skip navigation

More signal. Less noise.

Daily briefing.

ISIS, embarrassed (and slightly impoverished) by the recent catphishing con job it sustained, continues its information operations over social media and other Internet outlets. Still, observers wonder whether celebration of lurid cruelty and calls to bring about the end of the world may have reached the point of diminishing returns.

Russian cyberespionage tools receive researchers' attention, and well-equipped criminal gangs continue work that country and the Near Abroad, especially Belarus and Ukraine. Some old kits (like Turla) get upgraded. In the US, DNI Clapper quietly calls for development of deterrence in cyberspace — he wishes to establish the "substance and psychology" of a deterrent — as FireEye characterizes relations among Russia, the US, China, and (a distant but not insignificant fourth) Iran as an online cold war.

Trend Micro reports on alternative modes of Stagefright exploitation.

Bitdefender reports sustaining a breach and receiving an extortion demand, but says the risk to customers is low.

The FBI says it's seeing a spike in denial-of-service extortion capers.

Researchers raise Internet-of-things goosebumps with reports of GM OnStar car vulnerabilities and a demonstration of a hacked "smart sniper rifle." Team Cymru and Control Global put such IoT worries in grim perspective, noting that of course hacks have real-world consequences, and that indeed control system cyber flaws have caused casualties.

In industry news, stock analysts of FireEye post-quarterly results provide a glimpse at how the markets view a cyber sector story stock.

The US Commerce Department responds — commendably — to criticism by pulling proposed Wassenaar rules for revision.


Today's issue includes events affecting Belarus, China, France, Iran, Iraq, Israel, Pakistan, Russia, Syria, Ukraine, United Kingdom, United States.

Dateline CyberMontgomery 2015

Report from CyberMontgomery 2015: OODA Loops, Risk Management, and Cybercrime as Cyberlooting (The CyberWire) CyberMontgomery 2015 met in Rockville, Maryland, yesterday. Sponsored by the Montgomery County Department of Economic Development and the Federal Business Council (FBC), the conference featured participation by industry, elected officials, Federal agency leaders, and academics. They discussed the evolution of cyber security, workforce development issues, technology development and transition, cyber risk management, threat intelligence and incident investigation, and the business climate necessary to foster innovation and development. We summarize the proceedings here

County conducts forum on cybersecurity (Montgomery County Sentinel) The Montgomery County Department of Economic Development and the Federal Business Council are hosting the second annual CyberMontgomery Forum on Thursday at the Universities at Shady Grove Conference Center

CyberMontgomery: the Center of Gravity (Federal Business Council) Cybersecurity will be a major growth engine in the region for many years to come. With solid federal government, industry and academic assets already in place in the region, there is still a need to bring them together so that they can coalesce and elevate the cyber ecosystem to a level of national prominence. CyberMontgomery Forum events will provide clear direction on finding business opportunities, contracting, forecasted demand areas, workforce development, recruiting & staffing, legal responsibilities for businesses, updates on technologies being developed in MoCo and summary updates regarding our NCCoE neighbors, federal civilian agencies and commercial sector leaders

Cyber Attacks, Threats, and Vulnerabilities

Three Chechen women 'conned Islamic State fighters out of thousands of pounds' (Telegraph) One of the women admits to seriously considering moving to Syria but backed out after hearing the experiences of others

Islamic State recruitment document seeks to provoke 'end of the world' (USA Today) An apparent Islamic State recruitment document found in Pakistan's lawless tribal lands reveals that the extremist group has grand ambitions of building a new terrorist army in Afghanistan and Pakistan, and triggering a war in India to provoke an Armageddon-like "end of the world"

Analysts: Islamic State's Explicit Media Gore May Backfire (Voice of America) Most major media houses have policies on how much carnage they will display in videos or pictures. When it comes to gruesome Islamic State videos, they generally draw the line before a murder occurs

Operation Potao Express: Analysis of a cyber-espionage toolkit (We Live Security) Attackers spying on high-value targets in Ukraine, Russia and Belarus, and their TrueCrypt-encrypted data

