skip navigation

More signal. Less noise.

Daily briefing.

Trend Micro reports finding indications that hackers who hit Ukraine's power grid made preliminary attacks against that country's mines and railroads. The US Deputy Energy Secretary unambiguously attributes the grid hacks to the Russian government.

A study of patriotic hacktivism in India and Pakistan convinces Recorded Future that the calendar can help predict surges in cyber-rioting.

Hacktivists induce breaches in, separately, Chile and Bolivia. Both incidents are said to be devoted to exposing government corruption and slovenly data security practices, but declared motives should probably be treated with caution. As Leo Taddeo, CSO of Cryptzone said, in connection with recent social engineering at the FBI, you don't know much about hackers' motivation "until they're charged and arrested, at which point you can ask them."

British police have arrested a teenager who's allegedly one of the Crackas with Attitude who doxed senior officials of the US Intelligence Community last year.

Carbanak and other threats continue to plague the financial sector. ThreatMetrix thinks bot attacks are the rising threat to banks, with the potential to cost millions in lost business.

Mozilla patches Firefox and Firefox ESR. Observers look at Patch Tuesday and conclude that older versions of Microsoft Internet Explorer are now "officially vulnerable."

As the Internet-of-things expands, standards bodies continue to evolve security guidelines. Automation World says it sees signs of an approach to security that's less IT-centric than those hitherto applied to IoT systems.

Finland considers increasing its cyber offensive capability. Some policymakers in India and Taiwan mull cyber militias.


Today's issue includes events affecting Bolivia, Canada, Chile, China, European Union, Finland, France, Ghana, India, Netherlands, Nigeria, Pakistan, Russia, South Africa, Taiwan, Ukraine, United Kingdom, United States, and Vietnam.

the CyberWire will take Monday off, in observance of Washington's birthday. We'll be back as usual on Tuesday with both our Daily News Brief and Daily Podcast. Enjoy the holiday, America.

In today's Daily Podcast, we'll hear from the University of Maryland's Jonathan Katz on provable security. In our Week-in-Review Podcast, the University of Maryland's Markus Rauschecker will describe the Federal Trade Commission's role in regulating cyber security, and Brown University's Alan Usas will talk about what went into preparing that university's new executive master's in cybersecurity. Both podcasts will be up later this afternoon. 

Cyber Attacks, Threats, and Vulnerabilities

Hackers of two Ukrainian utilities probably hit mining and railroad targets, too (IDG via CIO) The attacks may have been test runs for the devastating power-company hacks

KillDisk and BlackEnergy Are Not Just Energy Sector Threats (TrendLabs Security Intelligence Blog) Our new intelligence on BlackEnergy expands previous findings on the first wide-scale coordinated attack against industrial networks. Based on our research that we will further outline below, attackers behind the outages in two power facilities in Ukraine in December likely attempted similar attacks against a mining company and a large railway operator in Ukraine

U.S. official blames Russia for power grid attack in Ukraine (CNN) Russia was behind a December cyber attack on Ukraine's power grid that caused widespread power outages, a senior Obama administration official said Thursday

Cricket can get nasty: India v Pakistan rivalry boils over into cyber-war (Register) Cheer at Test results, find yourself hit by SQL injection

Hacktivism: India vs. Pakistan (Recorded Future) When India gained independence from Britain in 1947, a new, predominantly Muslim nation of Pakistan was created during what was called the "partition"

Hackers Breach Bolivian Army Email Servers (Softpedia) Old exploit and bad configuration let the hackers in

Hacktivists Leak Details for 300,000 Chilean Citizens Looking for State Benefits (Softpedia) A group of Chilean hacktivists that go by the name of Chilean Hackers have broken into the database of CONADI and stolen the personal details of 304,189 Chilean citizens looking for state benefits from the country's government

Anonymous Targets South African Government Employees Through Job Portal Hack (Softpedia) Members of the Anonymous hacker collective have breached one of South Africa's job portals, stolen all the data, but only leaked details belonging to government employees

"As certain as tomorrow's sunrise," the FBI will find whoever's responsible. (The CyberWire) Leo Taddeo, currently CSO of Cryptzone and former Special Agent in Charge of the Special Operations/Cyber Division of the FBI?s New York Office, shared his perspective on the recent apparent compromise of data from FBI networks

