The CyberWire Daily Briefing 9.27.18

Summary

By The CyberWire Staff

ESET reports that Fancy Bear (Russia's GRU, or, if you insist, Mr. Putin, Russia's "GU") is deploying a rootkit against its foreign targets. They're active so far mostly in the Balkans and other Central and Eastern European countries, and the kit they've deployed is "LoJax," malware developed from the LoJack anti-theft software. The attribution to Fancy Bear is, as is usually the case, circumstantial but compelling, based on the presence of other known Fancy Bear hacking tools.

Another ESET researcher has found a banking Trojan masquerading as a call recording app in Google's Play store. The bad app is, or was, since Google has now booted it out, called "QRecorder."

Cisco's Talos unit looked into VPNFilter malware and has discovered that it's even more capable than initially believed. The researchers found seven additional modules in VPNFilter. They think it was designed to debut against Ukrainian targets on the anniversary of the NotPetya attacks, but they also note that VPNFilter was also designed to be a long-term attack platform. The malware is particularly adapted for IoT attacks, especially against vulnerable routers.

Duo Security reports finding an authentication weakness in Apple's Device Enrollment Program that could be exploited for privilege escalation or rogue device deployment.

Yesterday's hearings in the US Senate covered online privacy. Big Tech expressed general approval of privacy regulations. Some of the GDPR's requirements are onerous, but they like consistency and predictability.

One of the suspects in the Salisbury nerve agent attacks has been identified as a GRU colonel.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting China, European Union, Iran, Israel, Japan, Russia, United Nations, United Kingdom, United States

Is your company passionate about empowering women to succeed in the cyber security industry?

The CyberWire’s 5th Annual Women in Cyber Security reception is a networking event that highlights and celebrates the value and successes of women in the cyber security industry. Leaders from the private sector, academia, and government from across the region and at varying points on the career spectrum can connect with each other to strengthen relationships while building new ones. Consider sponsoring the event. Limited sponsorships are available. Visit our website to learn more.

On the Podcast

In today's podcast, we speak with our partners at CenturyLink, as Mike Benjamin shares thoughts on the Foreshadow vulnerability. Our guest is Daniel Riedel from New Context Services, with some insight into synthetic identities.

And this week's episode of Hacking Humans is up. The talk is all about kidnappers, robots, and deep fakes. Joe shares a kidnapping scam targeting foreign students. Dave describes social engineering involving robots. Our guest is Robert Anderson from the Chertoff Group, discussing deep fake technology and how it erodes trust.

Sponsored Events

FireEye Cyber Defense Summit 2018 (Washington, DC, United States, October 1 - 4, 2018) Get trained by a FireEye expert at our annual Cyber Defense Summit. Training opportunities at this event offer attendees hands-on, small-group, interactive sessions with some of the most experienced FireEye cyber security experts.

CyberMaryland Job Fair on October 9 in Baltimore, MD. (Baltimore, Maryland, United States, October 9, 2018) Cleared and non-cleared cybersecurity pros make your next career move at the CyberMaryland Job Fair, October 9 in Baltimore. Meet leading cyber employers including Bank of America, FireEye, NSA, Raytheon, USCYBERCOM and more. Visit ClearedJobs.Net or CyberSecJobs.com for more details.

Dragos Industrial Security Conference (DISC) 11/5/18 (Hanover, Maryland, United States, November 5, 2018) Reserve your spot now for the Dragos Industrial Security Conference (DISC) on November 5th, 2018. DISC is a free, annual event for our customers, partners, and those from the ICS asset community. Visit https://dragos.com/disc/ for more information.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

Russian hackers ‘Fancy Bear’ now targeting governments with rootkit malware (TechCrunch) Security researchers say that they have found evidence that for the first time Russia-backed hackers are now using a more sophisticated type of malware to target government entities. ESET presented its case Thursday that the hacker group, known as Fancy Bear (or APT28), is using rootkit malware to …

Without offering evidence, Trump accuses China of interfering in U.S. midterm elections (Washington Post) At a meeting of the U.N. Security Council, the president asserted Beijing was retaliating against him over the escalating trade war.

