The CyberWire Daily Briefing 8.9.18

Special Section

Black Hat

IBM is describing their work on DeepLocker, and what it has to say about potential exploitation of artificial intelligence by criminals and other threat actors. Among the more interesting implications of their work are conclusions about AI's utility in attack. It shows considerable promise in making malware more evasive. Not only does it make attack code better at detecting and evading such useful security techniques as sandboxing, but according to IBM it can make reverse engineering malware "impossible."

We were with Cisco's Talos Group yesterday. The podcast from that session will be available shortly, but we'll share one observation from the Talos panel of experts. One of them deplored the move of the popular game Fortnite to Android, on the grounds that it was inculcating poor security habits in the children at whom it's pitched, habituating them to downloading apps impulsively and in an insecure fashion. He asked if it wouldn't be possible to do better, a call for security acculturation by design.

We hope to learn more later today about Comodo's Zero Day Challenge, intended as a riposte to what Comodo considers over-hyped and misleading claims for artificially intelligent security tools. (If we can actually hear what anyone says, that is. The floor at Black Hat is a howling bedlam that surpasses any pandemonium we've experienced at other security conferences. Our standing question the week for anyone we've spoken with: What? What's that you just said?)

Summary

By The CyberWire Staff

As sanctions reimposed in response to its nuclear program begin to bite, Iran seems poised to follow the trail North Korea blazed in cyberspace: state-directed hacking that aims at direct theft to redress economic pain. Accenture researchers have been tracking ransomware strains, many of them requiring payment in Bitcoin or other cryptocurrencies, and they've concluded that they represent an incipient Iranian campaign against targets of opportunity that offer the prospect of quick financial gain. Tehran's state-directed hackers have a reputation as being relatively less sophisticated than those run by Russia and China (and indeed those run by major Western powers, the Five Eyes and their closest friends) but they also have a reputation as determined fast-learners.

Palo Alto's Unit 42 describes a phishing campaign by unattributed threat actor DarkHydrus that's prospecting Middle Eastern governments.

In a move widely applauded in the UK, the US has announced imposition of very heavy sanctions against Russia over Moscow's nerve agent attack in Salisbury, England. Other sanctions for Russian misbehavior in cyberspace have also been imposed. The Washington Post sniffs that these cyber attack sanctions are "toothless," but the measures the US is taking in response to the Novichok attack appear to be severe, and have been recognized as such by the Russian government. The Kremlin swiftly denounced the Novichok sanctions as not only "illegal," but "unfriendly."

Reality Winner, the ex-US Air Force, ex-NSA, ex-contractor who pled guilty to charges connected with leaking classified information to the Intercept, will be sentenced on August 23rd.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Iran, Russia, Singapore, United Kingdom, and United States.

Don’t let threats SOC you where it counts.

Protecting your organization from an attack involves much more than the traditional “block & tackle” tactics of the past. A good boxer doesn’t just block the punch they see coming, they move against the next anticipated punch. The modern Security Operations Center (SOC) requires a combination of automation and human tradecraft to successfully repel the adversary. Learn more about the modern SOC in LookingGlass’ webinar featuring guest IDC, August 29 @ 2pm ET.

Podcast Summary

In today's podcast, we 8/9 partner is Awais Rashid from the University of Bristol on issues with software warranties. Our guest is Cheryl Biswas from the Diana Initiative, about their conference in Las Vegas celebrating diversity, women in security, and how to pursue a career in information security and technology.

This week's edition of Hacking Humans is also up: Focus, technology, and training fight phishing. A phishing attempt to infiltrate U.S. election systems, the story of government agencies receiving malicious CDs in the mail, and a look at how university employees are lured by greed. And David Baggett from Inky joins us to describe phishing techniques they are seeing and offers ways to best protect yourself and your organization.

Las Vegas: the latest from Black Hat

Black Hat USA 2018 (Black Hat) Black Hat USA 2018

Photo gallery: Black Hat USA 2018 (Help Net Security) Black Hat USA 2018 is underway at Las Vegas. Here are a few photos from the Business Hall and the Arsenal.

How long is too long for a cyber operation? NSA has an idea (Fifth Domain) Research conducted by the National Security Agency has found that after five hours of cyber operations, performance drops and frustration begins to increase among staffers.

New genre of artificial intelligence programs take computer hacking... (Reuters) The nightmare scenario for computer security - artificial intelligence programs that can learn how to evade even the best defenses - may already have arrived.

