The CyberWire Daily Briefing 9.19.18

Summary

By The CyberWire Staff

The US State Department confirms that it's sustained a breach of its unclassified email system, with hundreds of staffers' information affected. ("Hundreds" is said to amount to about 1% of the Department's workforce.) The breach occurred earlier this year, and the principal concern is exposure of personal information.

Palo Alto Networks is tracking Iron Group, a Chinese-speaking criminal gang that’s distributing pseudoransomware. The malware steals and then destroys data; the ransom demand is just misdirection. The malicious code self-propagates across affected networks using backdoors exposed in a HackingTeam breach.

Bristol Airport still hasn't recovered from the "ransomware-like" attack it sustained at the end of last week.

Facebook has joined the companies offering to help political campaigns stay more secure during the US midterm elections. The social media platform is offering to help the campaigns set up two-factor authentication.

The US Defense Department has issued a new cyber strategy. That strategy assumes a contested cyberspace in both war and peace, and has the following major goals: mission assurance, enhanced US military advantage, defense of critical infrastructure, securing Defense information and systems, and expanded cooperation with all partners (US Government, industry, and allied).

A US Federal District Court has decided to allow juries to apply securities law to cases involving Initial Coin Offering (ICO) fraud. This is expected to set a precedent for more regulatory action in ICO markets.

The three young hackers responsible for the Mirai botnet are getting their sentences suspended. Instead of jail time, they're cooperating with the FBI.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, Chile, China, European Union, Germany, Iran, Russia, United Kingdom, and United States.

Yesterday’s Scorecard Won’t Protect Your From Tomorrow’s Breach

With 56% of global organizations experiencing third party breaches, it’s no surprise that third party risk is the hottest cybersecurity topic. Threat actors will continue to target third parties as long as their vulnerabilities go unchecked. You need a 24x7x365 monitoring solution. Read LookingGlass’ eBook to learn how to build a successful third party risk program, so your organization isn’t left relying on old data to protect your employees, customers, and brand.

On the Podcast

In today's podcast we hear from our partners at Lancaster University, as Daniel Prince offers thoughts on asset-based risk assessment. Our guest is Ray Watson from Masergy, who shares some informed reflection on soft targets.

Sponsored Events

The Browser Can Win and Lose Midterm Elections (Washington, DC, United States, September 20, 2018) Join Authentic8 in DC for a happy hour and appetizers. Come learn how a browser can be tracked and used for campaign targeting, what technical hurdles are in the current campaign targeting landscape, and how you can protect yourself.

Cyber Security Summits: September 25 in NYC on October 16 in Phoenix (New York, New York, United States, September 25, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, The NSA, Google, IBM, Darktrace, CenturyLink and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com

FireEye Cyber Defense Summit 2018 (Washington, DC, United States, October 1 - 4, 2018) Get trained by a FireEye expert at our annual Cyber Defense Summit. Training opportunities at this event offer attendees hands-on, small-group, interactive sessions with some of the most experienced FireEye cyber security experts.

Dragos Industrial Security Conference (DISC) 11/5/18 (Hanover, Maryland, United States, November 5, 2018) Reserve your spot now for the Dragos Industrial Security Conference (DISC) on November 5th, 2018. DISC is a free, annual event for our customers, partners, and those from the ICS asset community. Visit https://dragos.com/disc/ for more information.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

State Department confirms breach of unclassified email system (CSO Online) The U.S. State Department confirmed it suffered a data breach of its unclassified email system. It says less than 1% of employees were affected.

State Department Email Breach Hit Hundreds of Staff (Infosecurity Magazine) State Department Email Breach Hit Hundreds of Staff. Personal info may have been exposed

Chinese-speaking cybercrime group launches destructive malware (Cyberscoop) A prolific cybercrime group known as Iron Group is actively developing a new family of destructive malware that pretends to ask for ransom,

Two New Monero Malware Attacks Target Windows and Android Users (Security Intelligence) Researchers discovered two new monero malware attacks: one that targets Windows with stealthy mining operations, and another that masquerades as a Google Play Store update for Android.

