skip navigation

More signal. Less noise.

Daily briefing.

Some food for thought that may serve to put the usual threat news into perspective: Symantec has taken a look at some prominent Advanced Persistent Threat groups and found that their tools tend to be buggy. They quietly suggest this could be turned to the defender's advantage.

North Korea is famously isolated, but its rulers? They're about as connected as anyone else, according to a Recorded Future study. Pyongyang's elite are assiduous users of Facebook, YouTube, and Amazon, to pick just three attractive Western services. This seems inconsistent with the Juche spirit of collective solidarity and self-reliance, but it may provide some insight useful to any elements of the civilized world interested in counter-value targeting in cyberspace.

Also in the study are some interesting observations about North Korea's use of foreign networks, sourced by Recorded Future to research done by Team Cymru. Chinese and Indian networks are most commonly exploited by Pyongyang's mix of espionage and criminal operators; they also use networks in Kenya, Indonesia, Mozambique, Malaysia, and Indonesia.

Various looks at Iran's CopyKitten operators are reaching a consensus that they're not highly skilled, but that they've been effective at espionage nonetheless. ClearSky and Trend Micro report that CopyKitten's Wilted Tulip campaign has successfully exfiltrated data from a range of regional, European, and North American targets.

The Fruitfly malware found to have been infesting Apple products is an odd one. Mac Rumors calls it "old and possibly abandoned," but the FBI is investigating.

Adobe will finally retire Flash, in 2020.

Notes.

Today's issue includes events affecting China, European Union, Germany, India, Indonesia, Iran, Israel, Kenya, Democratic Peoples Republic of Korea, Latvia, Malaysia, Mozambique, Nepal, New Zealand, Qatar, Russia, Saudi Arabia, Sweden, United Arab Emirates, United Kingdom, United States.

Best Practices for Applying Threat Intelligence

Threat intelligence is one of the most talked about areas of information security today, but how do you actually use it? Learn best practices for applying threat intelligence with Recorded Future's latest white paper. Download your free copy now.

In today's podcast, we hear from our partners at the University of Maryland, as Jonathan Katz explains recent experiments with quantum cryptography. Our guest is Stewart Kantor from Full Spectrum, who describes how to protect utility companies by using private RF (radio frequency) networks.  

CyberTexas Job Fair (San Antonio, TX, USA, August 1, 2017) If you're a cyber security pro looking for your next career, check out the free CyberTexas Job Fair, August 1, in San Antonio. It’s hosted by ClearedJobs.Net, and open to both cleared and non-cleared professionals and college-level students. You’ll connect face-to-face with industry leaders Accenture, Booz Allen, Delta Risk, IPSecure, ISHPI, AT&T, Lockheed Martin, NSA and more.

The Cyber Security Summit: Chicago & NYC (Chicago, Illinois, USA, August 8, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from the U.S. Dept of Justice, Cybraics, CenturyLink, Alert Logic and more. Register with promo code cyberwire50 for half off your admission (Regular price $350).

Security In the Boardroom (Palo Alto, CA, USA, August 23, 2017) Cybersecurity is a boardroom topic in nearly every organization. For many boards, security has evolved from a technical risk to a top business risk. Cybersecurity is also a growth opportunity. Proper integration of security and privacy concerns can drive far more effective digital transformation efforts. However, the mystique around cybersecurity can prevent board members and management from improving their cyber fluency and driving required improvements. Please join The Chertoff Group for our Security in the Boardroom event where we will demystify cybersecurity technology and policy issues while providing practical tools that board members and management can use to improve their resiliency to cyber risk and drive competitive advantage.

Dateline Black Hat, Defcon, and BSides

Cyber defenders have a message that US policymakers should hear (Washington Examiner) 'Our community has a responsibility to the people of the world that goes beyond traditional facets of information security.'

Black Hat USA 2017 Preview (Threatpost) Mike Mimoso and Tom Spring preview Black Hat, which starts tomorrow in Las Vegas.