Faux Insiders Represent the Greatest Cyber-threat to Organizations (Infosecurity Magazine) When it comes to presenting the largest risk to organizations, the insider threat is perhaps the most dangerous

Social engineering is top hacking method, survey shows (ComputerWeekly) Social engineering tops the list of popular hacking methods, underlining the need for continuous monitoring, according to security firm Balabit

5 Reveals About Today's Attack M.O.s From Skype Spying Malware (Dark Reading) T9000 backdoor is built with many of today's cybercriminal tricks up its sleeves

CryptoWall 3.0 Bags Small Cybercrime Ring Over $300K (IT Security Guru) Cyber security firm Imperva has released a new behind-the-scenes report into the infamous CryptoWall 3.0 ransomware, which show just how much cybercrime pays

Cyber criminals hack Netflix: Symantec (ARN) Phishing campaign redirects users to a fake Netflix website and steals payment card details

Cyber attack, 'backbone failure' to blame for Toronto Internet woes: TekSavvy (Toronto Metro News) TekSavvy has been dealing with increased cyber attacks that have played a role in, or caused, at least one of the outages

Fraudsters Tap Kohl's Cash for Cold Cash (KrebsOnSecurity) Scam artists have been using hacked accounts from retailer to order high-priced, bulky merchandise that is then shipped to the victim's home

Phishing via SMS — crooks target Australian mobile banking users (Naked Security) For better or for worse, most of us are familiar with bank-related phishing

Carbanak Hackers Targeting Banks Again, Security Pros Say (American Banker) Carbanak, a type of cybersecurity attack on banks, has been spotted in action again

Financial institutions on high alert for major cyber attack (ComputerWeekly) The financial sector is facing the highest number of organised cyber attacks and multi-channel threats, a ThreatMetrix report reveals

PIN-stealing IRS attack affects 100,000 taxpayers (Naked Security) It's tax filing season in the United States

Is Tax Preparation Software Safe to Use? (Bloomberg BNA) Tax season is one of the most popular times for people to become victims of scams. According to the IRS, tax refund fraud is expected to soar this tax season, reaching $21 billion this year compared to just $6.5 billion two years ago

Social Scams — The Full Breakdown and Protection Plan (Heimdal Security) Remember the time when our email inbox was filled with requests to help endangered (and filthy rich) Nigerian princes?

A Guide on 5 Common LinkedIn Scams (Tripwire: the State of Security) The fact that scammers haunt social media platforms like Facebook and Twitter is not surprising — at the heart of those platforms lies the drive to broaden one's horizons

iovation Shares Data on Online Dating Scams and Mobile Usage Ahead of Valentine's Day (Dark Reading) Firm names top types of dating fraud leading to lonely hearts and catfish scams

6 Cyber Secrets Setting You Up for Betrayal (IT Business Edge) Valentine's Day is near. And while love is grand, the fact is that human nature can sometimes cause heartbreak. Research shows that one in five people are keeping a major secret — such as infidelity or money troubles — from their spouse. Deceit can be a deal breaker

The Dangers of Online Dating: Watch Out for 'Sweetheart Scammers' (Hack Read) Once an almost unheard-of phenomenon, online dating is today a go-to resource for many busy, career-oriented individuals for finding their true love and future partners. While many succeed in finding their loved ones using this relatively new medium, many become victims to what is known as 'romance' or 'sweetheart' scams

Introducing the Sophos Love Song Collection! Happy Valentine's Day IT heroes (Naked Security) If you're a regular reader of Naked Security, or a Sophos user, you might be aware that our marketing department regularly produces pretty spot-on videos that reflect the experience of IT pros

Kaspersky Researcher Hacked a Hospital While Sitting in His Car (Softpedia) It was only a test, hospital management knew about it

Report examines the massive future cybersecurity problem of connected cars (Network World) The cybersecurity of connected vehicles was called 'a massive future security problem just around the corner'

Security Patches, Mitigations, and Software Updates

Mozilla Releases Security Updates (US-CERT) The Mozilla Foundation has released security updates to address vulnerabilities in Firefox and Firefox ESR. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system

It's official: Older versions of IE are now at risk (Computerworld via CSO) Two-thirds of the vulnerabilities patched this week in IE11 and Edge likely exist in now-retired IE7 and IE8, definitely in semi-obsolete IE9 and IE10

