skip navigation

More signal. Less noise.

Daily briefing.

Some of everyone's favorite hackers, hacktivists, agents, crooks, or sockpuppets (take your pick—for some reason it's still controversial) return to the cyberstage as the week comes to a close.

The ShadowBrokers, they of the Heckawi-accented, scriptwriter's broken English, take a bow and exit, not, we think, pursued by a bear (the bears have other pursuits, right Fancy?) but because they see much risk and few Bitcoins, sez they. In any case they release a bunch of alleged Equation Group weapons and say, in effect, do svidaniya, we're outta here. Wealthy Elite will miss them.

The other bow, this one an entrance, is from Guccifer 2.0, who says "I have totally no relation to the Russian government." So that settles that, eh?

Cellebrite, the mobile forensics firm that established a reputation as law enforcement's go-to shop for unlocking smartphones, confirms that it's suffered a data breach. Motherboard says the lost data include databases, customer information, and technical notes on the company's offerings.

WhatsApp suffers from a vulnerability widely but probably inaccurately characterized as a "backdoor."

More news and speculation about the Italian brother and sister accused of spying on Italian bigwigs for years with EyePyramid malware. Motives remain unclear, but may have involved insider speculation.

WordPress patches eight security issues. Google moves to key transparency and is widely applauded for it by crypto experts.

ENISA offers a report on best practices for securing connected cars.

The outgoing Obama Administration loosens restrictions on NSA's sharing of raw data with other agencies.

Notes.

Today's issue includes events affecting Australia, Belgium, China, India, Democratic Peoples Republic of Korea, Luxembourg, Netherlands, Nigeria, Russia, Singapore, United Arab Emirates, United Kingdom, United States.

A note to our readers: This Monday, January 16th, is Martin Luther King Jr. Day in the US, and we'll be observing it by, among other things, taking a day off from publication. We'll be back as usual on Tuesday, January 17th.

In today's CyberWire podcast we hear from our partners at the Johns Hopkins University, as Joe Carrigan explains how to protect mobile phone numbers. We also have a guest, Allison Berke, Executive Director of Stanford University's Cyber Initiative. She describes the Initiative and its work.

Note that our podcast will also take Monday off in observance of Martin Luther King, Jr. Day.

If you've been enjoying the podcasts, please consider giving us an iTunes review.

A special edition of our Podcast is also available. It covers buying cyber security. Every day there seems to be a new security product on the market, with many of them claiming to provide something that you simply can’t live without. Companies appear and disappear, and businesses are faced with difficult, confusing, and often expensive choices. In this CyberWire special edition, we explore how businesses are navigating the process of choosing products and technologies in a crowded marketplace. We talk to some key stakeholders to find out what drives their purchasing decisions, and what they wished their vendors knew before they came knocking on their doors.

Cyber Security Lunch & Learn (Norfolk, VA, USA, February 2, 2017) Learn how to build a better security incident response program in 2017 from a SANS instructor and enterprise CISO! Earn CPE Credits.

Cyber Attacks, Threats, and Vulnerabilities

Shadow Brokers leak NSA-linked Microsoft hacking tools (CyberScoop) The mysterious group that claims to have stolen digital weapons once used by the National Security Agency published a trove of active Microsoft Windows software exploits on Thursday

Suspected NSA tool hackers dump more cyberweapons in farewell (CSO) The Shadow Brokers dumped the hacking tools online after attempting to sell a large cache for bitcoin

NSA-leaking Shadow Brokers lob Molotov cocktail before exiting world stage (Ars Technica) With 8 days before inauguration of Donald Trump, leak is sure to inflame US official

Power cut in Ukraine a cyber attack (Information Age) According to researchers investing an outage suffered by the Ukrainian power grid it was a cyber attack

How Russia hacks: FireEye analysis exposes main tactics used by 'Fancy Bear' (International Business Times) The APT28 threat group has targeted political groups, think tanks and journalists

Hacker Steals 900 GB of Cellebrite Data (Motherboard) The hackers have been hacked. Motherboard has obtained 900 GB of data related to Cellebrite, one of the most popular companies in the mobile phone hacking industry. The cache includes customer information, databases, and a vast amount of technical data regarding Cellebrite's products

Phone Hacking Company Falls Victim to Hackers (ABC News) Cellebrite, a digital forensics firm known for helping law enforcement crack into locked smartphones, has itself fallen victim to hackers