Intel chief Dan Coats warns of China's 'potent' cyber threat during Citadel event (Post and Courier) Director of National Intelligence Daniel Coats sounded the alarm about foreign interference in the U.S. democratic process during a speech Tuesday in Charleston — but he wasn't talking about Russia

Researchers find Russian “VPNfilter” malware was a Swiss Army hacking knife (Ars Technica) Router malware had nine different tools for exploiting networks.

'Every cyberattack is related to geopolitical conditions,' says CEO of cybersecurity play FireEye (CNBC) Jim Cramer gets the latest on cybersecurity from FireEye CEO Kevin Mandia, whose company was hired by Google to defend against state-sponsored cyberattacks.

Weak Apple DEP Authentication Leaves Enterprises Vulnerable to Social Engineering Attacks and Rogue Devices (Duo Security) Duo Labs has found an authentication weakness in Apple’s Device Enrollment Program (DEP) that could lead to privileged access, rogue device enrollment and social engineering attacks against an organization that uses DEP for mobile device management (MDM) auto-enrollment.

MDM Me Maybe: Device Enrollment Program Security (Duo Security) Duo Labs researchers show how an authentication weakness in Apple’s Device Enrollment Program can be used to leak information and potentially enroll rogue devices in MDM servers.

Cybercriminals Increasingly Trying to Ensnare the Big Financial Fish (SecureWorks) Threat groups such as GOLD KINGSWOOD are using their extensive resources and network insights to target high-value financial organizations around the world.

Banking trojan found in call recorder app on Play Store - stole over €10,000 (HackRead) Android is one of the most vulnerable mobile operating systems with hackers developing new Android malware and banking trojan every 17 seconds. Then, there is Google and questionable security measures to protect users from sophisticated and persistent malware attacks.

Once Popular Online Ad Format Opens Top Tier Sites to XSS Attacks (Threatpost) Online ad industry moves away from once prolific ads that are now deemed insecure because of DOM-based XSS vulnerabilities.

Over 80 Cisco Products Affected by FragmentSmack DoS Bug (BleepingComputer) Cisco is currently looking into its product line to determine the ones using Linux kernel 3.9 or above, which is vulnerable to the FragmentSmack denial-of-service (DoS) bug.

Port of San Diego victim of cyberattack (San Diego Union Tribune) The Port of San Diego is investigating a serious cybersecurity threat to its technology systems that is impacting the public agency’s ability to process park permits and records requests, and perform other business services.

Malware hits fashion giant SHEIN; 6.42 million online shoppers affected (Naked Security) The online fashion store is now contacting affected users and asking them to change passwords for their online store accounts.

SHEIN Servers Infected by Malware, Data of 6.4M Customers Stolen (Security Boulevard) SHEIN servers were breached by hackers and as a result of the intrusion sensitive data of over 6.4 million users was hijacked. The incident occurred between June and August 2018 according to the company statement. Our article sums up the...

Data Issues (SHEIN) On August 22, SHEIN became aware that personally identifiable information of its customers was stolen during a sophisticated criminal cyberattack on its computer network. Immediately upon becoming aware of this potential theft

Someone Posted Weed and Viagra Spam On a US Department of Agriculture Site (Motherboard) The USDA blamed the issue on a "web form" that was abused to post spam.

Bristol Airport’s quick isolation of key systems was key to preventing ransomware spreading, says Databarracks (Business Computing World) Recently, Bristol Airport’s administration systems were infected by ransomware. The airport was forced to take a cautious approach and shut down applications including its digital flight information displays, forcing staff to use whiteboards to keep passengers updated on flight information.

Mobile Websites Can Tap Into Your Phone's Sensors Without Asking (WIRED) Mobile apps need explicit permission to access your smartphone's motion and light sensors. Mobile websites? Not so much.

Facebook Is Giving Advertisers Access to Your Shadow Contact Information (Gizmodo) Last week, I ran an ad on Facebook that was targeted at a computer science professor named Alan Mislove. Mislove studies how privacy works on social networks and had a theory that Facebook is letting advertisers reach users with contact information collected in surprising ways. I was helping him test the theory by targeting him in a way Facebook had previously told me wouldn’t work. I directed the ad to display to a Facebook account connected to the landline number for Alan Mislove’s office, a number Mislove has never provided to Facebook. He saw the ad within hours.

