The CyberWire Daily Briefing 8.20.18

Summary

By The CyberWire Staff

Trend Micro, seconded by Qihoo 360, reports that North Korean operators are exploiting a vulnerability in the VBScript engine to compromise targets in Pyongyang's DarkHotel campaign. DarkHotel is related to DarkSeoul, and thence to the 2014 Sony Pictures hack.

Researchers at Proofpoint warn against a new malware strain, "Marap," which is being distributed in a large spam campaign run through the Necurs botnet. Marap is a malware dropper. The current campaign seems directed largely against the financial sector.

Two interesting proofs-of-concept have been reported. Researchers at Secarma describe a PHP exploit usable against content management systems. And Georgia Tech researchers demonstrate a new side-channel attack that can extract encryption keys from mobile devices.

Industry seems not to be buying the Australian government's contention that the country's new cybersecurity regulations won't amount to the equivalent of mandatory backdoors.

Dissatisfied with voluntary moderation, the EU is preparing anti-terror measures that will require social networks to yank radical content within an hour of notification.

Russia appears likely to continue its attempt to influence US elections, as the Atlantic Council and others warn. US National Security Advisor Bolton says it's not just Russia, either—the other three members of the Familiar Four (China, Iran, and North Korea) are interested in elections, too. Techniques vary. Russia favors media amplification of disruptive memes, China seeking influence through think tanks and universities, and Iran and North Korea probably building on past hacking successes.

Smart cars know lots about their drivers, and companies want to monetize those data.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, China, European Union, India, Iran, Democratic Peoples Republic of Korea, Republic of Korea, New Zealand, Rumania, Russia, United Kingdom, United States

Don’t let threats SOC you where it counts.

Protecting your organization from an attack involves much more than the traditional “block & tackle” tactics of the past. A good boxer doesn’t just block the punch they see coming, they move against the next anticipated punch. The modern Security Operations Center (SOC) requires a combination of automation and human tradecraft to successfully repel the adversary. Learn more about the modern SOC in LookingGlass’ webinar featuring guest IDC, August 29 @ 2pm ET.

On the Podcast

In today's podcast we speak with our partners at Dragos, as Robert M. Lee talks about whether some forms of energy are inherently more susceptible to disruption by cyberattack than others, and about whether "cyberattacks" are often invoked in a way that renders the discussion a distraction.

Sponsored Events

Cyber Security Summits: August 29 in Chicago & in NYC on September 25 (Chicago, Illinois, United States, August 29, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The NSA, Darktrace, CenturyLink and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com

IR18: Don’t Forget to Register for the first and only community-driven IR conference! Built by the community, for the community. (Arlington, Virginia, United States, September 5 - 6, 2018) IR18 is a conference for cybersecurity professionals to learn and develop playbooks to improve incident response processes. Receive 20+ hours of practical training on today’s best practices in IR topics, including 36 breakout sessions designed for all levels of experience.

Rapid Prototyping Event: The Chameleon and the Snake (Columbia, Maryland, United States, September 17 - 20, 2018) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Protoyping Event that specifically targets malware signature diversity and signature measurement for Microsoft Windows in a simulated operational environment at a realistic pace. Join us September 17-20, 2018 at UMBC Training Center in Columbia, MD.

5th Annual Cyber Security Conference for Executives (Baltimore, Maryland, United States, October 2, 2018) The 5th Annual Cyber Security Conference for Executives, hosted this year by The Johns Hopkins University Information Security Institute and Ankura, will be held on Tuesday, October 2nd, in Baltimore, Maryland. This year’s theme is cybersecurity compliance and regulatory trends, and the conference will feature discussions with thought leaders across a variety of sectors. Join the discussion and learn about current and emerging cyber security threats to organizations, and how executives can better protect their enterprises. To receive the early-bird rate, register now!

Dragos Industrial Security Conference (DISC) 11/5/18 (Hanover, Maryland, United States, November 5, 2018) Reserve your spot now for the Dragos Industrial Security Conference (DISC) on November 5th, 2018. DISC is a free, annual event for our customers, partners, and those from the ICS asset community. Visit https://dragos.com/disc/ for more information.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

We Regret to Inform You That Russia Is (Probably) At It Again (Defense One) For Putin and company, election season in America is open season for meddling.

