skip navigation

More signal. Less noise.

Daily briefing.

Onapsis has found that at least thirty-six enterprises are vulnerable to exploitation of their SAP business applications.

Pawn Storm's back, and according to Trend Micro is going after critics of the Russian Government. The current target is Germany’s Christian Democratic Union, Chancellor Merkel’s political party.

“Getting the common people’s data is as easy as buying cabbage,” tweeted someone using the (now-frozen) handle Shenfenzheng. Shenfenzheng (roughly, “Personal Data”) was also able to get, and tweet, the data of some uncommon people in China, including Communist Party bigwigs and industrial leaders. The leaker’s declared motive is to show up lax security practices.

Anonymous persists in its campaign to bring down the world financial system—LIFARS has a summary (and suggests in a cartoon that the world’s common people wouldn’t necessarily benefit from such a crash).

Turkish hacktivists who leaked data from QNB and InvestBank move on to banks in Nepal and Bangladesh. (Some of their leaks, however, may be old and recycled.)

Recently discovered Flash and IE zero-days are being exploited in the wild.

Cyber criminals increasingly profit from business disruption. Proofpoint says Locky’s got an update, IBM looks at interaction-free ransomware infections, and Palo Alto Networks describes criminals’ business models.

In industry news, Thoma Bravo is rumored to have offered to buy out Infoblox.

Cybersecurity Hall-of-Famers weigh in on the crypto wars.

The FBI says it would buy the iPhone exploit again, and Mozilla sues to have the Bureau tell it about any Firefox zero-days it may have up its sleeve.


Today's issue includes events affecting Australia, Bangladesh, China, Egypt, Germany, India, Iraq, Latvia, Libya, Mexico, Nepal, Netherlands, Russia, Spain, Syria, Turkey, Ukraine, United Kingdom, United Nations, United States, and Uzbekistan.

Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day. If you've wondered what to do with suspicious-looking emails, Johns Hopkins' Joe Carrigan has some advice for you. And we have a talk with Caleb Barlow from IBM, who fills us in on Big Blue's plans to send Watson to school for a cyber security education.

Georgetown Cybersecurity Law Institute (Washington, DC, USA, May 25 - 26, 2016) Experienced government officials, general counsels, and cybersecurity practitioners offer insight into governance, preparedness, and resilience. Register Today, CyberWire readers receive a $100 DISCOUNT using code WIRE16.

Cyber Attacks, Threats, and Vulnerabilities

Hackers try to attack Merkel's party, security consultants say (Reuters) A group of hackers that cyber-security experts say targets critics of the Russian government has been trying since April to attack the computer systems of German Chancellor Angela Merkel's Christian Democratic Union party, a security research firm said on Wednesday

Chinese Tycoons, Party Officials' Data Leaked on Twitter (Bloomberg News ) Personal information on dozens of Chinese Communist Party officials and captains of industry from Jack Ma to Wang Jianlin may have been exposed on Twitter in one of the country’s biggest online leaks of sensitive information

Hacker Group Anonymous Declares War on Global Banks and the NYSE (LIFARS) The infamous hacking group known as Anonymous has issued a threat to central banks around the world. Its targets include the likes of the Bank of England and even the New York Stock Exchange

Hackers Leak Data of 5 South Asian Banks (BankInfoSecurity) Same group that leaked data from QNB, InvestBank apparently involved

Alert (TA16-132A) Exploitation of SAP Business Applications (US-CERT) At least 36 organizations worldwide are affected by an SAP vulnerability [1] (link is external). Security researchers from Onapsis discovered indicators of exploitation against these organizations’ SAP business applications

The Tip of the Iceberg: Wild Exploitation & Cyber-Attacks on SAP Business Applications (Onapsis) On May 11, 2016, the first-ever US-CERT Alert for cybersecurity of SAP business applications was released by the Department of Homeland Security (DHS) to forewarn the cybersecurity community about the significance and implications of an SAP vulnerability, which was patched by SAP over five years ago, that is being leveraged to exploit SAP systems of many large-scale global enterprises. Below are some resources to help you better understand this vulnerability, the potential impact to an organization if it is exploited, as well as the mitigation steps to ensure your organization is not at risk

