Recorded Future

Are you using threat intelligence to its full potential? Download this free report via Recorded Future to learn 12 common threat intelligence use cases.

The daily briefing.

North Korea is widely expected to resume its ambitious program of cyber operations following its modified, limited restraint during the run-up to this week's US-DPRK summit.

Researchers at Kaspersky Lab report an espionage campaign against an unnamed Central Asian country's servers. The evidence points to a Chinese threat group tracked variously as "LuckyMouse," "Emissary Panda," "APT27," and "Threat Group 3390."

Dixons Carphone, the large British electronics retailer, sustained a big data breach, losing data for some 6 million customer's paycards. Dixons says the effect of the loss was limited (most of the cards were chip-and-pin) and that it's seen no evidence of fraud emerging from the breach so far. British authorities, including the National Crime Authority, the National Cyber Security Centre, the Financial Conduct Authority, and the Information Commissioner's Office, are investigating. The complexity of the investigation suggests its importance: this is the first major breach since GDPR implementation.

Intel reports finding another CPU security issue in its Core-based processors. Called "Lazy State," the bug is already addressed in some systems; other mitigations will follow.

Chinese and Russian companies continue to face headwinds driven by security concerns. ZTE's recovery remains in doubt, Australia is very leery of Huawei, and the European Parliament yesterday voted overwhelmingly in favor of a ban on Kaspersky products.

Proposed EU copyright laws have aroused considerable alarm. "The end of the Internet as we know it" is widely predicted. Much opposition derives from a proposal to, essentially, extend Facebook content-moderation to the Internet as a whole.

[250]

Cylance is proud to be the CyberWire sustaining sponsor for 2018. Learn more about how Cylance prevents cyberattacks at cylance.com

Today's edition of the CyberWire reports events affecting Australia, Chile, China, the European Union, Israel, Japan, the Democratic Peoples Republic of Korea, Mexico, Russia, the United Kingdom, and the United States.

Under GDPR non-compliant companies face trade-offs on borrowed time, says Control Risks.

Control Risks says non-compliance is a truly enterprise risk for companies operating in the EU. It burdens already taxed programs with particular measures to protect personal data and disclose security issues. Many worry that resources catching up to GDPR before an incident occurs trade-off other critical initiatives, leaving them vulnerable nonetheless. Companies must get executives and experts involved in managing the risk and competing priorities. Let  Control Risks help you be both secure and compliant.

On the Podcast

In today's podcast we hear from our partner's at Virginia Tech's Hume Center, as Charles Clancy discusses research on antifragile communications. Our guest is Stacey Smith from the Cybersecurity Association of Maryland (CAMI) on Maryland legislation supporting cyber security businesses.

And the latest edition of Hacking Humans is up. We talk about some of the challenges professional athletes face in their online lives. They're high-profile targets for scammers of all kinds, and their experiences hold some important lessons for others. Stephen Frank from the National Hockey League Players Association joins us to share how professional athletes protect themselves from online scams. (And the only kind of Russian collusion anyone wants to see in the NHL is between Kuznetsov and Ovechkin.)

 

Sponsored Events

The Cyber Security Summit: DC Metro on June 28 and Seattle on July 19 (Washington, DC, United States, June 28, 2018) Learn from cyber security experts from The U.S. Department of Justice, The NSA, Pulse Secure, CenturyLink and more as they brief you on the latest security threats facing your business.  This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers. Receive $95 VIP admission with promo code cyberwire95 at CyberSummitUSA.com ($350 without code). Your registration includes a catered breakfast, lunch, and cocktail reception. Passes are limited. Secure your ticket while space permits.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

Sponsored: You can’t defend yourself from an attack you don’t see coming. (LookingGlass Cyber) Enabling your team with high-quality threat intelligence will help you stop cyber attacks BEFORE your network is breached. Download LookingGlass’ eBook to learn more.

As experts dissect Trump-Kim summit, cybersecurity eyes are on North Korea (CSO) Past cybersecurity surges point to likelihood of summit-related hacking

Shock claim North Korea cyber attacks are 'much bigger threat' following Trump-Kim summit (Express.co.uk) Kim Jong-Un's “strongest cyber army in the world” could now pose a much bigger danger than nuclear weapons, a top expert on cyber attacks has warned following the historic meeting between the US and North Korea.