Black Hat, DefCon 2017 Security Conferences to Reveal New Threats (eWEEK) The annual week of security conferences in Las Vegas gets underway as security researchers prepare to details all manner of vulnerabilities.

Windows SMB Zero Day to Be Disclosed During DEF CON (Threatpost) Microsoft has said it will not patch a two-decade-old Windows SMB vulnerability, called SMBloris because it behaves comparably to the Slowloris attacks. The flaw will be disclosed and demonstrated …

Novel Attack Tricks Servers to Cache, Expose Personal Data (Threatpost) Researchers have a devised a way to trick a web server into caching pages and exposing personal data to attackers.

Academia’s Role in Security Skills Gap Examined (Threatpost) At Black Hat, two RIT professors are expected to deliver a talk about the professional skills gap in security and how academic programs are falling short.

Preparing for the future of security requires focusing on defense and diversity (Facebook) Today I’m honored to be keynoting the Black Hat USA conference in Las Vegas, which is celebrating its 20th year of bringing together security researchers and industry.

Facebook Offers $1 Million for New Security Defenses (Dark Reading) The social media giant has increased the size of its Internet Defense Prize program in order to spur more research into ways to defend users against the more prevalent and common methods of attack.

With Global Cyber Attacks On the Rise, Zenedge Says Artificial Intelligence Holds the Answer (Zenedge) Zenedge believes that businesses of all sizes must invest in cloud-based security with a strong foundation in automation, leveraging artificial intelligence and machine learning to dynamically create and manage security postures, identify threats and mitigate attacks.

Raytheon enhances cyber threat hunting with CyberSponse automation tools (PRNewswire) Raytheon Company will integrate the CyberSponse security platform to...

AlienVault OTX Community Growth Spurs Threat Intelligence Sharing and Rapid Detection and Response (Marketwired) Collaboration between 65,000 global participants now enhanced by Groups and Adversary Pages; Support for STIX, TAXII, and YARA included in latest release

Intertrust to Showcase Comprehensive Suite of Security Products and Services at Black Hat USA 2017 (BusinessWire) Intertrust Technologies Corporation invites all Black Hat 2017 attendees to visit its booth at Black Hat 2017 in Las Vegas, July 26-27. In what has be

Cyber Attacks, Threats, and Vulnerabilities

Hackers' Own Tools Are Full of Vulnerabilities (Motherboard) The flaws could allow a hacking victim to strike back, and perhaps learn who else the attacker is targeting, or clues on who exactly the hackers are.

Report: North Korean Cyber Attacks Launched from Other Countries (Infosecurity Magazine) Report: North Korean Cyber Attacks Launched from Other Countries. India and China prime candidates, according to Recorded Future

North Korea’s Ruling Elite Are Not Isolated (Recorded Future) Our in-depth analysis of North Korean internet activity reveals an informed, modern, and technologically savvy ruling elite. Learn more.

North Korea's internet connections to China and India come under scrutiny (Cyberscoop) New analysis of recent North Korean internet traffic reveals that the reclusive regime is most likely carrying out its cyber-operations via the networks of other countries across Asia, Oceania and Africa.

North Korean web users enjoy Amazon, Facebook and YouTube, report claims (ComputerWeekly) Threat intelligence specialist Recorded Future claims that the North Korean elite are as plugged in to the worldwide web as any western citizen.

Iran-linked cyber spies use simple yet effective hacks: report (Reuters) A cyber spying group with links to Iran and active for the past four years is targeting countries including Israel, Saudi Arabia, Germany and the United States, security researchers said on Tuesday.

Iranian Cyber Espionage Group CopyKittens Successful, But Not Skilled (Dark Reading) Despite being only moderately skilled, CopyKittens has exfiltrated large volumes of data since at least 2013.

New details emerge on Fruitfly, a near-undetectable Mac backdoor (ZDNet) The malware went largely undetected for several years and is only detectable on a handful of security products, but the "fully featured" Mac backdoor can take control of an entire computer.

