skip navigation

More signal. Less noise.

Daily briefing.

Policymakers and others attending the G20 summit are, predictably, warned to expect a variety of hacks and other intelligence prospecting. Warnings focus on Chinese intelligence and security services, especially given the current atmosphere of great and regional power competition over territorial rights in the South China Sea. That competition has had a cyber dimension that's widely expected to increase.

If concerns with respect to China have mostly to do with industrial espionage, the principal concern in the US with respect to Russia currently involves fears of election hacking. Circumstantial evidence of Russian involvement in recent compromises of US political sites induces US officials at the meetings to seek a firmer line with Russia over cyber conflict and cyber norms.

Meanwhile, back stateside, House Minority Leader Pelosi calls upon Republicans to stop exploiting Russian cyber capers involving Democratic campaigns.

Cisco ASA devices were among the more prominent targets threatened by the EXTRABACON exploit leaked by the Shadow Brokers. Too many of those devices are said to remain unpatched for comfort.

SEC Consult warned last year that too many embedded devices were sharing cryptographic keys. The situation apparently hasn't improved, and concerns about those devices' vulnerability to man-in-the-middle attacks continues to rise.

Kaspersky warns that an evolved version of the Gugi Trojan is now able to bypass Android 6 defenses against phishing and ransomware.

One new social media risk: complaining about PayPal on Twitter.

Google patches Quadrooter vulnerabilities.

Palantir is reported to be suing one of its early investors, alleging IP theft.


Today's issue includes events affecting Australia, Bulgaria, China, Russia, United Kingdom, United States.

The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today John Leiseboer, representing our partners at Quintessence Labs ,will discuss cryptographic and key management standards. Out guest, Gabby Nizry from Ayehu, will talk to us about the benefits of automation. As always, if you enjoy the podcast, please consider giving it an iTunes review.

New York Cyber Security Summit (New York, NY, USA, September 21, 2016) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from the FBI, Arbor Networks, IBM and more. Register with promo code cyberwire50 for half off your admission (Regular price $250)

Dateline Intelligence & National Security Summit

The Intelligence and National Security Summit (INSA and AFCEA) The third annual Intelligence & National Security Summit will be held September 7 - 8, 2016, at the Walter E. Washington Convention Center in Washington, D.C. Hosted by the two leading professional associations – AFCEA International (AFCEA) and the Intelligence and National Security Alliance (INSA) – this is the premier gathering of senior decision makers from government, military, industry and academia. In its first two years the summit drew more than 3,000 attendees, exhibitors and journalists

Cyber Attacks, Threats, and Vulnerabilities

Australia warned of China’s G20 spies who used gifts, ‘honeypots’ and cyber hacking tactics (Brisbane Courier-Mail) Gifts, “honeypots” and cyber hacking are among the weapons used by the Chinese to hunt top-secret information at the G20 summit

Opinion: How the South China Sea fight could go digital (Christian Science Monitor Passcode) China's growing technological prowess gives it many opportunities to use cybercapabilities to press territorial claims. That's why the US needs sharper policies to counter digital provocations

More Signs Point To Russian Cyberspy Connection In State Election Board Hacks (Dark Reading) Researchers discover possible nation-sate link between attacks on Arizona and Illinois and recent attacks on Turkey and Ukraine governments

US Election Officials Worried About Russian Cyber Attacks (Voice of America) Election officials in the United States are working to stop threats to the election system from cyber attackers

Can cybersecurity save the November elections? (CSO) The Federal Bureau of Investigation’s disclosure earlier this month that foreign hackers had infiltrated voter registration systems in Illinois and Arizona came as no surprise to some cybersecurity experts

Pelosi to GOP: Stop using DNC material hacked by Russians (Colorado Springs Gazette) House Minority Leader Nancy Pelosi asked House Speaker Paul Ryan on Tuesday to get the House GOP campaign arm to stop using any material hacked by Russia, which has been accused of cyberattacks on both the DNC and the Democratic Congressional Campaign Committee

Too many Cisco ASA boxes still open to an EXTRABACON attack (Help Net Security) Among the Equation Group exploits leaked by the Shadow Brokers, the one named EXTRABACON that targets Cisco ASA devices got the most attention from security researchers and attackers

Cryptographic Key Reuse Remains Widespread In Embedded Products (Dark Reading) Nine months after SEC Consult warned about the reuse of private keys and certificates in routers, modems, other products, problem has grown worse

Number of Devices Sharing Private Crypto Keys Up Sharply (Threatpost) Researchers at SEC Consult say the number of internet gateways, routers, modems and other embedded devices sharing cryptographic keys and certificates is up 40 percent since the Austrian consulting firm first looked at the problem in November

