The CyberWire Daily Briefing 3.14.18

Summary

By The CyberWire Staff

Significant flaws in AMD processors were reported by CTS Labs. AMD says it's investigating, but also said it had never heard of CTS Labs, and that CTS gave AMD only a day's warning before going public. The flaws, which affect EPYC, Ryzen, Ryzen Pro, and Ryzen Mobile processors, require admin rights for exploitation. CTS Labs calls the vulnerabilities "Masterkey," "Ryzenfall," "Fallout," and "Chimera." Security experts differ over how severe the problems are; few seem willing to defend the way they were disclosed.

Cylance describes OceanLotus (also known as APT32 or Cobalt Kitty), a cyber espionage group generally believed to operate from Vietnam. [But note the correction, below.] OceanLotus uses sophisticated backdoors, obfuscated beacon payloads, and an array of loaders assembled from a range of exploit kits. ESET is also tracking the group.

The UK is expelling twenty-three Russian diplomats in retaliation for the attempted assassination of a former GRU officer. Russia offered no explanation (beyond denial) before last night's midnight deadline, instead demanding explanation of rumors that the UK is considering retaliatory cyberattacks against Russia. HM Government is asking for a UN Security Council meeting.

Another Russian, businessman Nikolai Glushkov, fugitive from Russian justice in an Aeroflot embezzlement case and witness in the Litvinenko assassination (also in the UK) died under "unexplained" circumstances Tuesday in his London home. Police report signs of strangulation.

The MuddyWater threat group, generally associated with Iran, also seems disposed to play rough. Trend Micro researchers probing a server connected to the group received a message, "Stop!!! I Kill You Researcher."

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Cambodia, China, Egypt, European Union, Iran, Republic of Korea, Laos, Philippines, Russia, Singapore, United Kingdom, United States and Vietnam

Cylance pulled their research on OceanLotus after we published the CyberWire today. We've replaced their account with a report from ESET on the same threat group. ESET notes the characteristic OceanLotus mixture of novelty and repurposed tools derived from an array of exploit kits.

Intelligent response to doing more with less

Phishing, ransomware, and data breaches plague organizations of all sizes and industries, but the financial services market has always had the largest target on its back. How do you fend off these attacks when you don’t have the budget or resources for everything you need to protect your organization: data feeds, tools, analysis and mitigation? Learn more in our webinar on Wednesday, March 21 @ 2pm ET. Sign up now!

On the Podcast

In today's podcast, we speak with our partners at Accenture, as Justin Harvey discusses the importance of the first 48 hours following a breach. Our guest, Patrick Sullivan from Akamai, talks about VPNs and the notion of "verify and never trust."

Sponsored Events

How to Sell Your Cyber Startup's Software to Large Fortune 500 Companies (Fulton, Maryland, USA, March 15, 2018) Joe Silva, VP Cyber Threat & Intelligence at TransUnion, will share his perspective on how large Fortune 500 companies approach buying software from cyber start-ups. Early stage founders and technology innovators come to learn, network & enjoy free food & beverages.

Billington International Cybersecurity Summit (Washington, DC, USA, March 21, 2018) Billington International Cybersecurity Summit, March 21, Washington, D.C. Cybersecurity leaders from Asia, Europe, the Middle and U.S. on global threats and best practices, including Acting DoD CIO and Singapore Cyber Commissioner-designate. Sponsor Opportunities: Sandy Nuwar at 443-994-9832

Cyber Security Summits: Denver on March 22 & May 15 in Dallas (Denver, Colorado, USA, March 22, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, Darktrace, IBM and more. Register with promo code cyberwire50 for half off your admission (Regular price $350) https://CyberSummitUSA.com

Third Annual Cyber Investing Summit 5/15/18 (New York, New York, USA, May 15, 2018) Renowned cyber security executive David DeWalt will deliver the keynote address at the Third Annual Cyber Investing Summit. The Cyber Investing Summit is a unique all-day conference focused on the financial opportunities available in the rapidly growing cyber security industry. Panels will explore sector investment strategies, market growth forecasts, equity valuations, merger and acquisition activity, cryptocurrency protection, funding for startups, and more. Speakers include leading Chief Information Security Officers, VC founders, financial analysts, cyber security innovators from publicly traded and privately held companies, and government experts.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

AMD Investigating Reports of 13 Critical Vulnerabilities Found in Ryzen, EPYC Chips (Threatpost) Researchers on Tuesday disclosed over a dozen critical security vulnerabilities in several AMD chips, opening them up for attackers who want to steal sensitive data and install malware on AMD servers, workstations and laptops.

