current issue – 3.24.17

Control Risks experts in risk

Greetings!

Special Section: Novetta's TechTalk and CAMI (our regular summary appears below)

Today we catch up with two events we were able to attend this week, Novetta's TechTalk on the blockchain and related technologies, and the Cybersecurity Association of Maryland's inaugural annual awards celebration. The Novetta talk covered interesting use cases for Ethereum and graph databases. Maryland Cyber's event recognized some of the region's leading security innovators.

Today's regular daily summary starts here.

THE CYBERWIRE (Friday, March 24, 2017)—WikiLeaks yesterday dumped the second tranche of Vault 7 documents. It's calling this one "Dark Matter," and it's said to contain documents suggesting that the CIA was able to compromise Mac firmware if it had physical access to the device. Apple thinks its products' vulnerabilities are overstated in the Dark Matter material (WeLiveSecurity glosses this as "damp squib"), but the more disturbing speculation, in Threatpost and elsewhere, is the suggestion that intelligence agencies had access to Apple's supply chain.

NATO continues to worry about Russian information operations and how to counter them. Estonia may have some lessons to share. The Atlantic Alliance also continues thinking through (with Canadian input) the circumstances under which a cyberattack might count as an act of war. 

ISIS presents an immediate information operations challenge. The group has claimed the radicalized London jihadist as one of the Caliphate's soldiers. Informed observers think that ISIS as a pseudo-state is on its way to oblivion, but its messaging and attendant "terrorist diaspora" will trouble the world long after the endgame in Syria. 

Beware facile attribution, however: Israeli police have arrested a Jewish man (joint Israeli-US citizenship) in connection with threats against US synagogues.

The Hizb-ul-Mujahideen, which operates jihadist terror cells in India, saw its Twitter account hacked to disseminate messages of peace. Unconfirmed reports say the group's website has also been pwned.

ZeroFOX and others warn of an increase in Bitcoin fraud circulating among social media.

Google has removed some eighty-seven malicious Minecraft modifications from the Play Store.

[250]

A note to our readers: We'll be covering three events next week. On Tuesday and Wednesday we'll be in Mountain View, California, for SINET's ITSEF conference. On Thursday it's back to Washington, DC, for the Billington International Cybersecurity Summit. And on Friday we decamp for Tuscon, Arizona, where we'll be joining the Women in Cybersecurity conference. Watch for coverage over the next two weeks.

Today's edition of the CyberWire reports events affecting Australia, Canada, Cyprus, the European Union, Germany, Hungary, India, Iraq, Israel, Latvia, Lithuania, NATO/OTAN, Russia, Singapore, Slovakia, Syria, Turkey, the United Kingdom, the United States, and Venezuela.

Cylance is proud to be the CyberWire sustaining sponsor for 2017. Learn more about how Cylance prevents cyberattacks at cylance.com

On the Podcast

In today's podcast, we hear from our partners at Palo Alto Networks, as Rick Howard updates us on the Cyber Threat Alliance. Our guest is Chris Roberts from Acalvio, who describes the limits of automation. 

Special editions of the podcast are also up. See Perspectives, Pitches, and Predictions from RSA, and an overview of how artificial intelligence is being applied to security. And see also Cylance's video interview with our Producer.

Sponsored Events

Billington International Cybersecurity Summit (Washington, DC, USA, March 30, 2017) 2nd Annual Billington International Cybersecurity Summit (Washington, DC, USA, March 30, 2017) The International Cybersecurity Summit features 20+ world class cybersecurity thought leaders from allied nations and US including DoD, IARPA, DHS, USCYBERCOM, ARCYBER, NSA, DOC, NCTC/UK, U.S. Army Cyber Command, U.S. Cyber Command, Cyber National Mission Force.

The Cyber Security Summit: Atlanta and Dallas (Atlanta, GA, USA, April 6, 2017) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts.

Selected Reading

Dateline Laurel and Baltimore: notes from Novetta's TechTalk and Maryland Cyber's awards night

Novetta TechTalks: New Trust Models and New Analytical Tools (The CyberWire) On Monday, March 20, 2017, Novetta presented a pair of tech talks at the Jailbreak Brewing Company in Laurel, Maryland. Their topics were the blockchain, Ethereum and graph databases. The security use cases of these technologies are likely to be of broad interest. (Of narrower interest at the event itself was Novetta's use of the blockchain to run its raffle for several door prizes, which was a pleasant an interesting way to demonstrate the technology.)

