The CyberWire Daily Briefing 4.9.18

Summary

By The CyberWire Staff

Late Friday and into the weekend what's thought to be a group of hacktivists defaced Iranian and Russian websites with a crudely rendered American flag and the message, "Don't mess with our elections." The defacements were relatively crude (the flag is old-school skid-work ASCII art, for one thing) but disruptive nonetheless.

The hackers exploited the recently disclosed Cisco CVE-2018-0171 Smart Install vulnerability to reset routers to their defaults and display their message. Most observers are so far inclined to accept the hackers' claims at face value—patriots who took advantage of unpatched routers to mess with Russia and Iran.

The Cisco vulnerability has been exploited elsewhere, not just in Russia and Iran (and not just for hacktivist purposes), since it became known.

As Facebook prepares to face its inquisitors on Capitol Hill this week, the platform's recent upgrades get generally poor reviews. The company has suggested more data misuse may come to light.

Britain's NCSC warned late last week that Russian actors were harvesting NT LAN Manager credentials in apparent preparation for an attack on the UK's critical infrastructure.

Sergey Skripal, former GRU officer and MI6 spy, victim of an attempted assassination with the Novichok nerve agent, has regained consciousness and is out of critical condition. His daughter Yulia, also out of critical condition, has refused to talk to the Russian consulate that sought to check on her welfare. British sources say the Skripals may be relocated with new identities to one of the other Five Eyes (probably the US).

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, Canada, China, European Union, India, Iran, Israel, Democratic People Republic of Korea, Russia, Saudi Arabia, United Kingdom, United States

Headed to RSA? Get a free pass expo pass on LookingGlass!

RSA can be hectic, but we’ll make putting together your schedule easy for you. If want to know the latest trends and technology in cybersecurity and threat intelligence, look no further than LookingGlass Booth #100 in the South Hall. We offer solutions – not more work – for your toughest security challenges. Come meet with us on the Expo floor or at our meeting suite in the Marriott – enjoy the discussion, demos, and refreshments. Get your free pass here.

On the Podcast

In today's podcast, we speak with our partners at Dragos, as Rob Lee discusses US naming and shaming policy, and offers his take on why indicting foreign hackers is a bad move.

Sponsored Events

Wombat Security at RSA Conference 2018 (San Francisco, California, United States, April 16 - 20, 2018) Cyberthreats lurk around every corner. Visit our booths at RSA to ensure you are providing your team with the tools they need to be cybersecurity heroes in your organization: South Expo 1033 and North Expo 4701. We’ll be presenting: a sneak peek at our new superhero-themed Awareness Video Campaigns; a free copy of our security awareness comic book, and previews of our newest training modules, including GDPR, Insider Threats, and Password Policy.

XM Cyber is coming to RSA (San Francisco, California, United States, April 16 - 20, 2018) Visit XM Cyber at the Israeli Pavilion, South Hall booth 635, to experience the first automated APT simulation platform to expose, assess and amend every attack path to organizational critical assets.

Cyber Job Fair, April 19, San Antonio visit ClearedJobs.Net or CyberSecJobs.com for details. (San Antonio, Texas, United States, April 19, 2018) Cleared and non-cleared cybersecurity pros make your next career move at the Cyber Job Fair, April 19 in San Antonio. Meet leading cyber employers including Bank of America, Parsons, Engility, Fulcrum and more. Visit ClearedJobs.Net or CyberSecJobs.com for details.

HackNYC2018 (New York, New York, United States, May 8 - 10, 2018) Cyber attacks are often called non-violent or non-kinetic attacks, but the simple truth is that there is a credible capability to use cyber attacks to achieve kinetic effects. Kinetic Cyber refers to a class of cyber attacks that can cause direct or indirect physical damage, injury or death solely through the exploitation of vulnerable information systems and processes. Use code CWIRE20 for 20% off the $50.00 individual ticket price.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

Iran hit by global cyber attack that left U.S. flag on screens (Reuters) Hackers have attacked networks in a number of countries including data centers in Iran where they left the image of a U.S. flag on screens along with a warning: "Don't mess with our elections", the Iranian IT ministry said on Saturday.

