skip navigation

More signal. Less noise.

Daily briefing.

Reports from the UK suggest some ISIS hacking of Government emails. (Meanwhile online jihadism keeps itself roiled by the usual cross currents of atrocity-inspiration, calls for unity against a growing array of infidels, and inside-baseball squabbles over competition for leadership authenticity.)

Damballa does some work on Corebot and finds traces of its take on criminal markets.

Effects of the Excellus breach may extend to other insurance providers. (Ziften tells us the breach is "just the latest example of how hackers are able to avoid detection and go unnoticed within a network for long periods of time.")

Those TSA-approved locks familiar to US air travelers? Pictures of masters published online have enabled 3D printing of keys.

Researchers agree Ashley Madison's security was problematic; how problematic remains up for debate (still, pretty problematic). Cracked passwords show poignant evidence of bad consciences.

More observers see a return of marque and reprisal to cyberspace, 150 years after they vanished from the high seas.

Enterprises and insurers see an escalation of cyber exposure and look for tools to assess and transfer it. Some policymakers look to the insurance sector to drive standards of care. Insurance agents are told not to be shy in presenting cyber policies.

Investors look at start-ups, watch for Palantir's IPO, and assess the sector's current high-fliers (like Palo Alto).

The US and China continue to look for a modus vivendi in cyberspace, with the US insisting on distinguishing traditional espionage from industrial for-profit spying.

Class-action breach suits are the new normal.


Today's issue includes events affecting Argentina, Brazil, China, Cyprus, European Union, Germany, India, Iran, Iraq, Ireland, Israel, Democratic Peoples Republic of Korea, Mexico, Netherlands, Pakistan, Romania, Russia, Spain, Syria, Taiwan, Ukraine, United Kingdom, United States.

This week the CyberWire will cover two events. We'll be at Borderless Cyber (organized by OASIS and the World Bank) tomorrow and Wednesday, and covering the Sixth Annual Billington Cybersecurity Summit on Thursday. We'll be live-tweeting from both events, with full coverage published in the CyberWire as the week progresses.

Cyber Attacks, Threats, and Vulnerabilities

Cabinet ministers' email hacked by Isil spies (Telegraph) Intelligence agency investigation discovers extremists linked to the Islamic State of Iraq and the Levant (Isil) have been targeting information held by some of David Cameron's most senior ministers

Zawahiri calls for jihadist unity, encourages attacks in West (Long War Journal) Al Qaeda has released the second installment in its "Islamic Spring" series, which features Ayman al Zawahiri delivering lectures

In Dabiq magazine, Islamic State complains about jihadist rivals in Libya (Long War Journal) The latest edition of the Islamic State's English-language Dabiq magazine, which was released online on September 9, contains the usual litany of horrors

Stolen information using Corebot sold on (Damballa: Day Before Zero Blog) We have been investigating several domains registered using the email address drake.lampado777@gmail[dot]com. IBM Security X-Force spotted the information-stealing malware named Corebot

Highmark customers' data may have been exposed in Blue Cross cyberattack (Pittsburg Tribune) Highmark Inc. insurance customers may have lost personal information to a cyber attack on a fellow Blue Cross carrier in New York, the Downtown-based insurer said Friday

TSA master luggage keys are 3D printed after photo published online (Naked Security) Deep in the bowels of the labyrinth that is the US's Transportation Security Administration (TSA), luggage trundling along on conveyor belts gets barcoded, weighed, sniffed for traces of explosives, 3D imaged, and, if it appears suspicious, opened

How Command and Control Servers Remain Resilient (TrendLabs Security Intelligence Blog) One of the ways that malware activity on a network is spotted is via the activity of their network activity

Researchers Decrypt Ashley Madison Passwords With Different Results (eWeek) Although members' names and email addresses were publicly posted, their user accounts were protected with passwords secured by a powerful hashing algorithm

Ashley Madison passwords like "thisiswrong" tap cheaters' guilt and denial (Ars Technica) New analysis of cracked passcodes shines a light into mindset of account holders

Stolen storage device leads to loss of customer bank and personal data (Naked Security) The personal details of thousands of Lloyds Bank account holders have gone missing following the suspected theft of a data storage box

Nearly 80,000 college students affected by data breach (Fox News) A data breach of a White House-recommended vendor compromised the personal information of nearly 80,000 California college students who had signed up for a mandatory online sex violence prevention course, officials revealed Tuesday

US agency in charge of power grid and nukes keeps getting breached (Naked Security) The US Department of Energy (DOE), which oversees the US power grid, nuclear arsenal and national science labs, is a prime target for cyberattackers who want to harm the United States

Phish me once, shame on you. Phish me twice… (GCN) What should we make of the most recent announcements of government "awareness campaigns" about phishing?

