The CyberWire Daily Briefing 9.17.18

Summary

By The CyberWire Staff

A ransomware attack (or, as airport authorities hedge it, an attack similar to ransomware) took departure board screens offline for two days at Bristol Airport in the UK. The screens were disenabled as part of a general response to detection of the attack. The airport believes the attack was "speculative" rather than specifically targeted.

Several universities in the UK, Cambridge and Oxford among them, sustained cyberespionage incidents in which sensitive technical material was taken on behalf of Iran.

The EternalBlue exploits, widely believed to have been stolen from the US NSA, continue to turn up in infestations around the world. A great many of the infections involve cryptojacking.

Several evolved ransomware strains are circulating in the wild. A new variant of Dharma is out. Ryuk is not only encrypting files, but disabling endpoint protection on infected devices. SynAck (not to be confused with the legitimate security company with the similar name) evades detection with Process Doppelgänging. Kraken Cryptor masquerades as the legitimate security tool SuperAntiSpyware.

The EU advances consideration of its next major Internet regulation: hosts will, if the measure passes, have one hour to remove "extremist" content from their services. The clock begins when authorities notify providers. Fines would be in the GDPR range.

North Korea is said to be turning to false identities and online services to evade economic sanctions, using Upwork, Freelancer, Github, Slack, LinkedIn, PayPal, and Facebook to facilitate IT service sales.

Russian disinformation over the Novichok attacks seems, the Washington Post reports, to be backfiring.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting China, Canada, Denmark, Egypt, Estonia, European Union, India, Indonesia, Iran, Netherlands, New Zealand, Philippines, Russia, Taiwan, Thailand, Turkey, United Kingdom, United States, and and Vietnam.

Yesterday’s Scorecard Won’t Protect Your From Tomorrow’s Breach

With 56% of global organizations experiencing third party breaches, it’s no surprise that third party risk is the hottest cybersecurity topic. Threat actors will continue to target third parties as long as their vulnerabilities go unchecked. You need a 24x7x365 monitoring solution. Read LookingGlass’ eBook to learn how to build a successful third party risk program, so your organization isn’t left relying on old data to protect your employees, customers, and brand.

On the Podcast

In today's podcast, we hear from our partners at Accenture Labs, as Malek Ben Salem describes encryption techniques that make use of DNA.

Sponsored Events

The force is stronger when MSPs and MSSPs come together. (Webinar, September 19, 2018) The managed service market has grown tremendously, with the demand for managed security being unprecedented. For managed service providers (MSPs) looking to answer those demands, partnering with a managed security services provider (MSSP) expands access to highly-skilled cyber security analysts and a full suite of security solutions. Join Delta Risk’s webinar, September 19 at 1 PM ET, to learn how the two sides can join forces.

The Browser Can Win and Lose Midterm Elections (Washington, DC, United States, September 20, 2018) Join Authentic8 in DC for a happy hour and appetizers. Come learn how a browser can be tracked and used for campaign targeting, what technical hurdles are in the current campaign targeting landscape, and how you can protect yourself.

Cyber Security Summits: September 25 in NYC on October 16 in Phoenix (New York, New York, United States, September 25, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, The NSA, Google, IBM, Darktrace, CenturyLink and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com

FireEye Cyber Defense Summit 2018 (Washington, DC, United States, October 1 - 4, 2018) Get trained by a FireEye expert at our annual Cyber Defense Summit. Training opportunities at this event offer attendees hands-on, small-group, interactive sessions with some of the most experienced FireEye cyber security experts.

Dragos Industrial Security Conference (DISC) 11/5/18 (Hanover, Maryland, United States, November 5, 2018) Reserve your spot now for the Dragos Industrial Security Conference (DISC) on November 5th, 2018. DISC is a free, annual event for our customers, partners, and those from the ICS asset community. Visit https://dragos.com/disc/ for more information.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

Cyber attack led to airport blank screens (BBC News) Bristol Airport says a "ransomware"-style attack prompted it to take screens offline for two days.

Bristol Airport blames cyber attack for taking departure boards offline for two days (The Telegraph) Bristol Airport has blamed a "speculative" cyber attack for causing flight information screens to fail for two days.

