The CyberWire Daily Briefing 10.1.18

Summary

By The CyberWire Staff

Facebook's large data breach, disclosed late last week, has drawn more regulatory scrutiny from the European Union. Ireland’s Data Protection Commission, which serves as Facebook’s lead privacy regulator for the EU, announced Saturday that it has required the company provide more information about the incident, including which European residents appear to be affected. Fines under GDPR could reach $1.63 billion. The UK has also told Facebook CEO Mark Zuckerberg that they want him to testify before Parliament about what some MPs call the "terrible disrespect" shown British citizens' data.

Last week's disclosure seems to have largely undone whatever good was worked by COO Sandberg's testimony before the Senate. The US Federal Trade Commission wants some answers, which is rarely a good thing for the company being asked to provide them, and comprehensive US privacy legislation seems (today at least) likelier.

In a distinct action, the European Parliament is considering initiating an audit of Facebook over its entanglement with the Cambridge Analytica data scandal.

Industry reaction to the Facebook breach has been to approve, generally of the company's incident response while disapproving of the missteps that permitted the exploitation in the first place.

US officials have been concerned about the possibility of Chinese election meddling for some time. A perceived decrease in the rate of Chinese cyberattacks may signify greater sophistication.

The guy in Taiwan who was going to livestream his obliteration of Mark Zuckerberg's Facebook page over the weekend decided against doing so. Instead he applied for a bug bounty.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Canada, China, Denmark, Estonia, European Union, France, Italy, NATO/OTAN, Netherlands, New Zealand, Qatar, Russia, Sri Lanka, United Kingdom, and United States.

Create a culture of cybersecurity awareness with Coachable Moments.

According to The Ponemon Institute, two out of three insider threat incidents are caused by employee or contractor mistakes. The good news is, these mistakes can easily be avoided ... with the right coaching. Just in time for Cybersecurity Awareness Month, the Coachable Moments series from ObserveIT gives cybersecurity teams the tools they need to empower people to understand the policies and best-practices intended to keep them safe. Check out Coachable Moments today to learn more.

On the Podcast

In today's podcast, we speak with our partners at Palo Alto Networks, as CSO and Unit 42 leader Rick Howard discusses rebooting the kill chain.

Sponsored Events

CyberMaryland Job Fair on October 9 in Baltimore, MD. (Baltimore, Maryland, United States, October 9, 2018) Cleared and non-cleared cybersecurity pros make your next career move at the CyberMaryland Job Fair, October 9 in Baltimore. Meet leading cyber employers including Bank of America, FireEye, NSA, Raytheon, USCYBERCOM and more. Visit ClearedJobs.Net or CyberSecJobs.com for more details.

Cyber Security Summits: October 16 in Phoenix and on November 29 in Los Angeles (Phoenix, Arizona, United States, October 16, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, The CIA, Verizon, AT&T, CenturyLink and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

Facebook Says 50M User Accounts Affected by Security Breach (SecurityWeek) Facebook said hackers exploited its "View As" feature, which lets people see what their profiles look like to someone else.

The Facebook Security Meltdown Exposes Way More Sites Than Facebook (WIRED) The social networking giant confirmed Friday that sites you use Facebook to login to could have been accessed as a result of its massive breach.

Everything We Know About Facebook's Massive Security Breach (WIRED) Up to 50 million Facebook users were affected—and possibly 40 million more—when hackers compromised the social network's systems.

Facebook Finds Security Flaw Affecting Almost 50 Million Accounts (Wall Street Journal) Facebook discovered a security flaw affecting almost 50 million accounts, the company said Friday. A problem in its code allowed outsiders to take over users’ accounts.

Facebook’s worst security breach hammers user trust again as 50 million accounts affected (The Indian Express) Facebook Security Breach: A hacker -- or hackers, as Facebook doesn’t know the number -- exploited several software bugs at once to obtain login access to as many as 50 million account

The terrible truth is that there's no escape from the Facebook data vortex (The Telegraph) How bad is the latest Facebook data breach?

Two reasons to reconsider your Facebook membership (Graham Cluley) It's been a bad week for Facebook and its billion-plus users. Not only was it revealed that millions of users had their accounts exposed by a vulnerability, but the site has been up to dirty tricks with mobile phone numbers you gave them to supposedly enhance your security.