Cry Ransomware Uses UDP, Imgur, Google Maps (Threatpost) Ransomware purporting to come from a phony government agency, something called the Central Security Treatment Organization, has been making the rounds, researchers say

New Malware Targets Android Banking Apps, Cybersecurity Group Says (Wall Street Journal) Kaspersky Lab said the malicious software sidesteps security features on version 6 of the Android mobile-phone operating system

Gugi banking Trojan outsmarts Android 6 security (Help Net Security) A modification of the Gugi banking Trojan that can bypass Android 6 security features designed to block phishing and ransomware attacks. The modified Trojan forces users into giving it the right to overlay genuine apps, send and view SMS, make calls and more

Sony’s PlayStation Network (PSN) Goes Down (HackRead) Sony’s Playstation Network (PSN) goes down and users are angry again — it is unclear if this was a DDoS attack or a technical error

Complaining about PayPal might get you hacked as clever new phishing scam is unearthed 0 (Thai Visa) PayPal users are being warned to think twice about complaining on Twitter following reports that cyber criminals are using social media to trick unsuspecting customers into handing over their bank account details

Porn site users urged to protect themselves by using 'safe words' (SC Magazine) Nearly 800,000 users' details have been stolen from porn chat site Brazzers, leading some pundits to advise users to be more creative with their passwords

Security Patches, Mitigations, and Software Updates

Google Patches Quadrooter Vulnerabilities in Android (Threatpost) The Quadrooter vulnerabilities made a lot of people take notice because the scale of affected Android devices (more than 900,000) put it on a level with Stagefright and other bugs that impact a large majority of the Android ecosystem

New Android Security Patch Level System Is a Convoluted Mess (Softpedia) Google uses 3 security patch levels in September's bulletin

Cyber Trends

Why Social Media Sites Are The New Cyber Weapons Of Choice (Dark Reading) Facebook, LinkedIn, and Twitter can't secure their own environments, let alone yours. It's time to sharpen your security acumen

All aboard the breach bandwagon: Are the hackers gaining momentum? (ITPro Portal) So today I've been at CloudSec 2016 in London, listening to various security professionals from the likes of Trend Micro and Microsoft talk about the challenges businesses face in securing their data in the cloud

Quantum Computing: A New Threat to Cybersecurity (Montreal Gazette) Report estimates a 50% risk that existing cryptography tools will be broken within 15 years

ISPs treat cyber security as a top priority (Help Net Security) Better law enforcement training and coordination of cyber security and support for a government-backed awareness campaign are two key findings of an ISP survey by the Internet Services Providers’ Association (ISPA)

8 Security Categories Healthcare Providers Need to Improve On (Dark Reading) A new survey by HIMSS finds that many providers don't even cover the basics of IT security

The age of ransomware (Star) Malaysia has the dubious distinction of being number 25 on the list of countries that is the source of the most web infections, according to global security firm Kaspersky Lab


Iovation acquires LaunchKey, shows the future of authentication (Help Net Security) Iovation, a provider of device-based solutions for authentication and fraud prevention, announced the acquisition of multifactor authentication company LaunchKey

UK software co Ideagen acquires Bulgaria's Logen (Daily Brief) UK supplier of information management software Ideagen said on Tuesday it has acquired Sofia-based audit software company Logen for 200,000 British pounds ($266,700/239,000 euro))

Logikcull Closes Series A Funding Round (KMWorld) Logikcull, a San Francisco-based provider of legal intelligence software, has raised $10 million in venture capital from OpenView Ventures and Storm Ventures. It is the only pure cloud-based solution for collaborative searching and sharing of information in litigation, investigations, due diligence, and M&A

HPE stock: Here’s why Hewlett Packard Enterprises could soar in 2016 (Profit Confidential) Hewlett Packard Enterprise Co (NYSE:HPE) is selling its software division. This news carries limited weight, as far as Hewlett Packard Enterprise stock, or its business, is concerned. Still, the company, which was spun off from HP Inc (NYSE:HPQ) last year, could keep reaping benefits. The software segment currently accounts for about six percent of HPE’s sales

Better Buy: FireEye Inc vs. Fortinet (Motley Fool) Both cybersecurity stocks have gotten cheaper lately, but which is the better buy now?