"Don’t Mess With Our Elections": Vigilante Hackers Strike Russia, Iran (Motherboard) Vigilante hackers have left American flags and messages on machines in Russia and Iran. The hackers tell Motherboard why they did it.

Ex-NSA man says unlikely that US involved in Iran, Russia hacks (iTWire) A former member of the NSA's elite Tailored Access Operations unit has played down what appear to be revenge attacks in the last 10 days on sites belo...

What happened to the Internet: attack on Cisco switches (Kaspersky Lab Daily) Malefactors are massively exploiting a vulnerability in Cisco switches, taking down entire segments of the Web.

Iranian & Russian Networks Attacked Using Cisco's CVE-2018-0171 Vulnerability (BleepingComputer) Last night, a hacker group going under the name "JHT" attacked foreign network infrastructure, including Russian and Iranian networks, using the Cisco CVE-2018-0171 Smart Install vulnerability. Using this vulnerability the hackers were able to reset the routers back to their default configuration and display a message to the victims.

‘A shot across the bow’: Iran’s growing cyberwar threat (Arab Weekly) US security authorities in New York have indicted nine Iranian hackers on charges of penetrating the computer systems of hundreds of US and foreign universities to steal data worth at least $3.4 billion that was sold to the Tehran regime.

Israeli websites come under cyber attack (Anadolu Agency) Hackers post images of Palestinian flags on websites, local media reports

Russia is targeting UK infrastructure through supply chains, NCSC warns (NS Tech) Russian state actors are targeting the UK's critical infrastructure by infiltrating supply chains, the National Cyber Security Centre has warned. In an advisory note published last night, NCSC confirm

Taiwanese under siege from blitz of Chinese cyberattacks (Asia Times) The island’s cyber chief revealed there were as many as 40 million attacks each month, with even President Tsai Ing-wen reportedly being targeted

Researchers Link New Android Backdoor to North Korean Hackers (SecurityWeek) The recently discovered KevDroid Android backdoor is tied to the North Korean hacking group APT37, Palo Alto Networks researchers claim.

Flashpoint - Fraudsters Leverage HTTP Injectors to Steal Internet Access (Flashpoint) Threat actors are seeking and exchanging HTTP injectors in order to gain unpaid mobile access to the internet, defrauding service providers and telecommunications companies in the process.

BSF website down, malware sending fake e-mails detected (The Times of India) India News: The website bsf.gov.in is currently offline, and a BSF spokesperson told TOI that the website has been under security audit for little over a month no

DC's Stingray Mess Won't Get Cleaned Up (WIRED) DHS this week confirmed that Washington, DC is littered with fake cell tower surveillance devices, but nothing will likely be done to fix it.

Homeland Security says it can’t counter a popular spy tool. Really? (C4ISRNET) StingRays gather information from cellphones by sending out a signal that tricks them into connecting to it, but the Department of Homeland Security says it has no solution to countering the technology.

Misconfigured cloud storage leaves 1.5b sensitive files exposed (Computer Business Review) Exposed Amazon S3 buckets, rsync, SMB, FTP servers, misconfigured websites, and NAS drives all to blame, says report by Digital Shadows

Necurs Botnet to Erupt This Month? (SecurityWeek) Historical patterns and recent activity, including three small-volume test attacks, it's looking extremely likely that another major Necurs malware outbreak may happen soon.

Data firm that worked on Brexit suspended by Facebook (Ars Technica) But the company says all allegations are untrue.

Facebook secretly tried to get hospitals to share patient data (CSO Online) More fallout from the Facebook privacy scandal includes the fact that the social media company has been talking with hospitals about sharing patient data with it.

Malicious actors used Facebook's own tools to scrape most users' public info (Help Net Security) Facebook has disabled a search tool that allowed anyone to enter a person’s phone number or email address into Facebook and find their account and has announced changes to its account recovery tool. The reason behind this decision? "Malicious actors" have abused these features to scrape public profile information.

Facebook's Sandberg Says Other Cases of Data Misuse Possible (SecurityWeek) Facebook was aware more than two years ago of Cambridge Analytica's harvesting of the personal profiles of up to 87 million users and cannot rule out other cases of abuse of user data.

