skip navigation

More signal. Less noise.

Daily briefing.

Ukrainian authorities have directly and unambiguously blamed Russia for last week's Petya/Nyetya/NotPetya attacks. They've also called in international partners, including Interpol and the FBI, to help with the investigation. The threat actor held to be responsible is the group known as Telebots or Sandworm, a Russian actor also associated with attacks on Ukraine's power grid.

Last week's campaign is now clearly seen as destructive and disruptive, and not a ransomware attack at all. Affected organizations continue their recovery. The experience of Maersk is instructive: last Thursday the shipping company told customers its operations had resumed at a "now close to normal" rate, although some clients reported continuing difficulties. 

FedEx's TNT Express subsidiary was also heavily affected, with disruptions reported into the weekend.

US Government warnings last Friday of phishing campaigns successfully targeting nuclear power installations may have been premature. In any case, the Nuclear Energy Institute has said that no US nuclear plants had been penetrated. 

The European Union and some of its member states signal a determination to police data security, competitive practices, and extremist speech. Germany has enacted a law that would impose harsh penalties on services that permit hate speech (a look at existing measures to identify such speech suggest the problem remains unsolved). The EU's Commissioner for Competition urged companies to sue Google for anti-competitive practices (this would be in addition to EU fines). 

Kaspersky Lab will show its source code to the US Government. Russia mulls retaliation if Kaspersky is barred from US Defense work.

Notes.

Today's issue includes events affecting Australia, Denmark, Germany, Ghana, Hungary, India, Israel, Mali, Netherlands, Nigeria, Pakistan, Qatar, Russia, Saudi Arabia, South Africa, Syria, Ukraine, United Kingdom, United States.

A note to our readers: we'll be taking tomorrow off, in observance of Independence Day. Our Podcast and our Daily News Briefing will be back Wednesday on our usual schedule. In the meantime, however you celebrate the Amexit of 1776, enjoy the 4th.

In today's podcast, Markus Rauschecker, from our partners at the University of Maryland's Center for Health and Homeland Security, discusses companies using kidnap insurance for ransomware claims. 

BSides Las Vegas (Las Vegas, Nevada, USA, July 25 - 26, 2017) BSides Las Vegas isn’t another “talk at you” conference. Everyone at BSides is a participant. Track after track, year after year, the security researchers, engineers, analysts and managers that present at BSidesLV are looking to engage our participants and be engaged by them. Our presenters don’t talk at you, they converse with you. Come join the conversation!

Cyber Attacks, Threats, and Vulnerabilities

Ukraine power company says hit by second cyber attack Thursday (Reuters) Ukrainian state power distributor Ukrenergo was hit by another cyber attack on Thursday which used a computer virus different from one that hit Ukraine on Tuesday, said Ukrenergo's acting head said.

Ukraine Blames Russian Security Services for Recent Cyber Attack (Fortune) A Kremlin spokesman dismissed 'unfounded blanket accusations.'

Early indications point to Russian hacking group for Petya attack (Cyberscoop) The main suspect behind the recent global ransomware attack is a hacking group with suspected ties to Russia and a history of launching destructive computer viruses, according to research conducted by Czech cybersecurity firm ESET. The company has pegged the attack to a group known as Telebots or Sandworm.

Security Firms Find Thin Lines Connecting NotPetya to Ukraine Power Grid Attacks (BleepingComputer) On Friday, three cyber-security firms have come forward with reports or statements that link the NotPetya ransomware outbreak to a cyber-espionage group known for a large number of past cyber-attacks, such as the one on Ukraine's power grid in December 2015.

TeleBots are back: supply-chain attacks against Ukraine (WeLiveSecurity) This blogpost reveals many details about the Diskcoder.C (aka ExPetr or NotPetya) outbreak and related information about previously unpublished attacks.

More Security Firms Confirm NotPetya Shoddy Code Is Making Recovery Impossible (BleepingComputer) The bandwagon of cyber-security firms claiming that NotPetya was meant for destructive purposes is getting more crowded by the day, with three new additions from Cisco Talos, F-Secure, and Malwarebytes.

