current issue – 2.21.17

CYLANCE - ARTIFICIAL INTELLIGENCE, REAL THREAT PREVENTION

Greetings!

Special Section: RSA 2017 (our regular summary appears below)

We continue to wrap up coverage of last week's RSA conference. The event's organizers claimed record attendance: 43,000 is being widely reported, and the show's floor was crowded (as were surrounding streets and hotels). The many companies exhibiting were being asked by those they pitched to explain the problems their technologies solved, to demonstrate the ease of their solutions' implementation, and (this question largely although not exclusively from investors) to show how they differentiate themselves in a crowded marketplace that seems ready for consolidation.

There was also considerable attention paid to the continuing shortage of qualified cyber security labor, a shortage that is global and expected to grow. The CyberWire was able to talk to two organizations, Cyberbit and ISACA, who've adopted a hands-on approach to training and skills verification. You'll find our account below, along with links to other discussions of the conference. 

Our RSA retrospectives will continue through the end of this week; there's a great deal to take away from this year's conference.

Today's regular daily summary starts here.

THE CYBERWIRE (Tuesday, February 21, 2017)—A catphishing campaign has targeted members of the Israeli Defense Forces using Android malware called "ViperRAT." Early suspicions of responsibility were directed toward Hamas, the Palestinian Sunni group that's the de facto ruler of the Gaza Strip. Lookout Security, however, believes such attribution may have been hasty, and that, far from initial characterizations of ViperRAT as relatively primitive, the malware is in fact more sophisticated attack code with two variants: an initial profiling tool installed by social engineering, and a second-stage surveillance tool that collects contact information, geolocation data, images, and other files. Lookout thinks the malware is beyond any mobile-device attack capabilities displayed by Hamas. But, as always, treat attribution with caution, and exercise care with Android devices: there's no particular reason for ViperRAT to confine itself to IDF targets.

Upset (along with most of the rest of the world) by North Korean missile tests, China imposes an embargo on DPRK coal, long a staple of the North Korean economy. Observers think sanctions will prompt an increase in North Korean cyber crime as that country's government seeks to plug the economic hole.

Cisco is tracking "Magic Hound," a RAT-centric campaign targeting Saudi businesses. The attackers gain their entrée by phishing.

IBM's X-Force has continued its investigation of Shamoon, the destructive campaign against Saudi Aramco and other Gulf targets that reappeared in November 2016 and January 2017. Researchers believe the initial infection was through malicious macros in a compromised document.

Verizon will buy Yahoo!'s core assets, but at a discount. 

[250]

Today's edition of the CyberWire reports events affecting Australia, China, Germany, Iran, Israel, the Democratic Peoples Republic of Korea, NATO/OTAN, Russia, Saudi Arabia, Singapore, the United Kingdom, and the United States.

Cylance is proud to be the CyberWire sustaining sponsor for 2017. Learn more about how Cylance prevents cyberattacks at cylance.com

On the Podcast

Today's podcast features our partners at the University of Maryland's Center for Health and Homeland Security, as Markus Rauschecker discusses Section 230 of the Communications Decency Act (that's the "Safe Harbor" section) and some surprising conflicts around Airbnb. We also have a guest uniquely qualified to offer comments from the floor of RSA 2017: RSA's CTO Zulifikar Ramzan.

2017 is still young. If you're interested in some big-picture informed speculation about what the year holds for cyber security, then give the special prognostication edition of our podcast a listen. We speak with industry experts and editors covering the cyber beat to get their take on the outlook for 2017 in cyber security.

Sponsored Events

Hacking The Home (Fulton, MD, USA, February 26, 2017) DataTribe, a startup crucible for entrepreneurs, is sponsoring a February 2017 Hacking the Home contest. Teams will be competing to develop new product functionality, integrations, skills, and/or exploits around the growing ecosystem of home automation devices.

The Cyber Security Summit: Denver (Denver, Colorado, USA, March 1, 2017) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts.

How to Invest Your 2017 Cyber Security Training Budget for Maximum ROI (Webinar, March 2, 2017) When it comes to securing an organization’s network, most stakeholders understand that cyber security education and training are not a luxury – they're a necessity. In this webinar we will discuss how best to spend those precious training dollars to get a solid return on investment.

2nd Annual Billington International CyberSecurity Summit (Washington, DC, USA, March 30, 2017) The 2nd Annual Billington International Cybersecurity Summit on March 30, 2017 at the National Press Club in Washington, DC will feature over 300 world class cybersecurity decision-makers from allied nations and the US in an intensive day of knowledge exchange and relationship building.

Selected Reading

Dateline San Francisco: wrapping up RSA 2017

RSA® Conference 2017 Closes With Record Attendance (Yahoo! Finance) RSA® Conference, the world’s leading information security conferences and expositions, today concluded its 26th annual event in San Francisco. A record number of more than 43,000 attendees experienced keynotes, peer-to-peer sessions, track sessions, tutorials and seminars.

