The CyberWire Daily Briefing 2.28.18

Summary

By The CyberWire Staff

Cloudflare and Arbor Networks warned yesterday that the Memcached open source memory caching protocol can be abused to amplify distributed denial-of-service attacks. The vulnerability-Cloudflare calls it "Memcrashed"-affects Memcached servers where UDP (User Datagram Protocol) is enabled. Arbor Networks thinks the exploit will soon be available in commodity booter services. Cloudfare urges everyone to disenable UDP if they can possibly do so. Enterprises should use this opportunity to buck up their general resilience to DDoS.

Duo Security has found a new class of vulnerability affecting single-sign-on systems that use the SAML (Security Assertion Markup Language). Exploitation could enable users with authenticated access to induce the system to authenticate them as different users without needing to know the victims' passwords.

According to MalwareHunterTeam, Thanatos ransomware makes it effectively impossible to recover files. Thanatos's masters generate a unique encryption key for each file, but save none of them, which means victims pay ransom in vain. Researchers regard this as a botched process rather than an intentionally added layer of nastiness. Some believe there may be effective, if time-consuming, ways of brute-forcing decryption.

The Senate asks what NSA and Cyber Command are doing about Russian election interference. Admiral Rogers's answer, in brief, is that his organizations lack the authorities to do much (that he can openly discuss, that is).

One reason for attacking under a false flag, even when the deception is fairly obvious? To induce doubt about future attributions, which is probably part of the point in Moscow's recent Olympic hacking maskirovka.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Brazil, China, Colombia, Israel, Mexico, Russia, United Arab Emirates, United Kingdom, United States

Struggling with your DLP? It's time to rethink your data loss prevention strategy.

Traditional data loss prevention tools aren’t cutting it anymore. Why? They are high-maintenance and require endless fine-tuning. They often miss insider threats. They stymie communication between security and other departments. And they slow down endpoints, leading to crashes and failures that drive users crazy. Learn from ObserveIT why DLP tools aren’t getting the job done in 2018 and how you can stop data loss in its tracks. Read Now.

On the Podcast

In today's podcast we hear from our partners at CenturyLink, as Dale Drew discusses trends in security collaboration. Our guest is Eric Cole, author of Online Danger.

Sponsored Events

Billington International Cybersecurity Summit (Washington, DC, USA, March 21, 2018) Billington International Cybersecurity Summit, March 21, Washington, D.C. Cybersecurity leaders from Asia, Europe, the Middle and U.S. on global threats and best practices, including Acting DoD CIO and Singapore Cyber Commissioner-designate. Sponsor Opportunities: Sandy Nuwar at 443-994-9832

Third Annual Cyber Investing Summit 5/15/18 (New York, New York, USA, May 15, 2018) Renowned cyber security executive David DeWalt will deliver the keynote address at the Third Annual Cyber Investing Summit. The Cyber Investing Summit is a unique all-day conference focused on the financial opportunities available in the rapidly growing cyber security industry. Panels will explore sector investment strategies, market growth forecasts, equity valuations, merger and acquisition activity, cryptocurrency protection, funding for startups, and more. Speakers include leading Chief Information Security Officers, VC founders, financial analysts, cyber security innovators from publicly traded and privately held companies, and government experts.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

Russian Hacker False Flags Work—Even After They're Exposed (WIRED) The Kremlin's hacking misdirection is evolving. And even when those attempts to confuse forensics fail, they still succeed at sowing future doubt.

Thanatos Ransomware Makes Data Recovery Impossible (SecurityWeek) A newly discovered ransomware family is generating a different encryption key for each of the encrypted files but saves none of them, thus making data recovery impossible.

5-year-old banking trojan and malware-as-a-service operation booms with new activity (Lookout) BancaMarStealer, also known as Marcher, is a malware family designed to phish a victim's banking (or other service) credentials. It was first spotted nearly five years ago, but today, the malware family has never been stronger. In fact, the number of samples have nearly quadrupled.