A raft of flaws in AMD chips makes bad hacks much, much worse (Ars Technica) AMD says its Secure Processor is impenetrable. Instead, it can harbor malware.

Severe Security Advisory on AMD Processors (CTS Labs) This document is meant to inform about multiple critical security vulnerabilities and exploitable manufacturer backdoors inside AMD’s latest EPYC, Ryzen, Ryzen Pro, and Ryzen Mobile lines of processors.

OceanLotus sets sights on high-profile targets in Southeast Asia (WeLiveSecurity) ESET researchers have uncovered the latest additions to the malicious toolkit of the APT group known as OceanLotus focused on Southeast Asia.

"OceanLotus" Spies Use New Backdoor in Recent Attacks (SecurityWeek) OceanLotus, a cyber-espionage group believed to be operating out of Vietnam, has been using a new backdoor in recently observed attacks, but continued to employ previously established tactics.

Winter Olympics Cyber Attack - All Signs Point to Russia (CyberDB) A cyber attack disrupted the recent opening Olympic Games ceremonies, which was confirmed by a spokesman for the Pyeongchang Organizing Committee.

'MuddyWaters' group threatens researchers' lives after they discover attack servers (Cyberscoop) Trend Micro researchers were probing a server that appeared connected to a possible data breach when they received a message that read: "Stop!!! I Kill You Researcher.”

Calendar 2 app pulled from Mac App Store after cryptomining controversy (Graham Cluley) Calendar 2 offered of its features for free if you allowed it to "unobtrusively" generate Monero cryptocurrency in the background. Shame then that it wasn't unobtrusive, and bugs meant it mined regardless of whether you wanted it to or not.

Greedy cybercriminals host malware on GitHub (Avast) Cryptocurrency mining malware, which also installs a malicious Chrome extension, hosted on GitHub for anyone to download.

Smart devices can spy on you, say BGU researchers (The Jerusalem Post) Carefully consider the benefits and risks of connecting a device to the Internet.

Fertility Clinic Liquid Nitrogen Incidents – could they have been hacks? (Control Global) Two different fertility clinics on opposite sides of the country had almost simultaneous failures of their liquid nitrogen systems that appear to be process sensor-related and possibly cyber-related. What are the implications to these and other industries using liquid nitrogen?

Facebook Really Is Spying on You, Just Not Through Your Phone’s Mic (Wall Street Journal) Facebook is now so good at watching what we do online—and even offline, wandering around the physical world—it doesn’t need to hear us to know what we like. Here are some ways to limit the amount of data Facebook and advertisers are collecting about you.

Tweet thieves suspended by Twitter (Naked Security) ‘Tweetdecking’ plagiarists have been making thousands per month, ripping off jokes and tweets and selling retweets.

Florida Virtual School warns of massive data breach (Tampa Bay Times) Florida Virtual School (FLVS) has alerted students, parents, and alumni after a massive security breach.A notice posted by the online school says the data breach occ

Fortnite Gamers Warned Over Account Hacking (Infosecurity Magazine) Players apparently faced with large credit card charges from fraudulent purchases

Security Patches, Mitigations, and Software Updates

Flash, Windows Users: It’s Time to Patch (KrebsOnSecurity) Adobe and Microsoft each pushed critical security updates to their products today. Adobe’s got a new version of Flash Player available, and Microsoft released 14 updates covering more than 75 vulnerabilities, two of which were publicly disclosed prior to today’s patch release.

