skip navigation

More signal. Less noise.

Looking for an introduction to AI for security professionals?

Your wait is over. A new book is out from the Cylance data science team, covering artificial intelligence and machine learning techniques in practical situations to improve the security professional’s ability to thrive in a data driven world. Whether you are reviewing logs or analyzing malware, being able to derive meaningful results and improve productivity is key. Order your free copy today.

Daily briefing.

North Korea's ambassador to the United Nations renews calls for the US to lay out the evidence that WannaCry was a DPRK campaign.

In the US, the FBI's fingerprint analysis software was supplied by a then-subsidiary of France's Safran Group in 2011 (so far so good). But ex-Safran whistleblowers allege the company purchased some of the code it used from Russia's Papillon Systems, a security company boasting FSB ties (which seems less good). The FBI says it checks all its software for problems, suggesting it found none here.

Vietnam has announced formation of a 10,000-strong cyber operations unit. A senior general's remarks about the unit indicate that it will be heavily involved in information operations (combatting "wrong views").

Russian information operations continue to exercise US policy mavens. A joint op-ed by former senior CIA official Michael Morell and former Representative Mike Rogers, ex-Chair of the House Intelligence Committee, says US diplomatic efforts during the last Administration did little to restrain Moscow's influence operations, and they call for development of a credible deterrent.

Recent law enforcement operations again suggest that controlling objectionable content is difficult. Ukrainian police are taking down a disturbingly large number of social media accounts devoted to encouraging the troubled and lonely to commit suicide. Journalists in the UK, notably at the Times, report the use of YouTube videos of child abuse as a gateway to trading such material. Other reports from the UK complain of unrestrained depravity in the comments added to videos underage YouTubers themselves post.

Notes.

Today's issue includes events affecting Australia, Germany, India, Iran, Democratic Peoples Republic of Korea, Nigeria, Russia, Ukraine, United Kingdom, United States, and Vietnam.

How are companies actually using machine learning for threat intelligence?

Artificial intelligence, and in particular machine learning, has seen huge strides in recent years and is now impacting all aspects of society and business. Learn the four ways machine learning is powering smarter threat intelligence with Recorded Future's latest white paper. Download your copy now.

In today's podcast we sit down for a long talk with Scott Shober, author of Hacked Again, about the experience of being on the receiving end of identity theft.

Cyber Attacks, Threats, and Vulnerabilities

North Korea UN ambassador demands US prove ransomware claim (Fifth Domain) Pak Song Il told The Associated Press in a telephone interview from New York late Monday that Pyongyang sees the allegation as an effort to create an “extremely confrontational atmosphere.”

Opinion | We ignore Iran at our peril (Washington Post) A new study reveals a small but powerful cyberthreat from the nation.

FBI fingerprint software could contain Russian code: report (TheHill) Software for analyzing fingerprints used by the FBI and more than 18,000 other U.S. law enforcement agencies could contain Russian code.

FBI Software Contains Russian-Made Code That Could Open A Back Door For Kremlin Hackers, Sources Say (BuzzFeed) In a secret deal, a French company purchased code from a Kremlin-connected firm, incorporated it into its own software, and hid its existence from the FBI, according to documents and two whistleblower

Maybe Russia is Hacking the FBI and Stealing Our Biometric Data, Exhaustive Report Says (Gizmodo) Biometric data belonging to millions of Americans may or may not be at risk—it is frankly unclear—based on a BuzzFeed report published Tuesday. At least two experts are concerned anyway, according to the site.

Catelites Android Malware Poses as 2,200 Bank Apps (HackRead) A new Android malware called Catelites is targeting users by posing as banking apps. In reality, the malware can steal everything from a targeted device.

Janus Android App Signature Bypass Allows Attackers to Modify Legitimate Apps (TrendLabs Security Intelligence Blog) Android’s regular security update for December 2017 included a fix for a serious vulnerability that could allow attackers to modify installed apps without affecting their signature. This would allow an attacker to gain access to the affected device (indirectly). First found by researchers in July, this vulnerability (designated as CVE-2017-13156, and also called the Janus vulnerability) affects versions of Android from 5.1.1 to 8.0; approximately 74% of all Android devices have these versions installed.

Three Years Later, Hundreds of Sites Still Use Backdoored WordPress Plugins (BleepingComputer) More than a year after revealing the presence of intentionally malicious code inside the source code of 14 WordPress plugins, experts warn that hundreds of sites are still using the boobytrapped components.

