skip navigation

More signal. Less noise.

Daily briefing.

Commentators and defense intellectuals weigh the costs and benefits of restricting ISIS access to social media and run up against the old electronic warfare trade-off: you can no longer intercept what you jam.

Businesses reassess the cyber threat from state actors in the wake of the Gemalto affair. What do you do when those intruding into your systems aren't just bad guys, but, effectively, those you might have thought of as friends and family? Gemalto itself casts its experience as a privacy issue as opposed to a security problem, which is certainly one way of looking at it.

Users continue to purge their devices of Lenovo's unhappy Superfish experiment. Microsoft says its Malicious Software Removal Tool shows that about 250,000 machines have been scrubbed.

Bromium reports a new variant of Cryptolocker targeting files associated with games. (These are apparently single-player games — popular, but not necessarily the most popular.) FireEye reports another criminal development: exploitation of real-time advertising bidding networks to spread ransomware.

Various sectors struggle with question of assessing cyber value-at-risk. Insurance companies are obviously concerned with the question, not only as underwriters, but for judging their own exposure as well. Other businesses take calculated risks with respect to addressing their own vulnerabilities (one hopes the calculations are sound).

OpenDNS acquired BGPmon. Bloomberg reports that Websense is for sale. PayPal, preparing for its spinoff from eBay, may have a security acquisition strategy.

NIST announces cyber research grant topics for small businesses.

The US Government receives advice on cyber information sharing.


Today's issue includes events affecting Australia, Canada, European Union, Indonesia, Iraq, Republic of Korea, Syria, United Kingdom, United States.

SINET's ITSEF conference opens next Tuesday in Mountain View, California, and the CyberWire will be there to cover it. We'll be live-tweeting from the event, and on Wednesday our editor will moderate a panel on emerging trends in cyber attack.

Cyber Attacks, Threats, and Vulnerabilities

Weighing the pros, cons of blocking ISIS's access to social media (Homeland Security Newswire) The Islamic State has successfully used social media to spread its ideology, share videos of beheadings, and recruit new followers. U.S. counterterrorism agencies have launched their own social media campaigns to diminish ISIS's effects on would be jihadists, but some officials have considered whether it would be simpler to cut off ISIS from social media networks altogether. Doing so would no doubt limit ISIS's reach on Western recruits, but could it create a challenge for officials looking to monitor the group's activities?

Enterprise Security vs. Nation State Threat Actors (Dark Matters) The recently published slides regarding the Gemalto hack have caused quite a stir amongst security practitioners, board members and politicians alike, but the uproar is minor when considering that it is now more than clear that not only non-allied nations such as China, Russia and Iran are attacking commercial entities

Gemalto insists state hacking story more about privacy than security (Telecoms) Speaking to at Mobile World Congress 2015 Remi de-Fouchier, Marcomms VP of Gemalto's telecom business unit, insisted the issues raised by the latest round of Snowden revelations are more to do with privacy than security

Joint effort guts Superfish (Computerworld via CSO) Microsoft's malware detection data shows that Lenovo's crapware has been scrubbed from about 250K Windows PCs

"Row hammering" — how to exploit a computer by overworking its memory (Naked Security) There's yet another new groovy exploit name on the "this is an interesting security problem" block

New crypto-ransomware encrypts video games files (Help Net Security) A new piece of ransomware that (mis)uses the Cryptolocker "brand" has been analyzed by Bromium researchers, and they discovered that aside from the usual assortment of file types that ransomware usually targets, this variant also encrypts file types associated with video games and game related software

Cyber crooks take advantage of ad bidding networks to deliver ransomware (Help Net Security) Malware peddlers are taking advantage of real time advertising bidding networks to deliver ransomware to unsuspecting users, FireEye researchers are warning

MazelTov! More Android Malware Coming to a Mobile Device Near You (IBM Security Intelligence) Today's motley cybercrime economy is by no means unfamiliar grounds to those tasked with defending their organizations from its many nefarious devices. Cybercriminals congregate in underground forums and darknets globally, peddling everything a would-be cybercriminal could need, from identities and exploits to Web injections or a place to hide a botnet

Talos Discovery Spotlight: Hundreds of Thousands of Google Apps Domains' Private WHOIS Information Disclosed (Cisco Blogs) In mid-2013, a problem occurred that slowly began unmasking the hidden registration information for owners' domains that had opted into WHOIS privacy protection

Huge IT Slider WordPress plugin opens SQL injection hole (Help Net Security) The 50,000+ active users of the Huge IT Slider WordPress plugin are advised to update to the latest version, as it closes a vulnerability that can be exploited by website administrators and anonymous attackers to inject and execute arbitrary SQL queries within the application's database