Iranian hackers selling stolen academic research from top British universities online (The Telegraph) Millions of documents, including sensitive research on nuclear power plants and cybersecurity defence, have been stolen from top British universities by Iranian hackers, the Telegraph can reveal.

OilRig APT Continues Its Ongoing Malware Evolution (Threatpost) The Iran-linked APT appears to be in a state of continuous tool development, analogous to the DevOps efforts seen in the legitimate software world.

Tech’s New Problem: North Korea (Wall Street Journal) Hiding behind fake profiles on Facebook and LinkedIn, a group linked to Pyongyang solicited information-technology work, then stiffed its subcontractors, a WSJ investigation shows. The technique, replicated more widely, could be bringing millions of dollars in hard currency to the country.

Windows Systems Vulnerable to FragmentSmack, 90s-Like DoS Bug (BleepingComputer) Microsoft released a security advisory about a denial-of-service vulnerability that could render multiple versions of Windows completely unresponsive and has no mitigation factors, the company says.

Kodi add-ons responsible for cryptomining campaign (WeLiveSecurity) ESET researchers have discovered several Kodi add-ons are being used to distribute Linux and Windows cryptocurrency-mining malware.

Cryptocurrency mining attacks using leaked NSA hacking tools are still highly active a year later (TechCrunch) It’s been over a year since highly classified exploits built by the National Security Agency were stolen and published online. One of the tools, dubbed EternalBlue, can covertly break into almost any Windows machine around the world. It didn’t take long for hackers to start using the ex…

EternalBlue Infections Persist (Dark Reading) Indonesia, Taiwan, Vietnam, Thailand, Egypt, Russia, China, among the top 10 nations with the most machines infected with the exploit.

How does the SynAck ransomware use Process Doppelgänging? (SearchSecurity) SynAck ransomware uses the Process Doppelgänging technique to circumvent security software. Learn more about how this tactic fools software systems and how to prevent it.

New Brrr Dharma Ransomware Variant Released (BleepingComputer) A new variant of the Dharma Ransomware was released this week that appends the .brrr extension to encrypted files. This variant was first discovered by Jakub Kroustek who tweeted a link to the sample on VirusTotal.

How Ryuk Ransomware Targets AV Solutions, Not Just Your Files (Security Boulevard) Could malware disable or cripple your endpoint protection? This recent ransomware attack is definitely trying. Watch a demo

Kraken Cryptor Ransomware Masquerading as SuperAntiSpyware Security Program (BleepingComputer) The Kraken Ransomware is a newer ransomware that was released in August 2018. A new version, called Kraken 1.5, was recently released that is masquerading as the legitimate SuperAntiSpyware anti-malware program in order to trick users into installing it.

Unpatched systems at big companies continue to fall to WannaMine worm (Ars Technica) Using the same exploit as WannaCry and some known tools, the Monero mining worm continues.

Microsoft Office Macros Still No. 1 Malware Delivery (Infosecurity Magazine) Phishing attacks remain successful by leveraging macros.

Household appliance brand totally SHUTS DOWN following ‘targeted HACK’ (Express) A POPULAR Italian appliance brand revealed it was forced to “totally shut down systems” to safeguard customers after a “targeted hack”.

Companies Wary of Cyberattacks, Phishing During Hurricanes (Wall Street Journal) Hurricane Florence could make companies vulnerable to cyberattacks as firms race to protect computer systems and networks ahead of the storm expected to hit the Southeast U.S. Friday, cybersecurity experts say.

10 Biggest Things Businesses Don't Get About Cryptomining (CRN) Cryptomining activity has increased by 141 percent year-over-year thus far in 2018. Here's a look at ten of the biggest risks associated with cryptomining that companies are still failing to grasp.

Cold-Boot Attack Steals Passwords In Under Two Minutes (BleepingComputer) Relying on computer memory's remanence behavior, security researchers figured out a way to extract sensitive data from RAM, such as encryption keys, even after the loss of power.

Keys schools computer system hacked (Florida Keys News) The Monroe County School District has been forced to shut down its computer system for nearly three days due to a cyberattack through ransomware called GandCrab.

Vet chain in cyber attack (Gisborne Herald) It is back to pens and paper at VetEnt in Gladstone Road,...

