The CyberWire Daily Briefing 10.24.18

Special Section

SecurityWeek's ICS Cyber Security Conference

There's growing awareness among corporate board members of the cyber risks to industrial control systems. That's one of the relatively positive outcomes of the pain inflicted by last year's NotPetya infestations. Symposiasts at SecurityWeek's ICS Security Conference in Atlanta expressed some gratification at the extent to which traditional Risk Management Framework practices are increasingly being adopted. Unsurprisingly, they think there's more work to be done.

In particular they see asset management as a widespread deficiency. Organizations continue to scramble, improvising asset management even in the course of incident response. Sound configuration management can't be taken for granted, especially when industrial plants use equipment they acquired years ago, and for which documentation may be sadly lacking. And knowing your attack surface, Rockwell Automation's Umair Masud said, was likely to be at least as important as, and arguably more important than, detailed intelligence of particular threats.

While there may be an approaching convergence of IT and OT, the two worlds remain farther apart, culturally and technically, than one might wish. Indegy's Barak Perelman emphasized the informal modes of information transmission still found in OT (that system was inherited, there were lots of changes made along the way, it's been around for years, and there's no documentation) and a lack of IT appreciation for the realities of industrial systems ("No, I can't just restart the turbine").

Dragos, in a presentation on Xenotime, the threat actor behind the Trisis malware that hit safety systems in an unnamed Saudi energy production facility, emphasized the disturbing news that cyberattacks were now designed to kill. Trisis was intended to be lethal, and other such attacks can be expected. Dragos CEO Robert M. Lee did offer some encouragement when he cautioned people against forming a picture of the attacker as hyper-competent and effectively invincible. Instead, he argued, remember that they make mistakes. They certainly did with Trisis—their attack on safety systems shut the facility down, twice, which wasn't their intention. Lee suggested an alternative picture of the ICS hacker: they're 18 to 30 years old, in their first government job, and dealing with management and PowerPoint "just like you."

Summary

By The CyberWire Staff

FireEye yesterday attributed "with high" confidence the Triton/Trisis attack against safety systems in a Saudi petrochemical facility to Russia. The attribution might more strictly be one of association or involvement: FireEye concluded that some of the code was written by the Central Scientific Research Institute of Chemistry and Mechanics (CNIIHM) in Moscow, an organization of course operated by the Russian government. Who else may have been involved in the attacks, and how they came to be given the code, remain complicated questions. The evidence FireEye cites is of the convincing circumstantial variety—code written using Cyrillic characters, its preparation coinciding with Moscow office hours, an apparent handle linked to a known Russian individual, IP addresses etc. That CNIIHM has the capability to prepare code like Triton/Trisis seems clear.

The US has begun to reach out directly to individuals involved in Russian influence operations. US Cyber Command is reported to be direct-messaging trolls engaged in attempts to disrupt elections and otherwise make mischief. The message is simple and direct: we know who you are and what you're doing, and you'd be well-advised to knock it off. Observers differ as to how effective this will be as a deterrent, but recent US indictments of individual Russian nationals for their role in influence operations give the warnings some point. And it's unknown what other retaliatory operations Cyber Command may have under preparation or under way.

A Cylance study concludes that threat intelligence, while a good thing, also drives the bad actors to improve.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting China, Iran, Russia, Saudi Arabia, United Kingdom, and United States.

A year in, companies unsure of risk under China's Cyber Security Law, says Control Risks.

Over a year into China’s Cyber Security Law, Control Risks experts say its vague definition and application leaves multinational companies struggling to understand their risk. Further, how strictly the government will crack down and the extent of penalties for non-compliance remain open questions. Nonetheless, companies operating in China must understand their unique exposure and specific cyber, physical and procedural requirements. Let Control Risks help you make the critical decisions to seize your opportunities in China.

On the Podcast

In today's podcast we hear from our partners at the University of Maryland's Center for Health and Homeland Security, as Ben Yelin discusses the EFF's opposition to license plate sharing between retailers and law enforcement. And our UK correspondent Carole Theriault speaks with ESET’s Lysa Meyers about overcoming the cyber skills shortage and attracting new talent to the industry.

