skip navigation

More signal. Less noise.

Daily briefing.

In apparent support of their military objectives in the Syrian Civil War, Iran deploys AndroRAT and DroidJack against regional Android users. Recorded Future has details.

Passcode reflects on the career of late ISIS operative Junaid Hussain. While widely called a "hacker," his coding skills were, Passcode notes, "mediocre." And that didn't matter at all — he was by all accounts a successful information operator, making a strong contribution to ISIS success at inspiring followers.

Those Americans who contrast ISIS's evident success with their own disappointing national record at information operations (surprising enough, given that the field's basically marketing in battledress) may take some comfort by seeing them done badly elsewhere. See, for example, a campaign out of China designed to drum up international approval of the PRC's new Five Year Plan: it's Woody Guthrie refracted through Scooby Doo. Complete with a hootenanny atop a VW van.

Aljazeera asks whether it's possible to disrupt the Internet by cutting undersea cables. The short answer is "yes," especially given that techniques for doing so have been well understood for a century. Russian naval vessels appear to be taking an interest in cables that many in the West find disquieting. Disruption isn't the only threat here — the US NSA notes the possibility of interception, data manipulation, and infrastructure attack.

British police arrest a 15-year-old for the TalkTalk hack as TalkTalk struggles to recover.

Dridex is definitely back, and active in France.

The US and EU move closer to restoration of some version of Safe Harbor.


Today's issue includes events affecting Australia, Bahrain, Brazil, China, Czech Republic, European Union, France, Germany, Iran, Iraq, Ireland, Republic of Korea, Kuwait, Oman, Qatar, Saudi Arabia, Singapore, Slovakia, Switzerland, Syria, United Arab Emirates, United Kingdom, United States.

The CyberWire will be covering both CyberMaryland and the National Cyber Security Hall of Fame's induction ceremonies this week. Watch for special issues this week, and live-tweeting from the conference.

Cyber Attacks, Threats, and Vulnerabilities

Iranian hackers get tech support on forums (CSO) Iranian hackers are targeting Android systems using AndroRat and DroidJack

Iranian Hackers' Rising Interest in Targeting Android Systems With DroidJack, AndroRAT (Recorded Future) The latest threat intelligence from the Web shows that threat actors on Iranian hacking forums are distinctly interested in targeting Android systems using several different variants of remote access trojans (RATs)

Opinion: The shocking mediocrity of Islamic State 'hacker' Junaid Hussain (Christian Science Monitor Passcode) The Islamic State militant Junaid Hussain killed in a British drone strike displayed little technical knowhow. But even though an unskilled coder, he was more effective at spreading the militants' message over social media and ultimately proved to be an effective role model

Watch the Utterly Inane Music Video China Is Using to Promote Its New Five-Year Plan (TIME) It's probably the most twee attempt ever to champion Communist Party policies

Underwater internet cables could be the next target in tech warfare (Quartz) Underlying the internet, often literally lying under the sea, is a surprisingly vulnerable array of cables that keep the world connected

Russian Navy's "aggressive" activity near underwater cables worries US (Ars Technica) Concern subs, spy ships could cut undersea Internet links or tap them (like NSA has)

Could Russia really 'cut' the Internet? (AlJazeera) Russia's ability to cut main Internet cables is unknown, but it's done that against civilians in the past

Cyber security chief: Manipulation of data by hackers may be next threat (Pittsburgh Tribune) Computer hackers could do more damage than just stealing information they find online, the nation's top cyber security official said in Pittsburgh on Monday

Top German official infected by highly advanced spy trojan with NSA ties (Ars Technica) Containing almost superhuman engineering, "Regin" malware found on official's laptop

TalkTalk cyber-attack: boy, 15, arrested in Northern Ireland (Guardian) Metropolitan police say a 15-year-old boy has been arrested in County Antrim over the hacking of the telecoms company TalkTalk