SAP bug returns to cause mischief (CSO) After spending about two decades in the trenches I ran across all sorts of IT implementations. One of the ones that always caused me some heartburn was SAP. The running joke that I heard more than a few times was that when you purchase SAP you receive a large box. When you would open that box several hundred consultants would step out

Act surprised: There’s a new zero-day Flash exploit you need to fix right now (BGR) Flash zero-day vulnerabilities are a dime a dozen these days, so you won’t be surprised to learn there’s another one in the wild. Microsoft and Adobe have independently found two distinct zero-day vulnerabilities for Internet Explorer and Flash, respectively, which means it’s time to update Windows and Flash. Apparently, exploits exist for both that allow for remote code execution

Zero-Day Attacks Pummel IE, Flash (BankInfo Security) Microsoft patches IE, but Adobe's Flash fix still forthcoming

Spanish-Language Infostealer Trojan Uses Legitimate Libraries (IBM Security Intelligence) In April, security researchers at Zscaler came across malware that targets a specific bank and steals user credentials. This infostealer Trojan seems to be Spanish in origin, and so far has targeted users in the U.S. and Mexico

Multiple 7-Zip Vulnerabilities Discovered by Talos (Talos) 7-Zip is an open-source file archiving application which features optional AES-256 encryption, support for large files, and the ability to use “any compression, conversion or encryption method”. Recently Cisco Talos has discovered multiple exploitable vulnerabilities in 7-Zip

Disruption is big business for cybercrims (CSO) The cybercrime landscape is changing as threat actors adopt increasingly targeted and sophisticated tools to attack businesses that are undergoing significant change

Why run a DDoS-for-hire service? Easy money (CSO) Who run so-called ‘booter’ services that are used to knock out websites and are sometimes used for extortion? Young males. Why? Easy money

Locky Ransomware Cybercriminals Continue Email Campaign Innovation, Introduce New RockLoader Malware (Proofpoint) Earlier this year, Proofpoint researchers discovered a new ransomware called Locky. Most notably, the same actors behind many of the largest Dridex campaigns were involved in distributing Locky and were doing it at a scale we'd previously only associated with the Dridex banking Trojan

Infection Minus Interaction? New Android Ransomware Delivers (IBM Security Intelligence) What’s worse than ransomware? Ransomware that installs without any kind of user interaction. It’s a malware-maker’s holy grail — the ability to bypass users entirely and gain access to device functions, files and settings

How ransomware became the cyber criminal's favourite business model (Information Age) Security firm Palo Alto Networks reveals what makes ransomware so lucrative, and explains why it's a business model that will continue to grow

Insidious malware cripples school district websites in Region 11 cyber attack (Wichita Falls Times-Record News) A cyber attack that paralyzed the websites of at least two area school districts for several days — and sidelined the websites of many more in the region — appears to have been quelled. The attack was just one in a disturbing trend of rising ransomware attacks that, locally, also have struck government offices Security Breach (Information Security Buzz) Following a security breach like the recent ‘’ hack, the security impact of such exposure isn’t limited to an individual’s personal details; it can also have serious financial and reputational implications for the company. Customers that entrust their private information to an online provider should be able to rest safely in the knowledge it is kept in a secure manner; and all companies who handle private data have a duty to secure it

Lego robot outfitted with Play-Doh finger hacks swipe-screen security (Naked Security) Lately, the authentication wizards have been focusing on gesture recognition: the interpretation of gestures – typically from the face or hand – that can be turned into algorithms to identify people by how they do things like make a face (that would be gurning to you Brits!) or swipe

Scammers impersonate legit cyber-security companies (SC Magazine) A scammer syndicate has been caught impersonating the services of cyber-security companies and charging high fees for doing very little

TTU warns against scammers targeting Dell computer owners (KCBD) The TTU Office of the CIO warns the TTU Community of an active phone-based scam targeting Dell computers purchased between August 15, 2015 and November 15, 2015