Sponsored Events

SecurityWeek 2018 Industrial Control Systems (ICS) Cyber Security Conference (Atlanta, Georgia, United States, October 22 - 25, 2018) SecurityWeek’s ICS Cyber Security Conference is the conference where ICS users, ICS vendors, system security providers and government representatives meet to discuss the latest cyber-incidents, analyze their causes and cooperate on solutions. Register today for the original ICS/SCADA Cyber Security Conference – October 22-25 in Atlanta.

New York Times Event: Cyberwarfare with Google, Department of Justice & more (Washington, DC, United States, October 30, 2018) David Sanger, national security correspondent for The New York Times will moderate a discussion on cyberwarfare, one of the greatest threats to American democracy and commerce. He will be joined by John Demers, assistant attorney general for the national security division at the Department of Justice; Yasmin Green, the director of research and development for Jigsaw, a Google company; and Dmitri Alperovitch, co-founder of CrowdStrike, who discovered Russian hacking of the Democratic National Committee.

Maryland Cybersecurity Career & Education Fair (Rockville, Maryland, United States, November 9 - 10, 2018) Join us for two dynamic days that put on display why Maryland is where cyber works. Friday will feature a career and education fair, connecting cybersecurity job seekers with opportunities across the state of Maryland. On Saturday, high school and undergraduate students compete in our cyber challenge.

Selected Reading

Dateline

The risk to OT networks is real, and it's dangerous for business leaders to ignore (Help Net Security) OT networks risk is real, and it's dangerous and perhaps even negligent for business leaders to ignore it, according to SANS Institute.

RiskSense CEO to Present New Approach for Assessing Industrial Threats at the 2018 ICS Cyber Security Conference USA (BusinessWire) New model uses human-assisted AI to assess risk and vulnerabilities, and even predict cyber attacks.

Cyber Attacks, Threats, and Vulnerabilities

U.S. Begins First Cyberoperation Against Russia Aimed at Protecting Elections (New York Times) American operatives are messaging Russians working on disinformation campaigns to let them know they’ve been identified. It’s a measured step to keep Moscow from escalating.

Russian trolls get DM from US Cyber Command: We know who you are. Stop it (Ars Technica) Part of new cyber strategy to identify, track, warn Russian operatives.

Pentagon launches first cyber operation to deter Russian interference in midterm elections (Washington Post) Experts are split, however, on how effective the measures will be.

Russian Malware Was Apparently Used in an Attempt to Sabotage a Saudi Petrol Plant (Motherboard) Cybersecurity firm FireEye points the finger at the Russian government and a government-linked facility for creating a destructive malware.

How The Russian Government Created The Most Advanced Industrial Malware Ever Seen (Forbes) Cybersecurity firm FireEye reveals that Russian government-backed hackers were responsible for an attack on a Saudi Arabian petrochemical plant last year

Burned malware returns, says Cylance report: Is Hacking Team responsible? (CSO Online) Burning malware forces attackers to evolve, not go away. Network defenders take note.

Whack-A-Mole: The Impact of Threat Intelligence on Adversaries (Cylance) One of the great paradoxes in cybersecurity is that as defenders race ahead to identify the next and newest methods of attack, attackers often lag behind and reuse the old and obvious ones with success. In this Threat Intelligence Bulletin, we look back and show how easy it is for threat actors to change course after the publication of threat intelligence reports - and how valuable it can be for researchers, organizations and the public they serve to keep looking back.

Deep-dive tech analysis says Bloomberg spy chip claims are impossible at Apple (9to5Mac) A tech consultant and journalist specializing in server hardware says that some of the Bloomberg spy chip claims are completely implausible, while others are simply impossible. The analysis coincid…

Abandoned Web Applications: Achilles' Heel of FT 500 Companies (High-Tech Bridge) Abandoned, shadow and legacy applications undermine cybersecurity and compliance of the largest global companies despite growing security spending.