Microsoft March Patch Tuesday Fixes 74 Security Issues (BleepingComputer) Microsoft has released its monthly security updates, and this month the company patched 74 vulnerabilities affecting products such as Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Exchange Server, ASP.NET Core, .NET Core, PowerShell Core, ChakraCore, Microsoft Office, and Microsoft Office Services and Web Apps.

March security updates expand Meltdown-Spectre protection for Windows (ZDNet) Microsoft's Patch Tuesday updates for March include a variety of security updates for all supported Windows versions, as well as removing a compatibility check for antivirus software. A separate release significantly expands available microcode updates for affected Intel CPUs.

Microsoft Admits It Incorrectly Upgraded Some Windows 10 Users to v1709 (BleepingComputer) Microsoft admitted last week that it incorrectly updated some Windows 10 users to the latest version of the Windows 10 operating system —version 1709— despite users having specifically paused update operations in their OS settings.

Patch Tuesday drops the mandatory antivirus requirement after all (Ars Technica) Today’s patches also include an annoying-looking remote code execution bug.

Firefox turns out the lights on two privacy-sucking features (Naked Security) Thanks to some illuminating privacy research, it’s “lights out” for another pair of esoteric APIs.

Samba Patches Two Critical Vulnerabilities in Server Software (Threatpost) Samba released fixes for its networking software to address two critical vulnerabilities that allowed attackers to change admin password or launch DoS attacks.

Critical Vulnerabilities Addressed in SecurEnvoy SecurMail (SecurityWeek) Multiple critical vulnerabilities impacting SecurEnvoy SecurMail could result in an attacker being able to read encrypted emails and even delete or overwrite messages in a user’s inbox.

Cyber Trends

Comodo Global Malware Report 2017: Malicious Cyber Activity Surges Coincide with Geopolitical Events (PR Newswire) Comodo, a global innovator of cybersecurity solutions, today announced...

Usual Threats, But More Sophisticated and Faster: Report (SecurityWeek) Just about every type of attack is increasing in both volume and sophistication, including increasing use of PowerShell and JavaScript to avoid threat detection.

Cyber Gangs Get Smarter (Infosecurity Magazine) Why internationally-orchestrated cyber-attacks are continuing to succeed.

3 cybersecurity areas in which CISOs are becoming more proactive (CSO Online) Security executives are taking a hands-on approach in areas such as threat intelligence, privacy, and business initiatives.

Cybersecurity's biggest challenges: Trust, cyber fatigue, and the battle over AI (TechRepublic) Dr. Richard Ford, Chief Scientist at Forcepoint, discusses how cyber attacks undermine confidence in our institutions, the dangers of "cyber fatigue," and how AI is where the battle for cyber safety will be won or lost.

Merlin International & Ponemon Institute Cybersecurity Study Signals Dangerous Diagnosis for Healthcare Industry (BusinessWire) Merlin International, in partnership with the Ponemon Institute, released the results of its healthcare cybersecurity study.

Marketplace

How Fear of Huawei Killed $117 Billion Broadcom Deal (Bloomberg.com) U.S. President Donald Trump’s unprecedented move to block Broadcom Ltd.’s hostile takeover bid for Qualcomm Inc. reflects growing concern about China’s rising economic prowess.

Fear of rising China: Broadcom deal killed in unprecedented move by US (Asia Times) Backlash grows over Chinese deal in Germany

Blocking of Broadcom-Qualcomm Tie-up Highlights 5G Security Fears (SecurityWeek) The move by President Donald Trump blocking a proposed takeover of Qualcomm by Singapore-based Broadcom highlights growing concerns about the rise of Chinese competitors in the telecom sector and related national security issues.

Are Cybersecurity Stocks the Next Big Buyout Targets? (247wallst.com) Nobody knows for sure the next sector for big buyouts, but these four companies in the cybersecurity world are all rated Buy at Merrill Lynch and would be very logical targets.

‘Dead weight’ Dell would destroy VMware’s value, says big investor (Register) Jericho Capital says deal would benefit Dell alone, suggests VMware buy Red Hat instead

Zscaler boosts targets by 50 percent ahead of Friday's IPO (Silicon Valley Business Journal) The targets have been raised again for what's expected to be the first Bay Area tech IPO in four months.