Innovation at the Inner Harbor: the Maryland Cybersecurity Awards (The CyberWire) On Wednesday, March 22, the Cybersecurity Association of Maryland met for its inaugural awards celebration. Convening at Baltimore's Visionary Art Museum in the Inner Harbor at the base of Federal Hill, Maryland Cybersecurity celebrated some of the state's leaders in information security practice and innovation.

Cyber Attacks, Threats, and Vulnerabilities

Wikileaks' latest Vault 7 document dump reveals CIA infection of 'factory fresh' iPhones and Mac firmware (Computing) Documents reveal that the CIA has been infecting iPhones since 2008.

WikiLeaks Reveals How the CIA Can Hack a Mac’s Hidden Code (WIRED) The leak shows how physical access hacks can plant undetectable spying code deep in a Macbook's firmware.

WikiLeaks releases new CIA documents describing Mac exploits (TechCrunch) WikiLeaks just shared a few new documents as part of the CIA Vault 7 data dump. These documents describe hacking methods allegedly used by the agency to..

WikiLeaks Continues 'Vault 7' With New Documents Detailing Mac-Related CIA Exploits (Mac Rumors) WikiLeaks today continued its "Vault 7" series by leaking details concerning CIA-related programs that were built with the intent to infect iMac and MacBook devices. Today's "Dark Matter" installation of Vault 7 follows a few weeks after WikiLeaks debuted "Year Zero," which focused on exploits that the CIA created for iOS devices.

WikiLeaks: CIA tools could infiltrate MacBooks, iPhones (CNET) A new series of leaked documents appears to show tools from as far back as 2009 that could infect Apple products. They required physical access.

WikiLeaks Dump Shows CIA Interdiction of iPhone Supply Chain (Threatpost) Today’s WikiLeaks Vault 7 Dark Matter release shows the CIA’s capabilities to attack and persist on Apple iPhone and Mac firmware and an apparent interdiction of the iPhone supply chain…

Apple underwhelmed by latest CIA exploits revealed by WikiLeaks (WeLiveSecurity) WikiLeaks's revelations about security vulnerabilities in Apple products appear to be a damp squib.

The Next Must-Watch TV Show Is Russia’s Version of ‘The Americans’ (Foreign Policy) If you really want to understand how Moscow sees U.S. intelligence, turn off the congressional hearings and start watching “Adaptation.”

EUCOM commander: US needs stronger response to Russian disinformation (Defense News) The U.S. has not done enough to reinforce NATO’s nascent efforts to fight Russia’s prolific propaganda against European allies, the top military commander in Europe told lawmakers Thursday.

Estonia's lessons for fighting Russian disinformation (The Christian Science Monitor Passcode) The Baltic nation has long had an adversarial relationship with its Russian neighbor. As a result, its press and public have become adept at recognizing and debunking Kremlin propaganda.

Islamic State Claims London Attacker as Its 'Soldier' (VOA) London authorities name the attacker who killed four people near Parliament as a 52-year-old British-born convert to Islam

London defiant as Islamic State claims responsibility for attack by British ex-con (Chicago Tribune) Islamic State claimed responsibility Thursday for an attack by a man who plowed an SUV into pedestrians on a crowded London bridge, then stabbed a cop.

Network Take: A Lone Lunatic Attack or a Broader Conspiracy? (Cipher Brief) The man who carried out a deadly terrorist attack in London was British-born and had been previously known to authorities, UK Prime Minister Theresa May said on Thursday.

FBI's Comey warns of 'terrorist diaspora' from ISIS territory (Fox News) FBI Director James Comey repeated his concerns Thursday over a terrorist diaspora that he believes will occur once ISIS territory in Iraq and Syria is crushed by coalition forces.

ISIS Will Fail, but What About the Idea of ISIS? (The Atlantic) Despite claiming responsibility for attacks like the one in London, the group is dying. It will retain the ability to inspire.

O Brotherhood, What Art Thou? (Foreign Affairs) What the United States needs is critical engagement with the Brotherhood, through discussions and constructive critique—not an outright ban.

‘Turkish’ hackers threaten to reset millions of iCloud accounts (Naked Security) Apple says it hasn’t been breached, but is facing a ransom demand, payable in cryptocurrency … or iTunes gift cards

Apple Responds to Hacker's Threat to Wipe Millions of iPhones (Fortune) Apple says an "alleged" list of iCloud passwords likely came from breaches elsewhere.

Leaked iCloud credentials obtained from third parties, Apple says (CSO Online) The iCloud credentials that the Turkish Crime Family hacker group claims to have weren't obtained through a breach of the Apple's services.