Arrest re: TalkTalk investigation (Metropolitan Police) An arrest has been made in connection with the investigation into alleged data theft from the TalkTalk website

15-Year-Old Arrested For TalkTalk Attack (Dark Reading) U.K. police collar Northern Ireland youth for questioning, while security industry tries to make sense of confusing information out of TalkTalk CEO

TalkTalk breach: CEO dismisses encryption, 15-year-old arrested (TalkTalk breach: CEO dismisses encryption, 15-year-old arrested) There's been a lot of strange developments in the days since last week's cyberattack on UK telecom TalkTalk, in which an unknown number of customers may have had their personal data accessed

TalkTalk could face huge data breach compensation cost (ComputerWeekly) Some commentators have suggested that the future of TalkTalk could be in jeopardy, with lawyers looking at potential compensation claims of £1,000 by thousands of customers

TalkTalk's cyber attack piles on the pressure on financial targets (Reuters) Burdened with a poor reputation for customer service, facing increasingly fierce competition and under pressure to hit challenging financial targets, the cyber attack at TalkTalk (TALK.L) could not have come at a worse time for the British telecoms firm

TalkTalk hack: MPs to hold inquiry into cyber-attack (BBC) MPs are to launch an inquiry into the cyber-attack on TalkTalk that could have put customers' details at risk

Hackers release info on Obama's national security transition team (Federal Times) The slow drip of information allegedly stolen from CIA Director John Brennan's personal email account continues to find its way onto WikiLeaks, with a list of personal information about 20 members of President Obama's transition team added to the leak in the most recent post on Oct. 26

Alleged Hacker Behind John Brennan Email Breach: 'I Don't Want To Go To Jail' (Motherboard) It's been five days since a group of teenage hackers only known as "Crackas With Attitude" (CWA) claimed to have broken into the email account of CIA Director John Brennan. The hackers initially boasted about their feat on Twitter, exposing some US intelligence members personal information, before getting their accounts suspended

Dridex Returns With a Vengeance, Targeting French Users and Employing Comodo Signed Certificates (MarketWired) Resurgence of costly banking Trojan driven by weaponized Microsoft Word documents posing as receipts and performing "just-in-time" malware assembly

New Campaign Shows Dridex Active, Targeting French (Threatpost) Two weeks after authorities announced they had taken down the botnet behind the banking malware Dridex, new research suggests the threat is alive and well

Duuzer back door Trojan targets South Korea to take over computers (Symantec Connect) Backdoor.Duuzer targets South Korean organizations to gain full control of computers. The threat is linked to W32.Brambul and Backdoor.Joanap, which have also been affecting the region

Pornographic-themed Malware Hits Android Users in China, Taiwan, Japan (TrendLabs Security Intelligence Blog) Sex sells, and nowhere is that more true than the Chinese mobile landscape

Xero says it will increase security following password scare (Graham Cluley) At the end of last week, online accounting service Xero emailed customers around the world telling them that they should change their passwords after a "small number of customers" had their accounts compromised

SHA-2 encryption will make many sites inaccessible to users who can't afford newer tech (Help Net Security) A group of security researchers has recently announced that it's highly likely that effective collision attacks that would break SHA-1 encryption will be revealed by the end of 2015

U.S. military cyber security fails to make the grade (Netcraft) The United States Department of Defense is still issuing SHA-1 signed certificates for use by military agencies, despite this practice being banned by NIST for security reasons nearly two years ago

TrueCrypt Travails Continue (eSecurity Planet) Two serious bugs later, almost no one thinks it is a good idea to use TrueCrypt. But what are your options?