Memcached Abused for DDoS Amplification Attacks (SecurityWeek) Memcrashed: memcached protocol abused by cybercriminals for significant DDoS amplification attacks, Cloudflare and Arbor Networks warn

Surge in memcached-based reflected DDoS attacks is due to misconfigured servers (Help Net Security) Massive memcached-based reflection DDoS attacks with an unprecedented amplification factor have been ongoing for the last few days, by taking advantage of memcached servers exposed to the Internet.

Why we Don't Deserve the Internet: Memcached Reflected DDoS Attacks (SANS Internet Storm Center) Let me start off by saying: If you have a memcached server in your environment that is exposed to the internet, then you should stop scanning for them, and spend your time writing a resume instead.

How did this Memcache thing happen? (SANS Internet Storm Center) As pointed out earlier this memcached reflected DDoS thing is pretty bad.

Another massive DDoS internet blackout could be coming your way (CSO Online) A massive internet blackout similar to the Dyn DNS outage in 2016 could easily happen again, despite relatively low-cost countermeasures, according to a new study out of Harvard University.

Duo Finds SAML Vulnerabilities Affecting Multiple Implementations (The Duo Security Bulletin) This blog post describes a new vulnerability class that affects SAML-based single sign-on (SSO) systems. This vulnerability can allow an attacker with authenticated access to trick SAML systems into authenticating as a different user without knowledge of the victim user’s password.

Opt-in cryptomining script Coinhive 'barely used' say researchers (Register) We wouldn't say 'barely', says Coinhive

New UpdateChecker Coinminer Package Also Displays Ads to Further Piss You Off (BleepingComputer) A new malware package masquerading as an Flash Player update installs a miner and displays advertisements every 60 minutes.

Cryptocurrency-Mining Malware: 2018’s New Menace? (TrendLabs Security Intelligence Blog) Will cryptocurrency-mining malware be the new ransomware? The popularity and increasing real-world significance of cryptocurrencies are also drawing cybercriminal attention — so much so that it appears to keep pace with ransomware’s infamy in the threat landscape. In fact, cryptocurrency mining was the most detected network event in devices connected to home routers in 2017.

Massive Spam Campaign Targets Unpatched Systems (Threatpost) Morphisec said that it has detected several malicious word documents – part of a “massive” malspam campaign – that takes advantage of a critical Adobe Flash Player vulnerability discovered earlier this month.

Petya Ransomware Spreading Promptly Globally, Just Like WannaCry (Safe Gmail) Watch out, readers! It is ransomware, an additional WannaCry, an additional broad-unfold assault. The WannaCry ransomware is not dead nonetheless and an additional big scale ransomware assault is making chaos all over the world, shutting down pcs at corporates, ability provides, and banking institutions throughout Russia, Ukraine, Spain, France, British isles, India, and Europe and …

UK cyber risk picture: Emergency services at risk of a major cyber attack (Help Net Security) The UK cyber risk picture is not looking great. Emergency services are at risk of a major cyber-attack. This is the finding of a new landscape analysis, issued by intelligence provider Anomali.

Kaspersky Lab says smart hubs are at risk (Software Testing News) Kaspersky Lab researchers have discovered vulnerabilities in a smart hub used to manage all connected modules and sensors installed in a home.

Cryptographers Urge People to Abandon IOTA After Leaked Emails (IEEE Spectrum) A dump of private emails pits developers of the cryptocurrency against external security researchers

Researchers Warn of RedDrop Blackmail Malware (Infosecurity Magazine) Researchers Warn of RedDrop Blackmail Malware. RedDrop spyware records victims for later use, says Wandera

WordPress Users Warned of Malware Masquerading as ionCube Files (Threatpost) Researchers have found sneaky encoded malware targeting WordPress and Joomla sites that pretends to be ionCube files.

Federal law-enforcement may be able to break into any iPhone (CNET) Israeli security contractor Cellebrite says it has a tool to crack the security of almost any iPhone, according to Forbes.

When Profits Threaten Privacy – 5 Things You Need to Know about Apple in China (Anmesty) Apple is making some significant changes to how data is stored for users of its iCloud service in China – raising major concerns that the Chinese authorities will now be able to freely monitor Apple’s users in China. What do these changes mean and what options do Apple’s customers have to protect themselves?