Cybercriminals Kept Botnet That Infected 500,000 Computers Hidden For Five Years (Forbes) You've read about the Mirai botnet and ransomware like WannaCry and Petya. Another piece of malware, dubbed Stantinko... not so much. That's because it managed to stealthily carry out its criminal mission for the past five years without attracting anyone's attention.

Malware Discovered That Can Control a Mac's Webcam and Keyboard, But It's Old and Possibly Abandoned (MacRumors) Earlier this year, researchers from security firm Malwarebytes discovered a piece of Mac malware called Fruitfly that reportedly spied on computers in medical research centers for years before being detected. Apple has since updated macOS to automatically detect the malware, safeguarding users.

FruitFly Mac malware - FBI investigating hundreds of infections, say researchers (Graham Cluley) The FBI is thought to be currently investigating hundreds of infections tied to the mysterious FruitFly family of Mac-based malware.

Banking Trojan Uses Mouse Movements to Distinguish Users From Virtual Machines (BleepingComputer) In July 2017, security researchers have spotted a new version of the proficient Ursnif banking trojan that comes with a clever trick to avoid sandbox environments and automated virtual machines by using mouse movements to detect if a real user is interacting with the computer.

Netskope Threat Research Labs analysis of ongoing cloud-aware data theft attack (Netskope) Netskope Threat Research Labs has become aware of an ongoing data theft attack. The attack begins as an email attachment and results in the installation of banking and credential theft malware,...

EVERY app offered by alternative Android app market redirected to malware (Graham Cluley) Remember to never ever agree to download Adobe Flash Player onto your Android phone.

Rapid Revision: New CryptoMix Strains Picking Up Speed (Security Intelligence) New variants of CryptoMix malware are quickly making the rounds, holding files ransom and demanding victims fork over the bitcoin.

Malspam pushing Emotet malware (SANS Internet Storm Center) On Tuesday 2017-07-25, we were contacted by a reader through our contact page. He sent us a Microsoft Word document, and he included the following message:

Don't Click on These New Fake Replies From 'Customer Service Departments' (Inc.com) A new phishing variant looks like responses to requests for information.

Social engineering and ransomware: analysis and opinions (WeLiveSecurity) ESET's David Harley assesses social engineering techniques and their varying success rates on getting victims to pay the ransom.

The Phisher Kings (Cylance) It’s unanimous: the Phisher Kings are alive and well. Industry threat and intelligence reports reveal that time and again, you, your employees, your customers and your friends and family are all potential targets. We take a look at some of the latest reports, and discuss how to mitigate this threat.

Three Telltale Signs a Hacker Has Been in Your Account (Imperva) Attackers don't always clean up after themselves. Learn about attacker practices and three telltale signs that indicate a hacker has been in your account.

Malware programme can cost as little as US$7, says report (Software Testing News) According to a new report from Proofpoint, using malware to steal important user credentials on the web can cost as little as US$7 when using the malware stealing programme, Ovidy Stealer.

Watch Security Researcher As She Hacks ATM by Drilling a Hole (HackRead) ATMs (automated teller machines) have remained a preferred target of hackers around the world. Last year, ATMs in over a dozen locations across Europe were

Unicredit Reveals Double Breaches Affecting 400,000 Users (Infosecurity Magazine) Around 400,000 Italian bank accounts have been accessed in one of Europe’s largest data breaches.

Over 100,000 IDs from Edinburgh up for sale on the dark web (International Business Times UK) Email IDs, passwords and credit card information made available in identity trading scam.

Cyber Attack Costs Weigh on Reckitt Revenue Forecast (New York Times) Reckitt Benckiser Group expects muted sales growth this year, after last month's global cyber attack exacerbated ongoing difficulties at the British consumer goods firm.

Shipping disruption and high air freight rates give sea-air operators a boost (Loadstar) The sea-air sector is enjoying a healthy resurgence, as high air freight rates, disruptions in sea freight and new pricing transparency have combined to make multimodal transport more attractive.