Security Patches, Mitigations, and Software Updates

Critical Linux Kernel Flaw Gives Root Access to Attackers (Dark Reading) All versions of Red Hat Enterprise Linux, CentOS vulnerable to 'Mutagen Astronomy' flaw, according to Qualys.

Apple pushes out Mojave 10.14, patches numerous vulnerabilities (SC Magazine) Apple has issued an update to fix a number of issues in macOS Mojave leading to arbitrary code execution, the ability to read restricted memory and access local users Apple IDs among others.

Bitcoin Core Software Patches a Critical DDoS Attack Vulnerability (Vulners Database) The Bitcoin Core development team has released an important update to patch a major DDoS vulnerability in its underlying software that could have been fatal to the Bitcoin Network, which is usually known as the most hack-proof and secure blockchain. The DDoS vulnerability,...

Firefox Monitor starts tracking breached email addresses (Naked Security) Mozilla has formally launched Firefox Monitor, a privacy-engineered website that hooks up to Troy Hunt’s Have I Been Pwned? (HIBP) breach notification database.

Cyber Trends

Microsoft president says tech companies are "first line of defense" in cybersecurity (CBS News) Brad Smith spoke first on "CBS This Morning" about the AI for Humanitarian Action initiative, a $40M program that the tech giant says would save lives

Cyber criminals increasingly target cryptocurrency, research finds (TheHill) Cyber criminals are ratcheting up efforts to target devices with cryptocurrency malware, according to a new report.

The state of network security in organizations with 1000+ employees (Help Net Security) ProtectWise interviewed 400 security analysts in the US to uncover the state of network security today across organizations with 1,000 or more employees.

SMBs Cybersecurity Risk, Their Opportunity (blogs@Cisco - Cisco Blogs) Today, Cisco unveiled its SMB Cybersecurity Report, which leverages data from 1,816 SMB respondents across 26 countries.

The World's Most Popular Coding Language Happens to be Most Hackers' Weapon of Choice – Blog | Imperva (Blog | Imperva) Python will soon be the world’s most prevalent coding language. That’s quite a statement, but if you look at its simplicity, flexibility and the relative ease with which folks pick it up, it’s not hard to see why.

Marketplace

Security companies see opportunity in Trump’s new cyber plan (Fifth Domain) America's promise to hack foreign countries means the Department of Defense will purchase more off the self cyber equipment.

Can industry bridge the government cyber skills gap? (Fifth Domain) Solutions providers may hold the key to better federal cybersecurity.

Machines ease cyber security industry talent crunch (Financial Times) Finding staff who have the right skills in both AI and cyber security demands new thinking on hiring

Exclusive: WhatsApp Cofounder Brian Acton Gives The Inside Story On #DeleteFacebook And Why He Left $850 Million Behind (Forbes) Facebook’s $22 billion WhatsApp purchase made Brian Acton one of the richest people in America. But his idealism clashed with Mark Zuckerberg’s financial juggernaut. For the first time, Acton explains why he left.

The other side of the story (Facebook) {Disclaimer: no one at Facebook asked me to post this. I just had to do it. And these are my personal views exclusively.} Today Forbes published an interview of Brian Acton that contained statements, and recollection of events that differ greatly from the reality I witnessed first-hand. As a result, I felt compelled to write about the actual facts.

Facebook’s ex-CSO, Alex Stamos, defends its decision to inject ads in WhatsApp (TechCrunch) Alex Stamos, Facebook’s former chief security officer, who left the company this summer to take up a role in academia, has made a contribution to what’s sometimes couched as a debate about how to monetize (and thus sustain) commercial end-to-end encrypted messaging platforms in order th…

If There Was Ever A Nobel Award For Tech -- WhatsApp Cofounder, Brian Acton Ought Put His Name To It (Forbes) Brian Acton blows the lid on Zuckerberg’s duplicity and Sandberg’s greed and seeks to make amends to WhatsApp users concerned with privacy through his new venture, Signal. His story raises difficult questions as to what burdens on billionaires particularly towards charitable giving.