TSP Gets Lowest Possible Score on Information Security Audit (Government Executive) Agency receives “Ad Hoc” label on first FISMA audit under new metrics.

Security Patches, Mitigations, and Software Updates

Remote Code Execution Bug Patched in Adobe Acrobat Reader DC (Threatpost) A remote code execution security flaw has been patched in one of the latest versions of Adobe Acrobat Reader DC.

Apple Tackles Cellebrite Unlock Claims, Sort Of (Threatpost) In the wake of claims an Israeli company Cellebrite has developed an unlocking tool for any iPhone, Apple is urging customers to upgrade to the latest version of iOS 11.

Cyber Trends

Introducing the Internet of Things Cybersecurity Awareness Report (Trustwave) Find out how your peers are approaching and thinking about Internet of Things security with this new Trustwave survey report, produced by Osterman Research.

CrowdStrike Reveals Time to Breakout as Key Cyber-Security Metric (eWEEK) Security firm CrowdStrike has determined that defenders have less than two hours to contain an initial attack from becoming a larger breach.

Data Breach Denial: Few Firms Are Focused On The Threat (Media Post) A new study shows that most IT pros expect serious data breaches at their firms. But their companies are not ready for them.

Marketplace

The key to discounted cyber insurance: A 'bug bounty'? (Property Casualty 360) In a bid to spread better threat awareness, this cyber insurer will offer discounts on its policies to any client that has a vulnerably disclosure and bug bounty program.

Nearly Half of Cybersecurity Pros Solicited Weekly by Recruiters (Dark Reading) More than 80% say they are 'open' to new job offers, while 15% are actively on the search, a new (ISC)2 survey shows.

Upcoming ICO: ‘MOM’ is the word as Multiven announces ICO (iNVEZZ) Mulitven has announced its ICO for the distribution of MultiCoins and says its ‘MOM’ technology will decentralize the global IT market place and secure the future of cryptocurrencies.

Un géant sud-coréen met la main sur la PME genevoise ID Quantique (rts.ch) Le spécialiste genevois de la cryptographie ID Quantique s'allie au géant sud-coréen des télécommunications SK Telecom. La PME suisse a annoncé lundi que son nouveau partenaire allait investir 53 millions de francs.

Sumo Logic Announces Significant Growth Milestones (Sumo Logic) Sumo Logic announced significant business milestones and market growth and to further drive market growth and IPO readiness, the company has also appointed BJ Jenkins, CEO of Barracuda Networks, to its board of directors.

Comodo CA Achieves Record 45 Percent Year over Year Revenue Growth Fueled by 30 New Global Partners (GlobeNewswire News Room) Comodo CA, a worldwide leader in digital identity solutions today announced record-setting growth from its channel program, delivering a 45 percent increase in year-over-year revenue.

Palo Alto Networks posts revenue and profit above Street estimates (CNBC) Palo Alto Networks' revenue and profit topped Wall Street estimates and the company gave an upbeat third-quarter forecast.

Elliott Could 'Crystalize' Akamai Campaign Soon (TheStreet) The deadline for nominating dissident director candidates at the undervalued technology company is approaching, which suggests an activist escalation is imminent.

Is This the Best Cybersecurity Stock? (Fox Business) Don't get caught up in focusing only on "pure plays."

iHLS Accelerator is Looking for Game-Changing Technologies (iHLS) We at the iHLS Security Accelerator are looking for disruptive ground-breaking technologies offering solutions for

20 Cyber Security Startups to Watch in 2018 (eSecurity Planet) Here are 20 hot IT security startups addressing everything from IoT security and blockchain to artificial intelligence and machine learning.

Netskope Expands Commitment to Enterprise Security with New Office of the CSO (PR Newswire) Netskope, the leader in cloud security, today announced the...