We thought the internet was broken by people trying to get money. The truth is much more worrying (The Independent) The cyber attack that broke many of the world's biggest companies was intent only on destruction.

Global cyberattack looks more like 'sabotage' than ransomware - experts (CNNMoney) Cybersecurity experts believe it was sabotage, not cash, that may have motivated the hackers behind this week's crippling global cyberattack.

A technical analysis of the recent Petya ransomware attack (Quick Heal Technologies Security Blog) Earlier this week, a new variant of Petya Ransomware was spotted which was creating havoc all over Europe as well as major parts of Asia including India. The major target for Petya has been Ukraine as its major banks and also the power services were hit by the attack. It’s...

U.S. warns businesses of hacking campaign against nuclear, energy firms (Reuters) The U.S government warned industrial firms this week about a hacking campaign targeting the nuclear and energy sectors, the latest event to highlight the power industry's vulnerability to cyber attacks.

U.S. trade group says no nuclear power plants have been hacked (Reuters India) No U.S. nuclear power plant has been penetrated in a cyber attack, an industry spokesman said on Saturday, when asked to comment on a U.S. government warning last week about a hacking campaign targeting the sector.

Deliveries 'in limbo' with FedEx's TNT 'significantly affected' by cyber attack (ABC News) Australians and businesses waiting on deliveries by FedEx's TNT Express say they have been left in limbo after the company is significantly affected worldwide by a cyber attack.

Maersk accepting bookings once more in the wake of devastating cyber attack as ports also reopen (Load Star) Maersk’s container operations appear to be recovering following the debilitating cyber attack on its systems earlier this week.

Cyber authority says hospital hack attack much smaller than believed (The Times of Israel) Despite previous reports, incident apparently not connected to worldwide ransomware virus

Staying humble is key to staying safe, says Israel’s cyber chief (The Times of Israel) Last week’s hospital cyber-attack was no big deal and the electoral system is secure, according to Cyber Bureau head Eviatar Matania, who’s both worried and confident

OutlawCountry Is CIA's Malware for Hacking Linux Systems (BleepingComputer) WikiLeaks dumped today a manual describing a new CIA malware strain. Called OutlawCountry, this is malware designed for Linux operating systems.

Vulnerabilities Found in German e-Government Communication Library (Dark Reading) Researchers find critical flaws in secure communications protocol used in areas including population registration, justice and public health systems.

Al-Qaida-linked Mali Extremists Release Hostage Video (VOA) Video shows Stephen McGowan of South Africa, Elliot Kenneth Arthur of Australia, Iulian Ghergut of Romania, Beatrice Stockly of Switzerland, Gloria Cecilia Narvaez of Colombia and Sophie Petronin of France

Foreign jihadist media group rallies against West in video (FDD's Long War Journal) German jihadist Andreas Muller speaking in the video Al Muhajirun, a media organization linked to foreign jihadists in Syria, recently released a video highlighting the supposed degradation of Western society.

8tracks Hit With Breach of 18 Million Accounts (Dark Reading) Hackers attack Internet radio user database, gaining access to email addresses and encrypted passwords.

Feedback scammers attempting to extort millions from 5,000 major companies (Graham Cluley) Can you trust that .feedback site really belongs to who you think it belongs?

So You Think You Can Spot a Skimmer? (KrebsOnSecurity) This week marks the 50th anniversary of the automated teller machine — better known to most people as the ATM or cash machine.

Majority of Sites Fail Mozilla’s Comprehensive Security Review (Threatpost) A thorough review of the top 1 million websites reveals 93 percent fail Mozilla’s Observatory security review.

The Biggest Cybersecurity Disasters of 2017 So Far (WIRED) The first six months of 2017 have seen an inordinate number of cybersecurity meltdowns.

Security Patches, Mitigations, and Software Updates

Siemens Patches Critical Intel AMT Flaw in Industrial Products (Threatpost) Siemens patched a recently disclosed vulnerability pertaining to systems with specific Intel processors. If exploited, the flaw could let an attacker gain system privileges.