UK organisations brace for another WannaCry type event (Enterprise Times) A recent Clearswift survey shows that post WannaCry users are more aware of cyber security with increasing numbers wanting to learn more

Security Patches, Mitigations, and Software Updates

Adobe to pull plug on Flash, ending an era (CRN Australia) Technology to be retired at the end of 2020.

Cyber Trends

Accenture Security Report Identifies Top Cyber Threats of 2017 (BusinessWire) A new report from iDefense, part of Accenture Security, reveals how threat actors are continuing to evolve their ability to avoid detection.

Expected cyber threats over the next six months (Help Net Security) The 2017 Cyber Threatscape Report examines key trends during the first half of 2017 and explores how cyber incidents may evolve over the next six months.

Over 2,200 Data Breaches Disclosed So Far In 2017, Exposing Over Six Billion Records (Risk Based Security) The pace of data breach disclosures remains steady compared to the prior two years while the number of records exposed jumps to a record high.

Why does it still take six months for a company to spot a hack? (NBC News) Data breaches jumped by 29 percent in the first half of 2017, with 12 million records exposed, including medical files and Social Security numbers.

GDPR and big data - friends or foes? (Computing) Is the GDPR a guiding light to the benefits of big data, or its death knell?

State of Application Security: Libraries (Contrast Security) Read analytics gathered from within 1,668 running applications which included 3,815 different open source libraries, frameworks, and modules.

Consumers Want Better IoT Security Built in From the Start (Infosecurity Magazine) Consumers Want Better IoT Security Built in From the Start. Irdeto survey reveals global consumers are well aware of the risks

Robert Herjavec: We are in the midst of a Cyber Cold War (City A.M.) Never has a flute of champagne been thrust into my hand as I arrived for an interview, until today.

Marketplace

New cyber security consortium leads to open data, security platform for companies (Financial Post) Palo Alto Networks and other members share threat information and will produce playbooks that describe malware campaigns in detail to help address them

SiteLock Extends Web Security Leadership with Acquisition of Patchman (PRNewswire) SiteLock, a global leader in business website security solutions,...

Security acquisitions high on the agenda for SolarWinds MSP (ARN) SolarWinds MSP is on the lookout to acquire businesses with a stronghold in the security space, following its increased focus into this vertical.

Cybersecurity Pioneer Bricata Raises $8 Million in Series A Led by Edison Partners (Bricata) Growth equity investment will accelerate the business plan on the heels of momentum stemming from a new product release and additions to the management team

3 Important Backstories Behind the Bricata Series A Funding (Bricata) Today our company announced a Series A funding round led by Edison Partners. The funding is clearly a major milestone for the company and has a meaningful impact for our customers. However, it’s important to note there are key aspects here besides just the money.

Tenable Network Security boasts of $50M billed in second quarter (Maryland Daily Record) Tenable Network Security Inc., a cybersecurity firm in Columbia, announced record second-quarter results on Monday. Tenable had more than $50 million in billings, representing more than 50 percent …

Why investors are betting on this cybersecurity stock (CBS News) As cyber attacks surge, Wall Street sees opportunities for Symantec and its growing business, government and consumer markets

Army adds three to electronic security systems contract (Washington Technology) The Army adds three companies to a five-year, $270 million contract for electronic security systems upon the dismissal of their protests.

ELTA North America is opening a cybersecurity center in Maryland (Baltimore Business Journal) Howard County manufacturing firm ELTA North America has selected Maryland as the home for its new Cyber Innovation Center, Gov. Larry Hogan announced Tuesday.

LightEdge Opens Its Expanded Data Center Campus in Altoona (PRWeb) Partnering with Ball Team and Schneider Electric, LightEdge expansion spans 48,000 square feet

PwC IT service head Matt Chamley jumps to VMware (CRN Australia) Matt Chamley jumps to the vendor side.