Facebook COO Sheryl Sandberg says the company is not a surveillance operation (MarketWatch) Sandberg did say the company was ‘way too idealistic’ about privacy and data protection.

Facebook To Tighten Grip On Political Ads, As Zuckerberg Heads To Hill (Roll Call) Facebook CEO Mark Zuckerberg endorsed bipartisan legislation to regulate digital ads and will take internal steps to curb toxic political advertisements.

T-Mobile Stores Part of Customers' Passwords In Plaintext, Says It Has 'Amazingly Good' Security (Motherboard) A T-Mobile Austria customer representative made a shocking admission in a Twitter thread.

Beware of Bing Chrome Download Ads Pushing Adware/PUP Installers (BleepingComputer) When using a search engine to search for software download links, be sure to go directly to the developer's site rather than clicking on an advertisement as you may not get what you are expecting. Such is the case with an advertisement currently being displayed in Bing for the search phrase "chrome download", which instead of bringin

Raróg Crypto-Miner Allows Affordable Criminality (Infosecurity Magazine) It mines unsuspecting victim machines for Monero and other virtual currencies, but its most unusual characteristic is how cheap it is.

Kaspersky Warns Of Cryptocurrencies’ Mining Using Legal Applications (Forbes Middle East) Kaspersky Lab has warned of a new trend by cyber criminals who are mining cryptocurrencies through legitimate applications without user’s knowledge.

Consumer Crypto-miners Soar 4000% in Q1 (Infosecurity Magazine) Consumer Crypto-miners Soar 4000% in Q1. Malwarebytes sees nefarious mining activity continue to hit users and businesses

Bots on Twitter share two-thirds of links to popular websites: Pew (TechCrunch) It’s official: Bots are doing a lot of PR grunt work on Twitter — especially when it comes to promoting porn websites. That perhaps unsurprising conclusion about what automated Twitter accounts are link sharing comes courtesy of a new study by the Pew Research Center which set out to qu…

Disinfo News: Doing the Kremlin’s Work: A Fake Twitter Troll Pushes Many Opinions (POLYGRAPH.info) On one day in late March, Twitter followers curious about Syria, Yemen and Libya could find a tweeter who calls himself “Ian56” tweeting about all those topics and more. “Ian56” also had things to say

Beware the human aspect of social engineering attacks (SecurityInfoWatch.com) The motivations for social engineering range from espionage and competitive research to electronic crimes and data theft

New Strain of ATM Jackpotting Malware Discovered (SecurityWeek) ATMJackpot malware appears to be still under development, and to have originated in Hong Kong, but are no current details of any deployment or use.

Jbifrost Is Back Phishing Emails Spread A Version Of Adwind Rat (Spyware.Techie) Over the last few months we have seen several cases of Remote Access Trojan (RAT) infections, and here we would like to cover at least two cases that stood out

Atlanta takes down water department website two weeks after cyber attack (Business Insider) Atlanta took down its water department website indefinitely on Thursday, two weeks after a ransomware cyber attack tore through the city's computer systems in one of the most disruptive hacks ever to strike a U.S. local government.

Don’t Give Away Historic Details About Yourself (KrebsOnSecurity) Social media sites are littered with seemingly innocuous little quizzes, games and surveys urging people to reminisce about specific topics, such as “What was your first job,” or “What was your first car?”

One of the country’s biggest publishers of fake news says he did it for our own good (Boston Globe) Experts say he’s one of the largest publishers of fake news on the Internet. Christopher Blair says he’s a satirist. The truth, in the Internet age, is hard to define.

Critical Flaws Expose Natus Medical Devices to Remote Attacks (SecurityWeek) Critical vulnerabilities expose neurodiagnostic devices from Natus to remote hacker attacks, Cisco warns

Two overlooked healthcare areas vulnerable to cyberattacks (MedCity News) A research paper from Trend Micro and HITRUST looked at exposed medical devices and supply chains, both of which are neglected network risks in hospitals.