Winners and Losers at RSA (Forutne) So much money - for now

RSA Conference 2017: Hacker Highschool Highlights from the Cyber Village (GovTech) What tips and techniques help parents teach their kids online? Where can cybersecurity professionals turn for resources to train teens about ethical hacking? How can we address cybersafety in new ways moving forward? Here are some answers from the 2017 RSA Conference Cyber Village.

Workforce Development: Ranges, Training, Hiring, and Certifications (The CyberWire) The labor market for cyber security practitioners is famously a sellers' market. Skilled operators are in high demand, and, while estimates of the number of unfilled positions vary, there's widespread agreement (a few outliers in the US Department of Homeland Security aside) that this number is large, and likely to increase over the next few years.

Here’s how the US government can bolster cybersecurity (PCWorld) Almost 20 years ago, Chris Wysopal was among a group of hackers who testified before U.S. Congress, warning it about the dangers of the internet.

Intent-Based Security Shows Momentum at RSA (SDxCentral) Fortinet, vArmour, and Twistlock are among the companies touting intent-based security at RSA Conference 2017.

Four Disruptive 'Cyber Trends' At RSA (Forbes) As an industry analyst and Forbes contributor who writes about digital transformation, I am always looking for stories of disruption.

RSA Conference 2017: Did our predictions come true? (Sophos) It’s day 4 of RSA Conference 2017 as I write this. For me, the event ends with a flight home in a few hours. Before doing so, a review of the week is in order.

RSA 2017: what are you trying to solve? (CSO Online) This year at the RSA Security Conference some 40,000 people packed the halls of the Moscone center in search of solutions (and light up swords) to solve their problems. Whatever the issue, they were looking for a salve to sooth their wounds in a manner of speaking.

Australian Cyber Roo hops to San Francisco seeking trade (ZDNet) Austrade and the Australian Cyber Security Growth Network have joined forces to promote quality Australian-made cybers to the world -- along with their new mascot, the Cyber Roo.

Mac Malware Getting Much Worse: How to Protect Yourself (Tom's Guide) Limitations in macOS' built-in protections guarantee that we'll see a good amount of Mac malware this year, two security researchers said.

A Corporate Inbox Receives 4.3 Times More Malware Than a Regular Inbox (BleepingComputer) Corporate email addresses are 4.3 more likely to receive malware compared to personal accounts, 6.2 times more likely to receive phishing lures, and 0.4 times less likely to receive spam.

Q&A: Digging into darknet technology with Farsight's Andrew Lewman (SearchSecurity) Farsight Security's Andrew Lewman speaks about how darknet technology could be used for good -- and bad -- in the enterprise.

AI SaaS application for cyber attack detection (Help Net Security) PatternEx announced the first Artificial Intelligence SaaS application for cyber attack detection at RSA Conference 2017.

Zimperium Fuels Advanced Mobile Threat Defense with Next Generation zIPS™ Join our daily free Newsletter (MENAFN) Zimperium, the industry leader in enterprise mobile threat defense (MTD) and the only provider of real-time on-device protection against known and unknown threats, today introduced two new advanced features for its next generation on-device detection solution, zIPS.

Products highlighted by recent infosec awards (Help Net Security) Bitglass was named by Cyber Defense Magazine the winner of the Hot Company award in the Cloud Security Solutions category. Bitglass is a Cloud Access Secur

Cyber Attacks, Threats, and Vulnerabilities

How IDF soldiers' phones got turned into spying devices (Help Net Security) For many months now, an unknown threat actor has been tricking servicemen in the Israel Defense Forces (IDF) into installing Android spyware.

ViperRAT: The mobile APT targeting the Israeli Defense Force that should be on your radar Read more: ViperRAT: The mobile APT targeting the Israeli Defense Force that should be on your radar (https://blog.lookout.com/blog/2017/02/16/viperrat-mobile-apt/) (Lookout Blog) ViperRAT is an active, advanced persistent threat (APT) that sophisticated threat actors are actively using to target and spy on the Israeli Defense Force.

The World Can Expect More Cybercrime From North Korea (Time) The regime is even more deperate for funds following China's boycott of its coal

Cisco Coverage for 'Magic Hound' (Talos Intelligence) A blog about the world class Intelligence Group, Talos, Cisco's Intelligence Group

The Full Shamoon: How the Devastating Malware Was Inserted Into Networks (Security Intelligence) X-Force IRIS researchers found that the Shamoon malware operators relied on weaponized documents that leveraged PowerShell to infiltrate targeted networks.

OSCE unable to identify perpetrators of cyber attacks against it - secretary general (TASS) "We are putting in place better protection, but we are unable to point the finger in any direction based on what we see," Lamberto Zannier said

New Clinton Emails? WikiLeaks Teasing Public With Mysterious 'Vault 7' (Sputnik) WikiLeaks has puzzled the public with a mysterious "Vault 7" riddle. Given several hints dropped by the organization the world may witness a new disclosure. WikiLeaks says it will be big.