Army Boss: Transport Infrastructure at Risk of Cyber-Attack (Infosecurity Magazine) CNI providers need more visibility and control, say experts

Chinese Cyberspies Target National Data Center in Asia (SecurityWeek) China-linked cyber espionage group known as LuckyMouse, Emissary Panda and APT27 targets national data center in Central Asia, likely in an effort to conduct watering hole attacks on government sites

Cyber Attack on Mexico Campaign Site Triggers Election Nerves (US News & World Report) The website of a Mexican political opposition party was hit by a cyber attack during Tuesday's final television debate between presidential candidates ahead of the July 1 vote, after the site had published documents critical of the leading candidate.

Exploit Kits Target Recent Flash, Internet Explorer Zero-Days (SecurityWeek) Cybercriminals continue to add new exploits, including for vulnerabilities that recently had a zero-day status, to exploit kits

Serious Security: How three minor bugs make one major exploit (Naked Security) In this story, three webcam bugs that weren’t critical one-by-one could be combined into an exploit giving total device takeover.

Amazon Fire TV & Fire TV Stick hit by crypto mining Android malware (HackRead) An Android cryptocurrency malware is infecting Amazon Fire TV and Fire TV Stick devices which uses their CPU to mine Monero.

Sophisticated scammers now targeting homebuyers by posing as brokers (CBS News) "I was thinking about having to go home that night and tell my wife that we had lost a significant amount of money and we probably are never going to get it back"

Cortana Hack Lets You Change Passwords on Locked PCs (BleepingComputer) Microsoft has patched a vulnerability in the Cortana smart assistant that could have allowed an attacker with access to a locked computer to use the smart assistant and access data on the device, execute malicious code, or even change the PC's password to access the device in its entirety.

Trik spam botnet leaking over 43 million email addresses due to misconfigured server (Cyware) ​Security researchers have reportedly discovered the leaky server of a spam botnet that has been leaking over 43 million email addresses. The hackers operating the command and control server of the botnet have reportedly misconfigured the server, allowing anyone with access to the IP address to view the content.

Crestron console service has critical vulnerability (CSO Online) Rapid7 disclosed Crestron flaw that can be used to gain root-level access and give attackers the ability to control commands being executed on the system.

Britain's Dixons Carphone suffers cyber attack on customer data (Reuters) British mobile phone and electricals retailer Dixons Carphone has become the victim of a major cyber attack for the second time in three years after discovering unauthorized access to its payment card data.

6 million cards compromised in Dixons Carphone breach – act now! (Naked Security) Dixons Carphone has revealed what it’s calling an “attempt to compromise 5.9 million [payment] cards”.

Next-Gen Cybersecurity for Trucking (Infosecurity Magazine) Students are working to develop solutions to secure transportation industry.

Malicious Docker Containers Earn Cryptomining Criminals $90K (Threatpost) Researchers said over a dozen malicious docker images available on Docker Hub allowed hackers to earn $90,000 in cryptojacking profits.

Docker Hub security dissed, dodgy container image data damned (Register) Kromtech finds malicious code hiding in enterprise upstart's repositories of software

A Bunch of Compromized Wordpress Sites (SANS Internet Storm Center) A few days ago, one of our readers contacted reported an incident affecting his website based on Wordpress. He performed quick checks by himself and found some pieces of evidence:

Researcher hacks smart fingerprint padlock in mere seconds (Help Net Security) The Tapplock one smart padlock, which received many rave reviews, can be reportedly forced to open in under two seconds with a smartphone.

Banco de Chile Wiper Attack Just a Cover for $10M SWIFT Heist (Threatpost) The wiper malware affecting 9,000 workstations and 500 servers inside Chile’s largest financial institution turns out to have been a distraction.

Security Patches, Mitigations, and Software Updates

​Another day, another Intel CPU security hole: Lazy State (ZDNet) Intel has announced that there's yet another CPU security bug in its Core-based microprocessors.

Microsoft Releases Mitigations for Spectre-Like 'Variant 4' Attack (SecurityWeek) Updates released by Microsoft for Windows enable a feature that should prevent attacks involving the recently disclosed Variant 4 of the Spectre/Meltdown flaws

Here's the Status of Meltdown and Spectre Mitigations in Windows (BleepingComputer) Yesterday's Patch Tuesday release included fixes for the latest Spectre vulnerability, known as Spectre variant 4, or SpectreNG.