You gave your number to Facebook for security and it used it for ads (Naked Security) Facebook has been adding phone numbers registered for 2FA to the other data it uses to target people with advertising.

Until data is misused, Facebook’s breach will be forgotten (TechCrunch) We cared about Cambridge Analytica because it could have helped elect Trump. We ignored LocationSmart because even the though the company was selling and exposing the real-time GPS coordinates of our phones, it was never clear exactly if or how that data was misused. This idea, that privacy issues …

Industry Leaders Reaction on Recent Facebook Hack (Information Security Buzz) It is being reported that Facebook said an attack on its computer network led to the exposure of information from nearly 50 million of its users. The company discovered the breach earlier this week, finding that attackers had exploited a feature in Facebook’s code that allowed them to take over user accounts. Facebook fixed the vulnerability and notified law enforcement officials. More …

Evidence Indicates China Set to Target US Elections (VOA) Even before accusations from President Trump, intelligence officials were worried Beijing was setting its cyber weapons to 'meddle'

Decline in Chinese cyberattacks against U.S. suggests attacks getting more efficient (SC Media) Trump might still be blaming China for interfering with U.S. elections at the UN, but there are other issues he should be worried about ...

Russians stealthy 'LoJax' malware can infect on the firmware level (Cyberscoop) ESET says that this is the first instance of a successful UEFI rootkit seen in the wild.

Things That One Needs to Know about Qatar’s Cyber Espionage Campaign in the United States (The Crystal Eyes) Based on some legal documents and technical reports from former CIA operatives, it has been found that Qatar not only hacked the accounts of over 1200 Americans, it also hacked the accounts of Arab leaders, European counterterrorism officials, Bollywood actresses, …

UK Conservative Party conference app leaks MPs' personal details (ZDNet) MP members received prank calls, had their phone numbers and email addresses shared online.

Hackers Are Holding High Profile Instagram Accounts Hostage (Motherboard) Hackers have hijacked the accounts of at least four high profile Instagrammers recently, locking them out and demanding a bitcoin ransom. But Instagram is silent.

Notorious Hackers Serve SpicyOmelette to Unsuspecting Victims (SecurityWeek) The financially-motivated "Cobalt" hackers have been establishing a foothold onto victim machines using a JavaScript remote access Trojan called SpicyOmelette, Secureworks says.

Meet Torii, a Stealthy, Versatile and Highly Persistent IoT Botnet (SecurityWeek) Torii is a stealthy Internet of Things (IoT) botnet written in Go that could be easily recompiled to run on virtually any architecture to serve as backdoor or a service to orchestrate multiple machines.

New Torii Botnet uncovered, more sophisticated than Mirai (Avast) Research by the Avast threat intelligence team reveals details about new botnet targeting IoT devices

Linux kernel 'give me root, now' security hole sighted, dubbed 'Mutagen Astronomy' (Register) Red Hat Enterprise and CentOS users at risk

Hide 'N Seek IoT Botnet Now Targets Android Devices (SecurityWeek) The Hide ‘N Seek Internet of Things (IoT) botnet is now capable of infecting devices running Android, including smart TVs, DVRs and any other device that has ADB over Wi-Fi enabled.

Phishing campaign targets developers of Chrome extensions (ZDNet) If the campaign was successful, we should expect new cases of hacked extensions used to infect users.

Android password managers vulnerable to phishing apps (Naked Security) Several leading Android-based password managers can be fooled into auto-filling login credentials on behalf of fake phishing apps.

New Malware-as-a-Service Threat Targets Android Phones (Security Intelligence) Security researchers discovered a new malware-as-a-service offering designed to enable cybercriminals to infect Android phones and block users from running security solutions on their devices.

Dark Web Azorult Generator Offers Free Binaries to Cybercrooks (Threatpost) The Gazorp online builder makes it easy to start stealing passwords, credit-card information, cryptocurrency wallet data and more.

Hackers Are Selling Botnets and Stolen ‘Fortnite’ Accounts Over Instagram (Motherboard) As hacking and gaming communities continue to intersect, some hackers are selling access to botnets and likely stolen Fortnite, Spotify, and other online accounts on Instagram.

