skip navigation

More signal. Less noise.

Daily briefing.

Experts think the CrashOverride malware used against Ukraine last December represented the culmination of a long and patient campaign prepared by infestations of Havex and BlackEnergy. WIRED puts it directly: Ukraine "became Russia's test lab for cyberwar." Observers think Russia now has a proven cyber weapon ready for use. 

Deutsche Welle says reports that President Trump will meet Ukrainian President Petro Poroshenko before he meets Russia's President Putin are causing a sensation in Kiev. 

The European Union has decided to adopt a united front with respect to answering cyber attacks with sanctions.

It appears a single black hat may be the fons et origo of 2017's dramatic increase in Android malware infestations. Bleeping Computer tracks "Maza-in" (his—hers?—nom du hack) in various underground fora and sees signs that he's both created and shared the code for Bank Bot and Mazar Bot.

Trend Micro says Erebus has resurfaced in the form of Linux ransomware. The initial infestation is in South Korea.

In industry news, award protests over, Raytheon with keep its billion-dollar contract to provide cybersecurity services and solutions to the US Department of Homeland Security.

French police begin rolling up the network of a jihadist killer in Paris. In the UK, no such network has so far been discerned in the case of the man who attacked Muslims leaving their Ramadan place of worship.

Results of a US Defense Department Inspector General look at NSA's insider threat program suggests the agency has a lot of work ahead of it.


Today's issue includes events affecting Egypt, Estonia, European Union, France, Germany, Israel, Mexico, Qatar, Russia, Saudi Arabia, Ukraine, United Kingdom, United States.

In today's podcast we hear from our partners at the University of Maryland's Center for Health and Homeland Security, as Ben Yelin discusses an online “right to know” privacy bill. We'll also have highlights from our conversation with representatives of the American Gas Association and the Downstream Natural Gas ISAC: they have some interesting things to say about CrashOverride and how the natural gas sector responded to the threat.

The Cyber Security Summit: DC (Washington, DC, USA, June 29, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from the U.S. Dept of Justice, Cybraics, CenturyLink, Alert Logic and more. Register with promo code cyberwire50 for half off your admission (Regular price $350).

8th Annual Billington CyberSecurity Summit (Washington, DC, USA, September 13, 2017) The 8th Annual Billington CyberSecurity Summit September 13 in Washington D.C. brings together world-class cybersecurity thought leaders for high-level information sharing, unparalleled networking and public-private partnerships from a cross-section of civilian, military and intelligence agencies, industry and academia.

Dateline SINET Innovation Summit

SINET Innovation Summit 20 June 2017 in NYC (CTOvision) We have previously written about the Security Innovation Network (SINET), a collective of mission-focused experts led by the highly regarded and widely respected connector Robert Rodriguez. Any SINET event is worth engaging with, they always deliver value for participants. The next major event is just days away. The SINET Innovation Summit will be held 20 …

Cyber Attacks, Threats, and Vulnerabilities

How An Entire Nation Became Russia's Test Lab for Cyberwar (WIRED) The clocks read zero when the lights went out.

‘Our Phones Are Being Monitored’: How a Hacking Story Unfurled (New York Times) A report on government spyware targeting Mexican activists began when a human rights lawyer met with The Times and took all the phones outside the room.

You Can Blame This Guy for the Recent Surge in Android Malware on the Play Store (BleepingComputer) A recent surge in Android banking malware can be traced back to December 2016, when a malware coder under the name of Maza-in uploaded a tutorial on how to build Android malware on an underground hacking forum named

Industroyer: ICS were developed decades ago with no security in mind (WeLiveSecurity) Senior ESET malware researcher Robert Lipovsky discusses Industroyer, the biggest threat to Industrial Control Systems (ICS) since Stuxnet.

New Vulnerability Could Give Mirai the Ability to Survive Device Reboots (BleepingComputer) Security researchers from Pen Test Partners have discovered a new vulnerability that could allow the Mirai IoT worm to survive between device reboots, allowing the creation of a permanent IoT botnet.