Security Startup BioCatch Closes $30M Funding Round for ‘Behavior (SDxCentral) Security startup BioCatch closed a $30 million financing round, bringing its total funding to $47 million. The company's platform uses what it calls "behavi

Singapore's Singtel Innov8 leads $20m funding round in Airspace Systems (DealStreetAsia) Singtel Innov8 has led the $20-million Series A funding round in Silicon Valley-based drone security solutions provider Airspace Systems Inc.

Singtel Innov8, STT back $40m Series D in AI startup Moogsoft (DealStreetAsia) The funding round, led by Goldman Sachs Growth Equity, was also joined by existing investors HCL, Northgate Capital, Redpoint Ventures, and Wing VC.

For Palo Alto Networks, Is the Best Yet to Come? (The Motley Fool) The company is doing the right things in the cybersecurity space.

Fortinet: Still Undervalued? (Seeking Alpha) Fortinet has been cast in a not so friendly light in recent years. This gravity toward unfounded bearishness might continue to provide value for those who belie

Corero Network Security is turning things around (Proactiveinvestors UK) Corero Network Security PLC (LON:CNS) - The company was arguably late to change to a software-as-a-service model, but the change is beginning to take hold

RSAC: The Conference They Love To Hate (Security Boulevard) RSAC has drawn the ire of some for not having more women speakers at the event. But before calling out the RSAC team for its perceived misdeeds, here are a couple of things worth considering.

Products, Services, and Solutions

Cisco Meraki Takes its Bug Bounty Program Public with Bugcrowd (GlobeNewswire News Room) Cisco Meraki to award up to $10,000 per vulnerability to ensure the security of its customers

NSS Labs Initiates Group Test Coverage of the Endpoint Detection and Response Market (GlobeNewswire News Room) Addition of EDR Group Test Leverages NSS Labs’ Unmatched Testing Expertise to Empower Informed Decision Making

Exabeam Tackles Compromised IoT Threat (GlobeNewswire News Room) New Entity Analytics Product Uses Machine Learning to Flag Suspicious Device Behavior

DFLabs Raises the Bar for Responding to and Containing Security Incidents with Machine-based Automation (BusinessWire) New IncMan platform uses machine learning-based run books to automate security incident response workflows and remediate threats based on risk factors

Proof of Evidence Blockchain Service for Compliance, Provenance and Data Verification (allcoinsnews.com) Evident Proof has launched an Ethereum blockchain and token-based service that turns data into immutable proof chains, transforming the way data is stored and providing indelible evidence that can be

Aryaka's Global Network Provides Unique SD-WAN Security (SDxCentral) Aryaka partnered with Palo Alto Networks, Zscaler, and Radware to boost the security of its software-defined wide area networking (SD-WAN) service.

BluVector Extends File-based and Fileless Malware Detection to Cloud-based Email Services (BusinessWire) BluVector Cortex includes support for Office 365 & Google Mail & helps detect file-based & fileless malware attacks through cloud-base email services

DFLabs Introduces New Version of IncMan SOAR Platform (ReadITQuik) New version brings down the time and problems connected with responding to, containing, as well as getting rid of cybersecurity threats

PrivacyRules® Launches its Global Alliance of Privacy and Data Protection Expertise (PR Newswire) PrivacyRules®, the world's first and unique leading professional alliance...

