skip navigation

More signal. Less noise.

Daily briefing.

Ukrainian hackers have released documents from a second email account "linked" to Putin aide Vladislav Surkov. Like earlier leaks, they purport to show aggressive Russian designs against Ukraine.

Russian election hacking is of course a matter of concern in the US, but it's also prompted tighter cyber security in Montenegro, whose government plans upgrades after Russian operators' suspected interference with election sites.

In the US, several concerns persist over tomorrow's elections. First, there's the prospect of direct manipulation of vote tallies by enemies both foreign (Russia) and domestic (choose your poison). Despite recent proofs-of-concept by Cylance and others, this is generally regarded as unlikely. Distributed denial-of-service attacks that might disrupt voting or delay counting are thought somewhat more likely. Finally, information operations designed to discredit the US electoral system are widely believed to be well underway. There's also Internet chatter suggesting that al Qaeda and (possibly) ISIS are seeking to inspire physical attacks on election-related targets.

There have been various dark hints about US retaliation against any Russian electoral hacking. The Russian press has reported US penetration of Russian critical infrastructure networks, and the Russian government has demanded an explanation. Guccifer 2.0 has called upon hacktivists to monitor US elections for voter fraud.

WikiLeaks released another tranche of leaked emails over the weekend and claims to have experienced a DDoS attack. The site was back up as of this writing.

Twitter also experienced an outage earlier today, but that appears to have been an engineering error, and not an attack.

Notes.

Today's issue includes events affecting Canada, India, Iran, Liberia, Montenegro, Russia, Turkey, Ukraine, United Kingdom, United States.

The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we hear from our partners at the University of Maryland, as Ben Yelin takes a last look at cyber policy and the US Presidential election. If you enjoy the podcast, please consider giving it an iTunes review.)

Dateline SINET Showcase 2106

SINET Showcase 2016: Innovation and Those Who Sustain It (The CyberWire) The SINET Showcase is an annual discussion of cyber security innovation by the companies who deliver it, and also by the investors and customers who prompt and sustain it

The SINET 16—Start-ups to Watch (The CyberWire) Doug Maughan, of the Department of Homeland Security Science and Technology Directorate, welcomed and introduced the companies honored as this year's SINET 16 innovators. This year's class was marked by its exploitation of big data, anomaly detection, behavioral analysis, and machine learning. 2016's SINET 16 were vividly aware that users of their products operate against an intelligent adversary who thinks, reacts, adapts, and creates

Security Needs and the Markets They Create (The CyberWire) The SINET Showcase offered a variety of perspectives on what many of the symposiasts called the cyber innovation ecosystem. Some of the experts shared the perspective their decades-long work in security disciplines had afforded them; others expressed the challenges customers wanted the security industry to help them address

Air Force’s procurement prototype avoids ‘shoehorning’ IT acquisition (Federal News Radio) How is the Air Force’s information technology like a B-21 bomber?

The SINET 16: These could be the hottest new tech firms in the cybersecurity industry (CTOVision) The Security Innovation Network (SINET) is an organization on a particularly virtuous mission. It seeks to advance innovation and enable global collaboration between the public and private sectors to defeat cybersecurity threats. Supported by the US Department of Homeland Security Science & Technology Directorate, SINET conducts events focused on this critically important mission

BlackRidge Technology Wins SINET 16 Innovator Award for Cybersecurity (Benzinga) BlackRidge Technology is pleased to announce it is the recipient of the 2016 SINET 16 Innovator Award for outstanding advancements in the field of Cybersecurity

CyberX wins innovator award in DHS/DoD cybersecurity competition (GSN) CyberX, the industrial cybersecurity company protecting critical infrastructures worldwide, today announced that it has been named a SINET 16 Innovator Award winner

DataVisor Named SINET 16 Innovator (Marketwired) DataVisor recognized as one of the most innovative cybersecurity technologies of 2016 by Security Innovation Network (SINET)

Digital Shadows Recognized as One of World’s Most Innovative Cybersecurity Technologies (BusinessWire) Digital Shadows, a provider of cyber situational awareness, has been named one of the world’s most innovative cybersecurity technologies of 2016 in the annual SINET 16 awards