DeepLocker: How AI Can Power a Stealthy New Breed of Malware (Security Intelligence) DeepLocker has changed the game of malware evasion by taking a fundamentally different approach from any other current evasive and targeted malware. Here's what you need to know.

Researchers Release Free TRITON/TRISIS Malware Detection Tools (Dark Reading) Team of experts re-creates the TRITON/TRISIS attack to better understand the epic hack of an energy plant that ultimately failed.

No, The Mafia Doesn't Own Cybercrime: Study (Dark Reading) Organized crime does, however, sometimes provide money-laundering and other expertise to cybercriminals.

Black Hat Demo to Reveal ‘White Rabbit’ New Blockchain Surveillance Tool (CoinDais Crypto News) This week in Las Vegas there are two well-known events taking place focused on information security and the global hacking counterculture - Black Hat Arsenal and Defcon 2018. Two developers from the intelligence platform firm Trustar will be revealing a new ‘early warning system’ called White Rabbit that detects emerging ransomware campaigns that utilize the Bitcoin Core network for ransom payments.

IOActive to Detail Stock Trading App Vulnerabilities at Black Hat (eWEEK) Researchers uncover flaws in desktop and mobile stock trading applications, but the good news is that the fixes aren't that hard.

Irdeto Cloakware® Software Protection Beefs Up its Architecture for IoT Connected Industries - Irdeto (Irdeto) Enhanced architecture provides resilient and robust protection against cyberattacks beyond applications to now secure new software, devices, gateways and more

eSentire and Secure Infrastructure Provider Cyxtera Partner to Bring Z (PRWeb) eSentire, Inc., the largest pure-play Managed Detection and Response (MDR) provider, and Cyxtera Technologies, the secure infrastructure c

Cyber Attacks, Threats, and Vulnerabilities

Iranian Hackers Turn to Ransomware, Bitcoin as Economy Stalls (Wall Street Journal) Over the past two years, researchers have tracked five new types of so-called ransomware they say were built by hackers in Iran.

Iranian Hackers Developing Ransomware for Bitcoin, Cybersecurity Experts Warn (CCN) As the US gets ready to impose sanctions on Iran, hackers in that country are working on ransomware to secure bitcoin, according to cybersecurity experts interviewed by The Wall Street Journal. Accenture PLC’s cybersecurity intelligence group has followed five Iranian built ransomware variations in the last two years. The hackers are hoping to secure payments in

DarkHydrus using Phishery tool to harvest credentials (SC Magazine) The recently discovered DarkHydrus threat group is now the open-source Phishery tool to harvest credentials from an educational institution in the Middle East.

Duo Security researchers’ Twitter ‘bot or not’ study unearths crypto botnet (TechCrunch) A team of researchers at Duo Security has unearthed a sophisticated botnet operating on Twitter — and being used to spread a cryptocurrency scam. The botnet was discovered during the course of a wider research project to create and publish a methodology for identifying Twitter account automat…

Bill Nelson: The Russians have penetrated some Florida voter registration systems (Tampa Bay Times) Russian operatives have

Why We’re Sharing 3 Million Russian Troll Tweets (FiveThirtyEight) The tweets are from 2,848 Twitter handles associated with the Internet Research Agency troll farm.

Data Carving the Internet Research Agency Tweets (Cyxtera) Recently FiveThirtyEight released on GitHub a set of CSV files which contained the downloaded tweets of all of the now suspended accounts of the Russian Internet Research Agency Information Operations team.

The Internet Trolls Have Won. Sorry, There’s Not Much You Can Do. (New York Times) When it comes to online comments and discourse and what you can do to limit their toxicity, you only have a certain amount of power. The real leverage lies with the tech companies.

With Alex Jones, Facebook’s Worst Demons Abroad Begin to Come Home (New York Times) The social network’s links to violence and unrest may not be exclusive to developing countries like India or Myanmar, as some once argued.

Opinion | Alex Jones loses his empire — but not for the reason you’d think (Washington Post) Policing hate speech is only part of the problem for online platforms such as Apple and Facebook.

Snapchat source code leaked on GitHub – but no one knows why (Naked Security) A chunk of Snapchat’s source code that wasn’t meant to be public just popped up on GitHub. Will this harm security?

Phones at all major US carriers filled with vulnerabilities, say researchers (CNET) Manufacturers are building in flaws that could expose your data to hackers, according to research backed by the Department of Homeland Security.