They’re Drinking Your Milkshake: CTA’s Joint Analysis on Illicit Cryptocurrency Mining (Cyber Threat Alliance) In April, we blogged about CTA’s role in disrupting malicious cyber activity. We introduced the idea of routinely bringing our members together to develop Joint Analysis reports on specific threats and campaign activity, the same way our early members came together to report on the threat from Cryptowall Version 3 in 2015. Our goal with... View Article

Here we Mongo again! Millions of records exposed by insecure database (Naked Security) Another day, another poorly configured MongoDB database.

Hackers have planted credit card stealing malware on local government payment sites (TechCrunch) Security firm FireEye has confirmed that a widely used web payment portal used to pay for local government services, like utilities and permits, has been targeted by hackers. Hackers have broken into self-hosted Click2Gov servers operated by local governments across the US, likely using a vulnerabi…

IoT Malware Detections Soar 273% Since 2017 (Infosecurity Magazine) IoT Malware Detections Soar 273% Since 2017. Kaspersky Lab warns home users of growing threat

Political Figures Differ Online: Names of Trump, Obama, Merkel Attached to Ransomware Campaigns (McAfee Blogs) Politics and ransomware. No, it’s not a lost single from the Oasis back catalogue, but in fact a relatively recent tactic by ransomware developers looking to exploit the profiles of major politicians to install ransomware on victims’ computers. Donald Trump, Angela Merkel, and now Barack Obama all serve as lures for

Bristol airport still recovering from 'ransomware' attack (SC Magazine) An attack 'similar to' ransomware forced airport staff to take key information screens offline at Bristol Airport, and four days later full service has not yet been resumed.

Hackers stole customer credit cards in Newegg data breach (TechCrunch) Newegg is clearing up its website after a month-long data breach. Hackers injected 15 lines of card skimming code on the online retailer’s payments page which remained for more than a month between August 14 and September 18, Yonathan Klijnsma, a threat researcher at RiskIQ, told TechCrunch. …

The Cyberthreats That Most Worry Election Officials (Wall Street Journal) How attacks could be attempted—and what officials are doing to make sure they don’t affect the midterms.

State of the Internet Security - Credential Stuffing (Akamai) Credential stuffing, and the botnets behind this activity, is the primary focus of the State of the Internet Security Report, Issue 4, 2018. Credential stuffing, the use of botnets to try to login to a site with stolen or randomly...

FBI: Phishing Attacks Aim to Swap Payroll Information (Dark Reading) Social engineering scams target employees' payroll credentials so attackers can access and change their bank account data.

Only one third of email reaches inboxes (ITP.net) FireEye says two-thirds of email stopped by security solutions.

Hackers acknowledge Windows flaws but prefer social engineering tricks (Fifth Domain) Fifty percent of hackers at the Black Hat conference said that they had readily compromised the Windows system, but added they preferred to use social engineering to hack users

Hackers Say Windows 8 and 10 Easiest Entry Points (Infosecurity Magazine) A Black Hat survey finds 50% of hackers enter IT systems via Windows 8 and 10.

How Hackers Talk Their Way Into Getting Company Secrets (Wall Street Journal) With ‘social engineering’ schemes, cybercriminals trick employees into handing over valuable information.

Types of Texts You Should Delete Immediately (Reader's Digest) Friends and family aren’t the only ones who text you. Scammers do too! Here's how to recognize this type of scam, which is called smishing.

Years on, third party apps still exposing Grindr users’ locations (Naked Security) A third party app can use Grindr’s distance data to pinpoint a users location down to a room within a house.

The most expensive tweets on record that cost businesses billions (The Telegraph) In less than 60 characters, Elon Musk lost short sellers...

Security Patches, Mitigations, and Software Updates

Intel releases firmware update for ME flaw (Naked Security) It’s only September and yet 2018 is well on its way to being remembered as the year of fixing flaws we didn’t realise were possible in hardware we’d never heard of.

iOS 12 is here: these are the security features you need to know about (Naked Security) One year to the day after iOS 11 appeared, Apple yesterday released its replacement, iOS 12.