Interset Named 2016 Most Innovative Security Analytics Company by SINET (Interset) User Behavior Analytics (UBA) security leader Interset has been named to the list of most innovative cybersecurity companies of 2016 by SINET, an organization focused on advancing cybersecurity innovation through public-private collaboration

Menlo Security Named to Prestigious List of SINET Innovators for Cybersecurity (PRNewswire) Menlo Security, a pioneer of cloud-based malware isolation, today announced that it has been named a SINET innovator, as one of the 16 security start-ups offering cutting edge Cybersecurity technologies to address Web threats and vulnerabilities in the enterprise

Ntrepid Named a SINET 16 Innovator (BusinessWire) Company’s secure browser, Passages, recognized as one of the 16 most innovative yechnologies of 2016

Phantom Recognized as a SINET 16 Innovator for 2016 (Phantom Blog) “I am proud and excited to recognize Phantom as one of this year’s SINET 16 Innovators,” said Robert Rodriguez, Chairman and Founder of SINET

ProtectWise Named SINET 16 Innovator Award Winner for Cloud Network Security Technology (BusinessWire) The ProtectWise Grid is selected as one of the 16 most innovative cybersecurity technologies

iskSense Named 2016 SINET 16 Innovator for Pro-Active, New Approach to Cyber Risk Management (BusinessWire) Company’s SaaS platform identifies and prioritizes cyber threats, allowing enterprises to focus efforts on addressing most critical security gaps first

SafeBreach Named SINET 16 Innovator Award Winner for Continuous Security Validation Platform (Marketwired) SafeBreach selected as one of the 16 most innovative cybersecurity technologies

ThreatQuotient Recognized as a SINET 16 Innovator (Yahoo! Finance) ThreatQuotient™, a leading provider of enterprise-class threat intelligence platforms, today announced that ThreatQuotient has been recognized as one of the 16 most innovative cybersecurity technologies of 2016 by the Security Innovation Network (SINET)

Vera Named SINET 16 Innovator for Data-Centric Cybersecurity (Vera) Vera (vera.com), announced today it has been selected a winner of the annual 2016 SINET 16 competition by SINET (Security Innovation Network), an organization focused on advancing cybersecurity innovation through public-private collaboration

Cyber Attacks, Threats, and Vulnerabilities

Hackers Release More E-Mails They Say Tie Putin Aide to Ukraine Crisis (Eurasianet) Ukrainian hackers claim to have broken into a second e-mail account linked to Vladislav Surkov, a senior aide to Russian President Vladimir Putin, releasing documents they say add to mounting evidence of the Kremlin meddling in Kyiv's affairs

Montenegro to Tighten Cyber Security Against Hackers (Balkan Insights) Amid reports that Russian hackers had a role in downing several websites on election day, Montenegro plans to tighten up its cyber security

Russian hackers brazenly seek to embarrass the US this election season (St. Augustine Record) In February 2014, the Obama administration was embarrassed when a secretly recorded phone conversation between the U.S. ambassador in Ukraine and Victoria Nuland, a senior State Department official, was posted on YouTube

U.S. Govt. Hackers Ready to Hit Back If Russia Tries to Disrupt Election (NBC News) U.S. military hackers have penetrated Russia's electric grid, telecommunications networks and the Kremlin's command systems, making them vulnerable to attack by secret American cyber weapons should the U.S. deem it necessary, according to a senior intelligence official and top-secret documents reviewed by NBC News

US military hackers penetrate Russian electric grid and communication lines (Petra) U.S. military hackers have penetrated Russia's electric grid, telecommunications networks and the Kremlin's command systems, making them vulnerable to attack by secret American cyber weapons should the U.S. deem it necessary, the Russian news agency RIA Novosti reported Saturday

Russia demands Washington explain after reports say US military hacked into Russian networks (Russia Today) Russia expects Washington to provide an explanation after a report claimed that Pentagon cyber-offensive specialists have hacked into Russia’s power grids, telecommunications networks, and the Kremlin's command systems for a possible sabotage

US election: The Russia factor (Financial Times) Officials say Russia’s interference is unprecedented. Has the Kremlin achieved its goal?