Stellar Partners with Keybase to Help Facilitate Global Crypto Transfers (CryptoSlate) In a highly anticipated move, Stellar (XLM) has announced a tie-up with Keybase that will enable cross-border transactions without the need of lengthy cryptographic addresses. Keybase is a free security app which makes use of public-key enabled cryptographic modules to secure smartphones and PCs. However, with this new partnership, Stellar hopes to create a platform …

Dojo by BullGuard Beats Samsung Gear 360 as GSMA GLOMO Awards ‘Best Connected Consumer Electronic Device’ (PR Blonde) Dojo by BullGuard, the announces the Intelligent IoT Security Platform, wins the Global Mobile Award for ‘Best Connected Consumer Electronic Device’ at MWC 2018 to offer digital and physical protection against cyber-criminals attacking smart home devices

Technologies, Techniques, and Standards

Layers of Cybersecurity: Signature Detection vs. Network... (Bricata) Signature-based detection is effective at identifying known threats but comes with inherent limitations: the threat must be known in order to create a signature. Behavioral analysis is useful for identifying unknown threats because it's looking for... #ids #networksecurity #signaturedetection

Cyber test aims to protect Wisconsin election systems from hacking attempts (Madison.com) The tests are the state's most concrete response yet to unsuccessful attempts by hackers linked to the Russian government to target Wisconsin election systems in 2016.

Detecting Attacks that Exploit Meltdown and Spectre with Performance Counters (TrendLabs Security Intelligence Blog) We worked on a detection technique for attacks that exploit Meltdown and Spectre by utilizing performance counters available in Intel processors.

These Aren’t the Password Guidelines You’re Looking For (Security Boulevard) “You don’t need to see his identification.” It’s a classic line. With a flick of the wrist old Ben Kenobi deftly bypasses the identity & access management system of the poor Stormtroopers just doing their job. One would think, in that technological era, so long ago, that more advanced (and less spoofable) methods of authentication would … These Aren’t the Password Guidelines You’re Looking ForRead More »

Design and Innovation

YouTube is turning to Wikipedia to help it fight conspiracy theories (Quartz) On videos promoting conspiracy theories, the site will place linked Wikipedia text boxes discussing the event in question.

How blockchain can play a life-saving role in the war against fake medication (The Loadstar) Lives could be saved each year by using blockchain technology to prevent the spread of counterfeit drugs and fake medication in the supply chain.

Research and Development

ARPA-E tilts toward cyber (FCW) The Advanced Research Project Agency-Energy, which focused on making grants and loans to alternative energy companies under the Obama administration, may find a new lease on life as a cybersecurity skunkworks.

Trump really wants to kill ARPA-E; federal agency says that’s folly (Ars Technica) Directors say neither private industry not traditional grant programs work.

Legislation, Policy and Regulation

UK expels 23 Russian diplomats over spy poisoning (the Guardian) Rolling coverage of the day’s political developments as they happen, including Theresa May and Jeremy Corbyn at PMQs and May’s Commons statement announcing retaliation against Russia after the Russian spy attack

All the ways Theresa May could retaliate against Russia for the poisoning of Sergei Skripal (Business Insider) The UK prime minister has promised to set out the "full range of measures" Britain will take in retaliation against Russia.

Russia retaliation could hurt UK business (BBC News) A crackdown on Russia's UK business ties would come up against a complex and lucrative web of interests.

Britain and Russia brace for showdown as deadline expires for nerve... (Reuters) Britain braced for a showdown with Russia on Wednesday after a midnight deadline set by Prime Minister Theresa May expired without an explanation from Moscow about how a Soviet-era nerve toxin was used to strike down a former Russian double agent.

Russian embassy: Moscow will not respond to ultimatum (RTE.ie) Russia will refuse to meet British Prime Minister Theresa May's midnight deadline unless Britain agrees to send Moscow samples of the nerve agent used to poison Sergei Skripal.

Russian embassy demands explanation from UK Foreign Office about cyber attack threats (TASS) The Times said earlier, citing its sources in the UK government, that Britain was mulling staging a cyber attack on Russia in response to the poisoning of Sergey Skripal and his daughter

Don’t try to intimidate us, Russia warns Britain (Times) Russia warned Britain not to issue threats and “groundless ultimatums” as it defied a demand to account by midnight for the use of its nerve agent in the Salisbury poisoning. Theresa May is...

U.S., Britain demand answers from Russia in spy attack (UPI) The Russian government is facing a midnight deadline to give answers about the poisoning of a former spy, in light of growing suspicions.