No Patches for Critical Flaws in Fuji Electric Servo System, Drives (SecurityWeek) Critical vulnerabilities affecting Fuji Electric servo systems and drives have been disclosed, but patches are not available

Voice Phishing Scams Are Getting More Clever (KrebsOnSecurity) Most of us have been trained to be wary of clicking on links and attachments that arrive in emails unexpected, but it’s easy to forget scam artists are constantly dreaming up innovations that put a new shine on old-fashioned telephone-based phishing scams.

Bitcoin [BTC] demanded as ransom after cyber-attack on Port of San Diego (AMBCrypto) The Port of San Diego was recently hit with a cybersecurity attack, which led to the involvement of the Federal Bureau of Investigation [FBI] and the Department of Homeland Security [DHS]. Their systems were hit with a ransomware attack, which led to the attackers asking for their ransom in Bitcoin [BTC]. While how much money […]

DoorDash Customers Possibly Suffered Credential Stuffing Attack (Latest Hacking News) Online food delivering platform DoorDash urges users to reset passwords after several DoorDash customers possibly suffered credential stuffing attacks.

How hackers use Twitter to infiltrate millions of devices (http://socialbarrel.com) How hackers use Twitter to infiltrate millions of devices. Duo researchers found that a huge Twitter botnet was created to spread giveaway scams.

Hacker vows to delete Mark Zuckerberg’s Facebook account; reports it for bounty instead (HackRead) Follow us on Twitter @HackRead

Security Patches, Mitigations, and Software Updates

Monero fixes major ‘burning bug’ flaw, preventing mass devaluation (Naked Security) The flaw arises from the use of stealth wallet addresses, an anonymity concept that’s especially important to privacy-sensitive Monero users.

Cyber Trends

Half of data breaches are the fault of insiders, not hackers, research finds (Computing) Panel urges companies to avoid euphemisms and acknowledge when they've been breached - or risk being fined,

Big U.S. Banks Face Increase in Attempted Cyberattacks (Wall Street Journal) Some large U.S. banks have seen an uptick in attempted cyberattacks in recent weeks, according to people familiar with the matter, at a time when federal officials are stepping up warnings to banks about cyberthreats.

Organizations need to shift strategies, adopt a proactive approach to cybersecurity (Help Net Security) The cybersecurity market has reached a point whereby organisations need to shift their strategies and have a new, proactive approach to cybersecurity.

Marketplace

DOD has lost 4,000 civilian cyber workers in the past year (Defense Systems) The Defense Department looks to targeted recruiting and bonuses to check the loss of cyber workers as it expands the Cyber Excepted Service Personnel System.

DOD struggles with loss of cyber personnel (FCW) The Defense Department looks to targeted recruiting and bonuses to check the loss of cyber workers as it expands the Cyber Excepted Service Personnel System.

Army wants to change its cyber training to beef up ranks (FederalNewsRadio.com) The military is facing a shortage in cyber talent and the Army is considering changing the way it trains its cyber soldiers to deal with the shortfall.

Berners-Lee launches startup to commercialise his Solid decentralised web project (Computing) New startup to drive adoption of decentralised web project aimed at passing control from tech giants to users.

Another fund? This cyber startup exec aims to raise up to $150M. (Washington Business Journal) Kumo Capital Partners, led by Virgil exec Dmitry Dain, has a listed ceiling of $150 million.

Iron Bow Partners with H.I.G. Capital to Accelerate Growth (Odessa American) Iron Bow Technologies, an IT solution provider serving government, commercial and healthcare clients, today announced an equity partnership with H.I.G. Capital, a leading global private equity investment firm. The partnership will accelerate Iron Bow’s rapid growth in prospective markets across the public and private sectors.

Exclusive: Cisco, Duo Execs Share Plans for the Future (Dark Reading) Cisco's Gee Rittenhouse and Duo's Dug Song offer ideas and goals for the merged companies as Duo folds under the Cisco umbrella.

KnowBe4 Names Seasoned Finance and Tech Executive Krish Venkataraman as CFO to Support the Company's Rapid Growth Strategy (PR Newswire) KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, today ...