Cyber Trends

Deloitte: Cybersecurity Moves to the Offensive (Infosecurity Magazine) Organizations with a sophisticated approach to cybersecurity are no longer satisfied with locking the doors after the robbery has been committed. There is instead a distinct shift toward offense

IT Professionals Overconfident in Their Ability to Detect Breaches, Reveals Survey (Tripwire: the State of Security) In today's ever-evolving world, the PC is no longer the sole endpoint found on organizations' networks

DIA's Vincent Stewart: Cyber, Hostile Intell, Terrorism Key Global Security Challenges (ExecutiveGov) Lt. Gen. Vincent Stewart, director of the Defense Intelligence Agency, has informed the Senate Armed Services Committee that regional security issues, malicious intrusion, transnational terrorism and hostile foreign intelligence activities remain as the biggest threats to the U.S. and its allies

Why cybercrime will always need humans (IT Pro) Kaspersky finds robots won't ever replace hackers completely

Voter targeting becomes voter surveillance (CSO) Political campaigns have always sought to shape their message to attract specific groups of voters. But big data analytics now makes it possible to create personal profiles of individual voters. And that is raising concerns among privacy advocates


CyberArk, FireEye Both Miss With EPS Guidance, Shares Fall Late (Investors Business Daily) CyberArk Software (CYBR) stock crashed late Thursday despite the firm's Q4 beat after its earnings outlook lagged, while fellow security vendor FireEye (FEYE) came up just short on Q4 sales and missed with its Q1 bottom-line guidance

FireEye reports record revenue, shows no signs of slowing down (Channel Life) FireEye has reported record billings and revenue for the fourth quarter and fiscal year 2015, and says expanding platform adoption drove record annual operating cash flow, while recent iSight partners and Invotas acquisitions extended the company's addressable market

Why FireEye Stock Should Be Soaring Higher After Q4 Earnings (Seeking Alpha) FireEye reported very strong Q4 earnings and gave bullish guidance. Still, the stock is currently down 5% in after-hours trading. Investors in FireEye fail to realize all the major improvements at the company and the opportunity that now rests in its stock price

FireEye's (FEYE) CEO David DeWalt on Q4 2015 Results — Earnings Call Transcript (Seeking Alpha) Good day everyone and welcome to the FireEye's Fourth Quarter 2015 Earnings Results Conference Call. This call is being recorded

Symantec Beat 3Q16 Estimates despite the Strong Dollar (Market Realist) SYMC's fiscal 3Q16 results beat analysts' expectations

BlackBerry Layoffs Leave Dark Cloud Over Handset Business (InformationWeek) BlackBerry cut about 200 employees this month, which prompted many to question its commitment to smartphones, BlackBerry 10 in particular

Firewall pioneer Kramer bets on shift to cloud security (Reuters) Check Point Software Technologies co-founder Shlomo Kramer, a pioneer of efforts to protect businesses from cyber attacks, is betting on security in the cloud as the sector's next big development

New head of IBM's artificial intelligence group departs (CIO Dive) The head of IBM's cognitive computing group, responsible for Watson, has left the company after just nine months

Products, Services, and Solutions

Zero-Day Exploit (ZDE) prevention for all systems (ITWire) Check Point has developed SandBlast Agent that integrates new protections and advanced forensics to secure end-point devices and accelerate incident response. In short protection from ZDEs

Indegy finds out when industrial controls go bad (think Stuxnet) (Computerworld) Appliance gives insight into the control plane of programmable logic devices that run power grids and factories

Technologies, Techniques, and Standards

IoT security guidelines for providers, vendors, and network operators (Help Net Security) The GSMA Association has published new guidelines designed to promote the secure development and deployment of services in the growing Internet of Things (IoT) market

Cybersecurity Information Sharing for Executives (TruSTAR Technology) It is not about threat intelligence. It is about incident exchange and collaboration

Which security products do enterprises expect too much from? (CSO) Enterprises rely on some security products too much while counting on others too little

How to ensure PCI DSS compliance when dealing with message queues (CSO) Does your message queue contain data in-scope for PCI DSS? For many, the answer seems to be that they've never even considered that data stream. Well, they should

5 Big Incident Response Mistakes (Dark Reading) Failing to have a formal incident response plan is just one of the mistakes organizations make

Free tool Friday — check what your anti-virus product might have missed (Naked Security) Do you ever wonder if your anti-virus product might have let something nasty slip through?