SAP GUI vulnerability “most dangerous” since 2011: ERPScan - Inside SAP (Inside SAP) Researchers from security firm ERPScan have disclosed a vulnerability in the SAP GUI application which it has described as perhaps the most dangerous SAP issue since 2011, as it affects not only every SAP customer but also every user.

Hizb-ul-Mujahideen’s Twitter handle hacked, messages of peace posted (The Indian Express) The tweets are critical of Yasin Malik, Kashmiri separatist and chairman of Jammu and Kashmir Liberation Front, and Hurriyat leader Syed Ali Shah Geelani.

Minecraft players get scams instead of mods (Help Net Security) Google has recently removed 87 fake Minecraft mods from Google Play, after being notified by researchers about their malicious nature.

Spam mails circulate file-shredding malware: how to protect yourself (Naked Security) Watch out for attacks that start with social engineering and sending convincing-looking emails targeted at companies

BEC Soars Again as Fraudsters Target Employees (Infosecurity Magazine) BEC Soars Again as Fraudsters Target Employees. Proofpoint stats reveal a growth in email fraud

Online scammers are exploiting Bitcoin; Cryptocurrency is tempting, experts say (Blasting News) Cybersecurity firm ZeroFOX says Bitcoin is attracting online scammers to commit online fraud.

Bitcoin rise fuels social media scams (CSO Online) The price of a single Bitcoin passed that of an ounce of gold for the first time this month, and scammers were quick to get in on the action with Ponzi schemes and phishing sites spread via social media.

Malvertising Campaign on Adult Sites Spreads Ramnit Trojan (BleepingComputer) Security researchers from Malwarebytes have discovered a new malvertising campaign targeting visitors of several adult websites, spreading the Ramnit trojan and focusing on users from Canada and the UK.

Android Forums hacked; password reset notice issued (HackRead) Android Forums, a popular platform for Android users, has announced that its servers were accessed by a third-party resulting in a data breach. In a securi

OPSEC in the Underground: A Look at Insider Trading (SecurityWeek) Like any business, cybercriminals offering their services need to develop and maintain a brand and reputation in order to attract customers.

Adviser support service hit by cyber attack (FT Adviser) The chief executive of advice community website Panacea Adviser has issued a warning after his email account was hacked

Security Patches, Mitigations, and Software Updates

Google Chrome to Distrust Symantec SSLs for Mis-issuing 30,000 EV Certificates (The Hacker News) Google announced its plans to gradually distrust Symantec's SSL certificates after the company was caught improperly issuing 30,000 certs over the past few years.

Google reports mixed progress on Android security (InfoWorld) Is the glass half full or half empty? The real issue is that it’s at the halfway mark and there's still a significant security road that Android must travel

Google reportedly removing SMS texting from Hangouts on May 22 (Ars Technica) But Google Voice users won't be affected as much.

CVE-2017-0022: Microsoft Patches a Vulnerability Exploited by AdGholas and Neutrino - TrendLabs Security Intelligence Blog (TrendLabs Security Intelligence Blog) Part of this month’s Patch Tuesday is an update for a zero-day information disclosure vulnerability (CVE-2017-0022), which we privately reported to Microsoft in September 2016. This vulnerability was used in the AdGholas malvertising campaign and later integrated into the Neutrino exploit kit.

Cyber Trends

Industrial control systems: The holy grail of cyberwar (The Christian Science Monitor Passcode) Regulators and utility industry leaders need to wake up to the risks that could let malicious hackers cause widespread physical damage to the grid and other critical infrastructure.

New Deloitte Study Identifies Cyber Vulnerabilities in Manufacturing Supply Chains (Supply Chain Management Review) The new Deloitte study outlines the strategies that businesses must take to build cybersecurity efforts into their larger business plan and untimely protect their operations and their customers.

IT Security Pros and Network Operators View DDoS Attacks as an Increased Concern in 2017 (Yahoo! Finance) DDoS attacks are a greater security threat to businesses in 2017 than ever before, and Internet Service Providers need to do something about it according to a new survey of IT security professionals and network operators released today from Corero Network Security .

Diverse protections for a diverse ecosystem: Android Security 2016 Year in Review (Google) Today, we’re sharing the third annual Android Security Year In Review, a comprehensive look at our work to protect more than 1.4 billion Android users and their data.

Healthcare IT pros believe data is safer in the cloud (Help Net Security) Healthcare IT pros and executives believe that when facing hardware malfunctions, their organization's data is safer in the cloud than on premises.

Marketplace

Cyber Insurance Underwriting: What Role Do Security Ratings Play? (BitSight) Learn how Security Ratings play an integral role in the cyber insurance underwriting process, including transactions, benchmarking, and risk aggregation.