FBI Warns Educators and Parents About Edtech’s Cybersecurity Risks (EdSurge) The FBI has released a public service announcement warning educators and parents that edtech can create cybersecurity risks for students.Specifically, ...

Education Department warns that students on financial aid are being targeted in phishing attacks (Washington Post) The agency warned that attackers may be refining a scheme to redirect federal student aid money to private bank accounts, preparing for times when large volumes of aid are disseminated, and said the phishing attempt is a serious threat.

This new phishing attack uses an old trick to steal passwords and credit card details (ZDNet) The tax office isn't offering you a refund via email, sorry.

Edinburgh Uni Hit by Major Cyber-Attack (Infosecurity Magazine) Main website still out of action

UK Universities Face Growing DDoS Threat (Infosecurity Magazine) UK Universities Face Growing DDoS Threat. Students blamed for many attacks

How to crash and restart an iPhone with a CSS-based web attack (HOTforSecurity) A security researcher has revealed a method of crashing and restarting iPhones and iPads, with just a few lines of code that could be added to any webpage. Sabri Haddouche tweeted a link to webpage containing his 15-line proof-of-concept attack, which exploits... #applesafari #csswebattack #iphone

New Android Botnet Pops Up on Malware-as-a-Service Market (Security Boulevard) Security researchers have discovered a new Android botnet toolkit that's being developed as a malware-as-a-service (MaaS) offering for other Security researchers have discovered a new Android botnet toolkit that's being developed as a malware-as-a-service (MaaS) offering for other cybercriminals.

Evolution of the Cybercrime-as-a-Service Epidemic (Infosecurity Magazine) Over the past few years, the as-a-service model has both broadened and deepened the overall cybercrime threat.

How a Cyber Attack Could Cause the Next Financial Crisis (Harvard Business Review) Here’s what we need to do to prepare.

A history of the next 10 years in banking (Quartz) Through an unlikely series of cosmic events, Quartz obtained a dispatch from Sept. 15, 2028, describing the conditions on the 20th anniversary of Lehman's collapse.

US lawmakers say AI deepfakes ‘have the potential to disrupt every facet of our society’ (The Verge) Deepfakes could be used for blackmail, misinformation, and more

KnowBe4 Observes Increase in CEO Fraud (PRNewswire) Bad guys are now requesting personal cell phone numbers of employees

Cyber Trends

Workers across EMEA showing security fatigue, says experts (AMEInfo) Despite being fully aware of security risks following the introduction of high-profile legislation like GDPR, workers in Europe, Middle East

Military, Government Users Just as Bad About Password Hygiene as Civilians (Dark Reading) New report comes out just as group of US senators chastise Secretary of State Mike Pompeo for not using multifactor authentication.

From the bookshelf: ‘The perfect weapon’ (The Strategist) The new cold war is being fought in cyberspace on a continuing basis and with ever more sophisticated technologies. The Western powers, principally the United States and its allies, confront growing intrusions from adversaries ranging ...

Vulnerability Disclosure Not A Priority for 93 Percent of Forbes Global 2000 (Computer Business Review) Financial services and insurance companies pay only one third of the average bounty for reporting a bug in software...Vulnerability Disclosure

Your gardener wants access to your house safe (CSO Online) What we would balk at in the real world, we give with impunity in our digital universe.

Marketplace

Data breaches make companies underperform the market in the long run (Help Net Security) While the share prices of companies that experienced a data breach suffer just a temporary hit, in the long term the companies underperformed the market.

Have we arrived at a public cloud duopoly? (Computing) The two IaaS/PaaS leaders are pulling away from the rest

12 Cybersecurity Vendors Named In The Forbes Cloud 100 List (Best Endpoint Security Protection Software and Vendors) The Forbes Cloud 100 recognizes the ways cloud computing and cloud architecture is radically transforming business processes and communication.

Adobe and Microsoft are using A.I. to create a 'brand new category and industry,' Adobe CEO says (CNBC) Together with Microsoft, Adobe is leveraging artificial intelligence to push deeper into customer relationship management and create a "brand-new category in industry," Adobe CEO Shantanu Narayen told CNBC on Friday.

Microsoft Acquires Another AI Company, Lobe (PCMAG) Founded in 2015, Lobe makes an AI tool that lets developers build custom deep learning models for their apps without having to write code. The team plans to continue developing Lobe as a standalone service for multiple platforms.