Mobile forensics firm Cellebrite confirms data breach (Help Net Security) Israeli mobile forensics firm Cellebrite has announced that it has suffered a data breach following an unauthorized access to an external web server

WhatsApp backdoor allows snooping on encrypted messages (Guardian) Exclusive: Privacy campaigners criticise WhatsApp vulnerability as a ‘huge threat to freedom of speech’ and warn it could be exploited by government agencies

Why the "WhatsApp Backdoor" is not a WhatsApp-backdoor (Slash Crypto) Today I read about this “new” discovery of a so called “backdoor” in WhatsApp. You can find the article of the Guardian here

Oh, for F...acebook: Critics bash WhatsApp encryption 'backdoor' (Register) S'OK. Just turn on your notifications – green messenger

Kraken Group Puts MongoDB Hijacking Script Up for Sale (Bleeping Computer) Almost nine days after attacks on MongoDB servers have ramped up, the number of ransacked databases has reached 32,380 hosts, and the number of groups involved in these attacks has grown to 21, after initially just one group had been involved

Brother and sister arrested for spying on Italian politicians for years (Help Net Security) Two Italian siblings have been arrested on Monday and stand accused of having spied on Italian politicians, state institutions and law enforcement agencies, businesses and businesspeople, law firms, leaders of Italian masonic lodges, and Vatican officials for years

Operation EyePyramid: Two Siblings Spied on Italy's Elite (Bleeping Computer) Italian authorities have arrested and charged two siblings for carrying out a cyber-espionage campaign against Italy's elite, with targets that varied from famous businessmen to high-ranking politicians, including Matteo Renzi, former Italian prime minister

Amazon scammers hijack seller accounts, lure users with good deals (Help Net Security) Amazon buyers are being targeted by clever scammers that either set up independent seller accounts or hijack those of already established, well-reputed sellers, then offer pricy items at unbeatable prices

Post-Holiday Cybercrime Still a Threat (Credit Union Times) Cybercriminals have not finished collecting their holiday gifts. That warning from Kaspersky Lab follows a 23% increase jump over the previous year in malware encounters by users

Is HPCL's Website Under Cerber Ransomware Attack? (InfoRisk Today) Research firm claims site hijacked, but HPCL Awaits CERT-In Review

Spammers Revive Hancitor Downloader Campaigns (Threatpost) A recent lull in the distribution of spam spreading information-stealing malware via the Hancitor downloader has been snapped

Experts predict more 'bad surprises' from digital hostage-takers (EnergyWire) While Americans fret about Russian hackers exposing private information, seeking to sway elections or even switching off the lights on the electric grid, Marcelo Branquinho warns of a much simpler cyberthreat that may be worming into critical computer systems

In 2016, these are the four ways how bots altered history (Security Affairs) 2016 was the biggest year by far for all sorts of bots. From Chatbots to bad bots, the past year was eventful to say the least

Ponzi Schemes Exposing Nigerians to Cyber-attacks–Deloitte (Leadership) Many Nigerians participating in various Ponzi schemes dotting the web are at great risk of losing valuables in terms of compromised data or money as they are exposed to cyber-attacks, a cyber-expert has warned

The gift that keeps giving away your data (Help Net Security) If you unwrapped a shiny, new connected device this holiday season, it’s likely that you’re in the honeymoon stage, reaping many benefits from your new device. However, this story about a smart toy that is popping up on a variety of news sources makes you think twice about what happens after the initial “oohs” and “ahhs” subside

C-Span Online Broadcast Interrupted by Russian Network (New York Times) At 2:30 p.m. on Thursday, Representative Maxine Waters was on the floor of the House of Representatives, arguing for the importance of the Securities and Exchange Commission

Security Patches, Mitigations, and Software Updates

Wordpress 4.7.1 Fixes CSRF, XSS, PHPMailer Vulnerabilities (Threatpost) WordPress developers are encouraging users of the content management system to apply a new update, pushed this week, to resolve eight security issues, including a handful of cross-site scripting (XSS) and cross-site request forgery (CSRF) bugs

FDA urges patients to implement patch to secure their cardiac implants (Help Net Security) Patients who have been implanted with pacemakers and defibrillators manufactured by US-based St. Jude Medical are urged to make sure that their Merlin@home Transmitter unit is plugged in and connected to the Merlin.net network, so that it can receive a critical security patch

