current issue – 12.2.16

Delta Risk - Top 10 Cyber Incident Pain Points

Greetings!

THE CYBERWIRE (Friday, December 2, 2016) — TalkTalk and the British Post Office were hit with a distributed denial-of-service attack Sunday. The incident was smaller than the one that afflicted Deutsche Telekom: about 100,000 UK customers were knocked offline. A Mirai IoT botnet is implicated (the botmasters again tell affected customers they're sorry).

Shamoon continues to bedevil Saudi networks, destroying data in several sectors. Civil aviation is thought to be particularly affected by the Iranian malware.

WikiLeaks doxes the Bundesnachrichtendienst (BND) over its relationship with the US NSA. WikiLeaks also sustained a four-hour outage yesterday, and speculators speculate on a priori grounds that the incident was retaliatory DDoS.

Russian authorities say they've uncovered "a plot" by unnamed foreign intelligence services (but they're looking at you, Vice President Biden, you spymaster you) to disrupt Russia's banking system with a mix of cyberattacks and information operations designed to foment financial panic. These statements have a certain symmetry with concerns expressed in the US over Russian election hacking. On that election hacking, FireEye describes Russian intelligence services as having "weaponized social media," and says those services no longer appear to care, much, about their activities remaining undetected. Several US Senators have asked the White House to reveal more of what they think the White House knows about Russian attempts to influence the election.

A careless police investigator seems to have exposed documents relevant to Europol terror investigations.

In good news, an international police operation (involving the FBI, the NCA, the Bundeskriminalamt, and others) has taken down the Avalanche cyberfraud ring.

[250]

A quick word to our readers about sponsoring the CyberWire—there are a few sponsor slots available for 2017, but they're going fast. Learn more here.

Today's edition of the CyberWire reports events affecting Australia, Canada, China, the European Union, Germany, Iran, Italy, Japan, the Netherlands, Poland, Russia, Saudi Arabia, Ukraine, the United Kingdom, and the United States.

On the Podcast

The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we hear from our partners at the University of Maryland's Center for Health and Homeland Security, as Ben Yelin reviews the continuing revelations from the Playpen case. He'll also take up the related issues of the activation of the amendment to Rule 41, and what that means for US law enforcement in cyberspace. describes the challenges of including encryption in ransomware. Our guest John Dickson from the Denim Group will discuss privacy, cybersecurity, and surveillance policy under the new US Presidential Administration.

A special edition of our Podcast up is up as well—the topic is venture capital. In it we examine the current state of investment in cyber security, speak to experts in the field, and learn from top cyber security-focused venture capitalists about what they expect before they invest.

As always, if you enjoy the podcasts, we invite you to please consider giving it an iTunes review.

Sponsored Events

AlienVault USM Webcast (Live Webcast, December 1, 2016) Find threats lurking on your systems with host-based intrusion detection and AlienVault USM.

NCCoE Speaker Series: Understanding, Detecting & Mitigating Insider Threats (Rockville MD, USA, December 6, 2016) Your employees could be your biggest cybersecurity risk. Join us to learn more.

Selected Reading

Cyber Events (11)

Cyber Attacks, Emerging Threats, and New Vulnerabilities

Talk Talk and Post Office routers knocked offline in cyber attack (Telegraph) A cyber attack has left tens of thousands of Post Office and Talk Talk broadband customers without internet this week…

Hackers Say Knocking Thousands of Brits Offline Was an Accident (Motherboard) A new zombie army of hacked Internet of Things devices forced thousands of Brits offline, as hackers tried to expand the reach of their botnet…

Mirai Fingered for Massive Post Office and TalkTalk Outage (Infosecurity Magazine) Over 100,000 Post Office and TalkTalk broadband customers have been taken offline after their routers were targeted by what appears to be a version of the infamous Mirai IoT malware…