WhatsApp and Instagram Founders Don’t Deserve Points for Leaving Facebook (Motherboard) By selling their companies to Facebook, Brian Acton and Kevin Systrom perpetuated the worst parts of capitalism.

WhatsApp co-founder Acton flags tensions with Zuckerberg: Forbes (Reuters) WhatsApp co-founder Brian Acton had disagreements with Facebook Chief Executive ...

Google's 20th birthday: How two tech nerds changed the internet, by the people who were there (The Telegraph) What does it take to create one of the most influential companies in the world?

Polyverse on Winning Team Supporting $40M Global InfoTek, Inc. Act 2 Task Order “Excalibur” (Polyverse) Global InfoTek wins task order to provide full spectrum cyberspace capabilities to the Air Force

Cybersecurity start-up Darktrace raises $50 million and is now worth $1.65 billion (CNBC) Darktrace, founded in 2013, uses artificial intelligence and machine-learning technology to detect and counter cyber threats.

Cybersecurity firm Nozomi Networks raises $30M in latest round of funding (TechCrunch) Nozomi Networks has secured $30 million in Series C funding. The San Francisco, Calif.-based touts itself as an industrial security giant, securing more than 300,000 industrial devices over a range of industries, like manufacturing, energy, and mining, with hundreds of hydroelectric and gas distrib…

Source Defense Completes $10M Financing to Prevent Universal Website Supply Chain Vulnerability (GlobeNewswire News Room) AllegisCyber, Jerusalem Venture Partners, Global Brain (Japan) and Connecticut Innovations participate in the financing; Offices open in US and Israel to support go-to-market strategy

Agari Launches Agari Partner Power™ Program for VARs to Accelerate Worldwide Sales Growth (Press of Atlantic City) Agari, the only cloud-native solution that uses predictive AI to stop advanced email attacks, today announced significant channel investments with the launch of Agari Partner

Fidelis Cybersecurity Invests in Customer Success and Technical Field Expertise with Executive Appointments of Gabriel Martinez and Ken McDonald (BusinessWire) Fidelis Cybersecurity (Fidelis), a leading automated detection and response provider, today announced the appointment of Gabriel Martinez, as vice pre

CrowdStrike Appoints Roxanne Austin to its Board of Directors as Audit Committee Chair (CrowdStrike) CrowdStrike® Inc., the leader in cloud-delivered endpoint protection, today announced the appointment of Roxanne Austin to its Board of Directors as Audit Committee Chair, effective immediately.

Georgia Cyber Center Selects Former NSA GA Commander (Smart & Resilient Cities) The former commander of NSA Georgia, Col. Eric Toler, has been named executive director of the Georgia Cyber Center. Col. Toler will work with Augusta University, Augusta Technical College and Georgia Technology Authority (GTA) executive stakeholders to define and execute the overall strategy, vision, mission and goals for the center’s programs and partnerships.

Products, Services, and Solutions

New Booz Allen product takes aim at mobile security vulnerabilities (Washington Business Journal) The company sees products as an outgrowth of its push to marry its consulting heritage with highly technical capabilities in cyber, engineering and other areas.

Introducing VirusTotal Enterprise (Medium) Today we are announcing an update to VirusTotal: VirusTotal Enterprise.

ShiftLeft Announces Code-Informed Runtime Protection for Microsoft’s .Net Framework (BusinessWire) ShiftLeft today announced the general availability of its security-as-a-service platform for Microsoft’s .Net Framework (.Net).

Digital Shadows Launches Shadow Search™ – Enabling Organizations to ‘Self-Serve’ and Find Cyber Threats against Them from across the Open, Deep and Dark Web (BusinessWire) Digital Shadows, the leader in digital risk management and relevant threat intelligence, has today announced the availability of Shadow Search.

Protego Labs Launches a No Cost Plan for its Flagship Serverless Secur (PRWeb) Protego Labs today launched a free version of its serverless security solution - complete with all functionality - enabling companies to build secure applications...