Wikileaks is 'very happy' about fake news: Julian Assange (CNET) The Wikileaks founder is scathing about the "weaponised text" of the global news media, but when it comes to fake news and scandal, Julian Assange has a different view.

The Human Interface Device (HID) Attack, aka USB Drive-By (CyberPoint Blog) As a part of our effort to educate, assess and train (EAT), we want to highlight a physical host attack technique that is extremely cheap and simple to pull off, and unfortunately yields a significant return for the attacker if successful. The technique is commonly referred to as a "Human Interface Device (HID) attack" or a "USB drive-by".

'Android for Work' Security Containers Bypassed with Relative Ease (BleepingComputer) Mobile security experts from Skycure have found two methods for bypassing the security containers put around "Android for Work," allowing attackers to access business data saved in this seemingly secure environment.

Phwning the boardroom: hacking an Android conference phone (Context) At Context we’re always on the lookout for interesting devices to play with. Sat in a meeting room one day, we noticed that the menus on the conference phone, a Mitel MiVoice Conference/Video Phone, had a very familiar Android style.

Feds more at risk from clicking on links than from data stolen during OPM breach (FederalNewsRadio.com) Hackers will target current and former federal employees based on a broad set of data, not just personal information stolen during the OPM cyber breach.

Your computer is a cookie that you can’t delete (Naked Security) Browsing the web? You can still be identified even if you switch browser

Magento-based online shops hit with self-healing malware (Help Net Security) Administrators of e-commerce sites running on the open source platform Magento would do well to check their database for triggers with suspicious SQL code.

Yahoo hit by another security breach as its Verizon deal nears a conclusion (WIRED UK) Verizon is expected to buy Yahoo's core internet businesses for up to £280 million less than the agreed £3.6 billion price

Computer crashes may be due to forces beyond our solar system (Computerworld) As our personal electronic devices get more complex, researchers say cosmic rays could put them at a greater risk of operational failure.

A Source Code Typo Allowed an Attacker to Steal 370,000 Zerocoin ($592,000) (BleepingComputer) The Zcoin project announced yesterday that a typo in the Zerocoin source code allowed an attacker to steal 370,000 Zerocoin, which is about $592,000 at today's price.

Cyber attacks target 2 East Idaho counties; Bingham County systems still down (Idaho State Journal) Two Eastern Idaho counties fell victim last week to computer-related incidents, with officials in Bingham County still working to rebuild their computer systems.

Airline systems vulnerable to hacking - Kaspersky expert (Myce) In a week when a university team hacked a model of a water supply system and poisoned it by releasing excessive quantities of fluoride, a new report says hackers could target airline booking systems and ruin journeys.

My Friend Cayla Security Concerns - Information Security Buzz (Information Security Buzz) Following the news of security concerns behind My Friend Cayla, David Emm, Principal Security Researcher at Kaspersky Lab commented below. David Emm, Principal Security Researcher at Kaspersky Lab:  “My Friend Cayla is hitting the headlines, following a call for parents to destroy the doll by Germany’s Federal Network Agency.

Germany Bans "My Friend Cayla" Toys Over Hacking Fears and Data Collection (BleepingComputer) Germany's telecommunications regulator has issued a ban against a line of smart toys called "My Friend Cayla," calling the toy an espionage device, and recommending that parents destroy all toy instances at once.

Cybersecurity risks in US oil and gas industry (Energy Global) Ponemon Institute suggests that deployment of cybersecurity measures in the oil and gas industry is failing to keep pace with the growth of digitalisation.

The Homeless Homebuyer (NINJIO S2:E2) In this heart wrenching Episode, a young family wires their 650k down payment for their new home to a fraudulent account. Watch to see what happens next...

Security Patches, Mitigations, and Software Updates

After Microsoft Delayed Patch Tuesday, Google Discloses Windows Bug (BleepingComputer) For the second time in three months, Google engineers have disclosed a bug in the Windows OS without Microsoft having released a fix before Google's announcement.

Google Project Zero shames Microsoft over security flaws that should have been patched last week (Computing) No company too big, or too small, to be "security shamed" by Google

Microsoft's decision to scrap February security updates unnerves patch experts (Computerworld) Patch experts struggled with Microsoft's decision to cancel this month's updates, pointing out that known vulnerabilities will go unpatched and IT planning was disrupted.

Adobe Issues Critical Security Update for Flash Player on Mac (Mac Rumors) Adobe this week released Flash Player version 24.0.0.221 to "address critical vulnerabilities that could potentially allow an attacker to take control of the affected system," including Mac, Windows, Linux, and Chrome OS.

Gmail now blocks all JavaScript email attachments (Naked Security) Google’s move will help protect your computer, but there are further steps you can take, too

Signal app gets video calling overhaul and a warning for iOS users (Naked Security) If you’re going to share confidential information via Signal’s encrypted video on iOS, make sure you opt out of its integration with Apple’s CallKit features

Cyber Trends

Even More US Enterprises Are Stockpiling Bitcoin To Combat Cyber Attacks (NEWSBTC) Incident response planning in the corporate sector should never include stockpiling bitcoin to meet ransom demands as it sets a very dangerous example.

