The CyberWire Daily Briefing 8.17.18

Summary

By The CyberWire Staff

There are fresh signs of Chinese industrial espionage. Recorded Future late yesterday reported that much of the online spying is staged through Tsinghua University infrastructure. While looking into Chinese government cyber surveillance of Tibetan groups, the company observed what it called a "novel Linux backdoor," ext4, in use. Analysis of ext4 led the researchers to discover connection attempts to a compromised Tsinghua University CentOS server.

The operations run through university infrastructure served economic development as well as domestic security goals. Operators targeted Alaskan state government sites, including the Alaska Department of Natural Resources (Alaskan extraction industries are major exporters to China), UN Offices in Kenya and the Kenya Ports Authority, and German automotive manufacturer Daimler AG.

Other Chinese espionage campaigns independently reported have targeted Malaysian organizations.

The Intercept reports that a SNAFU on the part of both British and Canadian Governments have misconfigured project management software Trello in a way that exposed sensitive information.

Epic Games, makers of the wildly popular Fortnite, pulled their signature game from Google Play as a business move to avoid Google's thirty-percent cut of downloads—understandable, because that's a lot of Vbucks by any standard. Cybercriminals have noticed this, and are using bogus Fortnite download sites to spread various forms of malware. Google Play's walled garden may be more chain-link than moated stone enclosure, but it does afford some degree of protection. If you want to upgrade your skin from Recon Specialist to Whiteout, well, caveat emptor, and be sure you're downloading the genuine article.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, Canada, Chile, China, Germany, Israel, Russia, United Kingdom, and United States.

Don’t let threats SOC you where it counts.

Protecting your organization from an attack involves much more than the traditional “block & tackle” tactics of the past. A good boxer doesn’t just block the punch they see coming, they move against the next anticipated punch. The modern Security Operations Center (SOC) requires a combination of automation and human tradecraft to successfully repel the adversary. Learn more about the modern SOC in LookingGlass’ webinar featuring guest IDC, August 29 @ 2pm ET.

On the Podcast

In today's podcast we speak with Emily Wilson from our partners at Terbium Labs, who shares her experience of getting certified as a fraud examiner. Our guest is Marco Rubin from the Center for Innovative Technology who has thoughts on the security of UAVs and drones.

Sponsored Events

Cyber Security Summits: August 29 in Chicago & in NYC on September 25 (Chicago, Illinois, United States, August 29, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The NSA, Darktrace, CenturyLink and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com

IR18: Don’t Forget to Register for the first and only community-driven IR conference! Built by the community, for the community. (Arlington, Virginia, United States, September 5 - 6, 2018) IR18 is a conference for cybersecurity professionals to learn and develop playbooks to improve incident response processes. Receive 20+ hours of practical training on today’s best practices in IR topics, including 36 breakout sessions designed for all levels of experience.

Wombat Wisdom Conference, September 18 to 20, 2018, Pittsburgh, PA (Pittsburgh, Pennsylvania, United States, September 18 - 20, 2018) Gain expert insights for strengthening your security awareness program at the Wombat Wisdom Conference, Sept. 18-20, 2018. Ideal for CISOs and infosec professionals looking to share ideas and actionable concepts for improving security awareness and training.

5th Annual Cyber Security Conference for Executives (Baltimore, Maryland, United States, October 2, 2018) The 5th Annual Cyber Security Conference for Executives, hosted this year by The Johns Hopkins University Information Security Institute and Ankura, will be held on Tuesday, October 2nd, in Baltimore, Maryland. This year’s theme is cybersecurity compliance and regulatory trends, and the conference will feature discussions with thought leaders across a variety of sectors. Join the discussion and learn about current and emerging cyber security threats to organizations, and how executives can better protect their enterprises. To receive the early-bird rate, register now!

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

After Facebook, Hamas turns to Instagram to lure IDF soldiers, army says (Times of Israel) Military uncovers alleged plot to get troops to download spyware onto their phones, giving the Gaza-based terror group control over their cameras, audio recorders and location data

Chinese hackers targeted U.S. firms, government after trade mission: researchers (Reuters) Hackers operating from an elite Chinese university probed American companies and government departments for espionage opportunities following a U.S. trade delegation visit to China earlier this year, security researchers told Reuters.