Cyber Trends

Hackers Find ‘Ideal Testing Ground’ for Attacks: Developing Countries (New York Times) Often the best way to see if a cyberweapon works is to try it out in a country without the best digital defenses, as recent attacks have indicated.

Opinion | A cyberattack swept across the globe last week. We should be ready for more. (Washington Post) The danger is becoming more widespread.

Another Ransomware Attack? Welcome to The New Normal (Level 3) What happens when you combine the structure and focus of organized crime with the sophistication and scale of a nation state? You have two global

Understanding the motives behind cyber attacks can help prevent them (Information Age) Exploring the motives behind the recent cyber attacks is the key to prevention, but ultimately companies must patch the root cause

Wake-up call for cyber security (Strategic Risk) Lessons to be learned from last month’s global WannaCry ransomware attack

Why Petya, Like WannaCry, Signals A New Era Of Cybercrime (Information Security Buzz) Petya and WannaCry are the tip of the iceberg in a new era of global, distributed cyberattacks that are affecting all industries and geographies.

WannaCry Outbreak: Watershed Moment (BankInfo Security) When malware comes gunning for your national health service, you're going to take it personally. And that's just one reason why the WannaCry outbreak in particular

Businesses warned that cyber attack start of all-out war on data (Irish Examiner) This week’s attack on Europe’s computer networks marked the beginning of a sinister all-out war on business data with no chance of recovery, according to one of Ireland’s top cyber security experts.

After the WannaCry ransomware campaign, why aren't people patching? (SC Media UK) A massive ransomware campaign attacked countless endpoints for the second time in just over a month, exploiting a vulnerability that had been patched months earlier. SC asks, why does this keep happening?

Tuesday's cyberattack shows why old tech is scarier than Hollywood AI (CNNMoney) While not as sexy as killer robots, pieces of bad code, unpatched software, weaponized malware and aging technology can have a real -- and detrimental -- impact.

‘A single boxer in a ring is not a winner’ (The Hindu) ‘Those protecting critical infrastructure think they are safe; that’s because hackers are busy elsewhere making money’

Marketplace

10 Reasons Your Business Needs Cyber Liability Insurance (IT News Africa) New technology means new risks. The internet asks a lot of questions of its users.

Cyber-security graduates now hot property on the job street (The Economic Times) Demand for graduates specialising in cyber security has shot up to an all time high, and universities are introducing these programmes to cater to the growing requirements.

Hackers reap rich rewards by exposing system weak spots (Times) British hackers are earning hundreds of thousands of pounds helping international companies to spot bugs in their computer systems. They are being paid to identify areas vulnerable to data breaches...

IBM expands New Collar Tech Career Training opportunities for veterans (1440 WAJR) Over 2,000 veterans will be hired by IBM for training initiative that will certify veterans in the use of IBM software widely used by law enforcement, cybersecurity, and national security agencies.

Microsoft acquires Cloudyn (Notebook Check) This new acquisition aims to help the Redmond giant improve its cloud services, more precisely Microsoft Azure. Cloudyn's technology allows enterprise customers to optimize their cloud-related spending.

IAI snaps up two foreign firms in cyber-defense push (The Times of Israel) Israeli aerospace and defense firm announces investment of millions of dollars in Dutch and Hungarian companies

‘Closer scrutiny’ by government urged in Sandvine takeover battle (Financial Post) Barry Critchley: Francisco Partners’ offer for network policy company Sandvine is raising alarm bells over the possibility of human rights abuses

Palo Alto Networks Leaks New Growth (Seeking Alpha) Stock prices rose over 17% to $139.97 towards the end of May, leading to Palo Alto Networks’ biggest gain since the company went public. Quarter 3 saw a 25% rev

How a Tiny Cybersecurity Firm Stopped a Global Ransomware Attack (We Greet You) Salim Neino had been waiting for something like WannaCry.

4 AI Cybersecurity Startups Using Predictive Analytics - Nanalyze (Nanalyze) The number of AI cybersecurity startups using predictive analytics to spot malware attacks and other intrusions before they begin are rapidly increasing.

