skip navigation

More signal. Less noise.

Daily briefing.

BAE security researchers have warned that the thieves behind the $81 million cyber theft from the Bangladesh Bank probably also compromised SWIFT, the platform used internationally to manage financial transactions. SWIFT said yesterday it plans to issue a fix sometime today. BAE believes the attackers modified Alliance Access client software to modify a database that logged bank transactions, thereby covering the attackers’ tracks.

The controllers of GozNym, the “two-headed” Trojan IBM warned against earlier this month, have shifted focus from North America to Europe, targeting one Portuguese and several Polish banks.

A new strain of PowerShell-abusing malware is out. Trend Micro reports that “FAREIT” is spreading through spam emails (carried either in an attached Office document’s malicious macro or in a corrupted pdf) and is harvesting banking credentials.

Combat testing has revealed exploitable vulnerabilities in the US Army’s mobile tactical network. Fixes are promised.

The US is increasingly open about cyber operations against ISIS. Intrusion into and monitoring of jihadist networks has prepared the battlespace for effective spoofing and disruption of ISIS messaging.

Observers await word of what US and Russian officials are agreeing to in discussions of cyber warfare.

SecureWorks’ IPO last week is widely viewed as “lackluster.” Investors are looking for profit; they’re less likely to buy the story.

Many observers doubt the FBI’s “grey hat” explanation of how it accessed the San Bernardino jihadist’s iPhone.

The US Justice Department no longer needs Apple’s help unlocking an iPhone in a New York trial: someone gave them the passcode.


Today's issue includes events affecting Bangladesh, Belgium, Canada, China, France, Germany, Iraq, Italy, Philippines, Poland, Russia, Syria, United Kingdom, United States.

We concluded our coverage of SINET ITSEF 2016 on Friday. Today we publish an interview with Canada's Minister of National Defense, the Honorable Harjit Singh Sajjan, which you'll find here; he'd earlier delivered the final day's keynote address.

Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day.

Cyber Security Summit (Dallas, Texas, USA, May 3, 2016) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security. Register with promo code cyberwire50 for half off your admission (Regular price $250)

Georgetown Cybersecurity Law Institute (Washington, DC, USA, May 25 - 26, 2016) Experienced government officials, general counsels, and cybersecurity practitioners offer insight into governance, preparedness, and resilience. Register Today, CyberWire readers receive a $100 DISCOUNT using code WIRE16.

Cyber Attacks, Threats, and Vulnerabilities

Exclusive: Bangladesh Bank hackers compromised SWIFT software, warning to be issued (Reuters via Business Insider) The attackers who stole $81 million from the Bangladesh central bank probably hacked into software from the SWIFT financial platform that is at the heart of the global financial system, said security researchers at British defense contractor BAE Systems

An $80M Bank Hack Has Been Blamed on $10 Routers (Gizmodo) Sometimes it pays to spend. The central bank of Bangladesh has found that out the hard way, as police are blaming its loss of $80m during a hack on crappy $10 routers

Time Is Money: GozNym Launches Redirection Attacks in Poland (IBM Security Intelligence Blog) The GozNym banking malware, a Trojan hybrid discovered by IBM X-Force in early April, isn’t wasting any time. A week after launching an aggressive attack campaign on 24 banks in North America, GozNym’s operators are spreading a new European configuration. On the list this time: corporate, SMB, investment banking and consumer accounts held with major Polish banks; one bank in Portugal; and one American bank

New FAREIT Strain Abuses PowerShell (TrendLabs Security Intelligence Blog) In 2014, we began seeing attacks that abused the Windows PowerShell. Back then, it was uncommon for malware to use this particular feature of Windows. However, there are several good reasons for an attacker to use this particular feature

Hacking Risks Found in US Army's $12 Billion Mobile Network (Newsmax) A $12 billion mobile Internet network that the U.S. Army is using in Iraq, Afghanistan, and Africa has significant cyber-security vulnerabilities that were found in combat testing

Ransomware-as-a-service + Malicious Insiders = Deadly Threat (Imperva) Insiders with RaaSIn our recent research report, we followed the infection chain and operation of CryptoWall 3.0 ransomware, focusing on payments made by victims and how those payments eventually aggregate to a small number of Bitcoin wallets – suggesting a well-organized operation

Ransomware Poses a Rising Threat to Hospital Operations (eWeek) The malware hinders operations and threatens patient care, making health care facilities and medical centers good targets for criminals

