skip navigation

More signal. Less noise.

Daily briefing.

Recorded Future finds a "Russian-speaking hacker" who may have compromised the US Election Assistance Commission. "Rasputin," as they're calling him, is selling access to the Commission. The Election Assistance Commission is a small independent Federal agency charged with supporting the conduct of elections in the States through a variety of largely voluntary services. The hack seems more embarrassing than dangerous, and does not appear to threaten any significant danger of vote fraud or manipulation.

The US continues investigating Russian influence operations during the recently concluded elections. Officials murmur about President Putin's direct involvement, President Obama promises unspecified retaliation, and the White House grouses that media who reported leaked DNS emails effectively became an "arm of Russian intelligence." British and European officials worry about similar Russian meddling in their own elections. The prospect of what ThreatConnect calls "Faketivism"—false flags and covert information operations—is particularly troubling to them.

The magnitude of the Yahoo! breach continues to sink in, and security industry observers express displeasure over weak crypto practices and slow breach disclosure. The company's stock price declines as investors lose confidence that Verizon's acquisition of Yahoo!'s core assets will go through.

Proofpoint warns that the DNSChanger exploit kit, distributed by malvertising, is now hitting routers.

Netskope discovers new variants of Locky ransomware circulating in the wild. There's some compensating good news: the public-private partnership No More Ransom adds new partners and expanded free services for ransomware victims.

India worries that the "Legion" hacks may amount to more than a nuisance.


Today's issue includes events affecting Austrian, Croatia, Denmark, European Union, Finland, France, India, Israel, Italy, Luxembourg, Malaysia, Malta, Netherlands, Nigeria, Portugal, Romania, Russia, Singapore, Slovenia, Ukraine, United Kingdom, United States.

A note to our readers: The new Star Wars film, Rogue One, is out this week. It's billed as "the epic tale of a scrappy group of rebels and their daring mission to steal the plans for the Death Star." Given what's generally known about information security, however, one wonders if perhaps the plans might actually have been compromised in a different way. (Not that a Sith lord would reuse his Yahoo! security questions in an Imperial account...he wouldn't, would he? Right?)

The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we'll hear from our partners at the University of Maryland's Center for Health and Homeland Security, as Markus Rauschecker takes us through the National Cyber Incident Response Plan (NCIRP). We'll also hear from guest Jacob Ginsberg, of EchoWorx, who joins us for a discussion of the debate over encryption policy.

A special edition of our Podcast up is up as well—the topic is venture capital. In it we examine the current state of investment in cyber security, speak to experts in the field, and learn from top cyber security-focused venture capitalists about what they expect before they invest.

As always, if you enjoy the podcasts, we invite you to please consider giving it an iTunes review.

Cyber Attacks, Threats, and Vulnerabilities

Vulnerable in cyberspace (The Hindu) The ‘Legion’ hacks expose the dire state of cybersecurity in India. Frequent data breaches will steadily erode the confidence of Internet users and deter them from using digital gateways

The government body that oversees the security of voting systems was itself hacked (TechCrunch) The U.S. Election Assistance Commission, which is responsible for testing and certifying voting systems, among other things, was hacked around the time of the election, security outfit Recorded Future reports. The EAC confirmed a “potential intrusion” in a statement issued to TechCrunch

Russian-Speaking Hacker Selling Access to the US Election Assistance Commission (Recorded Future) On December 1, 2016, Recorded Future identified chatter related to a suspected breach of the U.S. Election Assistance Commission (EAC). Recorded Future engaged the Russian-speaking actor (referred to as “Rasputin” in this research) to assess the full scope of the unauthorized access, and provided all relevant information to federal law enforcement. Further analysis identified more than 100 potentially compromised access credentials, including some with administrative privileges. Rasputin offered to sell an unpatched system vulnerability to a Middle Eastern government broker. Recorded Future successfully attributed the EAC breach to Rasputin

Cyber Chief in UK Election Hack Warning (Infosecurity Magazine) The head of the UK’s National Cyber Security Centre has warned that Russia’s alleged meddling in the US election could lead to similar campaigns to destabilize the democratic process in the UK