Turla: APT Group Gives Their Kernel Exploit a Makeover (Lastline Labs) The Turla malware family is part of one of the most sophisticated malware families seen in the wild today. Given that the APT group behind this malware is suspected to be state-sponsored, the sophistication of the malicious code comes at no surprise — just like the fact that we are still encountering new and updated variants

From Russia With Love: A Slew of New Hacker Capabilities and Services (Dark Reading) A review of the Russian underground by Trend Micro reveals it to be the world's most sophisticated

MMS Not the Only Attack Vector for "Stagefright" (TrendLabs Security Intelligence Blog) Earlier this week Zimperium zLabs revealed an Android vulnerability which could be used to install malware on a device via a simple multimedia message. This vulnerability, now known as Stagefright, has gained a lot of attention for the potential attacks it can cause. Stagefright makes it possible, for example, for an attacker to install a spyware app in a targets phone without their knowledge just by sending an MMS

Hacker steals Bitdefender customer log-in credentials, attempts blackmail (IDG via CSO) A hacker extracted customer log-in credentials from a server owned by Bitdefender that hosted the cloud-based management dashboards for its small and medium-size business clients

FBI Warns of Increase in DDoS Extortion Scams (Threatpost) Online scammers constantly are looking for new ways to reach into the pockets of potential victims, and the FBI says it is seeing an increase in the number of companies being targeted by scammers threatening to launch DDoS attacks if they don't pay a ransom

Hackers Can Disable a Sniper Rifle — Or Change Its Target (Wired) Put a computer on a sniper rifle, and it can turn the most amateur shooter into a world-class marksman. But add a wireless connection to that computer-aided weapon, and you may find that your smart gun suddenly seems to have a mind of its own — and a very different idea of the target

Is OnStar still susceptible to remote hack attacks? (Fox News) Fiat Chrysler announced last week that it is recalling 1.4 million vehicles after a team of independent cybersecurity specialists hacked into the company's Uconnect telematics system over a public cellular network and took control of a number of critical functions — including the brakes, transmission and steering — of a Jeep Cherokee

How to hack, track and unlock a GM car via OnStar (Graham Cluley) If you're the owner of a GM vehicle equipped with the OnStar system that is supposed to "keep you safe, connected and ready for the road ahead", then there is a new security concern which you need to know about

Real-World Ramifications of Cyber Attacks (Team Cymru) And so, ladies and gentlemen, it has finally happened. The Internet-of-Things has risen up, Skynet style, and we are doomed. This much prophesied event finally came to pass with reports of hackers disabling cars from miles away, and altering rifle trajectories. At last, it seems, the crossover has been made from the digital world to the physical one; the end is nigh

Security Patches, Mitigations, and Software Updates

Cisco ASR 1000 Series Aggregation Services Routers Fragmented Packet Denial of Service Vulnerability (Cisco Security Advisory) A vulnerability in the code handling the reassembly of fragmented IP version 4 (IPv4) or IP version 6 (IPv6) packets of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a crash of the Embedded Services Processor (ESP) processing the packet

Yes, Adobe Flash is a mess, but don't forget to patch Reader (FierceITSecurity) Security flaws in Adobe Flash have been reported on a lot lately, but unpatched vulnerabilities in Adobe Reader are also a major security concern for IT departments, according to a report by vulnerability intelligence firm Secunia

Windows 10: You might be wise to wait before upgrading (Graham Cluley) Windows 10 was released this week, to much fanfare

Cyber Trends

Viruses or worms haven't killed anyone or destroyed equipment — control system cyber incidents have (Control Global) The prevailing feeling about why there has been so little focus on securing control systems is that it isn't real. What I constantly hear is "once there is a real control system cyber incident I will spend the time and money to address the problem". Unfortunately, there have been already been many very significant control system cyber incidents. However, for various reasons, almost none have been identified as cyber

Most Major Financial Hacks Completely Covered Up (Dark Reading) Lieberman Software survey reveals most companies are persistently targeted by cyber attacks and the public only finds out about a small portion of security breaches