Drop Networks, Label-Creation Services Sustain Shipments of Fraudulent Purchases (Flashpoint) Illicit drop networks and label-creation services play crucial yet-overlooked roles in the theft lifecycle for fraudulent purchases.

DHS warns of another dangerous flaw in Advantech WebAccess SCADA software (CSO) More flaws in WebAccess emerge after security researchers begin focussing on the decades old distributed computing protocol Remote Procedure Call (RPC).

Electrical grid, power plants, pipelines vulnerable to cyber attack, security expert says (Cleveland.com) The nation's electrical grid worked well for 80 years without the Internet, but today it is as vulnerable to cyber-based missteps and attacks as it was during the Great Blackout of 2003, says a national engineering security expert.

Signal Upgrade Process Leaves Unencrypted Messages on Disk (BleepingComputer) The desktop version for the encrypted communications app Signal does not provide protection for the data it handles during the update procedure, saving it locally as unencrypted plain text.

Malware found in Telegram 'alternative' – cybersecurity firm (Rappler) Once installed, the Octopus malware allows attackers to have remote access to a victim's device

sLoad and Ramnit pairing in sustained campaigns against UK and Italy (Proofpoint) Proofpoint researchers track an actor’s recent activity and their move to a new PowerShell loader

Windows 10 1809 Zip Extraction Bug Overwrites Files without Confirmation (BleepingComputer) A new bug has popped up in Windows 10 Build 1809 that does not display an overwrite prompt when extracting files from a Zip archive to a location where the same file exists.

Adult websites shuttered after 1.2 million user details exposed (Naked Security) It’s not even close to the number of users affected by the massive Ashley Madison breach, but the results could be just as devastating to those who are affected.

Malicious Hackers Target the Safety-Minded, Curious in Phishing Schemes (Channel Partners) KnowBe4's Erich Kron said once an attacker has access to a victim's email account, they can reset other account passwords as well as using these legitimate accounts to attack others, and in organizations, this often leads to fake invoices being sent or to a redirection of payments to the attackers' accounts.

City of Muscatine responds to cyber attack (KWQC) Muscatine City Hall and their public library were both hacked with ransomware last week, so until they're computers can be used again they've gone all paper.

Why is Elon Musk promoting this Bitcoin scam? (He’s not) (Naked Security) While scrolling through my Twitter feed I saw a Bitcoin scam so unabashed that it got me thinking…. do such scams really work?

Research reveals that 1 in 6 gamers disable all AV in the pursuit of the highest possible speeds (ResponseSource Press Release Wire) New research carried out by Chillblast, an award-winning builder of custom PCs, gaming desktops and gaming laptops, has revealed that out of 857 gaming respondents, 39% ...

Security Patches, Mitigations, and Software Updates

Patch now! Multiple serious flaws found in Drupal (Naked Security) Drupal website owners have some important patching homework to do.

Amazon Patched Multiple IoT Vulnerabilities Affecting Its Smart Devices (Latest Hacking News) Reportedly, Amazon patched multiple IoT vulnerabilities that allegedly affected its smart home devices being present in AWS FreeRTOS.

Cyber Trends

Phishing is still the most commonly used attack on organizations, survey says (Naked Security) The survey found that the majority of cyberattacks – 75% – came from outsiders, while 25% were due to insiders.

Phishers’ Favorites Q3 2018: Microsoft Retains #1 Spot, (Vade Secure) Phishers' Favorites highlights the 25 most commonly spoofed brands, including their current position and whether they moved up/down since last quarter.

66% UK SMBs believe they are being aggressively targeted by fraudsters (Help Net Security) 66% of SMBs believe they are being more aggressively targeted by fraudsters now compared to a year ago, according to Paysafe.

Most companies using AI say their No.1 fear is hackers hijacking the technology, according to a new survey that found attacks are already happening (Business Insider) Among executives whose companies are already testing or putting in place AI technologies, cybersecurity is the overriding concern.