AhnLab stock plunges as founder mired in political scandal (Korea Times) The stock price of AhnLab, the nation’s largest security software company, is hitting an all-time low this year amid a mounting political scandal surrounding the firm’s founder Ahn Cheol-soo.

DIUx taps Plurilock for AI authentication (GCN) Defense officials are adding an additional layer of security to workplace computing through an artificial-intelligence system that monitors keystrokes and mouse behavior of individual users.

Longtime cybersecurity exec to step down as BitSight CEO (Boston Business Journal) McConnon's previous three companies have been acquired for more than $1 billion total. His latest, BitSight, has been growing exponentially since its security-rating software hit the market in 2013.

FireMon strengthens European division with new Vice President (GlobeNewswire News Room) Tech veteran James Clegg to lead FireMon’s EMEA teams

Products, Services, and Solutions

GlobalPlatform simplifies management of privacy-enhanced ID documents (Security Document World) GlobalPlatform has published its Card Privacy Framework and Privacy-Enhanced ID Configuration.

Raytheon to provide Army with automatic speech recognition capability (C4ISRNET) Raytheon BBN Technologies has been awarded a $4 million Army contract for automated language translation.

5 best malware tracker maps to see security attacks happen in real-time (Windows Report) The Internet used to be a safe place when it was first launched.

Petya/NotPetya Cyber Attack Does Not Phase This SMB Owner (EIN News) Tie National provides effective cyber security to SMBs as protection from deadly cyber attacks.

Technologies, Techniques, and Standards

BCS Launches Blueprint to Prevent Another NHS WannaCry Epidemic (Infosecurity Magazine) BCS Launches Blueprint to Prevent Another NHS WannaCry Epidemic. Roadmap hopes to create a trusted, secure NHS by 2020

Basic Cybersecurity Hygiene Tips Are Ransomware Vaccine (Bloomberg BNA) Companies that follow basic cybersecurity hygiene are likely to avoid the ravages of global ransomware attacks such as the one that crippled thousands of computer systems June 27, cybersecurity pros...

Blockchain would have prevented Maersk cyber attack (Marine Electronics and Commnication) Blockchain technology would have saved shipping from this week’s Petya cyber attack that crippled the logistics IT systems of Maersk Group.

"Eternal Blues" Tool Tests Computers Against NSA's ETERNALBLUE Exploit (BleepingComputer) Security researcher Elad Erez has created a tool named Eternal Blues that system administrators can use to test if computers on their network are vulnerable to exploitation via NSA's ETERNALBLUE exploit.

Using nmap to scan for MS17-010 (CVE-2017-0143 EternalBlue) (SANS Internet Storm Center) With both WannaCry and NotPetya using MS17-010 for propagation it is important to be able to detect servers which are vulnerable.

Six Things to Do to Secure Your Linux System (IT Pro) Tuesday's Petya slam dunk by the bad guys, which may or may not have been a state sponsored swipe at Ukraine, was only one of several wake-up calls during the last couple of months for the folks taking care of IT security.

What In-House Lawyers Can Learn From the Cyberattack on DLA Piper (Corporate Counsel) There are some takeaways for law departments from the recent mess at DLA Piper.

This company deliberately deleted its customer email mailing list. Maybe you should too (Graham Cluley) With much tougher data protection regulations coming into force in March 2018 in the form of GDPR, it may be a canny move to securely wipe such information sooner rather than later.

8 Things Every Security Pro Should Know About GDPR (Dark Reading) Organizations that handle personal data on EU citizens will soon need to comply with new privacy rules. Are you ready?

An exclusive peek inside Cyber Command’s premiere annual exercise (C4ISRNET) C4ISRNET got an exclusive look at Cyber Flag, a military exercise focused on training and validating the Cyber Mission Force’s capabilities and readiness.

TLS security: Past, present and future (Help Net Security) Since the early days of the SSL/TLS protocols, the security community has been struggling with various attacks that have made many press headlines.

6 ways security pros unwittingly compromise enterprise security (CSO Online) Overwhelmed and eager to please, security professionals sometimes cut corners and take risks, unwittingly compromising enterprise security.

