.S. firms, is uncooperative in his own defense, one of his lawyers told CyberScoop

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

IP Expo Europe (London, England, UK, October 3 - 4, 2018) IP EXPO Europe is Europe's number ONE IT event for those looking to find out how the latest IT innovations can drive their business forward. IP EXPO Europe is co-located at Digital Transformation EXPO which incorporates Cyber Security X, Developer X, AI-Analytics X, Internet of Things X and Blockchain X.

upcoming Events

Global Cyber Security Summit (Kathmandu, Nepal, July 27 - 28, 2018) Information Security Response Team Nepal (NPCERT) is all set to host a Global Cyber Security Summit (GCSS) on July 27 with the theme “Building Global Alliance for Cyber Resilience”. The two-day event aims to provide a creative and productive platform for professionals in the field of cyber security.

SINET61 2018 (Melbourne, Victoria, Australia, July 31 - August 1, 2018) Promoting cybersecurity on a global scale. SINET – Melbourne provides a venue where international solution providers can engage with leaders of government, business and the investment community to advance innovative solutions to Cybersecurity challenges.

Community College Cyber Summit (3CS) (Gresham, Oregon, USA, August 2 - 4, 2018) 3CS is the only national academic conference focused on cybersecurity education at community colleges. Who should attend 3CS? College faculty and administrators, IT faculty who are involved or who would like to become involved in cybersecurity education, non-IT faculty in critical infrastructure fields who are interested in incorporating cybersecurity topics into their curricula, decision makers in positions that influence cybersecurity education programs, community college students interested in learning about security or expanding their current knowledge, and students attending the 3CS Pre-Summit Job Fair and National Cyber League (NCL) on Thursday, August 2nd.

2018 Community College Cyber Summit (3CS) (Gresham and Portland, Oregon, USA, August 2 - 4, 2018) 3CS is organized and produced by the National CyberWatch Center, National Resource Center for Systems Security and Information Assurance (CSSIA), CyberWatch West (CWW), and Broadening Advanced Technological Education Connections (BATEC), which are all funded by the National Science Foundation (NSF). The outcomes of 3CS leverage community college cybersecurity programs across the nation by introducing the latest technologies, best practices, curricula, products, and more.

2nd Billington Automotive Cybersecurity Summit (Detroit, Michigan, USA, August 3, 2018) The 2nd summit on August 3 in Detroit, MI will be the top leadership summit on auto cybersecurity convening a who’s who of speakers in the automotive cybersecurity ecosystem. The inaugural summit included, among others, the CEO of GM Mary Barra and the U.S. Secretary of Transportation Anthony Foxx, resulting in media coverage from The New York Times and The Wall Street Journal and attracting 500 attendees. NOTE: Attendees must be citizens of the U.S. or allied nations to attend this event.

Black Hat USA 2018 (Las Vegas, Nevada, USA, August 4 - 9, 2018) Now in its 21st year, Black Hat USA is the world's leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2018 opens with four days of technical Trainings (August 4 – 7) followed by the two-day main conference (August 8 – 9) featuring Briefings, Arsenal, Business Hall, and more.

Audit Your Digital Risk (Washington, DC, USA, August 7 - 8, 2018) Recent reports indicate that manufacturing is the most heavily targeted industry for cyber attacks in the past year. According to a study released by NTT Security, 34% of all documented cyber attacks in Q2 2017 were focused on manufacturing. It's likely you have a cybersecurity program and team in place, but do you know how to assess your level of risk? Audit Your Digital Risk is designed for cybersecurity and audit professionals, risk managers, and others focused on protecting a company's people, assets, and IP.

DefCon 26 (Las Vegas, Nevada, USA, August 9 - 12, 2018) DEF CON has been a part of the hacker community for over two decades. $280.00 USD, cash for all four days. Everyone pays the same: The government, the media, the ‘well known hackers’, the unknown script kiddies. The only discount is for Goons and speakers, who get to work without paying for the privilege. We only accept cash - no checks, no money orders, no travelers checks. We don't want to be a target of any State or Federal fishing expeditions.