Eight resellers name their top cybersecurity threats to watch out for in 2019 (CRN) From whaling and USB attacks to third-party exploitation, what will be the biggest threats facing end users next year? We asked execs at eight cyber-security resellers and consultancies to name their picks.

Marketplace

Facebook approaches major cybersecurity firms, acquisition goals in mind (ZDNet) The firm is reportedly aiming to patch up its tattered reputation with the purchase of external expertise.

4 Reasons Facebook Might Buy FireEye Inc. (The Motley Fool) Buying this little cybersecurity firm could solve a lot of big problems for Facebook.

Fortinet acquires threat analytics startup ZoneFox to fight insider threats (CRN Australia) Pays US$18 million in initial consideration.

Bitdefender Buys Network Security Analytics Startup RedSocks (CRN) By marrying endpoint data, passive network traffic analytics and cloud threat intelligence together, Bitdefender can now eliminate white noise and zero in on what's most important to security operators.

Oracle acquires DataFox, a developer of ‘predictive intelligence as a service’ across millions of company records (TechCrunch) Oracle today announced that it has made another acquisition, this time to enhance both the kind of data that it can provide to its business customers, and its artificial intelligence capabilities: it is buying DataFox, a startup that has amassed a huge company database — currently covering 2.…

Cloudflare Eyes IPO With Valuation That Could Exceed $3.5B: Report (CRN) Cloudflare has experienced massive headcount growth over the past two years, going from just 341 employees in October 2016 to 787 employees today, according to LinkedIn.

Huawei opens up to German scrutiny ahead of 5G auctions (CRN Australia) Follows Australia's decision to ban vendor from supplying 5G gear.

As the internet moves to the cloud, Cisco is making cybersecurity a priority (Financial Post) The company blocks about 20 billion threats a day across various networks at the moment. Most security threats are based on exploiting old bugs and reusing old malware

Exclusive: Kaspersky’s “global transparency initiative” fails to convince UK government (NS Tech) The world’s third-largest vendor of IT security is still not safe enough for use in Whitehall, a senior government security official has told NS Tech. Over the summer, British government officials met

Oracle’s Larry Ellison takes another dig at Amazon over security (CRN Australia) Talks up "Star Wars cyber defenses"...

Remediant Adds Cybersecurity Leader Dave Damato to Advisory Board (PR Newswire) Remediant, Inc. a leading provider of Privilege Access Management (PAM) software, today announced the appointment...

Products, Services, and Solutions

Farsight Security Bundles Flagship Solution DNSDB with Maltego to Significantly Advance Cybersecurity Investigations (GlobeNewswire News Room) Farsight Security, Inc., a leading cybersecurity provider of DNS intelligence solutions, today announced that DNSDB™ is now available to the entire Maltego community, with over 500,000 users worldwide.

HoneyProcs : Going Beyond Honeyfiles for Deception on Endpoints (Juniper) Deploying detection solutions on an endpoint host comes with constraints - limited availability of CPU, memory, disk and other resources, stability constraints, policy adherence and restrictions, the need to be non-intrusive to the user, the host OS and other application...

Tripwire for DevOps Now Offers Security Configuration Assessment of Containers (Digital Journal) Tripwire Inc., a leading global provider of security and compliance solutions...

How to Secure Your Data in the Cloud (TetherView) Securing your data in the cloud can be difficult. Many organizations are afraid of giving up control over their sensitive information.

Area 1 Security releases Pay-Per-Phish, the performance-based cybersecurity solution (Help Net Security) Area 1 Security Pay-Per-Phish flips the traditional cybersecurity model on its head by charging $10 per phish actually caught.

Tripwire for DevOps offers security configuration assessment of containers (Help Net Security) Tripwire's DevOps SaaS provides visibility into configurations in addition to vulnerabilities in containers across DevOps lifecycle.

GrowPath simplifies authentication while enhancing cyber security (Help Net Security) GrowPath has developed a solution that utilizes an owners’ personal photos as the second step in a two-factor authentication process on mobile devices.