Wendy’s: Breach Affected 5% of Restaurants (KrebsOnSecurity) Wendy’s said today that an investigation into a credit card breach at the nationwide fast-food chain uncovered malicious software on point-of-sale systems at fewer than 300 of the company’s 5,500 franchised stores

This Hacker Got Bored, Wanted Some Fun So He Defaced Several Subreddits (Hack Read) Some hack for cause, some hack for money but @TehBVM on Twitter hacks for fun. Yes, this hacker has hacked and defaced several Reddit‘s subreddits just because he felt bored

US Congress Dumps Yahoo Mail Over Phishing Attacks (Hack Read) Symantec’s newest threat report claims that email phishing scams have substantially declined in the last three years but incidences where crypto-ransomware was used to encrypt data and demand payment in exchange to unlock it has increased by 35% just in 2015. This means, instead of phish attacks, we must now fear our data being stolen by malicious actors and then having to pay a hefty sum of cash or digital currency to get the unlocking key so that we become able to access the information

Security Patches, Mitigations, and Software Updates

Microsoft Disabling Controversial Wi-Fi Sense Feature in Windows 10 (Hack Read) Windows 10 users can breathe a sigh of relief because their Wi-Fi passwords will not be shared with other users, which so far was a default feature of the latest version of their favorite operating system. As per the official statement from Gabe Aul, this feature will no more be a part of its default settings

Cyber Trends

Tripwire Study: Financial Services IT Professionals Overconfident in Breach Detection Capabilities (Yahoo! Finance) Industry leader evaluates confidence in seven key security controls required to detect cyber attacks on endpoints

Verizon Breach Report Criticized (BankInfo Security) Experts: Top 10 Vulnerabilities List could mislead administrators

Hackers tear shreds off Verizon's data breach report top 10 bug list (Register) Researchers reckon Verizon's been very lazy and unsophisticated

Healthcare Suffers Estimated $6.2 Billion In Data Breaches (Dark Reading) Nearly 90 percent of healthcare organizations were slammed by a breach in the past two years

Criminals taking a bigger bite of health breaches (CSO) The percentage of health care data breaches due to criminal acts has risen from 20 to 50 percent since 2010

Japanese users not proactive enough about cybersecurity: survey (Japan Today) ESET, a global pioneer in proactive protection for more than two decades, on Wednesday released the ESET Japan Cyber-Savviness Report 2016 showing that while users in Japan are knowledgeable about cybersecurity and take few risks online, they still have some way to go in ensuring that they are adequately protected when they access the Internet


Outcomes from the National Fintech Cybersecurity Summit (Computerworld) Last week an assembly of the nation's who’s who of cyber security came together for a roundtable in Sydney

Financial services 'most trusted' on data: Deloitte (Investor Daily) The financial services industry is the "most trusted" sector when it comes to data privacy, according to a new study by Deloitte

Cyber, M&A and more at PSA-TEC (Security Info Watch) Mergers, acquisitions, cyber security and more were major themes as part of a lively opening day at PSA-TEC that included several panel discussions and the integrator group’s vendor awards ceremony

Infoblox Said to Have Received Buyout Approach From Thoma Bravo (Bloomberg Technology) Infoblox Inc., a U.S. network software and cyber-security company, has received an offer to take the company private, according to people familiar with the matter

Diamond In the Rough: Fortinet Is an Undervalued Cybersecurity Play (The Street) While FireEye's (FEYE) earnings-induced decline last week threw cybersecurity plays across the spectrum into a downturn, Fortinet (FTNT) was able to continue its upward trajectory

Axway, à nouveau reconnu comme un acteur clé de l’économie digitale (Sys-Con Media) Porté par une croissance soutenue, s’appuyant sur une stratégie de développement à l’international marquée par des acquisitions externes, dont la société Appecelerator en 2016, Axway (Euronext : AXW.PA) s’est hissé au rang de leader du marché de solutions d'accompagnement à la transformation digitale des entreprises

CIA veteran joins Darktrace advisory board (Business Weekly) Fast growing Cambridge UK cyber security business Darktrace has added intelligence muscle to its advisory board with the appointment of a former CIA veteran