U.S. fears Russia will orchestrate a cyber attack on Election Day (Salon) It's not certain what will happen, but officials fear something will happen

How a cyber attack could sabotage the US election (Telegraph) Cyber attackers could launch a “nightmarish” assault on the US when the country goes to the polls on November 8, security experts have warned

DNC hacker calls on brethren to monitor US election (CSO) Guccifer 2.0 is warning that Democrats could rig Tuesday's election

REPORT Alert: Hillary Clinton Is Stealing the Election in Ohio* *Hacking voting machines isn’t necessarily what you should be worried about. It’s fake headlines like this one that could upend Election Day. (Foreign Policy) As the 2016 U.S. presidential election draws mercifully to a close, hacking and computer security has injected itself into nearly every aspect of the campaign. And amid allegations of widespread, politically motivated Russian hacking, American officials and voters are carefully watching Tuesday’s balloting for any wrenches hackers might try to throw into the electoral machine

Experts Warn Of Election Day Cyberattacks Listen· 2:14 (NPR) Concerns about the possible hacking of voting systems on Election Day are growing. 46 states have asked the U.S. Department of Homeland Security to help make sure their systems are protected from disruptions on Tuesday. And some states, like Ohio, are taking steps on their own

Cyber 'SWAT' teams gird for Election Day trouble (USA Today) Law enforcement officials, government workers and cyber-security professionals are preparing to swoop in, track and hopefully block anyone attempting a cyberattack aimed at destabilizing the U.S. presidential election

Individuals sought over al Qaeda threat of attack ahead of Election Day (CBS News) A U.S. law enforcement official tells CBS News that investigators are looking for individuals who may have some information about the threat from al Qaeda for a potential attack Monday on U.S. soil

Assessing Terrorist Threats to the Current U.S. Election (Flashpoint) Despite recent media reports citing a specific al-Qaida terrorist threat to New York, Texas, and Virginia on the day before the 2016 US elections, Flashpoint analysts have seen no specific threats from official terrorist groups nor sources in the online jihadi community to this effect

Concerned About Voter Fraud, Rigged Election? Cyber Security Experts Weigh In On The Digital Safety Of Tuesday's Vote (International Business Times) The 2016 election year has been one fraught with digital insecurity as there are regular reports of another hack, leak or attempt to breach some aspect of the American election system

How hackers are trying to cast their ballots for president this election season (CNBC) As Americans head to the polls on Election Day, are hackers also preparing to vote?

Watch This Security Researcher Hack a Voting Machine (Fortune) The vote counter is used in a bunch of states

US Governors Affirm Confidence In Cybersecurity Of Election Systems (Dark Reading) Statement from National Governors Association say presidential election outcome will accurately reflect voters' choice

The 2016 Election Exposes the Very, Very Dark Side of Tech (WIRED) You know that, at WIRED, technology and innovation are kind of our thing

WikiLeaks Releases DNCLeak2; Suffers Massive DDoS Attack (HackRead) The official website of WikiLeaks suffered a brief outage when it came under DDoS attacks right after posting new DNC e-mails earlier today

BGP errors are to blame for Monday’s Twitter outage, not DDoS attacks (CSO) No, your toaster didn’t kill Twitter, an engineer did

More Insights On Alleged DDoS Attack Against Liberia Using Mirai Botnet (Cyberinject) On Thursday, we compiled a story based on research published by a British security expert reporting that some cyber criminals are apparently using Mirai Botnet to conduct DDoS attacks against the telecommunication companies in Liberia, a small African country

Did the Mirai botnet knock Liberia offline? Not so much (Graham Cluley) Despite the many media headlines, this attack was over-hyped

“Shadows Kill” — Mirai DDoS botnet testing large scale attacks, sending threatening messages about UK and attacking researchers (Medium) Mirai, a Denial of Service toolkit, is made up of lots of actors across botnets. The source code is open source, meaning anybody can download it and join the club