Faketivists Could Play Havoc with Euro Elections in 2017 (Infosecurity Magazine) Security experts are warning of a rise in so-called “faketivists” – state sponsored operatives who take on the personas of solitary hacktivists in order to disseminate sensitive hacked material for political ends

Yahoo's Record-Setting Breach Disclosure [Updated] (The CyberWire) Yesterday Yahoo disclosed that more than a billion customer accounts were compromised in August 2013. This incident is distinct from the breach of 500 million accounts the company disclosed on September 22, 2016. Yahoo said in its announcement that how the breach was accomplished is not yet known, and that the company is working with law enforcement to investigate. This incident is regarded as being the largest breach on record, in terms of the number of individuals affected. Security industry experts have weighed in with their views on what happened and how such attacks might be prevented or mitigated

Security! experts! slam! Yahoo! management! for! using! old! crypto! (Register) Suits should have done more to protect users, rather than user numbers

Yahoo hack: The 'Exxon Valdez of security breaches' (Fox News) Yahoo is coming under fire from security experts after the tech giant confirmed that more than one billion customer accounts have been compromised in a massive data breach

Yahoo's big breach helps usher in an age of hacker anxiety (AP) Yahoo has become the worst-case example of an unnerving but increasingly common phenomenon — massive hacks that steal secrets and other potentially revealing information from our personal digital accounts, or from big organizations that hold sensitive data on our behalf

My Yahoo Account Was Hacked! Now What? (KrebsOnSecurity) Many readers are asking what they should be doing in response to Yahoo‘s disclosure Wednesday that a billion of its user accounts were hacked. Here are a few suggestions and pointers, fashioned into a good old Q&A format

Yahoo breach: I’ve closed my account because it used MD5 to hash my password (Naked Security) This morning I received an email from Yahoo entitled “Important Security Information for Yahoo Users”. Five minutes later I’d closed my account

Yahoo breach means hackers had three years to abuse user accounts (CSO) Elite hackers-for-hire or state-sponsored actors may have been involved, according to experts

Yahoo breach: why does it take so long to tell people about a hack? (Naked Security) Hours after Yahoo disclosed this latest data breach, people asked why it took the company so long to come clean about a compromise dating back to 2013. To the casual observer, three years is a long time, and it makes them suspicious that the company was deliberately keeping users in the dark

Yahoo breach: here’s what you need to do (Naked Security) As you’ve probably heard by now, Yahoo says it suffered a massive data breach that compromised 1bn accounts. The breach, dating back to 2013, is separate from another disclosed in September, in which 500m user accounts were hacked

How should 1 billion users respond to epic Yahoo hack? (Christian Science Monitor Passcode) The scope of the breach is a harsh reminder how everyone on the web needs to be vigilant about protecting their data in an era of widespread criminal and government hacking

Got a hacked Yahoo account? Here's what you should do (CNN) Yahoo has announced another huge security breach, leaving its users fretting once again about their personal information

DNSChanger Exploit Kit Hijacks Routers, Not Browsers (Threatpost) Attackers are targeting more than 166 router models with an exploit kit called DNSChanger that is being distributed via malvertising. Researchers at Proofpoint said the exploit kit is unique because the malvertising component of the attack doesn’t target browsers, rather a victim’s router

New Variants of Locky Ransomware Found (Netskope) Locky ransomware is in the news again with variants using different extensions for encrypted files. A couple of months ago, we blogged about the Zepto variant of Locky ransomware which used the .ZEPTO extension for encrypted files. The blog also highlighted Zepto’s executable (.EXE) payload execution with pre-defined parameters. Later, we highlight in this blog another Zepto variant that executes its main payload via DLL rather than EXE. As we continue to monitor Locky ransomware’s evolution, Netskope Threat Research Labs took a deep dive into two new variants of Locky ransomware, this time using .AESIR and .ZZZZZ extensions for encrypted files. The variants also made a few changes in the malware’s payload execution

Goldeneye Ransomware – the Petya/Mischa combo rebranded (Malwarebytes) From March 2016 we’ve observed the evolution of an interesting low-level ransomware, Petya – you can read about it here. The second version (green) Petya comes combined with another ransomware, packed in the same dropper – Mischa. The latter one was deployed as an alternative payload: in case if the dropper was run without administrator privileges and the low-level attack was impossible. This combo is slowly reaching its maturity – the authors fixed bugs that allowed for decryption of the two earliest versions. Now, we are facing an outbreak of the fourth version – this time under a new name – Goldeneye, and, appropriately, a new, golden theme