Mirai and botnets make Akamai very concerned about the state of the internet (Inquirer) Meaaure yourself for a tinfoil suit, you are at serious risk from a whole range of cyber threats, including toasters and bloody toilets.

Familiarity breeds cyber-complacency (The New Paper) They call us 'digital natives' - the generation that has never experienced a world without the Internet. We're at ease with navigating the web, so at ease that we're often tasked with introducing our tech skills and digital knowhow into the workplace. Yet, when it...

25% of healthcare organizations using public cloud do not encrypt data (Help Net Security) A HyTrust survey of 51 healthcare and biotech organizations found that 25 percent of those organizations using the public cloud do not encrypt their data.

Cloud computing: Can hospitals manage security better than Amazon, Google or Microsoft? (Healthcare IT News) Informaticist Nephi Walton challenges health IT professionals to take a hard look at how secure their networks actually are.

Study finds 178 million exposed cyber assets in the U.S. (ConsumerAffairs) Are your cyber assets exposed? If so, you're not alone. A new study by Trend Micro finds that no fewer than 178 million internet-connected devices in the U

Australia's culture of trust is leaving the country vulnerable: Kaspersky Lab (ZDNet) Kaspersky Lab general manager ANZ Peter Brady said it is the laid back, naive culture Australia has that is resulting in such alarming statistics when it comes to mobile banker Trojan penetration.

Top 6 US Government Cyber Assets Prone to Attacks (The Merkle) Cyber security remains a pressing matter, and there is still quite a bit of work to be done. A new report by Trend Micro goes to show US cities are very prone to cyber attacks, with a multitude of ex

Cyber Attacks Threaten Germany's Medium-Sized Companies (Handelsblatt Global Edition) A study by PwC shows that the small- and medium-sized companies in Germany know they are at risk of cyber attack, but have failed to invest in better security.

Cyber crime in travel - no longer just about the money (Tnooz) ThreatMetrix recently analysed more than a billion web transactions taking place in the travel and entertainment industries.

What Needs to Happen with Cybersecurity in Oil, Gas (Rig Zone) Oil and gas leaders discuss the future of cybersecurity as the industry continues to evolve and become more digitized and connected.

Marketplace

Singapore's C-suite and IT decision makers at odds in their approach to cyber defence | Networks Asia (Networks Asia) Research shows board directors and IT leaders believe each other are responsible for managing the response to a cyber-attack, and that board level directors estimate the cost of a successful attack to be dramatically lower than their IT colleagues

Verizon, Yahoo Agree to Reduce Buyout Price to $4.55 Billion (eWeek) Verizon negotiates down to $4.55B for Yahoo transaction; Congressional staffers see Russian hacking, FISA vote as priorities; IBM launches machine learning for z System mainframes; and there's more.

Verizon/Yahoo Acqusition Price Cut ‘Hardly Comes As A Surprise’ - Information Security Buzz (Information Security Buzz) Following the news that Verizon are negotiating a price cut of $250-$350 million in their acquisition of Yahoo following news of two economically damaging cyber-attacks, Nick Pointon, Head of M&A at SQS commented below. Nick Pointon, Head of M&A at SQS...

Why Verizon Decided to Still Buy Yahoo After Big Data Breaches (Wall Street Journal) Verizon Communications Inc. outbid several suitors to buy Yahoo Inc.’s struggling internet business last year. But the phone giant had to scramble to keep the deal from unraveling after Yahoo disclosed two massive data breaches.

Verizon Acquires Skyward (ReadITQuik) Acquisition to help simplify management of drone operations reducing complexities for drone operators

F-Secure acquires Inverse Path (-Voice&Data) Cyber security company F-Secure has acquired privately-held company Inverse Path, an industry leader in providing security services to the avionics, automotive, and industrial control sectors.

The threat is real. That’s why GreyCastle keeps growing (Abany Business Journal) GreyCastle Security is the winner of the Cyber Security Award.

Symantec (symc): Is it safe to buy this stock? (TheStreet) Shares of SYMC have risen a staggering 81% in the past year, and 19% since the start of 2017.

Tiffanny Gates to Become Novetta CEO in March (GovCon Wire) Tiffanny Gates, federal business president at Novetta since January 2016, will elevate to the CEO ro

Products, Services, and Solutions

CompTIA Cybersecurity Analyst certification to include behavioral analytics (Help Net Security) CompTIA Cybersecurity Analyst (CSA+) certification brings behavioral analytics to the forefront of assessing cyber threats.

FireEye Announces Exploit Prevention and Anti-Virus Replacement for the Endpoint (PCQuest) FireEye announced several enhancements to its endpoint security solution designed to offer protection from threats missed by legacy solutions.