BrainChip Adds Thomas Stengel as Vice President of Americas Business Development :: BrainChip Holdings Ltd. (BrainChip Holdings Ltd.) Leadership team in place to drive sales of new AI-based BrainChip studio video analytic solutions

HyTrust Fuels Government Market Growth Hires Wayne Lewandowski as GM/SVP and Expands Federal Advisory Board (Marketwired) Government business will be led by proven executive and HyTrust federal advisory board expanded with three new members

Products, Services, and Solutions

Oxygen Forensics discovers method to extract data from locked Motorola devices (Oxygen Forensics) Oxygen Forensics, a worldwide developer and provider of advanced forensic data examination tools for mobile devices and cloud services, released version 9.4.2 of its flagship Oxygen Forensic® Detective product today and is the first forensics company to give forensic professionals the added functionality of extracting data from locked Motorola devices.

CrowdStrike Launches the Fastest and Largest Cybersecurity Search Engine - (CrowdStrike) New CrowdStrike Falcon® Search Engine empowers next-gen Security Operation Centers to search in real-time on the world’s fastest and most comprehensive security platform SUNNYVALE, Calif., July 25, 2017 – CrowdStrike® Inc., the leader in cloud-delivered endpoint protection, today announced that…

Electric Cooperative Saves 50 Hours Every Week on Security Monitoring (Netwrix) Netwrix Auditor enables Guadalupe Valley Electric Cooperative to improve the security of its critical IT infrastructure

Neustar Introduces New Integrated Security Platform (BusinessWire) Neustar, Inc. (NYSE: NSR), a trusted, neutral provider of real-time information services, today introduced its new Integrated Security Platform, conti

Solarflare Opens Market for 10 Million Firewalls Per Year with World's First NIC-Based Hardware Server Firewall (BusinessWire) Solarflare Opens Market for 10 Million Firewalls Per Year with World’s First NIC-Based Hardware Server Firewall

Trivalent Announces Trivalent Protect™ with Ransomware Protection (Trivalent) Unique, data-centric solution receives new upgrades that put organizations in control of their information by securing enterprise data from ongoing ransomware attacks The leading provider of next generation data protection, Trivalent, announces the addition of ransomware protection to Trivalent Protect™. As the first and only solution to receive Commercial Solutions for Classified (CSfC) approval forRead more

DarkLight Offers First of its Kind Artificial Intelligence to Enhance Cybersecurity Defenses (BusinessWire) Champion Technology Company, Inc., developer of DarkLight, an AI expert system for active cyber defense and trusted information sharing, today release

Webroot launches certification programme for SecureAnywhere partners (Channel Pro) Partners can become certified as professionals or technicians

Lieberman Software Teams with VeriClouds to Prevent End-Users from Logging On with Known Compromised Credentials (Marketwired) Technology integration prohibits compromised users from accessing sensitive systems

Skyport Announces Self-Service Security Policy Capabilities Delivering the Industry’s First Agile, DevOps Friendly Perimeter for the Hybrid Enterprise (BusinessWire) Skyport Systems, a leading secure hyperconverged infrastructure provider for the hybrid enterprise, announced today at the Black Hat USA 2017 conferen

RiskIQ Reveals Digital Footprint Snapshot – On-Demand, Cost-Effective External Asset Intelligence Report (GlobeNewswire News Room) RiskIQ, the leader in digital threat management, today unveiled RiskIQ Digital Footprint Snapshot, which provides organizations with an automated, on-demand intelligence report of their internet-facing digital assets.

Cog Systems and Silent Circle Team Up to Bring Trusted Mobile Communications to the World's Most Secure Device (PRNewswire) Cog Systems and Silent Circle have teamed up to provide in-depth defense...

IBM X-Force Red Launches IoT and Connected Car Security Services (eWEEK) On its one-year anniversary, IBM's elite security testing team adds new services to help organizations improve car and IoT security.

Security a Must for Auto GbE Switch (EETimes) Bringing popular Ethernet technology to cars seems like a natural progression. But here's why in the auto world, a regular GbE switch won't work, and even 1000BASE-T1 might not cut it for autonomous cars.