Palo Alto: Best Of Breed (Seeking Alpha) Palo Alto's fourth quarter earnings were solid and cemented the company as the best of breed cybersecurity company. Compared to its peers, Palo Alto appears to be pulling away in terms of growth and valuation. Top line expansion remains strong and will fuel further stock gains

Thycotic: A Growing Force In Privileged Account Management (Seeking Alpha) Security is constantly changing as it catches up with the advancements in IT and application technology. The rise of privileged account management comes in tandem with the decline of traditional perimeter security. Thycotic is poised to grow quickly within this greenfield market opportunity

Bugcrowd, the for developers and researchers? (CSO) Whether you're looking for a single engagement or a long-lasting relationship, developers and researchers connect to test the waters and sometimes make a connection

Is There Life After Dell? SonicWALL Thinks So! (Gigaom) When SonicWALL was acquired by Dell back in 2012, many wondered how SonicWALL would fare under the auspices of industry giant Dell. That said, SonicWALL managed to maintain market share in its core SMB business sector, and start making inroads in to the large, distributed enterprise sector. Nonetheless, when Dell decided to sell off its software assets, along with SonicWALL to private equity firms, many began to wonder once again what that meant for SonicWALL

DHS Selects Imperva For $6B CDM Program (Homeland Security Today) The Department of Homeland Security (DHS) has selected cybersecurity firm Imperva’s SecureSphere Web Application Firewall and SecureSphere Database Firewall for inclusion in its Continuous Diagnostics and Mitigation (CDM) Tools/Continuous Monitoring as a Service Blanket Purchase Agreement (BPA)

Yelp Offers Up To $15K Per Bug Via New Bounty Program (Dark Reading) Reviews site building off previous success with private bug bounty program to launch new public program

Cryptzone CSO Appointed to Citizens Crime Commission of New York City (American Security Today) Leo Taddeo, Cryptzone’s Chief Security Officer, has been appointed to the Corporate Council for the Citizens Crime Commission for New York City

Products, Services, and Solutions

Measuring IT security health with GreySpark (Help Net Security) GreySparkIn this podcast recorded at Black Hat USA 2016, Brit Wanick, Vice President of Sales, FourV Sytems, talks about measuring IT security health with GreySpark

Gemalto expands SafeNet portfolio (Secure Document World) Gemalto has announced a major expansion of its SafeNet data protection portfolio, which the company says makes it easier for enterprises to protect big data deployments in the cloud, data centre, and virtualised environments

“The Russians are Coming,” Warns Cyber Security Expert Regarding the Threat Russian Hackers Pose to the Presidential Election and Computer Systems Throughout the U.S. (Press Release Rocket) In response to a recent alert from the FBI that cybercriminals have breached U.S. election systems in two states and may be planning more, cyber security expert and OPSWAT founder Benny Czarny says OPSWAT's Certified Security Application Program will help take American cyber security to the next level

G DATA veröffentlicht neuen Bot-Schutz für Android (Go Windows) Immer mehr mobile Android-Geräte sind durch die wachsende Anzahl von Bedrohungen durch Trojaner oder andere Schadsoftware gefährdet. Der eco Verband hat in einer Zusammenarbeit mit seinem Mitgliedsunternehmen G DATA Software AG den so genannten EU-Cleaner für Android-Smartphones und -Tablets entwickelt

HEAT Software First to be Awarded CESG CPA Accreditation for Software Execution Control (BusinessWire) Endpoint security solution approved for UK government and public sector organizations

IPM Partners With Avecto to Bolster Data Security (MarketWired) Enables companies to more effectively implement a comprehensive and flexible endpoint security solution

Technologies, Techniques, and Standards

Encrypting the Internet of Things (BankInfo Security) NIST: Specially designed cryptography needed for small computing devices

How to Set Up Your Own Malware Trap (SANS Internet Storm Center) I am sure what you really want is more malware ;-). But a few people asked for tricks to collect malware. Malware can be useful for a number of reasons: First of all, you could extract indicators of compromise from malware using various more or less automated methods. In addition, it is a good idea to keep an eye on what your users may be seeing, in particular, if they receive e-mail from sources other than your corporate e-mail system

The Four Cybersecurity Terms Businesses Need to Know (Infosecurity Magazine) Technological evolution yields a constantly changing threat landscape. Those who learn survive, and those who don’t evolve and grow their knowledge, are left behind. Just a few weeks ago at Black Hat, we heard a number of different conversations on the four key areas below, cementing their role as the cybersecurity hot topics of the near future

Use ransomware to get security buy-in, says Trend Micro CTO (ComputerWeekly) Ransomware is one of the top cyber threats to business, but organisations should use that to engage stakeholders and review processes and defences, says Trend Micro CTO Raimund Genes

How to control your privacy in Chromebooks vs. Windows 10 (CSO) Both Chrome OS and Windows 10 help themselves to similar usage data by default, but in different ways