The Lord of the Hacktivist Rings (Help Net Security) Cyber attacks against websites have been around for about a decade

Even the FBI is worried about Internet of Things security (Network World) Amidst all the excitement about the possible benefits of the Internet of Things, a slew of warnings have been sounded by IT pros, vendors and analysts about looming security threats. Now you can add the FBI to that list of those cautioning enthusiasts

Internet of Things Poses Opportunities for Cyber Crime (Federal Bureau of Investigation) The Internet of Things (IoT) refers to any object or device which connects to the Internet to automatically send and/or receive data

Bulletin (SB15-257) Vulnerability Summary for the Week of September 7, 2015 (US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week

Security Patches, Mitigations, and Software Updates

Apple complicates app sideloading in iOS 9 for increased security (Help Net Security) Making things easier for users is generally a good idea, but sometimes complicating a process could lead to increased security, and should be the preferred option

Cyber Trends

The coming private cyber 'war' (FCW) The next war might not be a "war" at all

Report: The $120 trillion gap between a safe and insecure future Internet (Christian Science Monitor Passcode) The economic difference between the best and worst forecasts of the Internet could be as high as $120 trillion over the next 15 years, according to a new report from the Atlantic Council think-tank and Zurich Insurance

Experts: Consumer protections vital as Internet of Things expands (Christian Science Monitor Passcode) At Thursday's Security of Things Forum in Cambridge, Mass., experts such as FTC Commissioner Julie Brill stressed the need for makers of connected devices to do more when it comes to safeguarding consumer data

Valasek: Today's Furby Bug is Tomorrow's SCADA Vulnerability (Threatpost) Chris Valasek and Charlie Miller's car hacking research put a crunching reality on Internet of Things security, moving it beyond almost clichéd discussions of smart refrigerators leaking inconsequential data, to hackers remotely manipulating car brakes

Special Report: Car Security & the Internet of Things (Threat Brief) A special feature on car security — what's happening now in the industry and what is in store for the future?

Nearly Half of Federal Agencies Were Targets of Insider Threats in the Last Year, Despite Formal Prevention Programs (MeriTalk) New Report Examines Actions Agencies Should Take to Minimize Risk and Cyber Incident Consequence

Do conventional security measures negatively impact productivity? (Help Net Security) 91 percent of business respondents reported that their productivity is negatively impacted by security measures their employer has put in place, according to Dell


Vulnerability management embraces new functions (Help Net Security) Vulnerability management (VM) solution providers have always held their own in the global network security domain

Ashley Madison attack shows evolving risks (Business Insurance) Cyber exposure stakes keep escalating

Insurance requirements can drive stronger cybersecurity, Treasury official says (Washington Post) The insurance industry has a key role to play in helping U.S. companies strengthen cybersecurity, a senior Treasury Department official said Thursday

Now is the right time for agents to talk cyber insurance (Insurance and Financial Advisor) Target, Michaels, eBay, JPMorgan Chase, the New York Times, Google, Anthem, the U.S. Government… The list of high profile data breaches grows longer each day, and doesn't include the countless number of small businesses that have their data compromised in attacks we may never hear about

Why is Cybersecurity Important to Hedge Funds? (Capital Support) With cybercriminals employing ever more sophisticated methods, cybersecurity has never been more important to hedge funds and other alternative investment managers

Ten reasons threat intelligence is here to stay (Beta News) Over the past couple of years, the volume and frequency of new malware and its variants has exploded

Too much emphasis on threat intelligence sharing, Gula says (TechTarget) There's a lot of present-day talk about threat intelligence sharing and a lot of companies are introducing dozens of threat intelligence services, but there's too much emphasis on this side of the coin, according to Ron Gula, CEO of Tenable Security

The cost of EMV compliance (Help Net Security) Credit card companies are making the final call for US merchants to switch over to EMV chip technology in anticipation of the looming deadline

Intelligence Start-Up Goes Behind Enemy Lines to Get Ahead of Hackers (New York Times) On a recent Wednesday morning, 100 intelligence analysts crammed into a nondescript conference room here and dialed into a group call with 100 counterparts in Argentina, Brazil, Cyprus, India, the Netherlands, Romania, Spain, Taiwan and Ukraine