Qualys helps developers to build cloud visibility apps with CloudView (Computing) CloudView provides infrastructure visibility from cloud providers like AWS and Microsoft

Paragon UFSD for Nucleus (Paragon Software Group) Tackles Incompatibility Problems on Embedded Devices, Creating New Opportunities for Device Manufacturers

New JASK Trident Platform Dramatically Increases Operational Efficiency to Give Security Teams Crucial Response Speed and Agility (Marketwired) Artificial intelligence-enabled platform leverages predictive capabilities for detection, triage and investigation of cybersecurity threats

Russia’s Kaspersky Lab launches free antivirus software globally (Reuters) Moscow-based Kaspersky Lab on Tuesday announced it was rolling out a free version of its antivirus software across the globe, a product launch that comes amid mounting suspicion in the United States that the cyber firm is vulnerable to Russian government influence.

Lacework's Partnerships and Integrations Establish Foundation of New Cloud Security Stack (Business Insider) Lacework™, the industry's first zero-touch cloud security solution, today announced a range of partnerships across the security and cloud ecosystems as critical building blocks of a security stack natively adapted to cloud deployments in Amazon Web Services (AWS), Microsoft Azure and private clouds.

Latin America and Caribbean to Receive First Complete Software Solution to Protect Mobile and IoT Devices (Marketwired) YellowPepper and MagicCube announce partnership to offer unprecedented security to protect token-based payment service deployments from advanced threats

Technologies, Techniques, and Standards

'Jump boxes' and SAWs improve security, if you set them up right (CSO Online) The concept of a traditional “jump box”, a secure computer that all admins first connect to before launching any administrative task or use as an origination point to connect to other servers, has morphed into an even more comprehensive and locked-down “secure admin workstation” (or SAW). You should be using one or both, and if you’re not, you need to get busy.

Disrupting the Disruptors, Art or Science? (McAfee) Understanding the role of threat hunters and continuing evolution of the SOC in cybersecurity

Red team versus blue team: How to run an effective simulation (CSO Online) Playing the role of an attacker can make your team better at defense. Learn how in our step-by-step guide to war gaming your security infrastructure — from involving the right people to weighing a hypothetical vs. live event.

Design and Innovation

'As a service' model will create an accessible and future proof Internet of Things (Computing) Nick Sacke, head of products and IoT at Comms365, believes that the IoT is on the cusp of mass deployment, as organisations leverage low power wide area networking (LPWAN) and new IoT as a Service deployment models to achieve fast, low risk and low cost innovation

Mark Zuckerberg criticises Elon Musk for 'irresponsible' warnings over AI (Computing) But Elon Musk hits back suggesting that Zuckerberg 'has limited understanding of AI',Big Data and Analytics

Zuckerberg and Musk are both wrong about AI (Ars Technica) During an impromptu Facebook Live interview, Zuck said there’s no doomsday coming.

Keep forgetting your ID card? US company offers RFID chip implants to staff instead (Computing) Welcome to the future of work!

Academia

Two Schools Join to Educate More Cyber-Security Professionals (Iowa Public Radio) Iowa State University and Des Moines Area Community College are joining together to create what they call the Iowa Cyber Hub. Its aim is to increase the

Leidos Named Sponsor of University of Cambridge’s Cross-Nation Cyber Competition - GovCon Wire (GovCon Wire) Leidos (NYSE: LDOS) will serve as sponsor of the University of Ca

UK gov wants teens to practice cybersecurity in their spare time (WIRED UK) Teenagers are being encouraged to apply for the scheme where they'll learn through 'games, challenges, and projects'

Students asked to compete as 'cyber protection agents' (Delaware Online) Delaware students are being asked to take part in a competition designed by the SANS Institute to test their aptitude for keeping the internet safe.

Legislation, Policy, and Regulation

NATO Cyber Defence Centre names new director (Fifth Domain) Merle Maigre will assume the role of NATO Cooperative Cyber Defence Centre of Excellence director on Sept. 1, taking over from Sven Sakkov.