Column: How to balance IT and cybersecurity in the C-suite (Baltimore Business Journal) No longer just responsible for basic computer maintenance, CIOs drive innovation and implement strategic technology solutions.

Security for Industry 4.0 is a Key Topic at the Hannover Messe Trade Fair (Rhode & Schwarz Cybersecurity) The “Internet of Things” (IoT) or “Industry 4.0” allows companies in the manufacturing industry to make enormous innovative and productive leaps.

No One Has All The Solutions - Why BAE Systems Is Backing A Cyber Security Accelerator (Forbes) We all love to hear about tech startups. We love their innovative technologies and the way they apply new thinking to seemingly intractable problems. We love their disruptive business models and as they grow bigger and more successful, we are gripped by their growth stories. And occasionally, of course, we enjoy the opportunity to nod sagely and say 'I told you so' when they crash and burn.

FireEye’s stock rockets after Goldman swings to bullish from bearish (MarketWatch) FireEye’s stock soared on heavy volume after Goldman Sachs pulled an about-face, upgrading it to a buy from a sell.

Exclusive: FireEye CEO Talks Limits Of Cybersecurity, Company's 'Moat' (Benzinga) The frequency of high-profile cyber attacks have thrust security companies into the spotlight.

Is Kevin Mandia the Right CEO to Turn Around FEYE? (Madison.com) When Kevin Mandia was promoted to the CEO of FireEye (NASDAQ: FEYE) in June 2016, he inherited quite a challenge. His promotion was announced with the 2016 first-quarter earnings report,

Lockheed to continue helping DoD fight cybercrime (C4ISRNET) Lockheed Martin has been awarded a contract to continue helping the Department of Defense fight cybercrime.

Booz Allen Hamilton (BAH) Awarded 5-yr $86M Contract by National Geospatial-Intelligence Agency (StreetInsider) Booz Allen Hamilton (NYSE: BAH) announced that it has been awarded a five-year, $86 million contract by NGA-NGC to lead the Learning Management and Advancement Program (LMAP) that will provide high-quality learning solutions to equip a diverse workforce with the knowledge and skills necessary to meet current and future GEOINT mission requirements.

GSA looks to streamline cyber buying (FCW) As part of a new strategy for Continuous Diagnostics and Mitigation cybersecurity capabilities, GSA is looking to replace the blanket purchase agreement with a better governmentwide IT contract.

Scottish government promises jobs galore with new digital strategy (Computing) 16-point plan also calls for 'rural first' broadband development.

Palo Alto Networks commits to APAC customers by opening new Singapore office (Security Brief) Palo Alto Networks has moved into its brand new Asia Pacific headquarters in Singapore this week, opened by Dr. Yaacob Ibrahim.

Key executive appointment at Digital Shadows – focus on partner eco-system (Security Brief Asia) Digital Shadows has expanded their executive team, with a focus on utilising their partner eco-system.

Carbon Black poaches HPE channel chief to lead sales (Channel Pro) Miles Rippon will lead the company's channel business throughout EMEA

Products, Services, and Solutions

New infosec products of the week​: March 24, 2017 (Help Net Security) Here are some exciting new information security products from vendors including: Hearsay, IBM, Lookout, PacketSled, and SecureKey.

OPSWAT and Random Computing Services Announce Partnership (Benzinga) OPSWAT and Random Computing Services are partnering to offer the best cyber security solutions.

Tactical data system almost ready for prime time (C4ISRNET) Link 22, a NATO secure radio system, offers significant improvements over the legacy tool.

Technologies, Techniques, and Standards

Threat Intelligence Feeds: Overview, Best Practices, and Examples (Recorded Future) When designing your security program, knowing how to select the right threat intelligence feeds, and measure their ROI, is essential.

Doing Threat Intel the Hard Way - Part 6: Threat Intelligence Maintenance (Anomali) Once an analyst has decided on the validity of the threat, the output of that decision must be captured and stored, preferably within the system.

Prioritizing Threats: Why Most Companies Get It Wrong (Dark Reading) To stay safer, focus on multiple-threat attack chains rather than on individual threats.

What CISOs Can Learn from ER Doctors (Security Week) By working together and sharing missteps, defenders can gain crucial security insights and prevent the spread of attacks

Can High Speed Training Solve the Skills Gap? (Infosecurity Magazine) Recruiters must prioritize psychometric testing and high-speed training over degrees and ‘career experience

Design and Innovation

Blockchain can help secure medical devices, improve patient privacy (CSO Online) If implemented properly, blockchain can help secure medical devices and improve patient privacy, but the key is proper implementation, according to a top security pro at Partners Healthcare.