ID Agent and RapidFire Tools Launch Dark Web Threat Assessment Report (Globe Newswire) MSPs can now use Network Detective to discover dark web credential exposure for clients and prospects

NIKSUN Achieves Common Criteria Certification for NetDetector and NetVCR (BusinessWire) NIKSUN NetDetector/NetVCR Everest 5.1 is approved for secure government agencies and private sector enterprises with Common Criteria Certification.

Blue Cedar Collaborates With OpenSSL, Akamai, NetApp, and VMware to Develop Next-Generation FIPS Module (BusinessWire) Blue Cedar is collaborating with industry leaders to develop the next-generation open-source FIPS 140-2 module for OpenSSL.

Cyberbit and CloudRange Cyber Announce the First Cyber Range “As a Service” in North America (HeraldCourier.com) Cyberbit Ltd. (Cyberbit), a world leading provider of cybersecurity simulation and IT/OT detection and response platforms, and CloudRange Cyber LLC (CloudRange), a pioneer

Technologies, Techniques, and Standards

Reputational Risk and Third-Party Validation (BankInfo Security) Third-party ratings are increasingly popular as a means of selecting cybersecurity vendors. But Ryan Davis at CA Veracode also uses BitSight's ratings as a means of

Design and Innovation

Artificial Intelligence Can Reinforce Bias, Cloud Giants Announce Tools For AI Fairness (Forbes) Artificial Intelligence (AI) systems must be trained fairly. Unfairly trained AI systems can reinforce bias. AI fairness is a dataset issue for each specific machine learning model. AI fairness is a new challenge. Cloud giants Facebook Amazon, Microsoft, Google, IBM are working on AI fairness tools.

Mind Fund and Hedera Hashgraph Partner to Create Helix, a Dedicated Hedera Accelerator (AsiaOne) Mind Fund, a Hong Kong based VC company that incubates and invests in the next global wave of technology companies, is pleased to announce the launch of the new Helix Accelerator

Research and Development

UI grad student uncovers security issues at Facebook, Twitter (Technology Org) When University of Iowa computer science graduate student Shehroze Farooqi reads news headlines about Facebook and Twitter posts from dubious foreign accounts, or Facebook data grabs by politically affiliated companies, he’s not shocked. From his office in MacLean Hall, Farooqi uses his knowledge

Academia

Universities Invest in Cybersecurity Pathways to Add to the Workforce (Technology Solutions That Drive Education) Higher education institutions build new facilities and corporate partnerships to add more professionals to the future workforce.

New Cyber Group Launched to Prepare Students for Cybersecurity Careers (Infosecurity Magazine) Scheme will arm 14-19-year-olds with skills needed for future careers in cybersecurity

El Centro College Enriches Cyber Security Education by Partnering with Check Point Software (Nasdaq) Check Point SecureAcademy™, a training program for the academic community, prepares students with vital technology skills needed to prevent fifth-generation cyber-attacks

Legislation, Policy and Regulation

Iran claims US wants to overthrow its government as Bolton threatens ‘hell to pay’ (Military Times) Iranian leader says threats and sanctions won't work, urges U.S. to join multilateral talks.

New Sanctions Won’t Hurt Russia (Foreign Policy) Washington thinks punitive measures will change Moscow’s calculus, but the Russian economy is doing just fine.

Rand Paul Pitches Easing Sanctions on Russian Lawmakers (Roll Call) Sen. Rand Paul is pitching a proposal that would life sanctions on Russian lawmakers if the Russians nix sanctions on members of Congress.

Israel avoids trade wars, but keeps Chinese and Russia tech companies at arm’s length (Haaretz) Unofficial ban prevents China’s Huawei and ZTE and Russia’s Kaspersky from supplying products for critical infrastructure

Analysis | The Cybersecurity 202: Senate hearing highlights challenges of crafting national privacy law (Washington Post) Here are six takeaways.

Tech giants back new US data privacy law to head off backlash (The Telegraph) Apple, Google, Amazon and Twitter have thrown their weight behind a national data privacy law for the USA after years of lobbying against such efforts.

Tech executives voice support for national privacy law (Washington Post) There’s broad consensus that a bill to protect consumer privacy is needed.