Do APIs Pose a Security Risk? (eSecurity Planet) APIs offer a new and powerful attack vector for hackers. Fortunately, API management products can help organizations boost their API security

Country Reports (Secunia) The Secunia Country Reports tell you how much vulnerable software is present on private PCs in your country, plus a few extra, interesting facts

Global Leaders in Malware and Malicious C2 Traffic (CloudTweaks) Nearly half of all malware threats in the past three months originated in the US, while both the US and China are global leaders when it comes to malicious command and control (C2) traffic

Black Hat Is About Cybersecurity People and Processes (Network World) Cybersecurity professionals attending Black Hat can gain in-depth knowledge about good guys, bad guys, and everyone in between


Intel, Cisco pushing for enhanced security communication, integration (TechTarget) Vendors, such as Intel and Cisco, are hoping to pave the way for a security ecosystem in which applications communicate threat intelligence amongst each other. Will it work?

Blue Coat Bows Endpoint Intelligence Ecosystem (Infosecurity Magazine) Blue Coat Systems has kicked off its Alliance Ecosystem of Endpoint Detection and Response (EDR), with founding members Bit9 + Carbon Black, Countertack, Digital Guardian, Guidance Software, Promisec and Tripwire

Cyber-boom or cyber-bubble? (Economist) Internet security has become a bigger export earner than arms

NICE-Systems Ltd. (NICE — $63.04*) Raise Price Target Delivers Good June Results, Raises FY15 Bottom-Line (FBR Blue Matrix) This morning, NICE reported good 2Q (June) results, with the top and bottom lines coming in ahead of consensus. Importantly, management left top-line guidance for 2015 unchanged despite foreign currency headwinds, while the bottom line was raised above

FireEye down 4% in spite of Q2 beat, solid guidance/billings; CFO leaving (Seeking Alpha) Along with its Q2 results, FireEye (NASDAQ:FEYE) announces CFO Michael Sheridan is leaving to become the CFO of a private tech company in "an unrelated industry." Finance VP Frank Verdecanna will serve as interim CFO while the company looks for Sheridan's successor

FireEye's (FEYE) CEO Dave DeWalt on Q2 2015 Results — Earnings Call Transcript (Seeking Alpha) Good day, everyone, and welcome to the FireEye Second Quarter 2015 Earnings Results Conference Call. This call is being recorded. With us today from the company is the Chairman and Chief Executive Officer Dave DeWalt; Chief Financial Officer, Michael Sheridan; and the Vice President of Investor Relations Kate Patterson

FireEye Now Has More Upside Than Ever (Seeking Alpha) FEYE reported a very strong quarter, but high expectations prevented the stock from trading higher. Contrary to popular belief, FEYE is not that expensive, not compared to industry leader PANW. In fact, FEYE is much cheaper today than it was just a couple months ago, thereby creating the opportunity for large gains over the next 16 months

FireEye, Inc. (FEYE — $47.76*) Company Update Delivers Solid June Results, In-Line Product Misses (FBR Blue Matrix) Last night, July 30, FireEye delivered another solid quarter (June), handily beating the Street on the all-important billings number and on both the top and bottom lines, while in-line product revenue might disappoint some bulls. In conjunction with the release, the company also announced the resignation of its CFO, Michael Sheridan, a non-event in our view as CEO David DeWalt remains the face of FireEye on the Street

Strong ARM scoops up Sansa to boost IoT security (Register) Chipmaker adds Israeli company's bolt-on protection to its bulging armoured sack

Blue Coat Plants Stake In Cloud Access Security Brokerage Market With Perspecsys Acquisition (CRN) Blue Coat acquired cloud security startup Perspecsys Thursday, a move the security vendor said would position partners to grab major share in the "massive" opportunity it sees around cloud access security brokerage

The FBI can't hire enough cyber specialists because it doesn't pay enough (Reuters via Business Insider) The FBI is struggling to attract computer scientists to its cybersecurity program mainly due to low pay, a report by the U.S. Department of Justice showed, highlighting weaknesses in a flagship initiative to tackle growing cyber threats