Chinese Cyberespionage Originating From Tsinghua University Infrastructure (Recorded Future) Following research uncovering the Chinese RedAlpha campaigns, Insikt Group identifies a novel Linux backdoor deployed against the same Tibetan victim group.

British and Canadian Governments Accidentally Exposed Passwords and Security Plans to the Entire Internet (The Intercept) On Trello, a project management site, the governments posted credentials for servers and domain names and even some emails and code.

Four big targets in the cyber battle over the US ballot box (MIT Technology Review) Here’s where hackers could strike the 2018 midterm elections.

Russian Trolls Spread Baseless Conspiracy Theories Like Pizzagate And QAnon After The Election (BuzzFeed News) Less than two weeks after the first "Q" post appeared on 4chan, a Russia-backed troll account began amplifying the conspiracy theory on Twitter.

There is a massive hole in IoT security, says Avast researcher (Computing) Poorly-configured protocols are leaving whole networks open to attackers

Firefox Add-On With 220,000+ Installs Caught Collecting Users' Browsing History (BleepingComputer) A popular Firefox add-on is secretly logging users' browsing history, according to reports from the author of the uBlock Origin ad blocker and Mike Kuketz, a German privacy and security blogger.

Impostor 'Fortnite' Android Apps Are Already Spreading Malware (WIRED) New analysis from mobile security firm Lookout shows that malware authors are taking full advantage of 'Fortnite' ditching the Google Play Store.

Homebuyers routinely phished for credentials with real estate-related lures (Proofpoint) Proofpoint researchers track several phishing schemes using real estate lures designed to steal credentials from potential homebuyers.

Necurs botnet in new phishing attack on banks (Computing) Short lived campaign delivered FlawedAmmyy remote access Trojan via .pub and PDF files

Why phishing remains a critical cyber-attack vector (TechRepublic) Spear phishing emails targeting business users are so well-crafted they should be called "laser" phishing attacks, says Microsoft's Cybersecurity Field CTO Diana Kelley.

Security Patches, Mitigations, and Software Updates

Cisco patches three DoS-related flaws (SC Magazine) An email sent out to the social media management platform's users addressed three DDoS attack related flaws and provided a patch.

Patch Tuesday fallout: Bad docs, but so far no major problems (Computerworld) In spite of an enormous number of erroneous “known issues” warnings, this month’s crop of Windows and Office patches seems to fix most of the bugs in last month’s patches.

Technion team breaches Intel’s new security wall for processors (Times of Israel) Intel has already released patches to mitigate vulnerability of SGX, which is deployed in all Intel's recent processors

VMware Security Update Tackles Intel Spectre Variant Foreshadow (Computer Business Review) VMware has released a security update which includes mitigations for Foreshadow, Intel’s latest silicon security problem.

Cyber Trends

Baddies of the internet: It's all about dodgy mobile apps, they're so hot right now (Register) Report lift veil on online fraudsters' current habits

Ransomware: Racing From the Risk (Credit Union Times) A cybersecurity expert explains how ransomware relates to cyber insurance e-marketing and more.

Just 10% of UK Firms Have No Cyber Insurance (Infosecurity Magazine) Ovum report claims improvements across the board

Marketplace

Kaspersky rejects allegations of security threat (Budapest Business Journal) Russian antivirus software developer Kaspersky Lab has rejected all allegations of links to the Russian authorities, or that it represents a threat to national security. The company was responding to the Hungarian governmentʼs ban on the use of Kaspersky software on computers in public administration.

Google Employees Protest Secret Work on Censored Search Engine for China (New York Times) About 1,400 of the internet company’s employees have signed a letter demanding transparency, saying censored search results raise “urgent moral and ethical issues.”

Google CEO Tells Employees Company Isn’t Close to Launching Search Engine in China (Wall Street Journal) Google Chief Executive Officer Sundar Pichai defended to employees the internet giant’s controversial push to do more business in China but said the company is “not close to launching a search product” in the country.

Google Needs To Come Clean About Its Chinese Plans (Electronic Frontier Foundation) Eight years after Google initially took a stand against Internet censorship by exiting the Chinese search market, we are disappointed to learn the company has been secretly re-considering an extended collaboration with the massive censorship and surveillance-wielding state....