Serious Security Vulns Patched In IBM i (IT Jungle) No good deed goes unpunished. Such as it is with cybersecurity, which demands unceasing attention paid to a never-ending stream of flaws and patches as the cost of remaining off the front page. To that end, IBM patched several more security flaws in IBM i last week, including two serious flaws in Node.js, five critical

SharePoint Workflows go belly-up when you install the September .Net Security Only patch (Computerworld) Another major bug in this month’s patches, officially acknowledged, affects the Security Only .Net patch KB 4457916, for Win8.1 and Server 2012 R2. Install that patch and any defined Sharepoint Workflows will fail to run.

Cyber Trends

World War AI (Foreign Policy) China and America should watch out: Artificial intelligence could propel emerging powers to the forefront of war while leaving old superpowers behind.

Europol: Ransomware Will be Top Threat for Years (Infosecurity Magazine) Europol: Ransomware Will be Top Threat for Years. But crypto-jacking and mobile malware on the rise

Researchers: Users allowed to access infected sites found through search engines (TheHill) Users are largely allowed to access infected websites found through search engines, according to new research published Tuesday.

The SiteLock Website Security Insider Q2 2018 (SiteLock) Did you know that websites experience an average of 58 attacks per day? That’s one cyberattack approximately every 25 minutes! Even more startling, as much as 61 percent of all internet traffic is automated traffic from bots, meaning these attacks do not discriminate based on the size or popularity of a website. No website is too small or too new to hack.

No Time for Complacency: Watch Your Back on Biometrics, Compliance, and Insider Threats (Infosecurity Magazine) The three most common threats, according to the ISF's Threat Horizon.

Why a long military career in cyber feels like a rarity (Fifth Domain) Current manpower models don't invest in the longevity of the cyber force.

Almost half of UK internet users 'harmed' (BBC News) The range of harms include cyber-scams as well as trolling, bullying and stalking, finds an Ofcom study.

83% of SMB owners have no cash put aside to deal with the fallout from a cyber attack (Help Net Security) SMBs are leaving themselves exposed to financial risk from cybercrime by not having adequate measures in place to recover in the event of a cyber attack.

Regtech to account for 40% of global compliance spend by 2023 (Help Net Security) A new study from Juniper Research has found that spending on Regtech platforms will exceed $115 billion by 2023, up from an estimated $18 billion in 2018.

Marketplace

Pentagon spending could lead to consolidation of cybersecurity industry (Fifth Domain) More purchases of electronic-warfare equipment by the Pentagon will drive consolidation of the cybersecurity industry, according to new analysis.

DIA announces winners in massive intelligence technology contract (C4ISRNET) The HELIOS contract seeks to develop technologies that can enhance the intelligence gathering capabilities within the elusive agency and prevent

Zinopy cybersecurity firm acquired by Trilogy Technologies (The Irish Times) Deal will see creation of group with annual revenue above €20 million

Fidelis Cybersecurity Raises Growth Capital to Accelerate Innovation of its Unified Security Platform and 24x7 MDR Service (BusinessWire) Fidelis Cybersecurity, a leading provider of automated detection and response capabilities through its Fidelis ElevateTM platform, today announced the

Former Anonymous Hacker Raises $2.5m for Startup (Infosecurity Magazine) A cybersecurity startup founded by a convicted Anonymous hacker sees its first major capital raise.

Trump's Immigration Cops Just Gave America's Hottest iPhone Hackers Their Biggest Payday Yet (Forbes) iPhone hackers GrayShift just sold nearly $400,000 of its tech to America's immigration cops. Human rights activists are fretting about the amount of surveillance technology being bought by ICE.

Data61 says Australia is still missing out on innovation opportunity (ZDNet) Innovation is a AU$315 billion opportunity, and Data61 is still trying to convince Australia to take advantage of it.

Hackers beware: These 5 Austin cybersecurity firms are making a difference (Built In Austin) With major data leaks and malicious digital threats in the news on a near-daily basis, the need for cutting-edge cybersecurity is more apparent than ever. On an individual level, cyberthreats can damage one’s financial and personal life. On a broader economic level, a leading study reported that the world lost more than $600 billion in 2017 alone due to digital threats.

CenturyLink names Chris Betz as Chief Security Officer (MediaRoom) Chris Betz joins CenturyLink, Inc. (NYSE: CTL) as its Chief Security Officer, responsible for leading the company's corporate security, information security and security product development teams....