Design and Innovation

3 Flavors of Machine Learning: Who, What & Where (Dark Reading) To get beyond the jargon of ML, you have to consider who (or what) performs the actual work of detecting advanced attacks: vendor, product or end-user

Industrial Control System Security Gets Focused (Automation World) New cybersecurity announcements highlight the move beyond traditional IT-oriented security toward systems designed specifically for the industrial control environment

Google just passed a big milestone for getting self-driving cars on the road (Naked Security) Google has been testing out its egg-shaped self-driving cars for a while now — the company says its cars have racked up over 1.2 million miles

White-hat hackers key to securing connected cars (CSO) Federal regulator warns of security and privacy risks in connected cars, calling on manufacturers to partner with white-hat hackers to seek out flaws and vulnerabilities


Safety taught during Cyber Week at Porter Twp. Schools (NWI Times) It's never too early to teach cyber safety to students, even those as young as kindergarten, Pamela Kassner said

Legislation, Policy, and Regulation

Finland Aiming To Add Offensive Edge To Cyberwar Arsenal (Defense News) The planned reform of Finland's cyber defense and intelligence gathering laws will likely include new provisions to give the military and national security services new effective legal tools to launch offensive operations against hostile attacks in the cyberwarfare space

Strategic Culture and Cyberspace: Cyber Militias in Peacetime? (The Diplomat) It's time to see how the concept of strategic culture can be used in understanding national approaches to cybersecurity

Snowden warns France against giving up liberties as MPs pass security bill (Russia Today) Whistleblower Edward Snowden has warned the French people to think twice before giving up their freedoms for increased security

Congress Passes Judicial Redress Act, UK Snoopers' Charter Gets Closer Look (Dark Reading) European citizens win right to sue the Americans over privacy violations, while Britain ponders new ways to commit privacy violations

Wanted: A Real National Cyber Action Plan (National Review) The U.S. must treat cyber aggression far more seriously than President Obama proposes to

Password Security Is So Bad, President Obama Weighs In (NPR) You've heard it before. Change your password. Change. Your. Password. But now, Americans are getting that message from the top

ENCRYPT Act co-sponsor learned tech ropes at Microsoft (CSO) Rep. DelBene sees good chance of passage for measure to preempt state encryption laws

The FBI's Encryption 'Debate' Is Going Nowhere (Motherboard) It's been a year and a half since US law enforcement agencies resumed their campaign trying to ban strong end-to-end encryption, and it's pretty clear that the resulting "debate" is going nowhere

A new study on encryption confirms what experts have been telling politicians for years (Business Insider) You can't ban encryption. It just won't work

Cyber, counterterror to be 'cornerstones' of DHS (The Hill) Homeland Security Secretary Jeh Johnson said on Thursday that improving the nation's cybersecurity and protecting against terrorism remain two of the department's "cornerstones" in the final year of the Obama administration

Homeland Security to amp up social media screening to stop terrorism, Johnson says (Washington Post) The Department of Homeland Security is expanding its social media presence in an effort to protect the country, reacting to growing concern about terrorists being radicalized online, Secretary Jeh Johnson said Thursday

Facebook Steps Up Efforts Against Terrorism (Nasdaq) Hours after the December shootings in San Bernardino, Calif., Mark Wallace asked his employees at the nonprofit Counter Extremism Project to comb social media for profiles of the alleged attackers

Security and the Internet of Things (Just Security) On Tuesday, the Obama administration announced a program to better secure the "Internet of Things" and also highlighted the opportunities networked devices provide for the US intelligence community

Junior Marines would be first to go in cuts for cyber capabilities (Federal News Radio) As the Marine Corps is doubling down on cyber and information warfare, the service has made it clear it is willing to take force structure cuts to fulfill its mandates

Trade Groups Seek FTC Reg Model of Broadband CPNI (Multichannel News) Say FCC should stick with enforcing unfair, deceptive practices

Senate committee endorses student privacy bill (AP via Education Week) A state Senate committee has endorsed a proposed bill that would prohibit teachers and school officials from prying into students' private personal social media accounts

Litigation, Investigation, and Law Enforcement

First on CNN: FBI, British police nab alleged 'crackas' hacker (CNN) The FBI and British police think they finally cracked the case of "Crackas with Attitude"

U.K. police arrest teenage hacker who allegedly broke into CIA director's email (Daily Dot) Authorities in East Midlands, England, arrested a 15-year-old boy on Tuesday for allegedly hacking the personal email account of the CIA director and releasing the personal information of 31,000 government agents