Microsoft: Keep Calm But Vigilant About Ransomware (Dark Reading) Though a growing problem, ransomware is still nowhere as prevalent as other threats, Microsoft says

Core Windows Utility Can Be Used to Bypass AppLocker (Threatpost) A core Windows command-line utility, Regsvr32, used to register DLLs to the Windows Registry can be abused to run remote code from the Internet, bypassing whitelisting protections such as Microsoft’s AppLocker

Researcher uses Regsvr32 function to bypass AppLocker (CSO) Regsvr32 is whitelisted, seen as an essential system function

An insider's look at iOS security (Tech republic) Apple's battle with the FBI portrays them as a security hero going to great lengths to protect user privacy, but our beloved iPhones may not be as secure as many believe

Verizon Says Strikers Sabotaging Verizon Network (DSL Reports) Verizon is accusing the company's striking workers of sabotaging the Verizon network. According to Verizon, most of the instances of sabotage have involved intentionally cutting fiber lines in various locations across New York, New Jersey, Massachusetts, and Pennsylvania

Guess what's 'easily hacked'? Yes, that's right: Smart city transport infrastructure (Register) Traffic jams and altered intelligence

Two Castles Run bounces back from cyber attack (Leamington Courier) Preparations for the 4,000-strong annual Two Castles run between Warwick and Kenilworth are well under way

Cyber Trends

Insurers could hold key to managing cyber risks (Business Insurance) Could private industry provide at least a partial answer to one of the United States' most critical national security problems? The answer may well be “yes,” if the problem is cyber security and the industry in question is the insurance industry

Halvorsen: Cyber war is a culture war (Defense Systems) Security experts have often said that the key to cybersecurity is a matter of approach and attitude, an idea Defense Department CIO Terry Halvorsen reiterated this week

Cyberattacks increase against manufacturing, healthcare industries (SC Magazine) A new report that examines the shifting direction of cyberattacks noted attackers turning their attention away from the financial services sector, in favor of attacks against manufacturing and healthcare companies

Lack of Monitoring Weakens Database Security (eSecurity Planet) Nearly 40 percent of companies cannot monitor databases in real time, a survey finds. This poses a threat to database security, says the survey's sponsor

A Million People Now Access Facebook on the 'Dark Web' Every Month (Nextgov) The number of people accessing Facebook via the “Dark Web” now stands at 1 million per month, the tech giant announced April 22

Q&A: Navigating the new cyber security landscape (IT Pro Portal) The cyber security landscape is changing drastically. The growth of new technologies such as drones and the Internet of Things is creating a host of new access points for hackers to target, thereby weakening companies’ defences

Identity and access management still a concern when it comes to breaches (Secure ID News) Identity and access management still a concern when it comes to breaches Enterprises are starting to take precautions to strengthen credentials

4 tech nightmares keeping IT leaders up at night (CIO via CSO) What’s keeping CIOs awake at night? From data breaches to social engineering, there’s plenty to keep tech types tossing and turning


Cybersecurity's big market cap club (CSO) The BVS Cyber Index tracks 29 of the largest cybersecurity companies globally

Nasdaq Welcomes SecureWorks Corp. to The Nasdaq Stock Market (Nasdaq) Nasdaq (Nasdaq:NDAQ) announced that trading of SecureWorks (Nasdaq:SCWX) commenced on The Nasdaq Stock Market on April 22, 2016

Dell SecureWorks, 2016's first tech IPO, fizzles on Wall Street (Reuters) The lackluster market debut of SecureWorks Corp, the cyber unit of Dell Inc, failed to rally the battered technology U.S. IPO market on Friday, a reminder that Wall Street does not welcome cash-burning companies without profits

Dell’s SecureWorks Has Lackluster Trading Debut (New York Times) SecureWorks is the first initial public stock offering of the technology industry this year. That may be the extent of the victory lap for the tech I.P.O. market, at least for now

What Really Happened With SecureWorks' IPO? (AustinInno) Cybersecurity has cooled and venture-backed tech is in a flop sweat

Despite the Recent Wave of Global Terrorism, Verint Has Been Foundering (Haaretz) The security and surveillance firm lost 45% of its stock value in a year, and the departure of company executives and staff layoffs have raised questions about the scope of its problems