Google expands bug bounty program beyond security vulnerabilities to large-scale platform abuse methods (Android Police) Budding penetration testers are gaining new opportunity now that Google is opening expanding its bug bounty program to include platform abuse techniques.

Safe-T Announces Pricing of $7.335 Million Underwritten Public Offering (Nasdaq) Safe-T Group Ltd. ("Safe-T" or the "Company") (NASDAQ:SFET) (TASE:SAFE), a leading provider of software-defined access solutions for on-premises, mobile and the cloud, today announced the pricing of an underwritten public offering of 510,438 American Depositary Shares ("ADSs") at a price of $14.35 per ADS, Series A warrants to purchase up to 765,657 ADSs with an exercise price of $14.35 per ADS, and Series B warrants to purchase up to a maximum of 1,191,021 ADSs.

Comodo CA Buys Website Disaster Recovery Startup CodeGuard (CRN) The acquisition of CodeGuard will help Comodo CA customers with both malware identification and removal as well as dealing with a down or defaced website

EZShield Acquires IdentityForce (BusinessWire) EZShield, a portfolio company of The Wicks Group (

Thoma Bravo Completes Majority Investment in Centrify (Markets Insider) Thoma Bravo, a leading private equity investment firm, today announced that it has beco...

Cisco beats estimates with security, IoT push (CRN Australia) Cushioning sluggish demand in routers and switches.

Cisco’s $2.35 billion Duo acquisition front and center at earnings call (TechCrunch) When Cisco bought Ann Arbor, Michigan security company, Duo for a whopping $2.35 billion earlier this month, it showed the growing value of security and security startups in the view of traditional tech companies like Cisco. In yesterday’s earnings report, even before the ink had dried on the…

Chinook Formally Announces its CyberCx™ Division and Taps Cyber Expert to Lead Company’s Cybersecurity Commissioning Services and Technology Solutions (GlobeNewswire News Room) Chinook Systems, Inc. (Chinook), an interdisciplinary facilities engineering firm and cyber integrated commissioning services provider for mission critical facilities, formally announces its CyberCx™ division and hires Gabriel Daniels, MSc, CASP, CEH, ITIL V3, SAFe to lead the division as the Cybersecurity Program Manager.

3 Well-Financed Startups Aspire To Displace Splunk (Forbes) Splunk's market capitalization of $15 billion values it at nearly 12 times sales. It targets a $4.5 billion market and is growing at over 30%. But three well-financed startups say they're eating Splunk's lunch. Will that be reflected in its second quarter report next week?

Sidestepping the sensationalism – Do cyber security incidents really impact valuations? (Hedgeweek) 2016 was an interesting year for those interested in the impact of Cyber Security incidents on asset valuations. USD350 million (7.2 per cent) was wiped off Yahoo’s purchase price after it disclosed several Cyber Security incidents during its acquisition by Verizon.

Tufin moves into new Fairlawn site, expects to add staff (Crain's Cleveland Business) The global cybersecurity firm needs more space to accommodate growth, as it hopes the office will employee up to 60 people by the end of 2019. Tufin expects to make the Fairlawn site its hub for inside sales, along with housing tech services workers and other professional support employees.

Shepherd Named to NERC CIP Guidelines and Technical Review Team (Gannett Fleming) L. Chris Shepherd, PMP, CVI, Gannett Fleming’s director of information and critical infrastructure security, was appointed to the North American Electric Reliability Corporation (NERC) Cyber Security – Critical Infrastructure Protection (CIP) Guidelines and Technical Basis...

Duo Sales Leader Departs For Startup Following Cisco Acquisition Bid (CRN) Jason Stutt helped grow Duo Security’s Americas sales from just $3 million to more than $75 million during his three years at the company, and hope to duplicate a similar outcome at startup Luminate Security.

Products, Services, and Solutions

TrueVault Launches First Data Security Solution Completely Focused on Protecting Personally Identifiable Information (GlobeNewswire News Room) New platform decouples consumer identity from consumer behavior data to eliminate data security risks and ensure compliance

Spectre checker keeps up with the latest exploits (Software Integrity) The Synopsys Software Integrity Group has released a Spectre checker (AUDIT.SPECULATIVE_EXECUTION_DATA_LEAK) that helps developers identify vulnerable code to be able to protect against the attack. This increases protection against Spectre without the performance cost of completely forgoing speculative execution.