Security Patches, Mitigations, and Software Updates

April Patch Tuesday forecast: Expect updates for Adobe Flash, others (Help Net Security) Chris Goettl, Manager of Product Managment, Security, Ivanti offers an April 2018 Patch Tuesday forecast covering Microsoft, Adobe and Oracle.

Hours after Zuck deletion scandal, Facebook announces new unsend feature (Ars Technica) How stupid does Facebook think we are?

Cyber Trends

SECURITY: Attack on natural gas network shows rising cyberthreat (E&E News) A cyberattack on a natural gas service provider late last month has spilled into the electricity sector, underscoring the growing threat hackers pose to critical energy systems.

Hayden: A World Both Dangerous and More Complicated (The Cipher Brief) “The world has been more dangerous, but it has never been more complicated," Hayden said as he introduced The Cipher Brief's 2018 Annual Threat Report.

GDPR Privacy Policy Fail: Only 34% of EU Sites Compliant (Infosecurity Magazine) GDPR Privacy Policy Fail: Only 34% of EU Sites Compliant. Firms need to crack on ahead of deadline next month

Marketplace

Cyberinsurance Tackles the Wildly Unpredictable World of Hacks (WIRED) Insuring against hacks and breaches can be a lucrative business—but also presents unique challenges.

Armis raises $30 million Series B as enterprise IoT security heats up (TechCrunch) When Armis launched in 2015, the company founders looked over the horizon and they saw the Internet of Things requiring a strong security layer. Today, the IoT security startup announced a $30 million Series B. The company has attracted a strong group of venture capitalists. The round was led by Ba…

Jim Cramer: Cybersecurity Stocks Are the Ultimate Winners (Real Money) Here's why these stocks have replaced the semis as the group to go to.

Clearwater cybersecurity company is a funding standout in Florida (Tampa Bay Business Journal) KnowBe4, a cybersecurity training company in Clearwater, is the best-funded cybersecurity firm in Florida.

Products, Services, and Solutions

Facebook urged to make GDPR its “baseline standard” globally (TechCrunch) Facebook is facing calls from consumer groups to make the European Union’s incoming GDPR data protection framework the “baseline standard for all Facebook services”. The update to the bloc’s data protection framework is intended to strengthen consumers’ control over ho…

What Search Engines Really Provide a “Private” Browsing Experience? (InCyberDefense) <p>Google knows almost everything about you. Even if anonymity is not your priority, there are other search engines that can help you hide your queries.</p>

New Professional Services From SentryOne (PR Newswire) SentryOne today launched new Professional Services offerings aimed at...

Technologies, Techniques, and Standards

How the Facebook fallout could hurt intel agencies (C4ISRNET) Many government organizations have come to rely on social media aggregators for mission critical Open Source Intelligence. What happens if new legal restrictions are put in place?

LockCrypt Ransomware Cracked Due to Bad Crypto (BleepingComputer) The team at Malwarebytes has identified a weakness in the encryption scheme utilized by the LockCrypt ransomware that they can exploit to recover a victim's data.

5 common browser security threats, and how to handle them (TechRepublic) Web browsers are designed to store information for your convenience, but that information can also fall into the wrong hands. Here are some simple tips for preventing that situation.

New Army, Navy Cyber Mission teams deploy ahead of schedule (FederalNewsRadio.com) The Army and Navy have begun releasing these Cyber Mission Forces (CMF) into the wilds of their network protection efforts.

The first tests for the Marines’ information warfare teams (C4ISRNET) Through a variety of exercises, the Marine Corps continues to integrate the Marine Expeditionary Force Information Groups and information-related capabilities with traditional forces.

Design and Innovation

Any Hope for Cyber Deterrence Goes Out the Window with AI (TechNative) As all things cyber rise to the forefront of the collective conscious, talk of cyber deterrence continues to be debated in state capitals as well as among thought leaders, politicians, and military officials.

Even if governments backdoor crypto, they still won't be able to spy on terrorists (Boing Boing) Even if governments backdoor crypto, they still won't be able to spy on terrorists

Academia

University of New Haven Offers Annual Free, GenCyber Security and Forensics Camp for Teens (University of New Haven) The University of New Haven's Tagliatela College of Engineering will offer, for the second year in a row, Connecticut's only GenCyber security and forensics camp for high school students, the GenCyber Agent Academy.