Buying the ‘next big thing’ is off BlackBerry’s agenda, as company halts acquisition spending spree (Computer Business Review) C-level briefing: President of Global Sales Carl Wiese says that the company has a complete portfolio and doesn't need any more companies

Elixirr strikes partnership with cyber security firm CyberInt (Consultancy) Consulting firm Elixirr has agreed a strategic partnership with CyberInt, an Israeli cyber security firm. The move allows Elixirr to leverage CyberInt’s software to help organisations identify external vulnerabilities in their digital frontier, while for CyberInt, the deal sees it expand its client base

Blue Cube Security's sales top £12m (CRN) West Sussex-based security VAR doubles best-ever revenue tally but says sales with established vendors such as RSA are down

Pwnie Express CEO Riding Ahead Into the Enterprise (eSecurity Planet) Paul Paget, CEO of Pwnie Express, discusses how his company is evolving to meet the next generation of threats and what is driving the business forward

Exostar Gets Commitment From 4 Defense Contractors for Updated Risk Mgmt Service (GovConWire) Exostar has said BAE Systems, Boeing (NYSE: BA), Lockheed Martin (NYSE: LMT) and Raytheon (NYSE: RTN) have committed to deploy its updated risk management service for defense contractors

Products, Services, and Solutions

Cylance® Wins Edison Award for Innovative Security Solution (PRNewswire) CylancePROTECT® honored for groundbreaking artificial intelligence approach to endpoint security

Legal Tech Roundup: Pillsbury Announces Partnership with Mandiant FireEye (Bloomberg BNA) Pillsbury Winthrop Shaw Pittman announced this week it will begin recommending that its clients hire cybersecurity company FireEye to conduct a risk assessment as part of the due diligence phase of a merger

Bitglass Wins Cybersecurity Excellence Award for Best Cloud Security Product (Marketwired) Bitglass, the Total Data Protection company, today announced that its cloud solution has won Best Cloud Security Product of 2016 in the Cybersecurity Excellence Awards

Fortinet Debuts New Secure Fabric (Enterprise Networking Planet) New update to firmware operating system, and new hardware announced

Technologies, Techniques, and Standards

The Problem With Patching: 7 Top Complaints (Dark Reading) Is your security team suffering from patching fatigue? Check out these tips and eliminate critical vulnerabilities in your IT environment

5 Features to Look For In A Next-Generation Firewall (Dark Reading) When it comes to NGFWs, it's the integration that counts

Divurgent and Sensato put together new medical device cybersecurity task force (Med City News) Sensato and consulting firm Divurgent have formed a new medical device cybersecurity task force. The goal is to develop best practices for healthcare organizations and device manufacturers

Threat intelligence overload (CSO) Getting through the obstacle of the big data problem

Be Prepared: How Proactivity Improves Cybersecurity Defense (Dark Reading) These five strategies will help you achieve a state of readiness in a landscape of unpredictable risk

10 Tips for Securing Your SAP Implementation (Dark Reading) Without clear ownership of security for a critical business platform like SAP, it should come as no surprise that SAP cybersecurity continues to fall through the cracks among IT, admin, security and InfoSec teams

The Facebook hacker who caught a Facebook hacker… (Naked Security) Here’s a fascinating story about a hacker who caught a hacker

How to protect your Apple ID account against hackers (Graham Cluley) Keep password-pinchers out of your Apple account with two-step verification

Ask the expert: cyber security should be top of mind for small businesses (Stuff) OPINION Q: I've been reading a lot about cyber security threats to SMEs. What are some of the most common threats to SMEs and what trends do you expect to see emerging over the next year?

Design and Innovation

Perhaps there is a cyber-point to this innovation claptrap (ZDNet) Rather than parrot out silly soundbites relentlessly, it's possible that if focused at the correct area, we could see something material from the innovation chatter

How IoT security can benefit from machine learning (TechCrunch) Computers and mobile devices running rich operating systems have a plethora of security solutions and encryption protocols that can protect them against the multitude of threats they face as soon as they become connected to the Internet. Such is not the case with IoT

Is Hybrid AI the future of cyber-security? (SC Magazine) The future of cyber-security looks part human and part machine, according to MIT's Computer Science and Artificial Intelligence Laboratory but what does the broader industry think?