U.S. treads water on cyber policy as destructive attacks mount (Reuters) The Trump administration's refusal to publicly accuse Russia and others in a wave of politically motivated hacking attacks is creating a policy vacuum that security experts fear will encourage more cyber warfare.

China Toys With an Internet Lockdown (Wall Street Journal) China deploys a fierce array of censorship tools and methods to maintain its Great Firewall, but there has been one crack: the virtual private network, which allows connections to servers outside the country. Now that is in doubt.

Steptoe Cyberlaw Podcast: Governments to Internet: STFU (Lawfare) This week's podcast covers the Russia sanctions bill, radio silence from Silicon Valley on 702 renewal, and an interview with Dave Aitel.

Despite all the fake news, ODI chief Sir Nigel Shadbolt remains 'resolutely optimistic about the emancipating power of good data' (Computing) The UK needs to treat data as infrastructure in the same way as roads and the power grid

Lessons from Europe’s Fight Against Russian Disinformation (The New Yorker) For years, European nations have struggled to block fake news. Their solution: treat the media like an oil pipeline.

Spies in the age of social media: Ex-CIA experts reveal challenges of modern espionage (International Business Times UK) Technology has changed the game as social media could hinder espionage work.

Here's how DoD organizes its cyber warriors (Fifth Domain) This is part one of a series exploring the differences between military cyber forces, capabilities, mission sets and needs.

Is an intel community reorg in the works? (C4ISRNET) The intelligence community is in the middle of a “significant transformation process,” according to the IC’s top official.

3 priorities for Army’s cyber/EW aviation concept of operation (Fifth Domain) The Army is looking to upgrade its aviation training incorporating cyber and electronic warfare.

Bill to create new cyber agency at DHS to be introduced this week (FederalNewsRadio.com) In today's Federal Newscast, Representative Michael McCaul (R-TX) is set to introduce legislation this week which would reshuffle DHS.

Repealing Net Neutrality is Easy. Replacing It Will Be Hard (WIRED) The next fight over the future of the open internet will fall to the U.S. Congress.

Oh Shit, the SEC Just Ruled That Ethereum ICO Tokens Are Securities (Motherboard) Some ICOs must be registered or they’re unlawful.

Litigation, Investigation, and Law Enforcement

Surveillance: German police ready to hack WhatsApp messages (Deutsche Welle) Germany's security forces will have the technology to install surveillance software on cellphones before the end of the year, a leaked document shows. Police plan to use private firms to skirt legal dilemmas.

Swedish cyber security slip-up 'a complete failure': PM Stefan Löfven (The Local (Sweden)) Sweden's Prime Minister Stefan Löfven has commented for the first time on a cyber security slip-up that made top secret police databases available to foreign IT workers.

Newly declassified memos detail extent of improper Obama-era NSA spying (TheHill) The memos reviewed by The Hill were publicly released on July 11 through Freedom of Information Act litigation by the American Civil Liberties Union.

Seven Observations About Jared Kushner’s Statement (Foreign Policy) The president’s son-in-law apparently thinks he’s pretty safe from investigators. But he threw Don Jr. under the bus.

Tech Firms Target Domains Used by Russia-linked Threat Group (Security Week) Tech companies ThreatConnect and Microsoft are moving toward exposing and taking down domains associated with Russia-linked threat group known as Fancy Bear.

FOI Report: UK Cops Investigate Over 700 Cases of Data Misuse (Infosecurity Magazine) FOI Report: UK Cops Investigate Over 700 Cases of Data Misuse.

NanoCore RAT creator pleads guilty (Help Net Security) Huddleston developed, marketed, and distributed two products popular with cybercriminals around the world. One of those is the NanoCore RAT.

How a Citadel Trojan Developer Got Busted (KrebsOnSecurity) A U.S. District Court judge in Atlanta last week handed a five year prison sentence to Mark Vartanyan, a Russian hacker who helped develop and sell the once infamous and widespread Citadel banking trojan. This fact has been reported by countless media outlets, but far less well known is the fascinating backstory about how Vartanyan got caught.