Windows security: Here's why we don't fix some bugs right away, Microsoft reveals (ZDNet) Microsoft explains how it decides whether a vulnerability will be patched swiftly or left for a version update.

Microsoft reveals which Windows bugs it might decide not to fix (Register) Draft document explains where Redmond thinks its responsibility ends

Two Bugs in Wordpress Tooltipy Plugin Patched (Threatpost) The bugs include a reflected cross-site scripting glitch and a cross-site request forgery vulnerability.

Apple confirms that it will seal up law enforcement’s favorite iPhone cracking method (TechCrunch) A new version of iOS will block a controversial loophole that law enforcement agencies have leveraged in order to crack into locked iPhones. In an upcoming version of iOS (likely iOS 12), Apple will include a feature known as USB Restricted Mode, which limits access to a locked iPhone through its U…

Apple prohibits developers from using, selling users' Contacts (Help Net Security) Apple tells iOS app developers to refrain from creating a database of the information gleaned from users' Contacts and to sell it on.

Snap Will Let Other Apps Use Its Features, But Not Your Data (WIRED) At least, that's what the company promises with the release of its new Snap Kit developer platform.

Snapchat launches privacy-safe Snap Kit, the un-Facebook platform (TechCrunch) Today Snapchat finally gets a true developer platform, confirming TechCrunch’s scoop from last month about Snap Kit. This set of APIs lets other apps piggyback on Snap’s login for sign up, build Bitmoji avatars into their keyboards, display public Our Stories and Snap Map content, and generate bran…

Cyber Trends

Sponsored: Busting Threat Intelligence Myths: A Guide for Security Professionals (Recorded Future) See how you can begin to augment your cybersecurity skills with powerful and contextualized threat intelligence.

Podcast: The Growing Social Media Threat Landscape (Threatpost) How can we keep up with the social media threat landscape as it grows to include more malware, hacks and scams? We discuss on the latest Threatpost podcast.

DDoS Amped Up: DNS, Memcached Attacks Rise (Dark Reading) China and the US are the world's leading sources of distributed denial-of-service botnet attacks.

DNS amplification attacks double in Q1 2018 (Help Net Security) DNS amplification types of DDoS attacks doubled in Q1 of 2018 over last quarter, and spiked nearly 700 percent year-over-year, according to Nexusguard.

IoT connections to grow 140%, will reach 50 billion by 2022 (Help Net Security) Data has revealed that the total number of connected IoT sensors and devices is set to exceed 50 billion by 2022, up from an estimated 21 billion in 2018.

Europe and Russia home to half of credential theft victims worldwide (Help Net Security) Blueliv observations conclude that Europe and Russia are now home to half of the world’s credential theft victims (49%).

Compliance worries prevent greater cloud use (Help Net Security) Research released by WinMagic shows that 87% of ITDMs limit their use of the cloud because of the complexity of managing regulatory compliance.

Marketplace

Romanian cyber security group Bitdefender launches start-up incubator (Romania Insider) Romanian tech entrepreneur Florin Talpes, the founder of cyber security group Bitdefender, plans to invest in a start-up incubator focused on cyber security.

Zimperium Acquires Application Security Provider Mi3 Security (BusinessWire) Zimperium acquires application security provider Mi3 Security, broadening its mobile security portfolio with machine learning application security.

ViaSat acquisition boosts its secure networks portfolio (C4ISRNET) The global communications company has acquired a UK-based firm to support the tactical mobile edge.

Software Intelligence Company CAST Acquires Antelink (GlobeNewswire News Room) Company adds Software Composition Analysis to its portfolio of Software Intelligence solutions

German VPN Service Provider ZenMate Now Looking to Raise £660,000 Through Crowdcube Round (Crowdfund Insider) ZenMate, a Germany-based VPN service provider owned by the internet security and privacy company ZenGuard GmbH, is now seeking £660,000 through its equity crowdfunding campaign on Crowdcube. The company notably provides an array of multi-platform online security products and services that ensure the users' anonymity

Cisco's CEO on Google cloud partnership, why it bought an AI data startup, and its rivalry with Palo Alto Networks (Video) (Silicon Valley Business Journal) Cisco Systems CEO Chuck Robbins touted his company's new partnership with Alphabet's Google Cloud, as well as its recent acquisition of a Silicon Valley business intelligence startup, as the path to the future for the San Jose-based networking giant.