Tay the Microsoft bot easy prey for humanity’s drivel (Irish Times) ‘Mark Zuckerberg, for one, has promised/threatened a new generation of chatbots operating inside the Facebook Messenger app’

Skull echoes can be a password to protect facehugger computers (Naked Security) Ahh, biometrics. In the race to replace the password, that sadly inadequate Eeyore of the authentication world, is there any part of the body that hasn’t been poked at?

Research and Development

GrammaTech Selected by DOD and DHS for Five New Cybersecurity Projects (IT News Online) GrammaTech, a leading provider of software assurance, hardening, and cyber-security solutions, has been selected by the US Government to receive five research contracts that will advance techniques and technologies in static analysis and software protection


University of Central Florida becomes winningest National Collegiate Cyber Defense champion (PRNewswire) Student team wins cybersecurity competition three years running

The Keystrokes to Victory (Raytheon) Five pro tips on winning a hacker contest

DSC awarded cybersecurity designation; Stetson honor society inducts new members (Daytona Beach New-Journal) Daytona State College is Florida’s first state college to have been deemed a National Center of Academic Excellence in Cyber Defense Education

MIT Launches Experimental Bug Bounty Program (Threatpost) The effectiveness of bug bounty programs is difficult to deny, especially after adoption of one at Uber, which announced last month it would begin paying $10,000 for critical bugs, and the Department of Defense, whose Hack the Pentagon illustrates the government’s softening stance on hackers

Legislation, Policy, and Regulation

ISIS Targeted by Cyberattacks in a New U.S. Line of Combat (New York Times) The United States has opened a new line of combat against the Islamic State, directing the military’s six-year-old Cyber Command for the first time to mount computer-network attacks that are now being used alongside more traditional weapons

Australia still doesn’t see a cyber attack as the menace our allies fear (The Conversation) Though mature and nuanced, the cyber security strategy delivered by Prime Minister Malcolm Turnbull last week matches neither the spending plan or the language of our closest cyber allies

On the Brink of Cyber War? Moscow, Washington Meet Quietly in Geneva (Sputnik News) Years ago the Stuxnet virus showed the possibility of anonymous “kinetic” attacks in the cyber arena, leading many military and defense analysts to worry that World War III may be carried out with a keyboard

Intelligence and the Cyber Domain: A Canadian Perspective (The CyberWire) The Honorable Harjit Singh Sajjan, Canada's Minister of National Defense, spoke with the CyberWire shortly after he addressed SINET's ITSEF 2016. He shared his perspective on intelligence and the cyber domain, to which he brings the distinctive experience of both a military intelligence officer and a police detective who specialized in gang crime investigations. He emphasized the prime imperative of developing actionable intelligence: delivering it quickly to those on the ground who can take action

Questions In Belgium Over Security Do Little To Sway Minds Over Surveillance (NPR) Since police video revealed suspects in the Brussels airport bombing walking calmly through the city, debate's raged over security in Belgium — but there's been little about its surveillance system

Congress to US spy chief: Tell us how many Americans were ensnared by PRISM (ZDNet) The executive branch was hoping that Congress would reauthorize a number of surveillance programs without asking too many questions. Well, think again

On Encryption Battle, Apple Has Advocates in Ex-National Security Officials (New York Times) In their years together as top national security officials, Michael V. Hayden and Michael Chertoff were fierce advocates of using the government’s spying powers to pry into sensitive intelligence data

Industry Cooperation, Cybersecurity Driving DISA Success (SIGNAL) The military information agency turns toward the private sector to solve its biggest challenges

Is the Pentagon's Innovation Unit Too Cozy with Silicon Valley? (Nextgov) House lawmakers are worried the Defense Department’s new innovation unit is too Silicon Valley centric

Bye Bye QDR; Hello Stand-Alone Cyber Command: HASC Markup (Breaking Defense) The Quadrennial Defense Review is dead. Long live a unified combatant command known as Cyber Command

DOD officials push back on civil cyber support critiques (GCN) Pentagon officials pushed back Friday against criticisms levied against the Defense Department for the lack of clarity in its chain of command for domestic cyberattacks. “We know how to do it; we’re making sure that in the event that it happens we’re ready to execute,” Deputy Commander of Cyber Command Lt. Gen. James “Kevin” McLaughlin said

FDA's cyber guidance gets key congressman's support (FCW) The Food and Drug Administration's proposed cybersecurity guidance for medical device manufacturers was open for public feedback through April 21

Military Needs to Increase Cyber Collaboration (SIGNAL) The commitment is there, but the arena has become more complicated