Kaspersky Lab: Mobile Banking Trojans On the Rise (Channel Partners) The number of installation packages for mobile banking reached a historic high at more than 61,000, more than three times the growth when compared with the first quarter, and more than double the installations than in the first quarter of last year.

Inside Dropbox and Microsoft Office phishing attacks | Salted Hash, Ep. SC03 (CSO Online) Today on Salted Hash, we're going to look at a phishing attack that targeted me directly. It's got a few interesting elements, including a weak attempt to spoof an HTTPS connection, and a sort of hybrid lure, which starts as Dropbox but ends at Microsoft Office.

DDoS Attacks Less Frequent But Pack More Punch: Report (SecurityWeek) There were seven times more distributed denial (DDoS) attacks larger than 300 Gbps (gigabit per second) observed during the first six months of 2018 compared to the first half of 2017, NETSCOUT Arbor reveals.

Augur (REP) Vulnerability Exposed by White Hat Hacker via HackerOne Bug Bounty Program (BitcoinExchangeGuide) Hacker Reveals Augur Vulnerability Decentralized exchanges have long been a goal of the cryptocurrency community, as well as a working product within the markets. Large fees and vulnerability to ha…

You can buy Bitcoin ATM malware for $25,000 in the Dark Web (ZDNet) Malware targeting cryptocurrency-based ATMs commands high prices in the underground.

Cyber Trends

Accenture Mid-Year Threatscape Report Identifies Five Global Cybersecurity Threats (Business Wire) Accenture mid-year Threatscape Report identifies five global cybersecurity threats.

There's a global divide in how organizations assess cyber risk (Help Net Security) Nearly 48 percent of organizations globally have embraced strategic vulnerability assessment as a critical step toward reducing cyber risk.

Comodo Cybersecurity Releases Q2 Global Threat Report (PRNewswire) Trojans took the lead in a dynamic and dangerous malware marketplace

Cyber hygiene: Where do organizations fall behind on basics? (Help Net Security) Tripwire's State of Cyber Hygiene report examines how organisations are implementing security controls that the CIS refers to as cyber hygiene.

Top Threats to Cloud Computing: Deep Dive - Cloud Security Alliance (Cloud Security Alliance) Description: This case study attempts to connect all the dots when it comes to security analysis by using nine anecdotes cited in the Top Threats for its foundation. Each of the nine examples are presented in the form of (1) a reference chart and (2) a detailed narrative. The reference chart’s format provides an attack-style...

Infographic: State of Executive Cybersecurity Awareness (MediaPRO) We compared executives across various industries to the general population in terms of their knowledge of cybersecurity and data privacy best practices.

Marketplace

RiskRecon Raises $25 Million to Grow Third-Party Cyber Risk Management Business (SecurityWeek) Salk Lake City-based RiskRecon has raised $25 million in Series B financing led by Accel to expand its third-party cyber risk management business.

Capsule8 secures $15M in Series B round (Help Net Security) The round brings total funding to $23.5M and will be used to scale Capsule8’s engineering organization and fuel sales efforts of the Capsule8 platform.

iS5 Communications Inc. Completes CDN $22 Million Round of Financing to Accelerate Growth and Development of Its Critical Infrastructure Protection Platforms. (PRNewswire) Phoenix Contact Innovation Ventures leads strategic investment round.

ClearSky raises $244.7 mln for security fund (PE Hub) ClearSky has raised $244.7 million of a targeted $300 million for its first security fund, according to a regulatory filing. The venture and growth equity firm has offices in Florida, New York, Boston and San Francisco, and is led by Alexander Weiss, Jay Leek, James Huff, James Goldinger, and Peter Kuper.

Census Awards Last Major IT Contract Ahead of 2020 Count (Nextgov.com) The award comes as officials work to get preparations for the 2020 count back on track.

Is Zscaler the Cloud Security Stock of the Future? (247wallst.com) A fresh report from FBN Securities is signaling that Zscaler could go much higher. FBN initiated coverage with an Outperform rating and assigned a price target well above the consensus target.

A Less Volatile Way to Benefit From the Cybersecurity Boom (The Motley Fool) Here's how you can take advantage of the cybersecurity opportunity and minimize risk at the same time.

Congratulations on hitting $1 trillion Apple, now it's time to clean up your act (Computing) The tech giant's power should come with greater responsibility, argues Michael Holder

NERC Names Bill Lawrence as VP, Chief Security Officer (SecurityWeek) North American Electric Reliability Corporation (NERC) announced that Bill Lawrence has been named vice president and chief security officer (CSO), effective August 16, 2018.