Bolton says four foreign adversaries may try to interfere in U.S. midterms (Washington Post) U.S. officials are concerned not only about Russia, but also Iran, China and North Korea. Bolton also said Secretary of State Mike Pompeo will go to Pyongyang “soon.”

'China's MIT' Linked to Espionage Campaign Against Alaska, Economic Partners (Threatpost) The targets were scanned millions of times, and are all in some way linked to China's ongoing economic development activities, according to Recorded Future.

China is hacking the same countries is trades with (Fifth Domain) The Chinese government is matching its aggressive cyber skills with an ambitious Belt and Road Initiative.

In fight against ISIS’s propaganda machine, raids and online trench warfare (Washington Post) Targeted in police action, ISIS’s news agency ‘went down fast,’ but it came back again and again.

Researchers Find New Fast-Acting Side-Channel Vulnerability (Dark Reading) A group of researchers from Georgia Tech have discovered a method for pulling encryption keys from mobile devices without ever touching the phones, themselves.

Severe PHP Exploit Threatens Wordpress Sites with Remote Code Execution (Threatpost) The issue impacts several content management systems, including Typo3 and WordPress, as well as widely-used PDF generation library TCPDF.

Zero-Day In Microsoft's VBScript Engine Used By Darkhotel APT (BleepingComputer) A vulnerability in the VBScript engine has been used by hackers working for North Korea to compromise systems targeted by the Darkhotel operation.

Necurs Botnet Pushing New Marap Malware (BleepingComputer) Security researchers from Proofpoint have discovered a new malware strain that they named Marap and which is currently distributed via massive waves of spam emails carrying malicious attachments (malspam).

Highly Flexible Marap Malware Enters the Financial Scene (Threatpost) A new downloader, which has been spotted in an array of recent email campaigns, uses anti-analysis techniques and calls in a system fingerprinting module.

New AZORult variant being used by hacker Oktropys to spread Aurora ransomware (Cyware) A new variant of the AZORult data-stealing malware has been discovered in a new phishing campaign, targeting computers across the globe. The malware is being used by a malware actor (MalActor) called Oktropys to spread the Aurora ransomware.

Rotten EGGs spread ransomware in South Korea (Graham Cluley) Researchers report that online criminals are spamming out ransomware to potential victims in South Korea disguised as.… .EGGs.

Smart homes can be easily hacked via unsecured MQTT servers (Help Net Security) The Internet of Things is full of security holes, and the latest one has been pointed out by Avast researcher Martin Hron: unsecured MQTT servers.

Cybercriminals Shift to More Private Cryptocurrencies (BankInfo Security) Cybercrime investigators will face increasing difficulties if bad actors being accepting more privacy-centric cryptocurrencies rather than bitcoin, says Andrei

SRI: Many Romanian banks under cyber attack this summer (Business Review) The Romanian Intelligence Service (SRI) announced that its cyberintelligence unit, the Cyberint National Center (CNC), possesses certain data and

Customers on front line of defense to prevent ATM cash-out heists worth millions (USA TODAY) Consumers can help prevent cybercriminals from committing multi-faceted heists called ATM cash-outs, where thieves simultaneously withdraw millions from scores of banks.

SuperProf private tutor site massively fails password test, makes accounts super easy to hack (Graham Cluley) Superprof, which claims to be “the world’s largest tutoring network”, has made its newest members’ passwords utterly predictable… leaving them wide open to hackers.

Maine college says malware may have exposed personal data (AP News) Eastern Maine Community College in Bangor is warning of a possible data breach that could've exposed current and former staff and students.

Don't sleep on laptop security, safeguard your data (Help Net Security) You should think about laptop sleep security. Simply shutting the lid and putting the laptop into sleep mode can leave it vulnerable to cyber-attacks.

The Curious Case of a Revolutionary (But Imaginary?) Superconductor (WIRED) If the unconfirmed claims of a room temperature superconductor are real, this is bonkers.