Deep Root Analytics behind data breach on 198 million US voters: security firm (Deutsche Welle) Anyone with an internet connection was able to access a huge database of personal information on US voters ahead of 2016 elections, a security firm says. The database helped the Republican Party's presidential campaign.

GOP Data Firm Accidentally Leaks Personal Details of Nearly 200 Million American Voters (Gizmodo) Political data gathered on more than 198 million US citizens was exposed this month after a marketing firm contracted by the Republican National Committee stored internal documents on a publicly accessible Amazon server.

Erebus Resurfaces as Linux Ransomware (TrendLabs Security Intelligence Blog) On June 10, a South Korean web hosting company was hit by Erebus ransomware, infecting 153 Linux servers and over 3,400 business websites the company hosts.

Serious privilege escalation bug in Unix OSes imperils servers everywhere (Ars Technica) “Stack Clash” poses threat to Linux, FreeBSD, OpenBSD, and other OSes.

Pinkslipbot banking Trojan exploiting infected machines as control servers (Security Affairs) Pinkslipbot banking Trojan is a banking Trojan that uses a complicated multistage proxy for HTTPS-based control server communication.

Privacy, security concerns grow for wearables (Help Net Security) Enterprise wearable camera shipments will reach nearly 24 million in 2022. This should be accompanied with increasing privacy and data protection measures.

Ransomware attacks: Universities back online after 'zero-day' infections (ZDNet) Two university have restored systems to normal following cyberattacks which may have been made more potent with the use of zero-day flaws.

Cyber Trends

Kaspersky: Online banking hacks cost banks nearly $1.8M each (CIO Dive)  A banking hack is nearly double the cost banks typically pay to recover from a malware incident.

Majority of surveyed execs have inherited cybersecurity problems after acquiring a software company (SC Media US) With limited timelines to conduct due diligence, cybersecurity weighs heavily on the minds of investors. This survey finds greater dissatisfaction with due

Anything and everything hackable, warns Verizon exec (Mobile World Live) EXCLUSIVE INTERVIEW: Recent network hacks “prove we live in an unsecure world” warned Harm Jan ...

Estonian cyber-security ranks best in Europe, fifth in the world (SC Media UK) The second iteration of the Global Cyber-security Index announced at Information Society Forum 2017 praises the country for its response to the 2007 attack on its infrastructure from Russia.


BlueLine Grid Raises $2.4 Million ( Enterprise IT startup BlueLine Grid just closed $2.4 million in financing from an undisclosed investor. BlueLine Grid operates a collaboration network for law enforcement, first responders, security teams, and corporations. The company provides an encrypted suite of messaging, voice, location, conferencing, virtual command, and file-sharing …

MKACyber, Inc. Fuels Growth with Series A Funding; Adds Security Industry Titans to Board (MKA Cyber) MKACyber, a rapidly expanding Managed Security Operations Services Provider (MSSP) and security consulting firm with elite SOC expertise, today announced that it has received $4.1 million in Series A funding.

Is the Palo Alto Networks Inc Turnaround Finally Here? (The Motley Fool) A sales team reorganization should fuel the company's customer growth and sustain its current momentum.

How Safe Is Cisco Systems and Its Dividend? (The Motley Fool) A low P/E and a high yield make this

'Absolutely Necessary': How Blockchain Could Help Tech Giant Cisco Reboot (CoinDesk) As hardware sales fall, Cisco is now pushing even deeper into blockchain, seeking efficiency benefits and improved profits from the tech.

Raytheon CEO: $1B cybersecurity win stateside could lure global government customers (Defense News) Implications of Raytheon's DOMino contract with Homeland Security could go well beyond U.S. agencies with the .gov domain.

Raytheon secures $1B DHS cyber contract after year-and-a-half long battle (Washington BusinessJournal) It took more than a year-and-a-half, but Waltham, Massachusetts-based Raytheon Co. (NYSE: RTN) has finally secured a five-year, $1 billion Department of Homeland Security contract to help defend “.gov” websites from cyber attacks.

Raytheon holds onto $920M DHS cyber contract as protests end -- Washington Technology (Washington Technology) Raytheon keeps the estimated seven-year, $920 million DHS cyber services contract known as 'DOMino' after a long series of protests from rival Northrop Grumman.