Security vendor's blog post pinched to make HMRC phish look legit (Register) TrustWave fights off attack of the poison .PNG from the past

KHNP hacker demands money to withhold documents (World Nuclear News) A hacker who launched a cyber attack on Korea Hydro and Nuclear Power (KHNP) last December has released more files and demanded money in return for not exchanging sensitive information with third countries

Florida Not the First to Suffer Testing Cyber Attack (Sunshine State News) Florida is the latest victim of a cyber attack, leaving many students unable to log in and complete the writing portion of the Florida Standards Assessment, but the Sunshine State hasn’t been the only place where technological issues have caused problems for standardized testing

Data security glitch on Verizon Wireless exposes woman's personal data (KATU) Verizon Wireless announced upgraded privacy protections after KATU uncovered a glitch that exposed a woman's personal information

Privacy group wants to shut down "eavesdropping" Barbie (Naked Security) On Valentine's Day, toy maker Mattel introduced its Wi-Fi, microphone-sporting, speech-recognising, interactive Barbie doll

Security Patches, Mitigations, and Software Updates

Paper: Windows 10 patching process may leave enterprises vulnerable to zero-day attacks (Virus Bulletin) Aryeh Goretsky gives advice on how to adapt to Windows 10's patching strategy. Patching is hard, especially when the code base is old and the bugs are buried deeply. This was highlighted once again this week when Microsoft released a patch for a vulnerability that was thought to have been patched almost five years ago, but which could still be exploited

Cyber Trends

Cybersecurity is super scary (Intelligent Utility) But head-in-the-sand time is over

How Data-Breach Hype Undermines Your Security (Tom's Guide) Some media outlets called last month's data breach at health-insurance company Anthem, which resulted in the theft of highly sensitive personal information pertaining to up to 80 million people, a "sophisticated attack." However, later reports showed that weak authentication had let hackers into the database, and that a lack of proper encryption had allowed the personal information to be shared

2,400 unsafe mobile apps found in average large enterprise (Help Net Security) The average global enterprise has approximately 2,400 unsafe applications installed in its mobile environment, according to Veracode

Former national intelligence director Mike McConnell fears for U.S. cybersecurity (Columbia Missourian) The United States will not have the largest global economy within 10 years, a single person could freeze trillions of dollars in milliseconds and every major American corporation has been digitally infiltrated by Chinese hackers

Energy sector tops list of US industries under cyber attack, says Homeland Security report (M2M) A report issued today by the US Department for Homeland Security says that in 2014 the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) responded to 245 incidents reported by asset owners and industry partners


Online security in insurance sector (ComputerWeekly) Much of Quocirca's research looks at the differing attitudes to IT between various business sectors. For example a 2014 report titled Online domain maturity, which was sponsored by Neustar, showed that retailers and financial services were the most likely to interacting online with consumers. Another 2015 report, Room for improvement, Building confidence in data security, which was sponsored by Digital Guardian, showed that by some measure, financial services were the most confident about data security

This is how much a data breach will cost your company (San Francisco Business Times) Huge data breaches or hacks at Anthem, Target, Sony and Home Depot have made headlines recently

The reason companies don't fix cybersecurity (CBS News) U.S. air traffic control systems are vulnerable to hackers, says the General Accounting Office. Cybercriminals target retail loyalty cards. Obsolete encryption leaves phones vulnerable

OpenDNS Acquires BGPmon (BusinessWire) OpenDNS enhances cloud-delivered security services and research capabilities with acquisition of network monitoring company

Vista Said to Hire Bank to Sell Network-Security Firm Websense (Bloomberg) Vista Equity Partners LLC hired Citigroup Inc. to help it find a buyer for network-security company Websense Inc., people with knowledge of the matter said

PayPal Quickens Its Acquisition Pace For Enhancing Customer Security (GuruFocus) The online payments player, PayPal is about to be spun off from its parent company, eBay inc (EBAY), within the coming few months and the announcement of the spin off was done in last September. To compete better in the fast-moving online payments segment, PayPal acquired Braintree to boost its own mobile platform called OneTouch. Recently on March 10, PayPal has declared that is on the verge of completing another vital acquisition which would aid in preventing data breaches during online payment and thus would prevent hackers from deciphering confidential information of its golden customers

Bugcrowd seals $6 million Series A funding round (ZDNet) Australian-founded online crowdsourced security testing startup Bugcrowd is preparing for a period of rapid expansion after completing a $6 million Series A funding round led by Costanoa Venture Capital

