skip navigation

More signal. Less noise.

Daily briefing.

ISIS sympathizers threaten Twitter employees with death in retaliation for Twitter's blocking of some Caliphate accounts.

Articles in Quartz and the Atlantic argue that parrying ISIS information operations would require a compelling counter-narrative, which hasn't been easy to find. (The Atlantic sees a precursor to contemporary jihad in European youth's initial reaction to World War One: war would be an annealing fire that hardened their lives into authenticity.)

Not all effective counter-narratives need be high, stern, or austere. They might even be slackly meretricious, as some North Korean dissidents hope. They're using American mass culture (in the form of smuggled movies and television shows) to erode Kim's regime.

Turning to cyber risks more narrowly conceived, Blue Coat Labs warns against "shady" top-level domains. D-Link routers are vulnerable to remote-command injection, and the Angler kit picks up a "tweaked" Keen Team use-after-free exploit.

Mozilla pulls the Superfish cert from Firefox's trusted root store. Tails and Tor both fix security issues.

Three cyber acquisitions are announced: Lookingglass buys CloudShield, Proofpoint acquires Emerging Threats, and Akamai buys Xerocole. In the larger IT marketplace, HP buys Aruba Networks, and NXP Semiconductors buys Freescale.

The US House plans significant cyber hearings this week. The Energy and Commerce Committee goes first with today's session, "Understanding the Cyber Threat and Implications for the 21st Century Economy."

Worries about artificial intelligence are easily dismissed as Skynet fantasy. But there's a real legal concern about AI: the more machines do, the blurrier become lines between professional and product liability.


Today's issue includes events affecting Canada, Iraq, Democratic Peoples Republic of Korea, Netherlands, Syria, United Kingdom, United States.

Cyber Attacks, Threats, and Vulnerabilities

Isis threatens Twitter employees over blocked accounts (Guardian) Terror group supporters threaten social network, as well as co-founder Jack Dorsey specifically

ISIL is growing and this is why (Quartz) I still remember when, seemingly overnight, a flurry of posters went up across my university campus in west London, proclaiming the coming of the "khilafah," or caliphate — an Islamic state encompassing all Muslims and ruled by a successor to the prophet Mohammed. That was two decades ago

Why It's So Hard to Stop ISIS Propaganda (The Atlantic) It requires telling a better story. And the U.S. hasn't come up with one yet

The Plot to Free North Korea with Smuggled Episodes of 'Friends' (Wired) On a cloudy, moonless night somewhere in northeastern China, three men creep through a stand of Japanese Clethra trees. They carry no flashlights, and the sky is so dark that they hear the sound of the rushing Tumen River before they see it: They've arrived at the North Korean border

The Next Shady TLD: .kim (Blue Coat Labs Blog) Last month, we recommended that customers consider blocking the entire ".country" top level domain (TLD) space, due to the fact that it appeared to be entirely devoted to shady stuff — mostly a big scam network. That recommendation remains in place: looking back at the Top 40 .country sites in the last seven days, only about 10 of them appear to be legitimate

Netflix phishing website targeting European users (Help Net Security) A fake website simulating that of popular Internet video streaming Netflix has been set up to harvest European users' personal and payment card information, warns Malwarebytes' Jovi Umawing

Beware of malicious LogMeIn Pro Payment emails (Help Net Security) A fake LogMeIn-themed email has been hitting inboxes of users around the world, trying to trick them into believing that they have somehow paid nearly a thousand dollars for a service they didn't want

Older Keen Team Use-After-Free IE Exploit Added to Angler Exploit Kit (Threatpost) Attackers behind the Angler Exploit Kit have added a tweaked version of an exploit for a patched Internet Explorer use-after-free vulnerability

D-Link Routers Haunted by Remote Command Injection Bug (Threatpost) Some D-Link routers contain a vulnerability that leaves them open to remote attacks that can give an attacker root access, allow DNS hijacking and other attacks

What You Need To Know About Nation-State Hacked Hard Drives (Dark Reading) The nation-state Equation Group compromise of most popular hard drives won't be a widespread threat, but future disk security — and forensic integrity — remain unclear

Crooks targeting call centers to further Apple Pay fraud (CSO) Criminals target the weakest link in the Apple Pay chain