These are the folks who will protect the nation from hackers. They did battle Saturday in Richland (tri-cityherald) Students from across the nation competed to protect the nation’s energy grid at PNNL. These students are learning how to protect the nations computer systems.

Hood announces launch of cybersecurity program (The Frederick News-Post ) Hood College officially launched its master’s degree program in cybersecurity Thursday evening with an inaugural lecture from former National Security Agency Director Gen. Keith Alexander.

Legislation, Policy and Regulation

U.S. Orders Americans to Leave Blacklisted Russian Firms (Wall Street Journal) The Trump administration's latest round of sanctions on Russian oligarchs will echo through the U.S., as well as Moscow: Americans at blacklisted companies — or on their boards of directors — will have to leave their roles.

Russia Readies Telegram Ban After App Refused to Hand Over Encryption Keys to FSB (BleepingComputer) Roskomnadzor, Russia's telecommunications watchdog, has filed today a lawsuit against instant messaging app Telegram, asking a Moscow court to rule in favor of restricting access to the service inside Russia's borders.

As Zuckerberg Prepares to Testify, Questions Grow Over How to Protect Data (Wall Street Journal) CEO Mark Zuckerberg’s testimony in Congress about Facebook’s recent data-privacy scandal will likely prompt a raft of questions over how the government might best regulate social-media platforms.

The Facebook Debacle Makes it Clear: The US Needs Stronger Privacy Laws (WIRED) Opinion: The Cambridge Analytica scandal makes it clear: The US should pass a privacy law that gives consumers the protections they deserve.

Government throws support behind new US data law (ARN) Australian Government backs new US legislation, designed to enable law enforcement agencies to access domestic or overseas data with a warrant.

Cyberbullying law to be proclaimed soon, justice minister says (The Chronicle Herald) By most accounts, a lot has changed since the 2013 death of Rehtaeh Parsons.

Federal funds to bolster election cybersecurity may not be enough (Fifth Domain) Last summer, with an important Illinois election season months away, Shelby County officials in central Illinois feared that their outdated voting equipment wouldn’t be approved for use by the State Board of Elections.

OMB seeks comment on draft cyber credential policy (Fifth Domain) The policy would require agencies to develop and coordinate on identity management and access protocols that could be used across the federal government.

Forget the Trade War. China Wants to Win the Computing Arms Race (Bloomberg.com) As the U.S. and China threaten to impose tariffs on goods from aluminum to wine, the two nations are waging a separate economic battle that could determine who owns the next wave of computing.

Which States Have Net Neutrality Laws? (Motherboard) The varied reaction to the FCC’s decision to repeal federal protections has been tough to follow. Here’s our breakdown of the current status of each state’s response.

Litigation, Investigation, and Enforcement

Former Russian Spy No Longer in Critical Condition After Poisoning (Wall Street Journal) Former Russian double agent Sergei Skripal’s recovery offers U.K; investigators an opportunity to shed light on crucial details about the attack.

Sergei and Yulia Skripal offered new identities with CIA help (Times) Sergei and Yulia Skripal will be offered new identities and a new life in America in an attempt to protect them from further murder attempts. Intelligence officials at MI6 have had discussions with...

SEC Halts $27M in Stock Sales Tied to Crypto Company Longfin (New York Law Journal) Longfin chief executive Venkat Meenavalli and three others are charged with illegal sales of the crypto company's stock.

FBI Seizes Backpage.com, a Site Criticized for Sex-Related Ads (Wall Street Journal) Federal law enforcement agencies have seized Backpage.com, a controversial classified-ads website known for its numerous sex-related postings.

Ground zero in Russia's hack of U.S. election infrastructure (60 Minutes) 60 Minutes investigates Russia’s widespread cyberattack against state voting systems

Texts, Spies, And Audiotapes: A Shadowy Operative In His Own Words (RadioFreeEurope/RadioLiberty) Before he was dubbed the elusive 'Person A' by U.S. prosecutors investigating Kremlin interference, a Russian-Ukrainian political operative and alleged spy spoke exclusively on the record to RFE/RL about Paul Manafort and more.