Russia warns Britain against cyber attack response to spy poisoning (Reuters) Russia's embassy in London said on Tuesday it was seriously concerned about reports that Britain could launch a cyber attack against Russia and urged the UK to carefully weigh the consequences of such action.

Tillerson Out, Mike Pompeo to State (Foreign Policy) Rex Tillerson seemed to be a dead man walking for months. Now the former ExxonMobil boss is out as America’s top diplomat.

Hill Must Act Now To Protect Elections From Russians: Cyber Commander (Breaking Defense) If you want the military to defend this fall's elections from Russian hackers, military cyber commanders told Congress this afternoon, you need to give it authorities, access and resources soon, military commanders told the Senate today.

Livestream: Senate Armed Services Hearing on the Cyber Posture of the Services (Lawfare) The Senate Armed Services Subcommittee on Cybersecurity is holding a hearing Tuesday afternoon at 2:30 p.m. on "The Cyber Posture of the Services."

Litigation, Investigation, and Enforcement

Terror police investigate death of Litvinenko witness Nikolai Glushkov at home (Times) Counterterrorism police were investigating last night the “unexplained death” in London of a Russian exile who was close friends with a critic of President Putin. The discovery of Nikolai...

James Clapper avoids charges for 'clearly erroneous' surveillance testimony (Washington Examiner) Former intelligence chief James Clapper is poised to avoid charges for allegedly lying to Congress after five years of apparent inaction by the Justice Department.

WhatsApp will not share user data with Facebook until it complies with GDPR, ICO closes investigation (TechCrunch) Facebook, its popular messaging app WhatsApp, and the UK’s Information Commissioner’s Office (ICO) have reached a truce in their long-running investigation over how Facebook and WhatsApp share user data. The ICO today announced that it has closed its investigation and concluded that Wha…

Deceptive Discovery: Second Circuit Affirms Sanctions for Mishandling of Discoverable Data (Minding Your Business) Late last month, in Klipsch Grp., Inc. v. ePRO E-Commerce Ltd., the Second Circuit affirmed a $2.7 million sanctions award against defendant ePRO after rep

March E-Discovery Update: Look Before You Post: Beware the Dangers of File-Sharing Sites (Mcguire Woods) In Harleysville Insurance Company v. Holding Funeral Home, Inc., et al., 2017 WL 4368617 (W.D. Va. 2017), an investigator for Nationwide, which owns Harleysville Insurance, uploaded a surveillance video of a fire scene to an internet-based file-sharing service called Box, Inc.

Police in Wales under investigation for covering up hack that compromised confidential reports (V3) People who filed online reports to Gwent Police at risk after security review found the website was insecure,Security,Cloud Computing ,Gwent Police,ICO,security,Jan van Vliet

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

Secure Summit DC (Washington, DC, USA, May 7 - 8, 2018) (ISC)² Secure Summit DC will assemble the best minds in cybersecurity for two days of insightful discussions, workshops and best-practices sharing. The goal of the event is to equip security leaders to tackle today's threats, as well as arm them with the knowledge, tools and expertise to protect their organizations and advance their careers. Registered attendees will be immersed in two days of insightful, strategic cybersecurity knowledge.

upcoming Events

PCI Security Standards Council Middle East and Africa Forum (Cape Town, South Africa, March 14 - 15, 2018) Don’t miss the data security event of the year for the payment card industry. Join us for: networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes and industry expert speakers. The PCI Security Standards Council’s 2018 Middle East and Africa Forum (MEAF) provides you the information and tools to help secure payment data. They lead a global, cross industry effort to increase payment security by providing industry-driven, flexible and effective data security standards and programs that help businesses detect, mitigate and prevent criminal attacks and breaches.

SecureWorld Boston (Boston, Massachussetts, USA, March 14 - 15, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

Cyber 9-12 (Washington, DC, USA, March 16 - 17, 2018) Now entering its fifth year, the Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges associated with cyber crisis and conflict. Part interactive learning experience and part competitive scenario exercise, it challenges teams to respond to a realistic, evolving cyberattack and analyze the threat it poses to national, international, and private sector interests.