Security Patches, Mitigations, and Software Updates

2 undocumented patches from Microsoft may solve the 1803 TLS 1.2 blocking problem (Computerworld) Earlier this week, Microsoft announced that it wouldn’t push Win10 1803 upgrades onto 1709 machines if the machine has a .Net app (such as QuickBooks Desktop) that relies on TLS 1.2 security. Now it looks as if there’s a fix — but there’s no documentation.

Google Starts Pushing Confidential Mode to All Gmail Users: Here’s How to Turn On (Telecom Talk) In its most significant revamp ever, Gmail introduced a host of new features to the people’s favourite email client a few months back. Notably, Google added a lot of features to the new Gmail some …

Cyber Trends

BlueApache: New regulations will drive big security investments (CRN Australia) With technology general manager Michael Zuppa.

Why are massive data breaches still occurring? (CRN) Cybersecurity specialists claim that some generalist VARs are failing their customers

Cyber is the new front line in modern economic warfare (Global Banking and Finance Review) The challenge from underground activists, organised criminals, state-sponsored actors and have-a-go hackers is gargantuan. When your enemy has a global recruitingground, fast-evolving weaponry and the abilit

British watchdog says cryptocurrency scams on the rise (Reuters) Cryptocurrency scams are using images of celebrities and upmarket London addresses to hoodwink consumers into parting with cash, Britain's Financial Conduct Authority has said.

Ever Wondered Why Governments Tend to Bully Cryptocurrencies? (CoinCentral) Many governments loathe cryptocurrencies. From strict regulations to bullying statements, find out why.

Marketplace

Cybersecurity Training Sees Flood Of M&A (Forbes) Companies play catch-up with employee education after big spending on IT solutions.

Guest Column: Augusta should be mindful of 'charlatans' as cyber industry booms (The Augusta Chronicle) The completion of the Augusta Canal in 1847 ignited this city's industrial revolution. The mills and industries that sprung up along the waterway quickly

Google Executives Misled Staff in Meeting on China Censorship. Here Are 13 Questions They Must Answer. (The Intercept) Co-founder Sergey Brin said he didn’t know about the China plans, which CEO Sundar Pichai said are “in an exploration stage” — despite previous reports.

Thales, Gemalto Make Progress On Regulatory Front Ahead of Merget (Mobile ID World) Thales and Gemalto are reporting progress in their efforts to secure regulatory approval for their proposed merger. The companies have announced...

Shiver me timbers: Symantec spots activist investor Starboard side (Register) Time for cyber-security firm to pull up the baggywrinkle?

Carbon Black channel chief Marco Corrent opens up about security vendor's Australian strategy (CRN Australia) Vendor operates 100 percent through the channel.

Hilltop Cybersecurity Announces a New CISO (GlobeNewswire) Hilltop Cybersecurity Inc, ("Hilltop" or the "Company") (CSE:CYBX) (OTC:BGGWF), is pleased to announce Pete Herzog as the new CISO (Chief Information Security Officer).

Products, Services, and Solutions

Hackers beware: These stealthy cybersecurity hunters speak your slang (Fast Company) Recorded Future, which recently made news for spotting military docs on the dark web, talks about how it scours hacker forums to hunt for threats.

ESET Launches EDR, Threat Hunting Enterprise Cyber-Security Tools (eWEEK) ESET is expanding its enterprise offering with a series of new technologies that provide EDR, threat hunting, sandbox and management capabilities.

Thycotic is First to Make Least Privilege and Application Control Simple to Deploy, Manage and Analyze at Enterprise Scale (PRNewswire) Newest Privilege Manager Capabilities Enable Massive Scale While Saving Time and Resources

Technologies, Techniques, and Standards

Why you should follow the 1-10-60 rule of cybersecurity (Fifth Domain) Agencies that follow this 1-10-60 rule are much more likely to eradicate the adversary before a cyberattack leaves its initial entry point.

DHS Asks Industry’s Help in Major Supply Chain Security Upgrade (Nextgov.com) The department wants industry’s input on how to detect malicious and counterfeit tech in the government’s supply chain.