Products, Services, and Solutions

New Security Measurement Index Designed to Show How Your Info Security Efforts Compare with Your Peers (PRNewswire) Online resource behind benchmark survey promises to help companies measure the effectiveness of cybersecurity and share best practices

Cylance® Formally Establishes Advanced Cyber Threat Prevention in Japan through First OEM Agreement with MOTEX (Cylance) Will integrate CylancePROTECT® with LanScope Cat to deliver advanced threat prevention module

Facebook CTF platform is now open source (Help Net Security) Capture the Flag competitions are a good – not to mention legal – way for hackers to build and hone their skills. But, quality CTF environments are difficult and expensive to build and run

Interview: Mike Tierney, Veriato (Infosecurity Magazine) As insider threats rise, the technologies to spot and defend against them increase, and it is for this reason why user behavior analytics and activity monitoring software become more popular

Blog: CyberFence Protects Critical Infrastructure (SIGNAL) The architecture affords military-grade cyber protection, as well as analysis, modeling and prediction capabilities

New Sophos MSP Connect partner program brings synchronized security benefits to managed service providers (Albawaba) Sophos (LSE: SOPH), a global leader in network and endpoint security, today announced MSP Connect, a new partner program that enhances the capabilities of Managed Service Providers (MSPs) by simplifying the complexities of managing multiple security solutions. The new program is also designed to help increase profitability, lower costs and improve business efficiencies for MSPs

As traditional perimeters are redefined, privileged access security is key to securing the hybrid enterprise (CSO) Centrify, the leader in securing enterprise identities against cyberthreats, overnight released findings from a commissioned study conducted by Forrester Consulting, on behalf of Centrify, indicating that Privileged Identity Management (PIM)-as-a-Service is the ideal approach to securing hybrid IT infrastructures

AppRiver Announces New Secure Electronic Signature Solution for Businesses (GlobeNewswire) New solution enables business users to e-sign documents easily and securely while reducing costs

Wombat Security Enables Utility Company to Reduce Phishing Susceptibility by Over 67% (Marketwired) Wombat's ThreatSim® simulated phishing attacks helped to improve security behaviors throughout the organization

FireMon Security Manager Customers Gain Upwards of $890K Return on Their Security Investment (Marketwired) IANS report demonstrates substantial returns over three years for average FireMon customer using its web-based firewall management platform -- even more for MSSPs

How Visa Threat Intelligence Is Keeping An ‘Eye’ On Cybercrime (PYMNTS) Cybercriminals often work in teams; why shouldn’t the companies that are fighting back against them? That’s the thought process made reality by Visa and FireEye, whose first product together — Visa Threat Intelligence — launched last month

Review: An Undetectable Android Spying Software that No One Can Perceive (Hack Read) In the wake of the latest report that shows that Jihadist groups are using Telegram, Signal, and WhatsApp for chatting, and Gmail for correspondences and clearly declaring that they prefer it to Yahoo Mail, parents and businesspeople need to become more vigilant. One cannot be too sure about risks lurking around, which is why using an undetectable spy app can be the first step in the right direction

Startup XOR Offers Free Protection For Hacked Organizations (Dark Reading) Compromised Identity Exchange designed to shield victims from identity theft and more

Technologies, Techniques, and Standards

NIST Guidance takes on Cyber Physical Systems (Security Ledger) In-brief: The National Institute for Standards and Technology (NIST) released a draft publication that recommends ways to improve the security of systems during the engineering phase, including so-called cyber physical systems on the Internet of Things

The Minimum (CyberPoint) "If the minimum weren't good enough, it wouldn't be the minimum"

How to Tell if Your iPhone Has Been Secretly Hacked (Tripwire: the State of Security) You know you’re living in interesting times when an app designed to tell you if your iOS device has been jailbroken is outselling the likes of Minecraft and Grand Theft Auto

Cyber Beat Live: I'm In! When insiders threaten our security (IBM Big Data & Analytics Hub) How does your organization work to prevent insider threats? Listen as leading cybersecurity experts discuss the following questions while describing how companies can reorient their security posture to thrive in an age in which trust seems inadequate