Kaspersky releases Security Cloud Free... and it's very basic (BetaNews) Microsoft appears keen to encourage people to use the latest Windows Defender and, frankly, it’s a more-than-adequate security tool. You’re missing some of the features you’ll find in a paid security suite, such as a VPN or 'safe money' but do you really need those features?

ProtonMail's open source encryption library, OpenPGPjs, passes independent audit (Neowin) ProtonMail's OpenPGPjs encryption library has just received a positive audit from the security firm Cure53. The auditor said there were no major issues and that it was only limited by JavaScript.

Fortinet vs Palo Alto Networks: Top NGFWs Compared (eSecurity Planet) An analysis of the strengths and weaknesses of Fortinet's and Palo Alto's next-generation firewall offerings.

Technologies, Techniques, and Standards

More U.S. states deploy technology to track election hacking attempts (Reuters) A majority of U.S. states has adopted technology that allows the federal government to see inside state computer systems managing voter data or voting devices in order to root out hackers.

U.S. states demand better access to secrets about election cyber... (Reuters) U.S. state election officials are demanding better access to sometimes classified federal government information about hacking threats to voting systems.

What has really been learned since Stuxnet about protecting control systems (Control Global) There needs to be safety assessments before new capabilities/features are added to control systems, particularly those with no cyber security capabilities.

3 Lessons Learned from the LifeLock Bug (PRWeb) A NYC area IT consultant and MSP discusses the lessons learned from a recent security breach at LifeLock, a technology company that provides identity theft p

How to Perform Manual Ransomware Removal (Security Boulevard) Ransomware has exploded in popularity in recent years. In this blog post, we take an in-depth look at how to manually remove ransomware from your system.blo The post How to Perform Manual Ransomware Removal appeared first on Emsisoft | Security Blog.

Design and Innovation

Facebook Awards $200,000 to 2018 Internet Defense Prize Winners (Facebook Research) Today we awarded $200,000 in total to the top three winners of the Internet Defense Prize. The award ceremony at the 27th USENIX Security Symposium in Baltimore, MD is the fifth annual iteration of the award, and it has grown over time. When we created this in 2014, in partnership with USENIX, we awarded $50,000…

Academia

Confucius Institute closes at US university amid influence concerns (South China Morning Post) Senator Marco Rubio has been among US lawmakers warning that the Confucius Institute was an effort by China to expand its political influence abroad

Federal agencies name Liberty a Center of Academic Excellence in cyber education (Liberty University) Liberty University’s Center for Cyber Excellence has been formally recognized by the National Security Agency (NSA) and the Department of Homeland Security (DHS) as a National Center of Academic Excellence in Cyber Defense Education (CAE-CDE). ......

Angelo State University Signs Agreement with National Security Agency (San Angelo LIVE!) ASU and NCS administrators signed an articulation agreement Thursday that will allow NSA employees to transfer their NCS credits into seven different undergraduate and graduate degree and certificate programs offered through ASU’s Kay Bailey Hutchison Center for Security Studies (CSS).

Legislation, Policy and Regulation

US and Chile agree to cooperate on cyber security (AP News) U.S. Defense Secretary Jim Mattis and his Chilean counterpart have signed an agreement pledging closer cooperation in combating cyber threats.

The start of new rules for autonomous weapons (C4ISRNET) In preparation for a summit on laws of war governing lethal autonomous machines, the UK outlined the steps at which human control can be baked into the design process.

U.S. Intelligence Should Embrace Sasse’s Cyber Solarium Commission (War on the Rocks) Busy officials in the Defense Department and the Office of the Director of National Intelligence could be forgiven for reacting to provisions in the

NotPetya malware attack: Chaos but not cyber warfare (ZDNet) While the Russian military-run cyber attack was economically damaging, it doesn't cross the threshold into warfare, claims report by Marsh.

Battlefield Internet (Foreign Affairs) The U.S government needs to play a more assertive role in protecting the public from digital threats, just as it protects it from conventional ones.

Analysis | The Cybersecurity 202: Trump just gave the military a lot more leeway to launch cyber operations (Washington Post) But this could complicate the government's other efforts to respond to threats.