Products, Services, and Solutions

Booz Allen Launches a New Mobility Technology District Defend (ReadITQuik) Booz Allen Hamilton recently announced the availability of District Defend, a new mobility technology that utilizes proprietary security protocols to render the management of mobile devices

KnowBe4 Introduces Domain Doppelgänger to Help Brands Identify Malicious, Fake Web Domains (Globe Newswire) Look-alike domains pose threats for phishing and other social engineering attacks

Cybint establishes the Italian Cybersecurity Center with local partners to deliver cyber education solutions to organizations and professionals in Italy (PR Newswire) Global cyber education leader Cybint, a BARBRI company, is expanding its presence and offerings in Italy through its...

ESET launches cloud-based security management solution for SMBs (BetaNews) Smaller businesses are not immune to cyber security threats, but they often don't have the budgets or staffing resources to deal with them.

ERP Maestro Launches Free, First of Its Kind Access Risks Tool for Companies Using SAP® ERP (Markets Inside) PLANTATION, Fla., Oct. 1, 2018 /PRNewswire/ -- ERP Maestro, provider of automated and cloud-based controls for access, security and GRC, announces today the...

Web security podcasts we are currently listening to (Detectify Blog) Here is a list of web security podcasts we are listening to now. These podcasts cover cybersecurity tips, hacker stories, defense/offensive security, etc.

Sectra Tiger to protect NATO secrets from eavesdropping (Cision) Sectra Tiger/S 7401

Technologies, Techniques, and Standards

When Good Apps Go Bad: Protecting Your Data Through App Permissions (SecurityWeek.Com) By paying just a bit more attention to the permissions you are allowing on your phone or computer, you could protect yourself from a much more significant headache down the road.

6 security tips for freelancers (Kaspersky) Freelancers are beloved targets for cybercriminals, who use phishing and malware to steal credentials and money. Here’s how to avoid their traps and stay safe.

Two-factor authentication vs. Two-step verification – you’ve probably missed this tiny difference (TechRadar) Add a second layer of defense to your accounts online with two-factor authentication or two-step verification

4 Traits of a Cyber-Resilient Culture (Dark Reading) Companies with a solid track record of cybersecurity share these practices and characteristics.

Building a Cybersecurity Culture in the Campaign Space (Campaigns and Elections) It’s a stark reality for campaigns: the threat of a cybersecurity breach is ever present, and that means the need to embrace better security protocols from top to bottom.

Crowdstrike CTO on securing the endpoint and responding to a breach (Information Age) Dmitri Alperovitch, co-founder and CTO of Crowdstrike, shares his views on securing the endpoint and responding to a data breach

Reputational Risk and Third-Party Validation (BankInfo Security) Third-party ratings are increasingly popular as a means of selecting cybersecurity vendors. But Ryan Davis at CA Veracode also uses BitSight's ratings as a means of

Shouldn’t Sharing Cyber Threat Information Be Easy? | CyberDB (CyberDB) A recent article revealed that the United States government has gotten better at providing unclassified cyber threat information to the private sector.

Ivanti Offers Six Security Tips for Cybersecurity Awareness Month | Markets Insider (markets.businessinsider.com) Ivanti, the company that unifies IT to better manage and secure the digital workplace, today announced top cybe...

Design and Innovation

The web is broken, so its founder is taking another stab at it (Quartz) Tim Berners-Lee has a new venture.

Sainsbury's lead architect: 'The next time somebody mentions AI ask them what they're really talking about (Computing) 'AI is a meaningless term, it doesn't say anything about anything.

Here's how Apple, Google, and Microsoft can stop robocalls (ZDNet) In the war against telephone spam, only superior firepower will win. But it will require cooperation between the competing tech superpowers and their clouds in order to do it.

Research and Development

To Break a Hate-Speech Algorithm, Try 'Love' (WIRED) Companies like Facebook use artificial intelligence to try to detect hate speech, but new research proves it’s a daunting task.

Are we speeding towards AI consciousness? (Computing) Jeff NG, Chief Scientist, Founders Factory, explains recent developments paving the way to AI consciousness and why it is important to our world's future

Legislation, Policy and Regulation

In Cyberspace, Governments Don’t Know How to Count (Defense One) NATO’s governments can’t agree on what constitutes a cyber attack, and that’s a big problem.

It’s a new era for cyber operations, but questions remain (Fifth Domain) Despite praising new offensive cyber authorities, officials are still unclear how the process will work exactly.