Design and Innovation

Introducing Deep Learning: Boosting Cybersecurity With An Artificial Brain (Dark Reading) With nearly the same speed and precision that the human eye can identify a water bottle, the technology of deep learning is enabling the detection of malicious activity at the point of entry in real-time


National Security Agency names Triad college a cybersecurity resource center (Triad Business Journal) The National Security Agency has named Forsyth Technical Community College a cybersecurity regional resource center designed to develop and administer workshops and professional development programs to faculty at other community colleges across the Southeast

Legislation, Policy, and Regulation

China’s G-20: The Most Censored Day of the Year (Foreign Policy) The massive summit saw empty streets in Hangzhou and a spate of social media deletions

Obama and Clinton weigh in on cyber warfare tactics (TechCrunch) Russia’s recent intrusions into American political organizations’ networks are driving discussions about the rules of engagement for cyber warfare, and forcing America’s own hacking of foreign governments into the light

Litigation, Investigation, and Law Enforcement

FBI report: Clinton had limited knowledge of classified data procedures (Ars Technica) Former secretary of state left details of e-mail to her husband's staff

Congressional Report Slams OPM on Data Breach (KrebsOnSecurity) The massive data breach at the U.S. Office of Personnel Management (OPM) that exposed background investigations and fingerprint data on millions of Americans was the result of a cascading series of cybersecurity blunders from the agency’s senior leadership on down to the outdated technology used to secure the sensitive data, according to a lengthy report released today by a key government oversight panel

Lauri Love Might Get 99 Years for Hacking US Government Computers (HackRead) Let’s talk about hack and love; let’s talk about LAURI LOVE — Lauri Love is a British hacker might get 99 years for allegedly hacking US Government computers

Palantir Has Filed a Dramatic Lawsuit Against a Major Early Investor (Palantir) These are some serious allegations

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Cambridge Cyber Summit (Cambridge, Massachusetts, USA, October 5, 2016) This unique one-day summit will bring together c-suite executives and business owners with public and private-sector leaders in security, technology and defense to discuss ways to combat urgent cyber threats...

Upcoming Events

2016 Intelligence & National Security Summit (Washington, DC, USA, September 7 - 8, 2016) Third annual unclassified summit hosted by AFCEA International and the Intelligence and National Security Alliance (INSA). There are five plenary sessions and nine breakout sessions related to cybersecurity,...

Annual Privacy Forum 2016 (Frankfurt, Hesse, Germany, September 7 - 8, 2016) In the light of the upcoming data protection regulation and the European digital agenda, DG CONNECT, ENISA and, Goethe University Frankfurt is organizing APF 2016. In the light of the upcoming data protection...

Innoexcell Annual Symposium 2016 (Singapore, September 8, 2016) The Innoxcell Annual Symposium (IAS) is largest and most comprehensive international legal and regulatory compliance conference in Hong Kong, Beijing, Shanghai, Singapore, Australia and United States.This...

SecureWorld Cincinnati (Sharonville, Ohio, USA, September 8, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry...

Borderless Cyber Europe (Brussels, Belgium, September 8 - 9, 2016) Join CIOs, CISOs and cyber threat intelligence experts from industry, government and CSIRTs worldwide to share experiences, strategies, tactics and practices that will improve your state of preparedness...

SANS Network Security 2016 (Las Vegas, Nevada, USA , September 10 - 16, 2016) We are pleased to invite you and your colleagues to attend SANS Network Security 2016 at the magnificent Caesars Palace, Las Vegas, on September 10-19. SANS Network Security is your annual networking opportunity!...

Business Insurance Cyber Risk Summit 2016 (San Francisco, California, USA, September 11 - 12, 2016) The Business Insurance Cyber Risk Summit provides risk management professionals and chief information security officers with the practical information and tools needed to combat the latest cyber risks...

Hacker Halted 2016 (Atlanta, Georgia, USA, September 11 - 16, 2016) This ​year, ​Hacker ​H​alted’s theme​ is​ the Cyber Butterfl​​y Effect​:​ When ​S​mall ​M​istakes ​L​ead to ​B​ig ​D​isasters​. The goal of the conference is to bring the IT security community together...

(ISC)² Security Congress (Orlando, Florida, USA, September 12 - 15, 2016) (ISC)² Security Congress offers attendees over 90 education sessions, designed to transcend all industry sectors, focus on current and emerging issues, best practices, and challenges facing cybersecurity...

7th Annual Billington Cybersecurity Summit (Washington, DC, USA, September 13, 2016) Join over 600 senior-level attendees, more than 50 distinguished speakers, and over 40 prestigious sponsors and exhibitors at the 7th Annual Billington CyberSecurity Summit, the leading Fall forum on cybersecurity...