Trump sparks speculation after repealing cyber attack restraints (ComputerWeekly) The US president has sparked speculation about US policy on launching cyber attacks by repealing Obama-era restraints, underlining the need for international rules on cyber warfare

Trump has scrapped a 2012 policy on when to attack in cyberspace (Fifth Domain) The Trump administration kicked off a new era of government cyber operations by “rescinding” a presidential directive that had restricted offensive capabilities, an administration official told Fifth Domain, but experts warned the move would not be sufficient in detering state-based hacking.

How Democracies Can Fight Authoritarian Sharp Power (Foreign Affairs) Policymakers within democracies need to grapple with the challenge of repelling outside influence while upholding essential democratic values.

Enhancing Australia’s cyberspace resilience (Defence Connect) The Commonwealth Government has officially launched the nation's new Cyber Security Centre in Canberra, which aims to boost the nation's defensive and offensive cyber capabilities.

Australian gov’t wants to force tech firms to weaken crypto (Ars Technica) "We can't afford to give terrorists and paedophiles a place to hide," MP says.

‘Grave concern’ over encryption (InnovationsAus.com) The boss of Prime Minister Malcolm Turnbull’s favourite secure messaging app has “grave concerns” about the government’s recently revealed anti-encryption bill, which he says “largely neglects” its impact on digital security around the world.

Australian Cyber Security Centre gets new Canberra office (ARN) The Federal Government has opened the Australian Cyber Security Centre new headquarters in Canberra, a purpose-built facility at the heart of the capital.

Protecting America's Technology Industry From China (Foreign Affairs) Washington needs a grand strategy to protect U.S. high-tech companies from China.

Mandatory Standards are Critical to Protecting US Elections (Atlantic Council) Despite US Congressional efforts to modernize and secure election system infrastructure across the country, beginning in 2002 with the Help America Vote Act (HAVA) and emergence of the Election Assistance Commission (EAC), Russian government...

For help with election hacking, states call the National Guard (C4ISRNET) States' governors have recently asked the National Guard to help out with election security events.

‘Weaponized Ad Technology’: Facebook’s Moneymaker Gets a Critical Eye (New York Times) Facebook gives political campaigns the ability to tailor ads to as few as 20 people. Critics say the technique can polarize and manipulate voters.

Law Formalizes Export Control Rules (Wall Street Journal) The Export Control Act, signed into law this week by President Trump as part of annual national defense policy legislation, codified existing rules authorizing the Commerce Department's role in controlling certain exports involving sensitive technology.

Litigation, Investigation, and Enforcement

Kaspersky Appeal Hurtles Toward Courtroom Arguments (Nextgov.com) Lawyers for the government and the Russian anti-virus company have filed their last briefs before arguing before a judicial panel in September.

Pai tells Senate panel that FCC’s inspector general asked him to keep mum during cyberattack investigation (Washington Post) The FCC chairman said he relied on the agency’s chief information officer in claiming that the FCC had suffered a cyberattack last year — even though he suspected that this wasn’t the case.

Analysis | Has Russia hacked into Florida’s election system? There is no evidence. (Washington Post) Sen. Bill Nelson (D-Fla.) insists that Russia has breached Florida's election systems and could wipe out voter registration records. But there's no evidence to back him up.

Lawsuit forces Delaware to release details on voting machine bids (delawareonline) Delaware is now in contract talks with one of the seven vendors, but will not reveal which one.

Trump gears up to strip more clearances from officials tied to Russia investigation (Washington Post) The president has fired or threatened nearly a dozen current and former officials connected to the investigation he labels a “rigged witch hunt.”

Brennan says Trump’s claims of no collusion with Russia are ‘hogwash’ (Washington Post) The former CIA director fired back at the president in an op-ed published the day after he was stripped of his security clearance.

Brennan: Trump worked with Russians and now he’s desperate (Military Times) Former CIA Director John Brennan said Thursday that President Donald Trump yanked his security clearance because his campaign colluded with the Russians to sway the 2016 election and is now desperate to end the special counsel’s investigation.

Analysis | Trump blurts out another Lester Holt moment (Washington Post) In an interview with the Wall Street Journal, Trump admitted he revoked John Brennan's security clearance because of the Russia investigation.