Consolidation and Integration in Blockchain: Trustonic and Rivetz On The Move (IoT Evolution World) It's been a busy month for blockchain leader Rivetz, a security platform provider that continues to acquire businesses while also announcing integrations with companies, including Trustonic.

GroupSense Adds Bac Tran to Board of Directors (PR Newswire) The cyber reconnaissance company GroupSense today bolstered...

Top Cybersecurity Expert Anup Ghosh Joins Accenture Security (WLNS) Accenture (NYSE: ACN) today announced the appointment of industry veteran and cybersecurity expert, Dr. Anup Ghosh, as managing director in Accenture Security. In his new role, Ghosh will bring his technology focused background and executive leadership to lead strategic technology investments that help scale Accenture Security?s rapid growth in the managed security services business.

Products, Services, and Solutions

Akamai beefs up streaming security for cloud delivery platform (Rapid TV News) GeoGuard has struck an agreement with Akamai so that its premium VPN/Proxy Detection are now fully integrated with the cloud-based content delivery network prov...

Agari Summer ’18 Release Extends Protection against Advanced Identity Deception Attacks (Agari) Agari extends protection against advanced identity deception attacks in their summer release. The release includes improved account takeover detection, an interactive threat taxonomy and search and destroy automated remediation features. Read the press release to learn more.

ForeScout Deepens Visibility into Operational Technology Networks with New Industrial System Integrations (GlobeNewswire News Room) Partnerships with Indegy and SecurityMatters deliver on ForeScout’s strategy to secure the extended enterprise, including operational technology (OT) networks

Endgame Announces Partnership with Expel to Deliver Advanced Managed Detection and Response (MDR) Services (GlobeNewswire News Room) Businesses of all sizes can now experience the benefits of unified endpoint protection, combined with 24x7 detection and response

Kaspersky debuts fraud prevention solutions (ITWeb) Businesses need to improve the security of online transactions without negatively affecting user experience, it says.

Active cyber deception: Can it improve cloud security? (SearchCloudSecurity) Active cyber deception techniques can be used to defend cloud environments, as well as on-premises networks. Learn about the potential benefits and drawbacks of these strategies for enterprises.

Bitdefender and Nutanix partner to simplify hypervisor security administration (Security Brief) Cybersecurity technology company Bitdefender today announced the integration of GravityZone cloud workload protection platform with AHV, Nutanix’s native hypervisor, and the availability of the GravityZone Nutanix Marketplace blueprint.

Technologies, Techniques, and Standards

Sponsored: Automate and Orchestrate Your Cybersecurity Processes (ThreatConnect)

Consider these three things when developing an insider threat program, experts say (Fedscoop) The bad news is that cyberthreats aren’t just on the outside, trying to get in. Employees, former employees and contractors can expose valuable information or sensitive networks, sometimes unintentionally. The good news is that it’s possible to develop a program to spot such activity, leaders from the National Security Agency, the Secret Service and Carnegie Mellon University …

Containerized Apps: An 8-Point Security Checklist (Dark Reading) Here are eight measures to take to ensure the security of your containerized application environment.

Meet 'Bro': The Best-Kept Secret of Network Security (Dark Reading) This often overlooked open source tool uses deep packet inspection to transform network traffic into exceptionally useful, real-time data for security operations.

Encrypted Messaging Is Essential—But It Isn’t Magic (WIRED) As recent events have shown, using an encrypted messaging app like WhatsApp or Signal is no privacy panacea.

Tech companies are still knocking down myths about container security, but it’s getting better (GeekWire) As enterprise companies take up the mantle of “digital transformation,” the modern-day tech marketing moniker for the process of buying the new stuff, security is always a primary…

Containers and Kubernetes Can Help Security Even as Holes Remain (eSecurity Planet) While there are a lot of things that containers do to help improve security, there are still some missing pieces.