“The next phase of cyber security at Amity University is Artificial Intelligence”: JS Sodhi, CIO, Amity Education Group (Express Computer) To stop and deflect attacks and targeted malware Amity University has deployed Advance Threat Protection Sensor (ATP). In the next phase, ATP will use artificial intelligence to simulate the IT infrastructure of the entire country

The sport of threat hunting, and who should be in the game (CSO) Though the strategy of threat hunting has been around for over a decade, don’t feel compelled to jump head first into cyber security’s latest fad

Threat Intelligence Sharing: The Only Way to Combat Our Growing Skills Gap (Infosecurity Magazine) Despite phenomenal growth, continued investment and a proliferation of new technologies, the cybersecurity industry is still fighting its biggest challenge yet – that of finding and retaining talented security professionals

Users' Perceptions of Password Security Do Not Always Match Reality (PRNewswire) Think your password is secure? You may need to think again. People's perceptions of password strength may not always match reality, according to a recent study by CyLab, Carnegie Mellon's Security and Privacy Institute

Why Cyber Protection Needs to be at the Scene of the Crime (Infosecurity Magazine) The modus operandi of the new generation of cyber-attackers is best defined by two key facets. The first is that they are using stealthy and more advanced techniques that disguise known malware against static-based detection means such as signatures. The second is that attacks increasingly avoid use of the more traditional file-based delivery mechanisms that all anti-virus, and even some of the newer behavioral-based solutions, focus on

Phishing Fraud BECkons: Will You Fall Victim? (Dark Reading) Why one company got caught in a Business Email Compromise (BEC) Attack -- and how yours can avoid the same fate

Design and Innovation

HHS Wants a Way to Move Patient Data Securely (Nextgov) Want to transfer your health records from one place to the next with a single tap of your phone?

Blog: Viewing Cyber Data in 3-D (SIGNAL) LinQuest Corporation modifies its 3D ICE product to meet cyber needs

Research and Development

Traditional security is dead -- why cognitive-based security will matter (Computerworld) The increasingly complex landscape of threats is leading to one conclusion -- traditional methods of security are not cutting it

IBM to Drill Watson in Cybersecurity (TechNewsWorld) IBM on Tuesday announced Watson for Cyber Security, a cloud-based version of its AI technology, trained in cybersecurity as part of a year-long research project


NSA, DHS Recognize Top Cyber Defense Schools (Homeland Security Today) Multiple colleges and universities were recently designated National Centers of Academic Excellence in Cyber Defense Education by the National Security Agency (NSA) and the Department of Homeland Security (DHS)

UC School of IT awarded exclusive national designation for cybersecurity program (Soapbox Cincinnati) The University of Cincinnati’s Information Technology School was recently designated by the National Security Administration and Department for Homeland Security as a Center for Academic Excellence in Cyber Defense Education (CAE-CDE), a title awarded to just nine U.S. universities so far. The designation will last until 2021, and in addition to prestige it gives UC’s IT program access to special funding and grants open only to schools with CAE-CDE designation

UD named National Center of Academic Excellence in Cyber Defense Education (University of Delaware Daily) The National Security Agency and the Department of Homeland Security have designated the University of Delaware a National Center of Academic Excellence in Cyber Defense Education (CAE-CDE)

Class of 2016: UVA Army ROTC Cadet Joins New U.S. Cyber Command (UVA Today) Battlefields are changing. Joseph Weate will fight on one in cyberspace. A fourth-year computer engineering major and a United States Army ROTC cadet, Weate is the first from the University of Virginia to be accepted into the U.S. Army’s Cyber Command

Legislation, Policy, and Regulation

Microsoft Tells UN More Can be Done to Combat Digital Terror (AFP via SecurityWeek) Microsoft told the United Nations on Wednesday that technology companies can do more to combat digital terror, but warned there was no single solution to prevent terrorists from using the web

In the Event of the Islamic State’s Untimely Demise… (Foreign Policy) Even a caliphate needs a Plan B. Here's what Baghdadi's might look like