Products, Services, and Solutions

BUFFERZONE Eliminates Cyber Mining Malware Threat With Updated Prevention-Based Container Security Technology (Yahoo Finance) BUFFERZONE SECURITY , a provider of container and CDR (Content Disarm & Reconstruct) based next-generation endpoint security solutions protecting organizations ...

Sophos Introduces New Mobile Endpoint Security Solution (Best Endpoint Security Protection Software and Vendors) Sophos today announced the release of their latest version of their management and mobile endpoint security platform: Sophos Mobile 8.

Certified Identity Governance Expert® (CIGE) Overview & Curriculum (Identity Management Institute) Identity and Access Governance (IAG) provides the link between Identity and Access Management (IAM) rules and the policies within a company to protect systems and data from unauthorized access, streamline processes, reduce risk, and ensure compliance with the appropriate requirements

Alexa, ask McAfee to scan my network (CSO Online) At Mobile World Congress 2018, McAfee said it plans to launch Secure Home Platform (SHP) for Amazon Alexa, so a connected home’s network security can be managed via voice.

ESET launches smart TV security (ITP.net) Vendor moves to protect consumers from rising malware threats.

Misleading Cyber Foes with Deception Technology (Dark Reading) Today's deception products go far beyond the traditional honeypot by catching attackers while they are chasing down non-existent targets inside your networks.

Secure communications service Wickr is rolling out new free features (TechCrunch) Wickr, the secure communications service, is bringing new features to its free users. Already available to paying Wickr customers, users of Wickr's "Me"..

Trustwave launches proactive Threat Hunter service (GCN) The service promises to look both internally and externally for early signs of compromise.

Gemalto Enables Swift and Secure Creation of Trusted Digital Identities (BusinessWire) Gemalto, the world leader in digital security, showcases at Mobile World Congress its ability to enable Trusted Digital Identities that will unlock a

Fraud Fighting With AI-Based Biometrics Security & Password Module (Credit Union Times) An AI algorithm pioneers significant fraud-fighting technologies to detect anomalies in an interaction.

OriginGPS releases LTE-M system for low-power IoT products (GPS World) OriginGPS has chosen Gemalto’s Cinterion LTE-M wireless module to build its latest miniature OriginIoT system. Gemalto, a digital security company, designed the module for low-power applicati…

TechVets launches to offer UK military veterans a route into cyber and startups (TechCrunch) There’s a problem in the UK tech industry and it’s staring us in the face. The tech industry is growing at twice the rate of the wider economy and now..

Technologies, Techniques, and Standards

Gearing up to meet GDPR compliance requirements (TechTarget) Ice Miller attorney Nicholas Merker gives a webcast presentation on how to prepare for the GDPR compliance requirements.

11 Tips for prioritizing security spending (Networks Asia) How to keep things locked down when you can't afford new locks.

Do you have a rehearsed cyberattack response plan? (Canadian Lawyer) Companies need to create and rehearse an incident response plan to avoid late intervention during a cyberattack, according to panellists speaking at a conference in Toronto last week.

Law Firm Security: Will Your Router Cost You Your License? (The National Law Review) Insigniary showed in their research that a large number of WiFi routers have firmware issues, which allow for data breaches and hacks. These issues have existed for almost two years, yet they haven&rs

How to Prevent Data Breaches Caused by Employees (Security Boulevard) Studies have shown that data breaches can be traced back to employees of an organization. It is important to note, however, that employees who cause these data breaches can be categorized into three types...

Getting the most out of your next generation firewall (ITworld) Next generation have a lot of useful features, but they only work if IT pros use them, configure them properly and keep them updated.

Perimeter vs Persistent Security: Five Steps to Ensure Network Security (SecurityWeek) Organizations need to be able to quickly identify threats and vulnerabilities inside the network, formulate a plan of action through testing and remediate issues before they get out of control.

A New Era in Network Segmentation? (Healthcare Informatics Magazine) As part of our Cybersecurity Special Report, Mark Hagland speaks with healthcare IT experts about network segmentation, a standard strategy in IT security receiving new scrutiny, as the need for advanced strategies becomes more and more apparent in healthcare.