Cryptocurrency Entrepreneur and Investor Michael Terpin Sues “Too Big to Care” AT&T for Permitting $23.8 Million Theft in “SIM Swap” Scam by Authorized Agent (GlobeNewswire News Room) Terpin Also Seeks $200 Million in Punitive Damages as AT&T Alleged to Tolerate Insider Criminal Activity in Recent Arrests of SIM Swap Criminal Gangs

Symantec Provides Key Intelligence to FBI for 74 Cybercriminal Arrests (Symantec) Alleged Fraudsters Arrested in The United States and Abroad for Business Email Compromise Schemes

Whistleblower accuses Tesla of spying on employees at Gigafactory... (Reuters) An employee fired from Tesla Inc's Nevada battery factory filed a whistleblower complaint with the U.S. Securities and Exchange Commission, accusing the company of spying on employees and failing to act after learning that a Mexican cartel may be dealing drugs inside the plant, his attorney said on Thursday.

Romance scam victim allegedly plotted to kill her mother for cash (Naked Security) An identity theft online dating scam led police to uncover texts that detailed the murder-for-hire plot.

Melbourne teen hacked into Apple's secure computer network, court told (The Age) A Melbourne private schoolboy who repeatedly broke into Apple’s secure computer systems is facing criminal charges after the technology giant called in the FBI.

Apple gets cored: 90GB of ‘secure files’ stolen by high schooler (Naked Security) An Aussie high schooler pleaded guilty on Thursday to hacking Apple servers multiple times.

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

SecureWorld Bay Area (Santa Clara, California, USA, August 21, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

upcoming Events

The Air Force Information Technology & Cyberpower Conference (Montgomery, Alabama, USA, August 27 - 29, 2018) As the premiere Air Force cyber security annual event, the Air Force Information Technology & Cyberpower Conference (AFITC) returns to Montgomery, Alabama in August of 2018. As a critical intersection of Air Force IT experts, prominent IT academics, and some of America’s top cyber security companies, the AFITC offers a full of slate events and activities, with 3 days of speakers, expanded education/training opportunities, and an exhibitor-driven trade show that all revolves around the ways we can better defend America from cyber-attacks, advanced persistent threats, and proactively lead in this in this increasingly digital world.

The Cyber Security Summit: Chicago (Chicago, Illinois, USA, August 29, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts. Learn from cyber security thought leaders and Engage in panel discussions focusing on trending cyber topics such as Sr. Leadership’s Best Approach to Cyber Defense, What’s Your Strategic Incident Response Plan?, Protecting your Enterprise from the Human Element and more. Your registration includes a catered breakfast, lunch, and cocktail reception. Receive half off your admission with promo code cyberwire50 at CyberSummitUSA.com and view details including the full agenda, participating solution providers & confirmed speakers. Tickets are normally $350, but only $175 with promo code.

Intelligence & National Security Summit (National Harbor, Maryland, USA, September 4 - 5, 2018) The Intelligence & National Security Summit is the premier forum for unclassified, public dialogue between the U.S. Government and its partners in the private and academic sectors. The 2018 Summit will include five plenary sessions, where senior leaders from the intelligence and national security communities will discuss top priorities, challenges, and assessments of key threats, as well as nine breakout sessions that will examine issues of vital importance to our national wellbeing and the readiness of the intelligence and national security workforce.

Cyber Resilience & Infosec Conference (Abu Dhabi, UAE, September 5 - 6, 2018) Interact with the top-notch cyber security specialists, learn new strategies and protect your company's future efficiently

9th Annual Billington CyberSecurity Summit (Washington, DC, USA, September 6, 2018) The mission of Billington CyberSecurity is to bring together thought leaders from all sectors to examine the state of cybersecurity and highlight ways to enhance best practices and strengthen cyber defenses within government and the private sector. This year's summit, like the previous eight, will bring together leaders from government and industry for a comprehenive look at the challenges of cybersecurity.

SecureWorld Twin Cities (Minneapolis, Minnesota, USA, September 6, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

CornCon IV: Quad Cities Cybersecurity Conference & Kids' Hacker Camp (Davenport, Iowa, USA, September 7 - 8, 2018) CornCon is a 2-day conference held in Davenport, Iowa including a professional development workshop on Friday and a full-day cybersecurity conference on Saturday. The workshop covers enterprise risk, privacy and security. The conference has a keynote track with top international speakers, and a technical track with cutting edge exploits, demos and presentations. There will be a hacker village, vendor expo, contests, t-shirts, food drinks and a great after party. There is also a Saturday kids' hacker camp running alongside the conference. "A little DEFCON in a corn field!"