Palantir IPO: PayPal Inc's (NASDAQ:PYPL) Top Secret Spin-off May Be About to Go Public (Profit Confidential) Just months after eBay Inc. (NASDAQ:EBAY) spun off PayPal Inc. (NASDAQ:PYPL), another firm related to the payments processor is set for an initial public offering. Eighty percent of the management team at this startup worked for PayPal; including one of PayPal's founders

Argus raises $26m to protect connected cars from hackers (Start-Up Israel) Israeli cyber-security firm's embedded cyber-security solution suite for vehicles safeguards critical systems from attack

Here's Cybersecurity Accelerator Mach37's Newest Class of Startups (DCInno) Cyber data marketplaces, cloud authentication and hacker crowdsourcing startups

Palo Alto Does It Again (Seeing Alpha) Palo Alto Networks showed once again why it is rightfully trading at such high valuation multiples

This One Stock Is Winning the Global Cybersecurity War (The Street) Cybersecurity firm Palo Alto Networks (PANW) is cashing in on the data center security market at the expense [of] industry titans such as Cisco Systems (CSCO) and Check Point Software (CHKP)

3 Challenges the Internet of Things Is Facing That Few Investors Realize (Motley Fool) Every silver lining must have a cloud. What's holding the Internet of Things back from instant triumph?

Sevatec to Support NOAA Cybersecurity Center Under Sole-Source Contract (GovConWire) Sevatec will provide support to the National Oceanic and Atmospheric Administration Cyber Security Center under a $9.9 million sole-source contract from the Commerce Department

Products, Services, and Solutions

Invizbox Go aims to make mobile privacy painless over any Wi-Fi (Ars Technica) Mobile VPN and Tor router can tether to public Wi-Fi — and charge your phone

Symantec Outlines Future of Managed Security Services (MSPmentor) Symantec's upcoming security broker software will make use of advanced analytics, machine learning software and telematics technologies

Seyfarth Shaw Assembles Global Privacy and Cybersecurity Team (Legaltech News) The group of 35 lawyers will help guide clients through the increasingly complex maze of laws and enforcement actions related to data privacy and security

LUCY Phishing Server Lets You Phish Yourself to Defeat Hackers (PRNewswire) New features expose your organization's weakest security links

Technologies, Techniques, and Standards

DHS awards $11M to set cyber-sharing standards (The Hill) The Department of Homeland Security on Thursday awarded an $11 million grant to the University of Texas at San Antonio to serve as the standards-setting body for new cyber information-sharing groups

US-CERT's do's-and-don'ts for after the cyber hack (Federal News Radio) Too often, agencies are erasing key forensic evidence after a cyber attack

3 Critical yet Unaddressed Information Security Challenges in a New Enterprise (IT Security Guru) Defending a newly established enterprise from high-profile security breaches and potential loopholes is one of the major IT challenges that most of the businesses face today

The Truth About DLP & SIEM: It's A Process Not A Product (Dark Reading) If you know what data is critical to your organization and what activities are abnormal, data loss prevention and security information event management work pretty well. But that's not usually the case

Five ways CIOs tackle hybrid cloud security (TechTarget) The traditional moat model is disappearing as companies embrace hybrid cloud strategies from microsegmentation to perimeter controls

How to detect credit card theft in the early moments (CSO) A single email helped avoid serious losses

Are you prepared for a cyber attack? (Property Casualty 360) Regulatory issues affect insurance companies after a data breach

Four Non-Technical Measures for Mitigating Insidious Insiders (Dark Matters) Even the best technology will be useless if the non-technical basics aren't correct. Can threats from insiders be proactively mitigated with non-technical measures? The short answer is "yes and no"

The Two Most Valuable Pieces of Information You're Likely Throwing Away (SecurityWeek) With enough data, any problem can be understood. Solving it is another matter

As iPhone 6S Launches, Time to Remember Some Mobile Security Basics (Trend Micro: Simply Security) If you've been hiding on Mars for the past week, you might have missed that Apple has just launched its latest iPhone

Design and Innovation

Vint Cerf Wants Your Help Re-Imagining The Internet (InformationWeek) Vint Cerf, recognized as one of the fathers of the Internet, is using social media to generate new ideas about how the Web should evolve

Here Is How To Address Car Hacking Threats (TechCrunch) When you connect a car to the Internet, it is no longer just a car: It is a computer on wheels

Research and Development

Southampton study identifies anti-hacking techniques for Internet of things devices. (Engineer) Researchers at Southampton University have identified a number of techniques that could be used to help make internet-connected devices safer from online attacks

Near-Perfect Computer Security May Be Surprisingly Close (Wired) In July 2013 a pair of studies set the cryptography world on fire