One, if by email, and two, if by EK: The Cerbers are coming! (SANS Internet Storm Center) "One, if by land, and two, if by sea" is a phrase used by American poet Henry Wadsworth Longfellow in his poem "Paul Revere's Ride" first published in 1861. Longfellow's poem tells a somewhat fictionalized tale of Paul Revere in 1775 during the American revolution. If British troops came to attack by land, Paul would hang one lantern in a church tower as a signal light. If British troops came by sea, Paul would hang two lanterns

The economics of ransomware revealed (Help Net Security) 70 percent of businesses infected with ransomware have paid ransom to regain access to business data and systems. In comparison, over 50 percent of consumers surveyed said they would not pay to regain access back to personal data or devices aside from financial data, according to IBM Security

The $1 billion industry you don't want any part of, and how to protect your business from it (Business Journals) Malicious code that locks away users' important computer data until payment is received is expected to draw $1 billion in ransom payments in 2016, up from just $24 million in 2015, and those hackers are targeting businesses as well as individuals

Tales of WordPress Plugin Insecurity Overblown, Researchers Say (Threatpost) The insecurity of WordPress plugins has been well documented, especially over the last year, but in the grand scheme of things, it’s not as bad as it seems, experts claim

Flokibot – stuffing hackers’ christmas stockings (Information Age) The Christmas shopping frenzy has kicked off, and with increased retail activity there is a corresponding increase in security threats

Tordow Android Trojan Can Do...Just About Anything (Infosecurity Magazine) A wide-ranging catch-all Android malware known as Tordow v2.0 is affecting Russian victims, and researchers expect it to migrate to other parts of the globe

G DATA Warnung: Betrügerisches Android Adobe Flash Update ist Banking-Trojaner (Trojaner-Info) Es ist eine täuschend echt aussehende E-Mail, die aktuell Nutzer in die Falle lockt. Obwohl es seit langer Zeit schon keinen eigenständigen Adobe Flash Player mehr für die Android-Plattform gibt, versuchen Betrüger aus dem Thema weiter Kapital zu schlagen

Hackers get around AI with flooding, poisoning and social engineering (CSO) Many defensive systems need to be tuned, or tune themselves, in order to appropriately respond to possible threats

Non-Malware Attacks on the Rise, in the Shadow of Ransomware (Infosecurity Magazine) 2016 saw attackers holding data for ransom at an alarming rate; but in conjunction with the rise of ransomware and the continued ubiquity of mass malware, attackers are increasingly utilizing non-malware attacks in an attempt to remain undetected and persistent in organizations’ networks

The Mirai botnet: what it is, what it has done, and how to find out if you’re part of it (HackRead) If you’re the type of person who stays updated on internet security and DDoS attack trends, you probably right skip along without a second thought when the possibility of unwittingly being part of a botnet is raised. After all, if you’re the type of person who stays abreast of these issues, there’s no way your computer is unsecured

Security Patches, Mitigations, and Software Updates

Microsoft, Google to Block Flash by Default in Edge, Chrome (Threatpost) The acceleration of Flash’s ride off into the sunset hit top speed with Microsoft on Wednesday following up a similar announcement last week from Google that it would block Flash by default in the Edge browser

Say good-bye to Microsoft security bulletins (InfoWorld) It’s still too early to install the latest patches for Win7, 8.1, and Office, but next month things will get less complicated

Evernote backs off from privacy policy changes, says it 'messed up' (CSO) Employees will not be reading note content unless users opt in, the company said

“Secure the News” Grades Media Sites on HTTPS—And Most Fail (Wired) Before you enter your credit card into an unknown website, you probably (hopefully) check your browser for the padlock icon that means your connection to that site uses HTTPS encryption, which helps prevent hackers and eavesdroppers

Cyber Trends

Delayed breach notifications open door to regulatory fines (Help Net Security) As more data breaches occur everyday and more data privacy regulations come into force, such as EU GDPR, organizations are beginning to make data governance and data protection more of a priority