2018 International Information Sharing Conference (Tysons Corner, Virginia, USA, September 11 - 12, 2018) Join representatives from fellow information sharing groups with all levels of expertise, security practitioners, major technology innovators, and well-established cybersecurity organizations, as they come together to discuss the impact ISAOs have had on the nation’s security, share lessons learned, and discover the latest in cybersecurity policy. Attendees will gain the knowledge needed to learn how to improve information sharing with keynote addresses by industry experts, senior government, and international thought leaders, presentations on key topics and panel discussions of interest to the Information Sharing community, technology demonstrations from service providers and vendors addressing information sharing challenges. There will be many networking opportunities and exhibits.

SecureWorld Detroit (Detroit, MIchigan, USA, September 12 - 13, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

FutureTech Expo (Dallas, Texas, USA, September 14 - 16, 2018) With over 2,000 expected attendees, 70 top-notch speakers and 100+ exhibitors from the Blockchain & Bitcoin, Artificial Intelligence, Cyber Security / Hacking, Quantum Computing, 3D Printing, and Virtual / Augmented Reality worlds, and talks from ICOs and blockchain startups and more, this Expo is going to be a diverse, wonderful, and potentially profitable experience for all who attend.

Insider Threat Program Development-Management Training Course (San Antonio, Texas, USA, September 17 - 18, 2018) Insider Threat Defense will hold its highly sought-after Insider Threat Program Development-Management Training Course, in San Antonio, Texas, on September 17-18, 2018. This two-day training course will provide the Insider Threat Program (ITP) Manager, Facility Security Officer, and others (CIO, CSO, CISO, Human Resources, IT, Network Security, Etc.) supporting an ITP, with the knowledge and resources (Templates, Checklits, Etc.) to develop, manage, or enhance an ITP. This training covers, and goes beyond compliance regulations for an ITP (National Insider Threat Policy, NISPOM Conforming Change 2). Insider Threat Defense is one of the few ITP training vendors to offer a guarantee with their training. Insider Threat Defense has provided training and services (In Over 14 U.S. States) to an impressive list of 540+business-organizations / 680+ security professionals.

International Consortium of Minority Cybersecurity Professionals (ICMCP) 3rd Annual National Conference (Atlanta, Georgia, USA, September 17 - 19, 2018) The International Consortium of Minority Cybersecurity Professionals (ICMCP) 3rd Annual National Conference continues to elevate the national dialogue on the very necessary strategic, tactical and operational imperatives needed to attract and develop minority cybersecurity practitioners. By providing a combination of thought leadership, awareness and engagement, the 3rd Annual National Conference will seek to break from the norm of day-long sessions of talking-heads through interactive “decode sessions” intended to include conference attendees in helping to devise innovative strategies to tackling cybersecurity’s diversity challenges.

Air Space & Cyber Conference (National Harbor, Maryland, USA, September 17 - 19, 2018) Gain new insights and skills to advance your career. Be among the first to see the latest innovations in airpower, space, and cyber capabilities all the while bonding with your fellow Airmen. Inspiring addresses from recognized leaders in your Air Force will give you drive for taking your career to the next level. You can do all of this and more at AFA’s annual Air, Space & Cyber Conference (ASC).

Global Cybersecurity Innovation Summit (London, England, UK, September 18 - 19, 2018) Advancing global collaboration and innovation. SINET – London creates a forum to build and maintain international relationships required to foster vital information sharing, broad awareness and the adoption of innovative Cybersecurity technologies.

SecureWorld St. Louis (St. Louis, Missouri, USA, September 18 - 19, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

5th Annual Industrial Control Cyber Security USA (Sacramento, California, USA, September 18 - 19, 2018) Now in its 5th year, this two day executive forum will include presentations, roundtable working groups and panel sessions. Together we will address the escalating cyber risk and resilience challenges associated with the adoption and convergence of operational technologies in enterprise facing architecture. Practitioners will gain further insight into how to best respond to evolving cyber threats, the importance of effective risk management throughout the industrial control supply chain, innovations in detection and mitigation, configuration management and how can we incorporate resilience into critical control system components and business process.