Researcher says Fitbit can be wirelessly hacked to infect PCs, Fitbit says not true (Computerworld) A researcher demonstrated a proof-of-concept to infect Fitbit with malware in about 10 seconds; the malware infection could then spread to a PC when the fitness tracker is plugged into it. Fitbit, which was notified about the flaw earlier this year, says it's not true

Data Debacle: One-Third of IT Professionals Not Sure What’s On Their Legacy Backup Systems (Legaltech News) Archive tapes may no longer be a cutting edge option for data storage, but they cannot be ignored in the struggle for holistic data management

Cyber Trends

2016 Predictions: The Fine Line Between Business and Personal (TrendLabs Security Intellligence Blog) Like any other year, 2015 had its mix of ups and downs in the world of security

Valuing A Data Breach Victim (TechCrunch) In the relentless world of public breach reporting, there's a fixation on the number of accounts affected; the higher the number, the larger the impact. But from a victim's perspective, does it make a difference if your information was included in a breach alongside 10,000 or 50,000,000 others?

Millennials don't even know what cybersecurity is (FCW) Today's young people are dubbed "tech-savvy" because they grew up with smartphones. Maybe the label doesn't fit

Acoustic Kitty and Zombie Home Appliances: Yesterday's Theories Shape Tomorrow's Technologies (SIGNAL) In 1967, CIA operatives needed a way to spy on a Kremlin ally and sought to capitalize on a common place nuance: feral cats

Why cybersecurity cannot be overlooked (Control Global) Effective cybersecurity requires ceaseless monitoring and evaluation of network data and traffic to identify and head off evolving intrusions and potential attacks, but improved tools are making it simpler and easier

IT admits obstacles to user mobility due to security concerns (Help Net Security) Organizations are challenged to meet demands for greater mobility as 92% of IT departments worldwide still restrict users from accessing sensitive corporate data and resources from mobile devices, according to a global survey of 900 IT decision makers by Gemalto

How long does it take for employees to be security conscious? (CSO) The U.S. Postal Services received some frustrating news in early October from the Office of the Inspector General on the effectiveness of its security awareness training program

Cyber criminals target Singapore with banking Trojans (Computerweekly) Singapore is a top target for hackers and, in the second quarter of 2015, it was the country most targeted by cyber criminals using Trojans

GCC economies should gear up to address cyber security challenges (Gulf Times) Economies have become more dependent on information and communications technology (ICT) and hence they are becoming more vulnerable to network attacks

Country Reports (Secunia) The Secunia Country Reports tell you how much vulnerable software is present on private PCs in your country, plus a few extra, interesting facts


Cisco To Buy Lancope For $452.5 Million (Dark Reading) Deal set to be finalized in the second quarter of 2016

Cybersecurity Stocks Have Been Crushed: 4 That Could Get Bought Out (24/7 Wall Street) Sometimes the hottest stocks on Wall Street can turn cold as ice

Check Point Software Technologies (CHKP — $80.43*) Company Update Delivers Respectable September Results/December (FBRFlash) This morning, Check Point delivered respectable 3Q15 (September) results that hit the Street's estimates on the top line while exceeding consensus on the bottom line, although missing on the all-important deferred number

Raytheon's $1 Billion DOMino Win; Does It Signal A New Era In Cyber Procurement? (Homeland Security Today) The Department of Homeland Security (DHS) recently awarded a $1 billion cybersecurity contract to Raytheon and the Office of Personnel Management (OPM) in response to the alarming OPM data breach that put a bull's eye on the need for better federal cybersecurity capabilities

EMC, Dell customers wonder what's in it for them (TechTarget) The acquisition of EMC and VMware has IT pros at Dell World wondering what the future holds for pricing, storage and support

ESET denies claims antivirus is dead as mobile malware threats rocket (V3) ESET grew out of the ashes of communist rule in Czechoslovakia, and has emerged as the central European poster child for security and technology that now spans 180 countries across the globe

Heck yeah, we're from Denver: ProtectWise (Denver Post) Welcome to our feature highlighting the numerous Colorado tech companies that make cool stuff

As Data Grows More Valuable, Marketers Seek New Ways to Secure It (Advertising Age) Outside of hacking, questions proliferate on how much to share voluntarily