Analysis | The Cybersecurity 202: Federal privacy rules are coming. Here are four things to watch as tech companies testify (Washington Post) The companies won't all agree on what a law should look like.

Trump doubles down on slamming Google, saying it's 'taking advantage of a lot of people' — and warns Google, Facebook, and Twitter to 'be careful' (Business Insider) US President Donald Trump followed up his Tuesday morning attack on Google by making more critical comments later from the Oval Office. "Google is really...

It’s Google’s Turn in Washington’s Glare (New York Times) The internet giant has largely avoided the scrutiny faced by its internet peers. Now lawmakers are questioning whether it has too much influence.

Election security bill won't pass ahead of midterms, says key Republican (TheHill) Sen. James Lankford (R-Okla.) said Tuesday that a bipartisan election security bill won’t be passed by Congress ahead of November’s midterm elections.

Legislation Would Elevate Federal CIO, Codify Federal CISO (Nextgov.com) The bipartisan legislation would reauthorize, rename, codify and elevate the role of federal chief information officer.

Pelosi Names Appointees to Cyberspace Solarium Commission (Democratic Leader Nancy Pelosi) Washington, D.C. – Today, Democratic Leader Nancy Pelosi named Congressman Jim Langevin and Former Rep. Patrick Murphy to the Cyberspace Solarium Commission.

Litigation, Investigation, and Enforcement

Skripal Suspect Boshirov Identified as GRU Colonel Anatoliy Chepiga (Bellingcat) Bellingcat and its investigative partner The Insider – Russia have established conclusively the identity of one of the suspects in the poisoning of Sergey and Yulia Skripal, and in the homicide of British citizen Dawn Sturgess. Part 1 and Part 2 of Bellingcat’s investigation into the Skripal poisoning suspects are available for background information. In these...

Suspect in Skripal attack identified in report as decorated Russian colonel (TheHill) Bellingcat, an open-source investigative group, has identified one of the suspects in the poisoning of an ex-Russian spy in Britain as a decorated officer in Russia’s military intelligence service, the GRU.

Salisbury spy ‘hitman’ is a decorated Russian colonel Anatoliy Chepiga (Times) One of the suspects in the Salisbury poisoning of Sergei Skripal was unmasked last night as a decorated colonel in Russian intelligence who was awarded the country’s top military honour by...

Salisbury novichok attack: the spy who left a photographic trail (Times) Rushlan Boshirov and Alexander Petrov had already been roundly mocked for claiming that they were tourists in Salisbury and that a visit to the cathedral was thwarted by snow. Their protestations...

EU lawmakers push for cybersecurity, data audit of Facebook (AP News) European Union lawmakers appear set this month to demand audits of Facebook by Europe's cybersecurity agency and data protection authority in the wake of the Cambr

Revamp of Google Chrome web browser risks new EU scrutiny (The Telegraph) Google risks provoking another big fine from European regulators if it presses ahead with a proposed revamp of its Chrome web browser, leading competition lawyers have claimed.

Senate Panel Probes Readiness of DoD’s Cyber Force (Meritalk) The Senate Armed Services Committee’s cybersecurity and personnel subcommittees held a joint hearing today to examine the cyber operational readiness of the Department of Defense and heard from leaders of both the military and civilian side of the DoD cyber force about the mounting challenges they face.

Uber Agrees to Pay $148 Million to States Over Major 2016 Data Breach (New York Law Journal) The settlement is the result of a multistate investigation that found Uber paid hackers $100000 to conceal the breach which exposed the names email addresses and cellphone numbers of those users.

IV Ordered To Pay Trend Micro $400K In Atty Fees In IP Fight (Law360) A Delaware federal judge on Monday ordered nonpracticing entity Intellectual Ventures LLC to pay more than $400,000 of computer security company Trend Micro Inc.’s legal fees, based on an “unusual” circumstance of an expert witness changing his position during a trial and later admitting he had done so.

Security Engineer Hacks Hotel WiFi, Fined for Exposing Admin Password (BleepingComputer) A security engineer from Chinese multinational company Tencent hacked into the WiFi system of a hotel in Singapore and received a fine for publicly disclosing administrator login passwords.