Verizon strike on pension, health care possible (Asbury Park Press) Time is ticking down as negotiations between Verizon and its employees' unions continue

ERPScan was selected as an Emerging security vendor by CRN three years in a row (ERPScan) ERPScan Inc. was selected as an 'Emerging Vendor' 2015 by UBM Tech Channel's CRN Magazine

Products, Services, and Solutions

What Businesses Need to Know About Windows 10 Security (PC Magazine) Windows 10 has a lot of security features built-in for businesses, but they aren't all ready out of the box yet

The new Microsoft browser has brand new security issues (Kim Kommando) Yesterday's release of Microsoft's Windows 10 saw Microsoft introduce a new browser to replace the aging Internet Explorer. Called Microsoft Edge, it's supposed to be faster and more secure than its predecessor. However, according to several tech reviews that came out in the hours since its release, cyberattacks are still very possible on Edge

TaaSera NetTrust Turns Security Information and Event Management Systems (SIEM) into a Powerful Preemptive Breach Detection Engine (PRNewswire) TaaSera's Preemptive Breach Detection System integrates operational intelligence and machine data solutions to improve security monitoring efforts

CyberX introduces industrial threat intelligence platform (Financial News) CyberX said it has launched its Industrial Threat Intelligence Platform, to enable utilities to identify threats to operations, by providing up-to-date research results and discoveries

Endpoint security firm SentinelOne challenges traditional anti-virus software (Network World) Tests show SentinelOne's behavior-based security performs as well as signature-based software

LogRhythm Security Intelligence: Threat intelligence services overview (TechTarget) In this threat intelligence service overview, Expert Ed Tittel looks at the LogRhythm Security Intelligence threat intelligence platform, designed for simple setup and ease of use

Startup 'Stealth Worker' Matches Businesses With Security Talent (Dark Reading) New online service helps businesses looking for part-time security professionals fill specific job needs

Technologies, Techniques, and Standards

How to Inform Your Customers of a Data Breach (LIFARS) Data Security at Risk with New Payment TechnologyData breaches are a fairly regular occurrence these days. Celebrities, billion-dollar corporations, and even governments are targeted by malicious hackers for various cybercrimes. Data breaches that result in the theft of information are often among the most damaging of cybercrimes and are as real a threat as any faced by companies and firms

When a cyber attack hits: Who's in charge? (Healthcare IT News) It takes a combination of specialties to handle a data security incident in a way that fully protects the organization

Banks balance security and workflow when encrypting in the cloud (CSO) Financial institutions using different kinds of encryption depending on security and workflow requirements

How to Prevent Data Breaches with Phishing Detection (Cyveillance) We read so much in the news these days about the financial cost, brand erosion, and reputation damage that comes with data breaches at companies both large and small. In the midst of all the activity to make sure that your assets are as impenetrable as possible, people sometimes forget that one of the leading causes of breaches is a successful phishing attack against a company's employees

Why IoT standards might not really matter for enterprises (FierceMobileIT) With all the talk about connected refrigerators, light bulbs, thermostats and garage doors, the mass market would be forgiven for thinking that consumer companies developed the concept of the Internet of Things. But only in the last five years or so has the technology made its way into the consumer realm

Design and Innovation

Crypto activists announce vision for Tor exit relay in every library (Ars Technica) "Librarians see the value as soon as you say 'privacy protecting technology'"


DHS, NSA Designated Walden University As A National Center Of Academic Excellence In Cyber Defense Education (Homeland Security Today) Walden University has been designated by the National Security Agency (NSA) and Department of Homeland Security (DHS) as a National Center of Academic Excellence (CAE) in Cyber Defense Education through the 2019 academic year

How one school district is monitoring social media of students and teachers (Naked Security) Florida school district monitoring social media of students and teachers

Legislation, Policy, and Regulation

Commerce Dept. Caves on Security Export Rules (TechNewsWorld) Some proposed federal rules on the export of security tools created a tumult in cybersecurity circles — a tumult that's pushed the rules into limbo