Lawrence Prior joins Novetta Board of Directors (PRNewswire) Bringing 30 years of industry expertise and passion for innovation

Products, Services, and Solutions

Dragos Makes Critical ICS Threat Intelligence More Accessible to Cybersecurity Community with New Partner Integrations (Business Wire) Dragos, Inc., the trusted leader in industrial threat detection and response technology and services, announced today that its industrial control syst

Sumo Logic Expands Certification Program to Empower Users to Better Secure Modern Applications and Cloud Infrastructures (Sumo Logic) Sumo Logic announces a new certification level at Black Hat 2018 focused on security analytics as part of its existing certification program.

Perception Point launches anti-malware solution for shared drives (Help Net Security) Perception Point's Advanced Shared Drive Security solution prevents malicious content (files & URLs) to infect previously clean files.

Ziften adds AV to the Zenith endpoint protection platform to stop attacks (Help Net Security) Zenith endpoint protection platform now includes AV protecting all enterprise endpoints from known and unknown targeted attacks.

Intertrust and Jscrambler launch joint solution to protect mobile and JavaScript applications (Help Net Security) The Intertrust and Jscrambler joint solution, App Shield 360, uses code obfuscation, tamper resistance and white box cryptography.

Tripwire for DevOps SaaS Debuts – The First Dynamic Container Vulnerability Assessment Service for the DevOps Pipeline (Business Wire) Now generally available, Tripwire's DevOps SaaS provides security assessments as part of the continuous integration/continuous deployment (CI/CD) pipeline

STEALTHbits Introduces Active Directory Password Protection to Safeguard Organizations from Authentication-based Attacks (GlobeNewswire News Room) STEALTHbits Technologies Inc., a cybersecurity software company focused on protecting an organization’s sensitive data and the credentials attackers use to steal that data, today announced the release of StealthINTERCEPT 5.2.

Deep Instinct Introduces New Analytical Capabilities for Superior Cyberattack Insights and Visibility (Business Wire) Deep Instinct, the first company to apply deep learning to cybersecurity, has introduced new threat analysis services.

How this billion-dollar start-up is fighting cybercrime with A.I. (CNBC) “We're now in the midst of a cyberarms race, and the battlefield is going to be inside of every company network,” says Nicole Eagan, a co-founder and CEO of Darktrace.

Spirent Extends CyberFlood with Data Breach Emulation for Security Testing of Networks and Devices (Dark Reading) CyberFlood Data Breach Assessment uses actual attack components, hacker activity, and malware executables to assess an organization's vulnerability to cybercrime.

Technologies, Techniques, and Standards

DOE cybersecurity exercise focuses on grid syncing after cyber attack (Electric Light and Power) Perry said: 'It's in our national security interest to continue to protect these sources of energy'

Report: DOE, DHS planning new grid cybersecurity exercise this fall (Utility Dive) The Liberty Eclipse exercise will focus on blackstart capabilities and the intersection of the natural gas and electric power sectors, E&E News reports.

As Russians hack the US grid, a look at what’s needed to protect it (Fifth Domain) The U.S. electricity grid is hard to defend because of its enormous size and heavy dependency on digital communication and computerized control software. The number of potential targets is growing as “internet of things” devices, such as smart meters, solar arrays and household batteries, connect to smart grid systems.

IoT security: Lessons we can learn from the evolution of road safety (Help Net Security) We’re facing serious security challenges when it comes to IoT security lessons, and it looks like we still have a lot to learn.

SANS Joins Forces with the US Army to Train our Nation's Cyber Soldiers (PRNewswire) Real-Life Deep Water Port Reconnaissance Mission to Debut at Muscatatuck Urban Training Center

Mastering MITRE's ATT&CK Matrix (Dark Reading) This breakdown of Mitre's model for cyberattacks and defense can help organizations understand the stages of attack events and, ultimately, build better security.

Design and Innovation

Inside Google’s Effort to Develop a Censored Search Engine in China (The Intercept) The company sampled searches from a Beijing-based website to hone its blacklists.

Could deliberately adding security bugs make software more secure? (Naked Security) A new study argues that bogging black hats down in fake flaws might be better approach to security.

Chaff Bugs: Deterring Attackers by Making Software Buggier (Arxiv) Sophisticated attackers find bugs in software, evaluate their exploitability, and then create and launch exploits for bugs found to be exploitable

Semiautonomous Cars Have Flaws. That's Why They Need Tests (WIRED) The Insurance Institute for Highway Safety tested features in cars from Tesla, BMW, Mercedes, and Volvo and found they all had issues. Here’s where safety rankings would come in handy.