Exposed File From Ancestry's RootsWeb.com Contains Data on 300,000 Users (Dark Reading) A file containing hundreds of thousands of RootsWeb users' email, login information, and passwords was found externally exposed, genealogy site says.

Kerala Bank Hit By Ransomware Cyber Attack (NDTV.com) The main server and a computer of the Mercantile Cooperative bank in Thiruvananthapuram was today affected in a 'ransomware' cyber attack, suspected to have originated from outside the country, the police said.

TasRail reveals it was the subject of a cyber attack (Mercury) The state’s peak IT body is warning Tasmanian businesses not to be complacent about cyber security following TasRail’s admission that it was the subject of an ransomware attack that breached its defences.

Dundee city council ‘at risk of cyber attack’ due to old computer software (Evening Telegraph) Several public bodies in Dundee are exposed to the risk of cyber attack because of out-of-date computer software, the Tele can reveal.

EtherDelta Hack Begins Rocky Weekend for Crypto (Dark Reading) Popular cryptocurrency exchange EtherDelta announces a potential DNS attack and suspends service just days before Bitcoin hit a five-day drop.

Skyrocketing Bitcoin Fees Hit Carders in Wallet (KrebsOnSecurity) Critics of unregulated virtual currencies like Bitcoin have long argued that the core utility of these payment systems lies in facilitating illicit commerce, such as buying drugs or stolen credit cards and identities. But recent spikes in the price of Bitcoin — and the fees associated with moving funds into and out of it — have conspired to make Bitcoin a less useful and desirable payment method for many crooks engaged in these activities.

The Need for Better Built-in Security in IoT Devices (TrendLabs Security Intelligence Blog) As manufacturers develop Internet of Things (IoT) devices that integrate with widely popular internet-based applications, more and more users see the value in purchasing such devices.

Inactive Accounts: The Key to Your Company’s Sensitive Data (Infosecurity Magazine) Most organizations focus on protecting current users, but ghost users are a huge and often overlooked threat.

Security Patches, Mitigations, and Software Updates

Mozilla Patches Critical Bug in Thunderbird (Threatpost) Mozilla has patched one critical vulnerability in its Thunderbird email client along with two bugs rated high.

Microsoft issues patch for critical Windows flaw (Techgenix) Microsoft has issued a fix for a critical Windows flaw. Left unpatched, the exploit is incredibly dangerous in the wrong hands.

Cyber Trends

2017 Security Predictions through the Rear Window (Dark Reading) If you're going to forecast the future, go big.

What are your Security Challenges for 2018? (SANS Internet Storm Center) We are almost at the end of another year.

Threat posed by evil nations and criminals in cyber-land is rising (Australian) We know very little about Kim Jong-un’s North Korea but we do know the hermit kingdom pro­duces skilled hackers.

The healthcare sector is one of the most vulnerable to cyberattacks (Tech Wire Asia) Healthcare isn't necessarily a sector that you might closely associate with hacking and malware, but as more hospitals, medical practitioners and administrators begin adopting digital technology into their systems it's becoming more crucial than ever that this industry adopts robust security measures.

Marketplace

This company will self-destruct after its ICO (TechCrunch) Two opposing fears are holding back the move to token-networks: a fear of the absence of governance on one side and a fear of regulation on the other...

Warburg Pincus Completes Tender Offer for Email Protection Company Cyren (CTECH) After payment, the private equity firm will own approximately 52% of outstanding Cyren Shares

Notable Individuals Join Armored Things Board of Advisors (Benzinga) Welcoming CTO of IBM Resilient Bruce Schneier, Security Researcher Dan Geer, Former US Principal Cyber Advisor Lisa Wiswell, and Head of Mobile Enterprise Products at Cisco Jasper...

Technologies, Techniques, and Standards

What is OpenVPN? A closer look at this popular VPN encryption protocol (TechRadar) King of the VPN protocols?

As efficiency falters, AI a tool in cyberwar (Bangkok Post) Software inefficiencies play a major role in slowing an organisation's ability to detect and respond to cyberthreats, says security intelligence company LogRhythm.

What is cyber security? How to build a cyber security strategy (CSO Online) Organizations face many threats to their information systems and data. Understanding all the basic elements to cyber security is the first step to meeting those threats.