Products, Services, and Solutions

Nozomi Networks Integration with Cisco Technologies Delivers Enterprise-Wide ICS Security (Nozomi Networks) The Nozomi Networks integration with Cisco Security technologies delivers comprehensive IT / ICS security and visibility across the IT/OT network.

WatchGuard Unveils Trusted Wireless Environment Framework to Help Businesses Build Fast, Scalable and Secure Wi-Fi Networks (Markets Insider) WatchGuard® Technologies, a leader in advanced network security solutions, today launched its new Trusted Wireless E...

Free Resources for Cybersecurity Awareness Month 2018 (Wombat Security) Take your end users’ security awareness to new heights this October with our Cybersecurity Awareness Month materials.

Research from Spirent with ESG Reveals Shifting Priorities in Response to Increased Cybersecurity Complexity (Press of Atlantic City) Spirent Communications plc (LSE: SPT) today announced the availability of a research report conducted by Enterprise Strategy Group (ESG) that reveals a number of crucial

ThreatConnect Joins Symantec Technology Integration Partner Program (MarketWatch) Global ecosystem of 100+ technology companies work together to battle cyber threats

LENSEC Includes Comprehensive Security Protection in Perspective VMS® (PRNewswire) PVMS is Cybersecure Software, Ready with Encryption, Protecting the Entire Security System

Exabeam and SecureAuth + Core Security Partner to Secure Enterprise Identities Against Credential-Based Threats (SecureAuth) Exabeam, the fastest growing next-gen security information and event management company, and SecureAuth + Core Security, the leader in identity security automation, today announced a collaborative relationship to secure enterprise identities against increasingly sophisticated credential-based threats.

ManageEngine strengthens endpoint security with the launch of Browser Security Plus (Help Net Security) Browser Security Plus is a browser management solution that helps organizations secure their data in the cloud and protect their networks from cyberattacks.

NSFOCUS introduces new capability to identify cyber risk exposure (Help Net Security) NSFOCUS EISA is built to address risks by searching for unknown IPs, hijacked IPs, unknown ports open on known IPs, and the services running on those ports.

WISeKey Announces Strategic Partnership with Tarmin for WISeBox Integration Cloud Based Secure Data Offering (GlobeNewswire News Room) WISeKey International Holding Ltd (SIX: WIHN, OTTCQX: WIKYY), a Swiss based cyber security and IoT company, today announced a strategic partnership with Tarmin, the global pioneer of Data Defined Infrastructure, next generation data management and storage solutions to jointly develop the WISeBox solution.

Kudelski Security Announces Partnership with SentinelOne (Nagra) Company’s Focus on Endpoint Security Expands with the Addition of New Technology Offerings for Clients in the United States

Technologies, Techniques, and Standards

How Facebook wants to protect political campaigners from hacking (Naked Security) The social network is trying to protect candidates, elected officials and their staff from “hackers and foreign adversaries”.

Here's How Facebook Is Trying to Moderate Its Two Billion Users (Motherboard) Moderating billions of posts a week in more than a hundred languages has become Facebook’s biggest challenge. Leaked documents and nearly two dozen interviews show how the company hopes to solve it.

Your Network Has Been Hacked. You Have 72 Hours to Report It. (Wall Street Journal) Companies are scrambling to meet new regulations that require them to figure out what’s going on—quickly.

Why You Need a VPN—and How to Choose the Right One (Wall Street Journal) Everybody’s snooping on your internet traffic. The key is to stay hidden.

How to Protect Your SMB Clients from Ransomware (Security Boulevard) No company is too small to be devastated by a ransomware attack. In fact, small and medium-sized businesses (SMBs) are prime targets, and the number--and cost--of such attacks continues to rise.

How to Defend Against GPS Spoofing Attacks (Wall Street Journal) As ship and car makers race to roll-out self-driving technology, security researchers warn that attacks using fake GPS signals could increase and become more dangerous.

Why humans are necessary to the threat hunting process (Help Net Security) A bot can't engage with threat actors online and blend in. Manual intelligence gathering and human involvement is necessary to the threat hunting process.

How AI Can Help Stop Cyberattacks (Wall Street Journal) As hackers get smarter and more determined, artificial intelligence is going to be an important part of the solution.