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

4th European Cybersecurity Forum – CYBERSEC (Krakow, Poland, October 8 - 9, 2018) CYBERSEC is a public policy conference dedicated to strategic aspects of cyberspace and cybersecurity. CYBERSEC 2017 brought together record-breaking 150 speakers and more than 1,000 delegates from all over the world, including policy-makers, top industry experts, global private sector leaders, investors, and representatives of technology start-ups. CYBERSEC is recognised as one of Europe’s top 5 cybersecurity conferences. Its main goal is to provide institutions with recommendations and policy goals that can be incorporated into cybersecurity strategies and legislative frameworks.

FAIRCON18 (Pittsburgh, Pennsylvania, USA, October 16 - 17, 2018) Hosted by the FAIR Institute and Carnegie Mellon University’s Software Engineering Institute (SEI) and the Heinz College of Information Systems and Public Policy, the 2018 FAIR Conference brings leaders in information and operational risk management together to explore best FAIR practices that produce greater value and alignment with business goals. Large enterprises and government organizations are creating breakthroughs in the management of information and operational risk that enable business-aligned communication, cost-effective decision-making and ultimately managing what matters. Interested in on-site FAIR training? Head to FAIRCON18 early to attend an on-site FAIR Analysis Fundamentals Course, October 14-15, for those that elect to partake in this optional conference add-on. The FAIR Institute is an expert, nonprofit organization led by information risk officers, CISOs and business executives to develop standard information and operational risk management practices in a movement central to “cyber risk economics,” the revolutionary approach to measuring and managing information risk enabled by the Factor Analysis of Information Risk (FAIR) model.

Women in CyberSecurity (WiCyS) Conference (Pittsburgh, Pennsylvania, USA, March 28 - 30, 2019) The WiCyS Conference brings together women in cybersecurity from academia, research, government, and industry to share knowledge, experience, networking, and mentoring. The event's goal is to broaden participation in cyber by recruiting, retaining, and advancing females in the field of cybersecurity.

upcoming Events

Global Security Exchange (Las Vegas, Nevada, USA, September 23 - 27, 2018) Global Security Exchange—formerly the ASIS Annual Seminar and Exhibits—delivers new opportunities to exchange key ideas and best practices, expand global connections, and experience innovations. The GSX education program led by ASIS, InfraGard, and ISSA subject matter experts consists of 300+ sessions, each designed to deliver valuable, actionable takeaways to help shape your security strategy—today and in the future.

PCI Security Standards North America Community Meeting (Las Vegas, Nevada, USA, September 25 - 27, 2018) The PCI Security Standards Council’s 2018 North America Community Meeting is THE place to be. We provide you the information and tools to help secure payment data. We lead a global, cross industry effort to increase payment security by providing industry-driven, flexible and effective data security standards and programs that help businesses detect, mitigate and prevent criminal attacks and breaches. Don’t miss out!

Hack the Capitol (Washington, DC, USA, September 26 - 27, 2018) The National Security Institute is partnering with the Wilson Center and ICS Village to host Hack the Capitol, a two-day event focused on Industrial Control Systems (ICS) and security. ICS are used throughout industrial infrastructure and have many military applications. Recent high-profile attacks on these systems have demonstrated ICS’ vulnerabilities and inspired debate about the practical and political means of defending the industrial base against malicious actors. Hack the Capitol will include demonstrations, hands-on learning, and policy conversations tailored toward a non-technical audience. Interact with ICS, including Human Machine Interfaces and Actuators and learn about the threats these components face. The event will provide hands-on education and awareness to members of the public, as well as to Congress, think tanks, and the press. This is a truly unique event that will raise awareness of our nation’s challenges with critical infrastructure and provide kinesthetic learning at multiple levels.

COSAC & SABSA World Congress (Kildare, Ireland, September 30 - October 4, 2018) For 25 years COSAC has delivered a trusted environment in which to deliver information security value from shared experience and intensive, productive, participative debate and development. Sales content is strictly prohibited and there is no vendor exhibition to distract from opportunities, allowing delegates to focus on professional innovation.