Bad News is Good News For Security Budgets But Not Skills (Dark Reading) Cybersecurity is finally getting the attention — and dollars — it deserves from the C-Suite. The challenge now is finding the talent to take full advantage of these technology investments

Got a Clearance? Getting a Job Just Got Harder (Defense One) The OPM hack has slowed hiring for jobs requiring a security clearance, a recent survey shows

Healthcare struggles to recruit top cybersecurity pros (Modern Healthcare) Michael Minear, chief information officer of UC Davis Medical Center in Sacramento, Calif., has a talented security staff, and as a result, has suffered some consequences

Raytheon study finds more men then women attracted to cybersecurity career (UPI) A Raytheon NCSA global survey found a growing gap between U.S. men and women who say they would consider a career in cybersecurity

Cyber security talent shortage: Business is struggling to keep up with sophisticated criminals (City A.M.) Concerns about cyber security are growing in prominence, but companies and law enforcement agencies are still playing catch-up in their attempts to counter ever more sophisticated cyber criminals

Country's largest cyber security organisations collaborate to design cyber-security challenge (SC Magazine) In effort to find the UK's upcoming talent, country's largest cyber security organisations collaborate to design cyber-security challenge

Products, Services, and Solutions

Antivirus Software Could Be Next Big Malware Target (Tom's Guide) Antivirus software protects your computer from malware. But what if malware infects the antivirus software itself?

Cloud-based vulnerability management: Top vendors in the field (Help Net Security) With an increasingly fast-paced threat landscape threatening even the most complex network security infrastructures, vulnerability management has become essential

A New Material Promises NSA-Proof Wallpaper (Defense One) A Utah company has a new nickel-carbon material that could help the Pentagon fight off some of its most haunting threats

Symantec Introduces New Era of Advanced Threat Protection (BusinessWire) Symantec™ Advanced Threat Protection helps companies uncover, prioritize and remediate advanced threats across their control points — fast

TÜV Rheinland Introduces Threat-Centric Identity Access Management (BusinessWire) Next-Generation Enterprise Digital Security Protects Against Tomorrow's Threats

AvePoint Enhances End User Content Management with New Release of DocAve Governance Automation (PRWeb) The latest DocAve Governance Automation release features migration as a managed service, extends site information cards to hybrid environments, and harnesses the power of third-party workflows

Technologies, Techniques, and Standards

A Security Protocol for the Internet of Things (IBM Security Intelligence Blog) The Internet of Things (IoT) is growing by leaps and bounds every day. But as the IoT grows, so do the security vulnerabilities of the linked objects. A security protocol to protect IoT devices will always be needed

Someone just bought your smart home. Did they get your data, too? (ITWorld) A new checklist guides buyers and sellers through a safe move-in day

What should companies do after a wide-scale data breach? (Help Net Security) It is not always possible to prevent such attacks, however, it is possible to make them highly unlikely to succeed

3 steps to prepare for next hack or breach (Federal News Radio) The daily headlines are no longer full of news on the Office of Personnel Management (OPM) breach, and agency executives across all levels of government want to keep it that way

Cybersecurity Lessons Learned From the Ashley Madison Hack (Forbes) As you may know, Ashley Madison — a website that connects users to engage in extramarital affairs — was hacked on July 15, 2015

Design and Innovation

Dear Advertisers, this is why we use Adblockers (Check & Secure) There are a variety of reasons why one would install a strong Adblocker

Research and Development

Complex passwords not the key to securing data: IBM (SC Magazine) Companies that force employees to create complicated and hard to remember passwords are taking the wrong approach to ensure corporate security, according to a report by an IBM Security Intelligence researcher

WhatsApp collects phone numbers, call duration, and more! (Help Net Security) A recent network forensic examination of popular messaging service WhatsApp is offering new details on the data that can be collected from the app's network from its new calling feature: such as phone numbers and phone call duration, and highlights areas for future research and study

Legislation, Policy, and Regulation

EU votes for net neutrality, but against loophole-killing amendments (Ars Technica) Advocates predict rules will allow paid fast lanes