Unusual Re-Do of US Wassenaar Rules Applauded (Threatpost) In spite of self-congratulatory pats on the back from several corners of the security world, this week's decision from the Commerce Department's Bureau of Industry and Security (BIS) to rewrite the proposed U.S. implementation of the Wassenaar Arrangement rules was an expected outcome — albeit an unusual one

Cyber Insecurity: West eyes Dr Strangelove tactics in cyber wars (Financial Times) James Clapper, the Obama administration's director of national intelligence, is not given to slips of the tongue

Online 'Cold War' heating up between China, U.S. and Russia, FireEye CEO says (MarketWatch) FireEye Inc. CEO Dave DeWalt is a veteran of the cybersecurity industry, having led McAfee through its acquisition by Intel Corp. INTC, -0.17% and he sees a stark reality in the dark realm of online attacks

Encrypted Communication Endorsed By Ex-National Security Bosses In Surprise Editorial (International Business Times) Three former members of the U.S. national security establishment have called for the use of encrypted digital communications, a stance that puts them at odds with President Obama and the current administration. They're encryption endorsement, which came in the form of a Washington Post editorial, comes amid a year-long standoff between the FBI and the technology industry over a possible law that would effectively force Silicon Valley to insert surveillance capabilities into consumer products

Former US national security officials back end-to-end encryption (Engadget) Three former US national security officials have given their support to end-to-end encryption and criticised claims that the government should have backdoor access or "duplicate" decryption keys. Mike McConnell, a former director of the National Security Agency and director of national intelligence, Michael Chertoff, a former homeland security secretary, and William Lynn, a former deputy defense secretary voiced their approval

Why the fear over ubiquitous data encryption is overblown (Washington Post) More than three years ago, as former national security officials, we penned an op-ed to raise awareness among the public, the business community and Congress of the serious threat to the nation's well-being posed by the massive theft of intellectual property, technology and business information by the Chinese government through cyberexploitation. Today, we write again to raise the level of thinking and debate about ubiquitous encryption to protect information from exploitation

Despite rumors, Senate cyber bill still stuck (The Hill) Senate Republican leaders late Wednesday shot down rumblings that a stalled cyber bill may be back on the table

White House to Seek Comment for Government Contractor Cybersecurity Regulations (Legaltech News) The White House is seeking to increase clarity in government contracts, especially as threats against government agencies and their partners have grown

Request for Comments on Improving Cybersecurity Protections in Federal Acquisitions (Federal Register) OMB's Office of E-Government & Information Technology (E-Gov) is seeking public comment on draft guidance to improve cybersecurity protections in Federal acquisitions

For DOD, building the cyber force is a team game (Derfense Systems) The Defense Department is still in the relatively nascent stages of building its cyber mission force, but it has made some progress in recruitment, training and defining roles. In some ways, it has come down to team building

ITA official tracks data for cyber insights (FCW) The proliferation of data at the Defense Department via mobile devices and other means has made perimeter-focused defense an outdated notion, according to Thomas Sasala, chief technology officer at the Army's Information Technology Agency

Litigation, Investigation, and Law Enforcement

What's considered 'classified' is a judgment call (Times-Union) Democratic presidential candidate Hillary Rodham Clinton is under scrutiny over whether she sent or received classified information on unsecured email when she was secretary of state. The inspector general of the U.S. intelligence community recently alerted the Justice Department about classified information included improperly on email that went through a home server Clinton used in lieu of the official State Department email system

Neiman Marcus case a reminder to check your cyber coverage (CSO) It's a decision that should send major corporations to double-check their cyberinsurance

Google Appealing French Order to Apply ‘Right to be Forgotten’ Worldwide (Legaltech News) "We believe that no one country should have the authority to control what content someone in a second country can access," says Peter Fleischer, Google's global privacy counsel

ISPs: Net neutrality rules are illegal because Internet access uses computers (Ars Technica) If it uses "computer processing," it isn't telecommunications, ISPs argue

Two charged in 2011 cyber breach at Michaels retailer (Business Insurance) Two southern Californians were criminally charged over their alleged roles in a conspiracy to steal 94,000 credit and debit card numbers from Michaels Stores Inc. customers in a prominent 2011 cyber attack affecting the largest U.S. arts and crafts retailer

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Mid-Atlantic Security Conference (Gaithersburg, Maryland, USA, September 1, 2015) The conference is brought to you by Information Systems Security Association's Baltimore, NOVA, and National Capital Chapters. Join us for a full day of training on cybersecurity topics by industry leaders,...

