The CyberWire Daily Briefing 8.21.18

Summary

By The CyberWire Staff

Microsoft announced late last night the takedown of six sites associated with Russian influence operations in the US. Redmond's Digital Crimes Unit ran the operation, which concentrated on bogus sites established over the last few months to impersonate public policy organizations.

This time conservative organizations received attention: the Hudson Institute, a conservative think tank that's investigated corruption in Russia, the International Republican Institute, a democracy-promotion not-for-profit, and three sites built to look as if they were affiliated with the US Senate. The sixth site was non-political: it spoofed Microsoft. Microsoft went no farther than attributing the operation to APT28, but others have been quick to point out that APT28 is just Fancy Bear, Russia's GRU military intelligence organization.

Trend Micro has published a comprehensive look at Operation Red Signature, which they call "an information theft-driven supply chain attack targeting organizations in South Korea." The campaign surfaced late last month.

Motherboard describes "Intrusion Truth," apparently a hacktivist group engaged in doxing members of Chinese intelligence services. Motherboard seems convinced, based on their exchanges with Intrusion Truth, that they are indeed the hacktivists they say they are. It would be interesting to rule out the possibility that that group is a hostile (to China) intelligence service.

A British mission to the US will push for more sanctions against Russia. The US Senate works to ensure that existing sanctions don't rain collateral economic damage on US and allied countries.

US-CERT warns of vulnerabilities in Philips IntelliSpace Cardiovascular and Xcelera IntelliSpace Cardiovascular (ISCV) products.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, Canada, China, European Union, Kenya, Democratic Peoples Republic of Korea, Republic of Korea, Russia, Singapore, United Kingdom, and United States.

Don’t let threats SOC you where it counts.

Protecting your organization from an attack involves much more than the traditional “block & tackle” tactics of the past. A good boxer doesn’t just block the punch they see coming, they move against the next anticipated punch. The modern Security Operations Center (SOC) requires a combination of automation and human tradecraft to successfully repel the adversary. Learn more about the modern SOC in LookingGlass’ webinar featuring guest IDC, August 29 @ 2pm ET.

On the Podcast

In today's podcast, we speak with Rick Howard from our partners at Palo Alto Networks. He's got some tips on buying cybersecurity products. Our guest is Travis Rosiek from Blue Vector, who reviews fileless attacks.

Sponsored Events

Cyber Security Summits: August 29 in Chicago & in NYC on September 25 (Chicago, Illinois, United States, Aug 29, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The NSA, Darktrace, CenturyLink and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com

IR18: Don’t Forget to Register for the first and only community-driven IR conference! Built by the community, for the community. (Arlington, Virginia, United States, Sep 5 - 6, 2018) IR18 is a conference for cybersecurity professionals to learn and develop playbooks to improve incident response processes. Receive 20+ hours of practical training on today’s best practices in IR topics, including 36 breakout sessions designed for all levels of experience.

Rapid Prototyping Event: The Chameleon and the Snake (Columbia, Maryland, United States, Sep 17 - 20, 2018) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Protoyping Event that specifically targets malware signature diversity and signature measurement for Microsoft Windows in a simulated operational environment at a realistic pace. Join us September 17-20, 2018 at UMBC Training Center in Columbia, MD.

The force is stronger when MSPs and MSSPs come together. (Webinar, Sep 19, 2018) The managed service market has grown tremendously, with the demand for managed security being unprecedented. For managed service providers (MSPs) looking to answer those demands, partnering with a managed security services provider (MSSP) expands access to highly-skilled cyber security analysts and a full suite of security solutions. Join Delta Risk’s webinar, September 19 at 1 PM ET, to learn how the two sides can join forces.

5th Annual Cyber Security Conference for Executives (Baltimore, Maryland, United States, Oct 2, 2018) The 5th Annual Cyber Security Conference for Executives, hosted this year by The Johns Hopkins University Information Security Institute and Ankura, will be held on Tuesday, October 2nd, in Baltimore, Maryland. This year’s theme is cybersecurity compliance and regulatory trends, and the conference will feature discussions with thought leaders across a variety of sectors. Join the discussion and learn about current and emerging cyber security threats to organizations, and how executives can better protect their enterprises. To receive the early-bird rate, register now!