Over Half of Global Firms Still Not Progressing with GDPR (Infosecurity Magazine) As we head into the final 18 month stretch before the European General Data Protection Regulation (GDPR) comes into force, two new studies have revealed a worrying lack of preparedness on the part of organizations

Growth rates of cryptographic keys and certificates (Help Net Security) A new study conducted by Dimensional Research evaluated current and projected growth rates of cryptographic keys and digital certificates in the enterprise for 2016 and 2017. Study respondents included 505 IT professionals that manage these critical cryptographic assets in the U.S., U.K., France and Germany

Cyber Criminals Are Getting Smarter But Businesses Only Act When Targeted, Experts Warn (Malaysia Digest) As the dissemination of data and information becomes more and more advanced – the rise of the digital age makes a lot of tasks a whole lot easier, but so does the risk of cyber-attacks

4 historic security events of 2016 and what they teach us [Infographic] (CSO) From the massive data breaches at Yahoo to the election hacks, history will look back on 2016 as a very instructive year indeed

Real-World Fallout From The Cybersecurity Skills Gap (Dark Reading) Two new studies connect the dots between an organization's lack of staffing and skills to its ability to fend off cyberattacks


Yahoo shares tumble as investors fear Verizon acquisition trouble (TechCrunch) Yahoo shares tumbled 6% on Thursday as investors feared that the latest Yahoo hack could spell bad news for its sale to Verizon

Quantifying Cyber Risks (CFO) Companies are clamoring for the data and information they need to manage their exposure

Vkansee raises $10M to fund fingerprint sensor innovation (Biometric Update) Vkansee has raised $10 million in additional funding from existing angel investors and other institutional investors, including Infotech Ventures, Yunnan Huizhong Fund, Shenzhen Qianhai Greatwall Fund and Superpix Micro Technolog

Israeli cyber security co Intezer raises $2m led by Samsung NEXT (GLOBES) The Tel Aviv based startup has developed a virtual security camera for digital spaces

root9B Awarded $4 Million Multi-year Cybersecurity Contract with Global Sector Leader (PRNewswire) Strategic cyber defense contract leverages root9B's Orion HUNT platform and Threat Intelligence services

US Awards Raytheon $459Mln to Modernize Navy Voice Encryption Systems (Sputnik News) US defense contractor Raytheon has been awarded a worth nearly $459 million to modernize the US Navy's aging voice encryption systems to meet the National Security Agency's encryption standards

L’éditeur genevois ID Quantique s’attaque au marché chinois (ICT Journal) Spécialisé dans le chiffrement quantique, la firme genevoise ID Quantique crée une joint-venture avec China Quantum Technologies

Apple, Palantir Among Loose Ends From Trump Tech Summit (Investor's Business Daily) How much did President-elect Donald Trump's meeting with tech industry leaders on Wednesday accomplish?

One-third of new BAE grads to work in cyber security (Engineer) Over one-third of graduates joining BAE Systems in 2017 will be recruited into its cyber security business, the company has revealed

Morphisec opens Boston office to tap into American market (GSN) Morphisec, leading developer of Moving Target Defense (MTD) cybersecurity products, today announces rapid global expansion including the opening of its U.S. operations located in Boston. Born out of Ben-Gurion University and the JVP Cyber Labs in Be'er Sheva, Israel, Morphisec has emerged from Israel's national cybersecurity center to wide acclaim for its forward-thinking technology

Amit Yoran leaves Dell RSA unit to head Tenable Network Security (Reuters) Amit Yoran is stepping down as president of Dell Technologies Inc's (DVMT.N) cyber security unit to run Tenable Network Security Inc, a well-financed private cyber security company that is looking to boost revenue growth

Md. cyber company Tenable Network Security names new CEO (Daily Record) Tenable Network Security, an information security firm based in Columbia, has named Amit Yoran its chairman and CEO, effective Jan. 3

iovation Recognized as UK Insurance Provider Partner of the Year (MarketWired) Post Magazine names authentication and fraud prevention firm an award winner for a third year in a row

CrowdStrike Selected as a 2016 Red Herring Top 100 Global (Yahoo! Finance) CrowdStrike, the leader in cloud-delivered endpoint protection, today announced that the company was recognized by Red Herring’s Top 100 Global award, a listing of the leading private companies from North America, Europe, and Asia