4 Reasons Why FireEye Is My Top Pick In The Cybersecurity Space (Seeking Alpha) FireEye reported a 163% revenue increase in 2014 and is forecasting an additional 50% growth in 2015. The company gained notoriety in the first quarter of 2014 on word that its software had identified a breach at Target before it became a bigger issue. It's estimated that the penetration rates for next generation cybersecurity are still less than 10% leaving a lot of room for further revenue growth and investment. FireEye could end up being a takeover target for a big technology firm like Cisco

Palo Alto Networks: Well-Positioned In A Promising Industry (Seeking Alpha) Palo Alto Networks has impressed with its quarterly earnings, beating on many important metrics and growth figures. Palo Alto Networks continues to innovate at a torrid pace, consolidating market share and displacing legacy cybersecurity business. While Palo Alto Networks is well-positioned in the cybersecurity industry, there are still many risks associated with this constantly evolving digital space

Kaspersky, Avast look to entice security partners (Channelnomics) Kaspersky offering greater loyalty and performance incentives, Avast looking to cultivate new crop of MSPs

Cyber Security Challenge: Hack into HMS Belfast and blow up the Mayor (Independent) But the winner of this week's cyber security challenge could find themselves protecting the UK

Former Mandiant chief architect to lead research team at Endgame (SC Magazine) Jamie Butler, former chief architect and chief researcher at Mandiant has been named chief scientist at cybersecurity vendor Endgame, where he will lead the company's research on advanced threats, vulnerabilities and attack patterns

Products, Services, and Solutions

3 mobile email solutions Hillary Clinton can use next time (FierceMobileIT) The stir surrounding Hillary Clinton and the choices she made as secretary of state regarding her mobile work practices have thrust secure device management into the national spotlight. And while the debate is raging over whether or not Clinton was as careful with state intelligence as she should have been, it has certainly made clear that the options users are offered in today's marketplace far outstrip what was available then

Attack Mitigation Platform handles high-volume cyber attacks. (Thomasnet) Intended for carriers and cloud providers, DefensePro® x4420 can address volumetric DDoS attacks while simultaneously picking out and mitigating sophisticated non-volume threats

Webroot Helps 443 Networks Harness The Power Of Collective Threat Intelligence (BusinessSolutions) Webroot, the market leader in cloud-based, real-time internet threat detection, recently announced a partnership with 443 Networks, a developer and distributor of security platforms. The partnership provides 443 Networks with a highly distributed and highly cooperative learning system to deliver smarter security with Webroot BrightCloud Security Services

BT Enhances Security Portfolio With Darktrace's Cyber Threat Detection Capabilities (PRNewswire) Enterprise Immune System technology to be integrated in BT's security offerings

Swimlane launches automated security operations management platform (GCN) Phoenix Data Security has announced the launch of Swimlane, a new security operations management platform and company focused on empowering enterprises and government agencies with data-driven automation and orchestration for incident response and improved security operations - MitM Pentesting Opensource T00lkit (Kitploit) toolkit provides a fast and easy way For new arrivals to IT security pentesting and also to experience users to use allmost all features that the Man-In-The-Middle can provide under local lan, since scanning, sniffing and social engeneering attacks "[spear phishing attacks]"

Technologies, Techniques, and Standards

The first 72 hours are critical for hacking victims ( If you've been hacked or had your identity stolen, time is of the essence when it comes to minimising the damage. Credit: US President Barack Obama is seeking US$14 billion to tackle it. The UK wants to build a start-up industry around it. And Australia is in the middle of what could be a year-long review into getting better at it. The issue is cyber security, and at risk is the entire digital economy and consumer confidence in it. In this Cyber insecurity series we investigate the size and nature of the cyber crime threat, the industry growing with it, and the solutions emerging to get in front of it

4 things to consider when allowing Macs into your business (Naked Security) Macs are starting to make serious headway into corporate networks, but they're bringing some challenges with them

Preventing fraud through enterprise password management (Help Net Security) The past few years the world has seen various incidents where students have fraudulently modified their school grades, progress reports and attendance records. Recently, there was the incident at the Dutch Barleaus Gymnasium where pupils managed to glean the principal's password, upon which they modified their grades and attendance data from throughout the entire year

Determining Whether a HIPAA Data Breach Occurred (HealthITSecurity) Covered entities need to be able to determine if a HIPAA data breach has taken place following the potential exposure of sensitive data. The implementation of the HIPAA Omnibus Rule slightly changed this process, in that there were new determining factors for assessing exactly what constitutes a data breach