Infoblox On This Week’s Deutsche Telekom Attack (Information Security Buzz) A failed Mirai botnet attack left 900,000 of Deutsche Telekom’s network customers without Internet this weekend (continuing into this week) after a botched attempt to hijack consumer routers in Germany. The large-scale attack was designed to quietly recruit the devices for a wider botnet attack and follows on from findings released this week which found that cybercriminals have begun exploiting a critical flaw that may be in millions of home routers…

WikiLeaks releases 2,000 files from German inquiry into NSA spying scandal (International Business Times) Whistleblowing website WikiLeaks has released a 90GB-sized trove of data relating to the ongoing German parliamentary inquiry into the relationship between the county's foreign intelligence agency – the Bundesnachrichtendienst (BND) – and the National Security Agency (NSA)…

WikiLeaks Suffered A Mysterious Outage For 4 Hours: Victims Of A DDoS Attack? (IT Tech Post) The radical transparency website WikiLeaks suffered a suspicious outage on December 1 for 4 hours, and many social media users quickly speculated that this situation could have been the result of another distributed-denial-of-service (DDoS) cyber strike, which has been very known this year after it attacked major websites as Twitter, Spotify and GitHub…

Russia says foreign spies plan cyber attack on banking system (Reuters) Russia said on Friday it had uncovered a plot by foreign spy agencies to sow chaos in Russia's banking system via a coordinated wave of cyber attacks and fake social media reports about banks going bust…

Russia Weaponized Social Media in U.S. Election, FireEye Says (Bloomberg) Attempts to hack the campaign were unprecedented, DeWalt says. Senate Democrats want data on Russian hacking declassified…

Mandia: Russian State Hackers Changed The Game (Dark Reading) Founder of Mandiant and FireEye CEO says Russia doesn't appear to want to cover its tracks anymore…

Is the White House Hiding Secrets About Russia's Role in the Election? (Atlantic) Seven senators have asked President Obama to declassify additional information about the Kremlin’s possible involvement.…

Reports of a Facebook fake news detector are apparently a plugin (TechCrunch) Update: The feature appears to be an implementation of the Chrome plugin B.S. Detector, which some users took as a test by Facebook itself. We’ll continue to investigate but for now it looks like this is not a Facebook feature. Yes, the irony is rich…

Shamoon virus returns in new Gulf cyber attacks after four-year hiatus (Reuters) A version of Shamoon, the destructive computer virus that crippled tens of thousands of computers at Middle Eastern energy companies four years ago, was used in mid-November to attack computers in Saudi Arabia and elsewhere in the region, according to U.S. security firms…

Data-wiping malware strikes Saudi government agencies (CSO) Several government bodies and vital installations experience the attack from malware known as Shamoon…

Cyberattack sidelines Saudi transportation sector as hackers target government offices (Washington Times) Saudi Arabia said Thursday that its government was subjected to a significant cyberattack last month believed to have been waged using a variant of the same malware that crippled its state-owned oil company in 2012…

Saudi Arabia hit by wave of cyber attacks, Iran blamed (Computing) Civil aviation authority hit by data destroying malware…

Europol Suffers Data Breach as Employee Takes Home Files on Terrorist Suspects (Bleeping Computer) Reporters from a Dutch television station said today they've discovered files from Europol investigations into possible terrorist suspects on an unprotected hard drive connected to the Internet…

Europol blames rogue officer for leak of 700 pages of data on serious crimes across Europe (Coputing) Data on 54 European investigations leaked following security breach by "experienced" officer…

Shodan finds confidential Europol terrorist dossiers (SC Magazine) Unprotected classified Europol files were linked to the internet and accessible via a hard drive found through Shodan…

Europol Left Red-Faced After Terror Data Leak (Infosecurity Magazine) Europol has launched an internal investigation after an officer accidentally exposed highly sensitive material on terror suspects online after contravening internal security policies…

Security got first clue of San Fransisco Muni hackers (Socpedia) It had become the talk of the town ever since hackers attacked ticket vending machines of San Francisco Municipal Transportation with ransomware. To everyone’s amazement, the screen showed ‘You hacked, All data encrypted’…