Key weapon for closing IoT-era cybersecurity gaps? Artificial intelligence (Help Net Security) Security teams are looking to artificial intelligence (AI) as a key weapon to win the battle against stealthy threats inside their IT infrastructures.

Forget Passwords. It’s Time for Passphrases. (Wall Street Journal) Two researchers say they have come up with a system that makes passphrases more secure and practical.

Design and Innovation

2018 SINET 16 Innovators Announced (BusinessWire) SINET announced today the winners of its annual SINET 16 innovation competition. Winners were selected from a pool of 123 applicants and 9 countries.

Data61, Hensoldt Cyber partner on cyber attack protection systems (iTWire) Data61, the CSIRO’s innovation network, has announced a global partnership with German cyber security company Hensoldt Cyber to collaborate on the dev...

Research and Development

DARPA Selects BAE Systems to Develop Cyber-Hunting Tools (Engineering) BAE Systems will create automated real-time defense tools for the DARPA CHASE program.

Academia

The National Cyber Security Centre and IBM Security Join Forces to Improve Security Skills (Security Intelligence) Organizations are struggling to hire enough people with the right security skills. Industry and government must work together to give more opportunities to potential cyber talent.

Legislation, Policy and Regulation

U.S.-Chile Executive Cyber Consultation (U.S. Department of State) Senior representatives from the United States and Chile participated in an Executive Cyber Consultation in Washington, D.C., August 23-24, 2018 to facilitate stronger bilateral cooperation on cyber issues, including government capacity to address emerging challenges and shared threats in cyberspace.

DoD releases first new cyber strategy in three years (Fifth Domain) The much awaited strategy articulates how the DoD will combat strategic competitors such as Russia and China.

Summary: Department of Defense Cyber Strategy (US Department of Defense) American prosperity, liberty, and security depend upon open and reliable access to information.

Restrictions Removed from Cyber Command – Is the U.S. Ready to Hack Back? (TechNative) In August 2018, the U.S. President rescinded the former administration’s Presidential Policy Directive 20 (PPD-20) – the authority that dictated how the United States engaged in cyber operations, which was leaked by National Security Agency leaker, Edward Snowden...

White House Official Calls on Industry and Agencies to Share More Cyber Threat Info (Nextgov.com) Agencies should also start taking more tips from each other, according to an Office of Management and Budget cyber expert.

Analysis | The Cybersecurity 202: Lawmakers are ready to embrace ethical hackers, even if DHS isn't (Washington Post) A new bill would force DHS to open a bug bounty program.

U.S. senators seek punishment if China's ZTE violates deal (Reuters) Republican and Democratic U.S. senators introduced a bill on Tuesday that would ...

Is a new Air Force cyber office in the works? (Fifth Domain) The Air Force is discussing the potential stand up of a rapid cyber office.

Air Force mulls cyber RCO (FCW) The U.S. Air Force is considering a rapid capabilities office to streamline cybersecurity acquisition.

Air Force will use new authorities for cyber carrier (Fifth Domain) The Air Force will be using Section 804 authorities to procure Unified Platform.

Litigation, Investigation, and Enforcement

Mirai botnet creators praised for helping FBI, won’t serve prison time (Ars Technica) Three men mitigated Memcache attacks, aided APT researchers, and more.

The Mirai Botnet Architects Are Now Fighting Crime With the FBI (WIRED) In 2016 three friends created a botnet that nearly broke the internet. Now, they're helping the feds catch cybercriminals of all stripes.

Facebook accused of discriminating against women with targeted job adverts (The Telegraph) Facebook is discriminating against women by helping employers run job adverts that target only men, civil rights campaigners have claimed.

Will This Crypto Case Push Federal Regulators to Tackle More ICO Fraud? (New York Law Journal) A U.S. district court of New York ruling allowing a jury to apply securities laws in an ICO fraud case may set the stage for regulators to heighten actions in the nascent marketplace.

The Collateral Damage of Trump's Extreme Declassifications (WIRED) Trump has the legal right to make public whatever documents he chooses. But he's going to cause unknown damage in the process.