How to inoculate the tech herd from IoT cyber-infections (TechRepublic) We invite insecurity and hacking, says Scythe CEO Bryson Bort, by pushing millions of insecure IoT devices into the environment.

Under threat: How Hawaii's electric utilities deal with cyberattacks (Pacific Business News) Hawaiian Electric said that in the last quarter alone it blocked over 26 million different attempts to penetrate its various security layers.

Cyber security of control systems is not well understood even by the FBI (Control Global) Many of the unique issues of cyber security of control systems is not well understood even by the FBI.

ROI at Hacker Inc.: How They Make Money, and How To Change the Equation (CSO) Business is good for hackers. By 2021, according to researchers, returns will have doubled – gaining them $6 trillion, up from $3 trillion in 2015, all coming from the companies they rip off.

Lessons Learned at DEF CON 26 (eSecurity Planet) Some key security takeaways from the world's largest hacker conference.

The Economics of AI-Enabled Security (Dark Reading) While AI greatly enhances security, Securonix CTO Tanuj Gulati points out the need for predictable cost models that insulate SOCs from the variables of massive data volume and intense real-time processing.

Filtering the Threat Intelligence Tsunami (Dark Reading) Reversing Labs CEO Mario Vuksan contends that SOCs are overwhelmed by global threat intelligence, and can benefit more from a targeted pull model that focuses on YARA-type binary pattern matching.

Threat Analyst Insights: How to Avoid Drowning in a Sea of Cybersecurity News (Recorded Future) Staying on top of constant cyber news can be a challenge for security professionals, but it can be made easier by simply asking the right questions.

Corporate pre-crime: The ethics of using AI to identify future insider threats (CSO Online) Remember “Minority Report”? Artificial intelligence can spot employee behavior that suggests a future risk. Here’s how to use that data ethically and effectively.

Schools Are Mining Students' Social Media Posts for Signs of Trouble (WIRED) But should they?

How to Protect Yourself Against a SIM Swap Attack (WIRED) Your phone number is increasingly tied to your online identity. You need to do everything possible to protect it.

Design and Innovation

Meet the Man With a Radical Plan for Blockchain Voting (WIRED) A new movement says that crypto-voting can purify democracy—and eventually eliminate the need for governments altogether.

What Your Car Knows About You (Wall Street Journal) Auto makers can now collect large amounts of data from internet-connected vehicles, from location to driving habits.

As Cars Collect More Data, Companies Try to Move It All Faster (New York Times) It’s been three decades since cars’ internal networks got an update. With autonomous vehicles on the horizon, quick decisions will rely on a faster network.

We must be wary of tech that could turn on us (Times) Caesar’s Palace, Las Vegas: once home to the boozing, carousing Rat Pack; now frequented by the rather stranger Hack Pack. Last week the hotel hosted DefCon, the world’s top hacking convention...

Jack Dorsey admits Twitter hasn’t ‘figured out’ approach to fake news (TechCrunch) Jack Dorsey is hedging his bets. In an interview with CNN’s Brian Stelter, the beard-rocking CEO said Twitter is reluctant to commit to a timetable for enacting policies aimed at curbing heated political rhetoric on the site. The executive’s lukewarm comments reflect an embattled social network tha…

Research and Development

Tech Giant IBM Applies for Blockchain Patent for Development of Transaction Data via Nodes (CoinFrenzy | Blockchain News in Shorts) IBM has applied for a blockchain patent to ensure transaction compliance through nodes data, according to a patent application published by the U.S. Patent and Trademarks Office (USPTO) on Thursday, August 16.

Legislation, Policy and Regulation

EU Set to Legislate on Terror Content (Infosecurity Magazine) Crackdown could force social networks to remove material within an hour

Tech giants warn Coalition bill opens customers up to cyber attack (the Guardian) Law to force companies such as Facebook to assist security services in decryption of private data goes too far, peak body says

China aims to narrow cyberwarfare gap with US (ZDNet) While US blames China for cyber attacks on networks.