Mark Zuckerberg is confirmed to testify in front of Congress (Quartz) This is Zuckerberg's first confirmed appearance in front of lawmakers.

Mark Zuckerberg’s Washington Mission: Stay Cool in a Very Hot Seat (Wall Street Journal) Facebook CEO Mark Zuckerberg faces lawmakers this week in what are likely to be contentious hearings about privacy that will be a broader test of how effectively he can guide his social-media giant.

Zuckerberg Gets a Crash Course in Charm. Will Congress Care? (New York Times) Mark Zuckerberg, Facebook’s chief, faces his biggest test yet: two days in the hot seat on Capitol Hill. The company has pulled out the stops to make sure he’s ready.

Groups Allege YouTube Is Violating Law That Protects Kids (WIRED) In complaint to the FTC, child-health, privacy, and consumer groups say YouTube is targeting kids improperly.

Sue internet giants over 'online crime', urges chief constable (Computing) Chief constable of Devon and Cornwall Police urges victims of crime to sue Facebook, Google and others over crimes facilitated via their platforms

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

Sea-Air-Space: The Navy League’s Global Maritime Exposition (National Harbor, Maryland, USA, April 9 - 11, 2018) Join us this April for Sea-Air-Space, the largest maritime exposition in the U.S., with 275+ exhibitors displaying the latest in maritime, defense and energy technology. This year’s theme, “Learn. Compete. Win.” reminds us that every day our men and women in uniform are learning new strategies, tactics and energy technology to compete against the world's best, where winning is the only option. The challenge is always on, and Sea-Air-Space is your place to participate in interactive exhibits, professional development sessions, and open forums disclosing timely information. Hear from active duty military, government and industry leaders on key issues and future strategies for the U.S. Navy, Marine Corps, Coast Guard U.S.-flag Merchant Marine.

2018 Mississippi College Cybersecurity Summit (Clinton, Mississippi, USA, April 10 - 11, 2018) The 2018 Mississippi College Cybersecurity Summit is a conference designed to engage, educate, and raise awareness about cybersecurity across the nation. The 2018 Cybersecurity Summit will provide valuable cybersecurity tools and resources for a variety of industries and topics, including: critical infrastructure, healthcare, government, education, large and small business issues, and cryptocurrencies.

ISC West 2018 (Las Vegas, Nevada, USA, April 11 - 13, 2018) ISC West is THE largest security industry trade show in the U.S. At ISC West, you will have the chance to network with over 30,000 security professionals through New Products & Technologies encompassing everything from access control to unmanned vehicles from over 1,000 Exhibitors & Brands.

Decompiling the Government: Getting Technologists and Policymakers to Speak the Same Language (Arlington, Virginia, USA, April 12, 2018) With the support of the Hewlett Foundation, the National Security Institute is excited to host “Decompiling the Government: Getting Technologists and Policymakers to Speak the Same Language.” This networking event brings together technologists and leading policymakers to bridge the gap between non-technical and technical cyber professionals.

CYBERTACOS San Francisco (San Francisco, California, USA, April 16, 2018) CYBERTACOS is back and becoming one of the biggest cybersecurity networking events! Register today and join us for networking, food and drinks. This event includes a 45-minute meet the press panel made up of influential security reporters who will discuss what they are covering and how to best work with them.

RSA Conference 2018 (San Francisco, California, USA, April 16 - 20, 2018) Take this opportunity to learn about new approaches to info security, discover the latest technology and interact with top security leaders and pioneers. Hands-on sessions, keynotes and informal gatherings allow you to tap into a smart, forward-thinking global community that will inspire and empower you.

Our Security Advocates (San Francisco, California, USA, April 17, 2018) OUR Security Advocates highlights a diverse set of experts from across information security, safety, trust, and other related fields. OURSA is a single-track, one-day conference with four topic sessions. In each session, you'll hear short talks from multiple experts followed by a moderated discussion.

5th Annual Cybersecurity Summit (McLean, Virginia, USA, April 24, 2018) Join the Potomac Officers Club for the Fifth Annual Cybersecurity Summit to hear from public and private sector leaders on how federal agencies can improve their respective data security measures.