Monterey Cyber Security Workshop 2018 (Pacific Grove, California, USA, October 1 - 2, 2018) People with special expertise interested in making progress on the subjects at hand meet at the Monterey Incubator for a workshop to build an understanding of vital issues of the day. The workshop follows the Standard of Practice approach in addressing issues surrounding influence operations, infrastructure protection, and surveillance.

Cyber Defense Summit 2018 (Washington, DC, USA, October 1 - 4, 2018) FireEye's annual Cyber Defense Summit will feature both training and an opportunity to hear from the experts. Introductory, intermediate and advanced training courses will be provided during the first two days of the summit. These courses offer attendees hands-on, small-group, interactive sessions with some of the most experienced FireEye cyber security experts. The guest keynote, on economy and cybersecurity in the 21st Century, will be delivered by former US Secretary of State Madeleine K. Albright.

Retail Cyber Intelligence Summit (Denver, Colorado, USA, October 2 - 3, 2018) Network with 250+ CISOs and their teams from retail and consumer facing industries: restaurants, hospitality, gaming, convenience, grocery and more. Share best practices, gain insights, network. This conference is organized by R-CISC, the retail ISAC.

IP Expo Europe (London, England, UK, October 3 - 4, 2018) IP EXPO Europe is Europe's number ONE IT event for those looking to find out how the latest IT innovations can drive their business forward. IP EXPO Europe is co-located at Digital Transformation EXPO which incorporates Cyber Security X, Developer X, AI-Analytics X, Internet of Things X and Blockchain X.

Borderless Cyber USA 2018 (Washington, DC, USA, October 3 - 5, 2018) How do you future proof your cybersecurity strategy? Can you identify and report cyber incidences so you can respond quickly to manage consequences? Public and private sector cyber experts from across the globe will gather at Borderless Cyber to exchange ideas and learn about cybersecurity strategies that work. Conference attendees will be provided the opportunity to network with cyber leaders, compare experiences and learn about the latest threat intelligence sharing tools and techniques.

Borderless Cyber USA (Washington, DC, USA, October 3 - 5, 2018) Automation, people, information sharing, intelligence, risk and the economics of risk have been identified as key cybersecurity strategy measures to focus on in order to keep pace with modern threats. Join us at Borderless Cyber USA as our keynote presenters share their views on the right combination of these measures needed to ensure your cybersecurity strategy confidence reaches that next level. In addition to our keynotes will be a diverse hand-picked group of global cybersecurity experts have been invited to share their recommendations and real-world experiences over the two-day conference program. Conference organizers, The World Bank, OASIS Open Consortium, Institute for Critical Infrastructure Technology, and Georgetown University, are confident that the Borderless Cyber program will help you succeed in building a solid foundation of controls that preempt, detect and help remediate your risks.

MSPWorld® Peer Group & Data Analytics Summit (Las Vegas, Nevada, USA, October 4 - 5, 2018) The MSPWorld® Peer Group & Data Analytics Summit is a revolutionary new concept for the managed services executive. Accessible only by MSPs, this conference will focus on small, peer lead groups exchanging ideas (and information) in a safe, secure, and structured way. Designed to be a high impact, 2 day conference where MSPs will share financial and operational data with their peers and receive valuable reports on that shared data. The MSPWorld Peer Summit will allow managed services professionals to enter an environment where they can collaborate, share ideas, and listen to others. The express purpose of this event is to promote collaboration, shared solutions to MSP problems, and provide useful analytics to MSP operators. If you have questions please feel free to contact us at events@mspalliance.com.

4th International Cybersecurity Forum, HackIT 4.0: Exploit Blockchain (Kiev, Ukraine, October 8, 2018) The 4th International Cybersecurity Forum, HackIT 4.0: Exploit Blockchain will be held October 8 – 11, CEC Parkovy, Kyiv, Ukraine. The annual Hacken Cup – the onsite bug bounty marathon – happens on October 8, with 20 top white hat hackers finding critical vulnerabilities in your client’s or company’s web and mobile applications. Developer teams can exchange experience with top security researchers, receive a day of offline bug bounty and cybersecurity consulting at the Hacken Cup and one month of online bug bounty at the HackenProof platform. Also includes a press conference with media and three tickets to the HackIT forum and VIP afterparty..

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.