skip navigation

More signal. Less noise.

Looking for an introduction to AI for security professionals?

Your wait is over. A new book is out from the Cylance data science team, covering artificial intelligence and machine learning techniques in practical situations to improve the security professional’s ability to thrive in a data driven world. Whether you are reviewing logs or analyzing malware, being able to derive meaningful results and improve productivity is key. Order your free copy today.

Daily briefing.

Nissan Canada and continue their notification of customers affected by their respective data breaches.

The highest rates of online fraud are associated with Black Friday and Cyber Monday, but this is, researchers say, a misconception: Enigma Software Group says malware infections, at least, have peaked in mid-December the past few years, and that it would even now be premature to breathe a sigh of relief.

Section 702 of the US Foreign Intelligence Surveillance Act, the legal authority for much US electronic surveillance, will not be renewed before it sunsets this week. Congress has deferred consideration of reauthorization until it reconvenes in January. The Department of Justice has offered an opinion that the Act as it stands permits current surveillance operations to continue into April, which is thought to give the Intelligence Community sufficient legal authority to go on as it has, at least for a few months. But final Congressional action is likely in the first months of 2018. 

As the US Securities and Exchange Commission takes its first shots at regulating initial coin offerings (ICOs), observers think that this particular investment mechanism is unlikely to gain great traction until some of its security issues are worked out.

Not a threat in the wild, yet, but Trend Micro has demonstrated that high-end speakers from Bose and Sonos can be hacked and rickrolled by those of a mind to do so. 

Twitter account hacked? It happens to the best, in this case John McAfee (probably through compromise of his phone).


Today's issue includes events affecting Canada, China, Germany, India, Democratic Peoples Republic of Korea, Russia, Sweden, United Kingdom, United States.

A note on our holiday calendar: We won't be publishing the Week that Was on New Year's Eve, and the CyberWire Daily News Briefing will also take its regular US holiday break on New Year's Day. The Daily News Briefing will be out as usual tomorrow, as will our Daily Podcast, the latter with a longform interview. Research Saturday will be up this weekend. All publication returns to normal on January 2nd. Best wishes from all of us during this holiday season, and thank you for reading and listening.

How are companies actually using machine learning for threat intelligence?

Artificial intelligence, and in particular machine learning, has seen huge strides in recent years and is now impacting all aspects of society and business. Learn the four ways machine learning is powering smarter threat intelligence with Recorded Future's latest white paper. Download your copy now.

In today's podcast, we sit down for a long talk with Andrew Wild from QTS Data Centers, who talks about the role of the CISO.

Cyber Attacks, Threats, and Vulnerabilities

Hacker Targeted Huawei Router 0-Day in Attempt to Create New Mirai Botnet (Dark Reading) Thousands of attempts have been made to exploit a zero-day vulnerability in the Huawei home router HG532.

Attackers Exploit Android Application Package Flaw to Hide Malware - Security Boulevard (Security Boulevard) Attackers have started to exploit a vulnerability patched this month in Android that enables the bundling of malware with Android application files (APKs)

Certain Sonos and Bose models can be accessed by hackers to play sound remotely (TechCrunch) Researchers at Trend Micro have discovered a potential hack opening key speakers from Sonos and Bose to remote access. As first reported by Wired, the Sonos..

Hackers Can Rickroll Thousands of Sonos and Bose Speakers Over the Internet (WIRED) Researchers found that network configuration errors have left thousands of high-end speakers open to epic audio pranking.

Another Ransomware cyber attack in Kerala   (The New Indian Express) As per the warning on the affected computer screen, the files have been encrypted and if it is to be retrieved, ransom in the form of bitcoin has to be remitted, he said.

Leaky RootsWeb Server Exposes Some User Data (Threatpost) closes parts of its community-driven genealogy site RootsWeb as it investigates a leaky server that exposed thousands of passwords, email addresses and usernames to the public internet.

Nissan Canada Finance Alerts 1.13 Million Customers of Data Breach (Dark Reading) Attackers gain access to personal information of Nissan Canada Finance and Infiniti Financial Services Canada customers.

John McAfee' Twitter account hack: "Most likely my phone was compromised" (HackRead) Earlier today, John McAfee Twitter account was hacked and it was most likely that his phone was compromised.

Online Shopping Spikes Malware Infections: Is the Worst Yet to Come? (Inside Counsel | Corporate Counsel) Even though malware infections spiked after the first weekend of online holiday shopping the biggest spike may be yet to come. Last year the biggest…

Security Threats In the Cloud: Report Lays Out the Top 12 "Treacherous" Challenges (Liftr) Data breaches, account hijacking and malicious employees with access to critical data and networks are among the top security threats in the cloud, according to a non-profit research group

The Wildly Popular Christmas Game That Got Mistaken for Spyware (Motherboard) How 'Elf Bowling,' the incredibly popular viral game from 1999, became an early victim of what we might now call “fake news.”