Natural Grocers Investigating Card Breach (KrebsOnSecurity) Sources in the financial industry tell KrebsOnSecurity they have traced a pattern of fraud on customer credit and debit cards suggesting that hackers have tapped into cash registers at Natural Grocers locations across the country. The grocery chain says it is investigating "a potential data security incident involving an unauthorized intrusion targeting limited customer payment card data"

Uber Announces Breach of 'Partner' Information (Threatpost) The enormously popular alternative taxi service, Uber, admitted late Friday that an unauthorized third party gained access to the company's database, stealing driver but not customer information in the process

Don't Believe the Car Hacking Hype (PC Magazine) While securing connected cars is important, recent media reports on vehicle hacking are more hysteria than reality

Avast Exposes Huge Security Risks in Open Wi-Fi Habits (Herald Online) Public Wi-Fi experiment conducted across the globe reveals major security flaws in Wi-Fi hotspots — Asian users more at risk than Europeans and Americans

Security Patches, Mitigations, and Software Updates

Mozilla Pushes Hot Fix to Remove Superfish Cert from Firefox (Threatpost) Mozilla has issued a hot fix for Firefox that removes the Superfish root certificate from the browser's trusted root store. The patch only removes the certificate if the Superfish software has been removed from the machine already, however

New versions of Tails and Tor Browser fix numerous security issues (Help Net Security) Tails is a live operating system that you can start on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity

20 Windows Automatic Updates from hell (IT World) Fifteen years ago, Microsoft introduced automatic updating to the unwashed Windows masses. Fifteen years later, it's hard to find a Windows user who hasn't bumped into at least one problem with a Windows update or knows someone who has. That's a billion and a half people

Cyber Trends

The Democratization of Cyberattack (Schneier on Security) The thing about infrastructure is that everyone uses it. If it's secure, it's secure for everyone. And if it's insecure, it's insecure for everyone. This forces some hard policy choices

Russia Tops China as Principal Cyber Threat to US (The Diplomat) A recent report singles out Russia as one of the most sophisticated nation-state actors in cyberspace

Arlington CISO Dave Jordan on Why We're Losing the Cyber War (Dark Matters) Infosec in the enterprise and at the federal government level tends to dominate the headlines and security sector conversations, but there are several more layers of government at the state, county, and municipal level that are routinely overlooked — yet these entities cumulatively present a massive attack surface with far reaching implications

Survey Roundup: Lack of Awareness Hurts Compliance (Wall Street Journal) A look at some recent surveys and reports dealing with risk and compliance issues

Mobile Payment Fraud a Growing Problem: LexisNexis (eSecurity Planet) Mobile commerce is a prime target for payment fraud, thanks to its novelty and complexity, according to a recent LexisNexis report


Lookingglass Completes Acquisition of CloudShield (Lookingglass) Purchase accelerates company's ability to address growing demand for threat intelligence and active defense solutions

Proofpoint Signs Definitive Agreement to Acquire Emerging Threats; Enhances Threat Intelligence, Detection and Response (Dark Reading) Acquisition of leading threat intelligence company will extend Proofpoint's solutions for detecting and responding to advanced threats

Akamai acquires intelligent DNS specialist Xerocole (ZDNet) The company says the buyout will bolster Akamai's DNS product portfolio offerings

HP acquires Wi-Fi ace Aruba (CRN) $3bn purchase designed to boost HP's position in $18bn campus networking sector

NXP Semiconductors to Acquire Freescale for $11.8 Billion (Bloomberg) Dutch chipmaker NXP Semiconductors NV agreed to buy smaller U.S. rival Freescale Semiconductor Ltd. for about $11.8 billion in cash and stock to expand its market share in chips for cars and reduce costs

New CEO appointed at ForeScout Technologies (Prosecurity Zone) Network security company, ForeScout Technologies, recruits former Intel Security executive into the role of Chief Executive Officer

Invincea Appoints Former IBM Security Executive as Vice President of Marketing (MarketWatch) Invincea, Inc., the market leader in advanced endpoint threat protection, today announced that Michael Applebaum has joined the company as Vice President of Marketing

Products, Services, and Solutions

Google performs U-turn on Blogger smut rule (Naked Security) Google has changed its mind about removing or hiding sexually explicit blogs on its own blogging platform

Google quietly backs away from encrypting new Lollipop devices by default (Ars Technica) Encrypted storage will only be required in "future versions of Android"

Now you can easily send (free!) encrypted messages between Android, iOS (Ars Technica) Signal 2.0 makes end-to-end encryption ridiculously easy