Research and Development

Mind The Gap -- How Quantum Computers May Leave Today's Online Services Vulnerable (Forbes) When you order something online or interact with your bank or healthcare provider the data sent across the internet is most likely encrypted with today's strongest cryptography using very large prime numbers.

Should we apply the brakes on artificial intelligence research? (LiveMint) Should AI research be on the same pedestal as research into the cloning of humans, with which, by the by, it shares many ethical characteristics?

Governors must shepherd in AI with responsible data stewardship, IBM CEO says (StateScoop) Ginni Rometty says artificial intelligence will affect 100 percent of jobs and that state leaders have a central role to play as the technology emerges.

Legislation, Policy and Regulation

State Department designates 7 ISIS-affiliated groups as terrorist organizations (FDD's Long War Journal) The State Department announced today announced today that seven ISIS-affiliated groups have been designated as terrorist organizations. Underscoring the so-called caliphate's growth outside of Iraq and Syria, the move targets ISIS affiliates in Bangladesh, Egypt, the Philippines, Somalia, Tunisia and West Africa. Two ISIS leaders in Africa were named as specially designated global terrorists as well.

Understanding the cyber threat key to UK defence, says NCSC (ComputerWeekly.com) Understanding cyber threats is key to defending the UK and ensuring it is a safe place to do business, says the National Cyber Security Centre.

U.S. cybersecurity threat risk remains high -- no signs of lessening (CSO Online) The U.S. Director National Intelligence says the public and private sectors in the U.S. are at continual risk and the country should expect cyber attacks from nation state and non-state actors.

Top intel official says US hasn't deterred Russian meddling (Fifth Domain) “I believe that President (Vladimir) Putin has clearly come to the conclusion that there’s little price to pay and that therefore, ‘I can continue this activity,‘” Adm. Mike Rogers, director of both the U.S. Cyber Command and the National Security Agency, told Congress.

Senators: Cyber Command should disrupt Russian influence campaigns (Fifth Domain) Senators pressed Cyber Command on how they can use their national mission force to combat Russian cyber intrusions.

Rogers: CyberCom lacks authority, resources to defend all of cyberspace (FCW) The outgoing NSA and U.S. Cyber Command chief told lawmakers CyberCom is not sitting on its hands when it comes to potential Russian cyber interference, but it lacks the authority to do more absent additional presidential direction.

NSA: Trump’s Lukewarm Response on Russia Will Embolden Putin (Infosecurity Magazine) NSA: Trump’s Lukewarm Response on Russia Will Embolden Putin. Expect more election interference, Cyber Command boss warns

Decoding NSA director Mike Rogers' comments on countering Russian cyberattacks (Washington Examiner) It's not as simple as 'I'm not authorized to do anything.'

The ‘real strength’ in Cyber Command’s recent work (Fifth Domain) Cyber Command has made significant progress in recent years with the integration of cyber into traditional military operations, the organization's chief said.

SEC, Congress take steps toward cyber accountability and transparency (TheHill) Cyber risk affects virtually every kind of enterprise. It is not a matter of if, but when. Companies should start with the presumption that they will be attacked.

Senator Markey officially introduces legislation to reestablish net neutrality (TechCrunch) Senator Ed Markey (D-MA) has introduced legislation to reverse the FCC's recently published order and reestablish 2015's net neutrality rules. Although the..

Warrantless surveillance law proves it’s time to take privacy into our own hands (TechCrunch) The warrantless surveillance law gained attention in 2013 when Edward Snowden leaked that the NSA was using it to spy on Americans’ text messages, phone..

Inside the dark web of the UAE's surveillance state (Middle East Eye) Since the Arab uprisings of 2011, UAE has utilised 'cyber-security governance' to quell the harbingers of revolt and suppress dissident voices

3 years after data breach, OPM still struggling to modernize IT (FederalNewsRadio.com) In OPM’s inspector general’s latest management report on the IT modernization initiative, auditors called into question the agency’s planning process.

Litigation, Investigation, and Enforcement

U.S. intel: Russia compromised seven states prior to 2016 election (NBC News) The intelligence community determined Russia had accessed state websites or voting databases, but never told the states who was behind it.