EY Names Cylance® CEO Stuart McClure a National Finalist in the 2016 Entrepreneur of the Year® Award (BusinessWire) McClure stands out among leaders as one of just 44 national finalists recognize

Products, Services, and Solutions

Soget and Thales launch port security coalition (Marine Electronics & Communication) Thales has joined forces with Soget to deliver secured port systems that include physical and cyber security. Combined, the two companies will protect critical port infrastructure from growing digital and physical threats

Guidance Software Releases Enhanced Solutions for Law Enforcement (Yahoo! Finance) Guidance Software, makers of EnCase®, the gold standard in forensic security, today announced major releases for their forensic investigations software, EnCase Forensic and Tableau Password Recovery (TPR) hardware

Dashlane Backs Two-Factor Authentication Awareness Campaign (Yahoo! Finance) Dashlane, the award-winning password manager and leader in online identity management, announces its participation in the #TurnOn2FA two-factor authentication awareness campaign. The campaign, which is in support of the White House's Cybersecurity National Action Plan, seeks to empower consumers to add a level of security to their account with two-factor authentication. Dashlane will promote the campaign, which was created by Intel® and TeleSign

Proficio Partners with CrowdStrike to Provide Advanced Managed Endpoint Security Services (BusinessWire) Offering protects customers’ digital assets from the endpoint to the cloud

Protect Your Office 365 Files With Vera For Microsoft (Forbes) Vera (a sponsor of TechSpective) just launched a new service called Vera for Microsoft designed to help customers protect files in Office 365 and give IT and security administrators some peace of mind. That is a significant challenge in an almost ubiquitously connected and mobile world where data can be anywhere and everywhere at the same time. Vera has established itself by enabling organizations to secure, track, and monitor data no matter where it’s stored or shared

Technologies, Techniques, and Standards

New sheriffs in town: No More Ransom (Help Net Security) A couple of months ago, Intel Security, Kaspersky Lab, Dutch National Police and Europol announced the No More Ransom initiative

Drone ID Brings SSL/TLS Certificates to IoT Security (eWeek) As increasing numbers of Drones take to the skies, the new Drone ID effort backed by AirMap and DigiCert aims to help provide identification and security

Approaching security self-sufficiency (Help Net Security) As part of my role as CSO, I’m extremely lucky to get to have conversations with CISOs, CTOs, and other technology leaders across industries. One of the things that has always struck me throughout my career is how, while there are certainly issues specific to each business, the vast majority of the challenges we face as defenders are the same

Hurricanes, Earthquakes & Threat Intelligence (Dark Reading) You must be prepared for foreseeable attacks as well as the ones that sneak up on you

14 eyebrow-raising things Google knows about you (CSO) Some are fascinating, others are frightening -- but here's how to find out what Google has on you

Walking Dead can teach you valuable security lessons (CSO) Information security, the rise of zombie botnets, and what we can learn from The Walking Dead

Design and Innovation

GM will begin testing and building self-driving cars in Michigan (TechCrunch) GM is going to start building its next generation of self-driving vehicles at the Michigan plant where it builds its Chevrolet Bolt, the company’s CEO Mary Barra announced Thursday. It will also be testing vehicles on public roads in metro Detroit, GM said. GM is already testing self-driving vehicles using autonomous systems created by Cruise, the startup it acquired earlier this year, in both San Francisco, California and Scottsdale, Arizona

Legislation, Policy, and Regulation

Thai PM defends cyber controls as censorship concerns rise (Interaksyon) Thai Prime Minister Prayuth Chan-ocha on Thursday defended a decision to amend a cyber-crime law to increase the military government’s ability to remove online content as authorities seeks to tighten control on dissent

Mutually assured cyber destruction? (Times of Israel) Op-ed: Experts say first the US, then some of the West’s enemies, have developed the capability to shut down entire countries at the flip of a switch

Are We In a New Era of Espionage? (Defense One) One scholar compares it to the early Atomic Age, when members of Congress struggled to understand how nuclear weapons were changing diplomacy and war

Obama Says U.S. Will Retaliate for Russia’s Election Meddling (New York Times) President Obama said on Thursday that the United States would retaliate for Russia’s efforts to influence the presidential election, asserting that “we need to take action,” and “we will”