Introducing the world?s first enterprise privacy platform (Blackphone Blog) The way we work has evolved. With a growing number of employees now using personal devices to connect to their enterprise networks, traditional approaches to security are no longer enough

Technologies, Techniques, and Standards

5 mobile device risks in your business (Naked Security) Everyone wants to be flexible these days with what mobile devices they use for work, and where they use them

How Do You Control the Internet of Things Inside Your Network? (Internet Storm Center) Klaus Vesthammer recently tweeted that "The Internet of Things is just like the regular Internet, just without software patches." We have a flood of announcements about vulnerable devices, and little in terms of patches. At the same time, expect more and more of these devices to be connected to your network, if you want it or not. "Bring your own Devices" should be addressed more inclusive then just covering smart phones and tablets

Why you can't trust password strength meters (Naked Security) Passwords are a weak link in the computer security chain because they rely on us being good at something we find extremely difficult

Design and Innovation

AVG unveils invisibility glasses to defend against facial recognition (ZDNet) Could 'invisibility' glasses become the next trend in cities crawling with cameras and full of facial recognition technology?

Research and Development

How the Pentagon plans to replace the password (Christian Science Monitor: Passcode) The password is one of the weakest forms of security. DARPA, the Pentagon's research arm, wants to solve this problem by turning people and their behavior into passwords through its Active Authentication program

U.S. Defense Department Developing Critical Infrastructure Intelligence Network (SIGNAL) The system will provide a common operating picture during disasters


Playing It Safe Online: NOVA Cybersecurity Lab Trains You to Carefully Navigate the Web (Discover) With our ever-increasing connectivity and reliance on the internet, cybersecurity is a growing concern. Despite all the cautionary warnings about cyber safety, individuals, companies and government agencies still fall victim to attack

Legislation, Policy, and Regulation

Understanding the Cyber Threat and Implications for the 21st Century Economy (US House of Representatives Committee on Energy and Commerce) On Tuesday March 3, 2015, at 2:00 p.m. in 2322 Rayburn House Office Building, the Subcommittee on Oversight and Investigations will hold a hearing entitled "Understanding the Cyber Threat and Implications for the 21st Century Economy." This will be the first in a series of hearings focused on cyberspace, the Internet, and the challenges and opportunities that they present

Understanding the Cyber Threat and Implications for the 21st Century Economy (US House of Representatives Committee on Energy and Commerce) [Livestreaming of the hearing begins at 2:00 PM, US Eastern Standard Time]

Testimony: Fundamental Cybersecurity Challenges to Public Policy (US House of Representatives Committee on Energy and Commerce) Testimony by Herbert Lin Senior Research Scholar, Center for International Security and Cooperation, Research Fellow, Hoover Institution, Stanford University, Chief Scientist (Emeritus), CSTB, National Research Council. Cybersecurity consists of technologies, processes, and policies that mitigate the negative impact of events in cyberspace resulting from deliberate actions by a bad guy. Note that this definition begs important questions, such as "whose cyberspace" (a company's? a nation's? an agency's?), what counts as "negative impact," and how we recognize a "bad guy"? All of these questions, of course, are policy questions rather than technical ones

Testimony: Understanding the Cyber Threat and Implications for the 21st Century Economy (US House of Representatives Committee on Energy and Commerce) Statement for the by Record Richard Bejtlich Chief Security Strategist FireEye, Inc. My employer, FireEye, provides software to stop digital intruders, with 3,100 customers in 67 countries, including 200 of the Fortune 500. Our Mandiant consulting service, known for its 2013 report on Chinese PLA Unit 61398, helps companies identify and recover from intrusions. Today I will discuss digital threats, how to think about risk, and some strategies to address these challenges

Testimony: Future Technologies for a Trustworthy and Resilient Cyber Economy (US House of Representatives Committee on Energy and Commerce) Testimony of Gregory E. Shannon, Ph.D., Chief Scientist for the CERT Division, Carnegie Mellon University. To sustain and expand our economy, consumers and businesses need to trust the cyberinfrastructure ecosystems upon which commerce and innovation now depend. Those ecosystems must also thwart capable adversaries who seek to execute economy-disrupting cyber-attacks

10 Facts About the New Cyber Threat Intelligence Center (FedTech Magazine) Federal agencies will provide personnel and resources to bring the center to full operating status by fiscal 2016

Privacy groups balk at Senate cyber bill (The Hill) Privacy and civil liberties groups are coming out against the Senate Intelligence Committee's new cybersecurity bill before it is even released

The Man Who Crafted the Patriot Act Now Supports Your Right to Encrypt Data (Motherboard) ?In the immediate aftermath of the 9/11 attacks, Michael Chertoff, then head of the Justice Department's criminal division, helped craft the Patriot Act, the law that extended the federal government's authority to conduct mass surveillance. Then, he served as the Secretary of Homeland Security for four years. Now, he's a privacy advocate?