Kaspersky launches 'Password Manager' for remote access (Deccan Chronicle) Account security worries Internet users more than any other area of their online lives

eShore Partners With PhishMe To Enhance Security Defence (Channel EMEA) New Partnership Allows Customers To Leverage Human Anti-Phishing Solutions Alongside eShore’s Proven Cloud Security Services In the Caribbean, Bermuda and Latin America

Sumo Logic Delivers Multi-Tenant SaaS Security Analytics Solution with Integrated Threat Intelligence - insideBIGDATA (insideBIGDATA) Sumo Logic, a leading cloud-native, machine data analytics service, announced the availability of the industry’s first multi-tenant SaaS security analytics solution with integrated threat intelligence. This, coupled with new security apps for monitoring and compliance and a milestone certification for PCI DSS 3.2, demonstrates Sumo Logic’s strong momentum and commitment to providing leading-edge security analytics capabilities and compliance standards to customers.

Technologies, Techniques, and Standards

New Guide to Help Electric Utilities Improve Cybersecurity, Situational Awareness (NIST) As part of their current cybersecurity efforts, many electric utilities monitor data from the various systems and devices they rely on to keep the power flowing and to secure both their information technology and facilities. Pulling these data together and correlating events across data streams can be a time-consuming process, so the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology collaborated with a team of experts from industry, academia and government to develop a guide utilities can use to improve situational awareness and better respond to potential cyber attacks.

NIST Cybersecurity Practice Guide, Special Publication 1800-7: “Situational Awareness for Electric Utilities" (NIST) The NCCoE released a draft of the NIST Cybersecurity Practice Guide, SP 1800-7 “Situational Awareness for Electric Utilities” on February 16, 2017. Public comments on the draft will be expected through April 17, 2017. Submit your comments.

The time to fortify your organization against CNP fraud is now (Help Net Security) Countries adopting EMV experienced a corresponding spike in fraud involving digital and online purchases that don’t require a plastic card or CNP fraud.

Where does the buck stop when there’s a security breach? (Naked Security) Is it the IT department’s problem, or does the buck go as far as the C-suite? Opinions are polarised, but it’s more nuanced in the real world

60 Free Ransomware Decryptor Tool To Remove And Unlock Encrypted Files 2017 (GeckoandFly) How to remove ransomware? There is an alarming growing number of cybercriminal organizations using deceptive links and websites to install malicious malwar

What makes for truly independent security product testing? (Naked Security) It seems there’s room for improvement when it comes to independent testing – but what are your thoughts on this?

MITM Part 2 - Scan & Attack (Test Loop) In this part of the series, we’re going to use our Kali based attacker’s machine to scan the local network and find our Windows target. We’ll then carry out an ARP Poisoning based MITM attack against it as we explained in part 1. Once we have obtained a MITM position, we can then passively analyse the targets HTTP traffic to see what they’re up to.

5 Unique Ways to Improve Your Data Security (null) TEMPEST is a Government term that refers to the “unintended emissions from electronic equipment”

Home Instead launches cybersecurity campaign (The Dispatch) Home Instead Senior Care launched a nationwide campaign Friday aimed at better preparing seniors for internet scams and financial fraud attempts.The

Design and Innovation

Pentagon Cyber Spies Seek Better Tools to Sort Intelligence Data (Bloomberg.com) Pentagon spies trying to get ahead of mounting cyberthreats from North Korea to Russia are seeking new technologies to help winnow down the flood of data they receive, according to a senior Defense Department intelligence official.

Academia

The birth of cybersecurity - The Echo News (The Echo News) It’s been created and has a list of classes established, but Taylor’s cybersecurity major doesn’t officially exist—at least, not yet.

Closing The Cybersecurity Skills Gap With STEM (Dark Reading) As a nation, we should be doing more to promote educational programs that prepare today's students for tomorrow's jobs.

Legislation, Policy, and Regulation

Iran bans private drones from skies over Tehran amid security fears - BBC News (BBC News) Military officials act to remove "security threat" of private drones after shooting at two devices.

NATO 'not agile enough' to stop Russian hacking (Sky News) Sir Michael Fallon says NATO has not been fast enough in dealing with the threats posed by terrorism and cyber attacks.

NSA Split From Cyberwar Command Inevitable, Says Former Official (The Intercept) A former senior official at the NSA says the planned split between the nation's digital spying outfit and its offensive cyber military will happen, though likely not for a while.

Expert: Trump Cyber Policy Could Be 'Remarkably Boring' (PCMAG) Bush-era DHS official suggests White House cyber security order could be remarkably pedestrian.

Trump Chooses H.R. McMaster as National Security Adviser (New York Times) The president called him “a man of tremendous talent and tremendous experience.”

Senior Trump appointee fired after critical comments (Military Times) A senior Trump administration official was fired following criticism in a private speech of President Donald Trump's policies and his inner circle of advisers.

Flynn leaks ignite surveillance debate (TheHill) Republicans have expressed outrage over reports that calls to a Russian ambassador were intercepted.

Offensive cyber still in infancy, says Air Force official (C4ISRNET) Outside of CYBERCOM and NSA, offensive cyber capabilities are still being examined by the services.