Legislation, Policy, and Regulation

US to impose sanctions on Russia over Skripal poisoning (Deutsche Welle) The sanctions come after the US said Russia used a chemical agent against an ex-Russian spy. Moscow remains hopeful of "constructive" dialogue, but the Kremlin is still weighing up how to respond.

US to sanction Russia over Skripal poisoning (Times) The United States is to impose new sanctions on Russia after concluding that it was responsible for the Salisbury nerve agent attack. The surprise measures were announced by the State Department...

Russia reels, denounces new U.S. sanctions as illegal, unfriendly (Reuters) Russia condemned a new round of U.S. sanctions as illegal on Thursday after news of the measures sent the rouble tumbling to two-year lows and sparked a wider asset sell-off over fears that Moscow was locked in a spiral of never-ending curbs by the West.

Analysis | The Cybersecurity 202: White House's draft order imposing sanctions for election interference lacks teeth (Washington Post) Its toughest measures are discretionary.

Kirstjen Nielsen: The US needs private sector help to combat cyber threats (CNBC) The government alone can't defend against the growing threat of cyberwarfare, writes Secretary of Homeland Security Kirstjen Nielsen. That's why DHS launched a platform to help the private sector join the battle.

DHS Has New Cyber Collaboration Center, But Private Companies May Hesitate to Share (Legaltech News) With little details on how the DHS’s new National Risk Management Center will operate success will likely depend on how much cooperation it receives from the private sector.

Read what Mattis said about election security and offensive cyber (Fifth Domain) Defense Secretary Jim Mattis on Tuesday acknowledged that Russia made attempts to influence the 2016 election and outlined ― more or less ― how the Pentagon is helping states bolster their election cybersecurity efforts.

Is a U.S.-Russia Cyber Security Working Group Silly? (TechNative) Over the course of the recent controversial Helsinki summit, Russian President Vladimir Putin pushed an agenda that would ostensibly see the U.S. and Russia working side by side as allies.

The case for humanitarian cyber operations (Fifth Domain) Intervention in 2018 does not need to be troops on the grounds, but, instead, a digital intervention.

New Law May Force Small Businesses to Reveal Data Practices (SecurityWeek) Companies are preparing for what some say is the wave of the future: laws requiring businesses to be up-front with customers about how they use personal information.

The Future Airman is a Hacker (Defense One) Air Force recruiters will prize computer skills more highly, while the service will encourage airmen to experiment with their own solutions

Litigation, Investigation, and Law Enforcement

Sentencing date set for Air Force veteran who leaked secrets (Fifth Domain) A Georgia woman who pleaded guilty to leaking a secret U.S. report is scheduled to be sentenced later this month.

COI probe into SingHealth cyber attack to hold first hearing on Aug 28 (The Straits Times) The first hearing will be held in camera but all hearings will be held in public unless the evidence presented could affect national security or patient confidentiality, said the committee secretariat.

MIT’s tool for tracking police surveillance: a cryptographic ledger (Fast Company) Researchers say a blockchain-like system could help track government requests for private data without endangering the secrecy of investigations.

Industry Events

For a complete running list of events, please visit the Event Tracker.

Newly Noted Events

5th Annual Cyber Security Conference for Executives (Baltimore, Maryland, USA, Oct 2, 2018) The 5th Annual Cyber Security Conference for Executives, hosted this year by The Johns Hopkins University Information Security Institute and Ankura, will be held on Tuesday, October 2nd, in Baltimore, Maryland. This year’s theme is cybersecurity compliance and regulatory trends, and the conference will feature discussions with thought leaders across a variety of sectors. Join the discussion and learn about current and emerging cyber security threats to organizations, and how executives can better protect their enterprises. To receive the early-bird rate, register now!

Upcoming Events

Black Hat USA 2018 (Las Vegas, Nevada, USA, Aug 4 - 9, 2018) Now in its 21st year, Black Hat USA is the world's leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2018 opens with four days of technical Trainings (August 4 – 7) followed by the two-day main conference (August 8 – 9) featuring Briefings, Arsenal, Business Hall, and more.