Let’s continue talking about the cyber-attack (Odessa American) As I told you last week, achieving the data rate of over a terabyte/second that was used to take down Dyn would require over 100,000 10mb/sec high-speed data connections, all coordinated and working together. In reality, the number was far greater than that

Armada Collective DDoS Extortion Group Now Threatens Ransomware Infections (Extreme Hacking) A group going by the name of Armada Collective is still sending extortion emails to website owners around the globe, one year after this type of attack became widely known

Watch out! A new LinkedIn Phishing campaign is spreading in the wild (Security Affairs) Experts from Heimdal Security reported a recent LinkedIn phishing campaign aiming to collect confidential information from unsuspecting users

Berners-Lee raises spectre of weaponized open data (Naked Security) Practically everybody loves open data, ie “data that anyone can access, use or share”. And nobody loves it more than Tim Berners-Lee, creator of the World Wide Web, and co-founder of the Open Data Institute (ODI)

Ongoing Use of Windows Vista, IE8 Pose Huge Enterprise Threat (SecurityWeek) A new report highlights the high number of users still operating outdated Windows operating systems and unsupported browsers. This represents a huge threat to the organizations whose users access company networks from insecure laptops and home computers within the growing adoption of BYOD policies

Tesco Bank hacked (Computing) All online transactions have been stopped after more than 20,000 customers lose money

Cisco’s Mobile Careers Site Exposed Job Seekers Data (HackRead) Cisco has issued a security advisory stating that a portion of data belonging to its job seekers was discovered online by an independent security researcher

Scunthorpe hospital cyber attack: was it an infected memory stick? (Scunthorpe Telegraph) Bosses at the Northern Lincolnshire and Goole NHS Trust have responded to rumours about the cause of the computer system virus attack that struck Scunthorpe Hospital

Indonesian Malware Targets Magento-based Online Stores (Wapack Labs) A member of an Indonesian hacking group has authored ransomware that attacks Magento based online stores

King of chess Magnus Carlsen fears being a pawn in hackers' game (Telegraph) Magnus Carlsen, the reigning king of chess, has called on Microsoft for help as fears grow Russian hackers will target him before next week's World Championship

The invisible -- but growing -- threat to critical infrastructure (GCN) The nation’s cities, regions and states are all connected to the internet through the water, electric and telecom infrastructure. The damage an attack on this system could have should not to be understated, security experts say

The Looming Disaster of the Internet of (Hackable) Things (Motherboard) Last January, walking through the seemingly endless showroom at the gadget bonanza known as the Consumer Electronics Show (CES) in Las Vegas, I saw a glimpse of what’s to come. Big multinational brands as well as small startup gizmo-makers were showing off their latest creations in an attempt to sell us their products—and the future

Nigerian scammers: Then and now (Help Net Security) The image that the expression “Nigerian scammer” conjures up in most people’s heads is still that of the confidence man behind the keyboard

Cyber Trends

Online Threats Still Rising as Mobile Malware Subsides: Kaspersky (eWeek) A massive spike in the number of malicious or dangerous mobile programs subsided in the third quarter, dropping nearly 60 percent, Kaspersky Lab finds

Connected-devices industry grapples with security (International Business Journal) On Oct. 21, hackers took control of thousands, if not millions, of internet-connected devices and directed them to clog up web traffic across the globe. The hack led to temporary outages of some 1,200 websites, including Twitter, Netflix and PayPal

#BHEU Quantum Crypto Edges Closer to Reality (Infosecurity Magazine) Cryptography for quantum computers is taking a serious step forward, thanks to the launch of the OpenQuantumSafe Software Project

Marketplace

These VCs are bearish on cyber startup values. Here's how to get their money. (Washington Business Journal) Executives from the Blackstone Group, Bessemer Venture Partners and Paladin Capital Group offer their advice to score funding

Manny Medina to lead new multinational cybersecurity company in Miami (Miami Herald) Medina Capital, a Miami-based private equity firm led by Medina, and global private equity firm BC Partners are forming a new venture in a $2.8 billion transaction combining a worldwide network of data centers with cybersecurity and data analytics companies, the firms are expected to announce on Friday