Ramifications of Trump revoking Obama’s cyber offense order (POLITICO) Intel official: Trump foreign policy hasn’t forced adversaries to strike online — States ramp up fall voting defenses as Senate alters election security bill

Pentagon’s artificial intelligence programs get huge boost in defense budget (Fast Company) The controversial Project Maven received a 580% funding increase in this year’s bill. As AI and machine learning algorithms are integrated into defense tech, spending is only going to increase in years to come.

Here are the intelligence community’s top 6 priorities (C4ISRNET) The IC has developed a new vision called IC 2025.

Trump appointee recommends NSA, Cyber Command remain under same leader (TheHill) Gen. Paul Nakasone, who leads both the National Security Agency (NSA) and U.S. Cyber Command, reportedly told top Pentagon officials that he believes both organizations should remain under the same leader for at least two more years.

Analysis | The Cybersecurity 202: Google's location tracking could bring scrutiny from Congress, regulators (Washington Post) Some lawmakers are already voicing concerns.

Blunt-Klobuchar 'Secure Elections Act' revisions make state funding contingent on establishing cyber response plan (Inside Cybersecurity) The revised version of the “Secure Elections Act” unveiled today by Senate Rules Chairman Roy Blunt (R-MO) and ranking member Amy Klobuchar (D-MN) would amend the Help America Vote Act to require states to establish a “response and communications plan for cybersecurity incidents,” in order for states to receive funding from the Election Assistance Commission.

Litigation, Investigation, and Enforcement

China Is Going to New Lengths to Surveil Its Own Citizens (Defense One) New tech—including drones disguised as birds—can be a nightmare for Muslims in particular.

Exclusive: U.S. government seeks Facebook help to wiretap Messenger... (Reuters) The U.S. government is trying to force Facebook Inc to break the encryption in its popular Messenger app so law enforcement may listen to a suspect's voice conversations in a criminal probe, three people briefed on the case said, resurrecting the issue of whether companies can be compelled to alter their products to enable surveillance.

HUD Secretary Carson accuses Facebook of enabling housing discrimination (Washington Post) The Department of Justice on Friday formally opposed an effort by Facebook to dismiss a lawsuit by several housing groups, arguing that the social media platform may be held legally responsible if advertisers violate fair-housing laws by using its ad-targeting tools.

Exclusive: FBI probing cyber attack on congressional campaign in... (Reuters) The U.S. Federal Bureau of Investigation is investigating a cyber attack on the congressional campaign of a Democratic candidate in California, according to three people close to the campaign.

Florida election officials seek info as support builds for Nelson’s Russian-hack claim (Miami Herald) Florida officials have been unable to confirm a potential Russian hack into the state’s voter systems, though leaders of the Senate Intelligence Committee told Sen. Bill Nelson recently that operatives working for Russia penetrated some county voter registration databases.

White House drafts more clearance cancellations demanded by Trump (Washington Post) While some aides see a welcome distraction from bad news, some worry about the appearance of an “enemies list.”

Brennan says he’s willing to take Trump to court over security clearances (Washington Post) “I am going to do whatever I can personally to try to prevent these abuses,” the former CIA director said.

John Bolton: Brennan, other Obama officials were ‘politicizing intelligence’ (Washington Examiner) National security adviser John Bolton on Sunday defended President Trump’s decision to revoke former CIA Director John Brennan’s security clearance, saying he and other former Obama administration officials have politicized intelligence.

How Important Is the Protest Against Trump from the National-Security Establishment? (The New Yorker) The former military commander William McRaven penned an open letter to Donald Trump, in solidarity with John Brennan, saying it would be an honor to have his security clearance revoked.

Nahan admits staffer photographed confidential Huawei security advice (The Sydney Morning Herald) Premier Mark McGowan accused the Liberal opposition of trying to turn controversial Chinese telco Huawei's $136 million contract into "Watergate".

Apple Pulls Illegal Apps Targeted by Chinese State Media (Wall Street Journal) Apple said it removed illegal gambling apps from its App Store in China as it came under fire from state media—a move that could help quell the latest challenge for the tech giant in its most important market outside the U.S.