Maryland just opened up a tax credit for cybersecurity investors (Technical.ly Baltimore) A change in the incentive for investors in the state's cybersecurity companies was passed in Annapolis this year. The law also includes a unique tax credit for small businesses who buy local.

Here's Why SAIC Is Spending $2.5 Billion to Expand Its Government IT Business (The Motley Fool) Merger mania continues in the government services sector. Who are the winners and losers from all the dealmaking?

Three things to watch in SAIC-Engility combo (Washington Technology) SAIC's planned acquisition of Engility hasn't been greeted as a barn-burner in the market yet. But maybe that's not such as bad thing as both companies try to move beyond their legacies.

VetsinTech Receives $1 Million Grant from Craig Newmark Philanthropies to Bolster Cybersecurity Program for Veterans (Virginian-Pilot) Today, VetsinTech announced a $1 million grant from Craig Newmark, founder of craigslist and Craig Newmark Philanthropies, to support the organization's commitment to helping

IT Security: Bomgar to Become BeyondTrust (Security Boulevard) Bomgar announced its intent to acquire BeyondTrust, with the combined IT security entity being known as BeyondTrust. Terms of the deal were not disclosed. Bomgar announced its intent to acquire BeyondTrust, with the combined IT security entity being known as BeyondTrust.

Products, Services, and Solutions

Zscaler Achieves AWS Security Competency Status for Zero Trust (Odessa American) Zscaler, Inc., the leader in cloud security, today announced that Zscaler Private Access™ (ZPA™) is the first zero trust architecture to achieve Amazon Web Service (AWS) Security Competency status.

Exabeam adds updated case management module to flagship analytics (Intelligent CIO Middle East) Exabeam, the next-gen security management company, has announced the addition of case management functionality into Exabeam Advanced Analytics and Exabeam Entity Analytics, its market-leading user and entity behaviour analytics (UEBA) solutions. The case management offering helps security teams organise and streamline their response efforts to boost security operation centre (SOC) productivity. Exabeam Case Management is […]

Technologies, Techniques, and Standards

Will The Latest IBM Proposal For Supplier’s Declaration Improve Transparency in AI Algorithms? (Analytics India Magazine) Deep learning has had enormous impact on the fields of computer vision, natural language and many other fields. But deep learning models have also been plagued with unexplainability and lack of transparency. The black box nature of DL models is the chief cause for non-interpretability. Now, to overcome these shortcomings, researchers are focusing on ‘Explainable AI’ wherein scientists can understand DL models and trace how the output was achieved. So far, DL models have achieved near human accuracy in image recognition, but through brute force techniques wherein they are fed terabytes of data.

Businesses Urged Not To Pay Cyberattackers (PYMNTS.com) Small business owners are making a grave mistake if they assume their firms are not a prime target for cyberattackers. Not only are small and medium-sized businesses (SMBs) a prime target, but such an attack can be detrimental to a small company without the resources to combat a security threat. Nearly half of the small […]

Securing Mass Transit Railway Systems (Mass Transit) By putting in the necessary time and effort to prepare and implement a robust cybersecurity strategy, railway operators can not only avoid potential loss of revenue but also enhance their reputation as a reliable provider of hassle-free, on-time service.

Is hiring a hacker ever a good idea? (ZDNet) People often talk about a skills shortage in cyber security - could hiring those with a murky past be the answer? Or is it too risky?

What is card-on-file EMV payment tokenization? (Rambus) The way we pay is changing. Consumers are now using their PC, smartphones, wearable devices and even cars to buy goods and services. The size and value of the card-not-present (CNP) market is increasing exponentially as payment use-cases across e-commerce, m-commerce and the Internet of Things (IoT) emerge and mature. What is card-on-file? The process …

Break out of malware myopia by focusing on the fundamentals (Help Net Security) The ability to understand and prioritize cyber hygiene provides a statistically derived understanding that works as an antidote for malware myopia.

Data privacy automation: Unlock your most valuable asset (Help Net Security) Demand for data privacy automation is here. Manual processes cannot keep pace with the demands of modern privacy regulations.