A Brief History of the Ransomware Threat (MSPmentor) It is not clear why there wasn't much activity between the first known ransomware attack and the mid-1990s, when antivirus began to be a common defense …

At least 10 million Android users imperiled by popular AirDroid app (Ars Technica) For six months, the remote management app has opened users to code-execution attacks…

AirDroid app opens millions of Android users to device compromise (Help Net Security) Tens of millions of users of AirDroid, a remote management tool for Android, are vulnerable to man-in-the-middle attacks that could lead to data theft and their devices being compromised through fraudulent updates…

New SmsSecurity Variant Roots Phones, Abuses Accessibility Features and TeamViewer (TrendLabs Security Intelligence Blog) In January of 2016, we found various “SmsSecurity” mobile apps that claimed to be from various banks. These apps supposedly generated one-time passwords (OTPs) that account holders could use to log into the bank; instead they turned out to be malicious apps that stole any password sent via SMS messages. These apps were also capable of receiving commands from a remote attacker, allowing them to take control of a user’s device…

One Bit To Rule A System: Analyzing CVE-2016-7255 Exploit In The Wild (TrendLabs Security Intelligence Blog) Recently, Google researchers discovered a local privilege escalation vulnerability in Windows which was being used in zero-day attacks, including those carried out by the Pawn Storm espionage group. Microsoft was able to release a patch by the next Patch Tuesday, November 8. This entry provides a complete analysis of the vulnerability based on samples acquired in the wild…

E-Cigarettes Are Spreading Malware (Wapack Labs) Suspect Chinese e-cigarette manufacturers are hardcoding USB charging units with malware. If an infected e-cigarette USB charger is used to connect with a computer, malware can be downloaded. This information is being supplied for your situational awareness…

Insecure pacemakers can be easily hacked (Help Net Security) A group of researchers has discovered that it’s not that difficult for a “weak adversary” with limited resources and capabilities to fiddle with or even shut down a variety of insecure pacemakers and Implantable Cardioverter Defibrillators (ICDs), putting the lives of the individuals who use them in jeopardy…

Your Tinder Account could be hacked. (Panda Mediacenter) Security researchers have discovered that two of the world’s most popular mobile dating apps can be hacked, exposing sensitive user data in the process. The team from the University of South Australia ran a series of tests, proving that a number of personal details could be extracted from the apps relatively easily…

Uber now collecting location data even after you leave a driver’s car (Naked Security) Last year, Uber gave us a heads-up about its new privacy policy and how it had given itself permission to routinely track our locations even after we’ve left the car, following us as we sally forth into businesses, cross the street, or head for our doctors’ appointments, even if the app is only running in the background…

New “TV” app from Apple raises security and net neutrality concerns (IPVanish) A new app for tvOS aptly called “TV” was unveiled during an Apple event in late October…

Online credit card fraud up 20% Black Friday to Cyber Monday (Help Net Security) Iovation released new data that shows card-not-present fraud increased significantly from Black Friday to Cyber Monday 2016 when compared to the same period in past years…

Security Patches, Mitigations, and Software Updates

Firefox and Tor users update now: 0-day exploit in the wild (Naked Security) If you’re a Firefox user or, even more importantly, a Tor Browser user, make sure you have the latest update…

Moxa Fixes NPort Device Holes (Insudtrial Safety and Security Source) Moxa produced new firmware versions to mitigate vulnerabilities in its NPort serial device servers first identified in April, according to a report with ICS-CERT…

Lenovo: If you value your server, block Microsoft's November security update (Register) UEFI scramble for frozen boxes…

Cyber Trends

Experian issues five predictions for data breaches in the coming year (GSN) While many companies have data breach preparedness on their radar, it takes constant vigilance to stay ahead of emerging threats and increasingly sophisticated cybercriminals. To learn more about what risks may lie ahead, Experian Data Breach Resolution releases its fourth annual Data Breach Industry Forecast white paper…