Security Patches, Mitigations, and Software Updates

Using Thunderbird? Update if you haven’t already (Ars Technica) A critical buffer overflow vulnerability affecting Windows users has been fixed.

The Case of Disappearing Vulnerabilities (Infosecurity Magazine) While the practice of identifying vulnerabilities is basically sound, the SaaS vendor cannot rely on public databases of vulnerabilities.

Cyber Trends

Cybersecurity review 2017 looks at some of the biggest incidents this year (WeLiveSecurity) 2017 has been somewhat of a wake-up call for those in the industry and for people worldwide and our cybersecurity review highlights some of these incidents.

5 trends that will change Network Security landscape in 2018 (TechObserver) Network Security - With the prospects of new technologies like Artificial Intelligence, Machine Learning, Big Data Analytics and the Internet of Things, there’s also increasing risk of confidential data being maliciously collected, stored and disseminated.

2017’s Worst Cyber Scandals (Acumin) This year has been a very significant in the cyber security industry, with high profile breaches and consistent threats still active against organisations. As a result, companies and the public as are becoming increasingly aware of the importance of cyber security, and how detrimental a sophisticated cyber-attack can be.

The 12 biggest hacks, breaches, and security threats of 2017 (PCWorld) The biggest security hacks, leaks, and breaches of 2017 may impact your privacy for years to come.

License expired: The Ars Technica 2018 Deathwatch (Ars Technica) Companies, tech, and trends least likely to succeed in 2018, as chosen by Ars editors.

Third of UK Cybersecurity Execs Expect to Be Hacked: Report (SC Media US) Ransomware, phishing attacks and data loss are the three biggest issues that concern UK cybersecurity executives.

Almost a Third of All U.S. Businesses Were Breached in 2017 (eSecurity Planet) And almost half of those breaches were caused by a third-party vendor or contractor.

“We’ve centralized all of our data to a guy called Mark Zuckerberg” says Pirate Bay Founder. (Hacker Noon) At its inception, the internet was a beautifully idealistic and equal place. But the world sucks and we’ve continuously made it more and…


ICOs: No Credibility Without Better Security (Infosecurity Magazine) Without good protection, ICOs will continue to reside on the sidelines. With solid security, they could become a major player.

Security Vendors Continue to Attract Investors to Fund Their Efforts (eWEEK) A number of cyber-security vendors secured new funding in December 2017, among them cloud and IoT security vendors.

Rapid Growth in Security Market Raises Question: How to Pick a Startup (Dark Reading) VCs weigh in with their advice on how to select a startup with staying power when purchasing security solutions and services.

Former Tenable chief to bet bigger on cybersecurity investments in 2018 (Washington Business Journal) Ron Gula has been investing in dozens of cybersecurity companies. And his plan is to go even bigger next year.

GERMANY : Former BND boss backs startup SciEngines (Intelligence Online) German company SciEngines recently put an application on the market that allows intelligence operatives to deploy cryptanalysis tools in briefcases,

HCL technologies to Double its investments on Cybersecurity space (Latest IT News) HCL technologies doubling its investments on Cybersecurity space HCL Technologies country’s fourth-largest software services firm with BSE -0.40 % is intensifying its investments in the cybersecurity space and is looking at advancement of its three facilities in India. The techno giant is also planning a new Cyber Security Fusion Center in Dallas, Texas, US and …

Five minutes with DarkMatter's Alan White ( Arabian Computer News delves below the corporate strategy to find out what really makes the region’s IT leaders tick

Meet the 9 cyber security startups that showcased their innovative product ideas at AISS ( NASSCOM’s Data Security Council of India (DSCI) chose 9 startups for the Most Innovative Product of the Year at the Annual Information Security Summit 2017 to provide impetus to budding security produ...

Products, Services, and Solutions

Microsoft's Partner Ecosystem Gears Up for GDPR as Deadline Looms (eWEEK) The Microsoft GDPR Detailed Assessment tool helps the software giant's partners gauge their customers' readiness.

Technologies, Techniques, and Standards

Why 'secure' isn't secure enough in the utilities sector (Utility Dive) With multiple vulnerabilities, companies should invest in a comprehensive cybersecurity approach that considers both protecting the communications layer and complementary physical security measures.

Thousands of major sites are taking silent anti-ad-blocking measures (TechCrunch) It's no secret that ad blockers are putting a dent in advertising-based business models on the web. This has produced a range of reactions, from relatively..

Solving the Human Problem: A Progressive Security Strategy to Phishing (Infosecurity Magazine) A realistic anti-phishing goal is not to focus on a click-through rate but to track the rate at which employees report phishing emails to their IT or security teams.

The Financial Impact of Cyber Threats (Dark Reading) Determining the financial impact of specific IT vulnerabilities is a good way to prioritize remediation and prevent attacks.

How to Counter Fake News (Foreign Affairs) Although much of the establishment has been left wringing its hands about what to do about the problem of fake news—how to ferret out the content and those who produce it—there are already tools and systems to help digital investigations and gumshoe reporters connect the dots and discover scams, as well as other steps Washington and the media can take to protect the public.