Worried about attacks? Maybe you're not getting hacked enough, report finds (TechRepublic) A HackerOne report makes it clear that bounty programs work. So why aren't more companies using them?

How to Obfuscate (Nautilus) What misinformation on Twitter and radar have in common.

5 Ripple Effects of Cyber Crime and How B2B Firms Can Overcome Them (Entrepreneur) With the rapid growth of cyber crime, businesses must demonstrate trust to consumers, while taking steps to protect data.

Design and Innovation

Digital force fields to stop terrorist vehicles (Times (London)) Digital force fields could be installed around sensitive buildings and bridges under government plans to prevent vehicles being used in terrorist attacks. The Department for Transport is...

Security Startup Taps Blockchain to Assign Unhackable Digital IDs (SDxCentral) The security firm Block Armour is using blockchain technology based on Hyperledger software to assign unhackable digital IDs.

The Blockchain Fuels Startups—Unlike Any You've Ever Seen (WIRED) Bitcoing was hailed as the digital currency of a utopian future, but, at least in the US, few people use it

BioCatch founder Avi Turgeman on the philosophy of artificial intelligence (Financial Times) When not reading Douglas Hofstadter, the tech entrepreneur is playing bass

Is IBM Watson A 'Joke'? (Forbes) On the May 8th edition of Closing Bell on CNBC, venture capitalist Chamath Palihapitiya, founder and CEO of Social Capital, created quite a stir in enterprise artificial intelligence (AI) circles, when he took on IBM IBM -0.19% Watson, Big Blue’s AI platform.

IBM Is Clueless About AI Risks (Gizmodo) Earlier this week, David Kenny, IBM Senior Vice President for Watson and Cloud, told the US Congress that Americans have nothing to fear from artificial intelligence...

AI Will Make Forging Anything Entirely Too Easy (WIRED) “Lordy, I hope there are tapes,” said an exasperated James Comey in his testimony before the Senate Intelligence Committee on June 8.

Research and Development

Computer Scientists: Passwords Can be Acquired from Brain Waves (Infosecurity Magazine) A study by computer scientists from University of Alabama at Birmingham and University of California Riverside suggests that passwords can be acquired from brain waves.

Academia

UMA cybersecurity program growing to keep up with industry (Kennebec Journal & Morning Sentinel) Some experts predict there will be 1.5 million job openings in cybersecurity by 2019.

BPCC labeled 'Center of Workforce Excellence in Cyber Technology' (KTBS) Today, Bossier Parish Community College unveiled its new designation as a Center for Workforce Excellence in Cyber Technology.

Young warriors train to fight future cyberwars (Gainesville Times) About 40 high school students have spent much of past two weeks learning how to hack a car with a computer, break into computer systems ...

Legislation, Policy, and Regulation

UK government threatens to launch drone strikes against hackers (HOTforSecurity) If there's one thing that everyone seems to be talking about at the moment, it's hacking. Recent hard-hitting ransomware attacks like WannaCry have made malware a talking point for the man in the street, and allegations persist that Russian hackers may have attempted to...

NATO and Cyberwar: Will Britain Invoke Article 5? (The American Spectator) On November 19, 1919, Congress rejected the Versailles Treaty ending World War I and with it the charter of the League of Nations which was a key part of it.

Can the CIA and NSA be trusted with cyber hacking tools? (NBC News) Both the WannaCry and Petya-variant attacks were based on exploiting software vulnerabilities revealed by leaks from the NSA.

The NSA’s Inadvertent Role in the Major Cyberattack on Ukraine (Slate Magazine) The Petya attack wasn’t just about money, like WannaCry. It was far more insidious.

The types of cyber weapons Cyber Command needs in its toolbox (Fifth Domain | Cyber) The tools Cyber Command needs to conduct its war-fighting mission are distinct from those used by NSA for espionage.

Modi in Israel: Cyber-security, defence deals and investment opportunities on agenda (International Business Times, India Edition) The three-day Israel visit of Prime Minister Narendra Modi from July 4 will see discussions on issues like cyber-security, defence deals and business investments. Read to know more.