Windows 10’s privacy dashboard aims to tackle data concerns (Naked Security) After 18 months of users’ howls, threats from the French privacy watchdog and a slap from the Electronic Frontier Foundation (EFF), Microsoft is making a series of changes to tackle privacy concerns around Windows 10

Key Transparency (Google (on Github)) Key Transparency provides a lookup service for generic records and a public, tamper-proof audit log of all record changes. While being publicly auditable, individual records are only revealed in response to queries for specific IDs

Cyber Trends

Flashpoint Releases Inaugural Bus Risk Intel (BRI) Decision Report (American Security Today) Cybercriminals, jihadists, nation-state cyber actors, hacktivists, and cyber attention-seekers received widespread global attention throughout 2016, laying the foundation for what is already shaping up to be an eventful and challenging 2017

Das Jahr der digitalen Erpressung (MaschinenMarkt) Schon im letzten Jahr beherrschten Cyberattacken die Schlagzeilen, darunter die sogenannte Ransomware oder auch die heiß diskutierten Hackerangriffe im US-Wahlkampf. Auch der Angriff auf Telekom-Router Ende des Jahres lässt für 2017 nichts Gutes erahnen – tatsächlich geben Experten für 2017 keine Entwarnung

Deloitte Makes 2017 Predictions for Machine Learning and Autonomous Technology (IoT Evolution) In a recent slate of 2017 predictions, Deloitte has said that more than 300 million smartphones, or more than one-fifth of units sold in 2017, will have machine learning capabilities within the device in the next 12 months

Cyberattacks – Are Americans Safe In Cyberspace? (Value Walk) Cyberattacks are an increasing problem but Americans are not that worried

Marketplace

Georgia launches new cyber innovation and training center (FedScoop) A new center, located in close proximity to U.S. Army Cyber Command, will bring together academia, private industry and government to develop state and local cyber standards

Maryland companies raised $300 million in venture capital in 2016 (Baltimore Sun) Maryland companies attracted $38.3 million in venture capital in the fourth quarter of 2016, down from $569.8 million the same quarter the previous year

Arxan Focuses on App-Level Security with Apperian Buy (Infosecurity Magazine) Mobile and internet of things (IoT) application security company Arxan has acquired Apperian

Network and IoT to underpin Trend Micro’s 2017 strategy (ARN) Channel centric push continues as vendor eyes the mid-market and enterprise

Should I Buy FireEye Inc (FEYE) Stock? 3 Pros, 3 Cons (Investor Place) FEYE stock has been a disaster, but things may be on the mend

Cylance Named a Top 50 Startup to Watch in Los Angeles (BusinessWire) Cylance’s rapid growth and artificial intelligence-based approach to endpoint security earns recognition from Built in Los Angeles

TopSpin Security Reports Banner Year with Record Sales (Top Tech News) TopSpin Security Reports Banner Year with Record Sales, Large Customer Wins and Expanding High-Profile Ecosystem in 2016 -- Sales Increased by 400 Percent as More Organizations and Service Providers Select Intelligent Deception and Detection for Improving Information Security

Former U.S. Army General and Cyber Commander Joins Thycotic For Cybersecurity Counsel (Yahoo! Finance) Thycotic, a provider of privileged account management (PAM) solutions for more than 7,500 organizations worldwide, has appointed former United States Army Lieutenant General Rhett Hernandez as a strategic advisor for the public sector surrounding cybersecurity. Hernandez culminated a 39 year career as the first commander for the United States Army Cyber Command, which is the Army's U.S. Cyber Command service component

Products, Services, and Solutions

Cybersecurity Visionary Nir Gaist Announces Expansion of Nyotron into the US Market (Marketwired) With the mission to secure the world, Nyotron introduces new threat-agnostic endpoint platform that blocks all malware attacks in real-time using patented operating system behavior pattern mapping technology

FreedomPay Expands Secure Commerce Platform with Microsoft Dynamics 365 Integration (Yahoo! Finance) FreedomPay today announced the integration of Microsoft Dynamics 365 with its PCI-validated commerce platform. The Dynamics 365 integration marks a significant milestone in a multi-year strategy to deploy an industry leading commerce platform that delivers world-class security, seamless connectivity to the point-of-sale and real-time data availability with the global scale and accessibility of the Azure cloud platform