Litigation, Investigation, and Law Enforcement

US no longer requires Apple's help to crack iPhone in New York case (IDG via CSO) The government said "an individual" had given it the passcode to the phone

Sources Doubt Anonymous Gray Hats Cracked San Bernardino Shooter's Phone. So Who Did? (Fast Company) The FBI has contracted with the SunCorp subsidiary for $338,581 in gear and services since the December 2 San Bernardino attack

Experts Weigh-In Over FBI $1.3 Million iPhone Zero-Day Payout (Threatpost) Was the Federal Bureau of Investigation justified in paying over $1.3 million for a hacking tool that opened the iPhone 5c of the San Bernardino shooter? For some in the security community the answer is a resounding yes. For others, the answer is not so clear-cut

The FBI probably didn’t overpay for that iPhone hack (Quartz) The US Federal Bureau of Investigation reportedly paid more than $1.3 million for the hack it used to access the San Bernardino iPhone–and that’s probably about right

Cyber ruling opens door to CGL claims () Records 'published' without being viewed

Chinese firm at center of cyber fears (Washington Post via Astro Awani ) Ever since Chinese computer maker Lenovo spent billions of dollars to acquire IBM's personal-computer and server businesses, some lawmakers have called on federal agencies to stop using the company's equipment out of concerns over Chinese spying

China Punishes Apple by Shutting Down iTunes and Movies (Breitbart) Despite years of Apple Inc. succeeding in gaining huge market share by apparently granting China state security authorities “backdoors” into its product encryption, communist regulators shut down Apple’s iBook Store and iTunes on April 22

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Army SIGINT (Fort Meade, Maryland, USA, April 25, 2016) Approximately 500 attendees will come together to discuss future technologies in Signals Intelligence (SIGINT), focusing on applications for the actual users in the field (the soldiers). Most attendees...

6th European Data Protection Days (EDPD) (Berlin, Germany, April 25 - 26, 2016) The EDPD Conference will provide participants from the business side with all the important news and updates for the international data protection business at a high level. These include key developments...

CISO San Francisco (San Francisco, California, USA, April 26, 2016) The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions...

Staying Ahead of the Curve - Securing a Nation Amid Change (Washington, DC, USA, April 26, 2016) A discussion of the changing cybersecurity landscape, featuring a keynote by General Keith Alexander, former Director, National Security Agency, and a panel discussion of the challenges facing Federal...

Are You Protecting Your Business? Why Cyber Threat is a C-Level Priority (Cerritos, California, USA, April 26, 2016) Whether you’re a company of five or 5000, join us for this educational workshop and learn innovative ways to protect your small business from #cybercrime. FBI Special Agent Joey Abelon will share FBI insights...

Assured Communications 2016 (Crystal City, Virginia, USA, April 27, 2016) A basic tenet of building an expeditionary fighting force that can respond to hot spots around the world is the ability to surge. That applies to satellite bandwidth as much as it does to personnel and...

CISO Houston (Houston, Texas, USA, April 28, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations...

Cybersecurity Futures 2020 (Washington, DC, USA, April 28, 2016) On April 28, some of the country's leading policymakers, hackers, and creative thinkers will join Passcode and UC Berkeley to discuss the Internet's alternate futures – and explore how unconventional thinking...

3rd East Africa Cyber Defense Convention 2016 (Nairobi, Kenya, April 29, 2016) Building on the success of previous conventions series in the last two years and with insights from cybersecurity experts, participants at this conferene learn how organisations should successfully respond.

CISO United States (Chicago, Illinois, USA, May 1 - 3, 2016) The CISO Summit will bring together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda...

SANS Security West 2016 (San Diego, California, USA, May 1 - 6, 2016) With cyber-attacks and data breaches on the rise, attacks becoming more frequent, sophisticated and costlier, the gap in the ability to defend has become wider and more time sensitive. Now is the perfect ...

CEBIT (Sydney, New South Wales, Australia, May 2 - 4, 2016) With the Australian Federal Government officially announcing its national cyber security policy, ahead of CeBit Australia’s business technology event, CeBIT is ultra strong on cyber security, too. CeBIT’s...

Cyber Investing Summit 2016 (New York, New York, USA, May 3, 2016) The Cyber Investing Summit is an all-day conference focusing on the investment opportunities, trends and strategies available in the $100+ billion cyber security sector. Network with investment professionals,...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.