Top 10 cybersecurity tips to secure the 2018 U.S. election (SC Media US) The 2018 Election is still five months away, but there has been no shortage of effort on the part of local, state and federal officials to ensure every ballot cast is legitimate and voters are not being intentionally spoofed by news planted by the nation's enemies.

Design and Innovation

Sponsored: Closing the Last Gap in Data Security: Protecting Data in Use (Enveil) Industry analyst firm 451 Research highlights how startup Enveil tackles the encryption-in-use problem with a new take on homomorphic encryption.

Don't start the blockchain revolution without making security a top priority (Help Net Security) McAfee released a report detailing risks associated with blockchain-based cryptocurrencies, and asserts the necessity of making cybersecurity a priority.

Interview: Cryptographer Phil Zimmermann on encrypted email and defeating US export controls (Computing) 'I can't decrypt my own messages. There's an irony to that I guess'

Next-Gen Cybersecurity for Trucking (Infosecurity Magazine) Students are working to develop solutions to secure transportation industry.

Research and Development

Can DoD Take the Point on Quantum Computing? (MeriTalk) The possibilities of quantum computing have been floating on the horizon for a while now, at least since renowned physicist Richard Feynman dreamed up the idea in 1982. But like the horizon itself (at least in a world that isn’t flat), it always seems to recede despite all efforts to close in on it. Until now.

Academia

Students interested in cyber security get to work with FBI (WJXT) Teenage students in Jacksonville interested in cyber security get to work with the FBI during a summer camp that helps them understand the importance of behaving responsibly online.

Legislation, Policy, and Regulation

There's A New Cold War Brewing In Cyberspace (Nasdaq) Amid mounting criticism that the Trump administration is doing too little to punish Russia, the U.S. Treasury has imposed new sanctions on individuals and companies alleged to have worked aided and abetted Moscow’s intelligence services in conducting cyberattacks on the U.S.

EU parliament overwhelmingly backs recommending a ban on Kaspersky products (CSO) Russian antivirus firm Kaspersky Lab cans its cooperation with Europol after today's vote in Brussels.

Parliament demands EU institutions ban Kaspersky Lab cybersecurity products (euractiv.com) MEPs have called for the EU institutions to put more money into their in-house cybersecurity units and, in a contentious move, also demanded they stop using products from “malicious” Russian firm Kaspersky Lab.

Security concerns have Australia reportedly reconsidering a 5G contract with China's Huawei (Business Insider) Australian national security agencies are recommending the government not allow Chinese firm Huawei to work on new 5G networks. In 2012, the Chinese firm was flagged for cybersecurity concerns and the NSA reportedly warned Prime Minister Malcolm Turnbull about Huawei earlier this year.

Huawei denies being locked out of bidding to help build 5G network (Guardian) Chinese company hits back at report it will be snubbed on security grounds and also says it hopes to avoid foreign influence register

Two Cybersecurity Companies with Links to Israel Placed on U.S. Blacklist (CTECH) The U.S. Treasury is accusing a number of companies of aiding the Kremlin to develop advanced offensive cyber technology

Trump, China and ZTE: An Explainer (Fortune) President Trump agreed with China's ZTE to lift a trade ban in exchange for $1.4 billion in fines. Congress is pushing back.

Europe's New Copyright Rules Are Like YouTube's Content ID System—for the Entire Internet (Motherboard) The European Union wants to take the upload filters that make no one happy and apply them to all content on the internet.

Europe's New Copyright Rules Will Be Devastating to the Internet as We Know It (Motherboard) Get ready for a world of "link taxes" and copyright complaints over memes.

Tech pioneers: new copyright law a step towards an internet of surveillance and control (Naked Security) European copyright directive would be a step towards making the internet “a tool for the automated surveillance and control of its users”

MP gets 600 rape threats in a night, wants an end to online anonymity (Naked Security) As a female MP Jess Phillips faces threats of violence and aggression every day.

Here are the experts who will help shape Europe’s AI policy (TechCrunch) The European Commission has announced the names of 52 experts from across industry, business and civil society who it has appointed to a new High Level Group on AI which will feed its strategy and policymaking around artificial intelligence. In April the EU’s executive body outlined its appro…

Senate approves Krebs to lead NPPD (FCW) After running the operation for almost a year, the temporary head of the National Protection and Programs Directorate is set to be sworn in as the group's official director.