Army Cyber Mission Force to Utilize Virtual Effects in Fight Against Militant Groups (Executive Gov) The U.S. Army's future cyber mission force teams will use virtual effects in offensive and defensive

General Keith Kellogg ‘In Play’ To Be Trump’s National Security Advisor (The Daily Caller) Retired Army Lt. Gen. Keith Kellogg is on President Donald Trump's short list to take over as national security advisor, the president said in a tweet Friday. Kellogg, a career Army officer, steppe

Getting prepared for a ‘cyber-Pearl Harbor’ (News Tribune) In a world where hackers and other bad actors thrive, a Pierce County congressman wants to provide states with funds to develop cyber-resiliency plans.

Litigation, Investigation, and Law Enforcement

FBI pursuing at least 3 probes of Russian-backed hacking: report (The Hill) The FBI is currently working on at least three separate investigations related to Russian-backed hacking during the U.S. presidential election, Reuters reported Saturday.

Peters Requests Full Homeland Security Committee Investigation (UPMATTERS) Investigation would focus on Russian attempts to hack election infrastructure and influence US elections

Riseup moves to encrypted email in response to legal requests (Indybay) After exhausting our legal options, Riseup recently chose to comply with two sealed warrants from the FBI, rather than facing contempt of court (which would have resulted in jail time for Riseup birds and/or termination of the Riseup organization). The first concerned the public contact address for an international DDoS extortion ring. The second concerned an account using ransomware to extort money from people.

Riseup confirms receipt of FBI warrant and gagging order (Computing) Users wondering about the non-renewal of Riseup's warrant canary have their suspicions confirmed

UGNazi Hacker Who Doxed Trump, Clinton, Obama, and Others Gets No Prison Time (BleepingComputer) Eric Taylor, known online under the nickname of Cosmo the God, was sentenced on Friday last week to three years probation for a series of hacks the teenager committed in 2011 and 2012.

Men Who Sent Swat Team, Heroin to My Home Sentenced (KrebsOnSecurity) It’s been a remarkable week for cyber justice. On Thursday, a Ukrainian man who hatched a plan in 2013 to send heroin to my home and then call the cops when the drugs arrived was sentenced to 41 months in prison for unrelated cybercrime charges. Separately, a 19-year-old American who admitted to being part of a hacker group that sent a heavily-armed police force to my home in 2013 was sentenced to three years probation.

Couple can’t store data from camera pointed at next door’s garden (Naked Security) Ruling against Google continuing to track Safari users used to shore up case against couple who pointed cameras at their neighbours’ garden

Cyber Events

For a complete running list of events, please visit the event tracker on the CyberWire website.

DataTribe - Hacking The Home (2.26.17)
Cyber Security Summit: Denver 3.1.17 (promo: CIBERWIRE50)
Reserve your seat for our March 2 webinar
Billington Int CyberSecurity Summit (3.30.17)

Newly Noted Events

OWASP AppSec EU (Belfast, Northern Ireland, UK, May 12 - 18, 2017) Welcome to OWASP Annual AppSec EU Security Conference, the premier application security conference for European developers and security experts. AppSec EU provides thought leadership, amazing talks, informative sessions, and great social experiences. During the pre-conference (Monday 8th - Wednesday 10th May 2017) there is the opportunity to attend one of the many trainings courses on offer from industry experts, plus project summits and outreach sessions to the future pioneers of the application security industry. The main conference offers four full tracks of talks, for pentesters and ethical hackers, developers and security engineers, DevOps practices and GRC/risk level talks for managers and CISOs.

Upcoming Events

Insider Threat Program Development Training For NISPOM CC 2 (Simi Valley, CA, USA, February 22 - 23, 2017) Insider Threat Defense announced it will hold a 2 day training class on Insider Threat Program Development (NISPOM Conforming Change 2) on Feb. 22-23, 2017, in Simi Valley, CA. For a limited time the training is being offered at a discounted rate of $795 (Normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop, implement and manage a robust Insider Threat Program / Working Group. Insider Threat Defense has trained over 500+ organizations and has become the "Leader-Go To Company" for Insider Threat Program Development Training.

Maritime & Port Security ISAO: Operationalizing Cyber Resilience (Cape Canaveral, Florida, USA, February 22 - 24, 2017) The Maritime & Port Security Information Sharing & Analysis Organization (MPS-ISAO) convenes its inaugural conference “Maritime & Port Cyber Resilience - Adding a New Layer of Cybersecurity” February 22-24, 2017 at the Global Situational Awareness Center at NASA/Kennedy Space Center, Florida.

Risky Business (London, England, UK, February 23, 2017) How are you tackling Cyber Crime in the Property Transaction? Join our panel of expert speakers at the IET in London to find out more about cyber crime in the property transaction and the steps you can take to protect the best interests of your firm and your client.