SentinelOne makes YouTube delete Bsides vid 'cuz it didn't like the way bugs were reported (Register) Research silenced amid copyright, trademark claim

Adams County clerk under scrutiny for suspected data breach exposing up to 250,000 people (Daily Tribune Media) Adams County Clerk Cindy Phillippi says she was following procedures established by previous clerks.

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

SecureWorld Bay Area (Santa Clara, California, USA, August 21, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

The Air Force Information Technology & Cyberpower Conference (Montgomery, Alabama, USA, August 27 - 29, 2018) As the premiere Air Force cyber security annual event, the Air Force Information Technology & Cyberpower Conference (AFITC) returns to Montgomery, Alabama in August of 2018. As a critical intersection of Air Force IT experts, prominent IT academics, and some of America’s top cyber security companies, the AFITC offers a full of slate events and activities, with 3 days of speakers, expanded education/training opportunities, and an exhibitor-driven trade show that all revolves around the ways we can better defend America from cyber-attacks, advanced persistent threats, and proactively lead in this in this increasingly digital world.

The Cyber Security Summit: Chicago (Chicago, Illinois, USA, August 29, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts. Learn from cyber security thought leaders and Engage in panel discussions focusing on trending cyber topics such as Sr. Leadership’s Best Approach to Cyber Defense, What’s Your Strategic Incident Response Plan?, Protecting your Enterprise from the Human Element and more. Your registration includes a catered breakfast, lunch, and cocktail reception. Receive half off your admission with promo code cyberwire50 at CyberSummitUSA.com and view details including the full agenda, participating solution providers & confirmed speakers. Tickets are normally $350, but only $175 with promo code.

Intelligence & National Security Summit (National Harbor, Maryland, USA, September 4 - 5, 2018) The Intelligence & National Security Summit is the premier forum for unclassified, public dialogue between the U.S. Government and its partners in the private and academic sectors. The 2018 Summit will include five plenary sessions, where senior leaders from the intelligence and national security communities will discuss top priorities, challenges, and assessments of key threats, as well as nine breakout sessions that will examine issues of vital importance to our national wellbeing and the readiness of the intelligence and national security workforce.

Cyber Resilience & Infosec Conference (Abu Dhabi, UAE, September 5 - 6, 2018) Interact with the top-notch cyber security specialists, learn new strategies and protect your company's future efficiently

9th Annual Billington CyberSecurity Summit (Washington, DC, USA, September 6, 2018) The mission of Billington CyberSecurity is to bring together thought leaders from all sectors to examine the state of cybersecurity and highlight ways to enhance best practices and strengthen cyber defenses within government and the private sector. This year's summit, like the previous eight, will bring together leaders from government and industry for a comprehenive look at the challenges of cybersecurity.

SecureWorld Twin Cities (Minneapolis, Minnesota, USA, September 6, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

CornCon IV: Quad Cities Cybersecurity Conference & Kids' Hacker Camp (Davenport, Iowa, USA, September 7 - 8, 2018) CornCon is a 2-day conference held in Davenport, Iowa including a professional development workshop on Friday and a full-day cybersecurity conference on Saturday. The workshop covers enterprise risk, privacy and security. The conference has a keynote track with top international speakers, and a technical track with cutting edge exploits, demos and presentations. There will be a hacker village, vendor expo, contests, t-shirts, food drinks and a great after party. There is also a Saturday kids' hacker camp running alongside the conference. "A little DEFCON in a corn field!"

2018 International Information Sharing Conference (Tysons Corner, Virginia, USA, September 11 - 12, 2018) Join representatives from fellow information sharing groups with all levels of expertise, security practitioners, major technology innovators, and well-established cybersecurity organizations, as they come together to discuss the impact ISAOs have had on the nation’s security, share lessons learned, and discover the latest in cybersecurity policy. Attendees will gain the knowledge needed to learn how to improve information sharing with keynote addresses by industry experts, senior government, and international thought leaders, presentations on key topics and panel discussions of interest to the Information Sharing community, technology demonstrations from service providers and vendors addressing information sharing challenges. There will be many networking opportunities and exhibits.