Dragos Industrial Security Conference (DISC) 11/5/18 (Hanover, Maryland, United States, Nov 5, 2018) Reserve your spot now for the Dragos Industrial Security Conference (DISC) on November 5th, 2018. DISC is a free, annual event for our customers, partners, and those from the ICS asset community. Visit https://dragos.com/disc/ for more information.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

Supply Chain Attack Operation Red Signature Targets South Korean Organizations (TrendLabs Security Intelligence Blog) We uncovered Operation Red Signature, an information theft-driven supply chain attack targeting organizations in South Korea.

Microsoft says it has found a Russian operation targeting U.S. political institutions (Washington Post) The company said it disabled phony websites meant to look like real sites used by the Senate and Washington nonprofit organizations.

Russian Hackers Target Conservative Groups in Widening Cyberattacks (Wall Street Journal) Russian hackers linked to the 2016 election cyberattacks on the Democratic Party are widening their targeting for the coming midterms to include the U.S. Senate and well-connected conservative groups, according to new research from Microsoft Corp.

Microsoft Thwarts Russia Hackers Targeting GOP Critics of Trump (Bloomberg) Attackers created websites mimicking U.S. political groups. Company’s discovery comes as American elections approach.

The Russians tried to hack the Senate and conservative think tanks, Microsoft says (CNN) Parts of an operation linked to Russian military intelligence targeting the US Senate and conservative think tanks were thwarted last week, Microsoft announced early Tuesday.

Meet 'Intrusion Truth,' the Mysterious Group Doxing Chinese Intel Hackers (Motherboard) Since April last year, a group calling itself ‘Intrusion Truth’ has trickled out the real names of hackers working for Chinese intelligence. Recently the group has ramped up its efforts against a Chinese operation targeting governments and businesses.

Suspected China cyberhack on Singapore is a wake-up call for Asia (Nikkei Asian Review) Asia-Pacific nations lag American and European counterparts in hack detection

Phillips reveals code execution vulnerabilities in cardiovascular devices (ZDNet) Only a low level of skill is required to exploit the bugs.

'Insight' into Home Automation Reveals Vulnerability in Simple IoT Product (McAfee Blogs) Eoin Carroll, Charles McFarland, Kevin McGrath, and Mark Bereza contributed to this report. The Internet of Things promises to make our lives easier. Want to remotely turn lights and appliances on and off and monitor them online? A “smart plug,” a Wi-Fi–connected electric outlet, is one simple method. But IoT

Animoto hack exposes personal information, geolocation data (TechCrunch) Animoto, a cloud-based video maker service for social media sites, has revealed a data breach. The breach occurred on July 10 but was confirmed by the company in early August, and later reported to the California attorney general. Names, dates of birth and user email addresses were accessed by hack…

Twitch admits exposing user messages after archiving error (Naked Security) Games streaming giant Twitch has admitted accidentally exposing some users’ messages to other users as it shut down its legacy in-house messaging system in May.

TLS v1.0 Refuses to Die (Panorays) The TLS v1.0 cryptographic protocol, released in 1999, has various known vulnerabilities and security experts have recommended to disable it for a while now. However, Panorays research shows that 52% of organizations still use TLS v1.0 throughout all of their websites.

Adblocking and browser privacy can be bypassed, researchers find (Naked Security) Virtually every desktop browser and adblocker can have its ad-tracking privacy or security bypassed by at least one software technique, a new study has found.

How often are users' DNS queries intercepted? (Help Net Security) A group of researchers devised new approaches to detect DNS interception and leveraged 148,478 residential and cellular IP addresses for analysis.

Gatwick passengers forced to read flight information from white boards after information screens go down (Computing) Vodafone claims damaged fibre cable the cause of information systems outage at Gatwick

MadIoT: How an IoT botnet could launch a major attack on the power grid (Bitdefender) Academic researchers claim that hackers could exploit high wattage IoT appliances such as air conditioners, heaters, and cookers, to perform attacks on the power grid. The researchers – Saleh Soltan, Prateek Mittal, and H. Vincent Poor, from Princeton University – describe in a paper presented at the 27th USENIX Security Symposium how a botnet of …

I Just Hacked a State Election. I’m 17. And I’m Not Even a Very Good Hacker. (POLITICO Magazine) It took a lot less than you'd think for myself and my fellow teens to steal the midterms.