General Dynamics Wins $250M Deal for Prophet SIGNIT System ( Defense giant General Dynamics Corp. 's GD Mission Systems business unit has won a contract to modify, test, train and sustain the Prophet system. Work related to this deal is scheduled to be over by Jun 15, 2022.

IBM Opens European X-Force Command Center in Poland ( The FINANCIAL, Business News & Multimedia, Global brands, Investments and Personal Finance. Regional focus: United States, Georgia, Ukraine, Turkey, EU

CACI Named a Washington Post Top Workplace for Third Consecutive Year (BusinessWIre) CACI International Inc (NYSE: CACI) announced today that it has been named to The Washington Post’s 2017 Top Workplaces in the Large Company cat

The Washington Post Names Iron Bow Technologies a Winner of the Greater Washington Area 2017 Top Workplaces Award (BusinessWire) Iron Bow Technologies, an information technology solutions provider to the government, commercial and healthcare markets, is proud to announce it has

New Augusta center to be new training ground for cyber warfare (Atlanta Journal-Constitution) Georgia leaders open new cyberwarfare training ground in Augusta.

CRN Exclusive: Dave DeWalt Joins Security Startup Illusive Networks As Vice Chairman (CRN) As it looks to stake its claim in the emerging market for deception technology, Illusive Networks has landed a big executive win, announcing Monday the appointment of well-known security industry executive Dave DeWalt as its vice chairman of its board of directors.

Security Vendor Comodo Hires Former Symantec Veteran To Spearhead IoT Practice (CRN) Comodo has hired Damon Kachur, a former Symantec and Verisign veteran, to lead the charge in the security company's IoT strategy.

Products, Services, and Solutions

LookingGlass Named Gold Winner for Best Enterprise IT Products and Services (BusinessWire) LookingGlass™ Cyber Solutions, a leader in threat intelligence-driven security, announced today that Network Products Guide, the industry's

Raytheon Offers Cyber Security Safety Net As Threats Escalate (Aviation International News) Raytheon has warned about complacency over cyber security in the aerospace supply chain.

Proofpoint Kicks Off FedRAMP Certification for Cloud Email Protection and Information Security, Coupled with Common Criteria Testing - ( Leading cybersecurity company's comprehensive email and information protection service achieves in-process FedRAMP status, among the first to adopt the latest Common Criteria Standard

How 4 deception tools deliver truer network security (CSO Online) Deception is becoming increasingly popular as a defensive tool. Here's what we discovered about how deception works and the unique features that deception tools from TrapX Security, Cymmetria, illusive Networks, and TopSpin Security bring to network defenses.

Syniverse and Pinn to Deliver Continuous Attribution (BusinessWIre) Syniverse’s global platform and Pinn’s attribution solution will deliver transaction security and continuous attribution required by PSD2

Microsoft launches new Windows 10 keyboard which includes a hidden security update (Express) Microsoft has quietly unveiled a new, sleek Windows 10 input device which has a hidden security feature.

New Tempered Networks Release Tackles PCI Compliance (Channel Partners) The latest IDN platform release from Tempered Networks is designed to remove PCI systems and assets from scope through cloaking, micro-perimeter segmentation, machine authentication and authorization, and end-to-end encryption. These, and other controls, support Payment Card Industry Data Security Standard (PCI DSS) compliance requirements.

Nerdio brings Kaspersky Anti-Virus into the ITaaS Space (GlobeNewswire News Room) Leading IT-as-a-Service (ITaaS) platform integrates award-winning, cloud-assisted security software

Cisco, Check Point, Sophos Among Major Next-Gen Firewall Vendors (Channel Partners) The global next-generation firewall market is expected to grow from nearly $2.4 billion this year to $4.27 billion by 2022, at a compound annual growth rate of 12.3 percent, driven by the increased adoption of bring your own device (BYOD) and the Internet of Things (IoT), increasing internal and external threats, and high functionalities of next-generation firewall offerings.