Privacy. Security. Risk. 2016 (San Jose, California, USA, September 13 - 16, 2016) Innovative since Day 1, P.S.R. brings together two related fields—privacy and security—helping you see beyond your role in order to excel in your role. Because perspective is everything. Delivering the...

CISO GAS (Frankfurt, Hessen, Germany, September 13, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. CISOs and IT security executives...

ISS World Americas (Washington, DC, USA, September 13 - 15, 2016) ISS World America is the world's largest gathering of North American Law Enforcement, Intelligence and Homeland Security Analysts as well as Telecom Operators responsible for Lawful Interception, Hi-Tech...

Tarleton State University Cyber Security Summit 2016 (Dallas, Texas, USA, September 13, 2016) Cyber Security for the Board and the C-Suite: "What You Need to Know." Cyber Security experts will discuss corporate cyber-attacks and legal practitioners will discuss strategies to help companies comply...

Insider Threat Program Development Training For NISPOM CC 2 with Legal Guidance (Germantown, Maryland, USA, September 14 - 15, 2016) Insider Threat Program Development Training for NISPOM CC 2 (Germantown, Maryland, September 14 - 15, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development...

SecureWorld Detroit (Dearborn, Michigan, USA , September 14 - 15, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

Insider Threat Program Development Training for NISPOM CC 2 (Milwaukee, Wisconsin, USA, September 19 - 20, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795...

4th ETSI/IQC Workshop on Quantum-Safe Cryptography (Toronto, Ontario, Canada, September 19 - 21, 2016) This three-day workshop brings together diverse players in the quantum-safe cybersecurity community to facilitate the knowledge exchange and collaboration required to transition cyber infrastructures and...

Cyber Physical Systems Summit (Newport News, Virginia, USA, September 20 - 22, 2016) On September 20-22, 2016 the Commonwealth will be hosting a Cyber and Physical Systems Summit. The three day event will consist of roundtable discussions, plenary and panel presentations across the intersection... Security Conference (The Hague, the Netherlands, September 20 - 23, 2016) Security Conference is a platform for hardware and security community where researchers showcase and discuss their innovative research on attacking and defending hardware. The objective of...

3rd Annual Senior Executive Cyber Security Conference: Navigating Today's Cyber Security Terrain (Baltimore, Maryland, USA, September 21, 2016) The Johns Hopkins University Information Security Institute and COMPASS Cyber Security are hosting the 3rd Annual Senior Executive Cyber Security Conference on Wednesday, September 21, from 8:30 a.m. –...

New York Cyber Security Summit (New York, New York, USA, September 21, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers...

Gigaom Change 2016 Leader's Summit (Austin, Texas, USA, September 21 - 23, 2016) Over an immersive 2.5 days, we will explore the current state-of-the-art technologies, how these are transforming industry, and why this all matters. You’ll emerge with a greater understanding of the exponential...

NYIT Annual Cybersecurity Conference (New York, New York, USA, September 22, 2016) Presented by NYIT School of Engineering and Computing Sciences, this conference brings together cyber experts from academia, business, and government to address: Cyber Defense Against Attacks–How Industry...

GDPR Comprehensive 2016 (London, England, UK, September 22 - 23, 2016) The GDPR is now a reality. Are you prepared? We had an incredible response to the IAPP GDPR Comprehensive in Brussels and New York, where we prepared hundreds of privacy and data protection professionals...

Cyber Security: How to Identify Risk and Act (Frankenmuth, Michigan, USA, September 26, 2016) Join us on 9/26/2016 for the PMI-MTC's annual project management PDD focusing on "Cyber Security: How to Identify Risk and Act." Earn 7 PDUs during the interactive sessions with well-known information ...

CYBERSEC (Kraków, Poland, September 26 - 27, 2016) The CYBERSEC forum is the first of its kind in Poland and one of just a few regular public policy conferences in Europe devoted to the strategic issues of cyberspace and cybersecurity.The goal of the CYBERSEC...

Third Annual Women in Cyber Security Reception (Baltimore, Maryland, USA, September 27, 2016) The CyberWire is pleased to present the 3rd Annual Women in Cyber Security Reception in cooperation with our partner the Cybersecurity Association of Maryland (CAMI) on Tuesday, September 27, 2016, in...

IP EXPO Nordic 2016 (Stockholm, Sweden, September 27 - 28, 2016) IP EXPO Nordic is part of Europe’s number ONE enterprise IT event series, designed for those looking to find out how the latest IT innovations can drive business growth and competitiveness. The event showcases...

SecureWorld Dallas (Plano, Texas, USA , September 27 - 28, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.