U.S. Vows To Go On Cyber Offense (Forbes) The U.S. vows to go on offense against cyber attackers. But experts say this is not a major change - it just applies conventional policy on conflict and espionage to the online world.

The US cyberspace commission is taking shape ... slowly (Fifth Domain) A new bipartisan commission may finally develop a United States cyberspace doctrine.

Why the government will publicly name the hackers who attack the US (Fifth Domain) The United States could begin attributing cyber incidents publicly with more frequency.

NZ and Canada decline to jump on the Huawei banned wagon (Telecoms.com) Despite the current fashion for banning Huawei among US allies, New Zealand and Canada have both indicated they may not play ball.

Analysis | The Cybersecurity 202: Facebook hack compounds the company's woes in Washington (Washington Post) Lawmakers are already calling for action.

Congress falls flat on election security as midterms near (TheHill) Congress has failed to pass any legislation to secure U.S. voting systems in the two years since Russia interfered in the 2016 election, a troubling setback with the midterms less than six weeks away.

Electric industry, government work together to enhance grid cybersecurity (Daily Energy Insider) As protecting critical infrastructure from cyberattacks has become a national priority, the electric power industry and U.S. government agencies have strengthened their partnership in order to better tackle energy grid cybersecurity.© Shutterstock Just as a ...

Justice Department Hosts Cybersecurity Industry Roundtable (US Department of Justice) The Justice Department’s Criminal Division hosted a cybersecurity roundtable discussion yesterday on the challenges in handling data breach investigations.

Sri Lanka’s cyber security strategy: Open for public comments soon (Sunday Observer) The much anticipated cyber security strategy for the country will be open for public comments within a couple of weeks, a senior official of ICTA told the gathering at the Organisation of Professional Associations of Sri Lanka (OPA) conference in Colombo last week.ICT Agency of Sri Lanka Director and Legal Advisor Jayantha Fernando said the cyber strategy will be available for public comment within the next couple of weeks and added that the draft strategy was presented to the Cabinet two weeks an ago.

Litigation, Investigation, and Enforcement

Facebook Scrabbles to Provide Breach Info to Regulators (Infosecurity Magazine) Experts point to potential nation state involvement

MPs demand answer from Facebook boss over hack shock (The Telegraph) MPs have demanded that Mark Zuckerberg travels to the UK to face questions about his “terrible disrespect” for the data of citizens, following last week’s data breach at Facebook that resulted in 50 million user accounts being exposed to hackers.

Facebook Faces Potential $1.63 Billion Fine in Europe Over Data Breach (Wall Street Journal) A European Union privacy watchdog could fine Facebook as much as $1.63 billion for a data breach in which hackers compromised the accounts of over 50 million users.

EU Lawmakers Push for Cybersecurity, Data Audit of Facebook (SecurityWeek) European Union lawmakers appear set this month to demand audits of Facebook by Europe's cybersecurity agency and data protection authority in the wake of the Cambridge Analytica scandal.

Ottawa teams with brain injury experts as it probes mystery attacks on Canadian diplomats in Cuba (Star) The federal government has partnered with a brain injury centre in Nova Scotia in its search for what has caused health problems among Canadian and American diplomats based in Havana as speculation swirls they may have been the targets of a microwave weapon.

Feds Force Suspect To Unlock An Apple iPhone X With Their Face (Forbes) Cops tell a child abuse suspect to unlock their iPhone with their face. It's the first time since the iPhone X launched that any cop has used Face ID to force an iOS device open.

Facebook wins court battle over law enforcement access to encrypted phone calls (Washington Post) The ruling is a setback to the Justice Department and a victory for tech firms.

Trump Administration Sues Over California Net Neutrality Law (Wall Street Journal) Gov. Jerry Brown on Sunday signed a bill reinstating Obama-era open-internet rules in California.

Calif. enacts net neutrality law—US gov’t immediately sues to block it (Ars Technica) Justice Department sues California—Ajit Pai called state rules "illegal."

Tesla's Musk Facing SEC Charges Over Tweets About Taking Company Private | New York Law Journal (New York Law Journal) On top of monetary penalties regulators from the SEC are seeking to have Musk banned from serving as an officer or board member of a publicly traded company.