Conexys announces cloud-based enterprise-class bot detection, web application firewall with artificial intelligence and DDOS mitigation services, powered by Zenedge (IT Business) Conexsys Communications Limited is pleased to introduce its latest Managed Service offering, Encompass® Cloud, which

Verizon partners with Cisco for cloud-based VNF (The Stack) Verizon will offer Virtualized Network Functions (VNF) through Cisco’s VMS to improve network agility and efficiency of user resources.

FHOOSH Showcases Fastest IoT AES256 Security Solution for Streaming Hi-Def Video at Verizon Emergency Responder Event (FHOOSH) Secure Video Demonstrations During Operation Convergent Response To Include Tactical K9s and Robots SAN DIEGO and PERRY, Ga. — June 7, 2017 — FHOOSH, Inc., a leader in high-speed cybersecurity software, today announced that it has been selected to demonstrate its advanced, Internet of Things (IoT) data protection solutions applied to streaming secure video at …

Technologies, Techniques, and Standards

National Security Agency has now a Github account (TechJuice) Gone are the days when Intelligence agencies worked in the dark or behind the scenes. Agencies around the world are read more

Cyber protection teams need more intelligence, say officials (C4ISRNET) There currently is no plan to change the structure of these teams to marry intelligence-oriented teams or intelligence cells within them, which CYBERCOM calls cyber support teams.

Small Business Cybersecurity: A Guide To Protecting Your Interests Online (Secure Thoughts) Looking to improve the cyber security of your small business? Read this simple to follow guide to improve your online security.

Design and Innovation

Microsoft, Accenture team up to help refugees with blockchain-based digital ID network (CRN Australia) Building a blockchain-based digital ID network for the UN.

Research and Development

SKT develops new quantum repeater (Korea Times) SK Telecom succeeded in long-range telecommunication based on quantum cryptography, making Korea the world’s third nation to achieve the next-generation security technology after China and the United States, the firm said Monday. The nation’s top mobile operator said it has developed a trusted repeater for quantum crypto telecom and demonstrated round-trip transmission of cryptographic key data over 110 kilometer distance in Gyeonggi Provice.

Amazon plans to check up on your price checks (Naked Security) Thinking of shopping in one of Amazon’s new physical stores? Think twice about using their free Wi-Fi to do a price comparison while you’re there as a patent suggests they’ll be s…


Cybersecurity Experts Attack Imaginary Countries In Cyber 'X Games' At CMU (WESA) Fifty military cybersecurity experts are defending the online infrastructure of their imaginary nations at the Cyber Endeavor X Games this week. Now in its

Legislation, Policy, and Regulation

Qatar Says Will Not Negotiate Until ‘Blockade’ Lifted (VOA) Surrounding countries Bahrain, Saudi Arabia, and the United Arab Emirates cut ties with Qatar two weeks ago, causing worst Gulf Arab crisis in years

Hamas is feeling the pain of Qatar's crisis, and looking to Egypt for help (Los Angeles Times) Hamas' isolation has deepened as a result of pressure on Qatar by Arab neighbors.

EU agrees to joint sanctions on cyberattacks (Deutsche Welle) The EU has agreed to use a "cyber diplomacy toolbox" against hackers targeting member states. The move comes amid concern hackers may seek to influence German elections in September.

EU throws a spanner in London’s encryption backdoor works (Naked Security) A wave of terrorist attacks has led to the UK government calling ever more noisily for ways to access the content of terrorists’ messages – but new rules from Brussels make that demand …

The EU Rolls the Dice and Sides with No Decryption, No Reverse Engineering of Communications, Period (Patently Apple) The European Parliament's Committee on Civil Liberties, Justice, and Home Affairs released a draft proposal for a new Regulation on Privacy and Electronic Communications. The draft recommends a regulation that will enforce end-to-end encryption on all communications to protect European Union citizens’ fundamental privacy rights. The committee also noted that decryption shall be prohibited. This is contrary to what the UK is considering to enforce.

Is the Trump administration poised to take on a new role in the Ukraine conflict? (Deutsche Welle) Reports that Donald Trump will receive Ukrainian President Petro Poroshenko ahead of his first meeting with Vladimir Putin are causing a sensation in Kyiv. Could the move signal a new policy for the US in Ukraine?