2015 Cyber Security Exchange (Orlando, Florida, USA, December 6 - 8, 2015) This dynamic, three-day event will provide Cyber Security executives with valuable insights to reach their full potential by exploring security leadership strategies, heightened data privacy concerns,...

Upcoming Events

PragueCrunch IV: The Enpraguening (Prague, Czech Republic, July 31, 2015) Here it comes, Central Europe: PragueCrunch IV! This annual celebration of all things startup is coming to your town on Friday, July 31, 2015 from 7:00 PM to 11:00 PM (CEST). We'll be holding the event...

Black Hat USA (Las Vegas, Nevada, USA, August 1 - 6, 2015) Black Hat — built by and for the global InfoSec community — returns to Las Vegas for its 18th year. This six day event begins with four days of intense Trainings for security practitioners...

ISSA CISO Forum: Third Party Oversight (Las Vegas, Nevada, USA, August 2 - 3, 2015) The CISO Executive Forum is a peer-to-peer event. The unique strength of this event is that members can feel free to share concerns, successes, and feedback in a peer only environment. Membership is by...

BSides Las Vegas (Las Vegas, Nevada, USA, August 4 - 5, 2015) BSides Las Vegas is an Information/Security conference that's different. We're a 100% volunteer organized event, put on by and for the community, and we truly strive to keep information free. There is...

Defcon 23 (Las Vegas, Nevada, USA, August 4 - 7, 2015) DEF CON has been a part of the hacker community for over two decades. See the organization's website for more information

3rd Annual Psyber Behavioral Analysis Symposium (Fort Meade, Maryland, USA, August 11, 2015) The 3rd Annual Psyber Behavioral Analysis Symposium is hosted by the NSA/CSS Threat Operations Center and the FBI Behavioral Analysis Unit-2/Cyber Behavioral Analysis Center. The goal of the Symposium...

USENIX Security (Washington, D.C., USA, August 12 - 14, 2015) The USENIX Security Symposium reunites researchers, practitioners, system administrators, system programmers, and others specialists interested in the latest advances in the security and privacy of computer...

5th Annual Cyber Security Training & Technology Forum (CSTTF) (Colorado Springs, Colorado, USA, August 19 - 20, 2015) The Information Systems Security Association (ISSA) Colorado Springs Chapter and FBC, Inc. will once again co-host the 5th Annual Cyber Security Training & Technology Forum (CSTTF). CSTTF 2015 will bring...

Decepticon 2015 (Cambridge, England, UK, August 24 - 26, 2015) Decepticon brings together researchers and practitioners in the detection and prevention of deception. Previously, deception research has been fragmented across conferences in many different disciplines,...

AFCEA OKC Technology & Cyber Security Day (Oklahoma City, Oklahoma, USA, August 27, 2015) FBC and the Armed Forces Communications & Electronics Association (AFCEA) Oklahoma City Chapter will be partnering once again to host the annual Technology Day & "Scholarship" Golf Tournament at Tinker...

Power Grid Cyber Security Exchange 2015 (San Diego, California, USA, August 30 - September 1, 2015) The Power Grid Cyber Security Exchange will take a deep dive into the cyber security strategies, innovative approaches and strategic planning necessary to balance the competing priorities of today's technology...

2015 HTCIA International Conference & Training Expo (Orlando, Florida, USA, August 30 - September 2, 2015) Bringing together experts from all over the world to share their latest research and techniques related to cybersecurity, incident response and computer forensics

ICFP 2015 (Vancouver, British Columbia, Canada, August 31 - September 2, 2015) ICFP 2015 provides a forum for researchers and developers to hear about the latest work on the design, implementations, principles, and uses of functional programming. The conference covers the entire...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.