Why Didn't Obama Do More About Russian Election Hack? (NBC News) The Obama administration didn't respond more forcefully to Russian hacking before the presidential election because they didn't want to appear to be interfering in the election and they thought that Hillary Clinton was going to win and a potential cyber war with Russia wasn't worth it, multiple high-level government officials told NBC News

UK Must Get Better at Counterespionage, Says British Armed Forces Head (Defense News) Britain needs to up its game on counterespionage in order to protect its industrial defense secrets, the head of the armed forces in the UK has warned

Where is Trump getting his cybersecurity advice? (Christian Science Monitor Passcode) Since the president-elect has rejected intelligence analysis that Russian hackers meddled in the presidential election, where is he getting advice on issues of digital security and espionage?

How can cyber contribute to multi-domain battle? (C4ISRNET) The military is beginning to organize around a principle of multi-domain battle — the notion that effects, planning and operations will converge seamlessly among the five domains of warfare: land, sea, air, space and cyber. Rather than thinking about war from a domain-centric perspective, future battles will be fought with a combination of effects. The one thread that connects all domains is cyber

Litigation, Investigation, and Law Enforcement

Putin Now Directly Linked to DNC Hacking, Interference in US Election, Intelligence Officials Say (ABC News) U.S. and foreign intelligence officials told ABC News Russian President Vladimir Putin was personally involved in the hacking of the Democratic National Committee and efforts to interfere in the American elections

Media reporting on hacked DNC emails acted as ‘arms of Russian intelligence’ – White House (RT) White House press secretary Josh Earnest has accused media outlets which reported on the contents of the hacked DNC emails as being “arms of Russian intelligence,” once again accusing Moscow of being behind the cyberattack

White House suggests Putin was involved in U.S. hacking (Military Times) The Obama administration suggested Thursday that Russian President Vladimir Putin personally authorized the hacking of Democratic officials' email accounts in the run-up to the presidential election and said it was "fact" that such actions helped Donald Trump's campaign. The White House also assailed Trump himself, saying he must have known of Russia's interference

Russia’s election hack aimed to hurt Hillary — not help Trump (New York Post) The debate continues: Did the Russians hack the Democrats’ computers to help Donald Trump? I answered this one a long time ago. Yes, the Russians did but through surrogates who probably resided in Bulgaria. And the goal was likely less to help Trump than to hurt Hillary Clinton — a splitting of hairs, I know, but an important distinction in the motive that I’ll address in a minute

John Podesta: Something is deeply broken at the FBI (Washington Post) John Podesta was chairman of Hillary Clinton’s presidential campaign

Huma says she never received FBI warrants for email searches (New York Post) Hillary Clinton aide Huma Abedin told a Manhattan federal judge in a court filing Thursday that neither she nor Anthony Weiner ever received FBI search warrants for emails found on her estranged husband’s computer — raising questions about whether FBI warrants for the emails were ever issued, and if so to whom

More states confirm suspected cyberattacks sourced to DHS (WSB-TV) Channel 2 Investigative Reporter Aaron Diamant has learned two more states’ election agencies have confirmed suspected cyberattacks linked to the same U.S. Department of Homeland Security IP address as last month’s massive attack in Georgia

Georgia asks Trump to investigate 'failed cyberattacks' by DHS (Federal Times) The state of Georgia is asking President-elect Donald Trump to investigate what it described as "failed cyberattacks" on its secretary of state's network that it traced to the Department of Homeland Security

ICO Confirms Yahoo Communication Post Breach (Infosecurity Magazine) The Information Commissioner’s Office (ICO) has confirmed that it is talking to Yahoo about the reported billion account breach

Regulators crack down on Skype and WhatsApp over privacy (Naked Security) Microsoft’s Skype and Facebook’s WhatsApp and other app-based messaging services are facing increased regulation as the European Commission makes plans to update its privacy rules. CIO reports on a leaked legislative draft, revealig

NSA Inspector Who Criticized Snowden for Not Using 'Official' Channels Found Guilty of Retaliating Against Whistleblower Who Did Just That (Comon Dreams) Criticism by agency's inspector general appears particularly threadbare after internal panel found him guilty of lashing out against employee who came forward