Safety and Soundness Must Evolve: Trend Micro Addresses Much Needed Regulations for Targeted Financial Industry (Trend Micro: Simply Security) Earlier this week, Ben Lawsky, head of The New York State Department of Financial Services (NYDFS), addressed attendees at Columbia Law School where he stated that he is currently considering new rules for banks and insurance companies regulated by NYDFS to raise cybersecurity standards

Attorney General Kamala D. Harris Sponsors Cyber-Exploitation Legislation (Imperial Valley News) Attorney General Kamala D. Harris today announced a package of bills that will increase protections for victims and provide tools for law enforcement to prosecute the growing number of cyber-exploitation cases in California

Litigation, Investigation, and Law Enforcement

Quartering spyware troops in the digital age (USA TODAY) The Third Amendment keeps a low profile, but it is time to revisit who and what we quarter

Christopher Soghoian: Shining a Light on Government Snooping? (IEEE Spectrum) The ACLU's technologist exposes attacks on privacy by government agencies and corporate collaborators

Police Could Charge a Data Center in the Largest Child Porn Bust Ever (Motherboard) It could be the largest child porn investigation ever conducted

PayPal Buckles Under US Pressure: Terminates MEGA Cloud Service Payments (HackRead) PayPal will not be processing payments for MEGA, a cloud storage services business, citing the company's encryption as a problem. "PayPal has ceased processing MEGA customer payments effective immediately," said MEGA, Kim Dotcom's encrypted storage startup, in its blog post

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Suits and Spooks London (London, England, UK, September 12, 2014) On September 12th, in London's South bank neighborhood of Southwork, approximately 50 former intelligence officials, corporate executives, and security practitioners from the U.S. and the EU will gather...

International Conference on Cyber Security (ICCS) 2015 (Redlands, California, USA, May 16 - 17, 2015) The ICCS 2015 serves as a platform for researchers and practitioners from academia, industry, and government to present, discuss, and exchange ideas that address real-world problems with CYBER SECURITY.

Upcoming Events

10th Annual ICS Security Summit (Orlando, Florida, USA, February 22 - March 2, 2015) Attendees come to the Summit to learn and discuss the newest and most challenging cyber security risks to control systems and the most effective defenses. The Summit is designed so you leave with new tools...

2015 Cyber Risk Insights Conference — San Francisco (San Francisco, California, USA, March 3, 2015) Following on the success of the 2014 half-day cyber risk event, Advisen will present a full day of learning and networking for risk managers, CISOs, CROs, insurance brokers, insurance underwriters, reinsurers...

Cybergamut Technical Tuesday: Tor and the Deep Dark Web (Columbia, Maryland, Sioux Falls, March 3, 2015) This talk will explore the use of Tor and how it relates to garnering useful intelligence. Distinguishing attribution or valuable intelligence from limited event data is difficult. Leveraging external...

Boston SecureWorld (Boston, Massachusetts, USA, March 4 - 5, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...

Mercury Proposers' Day Conference (IARPA1, Washington, DC, March 5, 2015) The Intelligence Advanced Research Projects Activity (IARPA) will host a Proposers' Day Conference for the Mercury Program on March 5, in anticipation of the release of a new solicitation in support of...

Financial Services Cyber Security Summit: Middle East and North Africa (Dubai, UAE, March 9 - 10, 2015) Building on the success and feedback of our Cyber Security Summit in Europe — 180 attendees, 3 streams, CPE certified — we are pleased to invite you to the Financial Services Cyber Security...

The Vulnerability Economy: Zero-Days, Commerce and National Security (Rockville, Maryland, USA, March 10, 2015) Dr. Ryan Ellis (Belfer Center, Harvard University) will explore a series of topics around cybersecurity including the challenges and opportunities associated with the growing trade in previously unknown...

OISC: Ohio Information Security Conference (Dayton, Ohio, USA, March 11, 2015) Technology First invites you to participate in the 12th Annual Ohio Information Security Conference Wednesday, March 11, at the Sinclair Community College Ponitz Center in Dayton, Ohio. The conference...