This Security Expert Wants to Turn Defunct Online Stores into Malware Honeypots (BleepingComputer) Willem de Groot, a Dutch security expert, is asking owners of defunct or soon-to-be-dead online stores to donate their domains so he can set up honeypots and track credit card stealing malware and other types of cyber-attacks on e-commerce targets.

Sandia Testing New Intrusion Detection Tool That Mimics Human Brain (Dark Reading) Neuromorphic Data Microscope can spot malicious patterns in network traffic 100 times faster than current tool, lab claims.

Microsoft expands connected car push with patent licensing (PCWorld) Microsoft’s push into the connected car market continued Wednesday when it unveiled a new patent licensing program aimed at crafting deals for carmakers and other companies.

Academia

What it’s like at San Quentin’s coding school (TechCrunch) North of San Francisco, there’s a European-like fortress along the water that is "home" to over 3,000 prisoners. The surroundings are beautiful, but the..

Legislation, Policy, and Regulation

US-led coalition vows to crush 'Islamic State' (Deutsche Welle) A US-led 68-nation alliance says it remains "firmly united" in its resolve to wipe out the militant group. A meeting of the coalition in Washington was overshadowed by an attack in London and civilian deaths in Syria.

In Venezuela’s Toxic Brew, Failed Narco-State Meets Iran-Backed Terrorism (Foreign Policy) Venezuela has become a rabidly anti-American failed state that appears to be incubating the convergence of narco-trafficking and jihadism in America’s own backyard.

Canada and Nato attempt to define threshold for cyber-attack response (SC Magazine UK) Amidst a Russian war of intelligence and influence, the Canadian military considers what defines a cyber-attack under the Nato agreement and when it should call in help of other countries.

FBI director floats international framework on access to encrypted data (CSO Online) The FBI director James Comey is suggesting an international approach to solving the encryption debate. He proposes that the U.S. might work with other countries on a “framework” for creating legal access to encrypted tech devices.

FBI Adapting To Combat Cyber Threats, Director Comey Tells UT Conference (KUT News) FBI Director James Comey delivered the keynote address at a symposium on national security challenges at the University of Texas at Austin on Thursday.

Comey Says Surveillance Requirements Are Tough, And That's Good (Bloomberg) As claims and counterclaims about surveillance of President Donald Trump’s associates swirl in Washington, FBI Director James Comey struck a defensive tone Thursday about the power and constraints the bureau confronts when it comes to conducting electronic monitoring.

The Laptop Ban and What It Means for Air Travel: QuickTake Q&A (Bloomberg) Middle East airports and passengers are grappling with new U.S. and British rules barring laptops and other electronic gadgets in carry-on luggage. Both governments prohibited large electronic devices in the cabins of flights headed to their countries. In announcing the rules, officials cited security reasons but didn’t supply many specifics.

Airline devices ban: here’s what you need to know (Naked Security) Flying to the US or the UK? We’ve got some tips on how to pack your devices and secure your data if you’re flying out of one of the airports or on a carrier named in the bans

Data center optimization framed in cybersecurity, customer service terms for Trump administration (FederalNewsRadio.com) Advocating data center consolidation and optimization as a priority could be a tough sell to the Donald Trump administration.

Senate votes to kill FCC's broadband privacy rules (Network World) The U.S. Senate has voted to kill broadband provider privacy regulations prohibiting them from selling customers' web-browsing histories and other data without permission.

Microsoft exec gets new cyber job at DHS (Cyberscoop) Krebs started at the Department of Homeland Security this week as a senior counselor, generally working cyber issues.

Chamber of Commerce urges Trump to get business input for cyber strategy (TheHill) Chamber says new admin should 'harmonize' cyber regulations with NIST framework

Want to fix cybersecurity? Think about worst-case scenarios first (The Christian Science Monitor Passcode) Scenario thinking sketches out future cybersecurity problems and helps policymakers begin addressing tomorrow's digital dilemmas.

How to reform the outdated federal anti-hacking law (The Christian Science Monitor Passcode) The more than 30-year-old Computer Fraud and Abuse Act carries overly harsh penalties for trivial digital transgressions – and it needs to be completely overhauled (or abolished altogether).

Litigation, Investigation, and Law Enforcement

Killer was Muslim convert (Times (London)) The terrorist who brought carnage to Westminster was a Muslim convert and violent criminal known to the security services, it emerged last night, as the death toll rose to five. Khalid Masood, 52...

Police search homes linked to criminal with string of aliases (Times (London)) The Westminster killer was wildly itinerant, employed a range of pseudonyms and lied about his profession but had come from humble beginnings in the Home Counties, it has emerged. Khalid Masood, 52...