Infosecurity Magazine Spring Virtual Conference (Online, March 21, 2018) Tune in on Wednesday March 21 for day two of our two-day online event to learn what’s going on at the heart of the industry. Our easy to digest format offers a mix of short sessions, panel debates and live profile interviews, all fully produced and moderated by the Infosecurity Magazine editorial team. Each day event looks into the biggest industry issues and trends creating an immersive education program featuring a large selection of high calibre speakers and specialists in their field.

3rd Annual Billington International Cybersecurity Summit (Washington, DC, USA, March 21, 2018) With confirmed speakers from Estonia, Romania, Singapore, Sweden, the United States, and Kuwait, and with attendees from many more countries, this summit brings together world-class cybersecurity thought leaders to engage in high-level information sharing, unparalleled networking and public-private partnerships from a cross-section of civilian, military and intelligence agencies, industry and academia.

Infosecurity Magazine North America Virtual Conference (Online, March 21 - 22, 2018) Tune in on Wednesday March 21 for day two of our two-day online event to learn what’s going on at the heart of the industry. Our easy to digest format offers a mix of short sessions, panel debates and live profile interviews, all fully produced and moderated by the Infosecurity Magazine editorial team. Each day event looks into the biggest industry issues and trends creating an immersive education program featuring a large selection of high calibre speakers and specialists in their field.

The Cyber Security Summit: Denver (Denver, Colorado, USA, March 22, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts. Learn from cyber security thought leaders and Engage in panel discussions focusing on trending cyber topics such as Sr. Leadership’s Best Approach to Cyber Defense, What’s Your Strategic Incident Response Plan?, Protecting your Enterprise from the Human Element and more. Your registration includes a catered breakfast, lunch, and cocktail reception. Receive half off your admission with promo code cyberwire50 at CyberSummitUSA.com and view details including the full agenda, participating solution providers & confirmed speakers. Tickets are normally $350, but only $175 with promo code.

Women in CyberSecurity 2018 (Chicago, Illinois, USA, March 23 - 24, 2018) Through the WiCyS community and activities we expect to raise awareness about the importance and nature of cybersecurity career. We hope to generate interest among students to consider cybersecurity as a viable and promising career option.

Northeast Regional Security Education Symposium (Jersey City, New Jersey, USA, March 23, 2018) The Professional Security Studies Department at New Jersey City University (NJCU) will hold its Northeast Regional Security Education Symposium on Friday, March 23, 2018, from 8 am to 2 pm. The symposium will feature discussions about national, corporate and cybersecurity implications related to the public and private sectors. This year’s symposium will take place at the NJCU School of Business’ Skyline Room, 147 Harborside Financial Center in Jersey City, NJ, with stunning views of Manhattan across the Hudson River. The event will feature a dark web overview, national security and media coverage, careers in security, and risk assessment and security.

KNOW Identity Conference 2018 (Washington, DC, USA, March 26 - 28, 2018) The premier global event for the identity industry, the KNOW Identity Conference is the nexus for identity innovation, offering a uniquely differentiated, powerful, and immersive event that convenes the world’s most influential organizations and smartest minds across industries to shape the future of identity.

SecureWorld Philadelphia (Philadelphia, Pennsylvania, USA, March 28 - 29, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

National Cyber League Spring Season (Chevy Chase, Maryland, USA, March 30 - May 25, 2018) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against cybersecurity challenges that they will likely face in the workforce. All participants play the games simultaneously during Preseason, Regular Season and Postseason. NCL allows players of all levels to enter. Between Easy, Medium and Hard challenges, students have multiple opportunities to really shine in areas as they excel. Registration for the Spring Season is 2/26/18-3/25/18.

4th Middle East Cyber Security Summit (Riyadh, Saudi Arabia, April 4 - 5, 2018) The summit will feature state of the art presentations, hackathons and technology showcasing from regional and international experts and leading technology providers. One of the focus areas of the summit will be block-chains & artificial intelligence in existing technical infrastructure in order to protect organizations from external attacks. The need of the hour is to create an ecosystem of trust aided with cybersecurity capabilities.