Family Zone Cyber Safety Ltd to reveal acquisition (Proactive Investors) Family Zone is an Australian owned and operated technology company focused on the cyber safety market

FireEye pops 12% as requests to fight Russian cyberthreats, email hacks boost business (CNBC) Amid increasing reports of email hacks and Russian cyberthreats, at least one struggling business has found a silver lining

FireEye revenue beats on strong demand for cloud services (Reuters) Cybersecurity firm FireEye Inc (FEYE.O) reported a higher-than- expected 12.6 percent rise in quarterly revenue, helped by strong demand for its cloud-based products

Why Trend Micro is unable to take on Symantec or Intel McAfee (Infotechlead) At the Trend Micro Insight 2016 event for industry analysts, the 27-year-old pure play security vendor displayed a modern enterprise security portfolio updated with new machine learning capabilities and fresh threat intelligence

Hewlett Packard Emphasizes Importance, Potential of Blockchain, Decentralization (Coin Telegraph) HPE also known as Hewlett Packard Enterprise, a $52 bln parent corporation of technology company HP, recently emphasized the importance of irrefutability and decentralization for Blockchain networks

Wombat Security Positioned by Gartner in the Leaders Quadrant of the 2016 Magic Quadrant for Security Awareness Computer-Based Training (PRNewswire) Evaluation based on completeness of vision and ability to execute

Booz Allen is on a hiring spree — with no end in sight (Washington Business Journal) McLean-based Booz Allen Hamilton Inc. (NYSE: BAH) is on a hiring spree and it doesn’t look to be ending anytime soon as the company’s backlog continues to climb

SSA looks for cyber risk help (FCW) WHAT: A Social Security Administration request for information on the availability of cybersecurity and risk management services to protect SSA programs and systems

Products, Services, and Solutions

CYBERBIT, Elbit Systems' Subsidiary, to Provide Training and Simulation Platform to the New Cyber-Security Training Range of Maryland (PRNewswire) The Cyber Security Training Range of Maryland is the first hands-on cyber-security training center for IT and SCADA security professionals in the U.S.

Utimaco IS GmbH (Infineon) Interacting devices within the Internet of Things (IoT) need to trust each other. Utimaco is a leading manufacturer of hardware security modules (HSMs) that provide the Root of Trust to the IoT

AVG Wants Your Home Router to Fight Internet of Things Malware (Motherboard) The internet of things is totally broken. Amateur hackers have managed to build huge botnets of compromised devices, and many of these machines are difficult or near-impossible for manufacturers to remotely keep up to date

ESET closes the window for webcam hackers (Gadget) Security software maker ESET has rolled out new Internet security products for home users, becoming one of the first to include specific Webcam protection

Komodo, A Secure Crypto-Platform for Blockchain Products and Solutions (BItcoin News Service) Komodo Platform is a unique cryptocurrency ecosystem built on ZCash fork. ZCash, aka ZeroCash, is a cryptocurrency built on Bitcoin Core code base

BioCatch introduces BioCatch 2.0, next-generation behavioural biometrics platform for enterprises (Pharmbiz) BioCatch, the global leader in behavioural biometrics, announced it has launched its next-generation platform to optimize the implementation and performance of behavioural biometrics online and on mobile at the enterprise level

FireEye iSIGHT Intelligence Now Available in Windows Defender Advanced Threat Protection to Help Customers Identify More Attacks and Gain Valuable Information about Activity Groups Targeting an Organization (Yahoo!) FireEye, Inc. ( NASDAQ : FEYE ), the intelligence-led security company, today announced FireEye iSIGHT® Intelligence is now accessible to Microsoft customers through Windows Defender Advanced Threat Protection (WDATP), a new service that helps enterprises detect, investigate, and respond to advanced attacks on their networks

SentinelOne Outperforms Competition in Inaugural Anti-Malware Test Focused on Next-Gen Endpoint Solutions (Yahoo! Finance) SentinelOne, the company transforming endpoint security by delivering real-time protection powered by machine learning and dynamic behavior analysis, today announced that it outperformed competition in a new assessment by MRG Effitas and AV-Comparatives (AVC) for anti-malware testing