DefCon 26 (Las Vegas, Nevada, USA, Aug 9 - 12, 2018) DEF CON has been a part of the hacker community for over two decades. $280.00 USD, cash for all four days. Everyone pays the same: The government, the media, the ‘well known hackers’, the unknown script kiddies. The only discount is for Goons and speakers, who get to work without paying for the privilege. We only accept cash - no checks, no money orders, no travelers checks. We don't want to be a target of any State or Federal fishing expeditions.

CyberTexas 2018 (San Antonio, Texas, USA, Aug 14 - 15, 2018) The 2018 CyberTexas Conference will bring members of the CyberUSA community together with industry and government members of Texas to create long-term values for the cybersecurity ecosystem in San Antonio and the state of Texas. This conference is brought to you be the CyberTexas Foundation and the Federal Business Council (FBC), in conjunction with CyberUSA, and leaders from federal and local government agencies, industry, and academia. Key features of this conference include building on the four pillars of CyberUSA: Communication, Education, Innovation, and Workforce Development. Each topic will feature prominent speakers and panels from Texas and beyond to strengthen the cybersecurity ecosystem.

SecureWorld Bay Area (Santa Clara, California, USA, Aug 21, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

The Air Force Information Technology & Cyberpower Conference (Montgomery, Alabama, USA, Aug 27 - 29, 2018) As the premiere Air Force cyber security annual event, the Air Force Information Technology & Cyberpower Conference (AFITC) returns to Montgomery, Alabama in August of 2018. As a critical intersection of Air Force IT experts, prominent IT academics, and some of America’s top cyber security companies, the AFITC offers a full of slate events and activities, with 3 days of speakers, expanded education/training opportunities, and an exhibitor-driven trade show that all revolves around the ways we can better defend America from cyber-attacks, advanced persistent threats, and proactively lead in this in this increasingly digital world.

The Cyber Security Summit: Chicago (Chicago, Illinois, USA, Aug 29, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts. Learn from cyber security thought leaders and Engage in panel discussions focusing on trending cyber topics such as Sr. Leadership’s Best Approach to Cyber Defense, What’s Your Strategic Incident Response Plan?, Protecting your Enterprise from the Human Element and more. Your registration includes a catered breakfast, lunch, and cocktail reception. Receive half off your admission with promo code cyberwire50 at CyberSummitUSA.com and view details including the full agenda, participating solution providers & confirmed speakers. Tickets are normally $350, but only $175 with promo code.

Intelligence & National Security Summit (National Harbor, Maryland, USA, Sep 4 - 5, 2018) The Intelligence & National Security Summit is the premier forum for unclassified, public dialogue between the U.S. Government and its partners in the private and academic sectors. The 2018 Summit will include five plenary sessions, where senior leaders from the intelligence and national security communities will discuss top priorities, challenges, and assessments of key threats, as well as nine breakout sessions that will examine issues of vital importance to our national wellbeing and the readiness of the intelligence and national security workforce.

Cyber Resilience & Infosec Conference (Abu Dhabi, UAE, Sep 5 - 6, 2018) Interact with the top-notch cyber security specialists, learn new strategies and protect your company's future efficiently

Incident Response 18 (Arlington, Virginia, USA, Sep 5 - 6, 2018) If you work for a vendor or product company, please understand this is not a sales event. IR18 is a community-driven event that aims to disrupt the traditional approach and is more focused on community, connections and change. IR18 is a conference for cybersecurity professionals to learn and develop playbooks to improve Incident Response processes. If you are interested in contributing to the event, your company can sponsor one of the exclusive innovation categories. Contact Sponsors@IncidentResponse.com for more information.

9th Annual Billington CyberSecurity Summit (Washington, DC, USA, Sep 6, 2018) An opportunity to hear, meet, and interact with cybersecurity leaders from Government and industry.

9th Annual Billington CyberSecurity Summit (Washington, DC, USA, Sep 6, 2018) The mission of Billington CyberSecurity is to bring together thought leaders from all sectors to examine the state of cybersecurity and highlight ways to enhance best practices and strengthen cyber defenses within government and the private sector. This year's summit, like the previous eight, will bring together leaders from government and industry for a comprehenive look at the challenges of cybersecurity.

SecureWorld Twin Cities (Minneapolis, Minnesota, USA, Sep 6, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

CornCon IV: Quad Cities Cybersecurity Conference & Kids' Hacker Camp (Davenport, Iowa, USA, Sep 7 - 8, 2018) CornCon is a 2-day conference held in Davenport, Iowa including a professional development workshop on Friday and a full-day cybersecurity conference on Saturday. The workshop covers enterprise risk, privacy and security. The conference has a keynote track with top international speakers, and a technical track with cutting edge exploits, demos and presentations. There will be a hacker village, vendor expo, contests, t-shirts, food drinks and a great after party. There is also a Saturday kids' hacker camp running alongside the conference. "A little DEFCON in a corn field!"