Copycats still worry Jewish group in Dallas after hacker's arrest in Israel (Dallas News) Israeli police on Thursday arrested a 19-year-old Israeli Jewish man as the primary suspect in a string of bomb threats targeting...

Spying claim by Intel chair renews fight over Russia probe (Military Times) The House intelligence committee chairman privately apologized to his Democratic colleagues on Thursday, yet publicly defended his decision to openly discuss and brief President Trump on typically secret intercepts that he says swept up communications of the president's transition team.

U.S. may accuse North Korea in Bangladesh cyber heist: WSJ (Reuters) U.S. prosecutors are building potential cases that would accuse North Korea of directing the theft of $81 million from Bangladesh Bank's account at the Federal Reserve Bank of New York last year, and that would charge alleged Chinese middlemen, the Wall Street Journal reported on Wednesday.

SSL sues Orbital ATK over confidential data breach - SpaceNews.com (SpaceNews) Space Systems Loral (SSL) has filed a lawsuit against Orbital ATK, alleging it accessed sensitive information about SSL satellite servicing technologies.

CNO: Cyberstalking and bullying victims should come forward (Navy Times) As Navy leaders continue to grapple with a military-wide scandal involving nude photos of service members, the service is encouraging victims to come forward.

A Multimillion Phishing Scam: Two Tech Giants Scammed into Paying Over $100M (HackRead) Evaldas Rimasauskas, a man from Lithuania, scammed two major US tech companies into wiring over 100 million Dollars several bank accounts. According to the

Ex-IT director accused of accessing his former employer for two years (Naked Security) Case again raises the issue of how organisations can protect themselves against rogue employees

‘I forgot my password’ doesn’t impress judge in a child images case (Naked Security) Is this defendant protected by the Fifth Amendment over revealing his password? Campaigners think he is – and predict that the case might go to the Supreme Court

Man sentenced to 3 years for Facebook threat to kill Obama loses appeal (Ars Technica) He told Secret Service of "biblical and constitutional duty" to assassinate Obama.

Cyber Events

For a complete running list of events, please visit the event tracker on the CyberWire website.

Billington International Summit 3.30.17
Cyber Security Summit: Atlanta 4.6.17 and Dallas 5.5.17 (promo: CYBERWIRE50)

Newly Noted Events

International Conference on Cyber Engagement 2017 (Washington, DC, USA, April 24, 2017) Georgetown University's seventh annual International Conference on Cyber Engagement promotes dialogue among policymakers, academics, and key industry stakeholders from across the globe, and explores the worldwide community’s increasing interconnectivity in this domain.Drawing on the experience of government practitioners, industry representatives and academic scholars, this event brings a multidisciplinary and international approach to the challenges in cyberspace from technical, corporate, legal, and policy perspectives in both the United States domestic and international realms – with several topics targeting private sector interests.

Upcoming Events

SANS Pen Test Austin 2017 (Austin, Texas, USA, March 27 - April 1, 2017) Every organization needs skilled people who know how to find vulnerabilities, understand risk, and help prioritize resources based on mitigating potential real-world attacks. That's what SANS Pen Test Austin is all about! If you like to break things, put them back together, find out how they work, and mimic the actions of real-world bad guys, all the while providing real business value to your organization, then this event is exactly what you need.

cybergamut Tech Tuesday: Software Defined Networking Forensics (Elkridge, Maryland, USA, and online at various local nodes, March 28, 2017) Volatility and Tshark were critical components in Booz Allen Hamilton winning the 2016 Digital Forensics Research Work Shop (DFRWS) international Software Defined Networking (SDN) digital forensics challenge. This was achieved by creating a prototype solution for the extraction of forensics artifacts from SSL/TLS encrypted packets between a software defined networking (SDN) switch and controller as well as a memory dump from the SDN switch. Mr. Bull and Mr. McAlister of Booz Allen Hamilton will articulate the steps which enabled the team to forensically enumerate the SDN network using only open source tools.

IT Security Entrepreneurs' Forum Bridging the Gap Between Silicon Valley & the Beltway (Mountain View, California, USA, March 28 - 29, 2017) SINET – Silicon Valley provides a venue where entrepreneurs can meet and interact directly with leaders of government, business and the investment community in an open, collaborative environment focused on identifying solutions to Cybersecurity challenges.

PCI Security Standards Council: 2017 Middle East and Africa Forum (Cape Town, South Africa, March 29, 2017) Join your industry colleagues for a full day of networking and one-of-a-kind partnership opportunities. Whether you want to learn more about updates in the payment card industry or showcase a new product, you’ll find it all at the 2017 Middle East and Africa Forum (MEAF).