Almost 10,000 NHS patient records stolen last year (Computing) The public are losing trust in the NHS's ability to protect their data

Augusta Health Center Reveals Historic Breach (Infosecurity Magazine) September 2017 phishing attack may have compromised data on 400K patients

(LIVE) Watch Melania Trump Speak About Cyber Bullying At HHS Summit (Hill Reporter) Melania Trump is speaking at the Department of Health and Human Services’ summit on cyberbullying. The First Lady’s speech comes on the heels of her husband’s continued use of Twitter to what some would say is bullying his political opponents and those investigating him. Whether it’s the President calling Senator Elizabeth Warren ‘Pocahontas,” or claiming …

Security Patches, Mitigations, and Software Updates

What are Amazon Zelkova and Tiros? AWS looks to reduce S3 configuration errors (CSO Online) Amazon’s latest tools help identify where data might be left exposed in your AWS S3 cloud environments.

Canadian Telcos Patch an APT-Ready Flaw in Disability Services (Threatpost) An attacker could escalate privileges on the server, further penetrating the network, harvesting customer information or mounting credible social-engineering campaigns.

Firefox axes add-ons, developer pushes back (Naked Security) Mozilla has wiped 23 extensions from its directory of Firefox browser add-ons after finding what it says were inappropriate functions in the code.

The security changes you can expect in iOS 12 (Naked Security) We take a look at the beta version of iOS 12 and the security-related changes we can expect to see when it’s released in (probably) September.

WhatsApp urges Android users to manually backup their chats (Naked Security) WhatsAppers have until 12 November. That’s when WhatsApp will sweep out dusty old backups that haven’t been updated in more than a year.

Cyber Trends

The US$8 billion Spend to Secure Smart Utilities Inadequate; Cyberthreats to the Utility Infrastructure Grave (ABI Research) The modernization of utility infrastructures is enabling increased efficiencies and reliability through digitization, connectivity, and IT-based approaches.

Personal data the most targeted by cyber attackers (Financial Review) Australians are completely unaware as to how susceptible their personal information is to a cyber attack, despite it being a common target of cyber criminals.

Kaspersky Phishing Report Says Ethereum Is Most Popular Crypto Used Gor Cybercriminals (BitcoinExchangeGuide) Kaspersky Report On Phishing And Cybercriminals Calls Ethereum “The Most Popular Cryptocurrency With Phishers” One of the biggest opportunities for cybercriminals in the last few years has been wit…

Cybersecurity Executive Bob Gourley on Trends, Due Diligence, and... (Bricata) An executive with a long career in intel and cybersecurity discusses trends in the space, tips for evaluating security tools, and why he’s bullish on the notion of the software defined perimeter (SDP). #cloudsecurity #cybersecurity #thoughtleaderinterviews

Marketplace

As Cyber Insurance Market Grows, Accumulation Risk Is Key Concern: Geneva Assn. (Insurance Journal) Although cyber risk premiums have expanded sizably in recent years with loss ratios that compare favorably to other product lines, the danger of

DHS awards Booz Allen $1.03B to Enhance Cyber Capabilities Across Six Federal Agencies (Booz Allen Hamilton) DHS selects Booz Allen as prime contractor with $1.03B task order to enhance cyber capabilities across six federal agencies.

YL Ventures Expands Its Venture Advisor Network With 24 Additional Market-Leading Cybersecurity Experts (BusinessWIe) YL Ventures, the Silicon Valley headquartered seed-stage venture capital firm focusing on Israeli cybersecurity innovation, adds 24 new top advisors.

Semmle Launches Globally with $21 Million Series B Investment Led by Accel Partners (Semmle) Google, Microsoft, NASA and Nasdaq use Semmle’s software engineering analytics to secure the software that runs the world

BearingPoint makes strategic investment in Insignary (Help Net Security) The investment further strengthens the current partnership and enables Insignary to meet the growing demand for its services in the EU, the US and Asia.