RiSK Conference 2015 (Lasko, Slovenia, March 11 - 12, 2015) In recent years RISK conference has become one of the leading events on computer security in the Adriatic region and is attended by engineering as well as executive staff of companies from the region.

B-Sides Vancouver (Vaqncouver, British Columbia, Canada, March 16 - 17, 2015) The third annual Security B-Sides Vancouver is an information security conference that will be held March 16th and 17th. We love to see brand new speakers, seasoned speakers, and everyone in between

Insider Threat 2015 Summit (Monterey, California, USA, March 16 - 17, 2015) The Insider Threat 2015 Summit is about bringing Government and Industry organizations and their cybersecurity leaders together in order to better understand the type of threats that may impact their infrastructure...

2015 North Dakota Cyber Security Conference (Fargo, North Dakota, USA, March 17, 2015) The North Dakota Cyber Security Conference brings together community members from academia, government and industry to share strategies, best practices and innovative solutions to address today's challenges...

IT Security Entrepreneurs Forum: Bridging the Gap Between Silicon Valley & the Beltway (Mountain View, California, USA, March 17 - 18, 2015) IT Security Entrepreneurs Forum (ITSEF) — SINET's flagship event — is designed to bridge the gap between the Federal Government and private industry. ITSEF provides a venue where entrepreneurs...

Philadelphia SecureWorld (Philadelphia, Pennsylvania, USA, March 18 - 19, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...

2015 Cyber Security Summit (McLean, Virginia, USA, March 19, 2015) During Congressman Mike Rogers' "The Code War in America" talk at the June 2013 POC breakfast, he challenged all of us to "recognize that every day U.S. businesses are targeted by governments like China...

BSides Salt Lake City (Salt Lake City, Utah, USA, March 20 - 21, 2015) BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation

CarolinaCon-11 (Raleigh, North Carolina, USA, March 20 - 22, 2015) CarolinaCon-11 (also hereby referred to as "The Last CarolinaCon As We Know It") will occur on March 20th-22nd 2015 in Raleigh NC (USA). We are now officially accepting speaker/paper/demo submissions...

Cyber Security Conference 2015 (Bolton, UK, March 23 - 24, 2015) Cyber Security Conference 2015 is a coming together of the North of England's two most successful Cyber Security Conferences; BEC Information & Data Security Conference and Lancaster University's North...

CyberTech Israel 2015 (Tel Aviv, Israel, March 24 - 25, 2015) In the face of these enemies and threats, individuals, organizations and states are required to produce innovative, unique solutions that would improve the resistance and resilience of the sensitive systems...

2nd Annual ISSA COS Cyber Focus Day (Colorado Springs, Colorado, USA, March 25, 2015) Join us for the Information Systems Security Association (ISSA) — Colorado Springs Chapter — Cyber Focus Day set to take on Wednesday, March 25, 2015 at the University of Colorado Colorado...

28th Annual FISSEA Expo (Gaithersburg, Maryland, USA, March 25, 2015) This year's theme is "Changes, Challenges, and Collaborations: Effective Cybersecurity Training." Through numerous high quality sessions, over 100 attendees will learn new ways to improve their IT security...

CYBERWEST: the Southwest Cybersecurity Summit (Phoenix, Arizona, USA, March 25 - 26, 2015) The purpose of CYBERWEST is to bring together Government and businesses to: Exchange information and learn in areas of policy and strategy; technology and R&D; workforce training and education; and economic,...

Women in Cyber Security (Atlanta, Georgia, USA, March 27 - 28, 2015) Despite the growing demand and tremendous opportunities in the job market, cybersecurity remains an area where there is significant shortage of skilled professionals regionally, nationally and internationally.

Automotive Cyber Security Summit (Detroit, Michigan, USA, March 30 - April 1, 2015) The debut Automotive Cyber Security Summit will bring together CTOs, CSOs, Engineers and IT professionals from GM, KIA, Nissan, Bosch, Qualcomm and more for three days of case studies, workshops, panel...

Insider Threat Symposium & Expo (Laurel, Maryland, USA, March 31, 2015) The National Insider Threat Special Interest Group (NITSIG) announced that it will hold FREE 1 day Insider Threat Symposium & Expo (ITS&E) on March 31, 2015 in Laurel, Maryland. The symposium is exclusively...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.