Cybersecurity: A Shared Responsibility (Auburn, Alabama, USA, April 8 - 10, 2018) During the 2018 SEC Academic Conference, we will explore three themes within cyber security: the underlying computer and communication technology; the economic and physical systems that are controlled by technology; and the policies and laws that govern and protect the use of information that is stored in, transmitted by, and processed with technology.

Sea-Air-Space: The Navy League’s Global Maritime Exposition (National Harbor, Maryland, USA, April 9 - 11, 2018) Join us this April for Sea-Air-Space, the largest maritime exposition in the U.S., with 275+ exhibitors displaying the latest in maritime, defense and energy technology. This year’s theme, “Learn. Compete. Win.” reminds us that every day our men and women in uniform are learning new strategies, tactics and energy technology to compete against the world's best, where winning is the only option. The challenge is always on, and Sea-Air-Space is your place to participate in interactive exhibits, professional development sessions, and open forums disclosing timely information. Hear from active duty military, government and industry leaders on key issues and future strategies for the U.S. Navy, Marine Corps, Coast Guard U.S.-flag Merchant Marine.

2018 Mississippi College Cybersecurity Summit (Clinton, Mississippi, USA, April 10 - 11, 2018) The 2018 Mississippi College Cybersecurity Summit is a conference designed to engage, educate, and raise awareness about cybersecurity across the nation. The 2018 Cybersecurity Summit will provide valuable cybersecurity tools and resources for a variety of industries and topics, including: critical infrastructure, healthcare, government, education, large and small business issues, and cryptocurrencies.

ISC West 2018 (Las Vegas, Nevada, USA, April 11 - 13, 2018) ISC West is THE largest security industry trade show in the U.S. At ISC West, you will have the chance to network with over 30,000 security professionals through New Products & Technologies encompassing everything from access control to unmanned vehicles from over 1,000 Exhibitors & Brands.

CYBERTACOS San Francisco (San Francisco, California, USA, April 16, 2018) CYBERTACOS is back and becoming one of the biggest cybersecurity networking events! Register today and join us for networking, food and drinks. This event includes a 45-minute meet the press panel made up of influential security reporters who will discuss what they are covering and how to best work with them.

RSA Conference 2018 (San Francisco, California, USA, April 16 - 20, 2018) Take this opportunity to learn about new approaches to info security, discover the latest technology and interact with top security leaders and pioneers. Hands-on sessions, keynotes and informal gatherings allow you to tap into a smart, forward-thinking global community that will inspire and empower you.

Our Security Advocates (San Francisco, California, USA, April 17, 2018) OUR Security Advocates highlights a diverse set of experts from across information security, safety, trust, and other related fields. OURSA is a single-track, one-day conference with four topic sessions. In each session, you'll hear short talks from multiple experts followed by a moderated discussion.

Industrial Control Systems (ICS) Cyber Security Conference Asia (Singapore, April 25 - 27, 2018) The Central ICS/SCADA Cyber Security Event of the Year for the APAC Region. Three days of multi-track training & workshops for days for operations, control systems and IT security professionals to connect on SCADA, DCS PLC and field controller cyber security.

INFILTRATE (Miami Beach, Florida, USA, April 26 - 27, 2018) INFILTRATE is a "pure offense" security conference aimed at the experienced to advanced practitioner. With the late-90s hacker con as its inspiration, the event has limited attendance in order to foster a close-knit, casual and open environment for speakers and attendees. There are no sponsored talks, panels or other gimmicks, just two days of carefully vetted, highly technical talks which present new research in advanced exploitation techniques, vulnerability discovery, malware/implant design, anti-forensics and persistent access. Speakers include hackers from all across the offensive spectrum. The conference also hosts advanced training classes in web hacking, exploit development, cryptanalysis, kernel exploitation, Java attacks and other techniques (April 22-25). Now in its eighth year, the two-day, single track conference is organized by Dave Aitel and Immunity Inc., and is held in warm, sunny Miami Beach.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.