Bernie Sanders struggles to address Russian support after Mueller indictment (Fox News) Sen. Bernie Sanders has seemingly struggled to address recent allegations that Russia's campaign to interfere in the 2016 presidential election included a plan to boost his Democratic primary campaign.

Kushner loses access to top-secret intelligence (POLITICO) A memo sent Friday downgraded the presidential son-in-law and adviser and other White House aides who had been working on interim clearances, barring them from top-secret information.

Microsoft doesn’t want to turn over foreign server data, SCOTUS to weigh in (Ars Technica) Silicon Valley fears that if US wins, its data held abroad will be vulnerable.

Justices look at how older law applies to internet cloud (Federal Times) The justices heard arguments in a dispute between the Trump administration and Microsoft Corp. over a warrant for emails stored in the internet cloud outside the United States.

Palantir has secretly been using New Orleans to test its predictive policing technology (Verge) Palantir deployed a predictive policing system in New Orleans that even city council members don’t know about

How Liberals Amped Up a Parkland Shooting Conspiracy Theory (WIRED) A fake story about a Parkland student started on the right, but outrage-tweeting on the left propelled it into the mainstream.

ISIS recruiter caught by Facebook screenshot (Naked Security) An ISIS follower tried to radicalize hundreds of strangers worldwide, until one of his targets captured the messages and gave them to police.

Bot Roundup: Avalanche, Kronos, NanoCore (KrebsOnSecurity) It’s been a busy few weeks in cybercrime news, justifying updates to a couple of cases we’ve been following closely at KrebsOnSecurity.

Apple co-founder Steve Wozniak scammed by Bitcoin fraudster (Naked Security) Apple co-founder and tech icon Steve Wozniak has reportedly admitted falling victim to Bitcoin fraud.

Does Cyber Insurance Cover Lawsuits? (CyberInsureOne) Cyber insurance is designed to insulate policyholders from financial consequences resulting from cyber incidents. Those incidents include everything from a large-scale data breach to an accidental denial of services.

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

AFFIRM and USCC 5th Annual Cybersecurity Summit (Arlington, Virginia, USA, March 8, 2018) The 5th Annual Cybersecurity Summit is a place for important discussions about the challenges with cyber-security and is also a significant benefit both for the AFFIRM scholarship program, which helps students focused on IT skills and is the largest support for USCC's summer camp program, which focuses on cybersecurity. Cybersecurity is a dynamic and crosscutting field that is ever changing and increasingly challenging to address. This in-depth, half-day session will gather an all-star line-up of chief information officers, chief information security officers, and other thought leaders from government and industry who will explore growing threats as well as innovative approaches to attract and retain the best cyber talent.

Northeast Regional Security Education Symposium (Jersey City, New Jersey, USA, March 23, 2018) The Professional Security Studies Department at New Jersey City University (NJCU) will hold its Northeast Regional Security Education Symposium on Friday, March 23, 2018, from 8 am to 2 pm. The symposium will feature discussions about national, corporate and cybersecurity implications related to the public and private sectors. This year’s symposium will take place at the NJCU School of Business’ Skyline Room, 147 Harborside Financial Center in Jersey City, NJ, with stunning views of Manhattan across the Hudson River. The event will feature a dark web overview, national security and media coverage, careers in security, and risk assessment and security.

2018 Mississippi College Cybersecurity Summit (Clinton, Mississippi, USA, April 10 - 11, 2018) The 2018 Mississippi College Cybersecurity Summit is a conference designed to engage, educate, and raise awareness about cybersecurity across the nation. The 2018 Cybersecurity Summit will provide valuable cybersecurity tools and resources for a variety of industries and topics, including: critical infrastructure, healthcare, government, education, large and small business issues, and cryptocurrencies.

upcoming Events

The Cyber Security Summit: Atlanta (Atlanta, Georgia, USA, February 28, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts. Learn from cyber security thought leaders from The FBI, U.S. Secret Service, IBM, and more. Engage in panel discussions focusing on trending cyber topics such as Sr. Leadership’s Best Approach to Cyber Defense, What’s Your Strategic Incident Response Plan?, Protecting your Enterprise from the Human Element and more. Your registration includes a catered breakfast, lunch, and cocktail reception. Receive half off your admission with promo code cyberwire50 at CyberSummitUSA.com and view details including the full agenda, participating solution providers & confirmed speakers. Tickets are normally $350, but only $175 with promo code.