Machine learning: A new cyber security weapon, for good and ill (Computerworld) Machine learning may be able to boost information security, but it can also be potentially employed by cyber criminals…

Faceless and faithless: A true depiction of today’s cyber-criminals? (IT Pro Portal) Hackers have been maligned by those who do not have our best interests at heart…

Migrating to cloud is no security solution; here’s why it is a collective effort (Financial Express) According to the Forcepoint 2017 Cyber Security Prediction report, organisations think they get inherent security just by migrating to the cloud…

Travelers are ‘easy targets’ for online financial crime when abroad (IT News Africa) As holiday season begins, many are looking forward to spending some much needed time away from home. Others will be on vacations abroad and spending money is inevitable. Travelers need to be wary of online financial operations…

Cyber Security: It's About Creating A Strong Defense Mechanism (CXO Today) The IT security industry is clearly responding to an ever increasing number (and complexity) of attacks. In a recent conversation with CXOtoday, Sanjai Gangadharan, Regional Director, SAARC, A10 Networks, explains that as cyber-attacks take various forms, it is important to understand all the possible modes of assault, and guard against them…

Marketplace

Exceptions in a buyer’s market (Virginia Business) Auto and cyber insurance rates are rising…

National Shortage Highlights Urgent Need For Cybersecurity Pros (Channel Partners) If you’re skilled in cybersecurity, the national job market is your oyster…

WISeKey makes offer to acquire ABRY-backed QuoVadis (PE Hub) Swiss cybersecurity company WISeKey International Holding Ltd has inked a letter of intent to buy Bermuda-based QuoVadis, a public key infrastructure company. No financial terms were disclosed. QuoVadis is backed by ABRY Partners…

Why FireEye Partnered with Microsoft (Market Realist) Microsoft partners with FireEye for its iSIGHT Intelligence offering…

ProofPoint, Rapid7 and CyberArk lead the field of publicly-traded cybersecurity companies (CSO) Q3 2016 financial results are in for publicly-traded cybersecurity firms…

Recent Maryland cybersecurity incubator graduates show strength, diversity of the region’s cyber ecosystem (Christian Science Monitor Passcode) Light Point Security and iWebGate graduate from the Baltimore-based Cync program…

Cylance Named Top 15 Company of the Year by Inc. Magazine (BusinessWire) The only cybersecurity company on the list, Cylance was recognized alongside entrepreneurial juggernauts Riot Games, Tesla, Uber, Snapchat and Niantic Labs (makers of Pokemon Go!)…

Cryptographer Who Broke the NSA’s Secure Hash Algorithm Joins Symbiont (Finance Magnates) Dr. Lisa Yin is the new Chief Security Officer and Chief Cryptographer of the smart securities blockchain developer Symbiont…

Former Coast Guard CIO Robert Day to Head Blackberry’s Federal Cyber Center & FedRAMP Efforts (GovConWire) Robert Day, a retired U.S. Coast Guard rear admiral and former USCG chief information officer, has been appointed by Blackberry (Nasdaq: BBRY) to manage the mobile device maker’s new federal Cybersecurity Operations Center and Federal Risk and Authorization Management Program product initiatives…

Products, Services, and Solutions

Kudelski Security Sets Modern Standard in Cybersecurity Program Strategy with Secure Blueprint (PRNewswire) Comprehensive approach guides clients from resource analysis through design of agile, business-driven security programs; Empowers CISOs with "board-ready" dashboards to enhance communication and gain support from senior leadership…

Amazon Cloud Computing Division Unveils New Cyber Security Service (Wall Street Journal) AWS Shield will help customers defend against so-called distributed denial-of-service attacks that can knock websites offline…

Silent Circle Sets New Benchmark for Enterprise-Class Secure Mobile Communications (MarketWired) Delivers first-to-market capabilities to its end-to-end, scalable solutions to meet the exacting demands of global organizations…

TopSpin Security deploys realistic deceptions to lure and trap attackers (Network World) Deception technology can be effective in detecting an attacker as soon as they begin making moves on the network…