Bandura Announces $4 Million in Series A Funding (BusinessWire) Bandura, which pioneered the Threat Intelligence Gateway (TIG) industry in part with the U.S. Department of Defense, today announced it has completed

SailPoint Technologies: Beat And Raise Marred By Secondary Sale (Seeking Alpha) SailPoint Technologies crushed estimates in its Q2 earnings release, with shares rocketing up more than 10% in response.

CrowdStrike Appoints Paul Shinn as Chief Legal Officer (CrowdStrike) CrowdStrike® Inc., the leader in cloud-delivered endpoint protection, today announced the appointment of Paul Bradley Shinn as chief legal officer. Shinn brings to CrowdStrike more than 20 years of experience as a corporate counsel advising high-growth technology companies.

Products, Services, and Solutions

SafeBreach Extends Industry’s Most Comprehensive Breach and Attack Simulation Platform (GlobeNewswire News Room) New Capabilities Expand Coverage from Email-to-Endpoint; Also Adds Enhanced Remediation Support and Board Level Risk Scoring

2018 Identity Fraud: Fraud Enters a New Era of Complexity (Javelin Strategy) Javelin’s 2018 Identity Fraud Report provides comprehensive analysis of fraud trends in the context of a changing

Analyzing cryptographic implementations of Chinese SMx algorithms (eeNews Europe) In partnership with Open Security Research (OSR), cyber security company eshard has launched a new module for its esDynamic platform to analyze cryptographic implementations of Chinese SMx algorithms.

SUSE and Microsoft collaborate to deliver enterprise Linux kernel optimized for Azure (Help Net Security) SUSE Linux Enterprise 15 kernel tuned for Microsoft Azure increases customer agility and efficiency by enabling access to new Azure features.

CloudPassage debuts Halo Cloud Secure, delivering security of public cloud infrastructure (Help Net Security) CloudPassage's Halo Cloud Secure platform enables insight into infrastructure-as-a-service security and compliance issues.

Here are all of the election security offerings from private companies (Cyberscoop) A lot of companies are offering to help protect election infrastructure. Here's a full list.

ESET announces new enterprise security solutions (ITP.net) ESET Dynamic Threat Defence cloud sandboxing solution quarantines and analyses threats before they reach the network.

Trend Micro's 'virtual patching' to protect firms against cyber attacks (Business Standard) Cybersecurity solutions leader Trend Micro on Monday announced a non-disruptive approach called "Virtual Patching" to help its customers shield vulnerabilities in critical systems until a security patch is available.

Technologies, Techniques, and Standards

Wireless Industry Announces New Cybersecurity Certification Program for Cellular-Connected Internet of Things Devices (PRNewswire) CTIA's Cybersecurity Certification Program will improve IoT security

Kenya Elections Agency to Adopt Blockchain for Vote Transparency (Bloomberg) Technology will provide real-time access to election results. Kenyan elections have been marred by rigging claims, violence.

Army cyber protection teams upgrade training with a 'real' city (FCW) A task force from the Army cyber protection teams face off against industrial control systems in a week-long cyber training exercise.

The critical flaw of AI: data (Computing) One of the biggest flaws of artificial intelligence is poor quality data, claims MarkLogic CEO Gary Bloom

Trusting the cloud: The dangers of unencrypted data upload (Computing) Moving to the cloud doesn't mean outsourcing your entire security infrastructure, argues Max Heinemeyer of Darktrace

How to develop the right strategy to increase IoT security (Help Net Security) As more and more devices become connected, many industries that were previously secure are experiencing new threats or attacks to their devices and

Let user experience guide your security requirements (Help Net Security) Evidence shows that stringent security measures can actually backfire, and can leave you more vulnerable than you were before.

Arm Your Defenses to Guard Against Nation State Attacks (Information Security Buzz) Nation state attackers are on the hunt for the next vulnerable target. No longer satisfied with infiltrating government institutions or mining for sensitive military data, they are broadening their efforts to target industrial facilities and businesses with the intent to destabilize and disrupt organizations and their countries. It’s scary to consider that more than 60 …

How to Protect Your Personal Brand's Website From a Cyber Attack (Entrepreneur) Here are several ways you can effectively protect your website and online reputation.