8 critical safety tips for safer online banking (Security Boulevard) Prevent digital attacks and protect your hard-earned dollars with these 8 critical safety tips for safer online banking. The post 8 critical safety tips for safer online banking appeared first on Emsisoft | Security Blog.

Design and Innovation

Launching the cybersecurity moonshot (Fifth Domain) The United States is reliant on digitally-connected technologies that are fundamental to our national security, public safety, and economic prosperity. Our nation’s ability to protect and enhance the cybersecurity is a national imperative.

Voldemort, Alex Jones, and my Facebook account (Skating on Stilts) For those who've been waiting (and maybe hoping) that I'd be suspended from Facebook after I linked to infowars.com, we have an answer. I began the experiment when a guy named Brandon Straka, leader of the conservative #WalkAway initiative, announced that he had been given a 30-day account suspension for linking from Facebook to his upcoming interview on infowars.

Army looks to build stronger tactical cyber teams (Fifth Domain) How is the Army planning on developing forces and capabilities to conduct tactical cyber operations?

Research and Development

Entanglement allows one party to control measurement results (Ars Technica) Alice controls Bob via quantum measurements. Bob can't reciprocate.

Researchers Discover a Pattern to the Seemingly Random Distribution of Prime Numbers (Motherboard) The pattern has a surprising similarity to the one seen in atom distribution in crystals.

Why does access to the internet go out? DHS wants to know (Fifth Domain) The Department of Homeland Security announced funding to boost attribution into cyberattacks and internet cuts as the Trump administration has placed a greater effort to name hackers.

Academia

University Cyber Attacks Down To Students, Staff (Silicon UK) Inside job? Cyber criminals not responsible for hacks of universities and colleges, study suggests

Legislation, Policy and Regulation

E.U.: Tech Giants Face Big Fines, 1 Hour Limit to Remove Extremist Content (Threatpost) The rules would apply to all hosting service providers offering services in the E.U., regardless of size, even if they’re not based there.

Preparing for the next European Union Directive: EU NIS (Infosecurity Magazine) GDPR concerns every industry that handles data; EU NIS has a much more refined scope as it applies only to critical infrastructure.

India excludes Huawei and ZTE from 5G trials (Korea Times) India has excluded Huawei and ZTE from participating in trials to speed up 5G technology in the country amid security concerns surrounding the Chinese telecoms equipment providers. Local media reported Friday that the Department of Telecommunications has asked Samsung, Cisco, Ericsson and Nokia to be project partners for the trials.

India’s ban on Huawei, ZTE to ‘please US’ will be opposed by local telecoms operators: experts (Global Times) India's exclusion of Chinese telecom equipment companies from 5G trials will eventually hurt its own telecoms industry and is a move that follows the US in terms of politicizing business deals, experts said on Sunday.

Nations Must Approach Cybersecurity with the "Intensity Once Reserved for Their National Security," Unisys Chairman and CEO Peter Altabef to Tell International Cybersecurity Experts (Business Insider) Cybersecurity and national security are aggressively converging, resulting in an 'imperative' for nations...

With A Stroke Of a Pen The U.S. Brings Cyberwarfare Closer to Home (International Policy Digest) President Donald Trump's decision to repeal Presidential Policy Directive 20 could cause a significant increase in cybercrimes and potentially cyberwarfare.

Federal SPF and DMARC Adoption Up More Than 30 Percent Points Leading Up to BOD 18-01 Deadline (Proofpoint) The one-year mark for BOD 18-01 is quickly approaching, with about a month to go until the October 16, 2018 compliance deadline. A significant portion of the mandate set forth by the Department of Homeland Security (DHS) requires civilian federal agencies to implement DMARC and SPF email authentication protocols on all domains.

Analysis | The Cybersecurity 202: California's Internet of Things cybersecurity bill could lay groundwork for federal action (Washington Post) The state is a leader in tech policy.

How hackers could attack Wisconsin’s elections and what state officials are doing about it (WisconsinWatch.org) Cybersecurity experts warn that private vendors, modems and removable memory devices make the state’s decentralized voting system vulnerable to attack

How Secure are our Voting Systems for November 2018? (Dark Reading) Anomali CEO Hugh Njemanze discusses the importance of sharing threat intelligence across the country's highly decentralized voting systems to safeguard the integrity of upcoming elections.