2018 International Information Sharing Conference (Tysons Corner, Virginia, USA, Sep 11 - 12, 2018) Join representatives from fellow information sharing groups with all levels of expertise, security practitioners, major technology innovators, and well-established cybersecurity organizations, as they come together to discuss the impact ISAOs have had on the nation’s security, share lessons learned, and discover the latest in cybersecurity policy. Attendees will gain the knowledge needed to learn how to improve information sharing with keynote addresses by industry experts, senior government, and international thought leaders, presentations on key topics and panel discussions of interest to the Information Sharing community, technology demonstrations from service providers and vendors addressing information sharing challenges. There will be many networking opportunities and exhibits.

SecureWorld Detroit (Detroit, MIchigan, USA, Sep 12 - 13, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

Cybersecurity for Small & Medium Sized Businesses (Gaithersburg, Maryland, USA, Sep 13, 2018) Learn about technical, legal, cultural and policy cybersecurity issues facing small and medium sized businesses. Panelists include: Markus Rauschecker, J.D. University of MD. Center for Health and Homeland Security (CHHS); Ira Kolmaister, Network Alarm Corporation; Yossi Applebaum, SEPIO Systems; Ken Stalder, Sherpas Cyber Security Group; Moderator: Ellen Cornelius, University of MD CHHS. Panel discussion with questions and answers from 3:30- 5:00pm, with a networking reception to follow. More information and RSVP at the link.

FutureTech Expo (Dallas, Texas, USA, Sep 14 - 16, 2018) With over 2,000 expected attendees, 70 top-notch speakers and 100+ exhibitors from the Blockchain & Bitcoin, Artificial Intelligence, Cyber Security / Hacking, Quantum Computing, 3D Printing, and Virtual / Augmented Reality worlds, and talks from ICOs and blockchain startups and more, this Expo is going to be a diverse, wonderful, and potentially profitable experience for all who attend.

Insider Threat Program Development-Management Training Course (San Antonio, Texas, USA, Sep 17 - 18, 2018) Insider Threat Defense will hold its highly sought-after Insider Threat Program Development-Management Training Course, in San Antonio, Texas, on September 17-18, 2018. This two-day training course will provide the Insider Threat Program (ITP) Manager, Facility Security Officer, and others (CIO, CSO, CISO, Human Resources, IT, Network Security, Etc.) supporting an ITP, with the knowledge and resources (Templates, Checklits, Etc.) to develop, manage, or enhance an ITP. This training covers, and goes beyond compliance regulations for an ITP (National Insider Threat Policy, NISPOM Conforming Change 2). Insider Threat Defense is one of the few ITP training vendors to offer a guarantee with their training. Insider Threat Defense has provided training and services (In Over 14 U.S. States) to an impressive list of 540+business-organizations / 680+ security professionals.

International Consortium of Minority Cybersecurity Professionals (ICMCP) 3rd Annual National Conference (Atlanta, Georgia, USA, Sep 17 - 19, 2018) The International Consortium of Minority Cybersecurity Professionals (ICMCP) 3rd Annual National Conference continues to elevate the national dialogue on the very necessary strategic, tactical and operational imperatives needed to attract and develop minority cybersecurity practitioners. By providing a combination of thought leadership, awareness and engagement, the 3rd Annual National Conference will seek to break from the norm of day-long sessions of talking-heads through interactive “decode sessions” intended to include conference attendees in helping to devise innovative strategies to tackling cybersecurity’s diversity challenges.

Air Space & Cyber Conference (National Harbor, Maryland, USA, Sep 17 - 19, 2018) Gain new insights and skills to advance your career. Be among the first to see the latest innovations in airpower, space, and cyber capabilities all the while bonding with your fellow Airmen. Inspiring addresses from recognized leaders in your Air Force will give you drive for taking your career to the next level. You can do all of this and more at AFA’s annual Air, Space & Cyber Conference (ASC).

Global Cybersecurity Innovation Summit (London, England, UK, Sep 18 - 19, 2018) Advancing global collaboration and innovation. SINET – London creates a forum to build and maintain international relationships required to foster vital information sharing, broad awareness and the adoption of innovative Cybersecurity technologies.