Design and Innovation

How ethical do we want AI to be? (IDG Connect) Data bias is not black and white but setting ethical parameters for AI now is crucial

Why regulation is needed to take cryptocurrencies mainstream (IDG Connect) How regulators must work with the crypto community rather than against it to create the best long-term regulations that will encourage broader mainstream adoption.

Research and Development

MIT Unveils Novel 20 to 30 Times Faster Method For Securing Cloud-Based AI (Interesting Engineering) Securing cloud-based machine learning was previously so slow, the systems became unusable. Now a new method by MIT scientists has solved this problem.

Researchers convert QR codes into complex 3D features to foil IP pirates (Help Net Security) Researchers at NYU Tandon and NYU Abu Dhabi turn tracking codes into unclonable “clouds” to authenticate genuine 3D printed parts.

Legislation, Policy and Regulation

When China Rules the Web (Foreign Affairs) China is set to remake cyberspace in its own image. That will make the Internet less open and allow Beijing to reap vast economic, diplomatic, and security benefits that once flowed to Washington.

Social networks to be fined for hosting terrorist content (Naked Security) Draft EU legislation, due out next month, will likely incorporate a one-hour takedown window for extremist content flagged by law enforcement.

‘It’s our time to serve the Motherland’ (Meduza) How Russia’s war in Georgia sparked Moscow’s modern-day recruitment of criminal hackers

UK foreign secretary to call for more sanctions on Russia during first US visit (CNN) Making his first visit to the US since taking office, British Foreign Secretary Jeremy Hunt is expected to deliver a speech Tuesday that will call on the European Union "to ensure its sanctions against Russia are comprehensive, and that we truly stand shoulder to shoulder with the US."

Russia Sanctions Bill Tweaks in Senate May Curb Spillover Risks (Bloomberg) U.S. senators weigh changing sovereign debt, energy provisions. Treasury warned that original bill could damage global economy.

Russia Sanctions Won’t Work If Trump Doesn’t Back Them Up (Bloomberg) The president’s refusal to condemn Putin undermines any economic penalties.

Analysis | The Cybersecurity 202: Sen. Whitehouse says Congress should consider letting companies 'hack back' after cyberattacks (Washington Post) There's a subcommittee hearing today.

Rubio, Van Hollen Introduce Legislation to Deter Foreign Interference in American Elections (U.S. Senator for Florida, Marco Rubio) U.S. Senators Marco Rubio (R-FL) and Chris Van Hollen (D-MD) today introduced the Defending Elections from Threats by Establishing Redlines (DETER) Act. It sends a powerful message to any foreign actor seeking to disrupt our elections: if you attack American candidates, campaigns, or voting infrastructure, you will face severe consequences.

Georgia officials say it’s too late to switch to paper ballots despite security worries (McClatchy) As a federal judge considers ordering Georgia to switch to paper ballots in November because of election security worries, county officials say it’s too late to make the switch.

Former head of NSA unsure about Trump’s cyber plan (Fifth Domain) The White House has not had a centralized cybersecurity strategy since John Bolton joined the Trump administration in March, said Michael Hayden, the former head of the National Security Agency.

Kristi Noem says ‘over five million people’ with security clearances ‘astounding’ (The Washington Times) Former intelligence officials may be outraged at President Trump’s decision to revoke former CIA Director John O. Brennan’s security clearance, but what stuns Rep. Kristi Noem is that there are another 5 million people who enjoy similar access.

Why America’s former spy chief is worried about Trump’s security clearance policy (Federal Times) President Trump threatening to remove security clearances of critics sets a bad precedent, former NSA and CIA chief Michael Hayden said in a one-on-one interview.

Trump's Unprecedented Retaliation Draws Unprecedented Rebukes (Defense One) A dozen former spy chiefs slammed the president after he yanked Brennan's clearance. What comes next?

Trump blasts Brennan as 'loudmouth' 'hack' (CNN) President Donald Trump lashed out at former CIA Director John Brennan on Saturday, claiming he made mistakes during his time at the CIA and calling him a "loudmouth, partisan, political hack."