Undersecretary Chris Krebs: NPPD must use threat intel better (Cyberscoop) The DHS office charged with protecting critical infrastructure needs to get better at assessing cyber risk rather than chasing threats, according to an agency official.

Emails show unified opposition to Georgia hacking bill before veto (Politically Georgia) Records show everyone who contacted Gov. Nathan Deal about a bill to outlaw computer snooping opposed it. Deal vetoed the bill.

Litigation, Investigation, and Law Enforcement

The NSA knew about cellphone surveillance around the White House 6 years ago (The Week) Here's what they did about it

Britain's crime agency investigating Dixons Carphone cyber attack (Reuters) Britain's National Crime Agency said on Wednesday it is investigating the cyber attack on the mobile phone and electricals retailer Dixons Carphone .

Dixons Carphone Breach & GDPR: What’s Next? (Infosecurity Magazine) The first big-name breach post-GDPR has been confirmed, so what can we expect to happen next?

Facebook says it successfully removes 99% of posts by ISIS, al-Qaeda (The Jerusalem Post) Speaking at an international terror conference, AG Mandelblit explained how Israel tried to balance between national security and human rights in a major 2016 terrorism law it passed.

Japanese police to charge scammers with crypto mining without consent (HackRead) The investigators believe that the case involving crypto mining is a violation of the law banning the use of computer viruses.

Volkswagen Group will pay another $1.2 billion in Germany over diesel scandal (Ars Technica) As the fines become fewer and farther between, more executives feel the heat.

Fortinet Signs Threat Information Sharing Agreement with INTERPOL (GlobeNewswire News Room) Formal Relationship Showcases Public and Private Collaboration in Combating Cybercrime & Privacy Protection, Globally

Librarian Sues Equifax Over 2017 Data Breach, Wins $600 (KrebsOnSecurity) In the days following revelations last September that big-three consumer credit bureau Equifax had been hacked and relieved of personal data on nearly 150 million people, many Americans no doubt felt resigned and powerless to control their information.

AG Josh Shapiro Addresses High-Profile Data Breaches at Cyber Risk Summit (The Legal Intelligencer) Shapiro addressed cyberattacks net neutrality and enforcement issues in a speech at the 2018 NetDiligence Cyber Risk Summit.

5 defiant, worrying, or bizarre Snowden statements (ExpressVPN) Since joining Twitter in 2015, Edward Snowden has amassed a huge following. Here are some of his biggest, scariest, and most bizarre tweets.

Cyber Events

For a complete running list of events, please visit the event tracker on the CyberWire website.

Cyber Security Summit - CYBERWIRE95

Upcoming Events

Social Engineering—Rhode Island (Newport, Rhode Island, USA, June 16 - 16, 2018) Welcome to the first ever social engineering conference in Rhode Island!

NITSIG Meeting: Protecting Controlled Unclassified Information On U.S. Government Contractor Information Systems (Herndon, Virginia, USA, June 18 - 18, 2018) This meeting will discuss the security control requirements for the protection of Controlled Unclassified Information (CUI), for contractor information systems upon which CUI is processed, stored on, or transmitted through. These requirements must be implemented at both the contractor and subcontractor levels based on the information security guidance in NIST Special Publication (SP) 800-171: Protecting Controlled Unclassified Information In Non-Federal Information Systems And Organizations. The CUI protection requirements are intended for use by federal agencies in contractual vehicles or other agreements established between those agencies and non-federal organizations. Failure to implement the security controls to protect CUI, would be a breach of contract.

Norwich University Cyber Security Summit (Northfield, Vermont, USA, June 18 - 20, 2018) Norwich University’s College of Graduate and Continuing Studies (CGCS) is pleased to announce the second annual Cyber Security Summit in June 2018. The summit, presented in a continuing education format, welcomes Norwich alumni and others interested in exploring and discussing the latest in cyber security policy from both the federal level and the practical application of that policy on a local or business level.

Insider Threat Program Management With Legal Guidance Training Course (Tyson's Corner, Virginia, USA, June 19 - 20, 2018) This training will provide the ITP Manager, Facility Security Officer, and others (CIO, CISO, Human Resources, IT, Etc.) supporting an ITP, with the knowledge and resources to develop, manage, or enhance an ITP. A licensed attorney with extensive experience in Insider Threats and Employment Law, will provide legal guidance related to ITP's, the collection, use and sharing of employee information, and employee computer user activity monitoring. Insider Threat Defense has trained over 500+ organizations and has become the "Leader-Go To Company" for ITP Management Training.