CyberTexas 2018 (San Antonio, Texas, USA, August 14 - 15, 2018) The 2018 CyberTexas Conference will bring members of the CyberUSA community together with industry and government members of Texas to create long-term values for the cybersecurity ecosystem in San Antonio and the state of Texas. This conference is brought to you be the CyberTexas Foundation and the Federal Business Council (FBC), in conjunction with CyberUSA, and leaders from federal and local government agencies, industry, and academia. Key features of this conference include building on the four pillars of CyberUSA: Communication, Education, Innovation, and Workforce Development. Each topic will feature prominent speakers and panels from Texas and beyond to strengthen the cybersecurity ecosystem.

SecureWorld Bay Area (Santa Clara, California, USA, August 21, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

The Air Force Information Technology & Cyberpower Conference (Montgomery, Alabama, USA, August 27 - 29, 2018) As the premiere Air Force cyber security annual event, the Air Force Information Technology & Cyberpower Conference (AFITC) returns to Montgomery, Alabama in August of 2018. As a critical intersection of Air Force IT experts, prominent IT academics, and some of America’s top cyber security companies, the AFITC offers a full of slate events and activities, with 3 days of speakers, expanded education/training opportunities, and an exhibitor-driven trade show that all revolves around the ways we can better defend America from cyber-attacks, advanced persistent threats, and proactively lead in this in this increasingly digital world.

The Cyber Security Summit: Chicago (Chicago, Illinois, USA, August 29, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts. Learn from cyber security thought leaders and Engage in panel discussions focusing on trending cyber topics such as Sr. Leadership’s Best Approach to Cyber Defense, What’s Your Strategic Incident Response Plan?, Protecting your Enterprise from the Human Element and more. Your registration includes a catered breakfast, lunch, and cocktail reception. Receive half off your admission with promo code cyberwire50 at CyberSummitUSA.com and view details including the full agenda, participating solution providers & confirmed speakers. Tickets are normally $350, but only $175 with promo code.

Intelligence & National Security Summit (National Harbor, Maryland, USA, September 4 - 5, 2018) The Intelligence & National Security Summit is the premier forum for unclassified, public dialogue between the U.S. Government and its partners in the private and academic sectors. The 2018 Summit will include five plenary sessions, where senior leaders from the intelligence and national security communities will discuss top priorities, challenges, and assessments of key threats, as well as nine breakout sessions that will examine issues of vital importance to our national wellbeing and the readiness of the intelligence and national security workforce.

Cyber Resilience & Infosec Conference (Abu Dhabi, UAE, September 5 - 6, 2018) Interact with the top-notch cyber security specialists, learn new strategies and protect your company's future efficiently

Incident Response 18 (Arlington, Virginia, USA, September 5 - 6, 2018) If you work for a vendor or product company, please understand this is not a sales event. IR18 is a community-driven event that aims to disrupt the traditional approach and is more focused on community, connections and change. IR18 is a conference for cybersecurity professionals to learn and develop playbooks to improve Incident Response processes. If you are interested in contributing to the event, your company can sponsor one of the exclusive innovation categories. Contact Sponsors@IncidentResponse.com for more information.

9th Annual Billington CyberSecurity Summit (Washington, DC, USA, September 6, 2018) An opportunity to hear, meet, and interact with cybersecurity leaders from Government and industry.

9th Annual Billington CyberSecurity Summit (Washington, DC, USA, September 6, 2018) The mission of Billington CyberSecurity is to bring together thought leaders from all sectors to examine the state of cybersecurity and highlight ways to enhance best practices and strengthen cyber defenses within government and the private sector. This year's summit, like the previous eight, will bring together leaders from government and industry for a comprehenive look at the challenges of cybersecurity.

SecureWorld Twin Cities (Minneapolis, Minnesota, USA, September 6, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

CornCon IV: Quad Cities Cybersecurity Conference & Kids' Hacker Camp (Davenport, Iowa, USA, September 7 - 8, 2018) CornCon is a 2-day conference held in Davenport, Iowa including a professional development workshop on Friday and a full-day cybersecurity conference on Saturday. The workshop covers enterprise risk, privacy and security. The conference has a keynote track with top international speakers, and a technical track with cutting edge exploits, demos and presentations. There will be a hacker village, vendor expo, contests, t-shirts, food drinks and a great after party. There is also a Saturday kids' hacker camp running alongside the conference. "A little DEFCON in a corn field!"

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

Bears in the power grid, they say (not squirrels). Old criminal tools with new tricks. Shipper Cosco reports malware infection.