The Retired Admiral, the President, and the Military Profession (Defense One) How should a former four-star register his dissent? A Naval War College instructor points to an Aug. 13 memo by Defense Secretary Mattis.

Litigation, Investigation, and Enforcement

Cybercrime Prosecutions Fall Again in UK (Infosecurity Magazine) Police under-resourced, claims leading law firm

Digital detecting: How FBI hackers catch criminals in cyberspace (San Diego Union Tribune) In the high-stakes chess match between cyber criminals and law enforcement, this FBI lab is a grandmaster.

Google Faces Legal Turmoil After Location Tracking Debacle (Threatpost) After a report said Google tracks users even when they opt out, the company is under fire from activists and has been slapped with a lawsuit.

Man sues over Google’s “Location History” fiasco, case could affect millions (Ars Technica) If "Location History" was off, Google said it didn't keep data—but that's not true.

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

SINET Global Cybersecurity Innovation Summit (London, England, UK, Sep 18 - 19, 2018) SINET, an organization focused on advancing cybersecurity innovation through public-private collaboration, today announced that its annual Global Cybersecurity Innovation Summit (GCIS), will take place September 18-19, 2018. SINET’s collaborative forum brings together a notable group of senior level industry and government cybersecurity professionals. The event, supported by Her Majesty’s Government and the U.S. Department of Homeland Security (DHS) Science and Technology Directorate (S&T), will be held at The British Museum in London.SINET GCIS will provide exclusive opportunities for attendees to engage directly with a select network of influential thought leaders, solution providers, researchers and investors from the global security community. The events are recognized among technology companies as a unique and exclusive opportunity for sponsors to schedule 1:1 meetings with top-level decision makers. These 15-minute meetings grant technology companies the opportunity to introduce their solution to high-level executives within targeted industries and source feedback from knowledgeable buyers.

5th Cyber Operations for National Defense Symposium (Washington, DC, USA, Sep 25 - 26, 2018) The 2018 Cyber Operations for National Defense Symposium will focus on the evolving nature of US Cyber policies and strategies. Cyber leaders from throughout the federal government will come together to discuss network and capability modernization efforts aimed at combating the diverse cyber threats to US National Security. The agenda will focus on defensive and offensive cyber operations as well as the technological capabilities needed by our forces to ensure they can defend American interests in all domains. Lastly, the event will feature two panels: one on protecting our Nation’s intricate critical infrastructure and one on securing the DoDIN.

Wall Street Journal Pro CyberSecurity Executive Forum (New York, New York, USA, Dec 11, 2018) The WSJ Pro Cybersecurity Executive Forum will bring together senior figures from industry and government to discuss how senior executives can best prepare for hacking threats, manage breaches, and work with government cybersecurity authorities and regulators. The forum will offer insights, practical advice, case studies and workshops tailored to the needs of executives and managers. (Request an invitation at the link.)

upcoming Events

SecureWorld Bay Area (Santa Clara, California, USA, Aug 21, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

The Air Force Information Technology & Cyberpower Conference (Montgomery, Alabama, USA, Aug 27 - 29, 2018) As the premiere Air Force cyber security annual event, the Air Force Information Technology & Cyberpower Conference (AFITC) returns to Montgomery, Alabama in August of 2018. As a critical intersection of Air Force IT experts, prominent IT academics, and some of America’s top cyber security companies, the AFITC offers a full of slate events and activities, with 3 days of speakers, expanded education/training opportunities, and an exhibitor-driven trade show that all revolves around the ways we can better defend America from cyber-attacks, advanced persistent threats, and proactively lead in this in this increasingly digital world.

The Cyber Security Summit: Chicago (Chicago, Illinois, USA, Aug 29, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts. Learn from cyber security thought leaders and Engage in panel discussions focusing on trending cyber topics such as Sr. Leadership’s Best Approach to Cyber Defense, What’s Your Strategic Incident Response Plan?, Protecting your Enterprise from the Human Element and more. Your registration includes a catered breakfast, lunch, and cocktail reception. Receive half off your admission with promo code cyberwire50 at CyberSummitUSA.com and view details including the full agenda, participating solution providers & confirmed speakers. Tickets are normally $350, but only $175 with promo code.