Judge finds Apple infringes on Qualcomm patent but declines to block iPhone imports (San Diego Union Tribune) A U.S. International Trade Commission judge finds patent infringement but recommends against blocking the sale of certain iPhone 7 models.

Man Sentenced to Prison for ATM Jackpotting (SecurityWeek) A 22-year-old man from Massachusetts has been sentenced to one year and one day in prison for his role in an ATM jackpotting scheme

Sydney couple allegedly used cryptocurrency to launder fraud proceeds (Computerworld) A Sydney couple allegedly used cryptocurrency to help launder the proceeds of credit card fraud.

How Dirty Money Disappears Into the Black Hole of Cryptocurrency (Wall Street Journal) A Wall Street Journal investigation documents millions of dollars in suspicious trades through ShapeShift, a company backed by mainstream venture capitalists.

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

COSAC & SABSA World Congress (Kildare, Ireland, September 30 - October 4, 2018) For 25 years COSAC has delivered a trusted environment in which to deliver information security value from shared experience and intensive, productive, participative debate and development. Sales content is strictly prohibited and there is no vendor exhibition to distract from opportunities, allowing delegates to focus on professional innovation.

Monterey Cyber Security Workshop 2018 (Pacific Grove, California, USA, October 1 - 2, 2018) People with special expertise interested in making progress on the subjects at hand meet at the Monterey Incubator for a workshop to build an understanding of vital issues of the day. The workshop follows the Standard of Practice approach in addressing issues surrounding influence operations, infrastructure protection, and surveillance.

Cyber Defense Summit 2018 (Washington, DC, USA, October 1 - 4, 2018) FireEye's annual Cyber Defense Summit will feature both training and an opportunity to hear from the experts. Introductory, intermediate and advanced training courses will be provided during the first two days of the summit. These courses offer attendees hands-on, small-group, interactive sessions with some of the most experienced FireEye cyber security experts. The guest keynote, on economy and cybersecurity in the 21st Century, will be delivered by former US Secretary of State Madeleine K. Albright.

Retail Cyber Intelligence Summit (Denver, Colorado, USA, October 2 - 3, 2018) Network with 250+ CISOs and their teams from retail and consumer facing industries: restaurants, hospitality, gaming, convenience, grocery and more. Share best practices, gain insights, network. This conference is organized by R-CISC, the retail ISAC.

IP Expo Europe (London, England, UK, October 3 - 4, 2018) IP EXPO Europe is Europe's number ONE IT event for those looking to find out how the latest IT innovations can drive their business forward. IP EXPO Europe is co-located at Digital Transformation EXPO which incorporates Cyber Security X, Developer X, AI-Analytics X, Internet of Things X and Blockchain X.

Borderless Cyber USA 2018 (Washington, DC, USA, October 3 - 5, 2018) How do you future proof your cybersecurity strategy? Can you identify and report cyber incidences so you can respond quickly to manage consequences? Public and private sector cyber experts from across the globe will gather at Borderless Cyber to exchange ideas and learn about cybersecurity strategies that work. Conference attendees will be provided the opportunity to network with cyber leaders, compare experiences and learn about the latest threat intelligence sharing tools and techniques.

Borderless Cyber USA (Washington, DC, USA, October 3 - 5, 2018) Automation, people, information sharing, intelligence, risk and the economics of risk have been identified as key cybersecurity strategy measures to focus on in order to keep pace with modern threats. Join us at Borderless Cyber USA as our keynote presenters share their views on the right combination of these measures needed to ensure your cybersecurity strategy confidence reaches that next level. In addition to our keynotes will be a diverse hand-picked group of global cybersecurity experts have been invited to share their recommendations and real-world experiences over the two-day conference program. Conference organizers, The World Bank, OASIS Open Consortium, Institute for Critical Infrastructure Technology, and Georgetown University, are confident that the Borderless Cyber program will help you succeed in building a solid foundation of controls that preempt, detect and help remediate your risks.

MSPWorld® Peer Group & Data Analytics Summit (Las Vegas, Nevada, USA, October 4 - 5, 2018) The MSPWorld® Peer Group & Data Analytics Summit is a revolutionary new concept for the managed services executive. Accessible only by MSPs, this conference will focus on small, peer lead groups exchanging ideas (and information) in a safe, secure, and structured way. Designed to be a high impact, 2 day conference where MSPs will share financial and operational data with their peers and receive valuable reports on that shared data. The MSPWorld Peer Summit will allow managed services professionals to enter an environment where they can collaborate, share ideas, and listen to others. The express purpose of this event is to promote collaboration, shared solutions to MSP problems, and provide useful analytics to MSP operators. If you have questions please feel free to contact us at events@mspalliance.com.