PrivacyCon 2018 (Washington, DC, USA, February 28, 2018) The 2018 PrivacyCon will expand collaboration among leading privacy and security researchers, academics, industry representatives, consumer advocates, and the government. As part of this initiative, the FTC sought general research that explores the privacy and security implications of emerging technologies, such as the Internet of Things, artificial intelligence and virtual reality. The 2018 event will focus on the economics of privacy including how to quantify the harms that result from companies’ failure to secure consumer information, and how to balance the costs and benefits of privacy-protective technologies and practices.

NITSIG Meeting: Protecting Controlled Unclassified Information On U.S. Government Contractor Information Systems (Laurel, Maryland, USA, March 2, 2018) This meeting will discuss the security control requirements for the protection of Controlled Unclassified Information (CUI), for contractor information systems upon which CUI is processed, stored on, or transmitted through. These requirements must be implemented at both the contractor and subcontractor levels based on the information security guidance in NIST Special Publication (SP) 800-171: Protecting Controlled Unclassified Information In Non-Federal Information Systems And Organizations. The CUI protection requirements are intended for use by federal agencies in contractual vehicles or other agreements established between those agencies and non-federal organizations. Failure to implement the security controls to protect CUI, would be a breach of contract.

Insider Threat Program Management With Legal Guidance Training Course (Herndon, Virginia, USA, March 6 - 7, 2018) The course will cover current regulations like National Insider Threat Policy NITP and NISPOM Conforming Change 2, and more. The course will provide the ITP Manager and Facility Security Officer with the knowledge and resources to develop, manage, or enhance an ITP. The course will help not only organizations required to maintain and submit an ITP, but any business or organization concerned with Insider Threat Risk Mitigation. Insider Threat Defense has trained over 500+ organizations and has become the "Leader-Go To Company" for ITP Management Training.

SINET ITSEF 2018 (Silicon Valley, California, USA, March 7 - 8, 2018) Bridging the gap between Silicon Valley and the Beltway. SINET – Silicon Valley provides a venue where entrepreneurs can meet and interact directly with leaders of government, business and the investment community in an open, collaborative environment focused on identifying solutions to Cybersecurity challenges.

PCI Security Standards Council Middle East and Africa Forum (Cape Town, South Africa, March 14 - 15, 2018) Don’t miss the data security event of the year for the payment card industry. Join us for: networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes and industry expert speakers. The PCI Security Standards Council’s 2018 Middle East and Africa Forum (MEAF) provides you the information and tools to help secure payment data. They lead a global, cross industry effort to increase payment security by providing industry-driven, flexible and effective data security standards and programs that help businesses detect, mitigate and prevent criminal attacks and breaches.

SecureWorld Boston (Boston, Massachussetts, USA, March 14 - 15, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

Cyber 9-12 (Washington, DC, USA, March 16 - 17, 2018) Now entering its fifth year, the Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges associated with cyber crisis and conflict. Part interactive learning experience and part competitive scenario exercise, it challenges teams to respond to a realistic, evolving cyberattack and analyze the threat it poses to national, international, and private sector interests.

Infosecurity Magazine Spring Virtual Conference (Online, March 21, 2018) Tune in on Wednesday March 21 for day two of our two-day online event to learn what’s going on at the heart of the industry. Our easy to digest format offers a mix of short sessions, panel debates and live profile interviews, all fully produced and moderated by the Infosecurity Magazine editorial team. Each day event looks into the biggest industry issues and trends creating an immersive education program featuring a large selection of high calibre speakers and specialists in their field.