SecureWorld Detroit (Detroit, MIchigan, USA, September 12 - 13, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

FutureTech Expo (Dallas, Texas, USA, September 14 - 16, 2018) With over 2,000 expected attendees, 70 top-notch speakers and 100+ exhibitors from the Blockchain & Bitcoin, Artificial Intelligence, Cyber Security / Hacking, Quantum Computing, 3D Printing, and Virtual / Augmented Reality worlds, and talks from ICOs and blockchain startups and more, this Expo is going to be a diverse, wonderful, and potentially profitable experience for all who attend.

Insider Threat Program Development-Management Training Course (San Antonio, Texas, USA, September 17 - 18, 2018) Insider Threat Defense will hold its highly sought-after Insider Threat Program Development-Management Training Course, in San Antonio, Texas, on September 17-18, 2018. This two-day training course will provide the Insider Threat Program (ITP) Manager, Facility Security Officer, and others (CIO, CSO, CISO, Human Resources, IT, Network Security, Etc.) supporting an ITP, with the knowledge and resources (Templates, Checklits, Etc.) to develop, manage, or enhance an ITP. This training covers, and goes beyond compliance regulations for an ITP (National Insider Threat Policy, NISPOM Conforming Change 2). Insider Threat Defense is one of the few ITP training vendors to offer a guarantee with their training. Insider Threat Defense has provided training and services (In Over 14 U.S. States) to an impressive list of 540+business-organizations / 680+ security professionals.

International Consortium of Minority Cybersecurity Professionals (ICMCP) 3rd Annual National Conference (Atlanta, Georgia, USA, September 17 - 19, 2018) The International Consortium of Minority Cybersecurity Professionals (ICMCP) 3rd Annual National Conference continues to elevate the national dialogue on the very necessary strategic, tactical and operational imperatives needed to attract and develop minority cybersecurity practitioners. By providing a combination of thought leadership, awareness and engagement, the 3rd Annual National Conference will seek to break from the norm of day-long sessions of talking-heads through interactive “decode sessions” intended to include conference attendees in helping to devise innovative strategies to tackling cybersecurity’s diversity challenges.

Air Space & Cyber Conference (National Harbor, Maryland, USA, September 17 - 19, 2018) Gain new insights and skills to advance your career. Be among the first to see the latest innovations in airpower, space, and cyber capabilities all the while bonding with your fellow Airmen. Inspiring addresses from recognized leaders in your Air Force will give you drive for taking your career to the next level. You can do all of this and more at AFA’s annual Air, Space & Cyber Conference (ASC).

Global Cybersecurity Innovation Summit (London, England, UK, September 18 - 19, 2018) Advancing global collaboration and innovation. SINET – London creates a forum to build and maintain international relationships required to foster vital information sharing, broad awareness and the adoption of innovative Cybersecurity technologies.

SecureWorld St. Louis (St. Louis, Missouri, USA, September 18 - 19, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

5th Annual Industrial Control Cyber Security USA (Sacramento, California, USA, September 18 - 19, 2018) Now in its 5th year, this two day executive forum will include presentations, roundtable working groups and panel sessions. Together we will address the escalating cyber risk and resilience challenges associated with the adoption and convergence of operational technologies in enterprise facing architecture. Practitioners will gain further insight into how to best respond to evolving cyber threats, the importance of effective risk management throughout the industrial control supply chain, innovations in detection and mitigation, configuration management and how can we incorporate resilience into critical control system components and business process.

Security in our Connected World (Beijing, China, September 19, 2018) This year’s seminar will not only examine critical security technologies, such as the Trusted Execution Environment (TEE) and Secure Element (SE), but will also delve into their associated business and technical use cases, to explore more deeply the need for security in our connected world. Timely and relevant seminar topics to include a focus on the Internet-of-Things (consumer, industrial and enterprise), identification and authentication, payment and value-added services, premium content protection, device trust, and certification. And, as always, delegates will be able to witness ‘real world’ solutions from our sponsoring/exhibiting member organizations.