Intelligence & National Security Summit (National Harbor, Maryland, USA, Sep 4 - 5, 2018) The Intelligence & National Security Summit is the premier forum for unclassified, public dialogue between the U.S. Government and its partners in the private and academic sectors. The 2018 Summit will include five plenary sessions, where senior leaders from the intelligence and national security communities will discuss top priorities, challenges, and assessments of key threats, as well as nine breakout sessions that will examine issues of vital importance to our national wellbeing and the readiness of the intelligence and national security workforce.

Cyber Resilience & Infosec Conference (Abu Dhabi, UAE, Sep 5 - 6, 2018) Interact with the top-notch cyber security specialists, learn new strategies and protect your company's future efficiently

9th Annual Billington CyberSecurity Summit (Washington, DC, USA, Sep 6, 2018) The mission of Billington CyberSecurity is to bring together thought leaders from all sectors to examine the state of cybersecurity and highlight ways to enhance best practices and strengthen cyber defenses within government and the private sector. This year's summit, like the previous eight, will bring together leaders from government and industry for a comprehenive look at the challenges of cybersecurity.

SecureWorld Twin Cities (Minneapolis, Minnesota, USA, Sep 6, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

CornCon IV: Quad Cities Cybersecurity Conference & Kids' Hacker Camp (Davenport, Iowa, USA, Sep 7 - 8, 2018) CornCon is a 2-day conference held in Davenport, Iowa including a professional development workshop on Friday and a full-day cybersecurity conference on Saturday. The workshop covers enterprise risk, privacy and security. The conference has a keynote track with top international speakers, and a technical track with cutting edge exploits, demos and presentations. There will be a hacker village, vendor expo, contests, t-shirts, food drinks and a great after party. There is also a Saturday kids' hacker camp running alongside the conference. "A little DEFCON in a corn field!"

2018 International Information Sharing Conference (Tysons Corner, Virginia, USA, Sep 11 - 12, 2018) Join representatives from fellow information sharing groups with all levels of expertise, security practitioners, major technology innovators, and well-established cybersecurity organizations, as they come together to discuss the impact ISAOs have had on the nation’s security, share lessons learned, and discover the latest in cybersecurity policy. Attendees will gain the knowledge needed to learn how to improve information sharing with keynote addresses by industry experts, senior government, and international thought leaders, presentations on key topics and panel discussions of interest to the Information Sharing community, technology demonstrations from service providers and vendors addressing information sharing challenges. There will be many networking opportunities and exhibits.

SecureWorld Detroit (Detroit, MIchigan, USA, Sep 12 - 13, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

FutureTech Expo (Dallas, Texas, USA, Sep 14 - 16, 2018) With over 2,000 expected attendees, 70 top-notch speakers and 100+ exhibitors from the Blockchain & Bitcoin, Artificial Intelligence, Cyber Security / Hacking, Quantum Computing, 3D Printing, and Virtual / Augmented Reality worlds, and talks from ICOs and blockchain startups and more, this Expo is going to be a diverse, wonderful, and potentially profitable experience for all who attend.

Insider Threat Program Development-Management Training Course (San Antonio, Texas, USA, Sep 17 - 18, 2018) Insider Threat Defense will hold its highly sought-after Insider Threat Program Development-Management Training Course, in San Antonio, Texas, on September 17-18, 2018. This two-day training course will provide the Insider Threat Program (ITP) Manager, Facility Security Officer, and others (CIO, CSO, CISO, Human Resources, IT, Network Security, Etc.) supporting an ITP, with the knowledge and resources (Templates, Checklits, Etc.) to develop, manage, or enhance an ITP. This training covers, and goes beyond compliance regulations for an ITP (National Insider Threat Policy, NISPOM Conforming Change 2). Insider Threat Defense is one of the few ITP training vendors to offer a guarantee with their training. Insider Threat Defense has provided training and services (In Over 14 U.S. States) to an impressive list of 540+business-organizations / 680+ security professionals.