3rd Annual Billington International Cybersecurity Summit (Washington, DC, USA, March 21, 2018) With confirmed speakers from Estonia, Romania, Singapore, Sweden, the United States, and Kuwait, and with attendees from many more countries, this summit brings together world-class cybersecurity thought leaders to engage in high-level information sharing, unparalleled networking and public-private partnerships from a cross-section of civilian, military and intelligence agencies, industry and academia.

Infosecurity Magazine North America Virtual Conference (Online, March 21 - 22, 2018) Tune in on Wednesday March 21 for day two of our two-day online event to learn what’s going on at the heart of the industry. Our easy to digest format offers a mix of short sessions, panel debates and live profile interviews, all fully produced and moderated by the Infosecurity Magazine editorial team. Each day event looks into the biggest industry issues and trends creating an immersive education program featuring a large selection of high calibre speakers and specialists in their field.

The Cyber Security Summit: Denver (Denver, Colorado, USA, March 22, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts. Learn from cyber security thought leaders and Engage in panel discussions focusing on trending cyber topics such as Sr. Leadership’s Best Approach to Cyber Defense, What’s Your Strategic Incident Response Plan?, Protecting your Enterprise from the Human Element and more. Your registration includes a catered breakfast, lunch, and cocktail reception. Receive half off your admission with promo code cyberwire50 at CyberSummitUSA.com and view details including the full agenda, participating solution providers & confirmed speakers. Tickets are normally $350, but only $175 with promo code.

Women in CyberSecurity 2018 (Chicago, Illinois, USA, March 23 - 24, 2018) Through the WiCyS community and activities we expect to raise awareness about the importance and nature of cybersecurity career. We hope to generate interest among students to consider cybersecurity as a viable and promising career option.

SecureWorld Philadelphia (Philadelphia, Pennsylvania, USA, March 28 - 29, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

National Cyber League Spring Season (Chevy Chase, Maryland, USA, March 30 - May 25, 2018) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against cybersecurity challenges that they will likely face in the workforce. All participants play the games simultaneously during Preseason, Regular Season and Postseason. NCL allows players of all levels to enter. Between Easy, Medium and Hard challenges, students have multiple opportunities to really shine in areas as they excel. Registration for the Spring Season is 2/26/18-3/25/18.

4th Middle East Cyber Security Summit (Riyadh, Saudi Arabia, April 4 - 5, 2018) The summit will feature state of the art presentations, hackathons and technology showcasing from regional and international experts and leading technology providers. One of the focus areas of the summit will be block-chains & artificial intelligence in existing technical infrastructure in order to protect organizations from external attacks. The need of the hour is to create an ecosystem of trust aided with cybersecurity capabilities.

Cybersecurity: A Shared Responsibility (Auburn, Alabama, USA, April 8 - 10, 2018) During the 2018 SEC Academic Conference, we will explore three themes within cyber security: the underlying computer and communication technology; the economic and physical systems that are controlled by technology; and the policies and laws that govern and protect the use of information that is stored in, transmitted by, and processed with technology.

Sea-Air-Space: The Navy League’s Global Maritime Exposition (National Harbor, Maryland, USA, April 9 - 11, 2018) Join us this April for Sea-Air-Space, the largest maritime exposition in the U.S., with 275+ exhibitors displaying the latest in maritime, defense and energy technology. This year’s theme, “Learn. Compete. Win.” reminds us that every day our men and women in uniform are learning new strategies, tactics and energy technology to compete against the world's best, where winning is the only option. The challenge is always on, and Sea-Air-Space is your place to participate in interactive exhibits, professional development sessions, and open forums disclosing timely information. Hear from active duty military, government and industry leaders on key issues and future strategies for the U.S. Navy, Marine Corps, Coast Guard U.S.-flag Merchant Marine.

ISC West 2018 (Las Vegas, Nevada, USA, April 11 - 13, 2018) ISC West is THE largest security industry trade show in the U.S. At ISC West, you will have the chance to network with over 30,000 security professionals through New Products & Technologies encompassing everything from access control to unmanned vehicles from over 1,000 Exhibitors & Brands.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.