The 2nd China Automotive Cyber Security Summit 2017 (Shanghai, China, February 24, 2017) CACSS2017 will Provide a platform for Automotive OEMs, Tier 1 suppliers, Automotive security solution/ technology/products developers,Automotive electronics companies, IT companies, Mobile data suppliers, Automotive insurance companies, and automotive cyber security experts to address government regulations developing trends, Automotive cyber security standards, updated vulnerabilities, “Black Hat” behaviour motivations, State-of-the-Art technology solutions, critical cyber security challenges and collaboration initiatives; Help you to understand tailored smart car cyber security products and solutions, build up a set of effective cyber security management system and improve the capability of protecting smart cars. This second to non Automotive cyber security industry event will assure you to understand China Automotive cyber security industry business opportunities, network with China local customers and consolidate your worldwide leadership.

Second Annual International Security Conference (Riyadh, Saudi Arabia, February 27 - 28, 2017) The conference will facilitate national, regional and international collaboration between government, industry and critical infrastructure organizations. It will also feature investors who want to diversify their portfolio into international companies, particularly in the field of cyber security sectors where innovation could benefit the regional cyberdefense capacity.

SANS Dallas 2017 (Dallas, Texas, USA, February 27 - March 4, 2017) We are pleased to invite you to attend SANS Dallas 2017, on February 27- March 4 at The Westin Dallas Downtown, located in the heart of the city. We have selected several of our top information security courses to provide you with the training and certification that you need to boost your career by learning from the best! SANS instructors are industry professionals who will ensure that you not only learn the material, but that you will also be able to apply what you learn your first day back in the office.

Autonomous Vehicles Silicon Valley (Santa Clara, California, USA, February 28 - March 2, 2017) The road to autonomy: Regulation. Consumer Acceptance. Safety & Security. Explore the latest technologies and hottest issues for the autonomous vehicles industry.

The Cyber Security Summit: Denver (Denver, Colorado, USA, March 1, 2017) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. Learn from cyber security thought leaders including: Mary McCord, Asst. Attorney General for National Security, U.S. Dept. of Justice & Chad Alvarado, Supervisory Special Agent, Cyber Task Force, FBI Denver Division. Engage in panel discussions focusing on trending cyber topics including Emerging Threats to IoT & Big Data, Insider Threats, and Compliance. Receive half off your admission with promo code cyberwire50 at CyberSummitUSA.com and view details including the full agenda, participating solution providers & confirmed speakers

International Cyber Risk Management Conference (ICRMC) (Toronto, Ontario, Canada, March 2 - 3, 2017) The third annual International Cyber Risk Management Conference (ICRMC) brings together a world class roster of experts with cross-sector, global and multidisciplinary expertise to share knowledge, lessons learned, and methodology on cyber security. We are delighted to build on last year’s very successful ICRMC. Cyber security has grown into a global pandemic and organizations of all sizes are struggling with questions on how to mitigate, manage, and transfer cyber risk. We’ve structured our agenda based on delegate feedback and our exceptional 2017 Advisory Committee is determined to provide engaging high-profile speakers and compelling content to share knowledge, captivate and educate. Visit www.icrmc.com for details.

SANS San Jose 2017 (Milpitas, California, USA, March 6 - 11, 2017) Securing and defending your network has never been more important as attacks and breaches make the news daily. Gain the skills and tools you need to win the battle against the wide range of cyber adversaries who want to harm your environment. SANS San Jose 2017 offers six hands-on, intensive cyber security training courses.

15th annual e-Crime & Cybersecurity Congress (London, England, UK, March 7 - 8, 2017) Europe's largest and most sophisticated gathering of senior cybersecurity professionals from international business, governments, law enforcement and intelligence agencies.

ISSA Mid Atlantic Security Conference (Rockville, Maryland, USA, March 10, 2017) Join us for a full day of training by industry leaders discussing some of the latest topics in tactics and techniques for preparing for cyber-attacks. This conference will feature a variety of presentations and cutting edge training opportunities, including hands-on demonstrations and workshops.

Investing in America’s Security: Cybersecurity Issues (Jersey City, New Jersey, USA, March 10, 2017) Please join us for the 5th Annual Northeast Regional Security Education Symposium hosted by the Professional Security Studies Department at New Jersey City University. The Symposium’s keynote address will be delivered by Milan Patel of K2 Intelligence, formerly the FBI’s Cyber Division Chief Technology Officer. Speakers include NJCCIC Director Michael Geraghty. NJCU students pursuing their D.Sc. degree will present academic research posters and a panel of experts will discuss careers in cyber security.

IAPP Europe Data Protection Intensive 2017 (London, Englan, UK, March 13 - 16, 2017) Set in London, the Data Protection Intensive delivers innovative solutions to today’s top privacy and data protection challenges. Known for its exceptional programming, the Intensive has come into its own as a leading forum for practical data protection education.

Rail Cyber Security Summit (London, England, UK, March 14 - 15, 2017) Now in its second year, the event will take place at the Copthorne Tara Kensington hotel in London between March 14th and 15th 2017 and will feature a range of experts from the rail transport industry, as well as leading Government and global cyber security leaders and academics working in the field.