Behind the Carnage in Iraq: ISIS Intends to Divide and Conquer (Daily Beast) At least 150 people were blown up in Iraq’s capital Wednesday as ISIS ratchets up efforts to provoke ethnic cleansing and weaken the overstretched Iraqi security forces

How to Defeat Extremism Without Becoming Egypt’s Microserf (Foreign Policy) As Cairo enlists Microsoft’s help in curbing terrorism, experts say the tech giant must avoid being a prop for Egypt’s crackdown on free expression

America is ‘dropping cyberbombs’ – but how do they work? (Conversation) Recently, United States Deputy Defense Secretary Robert Work publicly confirmed that the Pentagon’s Cyber Command was “dropping cyberbombs,” taking its ongoing battle against the Islamic State group into the online world. Other American officials, including President Barack Obama, have discussed offensive cyber activities, too

Services still adapting to the job of weaponizing the network (Defense Systems) The Defense Department is steadily integrating new cyber operations – both defensive and offensive – under the umbrella of the U.S. Cyber Command, but not without some growing pains

Senate debate over balancing national security, civil liberties swirls over FISA reauthorization (FierceGovernmentIT) The Foreign Intelligence Surveillance Act (FISA) Amendments Act, which allows the National Security Agency to monitor communications of suspected foreign terrorists – and Americans with whom they communicate – isn't up for congressional reauthorization until December 2017

Don’t Panic Making Progress on the “Going Dark” Debate (Berkman Center for Internet & Society at Harvard University) In the last year, conversations around surveillance have centered on the use of encryption in communications technologies. The decisions of Apple, Google, and other major providers of communications services and products to enable end-to-end encryption in certain applications, on smartphone operating systems, as well as default encryption of mobile devices, at the same time that terrorist groups seek to use encryption to conceal their communication from surveillance, has fueled this debate

Dear Senator Wyden (Office of the Director of National Intelligence, Director of Legislative Affairs) At the 9 February 2016 testimony before the Senate Select Committee on Intelligence, you asked that the Intelligence Community (IC) review and provide our assessment of the then-recently released Berkman Center "Don't Panic" report

Setting up a Straw Man: ODNI's Letter in Response to "Don't Panic" (Lawfare) As Paul has noted, the ODNI has responded to the Harvard study "Don't Panic" by observing that widespread use of encryption provides an "impediment that cannot be fully mitigated by other means" (full disclosure: I participated in the study). His Lawfare post says "The IC Thinks Harvard Study is Wrong about Encryption," but instead, it looks to me like ODNI's letter got it wrong

The Second Amendment Case for the Right to Bear Crypto (Motherboard) On November 9, 1994, an American software engineer named Philip Zimmermann was detained by customs agents in Dulles International Airport as he returned from a speaking engagement in Europe

Warning Signs: A Checklist for Recognizing Flaws of Proposed “Exceptional Access” Systems (Lawfare) In the eighteen months since FBI Director James Comey raised alarm bells about encryption and surveillance, there have been many calls for the technology community to solve the problem. Director Comey’s call to action was a genuine statement of law enforcement concern but sparse on operational details. However, technical security analysis of any proposal necessarily relies on such details. Some technologists have begun to offer ideas on how to solve the exceptional access problem

Industry Asks Hill for Foreign Sales Reforms (Defense News) Warnings from top representatives of the US defense industry that the foreign military sales process needs an efficiency upgrade faced scrutiny and skepticism on Capitol Hill on Wednesday from a top Democrat of the House Armed Services Committee

Pentagon Shakes Up Silicon Valley Outreach (Defense One) Defense Secretary Ash Carter gives DIUx new leaders, a new office, and a promotion

Agencies try to predict the future of cybersecurity (Federal News Radio) With the advent of cloud and mobile technology forcing a paradigm shift in IT, leaders in cybersecurity are finding themselves in the position of fortune-tellers, hovering over crystal balls trying to guess what the next big thing is going to be and how to prepare for it

'Security Mom' talks about role of cyber in government agencies (CSO) Getting our own house in order demands more cyber security experts in government agencies

The fragile security of the mobile ecosystem (Help Net Security) Mobile devices such as smartphones and tablets have become indispensable in our daily lives