Cybersecurity Is Only 1 Part of Election Security (Dark Reading) Protecting the 2018 election cycle means fixing the information infrastructure.

Litigation, Investigation, and Enforcement

North Korea Claims US Indictment is Vicious Smear (Infosecurity Magazine) North Korea Claims US Indictment is Vicious Smear. Alleged hacker is “non-entity” says Pyongyang

FBI Director Christopher Wray says China is agency's top counterintelligence priority (CBS News) Christopher Wray tells "CBS This Morning" co-host Norah O'Donnell that one of China's targets is "something that I think most Americans don't understand"

Dutch ousted Russians for alleged attempt to hack Swiss lab (AP News) Dutch authorities arrested and expelled two suspected Russian spies months ago for allegedly trying to hack a Swiss laboratory that conducts chemical weapons tests,

Analysis | How badly did Russia’s interview with the Skripal poisoning suspects backfire? (Washington Post) We measured the response — and it was harsh.

Skripal Poisoning Suspect's Passport Data Shows Link to Security Services (Bellingcat) Read The Insider Russian report on this same topic here. An ongoing Bellingcat investigation conducted jointly with The Insider Russia has confirmed through uncovered passport data that the two Russian nationals identified by UK authorities as prime suspects in the Novichok poisonings on British soil are linked to Russian security services. This finding directly contradicts...

Beijing accuses Taiwan of blackmailing students into spying for it (South China Morning Post) More than 100 cases cracked by Thunderbolt 2018 Crackdown, state broadcaster CCTV says

U.S. Probes Danske Bank Over Russian Money Laundering Allegations (Wall Street Journal) U.S. law enforcement agencies are probing Denmark’s largest bank over allegations of massive money laundering flows from Russia and former Soviet states, according to a person familiar with the matter.

Analysis | A fresh look back at 2016 finds America with an identity crisis (Washington Post) Authors point to issues of race, religion, gender and ethnicity, not economic anxiety, as the factors that brought President Trump to the White House.

In the Russia Probe, It’s ‘Qui S’excuse S’accuse’ (National Review) The FBI strained to make a case on Donald Trump even as they were burying a daunting criminal case on Mrs. Clinton.

Police hit Australian immigration centre over alleged AU$3m business email scam (ZDNet) NSW Police allege a 43-year-old Nigerian man was coordinating a AU$3 million business email compromise scam from within an Australian immigration detention centre.

Andrew Murray: Ukraine bans Corbyn ally over national security (Times) One of Jeremy Corbyn’s closest advisers has been banned from entering Ukraine on national security grounds. Andrew Murray, a former communist who also works for the trade union Unite, has been...

Army Wrongly Ignored Palantir In $206M Deal, Fed. Circ. Says (Law360) The U.S. Army’s decision to shut data analytics firm Palantir Technologies out of a $206 million intelligence system procurement violated a statute requiring federal agencies to give preference to commercial companies in contracting whenever possible, the Federal Circuit ruled, putting teeth into the largely untested law.

Kaspersky Faces Tough Questions at Appeals Court (Nextgov.com) The Russian anti-virus software company faces what could be its last chance to make its case against a U.S. governmentwide ban.

Sorry, Sony Music, you don’t own the rights to Bach’s music on Facebook (Ars Technica) Public shaming forces publisher to abandon ridiculous claim to classical music.

Equifax report uncovers unencrypted usernames and passwords and security equipment that wasn't working (Computing) Official report into Equifax breach reveals dysfunctional IT department that didn't even know how much data had been stolen

Fake-cryptocurrency Ponzi scheme lands creator in prison (Ars Technica) Josh Garza said his company began with noble intentions, but it "turned into greed."

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

Insider Threat Program Development-Management Training Course (San Antonio, Texas, USA, September 17 - 18, 2018) Insider Threat Defense will hold its highly sought-after Insider Threat Program Development-Management Training Course, in San Antonio, Texas, on September 17-18, 2018. This two-day training course will provide the Insider Threat Program (ITP) Manager, Facility Security Officer, and others (CIO, CSO, CISO, Human Resources, IT, Network Security, Etc.) supporting an ITP, with the knowledge and resources (Templates, Checklits, Etc.) to develop, manage, or enhance an ITP. This training covers, and goes beyond compliance regulations for an ITP (National Insider Threat Policy, NISPOM Conforming Change 2). Insider Threat Defense is one of the few ITP training vendors to offer a guarantee with their training. Insider Threat Defense has provided training and services (In Over 14 U.S. States) to an impressive list of 540+business-organizations / 680+ security professionals.