Avast's App Triage Program Provides Free Security Assessment for Mobile Apps -- Prior To Launch (Integration Developer News) Avast Mobile Enterprise is launching a free service to help mobile app developers locate and diagnose security vulnerabilities in their apps – before it gets launched. Learn how to test your app’s security – for free -- with the Avast’s App Triage Program…

Core Security is making the password reset process self-service, faster and simpler (App Developer Magazine) Core Security announced the release of Core Mobile Reset 1.0 and Core Access Insight 9.2. With the introduction of these solution updates, enterprise security teams will now be able to resolve immediate threats with prognostic analytics applied to the big identity and access data, while also enhancing organizational efficiency…

Cryptzone's new enterprise capabilities with next generation of AppGate software-defined perimeter solution (Private Protocol) Cryptzone's new enterprise capabilities with next generation of AppGate software-defined perimeter solution…

Microsoft Antivirus Tied for Last in Malware Tests (Tom's Guide) Windows 10 added a lot of security enhancements to ordinary PCs, but perhaps it hasn't added enough. Most third-party antivirus software still does better than Microsoft's built-in defenses at protecting computers from new strains of malware, although Microsoft has caught up in stopping better-known bugs…

Technologies, Techniques, and Standards

There’s No Flying Under the Radar: Why Small Businesses Should Get Smart About Information Security (JDSupra) The latest publication by the National Institute of Standards and Technology (NIST), entitled “Small Business Information Security: The Fundamentals,” aims to promote and assist small businesses in their efforts to manage information security risks…

Small Business Information Security: The Fundamentals (NIST) Small businesses are an important part of our nation’s economic and cyber infrastructure…

Cut through the FUD in online security tips (Naked Security) In light of social movements and political upheavals around the world this year, there have been a spate of articles lately touting security tips to keep you, your information, and your contact list safe in a potentially inhospitable climate. But when you’re surfing around the web, you’ll come across as much FUD – fear, uncertainty and doubt – as you will useful suggestions to help keep you safe…

FS-ISAC sets up Asian threat intelligence chapter with MAS (Finextra) The Financial Services Information Sharing and Analysis Center (FS-ISAC) and the Monetary Authority of Singapore (MAS) announced today that they will collaborate to establish an Asia Pacific (APAC) Regional Intelligence and Analysis Centre to encourage regional sharing and analysis of cybersecurity information within the financial services sector…

Building a threat intelligence program? How to avoid the 'feed' frenzy (Tech Target) Cyberthreat intelligence is just data if it is not actionable. We offer tips to help your team focus on relevant CTI for faster threat detection and response…

Shadow IT And The Challenge Of Controlling The Cloud (Information Security Buzz) “Shadow IT” sounds like something you might see in a thriller starring Matt Damon, but it’s a clear and present danger for IT pros. It refers to the practice of people throughout a company setting up their own IT services without consulting with the IT department. It’s easy to do, thanks to the “consumerization of IT” trend and the availability of cheap or free cloud-based SaaS services from the likes of Dropbox, Google’s G Suite (formerly known as Google Apps), Microsoft Office 365, and Slack…

The Human Firewall: Why People Are Critical To Email Security (Dark Reading) Technology is just the beginning; employees must be fully on board with security procedures…

Design and Innovation

How Windows 10 data collection trades privacy for security (CSO) Here's what data each telemetry level collects and the price you pay to send the least telemetry to Microsoft…

Research and Development

Advancing the science of cybersecurity (NSF) NSF awards $76 million to support interdisciplinary cybersecurity research

Hydro-Québec and Concordia join forces to secure smart grids (Montréal Gazette) A team of researchers from Concordia University has received a $2.1-million grant to shed light on new ways of protecting Quebec’s high-tech power grid system from cyber attacks…

Legislation, Policy, and Regulation

Microsoft, Intel, IBM Push Back on China Cybersecurity Rules (Wall Street Journal) Comments offer rare glimpse at tussle between Beijing and U.S. tech companies…