GovSummit (Washington, DC, USA, June 27 - 28, 2018) GovSummit -- the government security conference hosted annually by the Security Industry Association -- brings together government security leaders with private industry technologists for top-quality information sharing and education on security topics affecting federal, state and even local agencies.

Impact Optimize2018 (Rosemont, Illinois, USA, June 28 - 28, 2018) Impact Optimize2018, the first-ever IT and Business Security Summit hosted by Impact, will provide attendees with actionable steps that enable the betterment of information, network and cybersecurity. All of the information presented will be designed to facilitate growth and eliminate risk for organizations of all sizes and across all vertical markets, with security as the firm foundation of every solution. The event will include presentations by subject matter experts, breakout sessions among business leaders and live demonstrations of enterprise security and business software.

The Cyber Security Summit: DC Metro (Tysons Corner, Virginia, USA, June 28 - 28, 2018) Learn from cyber security experts from The U.S. Department of Justice, The NSA, Pulse Secure, CenturyLink and more as they brief you on the latest security threats facing your business. This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers. Receive $95VIP admission with promo code cyberwire95 at CyberSummitUSA.com ($350 without code). Your registration includes a catered breakfast, lunch, and cocktail reception. Passes are limited. Secure your ticket while space permits.

Nuclear Asset Information Monitoring and Maintenance (Warrington, England, UK, July 3 - 4, 2018) On July 3rd and 4th in Warrington United Kingdom, nuclear industry leaders will meet for the IoE Events Nuclear Asset Information, Monitoring and Maintenance conference to further develop the sector’s strategic ability to leverage the appropriate people, processes and technology to achieve organisational goals through an enterprise wide integrated asset information strategy.

The Cyber Security Summit: Seattle (Seattle, Washington, USA, July 18 - 18, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts. Learn from cyber security thought leaders and Engage in panel discussions focusing on trending cyber topics such as Sr. Leadership’s Best Approach to Cyber Defense, What’s Your Strategic Incident Response Plan?, Protecting your Enterprise from the Human Element and more. Your registration includes a catered breakfast, lunch, and cocktail reception. Receive half off your admission with promo code cyberwire50 at CyberSummitUSA.com and view details including the full agenda, participating solution providers & confirmed speakers. Tickets are normally $350, but only $175 with promo code.

Cyber Security Summit 2018 (Newport, Rhode Island, USA, July 18 - 20, 2018) Join us for Opal Group’s Cyber Security Summit – set in Newport, RI, this premier event will gather C-Level & Senior Executives responsible for defending their companies’ critical infrastructures together with technology providers & distinguished information security experts. Learn from acclaimed security professionals on how to protect your business from cyber attacks during interactive Panels & Keynote presentations. Convene with fellow influential business leaders, C-Suite executives, investors & entrepreneurs over 3 days of sailing, sessions, and networking opportunities.

Health Cybersecurity Summit 2018 (Santa Clara, California, USA, July 20 - 20, 2018) Worried about being hacked? Not sure how to respond to a cyber incursion? The first line of defense is a cyber threat preparedness strategy that includes coordination with critical infrastructure and emergency management agencies. Join executives, security professionals and elected officials for the Silicon Valley Leadership Group's Health Cybersecurity Summit on Friday, July 20, at Citrix Headquarters in Silicon Valley. Engage in a real-time cyber threat and response simulation, hone your digital defense skills, and learn about the unique security concerns faced by the healthcare industry and related infrastructure providers.

Global Cyber Security Summit (Kathmandu, Nepal, July 27 - 28, 2018) Information Security Response Team Nepal (NPCERT) is all set to host a Global Cyber Security Summit (GCSS) on July 27 with the theme “Building Global Alliance for Cyber Resilience”. The two-day event aims to provide a creative and productive platform for professionals in the field of cyber security.

THE CYBERWIRE
Compiled and published by the CyberWire editorial staff. Views and assertions in source articles are those of the authors, not the CyberWire, Inc.