Vote to ban Kaspersky irks Russia (Boston Herald) The Russians are threatening to retaliate if U.S. lawmakers try to ban the cybersecurity company Kaspersky Labs from Pentagon software contracts.

Spies Fear Trump’s First Meeting With Putin (The Daily Beast) The Kremlin thinks Putin will eat Trump’s lunch at the G-20 summit, European intelligence agencies have learned.

Private Sector Cyber Intelligence Could Be Key to Workable Cyber Arms Control Treaties (Lawfare) The Obama-Xi cybersecurity agreement shows that the private sector can both demonstrate and encourage state compliance with such agreements.

The Palace Intrigue at the Heart of the Qatar Crisis (Foreign Policy) The Saudis don’t believe the young emir of Qatar is really running the country — and they’re looking for regime change.

The Muslim Brotherhood Is the Root of the Qatar Crisis (The Atlantic) The Saudi-led bloc has made 13 demands of Doha, but they’re mostly about resolving one issue—and time is almost up.

Senators introduce 'cyber hygiene' bill (TheHill) Legislation directs federal government to develop best practices for safeguarding against cyber intrusions.

E-Crime Bureau boss appointed Cyber Security Advisor (My Joy) The Principal Consultant of Cyber Security firm, E-Crime Bureau, Albert Antwi Boasiako has been appointed Cyber Security Advisor to the Communications Ministry.

Why We're Encouring Ethical Hackers to Try and Hack the DHS (TIME) They could help protect the Department of Homeland Security from cyber attacks

Germany passes law with huge fines for Internet companies that don’t bar hate speech (Ars Technica) German legislators want hate speech removed within 24 hours.

Theresa May’s terror plans condemned (Times) Theresa May’s plans to fine technology companies for failing to remove extremist material online have been likened to the actions of a Chinese dictator by her own counterterrorism watchdog. Max...

By Facebook's Logic, Who is Protected from Hate Speach? (WIRED) For months now, social media companies have been grappling with how to minimize or eradicate hate speech on their platforms.

Gordon to become Principal Deputy Director of National Intelligence (C4ISRNET) President Trump has nominated the next Principal Deputy Director of National Intelligence.

Litigation, Investigation, and Law Enforcement

Kaspersky offers code to prove it's not a Russian stooge (Engadget) Kaspersky is offering source code to keep important US government security contracts.

In Worrisome Move, Kaspersky Agrees to Turn Over Source Code to US Government (Gizmodo) Over the last couple of weeks, there’s been a disturbing trend of governments demanding that private tech companies share their source code if they want to do business. Now, the US government is giving the same ultimatum and it’s getting what it wants.

Is So-called Islamic State Gaining Strength in Pakistan? (VOA) Analysts warn that while still relatively small, the extremist group is spreading swiftly in many areas where the government struggles to maintain law and order, including the restive Balochistan province

Germany gears up to defend against possible G20 cyber attacks (Reuters) Germany is girding itself for possible cyber attacks on next week's G20 summit in Hamburg, by hacker groups or cells linked to foreign governments, its top cyber official told Reuters.

Microsoft, Trump administration clash over email searches (ABC News) On the surface, the investigation was routine. Federal agents persuaded a judge to issue a warrant for a Microsoft email account they suspected was used for drug trafficking.

Trump voter-fraud panel’s data request a gold mine for hackers, experts warn (POLITICO) Cybersecurity specialists are warning that Trump’s commission on election integrity may unintentionally expose voter data to even more hacking and digital manipulation.

Cyber expert says GOP operative wanted to expose hacked Clinton emails (the Guardian) British internet security consultant Matt Tait’s allegations may shed new light on Russia’s election meddling and possible collusion by Trump aides

Warner: 'More clarity' in Russia probe 'in a couple of months' (POLITICO) The Virginia Democrat says there is still much to be sorted out.

Despite recusal, Sessions offers advice on Trump-Russia probe (POLITICO) Sessions' top aide implied that the attorney general would not field such media inquiries because of his recusal.

Feds: Mexican motorcycle club used stolen key data to fuel massive Jeep heist (Ars Technica) “Hooligans” club and its criminal “Dirty 30” wing allegedly stole across San Diego.