Cadets get cyber training (Air Force Times) Cyber skills are an increasing part of the Air Force Academy's curriculum, said Superintendent Lt. Gen. Michelle Johnson

Legislation, Policy, and Regulation

China, US gradually move to manage cyber dispute (China Daily) While cybersecurity has been a thorny issue between China and the United States in the last few years, there are signs in the past days that both sides do not want it to spill into the overall bilateral relationship and impact negatively on the upcoming state visit to the US by President Xi Jinping

US and Chinese officials finished meetings on cyber security issues. Here's what they came up with (Reuters via Business Insider) Senior U.S. and Chinese officials concluded four days of meetings on Saturday on cyber security and other issues, ahead of Chinese President Xi Jinping's visit to Washington later this month, the White House said

Obama: China cyber attacks 'unacceptable' (BBC) US President Barack Obama has said that alleged Chinese cyber attacks are "not acceptable", ahead of a visit from Chinese leader Xi Jinping

Murder, Money, and Spies: An Investigative Series on the Chinese Military's For-Profit Ventures (Epoch Times) For more than two years, Epoch Times has been investigating the shadowy organizations behind the Chinese regime’s cyberattacks

Statement for the Record: Worldwide Cyber Threats (James R. Clapper Director of National Intelligence September 10, 2015) (House Permanent Select Committee on Intelligence) Chairman Nunes, Ranking Member Schiff, Members of the Committee, thank you for the invitation to offer this Statement for the Record

U.S. policies have influenced Iranian, North Korean behavior in cyberspace (Washington Examiner) In a Sept. 10 appearance that amounted to a "state of cybersecurity" presentation to the House Intelligence Committee, leaders of the government's intelligence agencies detailed the threat environment facing the nation in cyberspace

Intel chiefs draw distinction between digital espionage and malicious hacks (Christian Science Monitor Passcode) At a Congressional hearing Thursday, officials stressed the need to develop clearer international norms to determine what's a tolerable amount cyberspying and what's unacceptable

Tipping point imminent for cyber sharing legislation (Federal News Radio) A "tipping point" is coming regarding the need for legislation that will let the government and industry share information on cyber attacks, said House Intelligence Committee chairman Devin Nunes

Cybersecurity Information Sharing Act has 'significant problems' (Tech Target) A new version of the Cybersecurity Information Sharing Act is scheduled to go in front of the Senate this fall, but one expert said the bill has 'significant problems'

OMB readies next phase of cyber sprint plan (FCW) Federal CIO Tony Scott said the Cybersecurity Sprint Strategy and Implementation Plan would likely be unveiled next month

Cyberattacks: The Danger, the Cost, the Retaliation (GovTech DigitalCommunities) How do we get better cybersecurity technologies out quickly while having enough personnel to rapidly respond to the ever-changing exploits?

Where Next for Government Cybersecurity? (Emergency Management) On the 14th anniversary of 9/11/01, there are plenty of reasons to be thankful regarding public safety in America. And yet, there is also a growing list of cyber threats that are grabbing news headlines. We talked with Dr. Andy Ozment, the U.S. Department of Homeland Security (DHS) Assistant Secretary, who is the new point person for the National Cybersecurity and Communications Integration Center (NCCIC)

Hire (Some of) the Hackers (Slate) The U.S. government needs cybersecurity experts who have thought like intruders

63% in favor of encryption backdoors to respond to national security threats (Help Net Security) Vormetric did a survey on how Americans view "backdoor" access by government entities to the encrypted data of private businesses. Ninety-one percent recognized that there were risks to encryption backdoors, but also felt that it is justified in some circumstances

Litigation, Investigation, and Law Enforcement

Extent Of U.K.'s Surveillance Dragnet Probed In Fresh Legal Challenge (TechCrunch) A new legal challenge to U.K. intelligence agency surveillance practices has been filed in the U.K. by human rights organization Human Rights Watch and three unnamed individuals working in security research, investigative journalism and law

Prepare for the inevitable: Post-data breach class actions (Business Insurance) Lightning may not strike twice in the same place, but the same cannot be said of class action lawsuits

A Bizarre Twist in the Debate Over Vulnerability Disclosures (Wired) The ongoing battle between researchers and vendors over the public disclosure of security vulnerabilities in vendor products took a bizarre turn yesterday in a new case involving two security firms, FireEye and ERNW

FireEye legally censors crucial parts of a researcher's talk at 44CON (Help Net Security) Felix Wilhelm, a researcher with German security firm ERNW, was scheduled to give a talk at 44CON on Thursday about the critical vulnerabilities he and his colleagues found in a FireEye NX device running the webMPS operating system