Insider Threat 2017 Summit (Monterey, California, USA, March 29 - 30, 2017) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical security considerations. A heightened awareness of insider threats due to numerous newsworthy attacks and unauthorized leaks has brought us together for one main purpose: To better understand security challenges in order to better defend against insider threats.

2nd Annual Billington International Cybersecurity Summit (Washington, DC, USA, March 30, 2017) The 2nd Annual Billington International Cybersecurity Summit on March 30, 2017 at the National Press Club in Washington, DC will feature over 300 world class cybersecurity decision-makers from allied nations and the US in an intensive day of knowledge exchange and relationship building. NOTE: Attendees must be citizens of the U.S. or allied nations to attend this event. The summit, which will attract senior influencers in cybersecurity from allied nations across the world, has as its theme: Protecting Critical Infrastructure in a Connected World.

Yale Cyber Leadership Forum: Bridging the divide between law, technology, and business (New Haven, Connecticut, USA, March 30 - April 1, 2017) The Yale Cyber Leadership Forum will take place on Yale University's campus and will focus on bridging the divide between law, technology and business in cybersecurity. With McKinsey & Company as our knowledge partner, the Forum will integrate McKinsey’s extensive knowledge of best practices in cybersecurity with Yale’s scholarly expertise. The Forum will expose participants to effective approaches to recognizing, preparing for, preventing, and responding to cyber threats.

WiCyS 2017: Women in Cybersecurity (Tucson, Arizona, USA, March 31 - April 1, 2017) The WiCyS initiative has, since 2013, become a continuing effort to recruit, retain and advance women in cybersecurity. It brings together women (students/faculty/researchers/professionals) in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring.

GITECH Summit 2017: Revolution of Solutions (Annapolis, Maryland, USA, April 2 - 4, 2017) The GITEC Summit “Revolution of Solutions: Transforming Government” will be held April 2-4, 2017 at the Westin Annapolis. This year’s summit will focus on the continued transition and transformation surrounding the development, implementation, management and use of information technology for mission-critical functions.

InfoSec World Conference and Expo 2017 (ChampionsGate, Florida, USA, April 3 - 5, 2017) The conference will feature security practitioners who speak from experience on the real-world challenges companies are facing today. The conference is most suitable for those whose responsibilities include creating solutions. The organizers bill it as a training conference.

Cyber Security Summit: Atlanta (Atlanta, Georgia, USA, April 6, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Atlanta. Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: Atlanta is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

SANS 2017 (Orlando, Florida, USA, April 7 - 14, 2017) Success in information security requires making a commitment to a career of learning, from the fundamentals to advanced techniques. To put you firmly on that learning path, join us at SANS 2017 in Orlando, Florida from April 7-14. This event features over 40 different cutting-edge courses taught by top industry professionals who will provide you with the best available information and software security training. SANS 2017 also features numerous opportunities to learn new skills, techniques, and trends at the SANS@Night talks, Vendor Expo, and Lunch-and-Learn sessions. You will hear about the latest and most important issues in talks led by SANS practitioners who are leading the global conversation on cybersecurity.

Unprecedented Counterintelligence Threats: Protecting People, Information and Assets in the 21st Century. (Arlington, Virginia, USA, April 10, 2017) This full day symposium will provide insights into evolving threats to the nations security and identify effective ways of addressing them. Highlights Include: A keynote address from National Counterintelligence Executive (NCIX) Bill Evanina. The presentation of a new paper from INSA’s Security Policy Reform Council, “Assessing the Mind of the Malicious Insider,” which discusses the psychological traits and stressors that lead to malicious behavior and identifies continuous evaluation methodologies that can provide early warning of destructive acts. A review of best practices in implementing insider threat programs in the public and private sectors. An assessment of the risks to key supply chains and the prospects of delivering goods uncompromised. A discussion of the greatly overlooked long-term impacts of the 2015 theft of OPM personnel data.

Hack In the Box Security Conference (Amsterdam, the Netherlands, April 10 - 14, 2017) Back again at the NH Grand Krasnapolsky, HITB2017AMS takes place from the 10th till 14th of April 2017 and features a new set of 2 and 3-day technical trainings followed by a 2-day conference with a Capture the Flag competition, technology exhibition with hackerspaces, lock picking villages and hardware related exhibits plus a free-to-attend track of 30 and 60 minute talks!