Secutech (Taipei, Taiwan, April 25 - 27, 2018) To meet the rising demand for intelligent and customised solutions, Secutech converges security and safety, ICT, IoT, artificial intelligence, big data, edge computing, intelligent video analytics and deep learning to enable you to create new value in the rapidly evolving market, and provide intelligent solutions in factory, retail, healthcare, transportation, home, building and safe city sectors.

Industrial Control Systems (ICS) Cyber Security Conference Asia (Singapore, April 25 - 27, 2018) The Central ICS/SCADA Cyber Security Event of the Year for the APAC Region. Three days of multi-track training & workshops for days for operations, control systems and IT security professionals to connect on SCADA, DCS PLC and field controller cyber security.

INFILTRATE (Miami Beach, Florida, USA, April 26 - 27, 2018) INFILTRATE is a "pure offense" security conference aimed at the experienced to advanced practitioner. With the late-90s hacker con as its inspiration, the event has limited attendance in order to foster a close-knit, casual and open environment for speakers and attendees. There are no sponsored talks, panels or other gimmicks, just two days of carefully vetted, highly technical talks which present new research in advanced exploitation techniques, vulnerability discovery, malware/implant design, anti-forensics and persistent access. Speakers include hackers from all across the offensive spectrum. The conference also hosts advanced training classes in web hacking, exploit development, cryptanalysis, kernel exploitation, Java attacks and other techniques (April 22-25). Now in its eighth year, the two-day, single track conference is organized by Dave Aitel and Immunity Inc., and is held in warm, sunny Miami Beach.

Automotive Cybersecurity Summit 2018 (Chicago, Illinois, USA, May 1 - 8, 2018) Smart Vehicles. Smart Infrastructures. The 2nd annual Automotive Cybersecurity Summit brings together public and private-sector manufacturers, suppliers, assemblers, technology providers and V2X partners to discuss the increasingly complex and interdependent relationships between smart vehicles and ever-expanding smart infrastructures. The SANS Automotive Cybersecurity Summit was created to develop and foster a culture of cyber-awareness in organizations across the vehicle supply chain as we work together to understand risks, safeguard organizations, their products, and their customer from the evolving threat landscape.

Application of the Law of War to Cyber Operations (Washington, DC, USA, May 3, 2018) Cyber law experts meeting at the George Washington University will cover Title 10 vs. Title 32 vs. Title 50 and the lawful and operational restrictions related to these authorities. The panelists will discuss the legal processes of projecting power in the domain of cyberspace and what capabilities require legal review relating to Defensive Cyberspace Operations (DCO) -- both Internal Defense Measure (IDM) and Response Actions (RA) -- as well as Offensive Cyberspace Operations (OCO).

Global Cyber Security in Healthcare & Pharma Summit (London, England, UK, May 3 - 4, 2018) The number of cyber-attacks in healthcare is on the rise, and the industry must do more to prevent and respond to these incidents. The Global Cyber Security in Healthcare & Pharma Summit 2018 will bring together high-level representatives from around the globe to create a cybersecurity roadmap for the future. Attendees will come from all areas of cybersecurity for the healthcare, medical devices and pharmaceutical sectors. Experts will examine the cybersecurity landscape in these three industries, with a particular focus on strategies for protection and incident response, as well as on business/regulatory considerations. Central to the aims of this event is facilitating collaboration and cooperation amongst the diverse stakeholders that will be in attendance.

Secure Summit DC (Washington, DC, USA, May 7 - 8, 2018) (ISC)² Secure Summit DC will assemble the best minds in cybersecurity for two days of insightful discussions, workshops and best-practices sharing. The goal of the event is to equip security leaders to tackle today's threats, as well as arm them with the knowledge, tools and expertise to protect their organizations and advance their careers. Registered attendees will be immersed in two days of insightful, strategic cybersecurity knowledge.