Why Europe's net neutrality plan is more controversial than US rules (Ars Technica) EU and US rules seem similar on surface, but advocates worry about loopholes

EU, U.S. Agree in Principle on New Data-Transfer Pact (Wall Street Journal) European court had struck down previous trans-Atlantic deal dubbed Safe Harbor

EU Privacy Update: 5 Stories That Will Impact U.S. Organizations with European Ties (Legaltech News) The year 2015 was an active year in the evolution of EU privacy law, and could set the stage for further issues down the line

US-China Cyber: What Now? (Cipher Brief) The U.S.-China summit has concluded and the announced results provided little good news on the cyber front, at least for us

Adm. Michael Rogers on the Prospect of a Digital Pearl Harbor (Wall Street Journal) The National Security Agency director says an attack on critical infrastructure in the U.S. is bound to happen

NSA warns of growing danger of cyber-attack by nation states (BBC) The deputy director of the US National Security Agency (NSA), Richard Ledgett, has warned of the increasing danger of destructive cyber attacks by states

How America Can Cross the Digital Security Divide (National Interest) An emerging pattern of cyber activity should serve as a major national security wake-up call for U.S. officials

Senate to battle Tuesday on controversial CISA cybersecurity bill (IDG via CSO) Critics of the bill say it is designed to collect personal data on people

Despite privacy concerns, cybersecurity bill poised for passage (AlJazeera) Tech sector, privacy advocates, security experts say CISA compromises liberties, does little to stem threat

The Many, Many, Many Flaws of CISA (Slate) The Cybersecurity Information Sharing Act gives Internet service providers perverse incentives to spy on users

HIPAA-HITECH Act: End Point Data is Your Greatest Security Risk (Legaltech News) Recent HIPAA-associated regulations now apply to organizations outside of the healthcare industry

DHS banks on data repository for cyber insurance (FCW) The Department of Homeland Security got interested in encouraging a cybersecurity insurance market about four years ago after officials realized that "regulating our way out of cyber risk was probably not going to happen," said Tom Finan, a senior cybersecurity strategist and counsel at DHS

Security specialist Ridge calls for private, government cyber cooperation (Business Insurance) The federal government is likely to look more closely at the private cyber insurance market as a way to enhance cyber security, according to former Homeland Security Secretary Tom Ridge

Young Australians need to become 'human firewall' against cyber threats: Government commissioner (Australian Broadcasting Corporation) More young Australians need to be encouraged to consider a career in cyber-security to help build a "human firewall" against online attacks, according to the Federal Government's eSafety Commissioner for Children

Army cyber warriors take to the battlefield (Defense Systems) As cyber operations become more of a presence on the battlefield, so, too, will cyber warriors

Hacked Opinions: The legalities of hacking — Jeff Schilling (CSO) James Socas, from iSheriff, talks about hacking regulation and legislation with CSO in a series of topical discussions with industry leaders and experts

Hacked Opinions: The legalities of hacking — Rodney Joffe (CSO) Rodney Joffe, from Neustar, talks about hacking regulation and legislation

Litigation, Investigation, and Law Enforcement

The Most Controversial Hacking Cases of the Past Decade (Wired) The Computer Fraud and Abuse Act, the law that's been at the heart of almost every controversial hacking case of the past decade, is in the news again this month

How Fintech Can Win On Financial Crime (TechCrunch) Juan Zarate, a former Treasury official and now adviser to Coinbase, writes in his book Treasury's War that "financial warfare…has started to form a central part of international security strategies." By understanding the financial networks underpinning drug cartels, terrorist organizations and rogue nations, U.S. law enforcement and the Treasury Department have been able to pursue more sophisticated strategies aimed at disrupting them

Germany investigates fresh US spying allegations (RTE News) German authorities have launched a probe into allegations of a new case of suspected spying linked to the US National Security Agency, German reports said today