Palo Alto Networks Releases Cybersecurity Guide (Investopedia) The cybersecurity company Palo Alto Networks Inc. (PANW) today announced the publication of a new guide for organizations in Singapore. It’s called “Navigating the Digital Age: The Definitive Cybersecurity Guide for Directors and Officers"

Carbon Black Redefines Incident Response With a 99% Decrease in Time Spent on Root-Cause Identification and Remediation With Cb Response 6.0 (Yahoo! Finance) Carbon Black, the leader in next-generation endpoint security, today announced the release of Cb Response 6.0, a new version of its market-leading incident response and threat-hunting solution that changes the game for security-operations teams by providing the only end-to-end IR solution with unlimited scalability

Guardtime's KSI blockchain in UAE healthcare pilot (International Business Times) NMC Health and telecom firm Du partner under UAE government's Global Blockchain Council

F-Secure 2017 (Tom's Guide) F-Secure's four paid antivirus products provide very good protection from the worst of the web, along with a small assortment of enhancements and extras. For the most part, the company's offerings also cost a bit less than competing products from other brands

Symantec Announces Xolphin as the First Encryption Everywhere Partner for Benelux and First Registration Authority in Europe (Yahoo! Finance) Symantec Corp., the world’s leading cyber security company, today announced that Xolphin, a Dutch market leader in reselling SSL Certificates, has signed on as a Symantec Encryption Everywhere partner in Europe, and is the first company to bring the program to the Benelux region. In March of 2016, Symantec announced its intent to help secure every legitimate website and web application. Symantec’s Encryption Everywhere program gives web hosting providers a single platform to deliver one of the most comprehensive security portfolios to their customers

British Telecom signs up Trend Micro to strengthen security in cloud (Financial Express) Leading providers of communications services and solutions British Telecom and Trend Micro, a global leader in cyber-security solutions on Thursday announced immediate availability of Trend Micro’s Deep Security data centre solution on BT’s Cloud

Free IoT Vulnerability Scanner Hunts Enterprise Threats (Dark Reading) A free IoT scanner from BeyondTrust looks for at-risk devices so organizations can pinpoint and address vulnerabilities

New infosec products of the week​: January 13, 2017 (Help Net Security) Denim Group enhances ThreadFix platform... Trend Micro TippingPoint launches 100 Gb standalone NGIPS... DataGravity for Virtualization protects data in the virtualized environments of SMEs... Thales delivers on-premises and SaaS Bring Your Own Key (BYOK) offering for Salesforce... IRONSCALES updates its automatic phishing mitigation solution... AppSense DesktopNow update supports Windows Server 2016 with Citrix XenApp... BlackMesh unveils government cloud solution platform... AVG launches security and tune-up products

Technologies, Techniques, and Standards

Ransomware is getting worse. Here’s how to stop it (IT Brief Australia) Ransomware is today’s most visible and most-talked-about cybersecurity threat. Afflicting consumers and enterprises alike, ransomware has attacked laptops, desktops and servers by encrypting data and destroying backups. These attacks have cost millions of dollars is ransom – that is, untraceable payments to hackers in the hope that they will send a decryption key and allow data to be recovered. Sometimes victims pay the ransom and don’t receive the decryption key, or find that the key doesn’t work, or even find another demand for even more money

How to Explain the Meteoric Rise of Threat Intelligence (Recorded Future) In the past, cyber security has been a largely reactive discipline. Now, threat intelligence enables companies to get ahead of their attackers, and avoid costly breaches. According to the latest research, over two thirds of organization have either implemented or plan to implement a threat intelligence solution. There are three primary ways in which using threat intelligence can enhance your security profile: Increasing speed and reliability of threat detection and prevention, tightening security controls, and facilitating decision making. The future of threat intelligence is likely to involve two primary elements: intelligence sharing and machine learning (or other AI breakthroughs)

Homeland’s biggest cybersecurity tool finally covers most of government (Federal Times) The Department of Homeland Security is now providing cybersecurity risk monitoring and response services to 93 percent of federal civilian executive branch networks, according to a Jan. 11 press release

Implementing ERP Vulnerability Management Process. Part 1 (ERPScan) This series of articles describes an approach to increase ERP security by leveraging proactive vulnerability management process and ERP security control solutions

Memory-Resident Malware Creating Forensics Challenges (InfoRisk Today) Verizon's Novak analyzes how the changing threat landscape changes breach detection