Sue Google, Brussels regulator urges rivals (Sunday Times) Europe’s competition chief has urged companies that believe they have been hurt by Google’s “illegal behaviour” to sue for lost earnings. Margrethe Vestager, the European Commission’s anti-trust...

Feds: Mexican motorcycle club used stolen key data to fuel massive Jeep heist (Ars Technica) “Hooligans” club and its criminal “Dirty 30” wing allegedly stole across San Diego.

Sue Google, Brussels regulator urges rivals (Sunday Times) Europe’s competition chief has urged companies that believe they have been hurt by Google’s “illegal behaviour” to sue for lost earnings. Margrethe Vestager, the European Commission’s anti-trust...

How Margrethe Vestager went after Google (POLITICO) Google, rival companies, even commissioner’s team kept in the dark about record-breaking fine.

Exclusive-India presses Microsoft for Windows discount in wake of cyber attacks (The Indian Express) Microsoft officials in India have "in principle agreed" to the request for a discount in prices following the recent cyber attacks, Gulshan Rai, India's cyber security coordinator, told Reuters over the phone on Friday. A spokeswoman for Microsoft in India, however, declined to comment on the matter.

Centrelink hacking into fraudster's phones with anti-terror tech (The Sydney Morning Herald) Govt departments using controversial tech to unlock suspects' phones

Protesters Physically Block HQ of Russian Web Blocking Watchdog (TorrentFreak) Russia's Internet watchdog Rozcomnadzor had a taste of its own medicine this week when activists visited its headquarters to protest against increasing web-blocking. Rozcomnadzor's St. Petersberg's offices were barricaded with a stack of boxes, each with a label demanding freedom for the 'blocked citizens of Russia.'

Nigeria: Two Years After, Niger Delta States Continue Controversial Spying Programs (allAfrica.com) Two years after PREMIUM TIMES revealed that four South-South states were running illegal surveillance programmes to intrude into privacy of their residents and target opposition, latest findings by this newspaper suggest that the states have not backed down on the controversial operation.

Man Pleads Guilty to Stealing Bitcoin From Other Dark Web Criminals (BleepingComputer) A Connecticut man pleaded guilty last week to stealing Bitcoin from users of Dark Web marketplaces, said the Department of Justice on Tuesday.

Film review: ‘Risk’ shines uncompromising spotlight on Julian Assange and Wikileaks (Naked Security) A new film about Wikileaks should please those who believe in its importance – but doesn’t please the activist group’s founder

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

CyberSecurity International Symposium (Chcago, Illinois, USA, July 10 - 11, 2017) The Symposium will take an in-depth look at the latest cyber security threats and trends, as well as real-world strategies for securing critical networks and data in enterprise, commercial, government...

East Midlands Cyber Security Conference and Expo (Leicester, England, UK, July 11, 2017) The conference and expo will bring together over 150 businesses, information security providers and key influencers to discuss the threats posed by online criminals and the practical ways in which business...

Electronic Warfare Olympics & Symposium (Colorado Springs, Colorado, USA, July 13 - 14, 2017) The 2017 Electronic Warfare Olympics & Symposium will improve the capability, and marketability, of spectrum warriors by building the local EW/IO community. and bringing awareness to the capabilities in...

3rd Edition CISO Summit India 2017 (Mumbai, India, July 14, 2017) Cyber security has gone through a tremendous change over the last couple of months. Ecosystem disruptions like demonetization, emergence of payment banks and fintech play have put technology as the sine...

CYBERCamp2017 (Herndon, Virginia, USA, July 17 - 28, 2017) Always wondered what “cyber attacks” really are? How a special group of cyber warriors protect and defend our banks, stores, and electric plants every second? Join experts from the FBI and the foremost...

National Insider Threat Special Interest Group - Insider Threat Symposium & Expo (Laurel, Maryland, USA, July 18, 2017) The National Insider Threat Special Interest Group (NITSIG) is excited to announce that it will hold a 1 day Insider Threat Symposium & Expo (ITS&E), on July 18, 2017, at the Johns Hopkins University Applied...