Design and Innovation

Pentagon To Launch Hacker Proof Helicopter Drone By 2018 (Defense One) Boeing is set to replace 100,000 lines of code on its Little Bird drone before a test flight this summer

Halifax trials heartbeat identity authentication (ComputerWeekly) Halifax is testing a technology that identifies customers by their heartbeats, to allow them access to banking services

Research and Development

NIST 2015 SBIR Grants to Fund Research in Manufacturing, Clean Energy, Cybersecurity and Bioscience (NIST Technology Partnerships Office) The National Institute of Standards and Technology (NIST) Small Business Innovation Research (SBIR) program is offering to fund research projects that address specific challenges in the fields of advanced manufacturing, climate change and clean energy, cybersecurity, health care and bioscience

DHS's Brothers tweets about science and tech projects, goals (FierceHomelandSecurity) Reginald Brothers, who heads the Homeland Security Department's research and development arm, took to Twitter March 1, answering questions ranging from cybersecurity and airport security to the Islamic State

Navy engineer impacts public-private sector research on wearable and embeddable technology (DVIDS) How easy is it to hack a pacemaker? Your "FitBit" is designed to track your physical movements. Who else can see it?


Meet the Air Force's future cyber force (FCW) The young Air Force Academy cadets are glued to their computer screens, staring at jumbled lines of code. One is trying to hack a website in a competition sponsored by the Pentagon's research arm. Another is working on reverse-engineering problems generated by a Korean website

South Dakota CAP cyber team at national competition (KELO) A team of cadet cyber-sleuths from the Big Sioux Composite Squadron in Brookings, members of the Civil Air Patro's South Dakota Wing, are competing in the national finals of CyberPatriot-VII which began today in Washington, D.C. The national finals competition runs from11-15 March

UA to Launch Interdisciplinary Cyber Crime Minor (UA News) The demand for cyber professionals doesn't look to be slowing down. The Pentagon and Congress announced March 5 the approval to hire 3,000 civilian cyber experts, in part because of growing cyber security threats and the struggle by Cyber Command to keep up

Cyber-Security University Announces Accreditation (Virtual Strategy Magazine) EC-Council University (ECCU), sister company of the world-renowned EC-Council creator of the Certified Ethical Hacking Certification (CEH), announces their accreditation from Distance Education Accrediting Commission

Legislation, Policy, and Regulation

EU plans new team to tackle cyber-terrorism (BBC) Plans for a new Europe-wide counter-terrorism unit are being presented to European ministers

U.K. intelligence watchdog defends nation's bulk data spying as necessary (Washington Post) A British intelligence watchdog defended U.K. security agencies' bulk online data collection Thursday but called for a new law to clarify the agencies' "intrusive powers" to help improve public trust

Securing territorial sovereignty in cyberland (Jakarta Post) Decades ago, a computer was nothing more than a calculating device plugged into an electrical outlet in the wall. Yet now we see many forms of computers, like digital watches, smartphones, tablets and whatnot

CSIS gives recommendations for shoring up cybersecurity, while protecting privacy (FierceGovernmentIT) In response to the increase in cyber threats' frequency and complexity, a new report makes 11 recommendations for shoring up security while protecting privacy through information sharing

Cyber Threat Information Sharing: Recommendations for Congress and the Administration (Center for Strategic and International Studies) As technology and the Internet continue to evolve and grow in complexity, so, too, does the nature of cyber attacks. The economics of cyber attacks are skewed to favor the attacker: exploits are easily acquired and can be reused on multiple targets, and the likelihood of detection and punishment is low

Will Public/Private Threat Intelligence Sharing Work? (Network World) Past examples point to a mixed record of success and failure

CISA Cybersecurity Bill Advances Despite Privacy Concerns (Wired) For months, privacy advocates have been pointing to flaws in CISA, the new reincarnation of the cybersecurity bill known as CISPA that Congress has been kicking around since 2013. But today that zombie bill lurched one step closer to becoming law

How the CIA can get from spy to cyberspy (Los Angeles Times) Agility and digital savvy traditionally haven't been the strong suits of government agencies, so it's encouraging that CIA Director John O. Brennan wants a big investment in cyberespionage and a new Directorate of Digital Innovation as part of what he calls a "bold" reorganization of the CIA. Brennan's overhaul is commendable, but it's urgent to do more to make his agency cyber literate