Cyber Warrior Women: Blazing the Trail (Catonsville, Maryland, USA, April 19, 2017) Join the Cybersecurity Association of Maryland, Inc. (CAMI), in partnership with The CyberWire, Fort Meade Alliance, and presenting sponsor Exelon Corporation, for "Cyber Warrior Women: Blazing the Trail." This special program is designed to spotlight some of Maryland’s diverse and dynamic female cybersecurity professionals with stories of triumph and tribulation, advice and inspiration. Can't join us in person? Host a viewing party with your colleagues or fellow students, or tune in individually.

ISSA CISO Executive Forum: Information Security, Privacy and Legal Collaboration (Washington, DC, USA, April 20 - 21, 2017) Information Security, Privacy and Legal programs must be closely aligned to be successful in today’s world. Customer and vendor contracts require strong security language. Privacy has moved to the forefront of a global stage. Response to data breaches are often coordinated through Legal departments to protect privilege. Increasing global regulations drives change to Information Security and Privacy practices. Join your Information Security, Legal and Privacy leadership peers to discuss timely issues in these areas.

SANS Baltimore Spring 2017 (Baltimore, Maryland, USA, April 24 - 29, 2017) SANS Institute, the global leader in information security training, today announced the course line-up for SANS Baltimore Spring 2017 taking place April 24 – 29. All courses offered at SANS Baltimore are open to civilians and veterans. Included among the course line-up are several master's degree and graduate certificate courses that are eligible for GI Bill benefits through the SANS Technology Institute graduate school.

Defence Information 2017 (Cranfield, England, UK, April 26 - 27, 2017) Defence Information 2017 is the major annual communications event of Joint Information Group activities (the JIG reports to the Defence Suppliers Forum) and the Event’s content spans both Information and Support. Our DI’17 Event examines some of the ‘people, process and technology’ issues critical to Team Defence being able to adopt, embed and exploit new (and often disruptive) Information and Communications Technology (ICT) capabilities and associated new ways of working - to productive effect.

Defence Information 2017 (Cranfield, England, UK, April 26 - 27, 2017) Defence Information 2017 is the major annual communications event of Joint Information Group activities (the JIG reports to the Defence Suppliers Forum) and the Event’s content spans both Information and Support. Our DI’17 Event examines some of the ‘people, process and technology’ issues critical to Team Defence being able to adopt, embed and exploit new (and often disruptive) Information and Communications Technology (ICT) capabilities and associated new ways of working - to productive effect.

Crimestoppers Conference (Eden Project, Bodelva, St Austell , April 27, 2017) Crimestoppers is organising a major one-day conference designed to help local businesses shore up their online security. A range of expert speakers will pinpoint typical cyber pitfalls to avoid. 80% of cyber crime is preventable and just a few key security steps can help avoid damaging your business reputation and finances

Atlantic Security Conference (Halifax, Nova Scotia, Canada, April 27 - 28, 2017) Atlantic Canada's non-profit, annual information security conference. AtlSecCon, the first security conference in Eastern Canada focusing on bringing some of the worlds brightest and darkest minds together with one common goal – to expand the pool of IT Security knowledge beyond its typical confines. AtlSecCon provides an unmatched opportunity for IT Professionals and Managers to collaborate with their peers and learn from their mentors.

SANS Automotive Cybersecurity Summit 2017 (Detroit, Michigan, USA, May 1 - 8, 2017) SANS will hold its inaugural Automotive Cybersecurity Summit to address the specific issues and challenges around securing automotive organizations and their products. Join us for a comprehensive look at automotive assembly, industry suppliers, embedded systems, and safeguarding extended customer and product data. The Summit will include two-days of in-depth presentations from top security experts and seasoned practitioners, hands-on learning exercises, and exclusive networking opportunities.

cybergamut Tech Tuesday: Distributed Responder ARP: Using SDN to Re-Engineer ARP from within the Network (Elkridge, Maryland, USA, and online at various local nodes, May 2, 2017) We present the architecture and initial implementation of distributed responder ARP (DR-ARP), a software defined networking (SDN) enabled enhancement of the standard address resolution protocol (ARP) intended to improve network security and performance by exerting much greater control over how ARP traffic flows through the network as well as over what actually delivers the ARP service. Presented by Mark Alan Matties, PhD of The Johns Hopkins University Applied Physics Lab.

Cyber Security Summit: Dallas (Dallas, Texas, USA, May 5, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Dallas. Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: Dallas is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

the cyberwire
Compiled and published by the CyberWire editorial staff. Views and assertions in source articles are those of the authors, not the CyberWire or Pratt Street Media, LLC.
The CyberWire is published by Pratt Street Media and its community partners. We invite the support of other organizations with a shared commitment to keeping this informative service free and available to organizations and individuals across the globe.