Who's Attacking Me? (SANS Internet Storm Center) I started to play with a nice reconnaissance tool that could be helpful in many cases - offensive as well as defensive. "IVRE" [1] ("DRUNK" in French) is a tool developed by the CEA, the Alternative Energies and Atomic Energy Commission in France. It's a network reconnaissance framework that includes

Containerisation: Why Traditional Security will End in Tears (CIOL) They are highly efficient, dynamic and cost-effective, but containers are a major blind spot for security teams

Marie Moe on Medical Device Security (Threatpost) Marie Moe, a research scientist at SINTEF of Norway, talks to Mike Mimoso about her personal and emotional connection to medical device security given that she has a pacemaker implanted in her that regulates her heart

The Sorry State Of Cybersecurity Awareness Training (Dark Reading) Rules aren't really rules if breaking them has no consequences

Enisa Report Looks to Boost Smart Car Security (Infosecurity Magazine) European security agency Enisa has released a new report designed to identify industry best practices in securing smart cars against cyber threats

Design and Innovation

Securing the Connected Car (Infosecurity Magazine) Often dubbed a “data center on wheels,” the connected car is one of the fastest-growing markets in the ecosystem that makes up the Internet of Things (IoT). The convergence of IoT and in-vehicle technologies, like remote diagnostics, on-board GPS, collision avoidance systems and 4G LTE Wi-Fi Hotspots, has paved the road for new and exciting opportunities in this industry

Research and Development

IBM: Hm, medical record security... security... Got it – we need blockchains (Register) Big Blue pretty sure it can sell more Watson boxes if this works

Academia

Tech 100: ‘We need to know how a malicious hacker will break into our network to understand how to defend it’ (Holyrood) Abertay University lecturer Dr Natalie Coull on the need to focus on offensive security within education

Legislation, Policy, and Regulation

DNI on cyberspace: An 'insidious progression of aggressiveness' (C4ISRNET) Director of National Intelligence James Clapper told the Senate Intelligence Committee that cyberspace is affording bold actors opportunities to be even more aggressive

E.O. 12333 Raw SIGINT Availability Procedures (IC on the Record) On January 3, 2017, the Director of National Intelligence, in coordination with the Secretary of Defense, issued the “Procedures for the Availability or Dissemination of Raw Signals Intelligence Information by the National Security Agency under Section 2.3 of Executive Order 12333” (the “Raw SIGINT Availability Procedures”). The procedures were approved by the Attorney General on January 3, 2017

A lot more people will now have access to the NSA’s raw surveillance data (Verge) The Obama administration has greatly expanded the NSA’s power to share raw intelligence within the US government, as reported by The New York Times. The new rules were signed by the attorney general on January 3rd, putting them into effect less than three weeks before President-elect Donald Trump’s inauguration

N.S.A. Gets More Latitude to Share Intercepted Communications (New York Times) In its final days, the Obama administration has expanded the power of the National Security Agency to share globally intercepted personal communications with the government’s 16 other intelligence agencies before applying privacy protections

NSA to share data with other agencies without “minimizing” American information (Ars Technica) Rules opposed by civil liberties and privacy advocates

Just in Time for Trump, the NSA Loosens Its Privacy Rules (Wired) As the privacy and civil liberty community braces for Donald Trump’s impending control of US intelligence agencies like the NSA, critics have called on the Obama administration to rein in those spying powers before a man with a reputation for vindictive grudges takes charge. Now, just in time for President-elect Trump to inherit the most powerful spying machine in the world, Obama’s Justice Department has signed off on new rules to let the NSA share more of its unfiltered intelligence with its fellow agencies—including those with a domestic law enforcement agenda

Defense Secretary Nominee Cautions Against 'Stumbling' Into Cyberwar (Nextgov) Retired Gen. James Mattis called for a comprehensive cyber doctrine to respond to cyberattacks when testifying during his Senate confirmation hearing Thursday

Can government alone protect cyberspace? (FCW) Will the federal government be overwhelmed as the sole entity responsible for identifying, protecting and responding to threats in cyberspace?