International Consortium of Minority Cybersecurity Professionals (ICMCP) 3rd Annual National Conference (Atlanta, Georgia, USA, Sep 17 - 19, 2018) The International Consortium of Minority Cybersecurity Professionals (ICMCP) 3rd Annual National Conference continues to elevate the national dialogue on the very necessary strategic, tactical and operational imperatives needed to attract and develop minority cybersecurity practitioners. By providing a combination of thought leadership, awareness and engagement, the 3rd Annual National Conference will seek to break from the norm of day-long sessions of talking-heads through interactive “decode sessions” intended to include conference attendees in helping to devise innovative strategies to tackling cybersecurity’s diversity challenges.

Air Space & Cyber Conference (National Harbor, Maryland, USA, Sep 17 - 19, 2018) Gain new insights and skills to advance your career. Be among the first to see the latest innovations in airpower, space, and cyber capabilities all the while bonding with your fellow Airmen. Inspiring addresses from recognized leaders in your Air Force will give you drive for taking your career to the next level. You can do all of this and more at AFA’s annual Air, Space & Cyber Conference (ASC).

Global Cybersecurity Innovation Summit (London, England, UK, Sep 18 - 19, 2018) Advancing global collaboration and innovation. SINET – London creates a forum to build and maintain international relationships required to foster vital information sharing, broad awareness and the adoption of innovative Cybersecurity technologies.

SecureWorld St. Louis (St. Louis, Missouri, USA, Sep 18 - 19, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

5th Annual Industrial Control Cyber Security USA (Sacramento, California, USA, Sep 18 - 19, 2018) Now in its 5th year, this two day executive forum will include presentations, roundtable working groups and panel sessions. Together we will address the escalating cyber risk and resilience challenges associated with the adoption and convergence of operational technologies in enterprise facing architecture. Practitioners will gain further insight into how to best respond to evolving cyber threats, the importance of effective risk management throughout the industrial control supply chain, innovations in detection and mitigation, configuration management and how can we incorporate resilience into critical control system components and business process.

Security in our Connected World (Beijing, China, Sep 19, 2018) This year’s seminar will not only examine critical security technologies, such as the Trusted Execution Environment (TEE) and Secure Element (SE), but will also delve into their associated business and technical use cases, to explore more deeply the need for security in our connected world. Timely and relevant seminar topics to include a focus on the Internet-of-Things (consumer, industrial and enterprise), identification and authentication, payment and value-added services, premium content protection, device trust, and certification. And, as always, delegates will be able to witness ‘real world’ solutions from our sponsoring/exhibiting member organizations.

Detect 18 (National Harbor, Maryland, USA, Sep 19 - 21, 2018) Detect '18 is the single largest conference dedicated to threat intelligence. This year we're calling on fellow "Threatbusters" to wage a high-tech battle against apparitions (aka bad actors) and learn how to better save the world from cyber destruction! At Detect '18 you will be able to: immerse yourself in 30+ hours of education and training; chooose from 30+ breakout sessions designed for every experience level; listen to peer presentations highlighting real-world issues and solutions; network, network, network with your peers in a social setting; and earn CPE Credits to keep your credential current.

Cyber Beacon (Washington, DC, USA, Sep 20, 2018) Cyber Beacon is the flagship event of the National Defense University's College of Information and Cyberspace (NDU CIC). The conference brings together cyber experts from across the national security community, private sector, and academia to discuss the most pressing problem sets concerning cyberspace and national security. This year's theme is "decision making in cyberspace". Cyber Beacon V will be held on Wednesday 19 and Thursday 20 September 2018 at the NDU campus on Fort McNair in Washington, DC.

IT Security Leadership Exchange (Phoenix, Arizona, USA, Sep 23 - 25, 2018) IT Security Leadership Exchange is an invitation-only, strategic business summit that gathers Chief Information Security Officers (CISOs), senior decision-makers, and industry experts to address the unique needs and current challenges faced by enterprise cyber security leaders. A CISO’s role requires hands-on technical knowledge and understanding of security tools, techniques, and procedures combined with the need to manage up, down, and across the organization. This summit is the perfect platform for leaders to share information, gain insight and develop next-level strategy. Information security executives from across the country will come together for 2 days of peer breakouts and networking to answer the toughest questions facing them today.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

Microsoft takes down Fancy Bear's bogus sites. Supply chain attacks in South Korea. Intrusion Truth vs. Chinese Intelligence.