4th International Cybersecurity Forum, HackIT 4.0: Exploit Blockchain (Kiev, Ukraine, October 8, 2018) The 4th International Cybersecurity Forum, HackIT 4.0: Exploit Blockchain will be held October 8 – 11, CEC Parkovy, Kyiv, Ukraine. The annual Hacken Cup – the onsite bug bounty marathon – happens on October 8, with 20 top white hat hackers finding critical vulnerabilities in your client’s or company’s web and mobile applications. Developer teams can exchange experience with top security researchers, receive a day of offline bug bounty and cybersecurity consulting at the Hacken Cup and one month of online bug bounty at the HackenProof platform. Also includes a press conference with media and three tickets to the HackIT forum and VIP afterparty..

4th European Cybersecurity Forum – CYBERSEC (Krakow, Poland, October 8 - 9, 2018) CYBERSEC Forum is an unique opportunity to meet and discuss the current issues of cyber disruption and ever-changing landscape of cybersecurity related threats. Our mission is to foster the building of an Europe-wide cybersecurity system and to create a dedicated, collaborative platform for the governments, international organisations and key private sector companies. CYBERSEC Forum gives a chance to invent, discuss and leverage practical and innovative solutions for contemporary innovation-driven, digital economy. Four dedicated streams will help to define trends, enhance cybersecurity potential and catalyse innovation.

4th European Cybersecurity Forum – CYBERSEC (Krakow, Poland, October 8 - 9, 2018) CYBERSEC is a public policy conference dedicated to strategic aspects of cyberspace and cybersecurity. CYBERSEC 2017 brought together record-breaking 150 speakers and more than 1,000 delegates from all over the world, including policy-makers, top industry experts, global private sector leaders, investors, and representatives of technology start-ups. CYBERSEC is recognised as one of Europe’s top 5 cybersecurity conferences. Its main goal is to provide institutions with recommendations and policy goals that can be incorporated into cybersecurity strategies and legislative frameworks.

8th Annual (ISC)2 Security Congress (New Orleans, Louisiana, USA, October 8 - 10, 2018) The (ISC)2 Security Congress brings together the sharpest minds in cyber and information security for over 100 educational sessions covering 17 tracks. Join us to learn from the experts, share best practices, and make invaluable connections. Your all-access conference pass includes educational sessions, workshops, keynotes, networking events, career coaching, expo hall and pre-conference training.

CyberMaryland 2018 (Baltimore, Maryland, USA, October 9 - 10, 2018) The CyberMaryland Conference is an annual two-day event presented jointly by The National Cyber Security Hall of Fame and Federal Business Council (FBC) in conjunction with academia, government and private industry organizations. The theme, “Leading the Cyber Generation,” captures the event’s intent to provide unparalleled information sharing and networking opportunities for development of cyber assets on both the human and technological side. Additionally, the conference provides an opportunity for Maryland to demonstrate its natural leadership in Cyber Security.

HoshoCon 2018 (Las Vegas, Nevada, USA, October 9 - 11, 2018) Over 3 days, attendees will gain firsthand knowledge about blockchain security. You are invited to converse with technologists working on blockchain and cryptocurrency projects, hear key insights from industry leading security experts and participate in developer workshops. Hosho is lucky to call Las Vegas home, and as our guests, you will be treated to unique content, valuable networking opportunities and the entertainment that only Vegas can offer. We can’t wait to see you there.

U.S. Department of Transportation Cybersecurity Symposium (Washington, DC, USA, October 9 - 10, 2018) The U.S. Department of Transportation (DOT) Cybersecurity Symposium is 2 days of training sessions and educational seminars focused on the mission of protecting government networks and privacy. Hosted by the Office of the DOT Chief Information Officer (CIO) and the Chief Information Security Officer (CISO), the symposium is open to all Federal agencies and will take place at the DOT Headquarters building, 1200 New Jersey Avenue SE, Washington, DC 20590.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.