Israeli, German experts tackle cyber hate speech at Jerusalem conference (The Jerusalem Post) Delivering opening remarks, Yuval Rotem, director-general of the ministry said youth spend some nine hours a day on social media so there needs to be a coordinated response.

How to Resolve Tangled Relationship Between Congress and Homeland Security (The Daily Signal) Far too many congressional committees claim oversight of the Department of Homeland Security, resulting in waste and inefficiency.

DIA's Stewart tapped to be deputy commander at CYBERCOM ( Marine Corps Lt. Gen. Vincent Stewart, director of the Defense Intelligence Agency, has been nominated to become deputy commander at U.S. Cyber Command, according to a Pentagon announcement.

Litigation, Investigation, and Law Enforcement

Paris Champs-Elysees attack: Four relatives arrested (Deutsche Welle) French authorities have detained four relatives of an Islamic extremist who deliberately drove an explosive-laden car into a Gendarmerie van on Paris' Champs-Elysees. The assailant died in the attack.

An Attack From the ISIS Playbook (The Atlantic) The London attack seems to fit with a pattern of growing attacks on Muslims—both in Europe and in the United States.

Watchdog: NSA needs to boost insider-threat protocols (FCW) While the intelligence agency has implemented several of the Secure-the-Net initiatives launched in the wake of the Edward Snowden leak, additional steps are still needed.

The NSA Has Done Little to Prevent the Next Edward Snowden (Motherboard) Maybe this is why there are a bunch of alleged NSA hacking tools floating around the internet.

How Michael Flynn’s Disdain for Limits Led to a Legal Quagmire (New York Times) Fired by the military, Mr. Flynn tried to build a lucrative consulting business. Instead, he sparked a scandal.

Booz Allen Hamilton Hit With Lawsuit Over Alleged Misleading Of Investors (ValueWalk) Booz Allen Hamilton discovery of the foregoing conduct would subject the Company to heightened regulatory action on

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Naval Future Force Science and Technology Expo (Washington, DC, USA, June 20 - 23, 2017) The Office of Naval Research’s (ONR) biennial 2017 Naval Future Force Science and Technology (S&T) EXPO will take place July 20-21, 2017. The Expo is the premier S&T event for the Navy and Marine Corps...

Borderless Cyber USA (New York, New York, USA, June 21 - 22, 2017) Borderless Cyber is an international, executive-level conference series that began in 2015. It’s designed to bring together the private sector and policy makers to evaluate, debate, and collaborate on...

Global Insider Threat Summit (London, England, UK, June 22, 2017) Companies are spending millions on cybersecurity, but breaches are still on the rise. Multinational enterprises, small businesses, healthcare organizations, and even national governments are all feeling...

Chertoff Group Security Series: Security in the Boardroom (East Palo Alto, California, USA, June 22, 2017) The Chertoff Group Security Series will aim to enhance and add to the Security in the Boardroom conversation by applying our insights into technology, threat, and policy to help executives respond to the...

Cyber Week (Tel Aviv, Israel, June 25 - 29, 2017) Bringing together international cybersecurity experts and enthusiasts, Cyber Week provides the opportunity to gain insight into the latest global developments in cybersecurity. The conference welcomes...

cybergamut Tech Tuesday (Elkridge, Maryland, USA, June 27, 2017) The cyber security universe remains an increasing and dynamic threat to the American national infrastructure. This presentation provides a quantitative analysis of the attacks seen by IBM and the thousands...

O’Reilly Artificial Intelligence Conference (New York, New York, USA, June 27 - 29, 2017) From bots and agents to voice and IoT interfaces, learn how to implement AI in real-world projects, and explore what the future holds for applied artificial intelligence engineering.

SIA GovSummit (Washington, DC, USA, June 28 - 29, 2017) The 2017 SIA GovSummit focuses on how government leverages security technologies to drive success across a wide spectrum of missions. Held annually in Washington, the Security Industry Association's government...