3 Cyber Threat Intelligence Myths — Busted (Recorded Future) We take a look at three myths that contribute to the confusion over cyber threat intelligence. Understanding the misconceptions behind each myth can help you protect your organization.

6 Tips to Protect Against Technical Support Fraud (Dark Reading) Just when you're having fun over the holidays and not paying attention, you can be hit with a tech support scam. Here's how to stay safe into the new year.

Here's how to turn an Android device into a tripwire (Fifth Domain) A new open-source app, developed in partnership with Edward Snowden, uses an Android smartphone's sensor arrays to monitor for intruders and inform people needing to

Holiday Fun #1: Try an unusual operating system… (Naked Security) We look at three alternative operating systems. Because it’s Christmas, and because we can. You can too.

Design and Innovation

Machine learning capabilities aid healthcare cybersecurity (SearchHealthIT) As healthcare looks toward 2018, one expert predicts that machine learning capabilities will play a critical role in improving cybersecurity and patient care.

Research and Development

IARPA wants those foreign document translated ... and fast (C4ISRNET) The Intelligence Advanced Research Projects Activity awards four organizations language processing software contracts.

These experts figured out why so many bogus patents get approved (Ars Technica) Empirical research reveals three big problems with how patents are vetted.

People who know how the news is made resist conspiratorial thinking (Ars Technica) It's not clear why, but it even works for partisan conspiracies.

Legislation, Policy, and Regulation

Sweden would militarily back allies, but expects the same in return, says defense report (Defense News) A defense-focused report in Sweden says the world's current state of security is

The Cyberforce Awakens (Bloomberg) With mutual assured destruction making nuclear warfare an unrealistic option, more nation states are fighting battles online rather than on physical battlefields and with malware replacing projectile weapons.

What's To Come As Government Surveillance Sunsets With 2017? (Forbes) As December raced by with Republicans in Congress doing all they could to keep momentum behind their tax-reform bill, which passed with all the pageantry and histrionics such legislation can muster, they weren’t able to vote on the FISA Amendments Reauthorization Act of 2017.

Cybersecurity in the First Year of the Trump Administration (The National Law Review) As might be expected, the first year of the Trump Administration saw a lot of activity on the cybersecurity front. In May, the Administration issued its Presidential Executive Order...

2017 Was Marked by Continuity and Confusion in Cyber Policy ( The Kaspersky ban, WannaCry and big changes at State Department topped the news cycle.

Trump, take note: Library of Congress to trim Twitter archive (Federal Times) The Library of Congress has decided to change its strategy for collecting and preserving tweets for posterity by switching to a more event-based strategy that collects around elections or issues of ongoing national interest.

New legislation promotes more accessible on-the-go government (Federal Times) On Dec. 22 the Senate passed the Connected Government Act, a bipartisan bill that would require the Office of Management and Budget to report on agency websites’ compliance with mobile usability.

Litigation, Investigation, and Law Enforcement

Putin says St. Petersburg supermarket bombing was terrorism (Reuters) Russian President Vladimir Putin said a bomb blast in a St. Petersburg supermarket on Wednesday was an act of terrorism, and that security forces whose lives were threatened by terrorist suspects should shoot to kill if necessary.

Kremlin trolls burned across the Internet as Washington debated options (Washington Post) The Russian disinformation threat went uncontested as it metastasized.

Jailed Russian says he hacked DNC on Kremlin’s orders and can prove it (McClatchyDC) A jailed Russian who says he hacked into the Democratic National Committee computers on the Kremlin’s orders to steal emails released during the 2016 U.S. presidential election campaign now claims he left behind a data signature to prove his assertion.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

International Conference on Cyber Security: Forging Global Alliances for Cyber Resilience (New York, New York, USA, January 8 - 11, 2018) The Federal Bureau of Investigation and Fordham University will host the Seventh International Conference on Cyber Security (ICCS 2018) on January 8-11, 2018, in New York City. ICCS is held every eighteen...

2018 Leadership Conference (Arlington, Virginia, USA, January 17 - 19, 2018) We invite you to join us for this unique opportunity to share information, participate in leadership training, collaborate on solutions to common problems, and network with peers from around the globe.

CYBERTACOS (Arlington, Virginia, USA, January 24, 2018) CYBERTACOS is back and becoming one of the DC metro area’s biggest cybersecurity networking events! Register today and join us for networking, food and drinks. This event includes a 45-minute meet the...

Connected Medical Device & IOT Security Summit (Baltimore, Maryland, USA, January 25 - 26, 2018) The Summit will offer practical solutions to many of the daunting security challenges facing medical device and connected health technology companies, healthcare providers, payers and patients. The program...

CyberUSA (San Antonio, Texas, USA, January 29 - 30, 2018) The CyberUSA Conference will be held in San Antonio, TX at the Henry B. Gonzalez Convention Center on Tuesday, January 30, 2018. A welcome reception will be held on the evening of Monday, January 29, 2018.

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.