CertainSafe enhances its Digital Safety Deposit Box (Help Net Security) The Digital Safety Deposit Box enhancements include an easy to navigate user interface along with new and improved features that offers functionality.

Western Digital expands surveillance storage and analytics portfolio (Help Net Security) Western Digital's 3D NAND UFS EFD, new capacities WD Purple microSD card and device analytics capability to strengthen video surveillance data management.

vXchnge and Megaport augment cloud connectivity options for data center customers (Help Net Security) With the partnership, Megaport empowers vXchnge to deliver - elastic interconnection and direct cloud connectivity services in eight vXchnge data centers.

Blackpoint Cyber launches MDR service offering (Help Net Security) Blackpoint Cyber's MDR offering leverages its next-generation security operations and incident response platform SNAP-Defense.

Dashlane Dark Web Monitoring scans the dark web to keep you safe (Cult of Mac) Dashlane does more than easy, secure password management. Its Dark Web Monitoring feature scans the internet to spot and fix data breaches.

FireEye Unveils Free Email Threat Detection Service (ExecutiveBiz) FireEye has introduced a free cloud-based service meant to help organizations scan and detect potential malicious threats in email systems. The FireProof Email Threat Analysis offering includes a less than five-minute setup process and seeks to identify malware or sophisticated threats that can avoid cybersecurity defenses, the company said Monday. “In the evaluations that we’ve run for...

Ksmartech expands Trustonic partnership to secure authentication for iOS and Android apps (Trustonic) Trustonic secures digital One-Time-Password (OTP) service on all Android and iOS devices

Zscaler extends cloud DLP service with inline exact data match for massive data sets covering users globally (VanillaPlus) Zscaler Inc, a cloud security provider, has announced inline Exact Data Match (EDM) with native SSL inspection as part of its advanced Cloud Data Loss Prev

Thycotic launches free security toolkit for the higher education sector (BetaNews) Universities and colleges are uniquely attractive to cyber criminals, because a constantly changing population and the use of large numbers of BYOD machines means lots of potential vulnerabilities.

RightMesh and Tenta Announce Integration Partnership (PR Newswire) RightMesh AG, the "Infrastructure-less" connectivity company developing a decentralized mobile mesh network is...

Mphasis and BAE Systems launch global CoE in Fraud Detection and Anti-Money Laundering (Express Computer) The partnership will see the formation of a Centre of Excellence, a virtual team created to deliver BAE Systems’ anti-money laundering and fraud detection and prevention solution, NetReveal. Mphasis will utilise their global delivery capability to help implement the technology to banking, financial services and insurance organisations

SAS and ThreatMetrix team up to fight identity fraud (PR Newswire) Analytics giant SAS has joined forces with leading digital identity solutions provider ThreatMetrix®, a LexisNexis®...

Security platform Abode has produced a new smart home automation engine (Digital Trends) So, it looks like Abode (rhymes with home, roots in Middle English, not to be confused with big-A Adobe) has quietly launched a new smart home automation system that will interface with smart home products including Nest, Amazon Echo, Google Assistant, and more.

Startup boasts unhackable email protection for the rest of us (ZDNet) Life was simpler when it was just criminals ripping off your data. But today it is the state-sponsored hackers that pose the biggest threat to data security. Secure Channels Inc. is a startup addressing the whole data security lifecycle, including email.

Trend Micro rebrands endpoint security offering (Channel Life) Trend Micro Apex One aims to redefine endpoint security with consistency across SaaS and on-premises deployments.

Technologies, Techniques, and Standards

Why cybersecurity intelligence is still bad (and a way to fix it) (Fifth Domain) The ability to predict an impending cyberattack is insufficient, according to a new survey, but there are systems that may help.

How to catch security blind spots during a cloud migration (GCN) As agencies roll out cloud-first policies, three key practices can expose security risks and safeguard both personnel and data.