Google extends 'right to be forgotten' to all domains (Naked Security) Ever since 2014, when an EU court decreed that people have the right to be forgotten online, Google has tried to slice and dice the requests: it would bury search results for its subsidiary in a given country, only on that country's Google subsidiary, instead of submerging search results on all its domains

Microsoft looks to be retreating from EU antitrust fight against Google (Ars Technica) ICOMP lobby group's long-running campaign against search and ad giant collapses

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Pwn2Own 2016 (Vancouver, British Columbia, Canada, March 16 - 17, 2016) Since its inception in 2007, Pwn2Own has increased the challenge level at each new competition, and this year is no different. While the latest browsers from Google, Microsoft, and Apple are still targets,...

Black Hat Asia 2016 (Singapore, March 29, 2016) Black Hat is returning to Asia again in 2016, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days — two...

ISC West 2016 (Las Vegas, Nevada, USA, April 6 - 8, 2016) ISC West is the leading physical security event to unite the entire security channel, from dealers, installers, integrators, specifiers, consultants and end-users of physical, network and IT products.

2016 Akamai Government Forum: Safeguarding a Dynamic Government — End–to–End Security for your Agency (Washington, DC, USA, April 21, 2016) Today's public demands a high performance — and safe — web experience from government and public organizations. And public IT leaders require flawless web protection to securely meet that...

Black Hat USA 2016 (Las Vegas, Nevada, USA, August 3 - 4, 2016) Black Hat — built by and for the global InfoSec community — returns to Las Vegas for its 19th year. This six day event begins with four days of intense Trainings for security practitioners...

Annual Privacy Forum 2016 Annual Privacy Forum 2016 (Frankfurt, Hesse, Germany, September 7 - 8, 2016) In the light of the upcoming data protection regulation and the European digital agenda, DG CONNECT, ENISA and, Goethe University Frankfurt is organizing APF 2016. In the light of the upcoming data protection...

Upcoming Events

Department of the Navy (DON) IT Conference, West Coast 2016 (San Deigo, California, USA, February 17 - 19, 2016) The purpose of the DON IT conference is to: (1) Explain the new and invigorated DUSN (M), DON/AA, and DON CIO organization and its business and IT transformation priorities. (2) Share information that...

2016 Cyber Security Division R&D Showcase and Technical Workshop (Washington, DC, USA, February 17 - 19, 2016) The cybersecurity threat continues to evolve and in order to keep ahead of the threat; new cutting-edge cybersecurity technologies are needed. The Cyber Security Division (CSD) within the Department of...

National Insider Threat Special Interest Workding Group: Insider Threats From A Human Resources & Legal Perspective (Laurel, Maryland, USA, February 18, 2016) This meeting will be focused on "Insider Threats From A Human Resources & Legal Perspective." Mrs. Jordan C. Meadows, Security Program Analyst at Rolls-Royce North America will present from the Human Resources...

ICISSP 2016 (Rome, Italy, February 19 - 21, 2016) The International Conference on Information Systems Security and Privacy aims at creating a meeting point for researchers and practitioners that address security and privacy challenges that concern information...

CISO Canada Summit (Montréal, Québec, Canada, February 21 - 23, 2016) Tactics and best practices for taking on enterprise IT security threats. The CISO Summit will bring together C-level IT security executives, industry analysts and solution providers to discuss challenges...

Interconnect2016 (Las Vegas, Nevada, USA, February 21 - 25, 2016) IBM InterConnect 2016 is for those who are building new business models, transforming industries, and creating better outcomes. Whether you're a C-suite executive, IT leader, developer, designer, architect,...

cybergamut Tech Tuesday: Neuro Cyber Analytics: Understanding the Patterns of Human Cognition in the Cyber Domain (Elkridge, Maryland, Middletown, February 23, 2016) This presentation will discuss Neuro Cyber Analytics. Humans use context-specific neurocognitive patterns for receiving and processing internal and external sensory information. Stated differently, people...

Insider Threat Program Development Training Course — Maryland (Annapolis, Maryland, USA, February 23 - 25, 2016) The National Insider Threat Special Interest Group website has some very "eye opening" examples of how "damaging and costly" an "insider threat incident" can be. The FBI Insider Threat Alert states companies...

CISO New York Summit (New York, New York, USA, February 25, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.