Windows 10: 6 ways that Microsoft Edge is more secure than Internet Explorer (BT) Move over IE, it’s time for a faster, slicker and safer web browser to take us into the future. We take a closer look at Microsoft Edge

Self-Destructing Boeing Black Smartphone Now In Testing (Android Headlines) These days, smartphone security is one of the biggest concerns for users, with more and more vulnerabilities seemingly found every month, it’s no wonder that smartphone users are beginning to get a little twitchy

Ixia’s Flex Tap Secure+ protects against injection breaches (Network World) This new network tap will be of value on networks running bandwidth-intensive, mission-critical applications that need to be secure

Ixia Launches Software for Pre-Silicon Testing (Light Reading) Ixia announced a test software solution, IxVerify, architected to work in an emulation-based verification flow. The first such verification flow that IxVerify works with is the Veloce Virtual Network (VN) App from Mentor Graphics

Illumio releases new templates that offer better security (ReadWrite) Adaptive security company Illumio, the just released Illumio Security Templates, offering ready-to-use security policies for core data center and cloud applications. They are pre-made to secure common applications, providing segmentation without having to reconfigure the network

Pulse Secure Updates Their Network Access Control (NAC) Solution By Adding Device Discovery And Profiling (Source Security) Pulse Secure, a provider of secure access solutions has announced an update to their Pulse Policy Secure solution that allows advanced device discovery with highly automated and detailed profiling

Technologies, Techniques, and Standards

There’s no best way to handle disclosure of zero-day vulnerabilities (Naked Security) Earlier this week, the headlines flashed with news that Google had disclosed a vulnerability to Microsoft that allows local privilege escalation in Windows 10

How Many Zero-Days Does the US Government Hold? Here’s the Best Guess Yet (Defense One) A Columbia University report critiques the process that decides whether cyber vulnerabilities should be fixed or exploited

Cyberthreat hunt teams would benefit from machine assistance (C4ISRNET) While some officials have expressed a strong desire for automated tools in the way of cyber defense to operate and respond at a cyber speed, a more offensive tactic involves hunt teams

Backslash Powered Scanning: Hunting Unknown Vulnerability Classes (Portswigger) Existing web scanners search for server-side injection vulnerabilities by throwing a canned list of technology-specific payloads at a target and looking for signatures - almost like an anti-virus. In this document

Human skills are essential in battle against cyber crime (Financial Times) Insight and curiosity are as important as analytics and artificial intelligence

Army faces training challenges as it deploys cyber capabilities to smaller units (Federal News Radio) As we’ve reported before, the Army is playing catch-up after letting its electronic warfare capabilities atrophy during a decade in which it was largely preoccupied with counterinsurgency warfare and while potential adversaries

Academia

Students worldwide competed to improve security software in a contest led by UMD (Diamondback) Some University of Maryland professors are trying to change how software designers approach their work

Legislation, Policy, and Regulation

China Adopts Cybersecurity Law Despite Foreign Opposition (Bloomberg Technology) China has green-lit a sweeping and controversial law that may grant Beijing unprecedented access to foreign companies’ technology and hamstring their operations in the world’s second-largest economy

West's cyber attack on Iran's nuclear facilities helps Iran's counter-measure developments: official (Global Times) A senior Iranian nuclear official said that West's cyber attack against Iran's nuclear facilities raised the country's awareness to embark on a new scientific field to ward off further acts of sabotage, Tasnim news agency reported on Saturday

Post-coup shake-up at Turkey's intelligence agency (Al Monitor) As emergency law becomes the new order in Turkey, several institutions are being reformed, shut down or promptly restructured. With each new executive decree that passes as law, Ankara bureaucrats have been wondering whether the National Intelligence Organization (MIT) would be affected as well

Hillary Clinton was warned in 2010 that U.S.-Canada intelligence sharing ‘may be controversial for Canadians’ (National Post) Huma Abedin warned Hillary Clinton in 2010 that cables from the U.S. Embassy in Ottawa could cause problems for Stephen Harper’s government, emails released Thursday show