Detect 18 (National Harbor, Maryland, USA, September 19 - 21, 2018) Detect '18 is the single largest conference dedicated to threat intelligence. This year we're calling on fellow "Threatbusters" to wage a high-tech battle against apparitions (aka bad actors) and learn how to better save the world from cyber destruction! At Detect '18 you will be able to: immerse yourself in 30+ hours of education and training; chooose from 30+ breakout sessions designed for every experience level; listen to peer presentations highlighting real-world issues and solutions; network, network, network with your peers in a social setting; and earn CPE Credits to keep your credential current.

Cyber Beacon (Washington, DC, USA, September 20, 2018) Cyber Beacon is the flagship event of the National Defense University's College of Information and Cyberspace (NDU CIC). The conference brings together cyber experts from across the national security community, private sector, and academia to discuss the most pressing problem sets concerning cyberspace and national security. This year's theme is "decision making in cyberspace". Cyber Beacon V will be held on Wednesday 19 and Thursday 20 September 2018 at the NDU campus on Fort McNair in Washington, DC.

IT Security Leadership Exchange (Phoenix, Arizona, USA, September 23 - 25, 2018) IT Security Leadership Exchange is an invitation-only, strategic business summit that gathers Chief Information Security Officers (CISOs), senior decision-makers, and industry experts to address the unique needs and current challenges faced by enterprise cyber security leaders. A CISO’s role requires hands-on technical knowledge and understanding of security tools, techniques, and procedures combined with the need to manage up, down, and across the organization. This summit is the perfect platform for leaders to share information, gain insight and develop next-level strategy. Information security executives from across the country will come together for 2 days of peer breakouts and networking to answer the toughest questions facing them today.

Global Security Exchange (Las Vegas, Nevada, USA, September 23 - 27, 2018) Global Security Exchange—formerly the ASIS Annual Seminar and Exhibits—delivers new opportunities to exchange key ideas and best practices, expand global connections, and experience innovations. The GSX education program led by ASIS, InfraGard, and ISSA subject matter experts consists of 300+ sessions, each designed to deliver valuable, actionable takeaways to help shape your security strategy—today and in the future.

Merging of Cyber Criminal and Nation State Techniques: A Look at the Lazarus Group (Loudon, Virginia, USA, September 24, 2018) This presentation on North Korea's Lazarus Group as a case study of the convergence of organized cyber crime and nation-state intelligence services will be led by Allan Liska, a solutions architect at Recorded Future. Allan has more than 15 years experience in information security and has worked as both a blue teamer and a red teamer for the intelligence community and the private sector. Allan has helped countless organizations improve their security posture using more effective and integrated intelligence. He is the author of The Practice of Network Security, Building an Intelligence-Led Security Program, and Securing NTP: A Quickstart Guide and the co-author of DNS Security: Defending the Domain Name System and Ransomware: Defending Against Digital Extortion.

Connect Security World 2018 (Marseilles, France, September 24 - 26, 2018) While the number of IoT devices predicted by 2020 varies within tens of billions, all analysts agree that security is now the top concern of organizations looking at deploying IoT solutions. To address the unlimited risks surrounding billions connected “things”, Connect Security World 2018 unites Digital Security experts and IoT developers to securely develop, deploy and manage devices & services at IoT scale. In its 7th edition, this technical conference will cover the latest secure technologies stemming from cryptography to strategies and methods to minimize risks and enable successful implementations of end-to-end security – knowing that security is never perfect and no unique security solution (HW, SW…) can fit all levels of protection.

The Cyber Security Summit: New York (New York, New York, USA, September 25, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts. Learn from cyber security thought leaders and Engage in panel discussions focusing on trending cyber topics such as Sr. Leadership’s Best Approach to Cyber Defense, What’s Your Strategic Incident Response Plan?, Protecting your Enterprise from the Human Element and more. Your registration includes a catered breakfast, lunch, and cocktail reception. Receive half off your admission with promo code cyberwire50 at CyberSummitUSA.com and view details including the full agenda, participating solution providers & confirmed speakers. Tickets are normally $350, but only $175 with promo code.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.