Ex-US National Security Official Clarke: Regulation Key To Protecting ICS/SCADA From Cyberattacks (Dark Reading) Richard Clarke proposes a Y2K-style approach to beefing up security for critical infrastructure

Trump asks Giuliani to help with cybersecurity (Federal Times) Former New York City Mayor Rudy Giuliani finally has a job in the incoming Trump administration

What Does Rudy Giuliani Actually Know About Cybersecurity? (Motherboard) Rudy Giuliani is going to head a new Cybersecurity Working group for the Donald Trump transition team, a move that has caused many to reflexively wonder: What does the former mayor of New York know about cybersecurity?

Trump's cyber-guru Giuliani runs ancient 'easily hackable website' (Register) Stunned security experts tear strips off president-elect pick hours after announcement

Obama's former CIA director backs Trump's pick for the job (The Hill) Former CIA Director Leon Panetta on Thursday said he supports President-elect Donald Trump’s pick to fill the position

Trump's CIA nominee wants a massive surveillance database of Americans (PC World) Senators question how Pompeo would limit his proposed U.S. metadata database

Hub for Cyber Command defensive ops fully operational by 2018 (C4ISRNET) The defensive operational arm of Cyber Command – Joint Force Headquarters-DoDIN – is slated for full operational capability for the beginning of 2018

Neller: ‘We Need a Fifth-Generation Marine Corps’ (Sea Power) Fighting and winning against emerging peer competitors will require a “fifth-generation Marine Corps” capable of competing in technological domains, as well as the traditional air, sea and land kinetic arenas, the top Marine officer said Jan. 12

Marine Corps May Get a Cyber-Only MOS (Military[.]com) The top officer of the Marine Corps wanted to expand the service's cyber community, and he's looking at ways to make the job more appealing to qualified Marines

U.S. Air Force creates group to recruit cyber nerds for weapons programs (Alamogordo News) The US Air Force is forming a troop of cyber geeks hand-picked from the commercial technology sector to solve software problems on troubled weapons programs, the service’s top civilian announced Friday

Litigation, Investigation, and Law Enforcement

FBI, Justice Department to be investigated over Clinton probe (CNN) The Justice Department's internal watchdog announced Thursday it has launched a probe into the department and the FBI's handling of the investigation into Hillary Clinton's private email server

Russia ‘also hacked RNC’ – but not Trump’s campaign (Naked Security) As well as the Democratic National Committee (DNC) and emails, Russia also successfully hacked campaigns and emails from the Republican National Committee (RNC) during last year’s presidential election, according to FBI director James Comey, the heads of National Intelligence, the CIA and the NSA

Guccifer 2.0 Speaks: ‘I Have Totally No Relation To the Russian Government’ (Mediaite) U.S. intelligence agencies have made it very clear that they believe Russia tried to influence the election. Heck, even President-elect Donald Trump said he finally agrees with that, even though he disparaged the intelligence community when the initial reports came out

Guccifer 2.0, alleged Russian cyberspy, returns to deride US (CSO) Guccifer 2.0 claimed he was behind the DNC hack back in June

It's the Russians! ...Or is it? Cold War Rhetoric in the Digital Age (Institute for Critical Infrastructure Technology) Malicious actors can easily position their breach to be attributed to Russia. It’s common knowledge among even script kiddies that all one needs to do is compromise a system geolocated in Russia (ideally in a government office) and use it as a beachhead for attack so that indicators of compromise lead back to Russia

‘It’s not how hacking works’: Anonymous activist deconstructs ODNI report on ‘Russia hackers’ (RT) A member of the hacktivist network Anonymous has debunked the assertion that US intelligence report on Russia’s alleged hacking of the DNC proves a particular party’s guilt, explaining that such claims show a lack of understanding of how hackers operate

Trump on Hack: 'I Think It Was Russia' (InfoRisk Today) President-elect discusses Intelligence Community's report at press conference

'Explosive' Report Details Alleged Russia-Trump Team Ties (GovInfo Security) Report claims Kremlin possesses personal, financial 'Kompromat' on Donald Trump

Ex-Spy Who Reportedly Assembled Trump Dossier Appears To Be In Hiding (NPR) In the closing weeks of 2016, an explosive document was floating around in media and security circles. Reporters tried, and failed, to verify the claims it contained — that Donald Trump colluded with Russia, and the Kremlin held lurid blackmail material as leverage over Trump. Reporting on the document, which was first compiled as opposition research, was rare and carefully vague

Biden: Intel officials told us Trump allegations might leak (Military Times) Vice President Joe Biden said Thursday that top intelligence leaders told him and President Barack Obama they felt obligated to inform them about uncorroborated allegations about President-elect Donald Trump out of concern the information would become public and catch them off-guard

Why Are the Trump Allegations Hanging Around When They Haven’t Been Substantiated? (Lawfare) What is one to make of the apparent inability of press and government alike to verify the allegations in the Trump dossier combined with the cache of documents’ apparent staying power?