Security in our Connected World (Beijing, China, September 19, 2018) This year’s seminar will not only examine critical security technologies, such as the Trusted Execution Environment (TEE) and Secure Element (SE), but will also delve into their associated business and technical use cases, to explore more deeply the need for security in our connected world. Timely and relevant seminar topics to include a focus on the Internet-of-Things (consumer, industrial and enterprise), identification and authentication, payment and value-added services, premium content protection, device trust, and certification. And, as always, delegates will be able to witness ‘real world’ solutions from our sponsoring/exhibiting member organizations.

Detect 18 (National Harbor, Maryland, USA, September 19 - 21, 2018) Detect '18 is the single largest conference dedicated to threat intelligence. This year we're calling on fellow "Threatbusters" to wage a high-tech battle against apparitions (aka bad actors) and learn how to better save the world from cyber destruction! At Detect '18 you will be able to: immerse yourself in 30+ hours of education and training; chooose from 30+ breakout sessions designed for every experience level; listen to peer presentations highlighting real-world issues and solutions; network, network, network with your peers in a social setting; and earn CPE Credits to keep your credential current.

Cyber Beacon (Washington, DC, USA, September 20, 2018) Cyber Beacon is the flagship event of the National Defense University's College of Information and Cyberspace (NDU CIC). The conference brings together cyber experts from across the national security community, private sector, and academia to discuss the most pressing problem sets concerning cyberspace and national security. This year's theme is "decision making in cyberspace". Cyber Beacon V will be held on Wednesday 19 and Thursday 20 September 2018 at the NDU campus on Fort McNair in Washington, DC.

IT Security Leadership Exchange (Phoenix, Arizona, USA, September 23 - 25, 2018) IT Security Leadership Exchange is an invitation-only, strategic business summit that gathers Chief Information Security Officers (CISOs), senior decision-makers, and industry experts to address the unique needs and current challenges faced by enterprise cyber security leaders. A CISO’s role requires hands-on technical knowledge and understanding of security tools, techniques, and procedures combined with the need to manage up, down, and across the organization. This summit is the perfect platform for leaders to share information, gain insight and develop next-level strategy. Information security executives from across the country will come together for 2 days of peer breakouts and networking to answer the toughest questions facing them today.

Global Security Exchange (Las Vegas, Nevada, USA, September 23 - 27, 2018) Global Security Exchange—formerly the ASIS Annual Seminar and Exhibits—delivers new opportunities to exchange key ideas and best practices, expand global connections, and experience innovations. The GSX education program led by ASIS, InfraGard, and ISSA subject matter experts consists of 300+ sessions, each designed to deliver valuable, actionable takeaways to help shape your security strategy—today and in the future.

Merging of Cyber Criminal and Nation State Techniques: A Look at the Lazarus Group (Loudon, Virginia, USA, September 24, 2018) This presentation on North Korea's Lazarus Group as a case study of the convergence of organized cyber crime and nation-state intelligence services will be led by Allan Liska, a solutions architect at Recorded Future. Allan has more than 15 years experience in information security and has worked as both a blue teamer and a red teamer for the intelligence community and the private sector. Allan has helped countless organizations improve their security posture using more effective and integrated intelligence. He is the author of The Practice of Network Security, Building an Intelligence-Led Security Program, and Securing NTP: A Quickstart Guide and the co-author of DNS Security: Defending the Domain Name System and Ransomware: Defending Against Digital Extortion.

Connect Security World 2018 (Marseilles, France, September 24 - 26, 2018) While the number of IoT devices predicted by 2020 varies within tens of billions, all analysts agree that security is now the top concern of organizations looking at deploying IoT solutions. To address the unlimited risks surrounding billions connected “things”, Connect Security World 2018 unites Digital Security experts and IoT developers to securely develop, deploy and manage devices & services at IoT scale. In its 7th edition, this technical conference will cover the latest secure technologies stemming from cryptography to strategies and methods to minimize risks and enable successful implementations of end-to-end security – knowing that security is never perfect and no unique security solution (HW, SW…) can fit all levels of protection.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

Chinese espionage used university infrastructure. UK, Canada, may have botched Trello implementation. Fortnite and malware.