International Consortium of Minority Cybersecurity Professionals (ICMCP) 3rd Annual National Conference (Atlanta, Georgia, USA, September 17 - 19, 2018) The International Consortium of Minority Cybersecurity Professionals (ICMCP) 3rd Annual National Conference continues to elevate the national dialogue on the very necessary strategic, tactical and operational imperatives needed to attract and develop minority cybersecurity practitioners. By providing a combination of thought leadership, awareness and engagement, the 3rd Annual National Conference will seek to break from the norm of day-long sessions of talking-heads through interactive “decode sessions” intended to include conference attendees in helping to devise innovative strategies to tackling cybersecurity’s diversity challenges.

Air Space & Cyber Conference (National Harbor, Maryland, USA, September 17 - 19, 2018) Gain new insights and skills to advance your career. Be among the first to see the latest innovations in airpower, space, and cyber capabilities all the while bonding with your fellow Airmen. Inspiring addresses from recognized leaders in your Air Force will give you drive for taking your career to the next level. You can do all of this and more at AFA’s annual Air, Space & Cyber Conference (ASC).

SecureWorld St. Louis (St. Louis, Missouri, USA, September 18 - 19, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

SINET Global Cybersecurity Innovation Summit (London, England, UK, September 18 - 19, 2018) SINET, an organization focused on advancing cybersecurity innovation through public-private collaboration, today announced that its annual Global Cybersecurity Innovation Summit (GCIS), will take place September 18-19, 2018. SINET’s collaborative forum brings together a notable group of senior level industry and government cybersecurity professionals. The event, supported by Her Majesty’s Government and the U.S. Department of Homeland Security (DHS) Science and Technology Directorate (S&T), will be held at The British Museum in London.SINET GCIS will provide exclusive opportunities for attendees to engage directly with a select network of influential thought leaders, solution providers, researchers and investors from the global security community. The events are recognized among technology companies as a unique and exclusive opportunity for sponsors to schedule 1:1 meetings with top-level decision makers. These 15-minute meetings grant technology companies the opportunity to introduce their solution to high-level executives within targeted industries and source feedback from knowledgeable buyers.

5th Annual Industrial Control Cyber Security USA (Sacramento, California, USA, September 18 - 19, 2018) Now in its 5th year, this two day executive forum will include presentations, roundtable working groups and panel sessions. Together we will address the escalating cyber risk and resilience challenges associated with the adoption and convergence of operational technologies in enterprise facing architecture. Practitioners will gain further insight into how to best respond to evolving cyber threats, the importance of effective risk management throughout the industrial control supply chain, innovations in detection and mitigation, configuration management and how can we incorporate resilience into critical control system components and business process.

Security in our Connected World (Beijing, China, September 19, 2018) This year’s seminar will not only examine critical security technologies, such as the Trusted Execution Environment (TEE) and Secure Element (SE), but will also delve into their associated business and technical use cases, to explore more deeply the need for security in our connected world. Timely and relevant seminar topics to include a focus on the Internet-of-Things (consumer, industrial and enterprise), identification and authentication, payment and value-added services, premium content protection, device trust, and certification. And, as always, delegates will be able to witness ‘real world’ solutions from our sponsoring/exhibiting member organizations.

Detect 18 (National Harbor, Maryland, USA, September 19 - 21, 2018) Detect '18 is the single largest conference dedicated to threat intelligence. This year we're calling on fellow "Threatbusters" to wage a high-tech battle against apparitions (aka bad actors) and learn how to better save the world from cyber destruction! At Detect '18 you will be able to: immerse yourself in 30+ hours of education and training; chooose from 30+ breakout sessions designed for every experience level; listen to peer presentations highlighting real-world issues and solutions; network, network, network with your peers in a social setting; and earn CPE Credits to keep your credential current.