GCHQ wants internet providers to rewrite systems to block hackers (Telegraph) James Blessing, the chair of the ISPA, said internet providers are working on their own fixes for such insecurities, “because we don’t like DDoS on our networks either”

Hidden Warfare 1. Cyber (Open Democracy) The UK agency would like to be known as on the front line defending UK interests from cyber attacks, rather than as an eavesdropping agency collecting data on individuals en masse

What the next president needs to do on cyber (FCW) With Election Day upon us, we are getting closer to ushering in a new administration in the White House

Inside the CIA, sweeping reforms during the age of cyberwar (Reuters via West Central Tribune) When America goes to the polls on Nov. 8, according to current and former U.S. intelligence officials, it will likely experience the culmination of a new form of information war

U.S. Air Force's F-35 Teams up With New "Cyber-Squadrons" to Fight Future Wars (National Interest) The Air Force is standing up new “cyber squadrons” and working vigorously to widen the aperture of its cyber-security focus. This initiative will more broadly incorporate “networked” and cyber-reliant weapons systems

FCC ushers in a troublesome new world for online privacy (TechCrunch) In late October, the Federal Communications Commission passed new rules that take the unprecedented step of imposing stricter privacy regulation on one specific set of actors in the Internet ecosystem

Litigation, Investigation, and Law Enforcement

CSIS claims it has been transparent with ministers about data collection (Globe and Mail) Facing fallout from judges complaining of being kept in the dark over some of its activities, Canada’s domestic spy agency says its officials always keep CSIS’s political masters and watchdogs aware of what it is doing

Écoute électronique de journalistes: le SPVM et son chef contredits (La Presse) Contrairement à ce que soutenait cette semaine son chef Philippe Pichet, le SPVM a demandé et obtenu un mandat pour placer sur écoute le chroniqueur Patrick Lagacé et le journaliste Vincent Larouche, a appris La Presse

FBI sticks to earlier view not to charge Clinton over email server (CSO) FBI chief James Comey had previously said that newly found emails "appear to be pertinent" to the agency's original investigation

Clinton directed her maid to print out classified materials (New York Post) As secretary of state, Hillary Clinton routinely asked her maid to print out sensitive government emails and documents — including ones containing classified information — from her house in Washington, DC, emails and FBI memos show

Rival behind July cyber attack on internet service provider: Cops (Indian Express) Officers are waiting for a technical report from the Forensic Science Laboratory to confirm their suspicions

C-Level Executives May Be Liable For Cyber Breaches, Warns LeClairRyan Attorney (PRNewswire) Complacency puts them at legal and professional risk, Christopher Wiech says in recent blog post

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

2nd Annual Summit: Global Cyber Security Leaders (Berlin, Germany, November 7 - 8, 2016) The Global Cyber Security Leaders 2016 is designed to provide unrivaled access to peers from across the globe, and encourage participants to discuss the current challenges and explore the ideas shaping...

IAPP Europe Data Protection Congress 2016 (Brussels, Belgium, November 7 - 10, 2016) The GDPR is finalised, the Data Protection Congress is returning to Brussels and you have a great deal of work ahead. Begin at the Congress, where you’ll find thought leadership, a thriving professional...

SANS Miami 2016 (Coconut Grove, Florida, USA, November 7 - 12, 2016) Attend our new SANS Miami 2016 event, November 7-12 and choose from five hands-on, immersion-style cybersecurity training courses taught by real-world practitioners. Attackers are targeting you with increasing...

Federal IT Security Conference (Columbia, Maryland, USA, November 8, 2016) The Federal IT Security Institute in partnership with PhoenixTS in Columbia, MD is hosting the first annual Federal IT Security Conference. Speakers from NIST, DHS, the Defense Department as well as private...

11th Annual API Cybersecurity Conference & Expo (Houston, Texas, USA, November 9 - 10, 2016) Join us at the 11th Annual API Cybersecurity Conference & Expo and discover methods for thwarting the bad guys, what the scene looks like over the horizon and how the latest technologies can help you counter...