Dark Web: US court seizes assets and properties of deceased AlphaBay operator (HackRead) Follow us on Twitter @HackRead

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

International Consortium of Minority Cybersecurity Professionals (ICMCP) 3rd Annual National Conference (Atlanta, Georgia, USA, September 17 - 19, 2018) The International Consortium of Minority Cybersecurity Professionals (ICMCP) 3rd Annual National Conference continues to elevate the national dialogue on the very necessary strategic, tactical and operational imperatives needed to attract and develop minority cybersecurity practitioners. By providing a combination of thought leadership, awareness and engagement, the 3rd Annual National Conference will seek to break from the norm of day-long sessions of talking-heads through interactive “decode sessions” intended to include conference attendees in helping to devise innovative strategies to tackling cybersecurity’s diversity challenges.

Air Space & Cyber Conference (National Harbor, Maryland, USA, September 17 - 19, 2018) Gain new insights and skills to advance your career. Be among the first to see the latest innovations in airpower, space, and cyber capabilities all the while bonding with your fellow Airmen. Inspiring addresses from recognized leaders in your Air Force will give you drive for taking your career to the next level. You can do all of this and more at AFA’s annual Air, Space & Cyber Conference (ASC).

SecureWorld St. Louis (St. Louis, Missouri, USA, September 18 - 19, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

SINET Global Cybersecurity Innovation Summit (London, England, UK, September 18 - 19, 2018) SINET, an organization focused on advancing cybersecurity innovation through public-private collaboration, today announced that its annual Global Cybersecurity Innovation Summit (GCIS), will take place September 18-19, 2018. SINET’s collaborative forum brings together a notable group of senior level industry and government cybersecurity professionals. The event, supported by Her Majesty’s Government and the U.S. Department of Homeland Security (DHS) Science and Technology Directorate (S&T), will be held at The British Museum in London.SINET GCIS will provide exclusive opportunities for attendees to engage directly with a select network of influential thought leaders, solution providers, researchers and investors from the global security community. The events are recognized among technology companies as a unique and exclusive opportunity for sponsors to schedule 1:1 meetings with top-level decision makers. These 15-minute meetings grant technology companies the opportunity to introduce their solution to high-level executives within targeted industries and source feedback from knowledgeable buyers.

5th Annual Industrial Control Cyber Security USA (Sacramento, California, USA, September 18 - 19, 2018) Now in its 5th year, this two day executive forum will include presentations, roundtable working groups and panel sessions. Together we will address the escalating cyber risk and resilience challenges associated with the adoption and convergence of operational technologies in enterprise facing architecture. Practitioners will gain further insight into how to best respond to evolving cyber threats, the importance of effective risk management throughout the industrial control supply chain, innovations in detection and mitigation, configuration management and how can we incorporate resilience into critical control system components and business process.

Security in our Connected World (Beijing, China, September 19, 2018) This year’s seminar will not only examine critical security technologies, such as the Trusted Execution Environment (TEE) and Secure Element (SE), but will also delve into their associated business and technical use cases, to explore more deeply the need for security in our connected world. Timely and relevant seminar topics to include a focus on the Internet-of-Things (consumer, industrial and enterprise), identification and authentication, payment and value-added services, premium content protection, device trust, and certification. And, as always, delegates will be able to witness ‘real world’ solutions from our sponsoring/exhibiting member organizations.

Detect 18 (National Harbor, Maryland, USA, September 19 - 21, 2018) Detect '18 is the single largest conference dedicated to threat intelligence. This year we're calling on fellow "Threatbusters" to wage a high-tech battle against apparitions (aka bad actors) and learn how to better save the world from cyber destruction! At Detect '18 you will be able to: immerse yourself in 30+ hours of education and training; chooose from 30+ breakout sessions designed for every experience level; listen to peer presentations highlighting real-world issues and solutions; network, network, network with your peers in a social setting; and earn CPE Credits to keep your credential current.

Cyber Beacon (Washington, DC, USA, September 20, 2018) Cyber Beacon is the flagship event of the National Defense University's College of Information and Cyberspace (NDU CIC). The conference brings together cyber experts from across the national security community, private sector, and academia to discuss the most pressing problem sets concerning cyberspace and national security. This year's theme is "decision making in cyberspace". Cyber Beacon V will be held on Wednesday 19 and Thursday 20 September 2018 at the NDU campus on Fort McNair in Washington, DC.