China’s Very Weird Campaign to Keep Its Citizens From Spying for the West (Daily Beast) The Chinese Communist Party sees spies everywhere and is encouraging the masses to be vigilant, citing the threat posed by 007 and villains from Marvel Comics

Litigation, Investigation, and Law Enforcement

Uzbek citizen arrested for New York-based Islamic State plot (Reuters) An Uzbek citizen has become the sixth individual to be charged for participating in a New York-based conspiracy to provide support to the militant group Islamic State, U.S. prosecutors said on Wednesday

Syrian hacker who urged Marines to refuse orders extradited to US (Federal Times) A member of the Syrian Electronic Army — a group of hackers who support Syrian President Bashar al-Assad — has been extradited to the U.S. to face charges for his alleged part in a cyber campaign against American businesses

FBI Head: Islamic State Brand Losing Power in US (AP) Fewer Americans are traveling to fight alongside the Islamic State and the power of the extremist group's brand has significantly diminished in the United States, FBI Director James Comey said Wednesday

Comey defends FBI’s purchase of iPhone hacking tool (Washington Post) FBI Director James B. Comey said Wednesday that the bureau did not purposely avoid a government process for determining whether it should share with Apple the way it cracked a terrorist’s iPhone

Mozilla fights in court to get info about potential Firefox flaw (Help Net Security) Mozilla has asked a Washington State District Court to compel FBI investigators to provide details about a vulnerability in the Tor Browser with them before they share it with the defendant in a lawsuit, so that they could fix it before the knowledge becomes public

The Ukrainian Hacker Who Became the FBI’s Best Weapon—And Worst Nightmare (Wired) One Thursday in January 2001, Maksym Igor Popov, a 20-year-old Ukrainian man, walked nervously through the doors of the United States embassy in London. While Popov could have been mistaken for an exchange student applying for a visa, in truth he was a hacker, part of an Eastern European gang that had been raiding US companies and carrying out extortion and fraud. A wave of such attacks was portending a new kind of cold war, between the US and organized criminals in the former Soviet bloc, and Popov, baby-faced and pudgy, with glasses and a crew cut, was about to become the conflict’s first defector

The Panamanian Shell Game: Cybercriminals With Offshore Bank Accounts? (Security Intelligence) You may have heard about the Panama Papers—documents from a Panamanian law firm that revealed politicians, businessmen, and prominent individuals from countries all over the world were using offshore companies to cut their tax bills

Anything you keep in your smartphone may be used against you in a court of law (Kaspersky Lab Daily) I was blinded with a strong light and then was asked the life-and-death question: “What did you do on the 5th of the last month between 10 PM and 11:30 PM?

FBI/Apple privacy fight left out a major player: the data carriers (CSO) In the conflict between government surveillance and individual privacy, it is not just the data on devices that is at stake. It is the data that travels to and from the devices. That is where the communications carriers come in

Ex-Skype Crew Sued Developers Of WhatsApp Encryption Over '$2m Extortion' (Forbes) As the fight between Apple and the FBI attested, we’re in the midst of Cryptowars 2.0. But it would be reductive to claim it’s technologists facing off against the government over how to best protect the public from criminal hackers and terrorists. On both sides there are internecine battles being fought, as shown in a quickly-dismissed case between two developers of secure messaging and call services, Wire Swiss and Open Whisper Systems, the organization behind WhatsApp’s end-to-end encryption rollout

First Circuit and FTC Address Definitions of “PII,” While Michigan Amends Privacy Law to Remove Statutory Damages (Davis Wright Tremaine LLP) On April 29, 2016, the U.S. Court of Appeals for the First Circuit handed down its widely anticipated opinion in Yershov v. Gannett Satellite Information Network, Inc., in which it expanded the reach of the Video Privacy Protection Act (“VPPA” or “Act”) by endorsing a considerably expanded view of how the statute applies in the digital media context. In its decision, the court held that (1) “personally identifiable information” (“PII”) includes the GPS coordinates of a device; and (2) a user of a mobile application – even one who does not pay or otherwise register to use the app – qualifies as a “consumer” entitled to the protections of the Act