SecureWorld Seattle (Bellevue, Washington, USA, November 9 - 10, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

Institute for Critical Infrastructure Technology Annual Gala and Benefit (Washington, DC, USA, November 10, 2016) The Annual ICIT Gala and Benefit is the year’s most prestigious gathering of legislative, agency and private sector leaders committed to protecting our Nation’s critical infrastructures. This intimate...

Israel HLS and Cyber 2016 (Tel Aviv, Israel, November 14 - 17, 2016) Where physical and cyber security meet. Topics include intelligence, cyber crime, and counter-terrorism, defending critical infrastructures, a smart global world, mass events--the integrative approach,...

SANS Healthcare CyberSecurity Summit & Training 2016 (Houston, Texas, USA, November 14 - 21, 2016) SANS will be hosting its 4th Annual Healthcare Cybersecurity Summit. Join us and hear top security experts from leading healthcare companies discuss proven approaches for securing and succeeding in the...

Infosec 2016 (Dublin, Ireland, November 15, 2016) Infosec 2016 conference addresses the critically important issues that threaten businesses in the information age By any measure, the digital threats that businesses and organisations of all sizes face...

Commercial Cyber Forum: Insider Threat (Odenton, Maryland, USA, November 15, 2016) Please join us for a panelist discussion with insider threat experts on upcoming Federal rules, key elements of an insider threat program and privacy, due process, and human resource requirements.

Kaspersky Academy Talent Lab (Online, then Prague, Czech Republic, November 15, 2016) Kaspersky Academy Talent Lab is an international cyber-world competition for young researchers and professionals aged 18-30 who are interested in the cybersecurity challenges facing the world. 50 finalists...

CISO Charlotte (Charlotte, North Carolina, USA, November 15, 2016) The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions ...

Pharma Blockchain Bootcamp (Edison, New Jersey, USA, November 16, 2016) Blockchain technology has gained recognition as one of the most disruptive technologies in the industrial world with the potential of redefining how businesses operate similarly the internet changed it...

CyberCon 2016 (Washington, DC, USA, November 16, 2016) CyberCon 2016 is the forum for dialogue on strategy and innovation to secure civilian and defense networks, as well as private-sector networks that hold their sensitive data. Cybersecurity will be the...

Versus 16 (San Francisco, California, USA, November 17, 2016) Versus is not an ordinary event. Versus is not about pitching products or preaching to the choir. Versus is about challenging what you think you know about cybersecurity, about technology, about doing...

Focusing On The Future: Prioritizing Security in the Digital Economy (Washington, DC, USA, November 18, 2016) In today's digital economy, developing and prioritizing a cyber strategy is critical to address diverse and evolving threats, foster trust in the technology we use, and define a path forward where security...

Data Breach & Fraud Prevention Summit Asia (Mumbai, India, June 8, 2016) ISMG’s Data Breach & Fraud Prevention Summit Asia – Mumbai is a one-day event that will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach to looking at the ...

SCSC Cyber Security Conclave 2.0 Conference and Exhibition (Hyderabad, India, November 22 - 23, 2016) India’s leading two-day cyber security event is returning in November 2016, once again bringing together over hundreds of cyber security experts, senior officials and policy-makers from across the public...

4th Ethiopia Banking & ICT Summit (Addis Ababa, Ethiopia, November 25, 2016) The 4th Ethiopia Banking & ICT Summit is the ONLY event in Horn of Africa that focuses on technology innovations and trends in the Banking and ICT sectors. This annual summit brings together Financial...

Internet of Things (IoT) (Elkridge, Maryland, USA, November 29, 2016) This cybergamut Technical Tuesday features Dr. Susan Cole, currently the Cybersecurity Lead for a Federal Information Systems Controls Audit Management (FISCAM) preparation team and also provides consulting...

CIFI Security Summit (Toronto, Ontario, Canada, November 30 - December 1, 2016) The Annual CIFI Security Summit takes place all over the world, Asia, Europe, Australia & North America. These summits are essential 2 day conferences and exhibitions bringing together leading security...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.