Canada’s Update to Classified Documents System Could Raise Hacking Risks (Motherboard) Canada’s track record with handling top secret information hasn’t been great as of late. A recent government report showed that in the last year, there were 10,000 incidents where classified or “protected” documents had been mishandled or stored improperly…

Obama cybersecurity commission to present final report Friday (The Hill) The Presidential Commission on Enhancing National Cybersecurity will submit its final report to President Obama Friday afternoon. It will be released to the public soon after…

FBI Can Now Hack Computer Virus Victims, Suspects Located Anywhere With 1 Warrant (US News and World Report) Rule 41 changes take effect over the objection of privacy advocates…

Rule 41 Opponents Vow to Fight Government’s New Hacking Powers (Threatpost) A new rule goes into effect Thursday that gives law enforcement the ability to hack millions of computers or smartphones at once with a single search warrant. But opponents of the controversial Rule 41 say they are committed to fight the government’s expanded powers…

The FBI Should be Enhancing US Cybersecurity, Not Undermining It (Lawfare) I believe that lawful hacking is a legitimate and necessary way for law enforcement to handle certain investigations in the Digital Age. But as Steve Bellovin, Matt Blaze, Sandy Clark, and I said in our paper, the default on using a vulnerability should be to report it. One can have exceptions just as the intelligence community does, but these should be rare and only when the potential damage to innocent people is minimal…

Congress set to elevate CYBERCOM to unified combatant command (C4ISRNET) Congress is set to authorize the elevation of US Cyber Command, taking it from under the purview of US Strategic Command and making it a fully unified combatant command…

Trump picks retired Marine Gen. James Mattis for secretary of defense (Washington Post) President-elect Donald Trump said Thursday he has chosen retired Marine Gen. James N. Mattis, who has said that responding to “political Islam” is the major security issue facing the United States, to be secretary of defense…

Army Electronic Warfare Strategy Nearing Completion (Defense News) The establishment of an Army Cyber Directorate, the Rapid Capabilities Office and a nearly completed strategy are ushering in a more productive era in electronic warfare capability development, according to Col. Jeffrey Church, the chief of strategy and policy in the cyber directorate…

Litigation, Investigation, and Law Enforcement

Europol Brings Down Global Cybercrime Syndicate (Voice of America) Europol, the European Union's law enforcement agency, said Thursday it has arrested five people in an online criminal enterprise and seized 39 computer servers following a four-year-long international investigation…

Alert (TA16-336A) Avalanche (crimeware-as-a-service infrastructure) (US-CERT) “Avalanche” refers to a large global network hosting infrastructure used by cyber criminals to conduct phishing and malware distribution campaigns and money mule schemes. The United States Department of Homeland Security (DHS), in collaboration with the Federal Bureau of Investigation (FBI), is releasing this Technical Alert to provide further information about Avalanche…

Major cybercrime network Avalanche dismantled in global takedown (CSO) The Avalanche network used 500,000 infected computers to launch phishing email attacks…

‘Avalanche’ Global Fraud Ring Dismantled (KrebsOnSecurity) In what’s being billed as an unprecedented global law enforcement response to cybercrime, federal investigators in the United States, United Kingdom and Europe today say they’ve dismantled a sprawling cybercrime machine known as “Avalanche” — a distributed, cloud-hosting network that for the past seven years has been rented out to fraudsters for use in launching countless malware and phishing attacks…

Avalanche Botnet Comes Tumbling Down In Largest-Ever Sinkholing Operation (Dark Reading) 800,000 domains seized, sinkholed, or blocked, and five individuals arrested, in international effort to bring down botnet linked to 17 major malware families…

It Took 4 Years to Take Down ‘Avalanche,’ a Huge Online Crime Ring (Wired) On Thursday, a group of international law enforcement agencies announced that it had completed an ambitious takedown of an extensive online criminal infrastructure called “Avalanche.” It’s one of the largest botnet takedowns ever, a four-year effort that turned up victims in 180 countries worldwide. Which is to say, nearly all of them…