IRS possessed Stingray cellphone surveillance gear, documents reveal (Guardian) Exclusive: Invoices reveal tax service, 13th federal agency to use secretive dragnet, upgraded device that pretends to be cellphone tower to gather metadata

Venezuela Accuses Website of Cyberterrorism (Courthouse News Service) Venezuela's central bank claims a website run by exiles is committing cyberterrorism by reporting a fraudulent bolivar-to-dollar exchange rate to destabilize the country's economy

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

ICS Cyber Security Week (Atlanta, Georgia, USA, October 26 - 29, 2015) ICS Cyber Security Week is the longest-running cyber security-focused conference dedicated to the industrial control systems sector. The event caters to critical infrastructure organizations in the following...

Cyber Awareness & Technology Days (Colorado Springs, Colorado, USA, October 27 - 28, 2015) The Information Systems Security Association (ISSA) Colorado Springs Chapter will once again host the 6th Annual Cyber Security & Information Technology Days set to take place at...

Designing Secure Healthcare Systems (Long Branch, New Jersey, USA, October 27 - 29, 2015) Designing Secure Healthcare Systems is a three day intensive and immersive workshop…by healthcare hackers for healthcare technologists. Over the three days you will go from the basics of SQL injection...

Technology & Cyber Awareness Day (Aurora, Colorado, USA, October 28, 2015) The Buckley Air Force Base Technology & Cyber Security Day is a one-day event held on-site, where industry vendors will have the opportunity to display their products and services to IT, Comm, Cyber and...

Cloud Security Alliance Summit NYC 2015 (New York, New York, USA, October 28, 2015) The full-day Cloud Security Alliance NYC Summit is a standalone event in Manhattan. Co-hosted by the CSA NY Metro and CSA Delaware Valley chapters, some 200 well-qualified attendees are expected. The theme...

Data Breach Summit Asia 2015 (Mumbai, India, October 28, 2015) As Cyber Security continues to become a challenge for all industries, ISMG's Data Breach Summit a unique, one-day event will focus on the issues to help the participants learn more about how to prevent...

CyberMaryland 2015 (Baltimore, Maryland, USA, October 28 - 29, 2015) Now entering its 5th year, the Federal Business Council is proud to bring you the CyberMaryland 2015 Conference. The conference theme this year is "Collaborate.Educate.Innovate"

Cyber Security World 2015 (Washington, DC, USA, October 28 - 29, 2015) Cyber Security World 2015 brings together security experts, practitioners, and researchers who will share their firsthand knowledge and open the discussion to information sharing between public and private...

Hackito Ergo Sum (Paris, France, October 29 - 30, 2015) No commercial content, no vendor talk. First time presenters welcome. Highly technical talks only. Bonus point for offensive and weird ideas. Areas and domains: systems hacking & security, network hacking,...

8th Annual Space, Cyber, and Telecommunications Washington DC Conference (Washington, DC, USA, October 29 - 30, 2015) The Space, Cyber, and Telecommunications Law team hosts an impressive lineup of the world?s greatest minds annually at conferences in Washington DC and in Lincoln, Nebraska and at occasional events around...

8th Annual Space, Cyber, and Telecommunications Washington DC Conference (Washington, DC, USA, October 29 - 30, 2015) The Space, Cyber, and Telecommunications Law team hosts an impressive lineup of the world's greatest minds annually at conferences in Washington DC and in Lincoln, Nebraska and at occasional events around...

Inside Data Science 2015 (Monterey, California, USA, November 3 - 4, 2015) At the Inside Data Science 2015 Conference (IDS2015) our focus is not on the storage or volume of data, but rather the importance of what you do with it. To synchronize the processing, exploitation and...

NICE 2015 Conference and Expo (San Diego, California, USA, November 3 - 4, 2015) Cybersecurity has emerged as one of the leading creators of jobs and opportunity for all economic sectors. The demand for cybersecurity positions in both the public and private sector is large and growing,...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.