Research and Development

How DARPA sparked dreams of self-healing networks (C4ISRNET) DARPA's Cyber Grand Challenge showed how artificial intelligence could give the Defense Department the edge in the ongoing cat-and-mouse network battles.

Researchers Show How AI Can Fake Way Through Conversations Just Like Humans (Inverse) How to learn without asking stupid questions.

Legislation, Policy, and Regulation

Vietnam army reveals 10,000-strong cyber warfare unit (Financial Times) Communist party tackles ‘wrong views’ as growing numbers of citizens go online

Weaponization of the cyberspace: Imperatives for national digital defence (Vanguard News) With focus on the forth industrial revolution, Chris Uwaje, the Director General DSIHUB Africa, Chair IEEE-IoT Summit, Past-President Institute of Software Practitioners of Nigeria (ISPON) and Country Convener IPv6 Council Nigeria, at the 4th Nigeria Mobile Economic Summit & EXPO 2017 with the theme: The Mobile Economy Impact in Nigeria, Policy Innovation and Investment Benefits and Content, explored the Nigerian ICT landscape and examined the digital security challenges in cyberspace.

In op-ed, former intel experts say Russia never stopped cyberattacks on U.S. (CBS News) "Foreign governments, overtly or covertly, should not be allowed to play with our democracy," Morell and Rogers write

Trump Has Unveiled a Strong National Security Strategy (The National Interest) The National Security Strategy has several strengths and is clear-eyed about world politics.

NAIC Adopts Model Law on Cybersecurity: Will States Adopt It? (The Legal Intelligencer) On Oct. 24 the National Association of Insurance Commissioners (NAIC) formally approved the Insurance Data Security Model Law (model law). The NAIC is a standard setting and regulatory support organization consisting of the top insurance regulators from the 50 states District of Columbia and five U.S. territories. T

Litigation, Investigation, and Law Enforcement

Ukrainian cyber police block over 1,000 pro-suicide social media groups, stop deadly challenge (Unian) Chief of the National Police of Ukraine Serhiy Kniaziev says Ukrainian cyber police have blocked over 1,000 pro-suicide social media groups.

Call for crackdown after claims YouTube is shop window for child abuse (Times) Children’s charities have called for a crackdown on social media giants after an investigation by The Times revealed that child predators were using YouTube as a “shop window” to showcase abused...

Morrison Cohen, Stepping in for PlexCoin, Takes Swipe at SEC (New York Law Journal) Lawyers at Morrison Cohen have stepped in to defend the alleged fraudsters behind the PlexCoin initial coin offering and argue in a letter to a Brooklyn federal judge that the SEC has vastly overstepped its authority.

10 times the intel community violated the trust of US citizens, lawmakers and allies (TheHill) Reality hit home for me when computer forensics reports confirmed the government surveilled me while I reported for CBS News during the Obama administration.

German business associations speak out against US data demands (Handelsblatt Global Edition) The Supreme Court is to decide whether US law enforcement can compel Microsoft to provide data stored on a server in Ireland. Virtually every cross-border data transfer would be impacted.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

International Conference on Cyber Security: Forging Global Alliances for Cyber Resilience (New York, New York, USA, January 8 - 11, 2018) The Federal Bureau of Investigation and Fordham University will host the Seventh International Conference on Cyber Security (ICCS 2018) on January 8-11, 2018, in New York City. ICCS is held every eighteen...

2018 Leadership Conference (Arlington, Virginia, USA, January 17 - 19, 2018) We invite you to join us for this unique opportunity to share information, participate in leadership training, collaborate on solutions to common problems, and network with peers from around the globe.

CYBERTACOS (Arlington, Virginia, USA, January 24, 2018) CYBERTACOS is back and becoming one of the DC metro area’s biggest cybersecurity networking events! Register today and join us for networking, food and drinks. This event includes a 45-minute meet the...

Connected Medical Device & IOT Security Summit (Baltimore, Maryland, USA, January 25 - 26, 2018) The Summit will offer practical solutions to many of the daunting security challenges facing medical device and connected health technology companies, healthcare providers, payers and patients. The program...

CyberUSA (San Antonio, Texas, USA, January 29 - 30, 2018) The CyberUSA Conference will be held in San Antonio, TX at the Henry B. Gonzalez Convention Center on Tuesday, January 30, 2018. A welcome reception will be held on the evening of Monday, January 29, 2018.

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.