HACKNYC (New York, New York, USA, May 8 - 10, 2018) The recent flood of data breach news may numb us to the threat of attacks with kinetic effects--direct or indirect physical damage, injury, or death. Hack NYC focus’ on our preparation for, and resilience to, the genuine potential for kinetic cyber attack. Be part of defining solutions and illuminate risks aimed at critical national Infrastructure. Hack NYC is about sharing big ideas on how we will fortify our daily life and economic vitality. The threat of attack aimed at Critical National Infrastructure is real as services supporting our communities and businesses face common vulnerabilities and an unspoken kinetic threat.

Insider Threat Program Management With Legal Guidance Training Course (Herndon, Virginia, USA, May 8 - 9, 2018) This training will provide the ITP Manager, Facility Security Officer, and others (CIO, CISO, Human Resources, IT, Etc.) supporting an ITP, with the knowledge and resources to develop, manage, or enhance an ITP. A licensed attorney with extensive experience in Insider Threats and Employment Law, will provide legal guidance related to ITP's, the collection, use and sharing of employee information, and employee computer user activity monitoring. Insider Threat Defense has trained over 500+ organizations and has become the "Leader-Go To Company" for ITP Management Training.

SecureWorld Kansas CIty (Kansas City, Missouri, USA, May 9, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

Cyber Investing Summit (New York, New York, USA, May 15, 2018) Now in its third year, the Cyber Investing Summit is an all-day conference focusing on investing in the cyber security industry, which is predicted to exceed $1 trillion in cumulative spending on products and services over the next five years from 2017 to 2021. Panels will explore the financial opportunities, trends, challenges, and investment strategies available in the high growth cyber security sector. Speakers include leading cyber professionals, technology analysts, venture capitalists, fund managers, investment advisors, government experts, and more. Attendees will have the opportunity to network with key influencers in the investment and cyber security industries. A cocktail reception will be held following the presentations.

Third Annual Cyber Investing Summit (New York, New York, USA, May 15, 2018) Renowned cyber security executive David DeWalt will deliver the keynote address at the Third Annual Cyber Investing Summit. The Cyber Investing Summit is a unique all-day conference focused on the financial opportunities available in the rapidly growing cyber security industry. Panels will explore sector investment strategies, market growth forecasts, equity valuations, merger and acquisition activity, cryptocurrency protection, funding for startups, and more. Speakers include leading Chief Information Security Officers, VC founders, financial analysts, cyber security innovators from publicly traded and privately held companies, and government experts.

The Cyber Security Summit: Dallas (Dallas, Texas, USA, May 15, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts. Learn from cyber security thought leaders and Engage in panel discussions focusing on trending cyber topics such as Sr. Leadership’s Best Approach to Cyber Defense, What’s Your Strategic Incident Response Plan?, Protecting your Enterprise from the Human Element and more. Your registration includes a catered breakfast, lunch, and cocktail reception. Receive half off your admission with promo code cyberwire50 at CyberSummitUSA.com and view details including the full agenda, participating solution providers & confirmed speakers. Tickets are normally $350, but only $175 with promo code.

Digital Utilitites Europe (Amserdam, the Netherlands, May 16 - 17, 2018) The conference will bring together key industry stakeholders to address the current challenges of the digitisation in the utilities sector. Join us in Amsterdam to hear latest business case studies and gain insight into technological advancements within the industry, as well as unique strategies utilised by to meet demands of rapidly changing energy consumer/prosumer market.

SecureWorld Houston (Houston, Texas, USA, May 17, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

Ignite18 (Anaheim, California, USA, May 21 - 24, 2018) Palo Alto Networks' sixth annual conference features highly technical insights based on firsthand experiences with next-generation security technologies, groundbreaking new threat research, or innovative technical best practices. Don’t miss this outstanding opportunity to share your expertise with our Ignite community of distinguished security professionals and researchers.

PCI Security Standards Council’s Asia-Pacific Community Meeting (Tokyo, Japan, May 23 - 24, 2018) Join us for: networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes and industry expert speakers. The PCI Security Standards Council’s 2018 Asia-Pacific Community Meeting is the place to be. We provide you the information and tools to help secure payment data. We lead a global, cross industry effort to increase payment security by providing industry-driven, flexible and effective data security standards and programs that help businesses detect, mitigate and prevent criminal attacks and breaches.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.