Germany set to end copyright liability for open Wi-Fi operators (Help Net Security) People who travel to Germany are often surprised at the lack of public, open Wi-Fi networks. That’s because German law (Störerhaftung – “liability of duty”) holds operators of public hotspots liable for everything their users do online, especially when these actions are against the law, and even if the operators weren’t aware of them

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

SINET Innovation Summit 2016 (New York, New York, USA, July 14, 2016) “Connecting Wall Street, Silicon Valley and the Beltway.“ SINET Innovation Summit connects America’s three most powerful epicenters and evangelizes the importance of industry, government and academic collaboration... Security Conference (The Hague, the Netherlands, September 20 - 23, 2016) Security Conference is a platform for hardware and security community where researchers showcase and discuss their innovative research on attacking and defending hardware. The objective of...

IP EXPO Nordic 2016 (Stockholm, Sweden, September 27 - 28, 2016) IP EXPO Nordic is part of Europe’s number ONE enterprise IT event series, designed for those looking to find out how the latest IT innovations can drive business growth and competitiveness. The event showcases...

Upcoming Events

International Conference on Business and Cyber Security (ICBCS) (London, England, UK, May 12 - 13, 2016) To date the vast majority of businesses have viewed cyber security as a peripheral issue that is the primary concern of the IT Department. Whilst this mind set is unlikely to change radically any time...

Guarding the Grid (Washington, DC, USA, May 12, 2016) Protecting the power grid from today's cyber threats has become one of the nation's top national security priorities. Nowhere was this more evident than in the aftermath of the cyberattack in Ukraine that...

Telegraph Cyber Security (London, England, UK, May 17, 2016) The Telegraph Cyber Security conference will provide the key components to create a cutting-edge cyber security plan, regardless of your organisation’s size or sphere of activity

DCOI 2016 (Washington, DC, USA, May 18 - 19, 2016) DCOI 2016 is a concerted effort of the state of Israel and the Institute for National Security Studies (INSS) of Tel-Aviv University, a non-profit organization that aims towards enhancing collaboration...

ISSA LA Eighth Annual Information Security Summit (Universal City, California, USA, May 19 - 20, 2016) The ISSA-LA Information Security Summit is the only educational forum in the great Los Angeles area specifically designed to attract an audience from all over Southern California as a means to encourage...

HITBSecConf2016 Amsterdam (Amsterdam, the Netherlands, May 23 - 27, 2016) The event kicks off with all new 2 and for the first time, 3-day training sessions held on the 23rd, 24th and 25th. Courses include all new IPv6 material by Marc 'van Hauser' Heuse of, an in-depth...

Enfuse 2016 (Las Vegas, Nevada, USA, May 23 - 26, 2016) Enfuse is a three-day security and digital investigations conference where specialists, executives, and experts break new ground for the year ahead. It's a global event. It's a community. It's where problems...

Cybersecurity Law Institute (Washington, DC, USA, May 25 - 26, 2016) Those lawyers who ignore cyber threats are risking millions of dollars for their companies or their clients. Recent reports by Cisco and the World Economic Forum both highlight the paramount importance...

4th Annual Cybersecurity Law Institute (Washington, DC, USA, May 25 - 26, 2016) At our 4th annual Institute, in the capital where cybersecurity regulations and enforcement decisions are made, you will be able to receive pragmatic advice from the most knowledgeable legal cybersecurity...

SecureWorld Atlanta (Atlanta, Georgia, USA , June 1 - 2, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

C³ Voluntary Program Regional Workshop: Understanding and Managing Cyber Risk in the Water and Energy Sectors (Indianapolis, Indiana, USA, June 1, 2016) The Department of Homeland Security's Critical Infrastructure Cyber Community (C3) Voluntary Program and the Indiana Utility Regulatory Commission (IURC) will host a free cybersecurity risk management...

Innovations in Cybersecurity Education Workshop 2016 (Halethorpe, Maryland, USA, June 3, 2016) Innovations in Cybersecurity Education is a free regional workshop on cybersecurity education from high school through post-graduate. It is intended primarily for educators who are teaching cybersecurity...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.