CyberUK 2017 (Liverpool, England, USA, March 14 - 16, 2017) Announcing the UK government's flagship IA and cyber security event, for 2017. This is a three day event that will bring together cyber security leaders and professionals from across the UK’s information security communities from both the public and private sector. The NCSC’s partnership with information security businesses of all sizes is essential in strengthening the UK’s cyber resilience. CyberUK 2017 will play a key role in defining the role industry must play in achieving this step change, and is expected to attract 1,600 information assurance (IA) and cyber security leaders and professionals.

Cybersecurity: The Leadership Imperative (New York, New York, USA, March 16 - 17, 2017) Cyber risk impacts every element of your organization – and even the most brilliant information security expertise must be supported by a cross-functional cybersecurity structure and culture to succeed. Cybersecurity: The Leadership Imperative will provide case studies and actionable insights on building and maintaining a structure in which leaders across the organization are able to work together seamlessly to comprehend, measure and respond to cyber risk challenges.

BSides Canberra (Canberra, Australia, March 17 - 18, 2017) BSidesCbr is a conference designed to advance the body of Information Security knowledge, by providing an annual, two day, open forum for discussion and debate for security engineers and their affiliates. We produce a conference that is a source of education, collaboration, and continued conversation for information technologists and those associated with this field. The technical and academic presentations at BSidesCbr are given in the spirit of peer review and advanced knowledge dissemination. This allows the field of Information Security to grow in breadth and depth, and continue in its pursuit of highly advanced scientifically based knowledge.

Cyber Resilience Summit: Securing Systems inside the Perimeter (Reston, Virginia, USA, March 21, 2017) As the journey to secure our nation’s IT cyber infrastructure gains momentum, it is important to apply proven standards and methodologies that reduce risk and help us meet objectives for acquiring, developing and sustaining secure and reliable software-intensive systems. The theme of our upcoming Cyber Resilience Summit is Securing Systems inside the Perimeter. Defending the network is NOT enough. The most damaging of system failures and security breaches are caused by vulnerabilities lurking inside the network at the application layer.

European Smart Grid Cyber Security (London, England, UK, March 21 - 22, 2017) European Smart Grid Cyber Security 2017 offers a unique opportunity to network with senior experts in cyber security from government, utilities, TSOs, regulators, solution providers, security consultants, senior engineers and more. Join us to hear from a range of European utility companies present what their strategic programmes are doing regarding cyber security. As well as discuss how communication issues between IT and OT departments can be overcome and learn how to make your company compliant.

Maryland Cybersecurity Awards Celebration (Baltimore, Maryland, USA, March 22, 2017) Help us celebrate the best and brightest of the Maryland cyberscurity community as we honor the companies, organizations, and individuals that have protected businesses and government agencies with their cutting-edge technologies; thwarted cyber criminals with their outstanding cybersecurity services; demonstrated exemplary knowledge, expertise, leadership and innovative thinking; or made a significant contribution to Maryland’s cybersecurity ecosystem.

SANS Pen Test Austin 2017 (Austin, Texas, USA, March 27 - April 1, 2017) Every organization needs skilled people who know how to find vulnerabilities, understand risk, and help prioritize resources based on mitigating potential real-world attacks. That's what SANS Pen Test Austin is all about! If you like to break things, put them back together, find out how they work, and mimic the actions of real-world bad guys, all the while providing real business value to your organization, then this event is exactly what you need.

IT Security Entrepreneurs' Forum Bridging the Gap Between Silicon Valley & the Beltway (Mountain View, California, USA, March 28 - 29, 2017) SINET – Silicon Valley provides a venue where entrepreneurs can meet and interact directly with leaders of government, business and the investment community in an open, collaborative environment focused on identifying solutions to Cybersecurity challenges.

Insider Threat 2017 Summit (Monterey, California, USA, March 29 - 30, 2017) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical security considerations. A heightened awareness of insider threats due to numerous newsworthy attacks and unauthorized leaks has brought us together for one main purpose: To better understand security challenges in order to better defend against insider threats.

2nd Annual Billington International Cybersecurity Summit (Washington, DC, USA, March 30, 2017) The 2nd Annual Billington International Cybersecurity Summit on March 30, 2017 at the National Press Club in Washington, DC will feature over 300 world class cybersecurity decision-makers from allied nations and the US in an intensive day of knowledge exchange and relationship building. NOTE: Attendees must be citizens of the U.S. or allied nations to attend this event. The summit, which will attract senior influencers in cybersecurity from allied nations across the world, has as its theme: Protecting Critical Infrastructure in a Connected World.

the cyberwire
Compiled and published by the CyberWire editorial staff. Views and assertions in source articles are those of the authors, not the CyberWire or Pratt Street Media, LLC.
The CyberWire is published by Pratt Street Media and its community partners. We invite the support of other organizations with a shared commitment to keeping this informative service free and available to organizations and individuals across the globe.