2nd Annual Billington Automotive Cybersecurity Summit (Detroit, Michigan, USA, July 18, 2017) The 2017 Billington Automotive Cybersecurity summit will build on the 2016 inaugural summit that brought together a who’s who of speakers including the CEO of GM and the Secretary of Transportation, prestigious...

SANSFIRE 2017 (Washington, DC, USA, July 22 - 29, 2017) Now is the time to advance your career and develop skills to better protect your organization. At SANSFIRE 2017, choose from over 45 hands-on, immersion-style security training courses taught by real-world...

ISSA CISO Executive Forum: Security Awareness and Training--Enlisting your entire workforce into your security team (Las Vegas, Nevada, USA, July 23 - 24, 2017) The gap in Security skills in the workforce have put the pinch on Security teams. Join us to learn how to get lean by empowering the rest of your organization to understand and manage security risks. We’ll...

AFA CyberCamp (Pittsburgh, Pennsylvania, USA, July 24 - 28, 2017) The AFA CyberCamp program is designed to excite students new to cybersecurity about STEM career opportunities and teach them important cyber defense skills through hands-on instruction and activities.

BSides Las Vegas (Las Vegas, Nevada, USA, July 25 - 26, 2017) BSides Las Vegas isn’t another “talk at you” conference. Everyone at BSides is a participant. Track after track, year after year, the security researchers, engineers, analysts and managers that present...

Cross Domain Support Element Summer Workshop 2017 (Laurel, Maryland, USA, July 25 - 26, 2017) The Unified Cross Domain Services Management Office (UCDSMO) is presenting a two-day workshop for the benefit of the Cross Domain Support Element (CDSE) Offices, and the personnel who support them. Topics...

Black Hat USA 2017 (Las Vegas, Nevada, USA, July 26 - 27, 2017) Now in its 20th year, Black Hat is the world’s leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2017 kicks off with four days...

RSA Conference 2017 Asia Pacific & Japan (Singapore, July 26 - 28, 2017) RSA Conference 2017 Asia Pacific & Japan is the leading information security event in the region. Join us for three days of high quality education, engaging content and valuable networking. Get exposure...

DEF CON 25 (Las Vegas, Nevada, USA, July 27 - 30, 2017) You know how we know it’s almost DEF CON? The Southwest is having a heat wave, that ancient tweet about the Feds (allegedly) not appreciating the ‘Spot the Fed’ contest is back and the interwebz are buzzing...

North American International Cyber Summit (Detroit, Michigan, USA, July 30, 2017) In its sixth year, the cyber summit brings together experts from across the globe to address a variety of cybersecurity issues impacting the world of business, education, information technology, economic...

Cyber Texas (San Antonio, Texas, USA, August 1 - 2, 2017) CyberTexas was established to provide expanded access to security developments and resources located in Texas; provide an ongoing platform for the education and skill development of cyber professionals...

Cyber Security Summit: Chicago (Chicago, Illinois, USA, August 8, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Chicago Receive...

PCI Security Standards Council: 2017 Latin America Forum (Sao Paulo, Brazil, August 9, 2017) Join your industry colleagues for a full day of networking and one-of-a-kind partnership opportunities. Whether you want to learn more about updates in the payment industry or showcase a new product, you’ll...

2017 DoDIIS Worldwide Conference (St. Louis, Missouri, USA, August 13 - 16, 2017) Hosted annually by the DIA Chief Information Officer, the DoDIIS Worldwide Conference features a distinguished line-up of speakers and an extensive selection of breakout sessions allowing attendees to...

SANS New York City 2017 (New York, New York, USA, August 14 - 19, 2017) Be better prepared for cyber-attacks and data breaches. At SANS New York City 2017 (August 14-19), we offer training with applicable tools and techniques for effective cybersecurity practices. Gain the...

Information Security Summit 2017 (Hong Kong, August 15 - 16, 2017) Effective Use of Analytics and Threat Intelligence to Secure Organizations: The Information Security Summit 2017 is a Regional Event with the aim to give participants from the Asia Pacific region an update...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.