Installation of Tor Relay in Library Attracts DHS Attention (Threatpost) The Tor Project recently started a program to help libraries install Tor relays as a way to protect the privacy of patrons and other Internet users. The program didn't get too far, however, as the first library to install a relay had to turn it off after town police officials were contacted by Department of Homeland Security agents

Dept. of Justice shutters Sharebeast, the largest US-based filesharing service (Ars Technica) tried to host Kanye West album leaks and the 2014 World Cup

Tracking a Bluetooth Skimmer Gang in Mexico (KrebsOnSecurity) Halfway down the southbound four-lane highway from Cancun to the ancient ruins in Tulum, traffic inexplicably slowed to a halt

Founder of collapsed Bitcoin exchange Mt. Gox arrested, charged again (Naked Security) Mt. Gox was once the world's biggest Bitcoin exchange

Area Man Pleads Guilty to Cyber Attack on the St. Louis County Police Union Website (Federal Bureau of Investigation, St. Louis Division) Justin Payne pled guilty to destroying the St. Louis County Police Association website through a distributed denial of service attack

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

SANS Institute: Information Security Training (Las Vegas, Nevada, USA, September 12 - 21, 2015) Information security training in Las Vegas from SANS Institute, the global leader in information security training. At SANS Network Security 2015, SANS offers more than 40 hands-on, immersion-style security...

Gulf Cooperation Council Cyber Security Summit (Abu Dhabi, United Arab Emirates, September 13 - 15, 2015) The GCC Cyber Security Summit will bring together regional and international thought leaders and decision-makers to examine one of the most vital threats to the region's future well-being: cyber-attack.

Hacker Halted 2015 (Atlanta, Georgia, USA, September 13 - 18, 2015) EC-Council Foundation's flagship information security conference, Hacker Halted, will unite some of the greatest minds in information security, as industry experts address the latest threats and vulnerabilities...

EnergySec 11th Annual Security & Compliance Summit (Washington, DC, USA, September 14 - 16, 2015) For more than 10 years the EnergySec Security Summit has been the premier gathering for stakeholders in the energy sector focused on physical and cyber security. Our summits give each attendee a rare opportunity...

Fraud Summit San Francisco (San Francisco, California, USA, September 15, 2015) ISMG's Fraud Summit is a one-day event focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges. Among the areas to be discussed are...

Borderless Cyber 2015 (Washington, DC, USA, September 15 - 16, 2015) OASIS, in collaboration with The World Bank, will bring together public and private sector security professionals from around the world to evaluate, debate, and collaborate on cyber security best practices...

Detroit Secure World (Detroit, Michigan, USA, September 16 - 17, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...

Cyber Security Summit: New York (New York, New York, USA, September 17, 2015) The Cyber Security Summit provides an exclusive business environment to meet with Senior Executives who are seeking innovative solutions to protect their business & critical infrastructure. Delegates at...

6th Annual Billington Cybersecurity Summit (Washington, DC, USA, September 17, 2015) Join key leaders and decision makers from government, military and the private sector at this one-day intensive networking event as participants focus on the next generation of solutions to ensure this...

Hacker Halted (Atlanta, Georgia, USA, September 17 - 18, 2015) Hacker Halted is a global series of computer and information security conferences presented by EC-Council. The objective of the Hacker Halted conferences is to raise international awareness towards increased...

Cyber Security Summit: New York (New York, New York, USA, September 18, 2015) The Cyber Security Summit provides an exclusive business environment to meet with Senior Executives who are seeking innovative solutions to protect their business & critical infrastructure. Delegates...

Data Breach Investigation Summit (Dallas, Texas, USA, September 21 - 26, 2015) Data Breaches are occurring at an alarming rate and increasing in their scope, frequency and impact and they don't discriminate by industry, geography or organization size. When a breach occurs, organizations,...

St. Louis SecureWorld 2015 (St. Louis, Missouri, USA, September 22 - 23, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...

OWASP APPSECUSA (San Francisco, California, USA, September 22 - 25, 2015) The premier gathering of developers, security experts and technologists to discuss cutting edge approaches to secure web applications

MeriTalk: Cyber Security Brainstorm (Washington, DC, USA, September 23, 2015) Co-locating with the NIST Cloud Security Working Group, this MeriTalk Brainstorm has an excellent program lined up, featuring keynote speakers Allison Tsiumis (Section Chief, Cyber Intelligence Section,...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.