Massive cybercrime infrastructure demolished (Help Net Security) After more than four years of investigation, the Public Prosecutor’s Office Verden and the Lüneburg Police in cooperation with the US Attorney’s Office for the Western District of Pennsylvania, the DOJ and the FBI, Europol and Eurojust, dismantled an international criminal infrastructure platform known as Avalanche…

Joint Statement on Dismantling of International Cyber Criminal Infrastructure Known as Avalanche (US Department of Justice) Assistant Attorney General Leslie R. Caldwell of the Justice Department’s Criminal Division, Acting U.S. Attorney Soo C. Song of the Western District of Pennsylvania and Special Agent in Charge of the Federal Bureau of Investigation’s Pittsburgh Division Robert Johnson issued the following statement today…

Hacking: Not Just for the Feds! (Slate) The next big battles over law enforcement use of technology will involve local police…

Someone Accessed Silk Road Operator’s Account While Ross Ulbricht Was in Jail (Motherboard) Attorneys for Ross Ulbricht, the man convicted of running the Silk Road online drug marketplace under the pseudonym “Dread Pirate Roberts” say they’ve discovered evidence that someone logged into the Dread Pirate Roberts account on the Silk Road forums six weeks after Ulbricht was arrested. Ulbricht was in federal custody at the time…

Data Breach Lawsuits Not Avoidable, But Reasonable Security Helps, Expert Says (Forbes) David Willson, a retired Army officer, attorney and now owner of Titan Info Security Group, travels the country, educating CEOs and executives on how to protect their companies from data breaches, which have become increasingly common in recent years…

Teen bullied with fake sex profiles kills herself in front of family (New York Post) An 18-year-old girl committed suicide in front of her family at their Texas home after what relatives say were months of relentless torment on social media…

Cyber Events

For a complete running list of events, please visit the event tracker on the CyberWire website.

AlientVault USM Webcast (12.1.16)
NCCoE Speaker Series: Insider Threats (12.6.16)

Newly Noted:

European Smart Grid Cyber Security (London, England, UK, March 21 - 22, 2017) European Smart Grid Cyber Security 2017 offers a unique opportunity to network with senior experts in cyber security from government, utilities, TSOs, regulators, solution providers, security consultants, senior engineers and more. Join us to hear from a range of European utility companies present what their strategic programmes are doing regarding cyber security. As well as discuss how communication issues between IT and OT departments can be overcome and learn how to make your company compliant.

Coming This Month:

Cyber Threats Master Class (Turin, Italy, December 1 - 2, 2016) The UNICRI Masterclass on Cyber Threats aims to provide media and public relations professionals, as well as those planning a career in public information and communication, with a deeper understanding of new security threats to states and citizens. The focus of the course is on cyber threats, internet governance and the role of media. Application deadline is October 2, 2016.

Disrupt London (London, England, UK, December 3 - 6, 2016) TechCrunch Disrupt is the world's leading authority in debuting revolutionary startups, introducing game-changing technologies, and discussing what's top of mind for the tech industry's key innovators. Disrupt gathers the best and brightest entrepreneurs, investors, hackers, and tech fans for on-stage interviews, the Startup Battlefield competition, a 24-hour Hackathon, Startup Alley, Hardware Alley, and After Parties.

US Department of Commerce Cyber Security Trade Mission to Turkey (Ankara and Istanbul, Turkey, December 5 - 8, 2016) Now is the time to expand in Turkey! The growth and frequency of cyber-attacks in recent years has increased the demand to protect critical data and infrastructure of governments and businesses. Turkey is increasing resources in the public and private sectors to tackle these complex cyber threats. Apply now for this mission. Recruitment for the mission will begin immediately and conclude no later than September 16, 2016. The U.S. Department of Commerce will review applications and make selection decisions on a rolling basis beginning May 2, 2016 until the maximum of 20 participants is selected. Applications received after September 16, 2016 will be considered only if space and scheduling constraints permit.