New UltraFICO score stokes concerns about data privacy (American Banker) A new credit score that includes consumers' cash flow alongside their credit score is winning praise for its potential to help expand access to credit, but some worry it gives the credit bureaus even more data that could be compromised.

How science can fight insider threats (Help Net Security) Malicious insiders pose the biggest cybersecurity threat for companies because they can cause the most damage. Read about how to fight insider threats.

Hacking Devices in the Not-So Smart Home (Northrop Grumman) Hacking devices turns smart home appliances into spies and breaches cybersecurity.

Design and Innovation

Father and son create app that lets parents shut down their child's video consoles remotely (The Telegraph) A former gaming addict and his father have developed a video game app that allows parents to shut down children's devices remotely.

Research and Development

NC Company Simplifies Authentication While Enhancing Cyber Security (PRWeb) For the more than two billion smartphones currently in use around the world, a very obvious security flaw -- password vulnerability -- is leaving owners’ per

Academia

University and Siemens in big data collaboration (Smart Cities World) Goal of partnership is to further develop concept of smart buildings by optimising overall building performance

Legislation, Policy and Regulation

Article 13 could see millions of YouTube users turn to VPNs (Comparitech) YouTube's CEO is calling foul on the EU's Article 13. However, Article 13 could also dramatically increase VPN use and sales across the EU.

The UK Government Is Planning To Set Up A Regulator For The Internet (BuzzFeed) Exclusive: BuzzFeed News has obtained details of plans being drawn up by ministers that also include a compulsory code of conduct and age verification for Facebook, Twitter, and Instagram.

An American Perspective on a Chinese Perspective on the Defense Department’s Cyber Strategy and ‘Defending Forward’ (Lawfare) What motivated the Pentagon’s new cyber doctrine?

Snooping on emails is wrong, says Apple boss (Telegraph.co.uk) Tim Cook rejects idea that governments or companies should have access to personal information as it infringes a 'basic right' to privacy

Long-awaited cyber agency nears, but will it change anything much? (Washington Examiner) The upcoming lame-duck session of Congress is poised to deliver the top item on the Department of Homeland Security's wish list — a bill paving the way for the DHS to create the government's first cyber-specific agency — but whether that translates into real security improvements remains an open…

Litigation, Investigation, and Enforcement

Turkish president says murder of Jamal Khashoggi was ‘planned,’ calls for extradition of Saudi suspects (Washington Post) President Erdogan aired details uncovered by Turkish investigators, who have concluded the Saudi journalist was the victim of a premeditated murder.

Trump accuses Saudis of ‘worst cover-up ever’ after Khashoggi killing (Time) President Trump last night accused Saudi Arabia of a cover-up over the murder of Jamal Khashoggi, piling pressure on its beleaguered leaders. “They had a very bad original concept. It was carried...

Morrisons faces multi-million pound compensation claim after losing payroll data breach appeal (Computing) Company vicariously liable for leak of payroll data of 100,000 staff in 2014 by internal auditor Andrew Skelton

Yahoo to pay $50m, provide credit monitoring for cyber attack (Financial Times) Yahoo has agreed to pay $50m in damages to people affected by the largest ever cyber attack, splitting the cost between Verizon, which acquired Yahoo’s core business, and Altaba, the remainder of the company.

FBI: "Call of Duty" Players Remotely Stole $3.3 Million in Cryptocurrencies (NewsBTC) A group of “Call of Duty” players from Indiana are accused of stealing more than $3 million in cryptocurrencies after coercing an Illinois man to aid them

Pirates! Don’t blame your illegal file sharing on family members (Naked Security) Stop blaming your piracy on your mum. You can no longer avoid liability by saying that a family member had access to your connection.