Cyber Beacon (Washington, DC, USA, September 20, 2018) Cyber Beacon is the flagship event of the National Defense University's College of Information and Cyberspace (NDU CIC). The conference brings together cyber experts from across the national security community, private sector, and academia to discuss the most pressing problem sets concerning cyberspace and national security. This year's theme is "decision making in cyberspace". Cyber Beacon V will be held on Wednesday 19 and Thursday 20 September 2018 at the NDU campus on Fort McNair in Washington, DC.

IT Security Leadership Exchange (Phoenix, Arizona, USA, September 23 - 25, 2018) IT Security Leadership Exchange is an invitation-only, strategic business summit that gathers Chief Information Security Officers (CISOs), senior decision-makers, and industry experts to address the unique needs and current challenges faced by enterprise cyber security leaders. A CISO’s role requires hands-on technical knowledge and understanding of security tools, techniques, and procedures combined with the need to manage up, down, and across the organization. This summit is the perfect platform for leaders to share information, gain insight and develop next-level strategy. Information security executives from across the country will come together for 2 days of peer breakouts and networking to answer the toughest questions facing them today.

Global Security Exchange (Las Vegas, Nevada, USA, September 23 - 27, 2018) Global Security Exchange—formerly the ASIS Annual Seminar and Exhibits—delivers new opportunities to exchange key ideas and best practices, expand global connections, and experience innovations. The GSX education program led by ASIS, InfraGard, and ISSA subject matter experts consists of 300+ sessions, each designed to deliver valuable, actionable takeaways to help shape your security strategy—today and in the future.

Merging of Cyber Criminal and Nation State Techniques: A Look at the Lazarus Group (Loudon, Virginia, USA, September 24, 2018) This presentation on North Korea's Lazarus Group as a case study of the convergence of organized cyber crime and nation-state intelligence services will be led by Allan Liska, a solutions architect at Recorded Future. Allan has more than 15 years experience in information security and has worked as both a blue teamer and a red teamer for the intelligence community and the private sector. Allan has helped countless organizations improve their security posture using more effective and integrated intelligence. He is the author of The Practice of Network Security, Building an Intelligence-Led Security Program, and Securing NTP: A Quickstart Guide and the co-author of DNS Security: Defending the Domain Name System and Ransomware: Defending Against Digital Extortion.

Connect Security World 2018 (Marseilles, France, September 24 - 26, 2018) While the number of IoT devices predicted by 2020 varies within tens of billions, all analysts agree that security is now the top concern of organizations looking at deploying IoT solutions. To address the unlimited risks surrounding billions connected “things”, Connect Security World 2018 unites Digital Security experts and IoT developers to securely develop, deploy and manage devices & services at IoT scale. In its 7th edition, this technical conference will cover the latest secure technologies stemming from cryptography to strategies and methods to minimize risks and enable successful implementations of end-to-end security – knowing that security is never perfect and no unique security solution (HW, SW…) can fit all levels of protection.

The Cyber Security Summit: New York (New York, New York, USA, September 25, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts. Learn from cyber security thought leaders and Engage in panel discussions focusing on trending cyber topics such as Sr. Leadership’s Best Approach to Cyber Defense, What’s Your Strategic Incident Response Plan?, Protecting your Enterprise from the Human Element and more. Your registration includes a catered breakfast, lunch, and cocktail reception. Receive half off your admission with promo code cyberwire50 at CyberSummitUSA.com and view details including the full agenda, participating solution providers & confirmed speakers. Tickets are normally $350, but only $175 with promo code.

5th Cyber Operations for National Defense Symposium (Washington, DC, USA, September 25 - 26, 2018) The 2018 Cyber Operations for National Defense Symposium will focus on the evolving nature of US Cyber policies and strategies. Cyber leaders from throughout the federal government will come together to discuss network and capability modernization efforts aimed at combating the diverse cyber threats to US National Security. The agenda will focus on defensive and offensive cyber operations as well as the technological capabilities needed by our forces to ensure they can defend American interests in all domains. Lastly, the event will feature two panels: one on protecting our Nation’s intricate critical infrastructure and one on securing the DoDIN.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

Ransomware notes. Oxbridge espionage. EternalBlue cryptojacking. EU content control, Pyongyang catphish, Moscow disinformation.