Officials arrest suspect in $4 billion Bitcoin money laundering scheme (Ars Technica) Bitcoin's decentralized architecture makes it popular with criminal groups.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Black Hat USA 2017 (Las Vegas, Nevada, USA, July 26 - 27, 2017) Now in its 20th year, Black Hat is the world’s leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2017 kicks off with four days...

RSA Conference 2017 Asia Pacific & Japan (Singapore, July 26 - 28, 2017) RSA Conference 2017 Asia Pacific & Japan is the leading information security event in the region. Join us for three days of high quality education, engaging content and valuable networking. Get exposure...

DEF CON 25 (Las Vegas, Nevada, USA, July 27 - 30, 2017) You know how we know it’s almost DEF CON? The Southwest is having a heat wave, that ancient tweet about the Feds (allegedly) not appreciating the ‘Spot the Fed’ contest is back and the interwebz are buzzing...

North American International Cyber Summit (Detroit, Michigan, USA, July 30, 2017) In its sixth year, the cyber summit brings together experts from across the globe to address a variety of cybersecurity issues impacting the world of business, education, information technology, economic...

Cyber Texas (San Antonio, Texas, USA, August 1 - 2, 2017) CyberTexas was established to provide expanded access to security developments and resources located in Texas; provide an ongoing platform for the education and skill development of cyber professionals...

Cyber Security Summit: Chicago (Chicago, Illinois, USA, August 8, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Chicago Receive...

PCI Security Standards Council: 2017 Latin America Forum (Sao Paulo, Brazil, August 9, 2017) Join your industry colleagues for a full day of networking and one-of-a-kind partnership opportunities. Whether you want to learn more about updates in the payment industry or showcase a new product, you’ll...

2017 DoDIIS Worldwide Conference (St. Louis, Missouri, USA, August 13 - 16, 2017) Hosted annually by the DIA Chief Information Officer, the DoDIIS Worldwide Conference features a distinguished line-up of speakers and an extensive selection of breakout sessions allowing attendees to...

SANS New York City 2017 (New York, New York, USA, August 14 - 19, 2017) Be better prepared for cyber-attacks and data breaches. At SANS New York City 2017 (August 14-19), we offer training with applicable tools and techniques for effective cybersecurity practices. Gain the...

Information Security Summit 2017 (Hong Kong, August 15 - 16, 2017) Effective Use of Analytics and Threat Intelligence to Secure Organizations: The Information Security Summit 2017 is a Regional Event with the aim to give participants from the Asia Pacific region an update...

TechFest (Louisville, Kentucky, USA, August 16 - 17, 2017) TechFest is a biannual summit designed to bring together technology professionals for learning and networking. Attendees will have opportunities to explore economic development avenues for their businesses,...

The Chertoff Group Security Series: Security In The Boardroom (Palo Alto, California, USA, August 23, 2017) The Chertoff Group Security Series will aim to enhance and add to the Security in the Boardroom conversation by applying our insights into technology, threat, and policy to help executives respond to the...

The Chertoff Group Security Series: Security In The Boardroom (Palo Alto, California, USA, August 23, 2017) The Chertoff Group Security Series will aim to enhance and add to the Security in the Boardroom conversation by applying our insights into technology, threat, and policy to help executives respond to the...

U.S. Department of Commerce Cybersecurity Awareness Day (Washington, DC, USA, August 24, 2017) On August 24, 2017, the Department of Commerce headquarters is planning the Cybersecurity Awareness Day event which will host guest speakers from throughout the Cybersecurity community. The 2017 Cybersecurity...

7th Annual Cybersecurity Training and Technology Forum (Colorado Springs, Colorado, USA, August 30 - 31, 2017) CSTTF is designed to further educate Cybersecurity, Information Management, Information Technology, and Communications Professionals by providing a platform to explore and enhance cyber resilience, collaboration,...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.