District Court Finds Finjan's '494 Patent Claims Against Blue Coat to be Valid (Sys-Con Media) Finjan Holdings, Inc. (NASDAQ: FNJN), a cybersecurity company, provides an update on subsidiary, Finjan, Inc.'s ("Finjan") second patent infringement suit against Blue Coat Systems, Inc. ("Blue Coat") in Finjan v. Blue Coat, 5:15-cv-03295-BLF, before the Honorable Beth Labson Freeman. On December 13, 2016, the Court entered its Order ("the Order") Denying Blue Coat's Motion for Judgment on the Pleadings under 35 U.S.C. § 101 ("the Motion"), filed on September 16, 2016, that asserted claims of Finjan's U.S. Patent No. 8,677,494 ("the '494 Patent") are invalid for lack of patentable subject matter

Nigerian Charged With BEC Scam Involving $3.1 Billion (Dark Reading) David Adindu and accomplices targeted thousands of businesses globally with fake emails asking for money transfer

Romanian Gets 57-Months Jail For ‘ATM Skimming’ Scheme (Dark Reading) Robert Mate and 15 others copied bank account details of thousands of ATM users and stole $5 million

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

SANS Cyber Defense Initiative 2016 (Washington, DC, USA , December 10 - 17, 2016) Make plans to attend SANS Cyber Defense Initiative 2016 (CDI). SANS is the one educational organization known for developing the cybersecurity skills most in need right now. SANS Cyber Defense Initiative...

CES® CyberSecurity Forum (Las Vegas, Nevada, USA, January 5, 2017) Now in its second year, the CES® CyberSecurity Forum presented by CyberVista is designed to ensure all stakeholders in developing high tech solutions understand the complexity and the need for action in...

SANS Security East 2017 (New Orleans, Louisiana, USA, January 9 - 14, 2017) Start the year off right by choosing from outstanding, cutting-edge courses presented by our top-rated instructors. SANS is looking forward to an exciting kickoff of 2017 with SANS Security East 2017 in...

Global Institute CISO Series Accelerating the Rise & Evolution of the 21st Century CISO (Scottsdale, Arizona, USA, January 11 - 12, 2017) These intimate workshops address the challenges that Board of Directors are placing on security and risk executives, and how to successfully manage and communicate today’s enterprise and organizational...

Cybersecurity of Critical Infrastructure Summit 2017 (College Station, Texas, USA, January 11 - 13, 2017) An inaugural event to convene thought-leaders, experts, and strategic decision makers from government, industry, and academia to discuss the technology and policy implications of the ever-evolving cyber-threats...

ShmooCon 2017 (Washington, DC, USA, January 15 - 17, 2017) ShmooCon is an annual east coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software and hardware solutions, and...

SANS Las Vegas 2017 (Las Vegas, Nevada, USA, January 23 - 28, 2017) Attend SANS Las Vegas 2017, where SANS will provide outstanding courses in IT security, forensics, and security management presented by the best cybersecurity teachers in the country. At SANS events you...

BlueHat IL (Tel Aviv, Israel, January 24 - 25, 2017) Announcing BlueHat IL – a special edition of Microsoft's leading cyber security conference for top professionals, to be held for the very first time in Tel Aviv, Israel. Over the past 10 years, BlueHat conferences have drawn the brightest minds in security to discuss key industry challenges. And now, BlueHat IL is here to crank it up by exploring and creating new cyber security thoughts and boundaries. This exclusive, by invitation only, single track event will host top cyber security professionals from around the world, who will come together to tackle the present and peek into the future. It will feature brilliant speakers and focus on breakthrough research, key trends and emerging threats in the field. Registration closes December 28.

SANS Cyber Threat Intelligence Summit & Training 2017 (Arlington, Virginia, USA, January 25 - February 1, 2017) Join SANS at this innovative Summit as we focus on enabling organizations to build effective cyber threat intelligence analysis capabilities. Most organizations are familiar with threat intelligence, but...

Blockchain Protocol and Security Engineering (Stanford, California, USA, January 26 - 27, 2017) This conference will explore the use of formal methods, empirical analysis, and risk modeling to better understand security and systemic risk in blockchain protocols. The conference aims to foster multidisciplinary...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.