Coast Guard cyber plan to focus on ports, shipping (Federal Times) The Coast Guard plans to unveil a new cyber security strategy within the next month that focuses on protecting not only Coast Guard networks and systems from cyber attacks, but also the country's 3,600 sea ports and the ships they serve

DHS CIOs see cyber, budgets as top concerns (FCW) Cybersecurity remains the biggest headache for CIOs at the Department of Homeland Security, but they say the steady drumbeat of smaller and smaller budgets stings, too

Veterans helping state fight cybersecurity war (KING 5) The state of Washington is recruiting and training military veterans to help fight a war on cyberterrorists

Litigation, Investigation, and Law Enforcement

Hillary's private email server was insecure during first 3 mths as secretary of state (Russia Today) For the first three months Hillary Clinton was secretary of state, her private email server was not encrypted, according to a new report. That left her communications vulnerable while she conducted government business, including international travel

New York private investigator pleads guilty to computer hacking charge (SC Magazine) A New York City-based private investigator has pled guilty to one charge of conspiracy to commit computer hacking, which carries a maximum sentence of five years

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

B-Sides Vancouver (Vaqncouver, British Columbia, Canada, March 16 - 17, 2015) The third annual Security B-Sides Vancouver is an information security conference that will be held March 16th and 17th. We love to see brand new speakers, seasoned speakers, and everyone in between

Insider Threat 2015 Summit (Monterey, California, USA, March 16 - 17, 2015) The Insider Threat 2015 Summit is about bringing Government and Industry organizations and their cybersecurity leaders together in order to better understand the type of threats that may impact their infrastructure...

2015 North Dakota Cyber Security Conference (Fargo, North Dakota, USA, March 17, 2015) The North Dakota Cyber Security Conference brings together community members from academia, government and industry to share strategies, best practices and innovative solutions to address today's challenges...

IT Security Entrepreneurs Forum: Bridging the Gap Between Silicon Valley & the Beltway (Mountain View, California, USA, March 17 - 18, 2015) IT Security Entrepreneurs Forum (ITSEF) — SINET's flagship event — is designed to bridge the gap between the Federal Government and private industry. ITSEF provides a venue where entrepreneurs...

IT Security Entrepreneurs Forum: Bridging the Gap Between Silicon Valley & the Beltway (Mountain View, California, USA, March 17 - 18, 2015) IT Security Entrepreneurs Forum (ITSEF) — SINET's flagship event — is designed to bridge the gap between the Federal Government and private industry. ITSEF provides a venue where entrepreneurs...

Philadelphia SecureWorld (Philadelphia, Pennsylvania, USA, March 18 - 19, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...

2015 Cyber Security Summit (McLean, Virginia, USA, March 19, 2015) During Congressman Mike Rogers' "The Code War in America" talk at the June 2013 POC breakfast, he challenged all of us to "recognize that every day U.S. businesses are targeted by governments like China...

BSides Salt Lake City (Salt Lake City, Utah, USA, March 20 - 21, 2015) BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation

B-Sides Salt Lake City (Salt Lake City, Utah, USA, March 20 - 21, 2015) B-Sides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation

CarolinaCon-11 (Raleigh, North Carolina, USA, March 20 - 22, 2015) CarolinaCon-11 (also hereby referred to as "The Last CarolinaCon As We Know It") will occur on March 20th-22nd 2015 in Raleigh NC (USA). We are now officially accepting speaker/paper/demo submissions...

Cyber Security Conference 2015 (Bolton, UK, March 23 - 24, 2015) Cyber Security Conference 2015 is a coming together of the North of England's two most successful Cyber Security Conferences; BEC Information & Data Security Conference and Lancaster University's North...

Fraud Summit Altanta (Atlanta, Georgia, USA, March 24, 2015) ISMG's Fraud Summit is a one-day event focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges. Highlights of the Atlanta event include...

CyberTech Israel 2015 (Tel Aviv, Israel, March 24 - 25, 2015) In the face of these enemies and threats, individuals, organizations and states are required to produce innovative, unique solutions that would improve the resistance and resilience of the sensitive systems...

2nd Annual ISSA COS Cyber Focus Day (Colorado Springs, Colorado, USA, March 25, 2015) Join us for the Information Systems Security Association (ISSA) — Colorado Springs Chapter — Cyber Focus Day set to take on Wednesday, March 25, 2015 at the University of Colorado Colorado...

28th Annual FISSEA Expo (Gaithersburg, Maryland, USA, March 25, 2015) This year's theme is "Changes, Challenges, and Collaborations: Effective Cybersecurity Training." Through numerous high quality sessions, over 100 attendees will learn new ways to improve their IT security...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.