IT Security Leadership Exchange (Phoenix, Arizona, USA, September 23 - 25, 2018) IT Security Leadership Exchange is an invitation-only, strategic business summit that gathers Chief Information Security Officers (CISOs), senior decision-makers, and industry experts to address the unique needs and current challenges faced by enterprise cyber security leaders. A CISO’s role requires hands-on technical knowledge and understanding of security tools, techniques, and procedures combined with the need to manage up, down, and across the organization. This summit is the perfect platform for leaders to share information, gain insight and develop next-level strategy. Information security executives from across the country will come together for 2 days of peer breakouts and networking to answer the toughest questions facing them today.

Global Security Exchange (Las Vegas, Nevada, USA, September 23 - 27, 2018) Global Security Exchange—formerly the ASIS Annual Seminar and Exhibits—delivers new opportunities to exchange key ideas and best practices, expand global connections, and experience innovations. The GSX education program led by ASIS, InfraGard, and ISSA subject matter experts consists of 300+ sessions, each designed to deliver valuable, actionable takeaways to help shape your security strategy—today and in the future.

Merging of Cyber Criminal and Nation State Techniques: A Look at the Lazarus Group (Loudon, Virginia, USA, September 24, 2018) This presentation on North Korea's Lazarus Group as a case study of the convergence of organized cyber crime and nation-state intelligence services will be led by Allan Liska, a solutions architect at Recorded Future. Allan has more than 15 years experience in information security and has worked as both a blue teamer and a red teamer for the intelligence community and the private sector. Allan has helped countless organizations improve their security posture using more effective and integrated intelligence. He is the author of The Practice of Network Security, Building an Intelligence-Led Security Program, and Securing NTP: A Quickstart Guide and the co-author of DNS Security: Defending the Domain Name System and Ransomware: Defending Against Digital Extortion.

Connect Security World 2018 (Marseilles, France, September 24 - 26, 2018) While the number of IoT devices predicted by 2020 varies within tens of billions, all analysts agree that security is now the top concern of organizations looking at deploying IoT solutions. To address the unlimited risks surrounding billions connected “things”, Connect Security World 2018 unites Digital Security experts and IoT developers to securely develop, deploy and manage devices & services at IoT scale. In its 7th edition, this technical conference will cover the latest secure technologies stemming from cryptography to strategies and methods to minimize risks and enable successful implementations of end-to-end security – knowing that security is never perfect and no unique security solution (HW, SW…) can fit all levels of protection.

The Cyber Security Summit: New York (New York, New York, USA, September 25, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts. Learn from cyber security thought leaders and Engage in panel discussions focusing on trending cyber topics such as Sr. Leadership’s Best Approach to Cyber Defense, What’s Your Strategic Incident Response Plan?, Protecting your Enterprise from the Human Element and more. Your registration includes a catered breakfast, lunch, and cocktail reception. Receive half off your admission with promo code cyberwire50 at CyberSummitUSA.com and view details including the full agenda, participating solution providers & confirmed speakers. Tickets are normally $350, but only $175 with promo code.

5th Cyber Operations for National Defense Symposium (Washington, DC, USA, September 25 - 26, 2018) The 2018 Cyber Operations for National Defense Symposium will focus on the evolving nature of US Cyber policies and strategies. Cyber leaders from throughout the federal government will come together to discuss network and capability modernization efforts aimed at combating the diverse cyber threats to US National Security. The agenda will focus on defensive and offensive cyber operations as well as the technological capabilities needed by our forces to ensure they can defend American interests in all domains. Lastly, the event will feature two panels: one on protecting our Nation’s intricate critical infrastructure and one on securing the DoDIN.

PCI Security Standards North America Community Meeting (Las Vegas, Nevada, USA, September 25 - 27, 2018) The PCI Security Standards Council’s 2018 North America Community Meeting is THE place to be. We provide you the information and tools to help secure payment data. We lead a global, cross industry effort to increase payment security by providing industry-driven, flexible and effective data security standards and programs that help businesses detect, mitigate and prevent criminal attacks and breaches. Don’t miss out!

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

State Department email breach. Iron Group's pseudoransomware. Bristol Airport recovering. US cyber strategy document is out.