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

Secutech 2019 (Taipei, Taiwan, May 8 - 10, 2019) As the largest regional business platform for professionals in the security, mobility, building automation and fire safety solution sectors, Secutech is the annual gathering place for key players from Japan, Thailand, Vietnam, Malaysia, the Philippines, Singapore, Myanmar andother Southeast Asian countries looking for integrated security systems and smart solutions powered by AI analytics and IoT technologies. Join the one-stop platform to introduce the latest innovations, find cross-industry partners, and tap into high-potential markets.

upcoming Events

2018 ICS Cyber Security Conference USA (Atlanta, Georgia, USA, October 22 - 25, 2018) SecurityWeek’s Industrial Control Systems (ICS) Cyber Security Conference is the largest and longest-running event series focused on industrial cybersecurity. Since 2002, the conference has gathered ICS cyber security stakeholders across various industries and attracts operations and control engineers, IT, government, vendors and academics. Over the years, the focus of the conference has shifted from raising awareness towards sharing security event histories and discussing solutions and protection strategies. As the original cybersecurity conference for the industrial control systems sector, the events cater to the energy, utility, chemical, transportation, manufacturing, and other industrial and critical infrastructure organizations.

Energy Tech 2018 (Cleveland, Ohio, USA, October 22 - 26, 2018) The annual EnergyTech Conference & Expo is an organized event, supported by NASA and INCOSE, highlighting advancements in Energy, Smart-Grids and Microgrids, Aerospace, Critical Infrastructure, Security and Policy. In 2018, we continue to expand our collaboration effort with professional societies including InfraGard, IEEE, SAE, AIAA, PMI, and others, to join in advancing the technology and system integration of these complex domains, and managing the risk scenarios confronting civilizations.

Cryptocurrency, Cybersecurity and the Law (Annandale, VIrginia, USA, October 24, 2018) Legal and security considerations for users of cryptocurrencies and blockchain technology.

Global Resilience Federation Summit on Third-Party Risk (Leesburg, Virginia, USA, October 24 - 26, 2018) The purpose of the GRF Summit on Third-Party Risk is to increase awareness of security best practices, offer an opportunity for collaboration among third-party vendors and organizations’ risk management teams, and provide a platform for security leaders to share expertise and learn from each other to improve holistic security. The Summit will provide training, education and networking on the critical cyber and physical security issues facing organizations, their vendors, and the areas where the two groups intersect. Space is limited for this complimentary event, and registration will be capped and by-approval only. Attendees will include ISAC/ISAO member organizations plus third-party vendors and suppliers.

Wild West Hackin’ Fest (Deadwood, South Dakota, USA, October 25 - 26, 2018) We’re back for another year of amazing talks, great company and exciting hands-on hacking labs. It will be hard to top our amazing inaugural year, but we’ve taken your feedback and plan to make this event even better! As with last year, this IT Security conference promises to be the most hands-on, activity-driven con you can attend! We want this conference to be the most hands-on, activity-driven con you’ve been to yet! Never worked with a JTAG? You will. Never done a single thing with Software Defined Radio? You will. We will be having an SDR village and a hardware hacking village, among some other great events. The skills you learn here will be directly applicable to your job immediately when you get back to work… or home. We listened to your feedback and this year we’re adding even more lab time, so you can go to as many talks as you can fit AND also do all the activities. This Year’s Theme: Mining.

Symposium on Securing the IoT (Boston, Massachussetts, USA, October 29 - 31, 2018) Join us for the Symposium on Securing The Internet of Things, featuring keynote speakers from the leading industry companies who are solving the issues of IoT and secure connectivity. There will also be engaging round table debates with industry experts, colleagues and peers. The Symposium began with the inaugural conference in San Francisco March 2018. The conference focused on IoT Security, Secure Payments, Medical Device Security, Smart Cities, Block chain and other topics centered around IoT Security. As the world continues to become more connected, 20+ Billion IoT devices, protecting our devices and systems are critical. Linked devices (vehicles, computers, phones, industrial systems, personal assistants, homes, etc.), user identity and authentication all need a high level of security. As hacking, phishing, DDOS and ransomware continue to increase, one thing is certain: Securing The Internet of Things is critical to our survival!