The CIA is not to be trusted (The Week) One of the more darkly amusing things to watch in modern politics is the rapid see-sawing of public opinion around questions of partisan advantage. Thus as Vladimir Putin was perceived to be a friend to American conservatives, his favorability rating among Republicans improved by some 56 points nearly overnight

Report: Anthem Breach Was Caused by a Foreign Government (eSecurity Planet) CrowdStrike analysts determined the identity of the attacker, and concluded that the attacker was acting on a foreign government's behalf

EPA: Fiat Chrysler Used Emissions-Cheating Software (Wall Street Journal) Auto maker allegedly used software on recent diesel-powered Jeep Grand Cherokee and Ram trucks allowing illegal emissions, EPA says

Insurer hit with fine after unencrypted NAS stolen (Naked Security) Royal & Sun Alliance (RSA) has been handed a big fine by the Information Commissioner (ICO) for losing a networked hard drive full of unencrypted customer data in strange circumstances

Top admin of Tor child porn site gets 20 years in prison (Ars Technica) Playpen users were targeted with FBI hacking techniques

Lawyer sues Chicago police, claims they used stingray on him (Ars Technica) First civil case to allege unconstitutional stingray use by police

Routine Police Smartphone Downloads Raise Privacy and Security Fears (Infosecurity Magazine) Police forces across the UK are using secret data extraction technology to analyze smartphones, but poor training and security practices and an absence of audit trails could be putting user privacy and data security at risk, it has emerged

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

SANS Security East 2017 (New Orleans, Louisiana, USA, January 9 - 14, 2017) Start the year off right by choosing from outstanding, cutting-edge courses presented by our top-rated instructors. SANS is looking forward to an exciting kickoff of 2017 with SANS Security East 2017 in...

Cybersecurity of Critical Infrastructure Summit 2017 (College Station, Texas, USA, January 11 - 13, 2017) An inaugural event to convene thought-leaders, experts, and strategic decision makers from government, industry, and academia to discuss the technology and policy implications of the ever-evolving cyber-threats...

ShmooCon 2017 (Washington, DC, USA, January 15 - 17, 2017) ShmooCon is an annual east coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software and hardware solutions, and...

SANS Las Vegas 2017 (Las Vegas, Nevada, USA, January 23 - 28, 2017) Attend SANS Las Vegas 2017, where SANS will provide outstanding courses in IT security, forensics, and security management presented by the best cybersecurity teachers in the country. At SANS events you...

BlueHat IL (Tel Aviv, Israel, January 24 - 25, 2017) Announcing BlueHat IL – a special edition of Microsoft's leading cyber security conference for top professionals, to be held for the very first time in Tel Aviv, Israel. Over the past 10 years, BlueHat conferences have drawn the brightest minds in security to discuss key industry challenges. And now, BlueHat IL is here to crank it up by exploring and creating new cyber security thoughts and boundaries. This exclusive, by invitation only, single track event will host top cyber security professionals from around the world, who will come together to tackle the present and peek into the future. It will feature brilliant speakers and focus on breakthrough research, key trends and emerging threats in the field. Registration closes December 28.

SANS Cyber Threat Intelligence Summit & Training 2017 (Arlington, Virginia, USA, January 25 - February 1, 2017) Join SANS at this innovative Summit as we focus on enabling organizations to build effective cyber threat intelligence analysis capabilities. Most organizations are familiar with threat intelligence, but...

Blockchain Protocol and Security Engineering (Stanford, California, USA, January 26 - 27, 2017) This conference will explore the use of formal methods, empirical analysis, and risk modeling to better understand security and systemic risk in blockchain protocols. The conference aims to foster multidisciplinary...

National Credit Union - Information Sharing & Analysis Organization - 2017 Tech Conference (Cape Canaveral, Florida, USA, January 31 - February 2, 2017) Join us for three days of Cyber Security topics that are pertinent to Credit Union cyber resilience, real-time security situational awareness information sharing, and coordinated response in the global...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.