NCCoE Speaker Series: Understanding, Detecting & Mitigating Insider Threats (Rockville, Maryland, USA, December 6, 2016) Insider threats are growing at an alarming rate, with medium-to-large company losses averaging over $4 million every year. Smaller businesses are at risk too, and it is estimated that in 2014, over half of all cyber attacks targeted companies with less than 1,000 employees. The majority of these breaches are caused accidentally by internal employees or contractors, which means that, whether their intent is malicious or not, people represent the greatest risk to a company's cyber security. Join us for the December 6th NCCoE Speaker Series and learn from the leading experts, including Mitre's Principal Behavioral Psychologist Dr. Deanna Caputo, how you can keep your business safe from these costly and preventable breaches.

Weaponizing Data Science for Social Engineering: Automated E2E Spear Phishing on Twitter (Elkridge, Maryland, USA, and various online nodes, December 6, 2016) This cybergamut Technical Tuesday features ZeroFox data scientist John Seymour, who will present a recurrent neural network that learns to tweet phishing posts targeting specific users. Historically, machine learning for information security has prioritized defense: think intrusion detection systems, malware classification and botnet traffic identification. Offense can benefit from data just as well. Social networks, especially Twitter with its access to extensive personal data, bot-friendly API, colloquial syntax and prevalence of shortened links, are the perfect venues for spreading machine-generated malicious content.

Infosecurity Magazine Conference (Boston, Massachusetts, USA, December 6 - 7, 2016) Bringing together 100+ information security end-users, analysts, policy-makers, vendors and service providers, the meeting connects the information security community providing actionable information, practical case studies and strategic and tactical insight

Practical Privacy Series 2016 (Washington, DC, USA, December 7 - 8, 2016) This year, the Practical Privacy Series will return to Washington, DC, with its rapid, intensive education that arms you with the knowledge you need to excel on the job. We’re programming some stunningly good sessions right now—we can’t wait to share them with you!

CISO Southern Cal (Los Angeles, California, USA, December 8, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations to operate smoothly, CISOs and IT security executives need to be ahead of the hackers, and kept abreast of the latest IT security topics and trends. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more.

SANS Cyber Defense Initiative 2016 (Washington, DC, USA, December 10 - 17, 2016) Make plans to attend SANS Cyber Defense Initiative 2016 (CDI). SANS is the one educational organization known for developing the cybersecurity skills most in need right now. SANS Cyber Defense Initiative 2016 will feature courses in IT security, security management, IT audit, penetration testing, and computer forensics, including short courses that can be taken with a long course to enhance your training. Every course, evening talk, and special event is designed to equip you with cutting-edge knowledge and skills required to combat today's cyber criminals. SANS events offer you a unique opportunity to learn from the best cybersecurity teachers in the country. At SANS events you get the kind of hands-on, immersion training that you can put to work immediately.

Privacy, Security and Trust: 14th Annual Conference (Auckland, New Zealand, December 12 - 14, 2016) This year’s international conference focuses on the three themes of Privacy, Security and Trust. It will provide a forum for global researchers to unveil their latest work in these areas and to show how this research can be used to enable innovation. The main aims of the conference are: To highlight the innovative research happening globally with three main themes: Privacy, Security and Trust. Academics from across the globe will come together to discuss solutions related to PST risks and to showcase the research methods that are able to minimise future cybercrime issues. To foster new ideas and conversation in order to reduce the amount of PST issues globally and to create enduring change in the behaviour and attitudes towards PST. To draw together PST practitioners, researchers, and government to showcase the latest PST research outputs and initiatives. We envisage that industry participants will implement the PST initiatives that are discussed and showcased at the conference into their practice.

the cyberwire
Compiled and published by the CyberWire editorial staff. Views and assertions in source articles are those of the authors, not the CyberWire or Pratt Street Media, LLC.
The CyberWire is published by Pratt Street Media and its community partners. We invite the support of other organizations with a shared commitment to keeping this informative service free and available to organizations and individuals across the globe.