Times Talks: Arming for Cyberwarfare (Washington, DC, USA, October 30, 2018) David Sanger, a national security correspondent and author of “The Perfect Weapon: War, Sabotage and Fear in the Cyber Age,” will moderate a discussion in Washington, D.C., on cyberwarfare, one of the greatest threats to American democracy and commerce, just days before a consequential midterm election. He will be joined by John Demers, the assistant attorney general for the national security division; Yasmin Green, the director of research and development for Jigsaw, a unit within Alphabet, Google’s parent company, that uses technology to address security; and Dmitri Alperovitch, co-founder of CrowdStrike, who discovered Russian hacking of the Democratic National Committee.

SecureWorld Denver (Denver, Colorado, USA, October 31 - November 1, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

Cyber Security Dallas (Dallas, Texas, USA, October 31 - November 1, 2018) Cyber Security Dallas will bring top speakers and industry experts to the Dallas-Fort Worth (DFW) metroplex, which boasts one of the largest concentrations of corporate headquarters in the United States. The area is home to more than 200,000 high-tech workers spanning industries that are integral to the nation’s infrastructure and economy, including transportation and telecommunications. The event will bring together thousands of security and information technology professionals to discuss the top cyber security challenges facing businesses today and network with industry practitioners, innovators and thought leaders.

InfoWarCon 18 (Leesburg, Virginia, USA, November 1 - 3, 2018) InfoWarCon 18 brings together a highly elite group of political, military, academic, DIYer, and commercial cyber-leaders and thinkers from around the world. We examine the current, future, and potential hostile use of cyber and related information technologies including how to neutralize the current ones. Since the initial InfoWarCon in 1994 we have hosted the event in multiple venues across the US and Europe

RETR3AT Cybersecurity Conference (Montreat, North Carolina, USA, November 2, 2018) Each year, Montreat College’s Center for Cybersecurity Education and Leadership hosts RETR3AT, a conference designed to engage, educate, and raise awareness about cybersecurity in Western North Carolina and beyond. RETR3AT goes beyond the “1s and 0s” approach to cybersecurity training, challenging attendees to think about how to lead in protecting their organization’s information within an ethical framework.

4th Annual Cyber Southwest (CSW) Symposium (Tuscon, Arizona, USA, November 2, 2018) Be a part of the 4th Annual Cyber Southwest (CSW) Symposium set to take place at the University of Arizona, Eller College of Management - McClelland Hall in Tucson, AZ on Friday, November 2nd, 2018. CSW is officially sponsored by the Armed Forces Communications & Electronics Association (AFCEA) - Tucson Chapter, Arizona InfraGard, and the Arizona Cyber Threat Response Alliance (ACTRA). Subject Matter Expert (SME) Speakers will be on hand from the military, government, and defense contractors to talk about current cyber threats, cyber defense, and remediation strategies. CSW will focus a unique and highly productive unification point to further Arizona's developing leadership in cybersecurity. Cyber Southwest is an annual event, and a platform for training and education, for the region's core areas of Healthcare, Education, Government, Military, Intelligence, Law Enforcement, and Homeland Security.

Hybrid Identity Protection Conference (New York, New York, USA, November 5 - 6, 2018) Learn what cutting-edge industry leaders are doing to improve identity protection in the modern organization and how they are boosting enterprise security. Network with the world’s leading identity experts and interact with your industry peers facing the same complex infrastructure and security challenges. Acquire critical technical knowledge, discover best practices and learn how to secure the evolving enterprise identity infrastructure.

Hybrid Identity Protection Conference 2018 (New York, New York, USA, November 5 - 6, 2018) The Hybrid Identity Protection Conference is the premier educational and networking event for identity experts. Learn what cutting-edge industry leaders are doing to improve identity protection in the modern organization and how they are boosting enterprise security. Network with the world’s leading identity experts and interact with your industry peers facing the same complex infrastructure and security challenges. Acquire critical technical knowledge, discover best practices and learn how to secure the evolving enterprise identity infrastructure.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

Notes from SecurityWeek's ICS Security Conference. FireEye attributes Triton to Russia. US Cyber Command DMs Russian trolls.