SecureWorld St. Louis (St. Louis, Missouri, USA, Sep 18 - 19, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

SINET Global Cybersecurity Innovation Summit (London, England, UK, Sep 18 - 19, 2018) SINET, an organization focused on advancing cybersecurity innovation through public-private collaboration, today announced that its annual Global Cybersecurity Innovation Summit (GCIS), will take place September 18-19, 2018. SINET’s collaborative forum brings together a notable group of senior level industry and government cybersecurity professionals. The event, supported by Her Majesty’s Government and the U.S. Department of Homeland Security (DHS) Science and Technology Directorate (S&T), will be held at The British Museum in London.SINET GCIS will provide exclusive opportunities for attendees to engage directly with a select network of influential thought leaders, solution providers, researchers and investors from the global security community. The events are recognized among technology companies as a unique and exclusive opportunity for sponsors to schedule 1:1 meetings with top-level decision makers. These 15-minute meetings grant technology companies the opportunity to introduce their solution to high-level executives within targeted industries and source feedback from knowledgeable buyers.

5th Annual Industrial Control Cyber Security USA (Sacramento, California, USA, Sep 18 - 19, 2018) Now in its 5th year, this two day executive forum will include presentations, roundtable working groups and panel sessions. Together we will address the escalating cyber risk and resilience challenges associated with the adoption and convergence of operational technologies in enterprise facing architecture. Practitioners will gain further insight into how to best respond to evolving cyber threats, the importance of effective risk management throughout the industrial control supply chain, innovations in detection and mitigation, configuration management and how can we incorporate resilience into critical control system components and business process.

Security in our Connected World (Beijing, China, Sep 19, 2018) This year’s seminar will not only examine critical security technologies, such as the Trusted Execution Environment (TEE) and Secure Element (SE), but will also delve into their associated business and technical use cases, to explore more deeply the need for security in our connected world. Timely and relevant seminar topics to include a focus on the Internet-of-Things (consumer, industrial and enterprise), identification and authentication, payment and value-added services, premium content protection, device trust, and certification. And, as always, delegates will be able to witness ‘real world’ solutions from our sponsoring/exhibiting member organizations.

Detect 18 (National Harbor, Maryland, USA, Sep 19 - 21, 2018) Detect '18 is the single largest conference dedicated to threat intelligence. This year we're calling on fellow "Threatbusters" to wage a high-tech battle against apparitions (aka bad actors) and learn how to better save the world from cyber destruction! At Detect '18 you will be able to: immerse yourself in 30+ hours of education and training; chooose from 30+ breakout sessions designed for every experience level; listen to peer presentations highlighting real-world issues and solutions; network, network, network with your peers in a social setting; and earn CPE Credits to keep your credential current.

Cyber Beacon (Washington, DC, USA, Sep 20, 2018) Cyber Beacon is the flagship event of the National Defense University's College of Information and Cyberspace (NDU CIC). The conference brings together cyber experts from across the national security community, private sector, and academia to discuss the most pressing problem sets concerning cyberspace and national security. This year's theme is "decision making in cyberspace". Cyber Beacon V will be held on Wednesday 19 and Thursday 20 September 2018 at the NDU campus on Fort McNair in Washington, DC.

IT Security Leadership Exchange (Phoenix, Arizona, USA, Sep 23 - 25, 2018) IT Security Leadership Exchange is an invitation-only, strategic business summit that gathers Chief Information Security Officers (CISOs), senior decision-makers, and industry experts to address the unique needs and current challenges faced by enterprise cyber security leaders. A CISO’s role requires hands-on technical knowledge and understanding of security tools, techniques, and procedures combined with the need to manage up, down, and across the organization. This summit is the perfect platform for leaders to share information, gain insight and develop next-level strategy. Information security executives from across the country will come together for 2 days of peer breakouts and networking to answer the toughest questions facing them today.

Global Security Exchange (Las Vegas, Nevada, USA, Sep 23 - 27, 2018) Global Security Exchange—formerly the ASIS Annual Seminar and Exhibits—delivers new opportunities to exchange key ideas and best practices, expand global connections, and experience innovations. The GSX education program led by ASIS, InfraGard, and ISSA subject matter experts consists of 300+ sessions, each designed to deliver valuable, actionable takeaways to help shape your security strategy—today and in the future.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listeners all over the world, companies trust the CyberWire to get the message out. Learn more.

Black Hat notes. Iran preps financially motivated state-sponsored cybercrime? US sanctions leveled against Russia.