2017 Community College Cyber Summit (C3S) (National Harbor, Maryland, USA, June 28 - 30, 2017) 3CS is the only national academic conference focused on cybersecurity education at community colleges. Four tracks are available for college faculty and administrators, IT faculty who are involved or who...

Cyber Security Summit: DC (Washington, DC, USA, June 29, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: DC. Receive 50%...

SINET New York connects the United States’ three most powerful institutions and evangelizes the importance of industry, government and academic collaboration on security initiatives. (New York, New York, USA, June 29, 2017) SINET New York connects the United States’ three most powerful institutions and evangelizes the importance of industry, government and academic collaboration on security initiatives.

CyberSecurity International Symposium (Chcago, Illinois, USA, July 10 - 11, 2017) The Symposium will take an in-depth look at the latest cyber security threats and trends, as well as real-world strategies for securing critical networks and data in enterprise, commercial, government...

East Midlands Cyber Security Conference and Expo (Leicester, England, UK, July 11, 2017) The conference and expo will bring together over 150 businesses, information security providers and key influencers to discuss the threats posed by online criminals and the practical ways in which business...

Electronic Warfare Olympics & Symposium (Colorado Springs, Colorado, USA, July 13 - 14, 2017) The 2017 Electronic Warfare Olympics & Symposium will improve the capability, and marketability, of spectrum warriors by building the local EW/IO community. and bringing awareness to the capabilities in...

3rd Edition CISO Summit India 2017 (Mumbai, India, July 14, 2017) Cyber security has gone through a tremendous change over the last couple of months. Ecosystem disruptions like demonetization, emergence of payment banks and fintech play have put technology as the sine...

CYBERCamp2017 (Herndon, Virginia, USA, July 17 - 28, 2017) Always wondered what “cyber attacks” really are? How a special group of cyber warriors protect and defend our banks, stores, and electric plants every second? Join experts from the FBI and the foremost...

National Insider Threat Special Interest Group - Insider Threat Symposium & Expo (Laurel, Maryland, USA, July 18, 2017) The National Insider Threat Special Interest Group (NITSIG) is excited to announce that it will hold a 1 day Insider Threat Symposium & Expo (ITS&E), on July 18, 2017, at the Johns Hopkins University Applied...

2nd Annual Billington Automotive Cybersecurity Summit (Detroit, Michigan, USA, July 18, 2017) The 2017 Billington Automotive Cybersecurity summit will build on the 2016 inaugural summit that brought together a who’s who of speakers including the CEO of GM and the Secretary of Transportation, prestigious...

SANSFIRE 2017 (Washington, DC, USA, July 22 - 29, 2017) Now is the time to advance your career and develop skills to better protect your organization. At SANSFIRE 2017, choose from over 45 hands-on, immersion-style security training courses taught by real-world...

ISSA CISO Executive Forum: Security Awareness and Training--Enlisting your entire workforce into your security team (Las Vegas, Nevada, USA, July 23 - 24, 2017) The gap in Security skills in the workforce have put the pinch on Security teams. Join us to learn how to get lean by empowering the rest of your organization to understand and manage security risks. We’ll...

AFA CyberCamp (Pittsburgh, Pennsylvania, USA, July 24 - 28, 2017) The AFA CyberCamp program is designed to excite students new to cybersecurity about STEM career opportunities and teach them important cyber defense skills through hands-on instruction and activities.

Cross Domain Support Element Summer Workshop 2017 (Laurel, Maryland, USA, July 25 - 26, 2017) The Unified Cross Domain Services Management Office (UCDSMO) is presenting a two-day workshop for the benefit of the Cross Domain Support Element (CDSE) Offices, and the personnel who support them. Topics...

Black Hat USA 2017 (Las Vegas, Nevada, USA, July 26 - 27, 2017) Now in its 20th year, Black Hat is the world’s leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2017 kicks off with four days...

RSA Conference 2017 Asia Pacific & Japan (Singapore, July 26 - 28, 2017) RSA Conference 2017 Asia Pacific & Japan is the leading information security event in the region. Join us for three days of high quality education, engaging content and valuable networking. Get exposure...

North American International Cyber Summit (Detroit, Michigan, USA, July 30, 2017) In its sixth year, the cyber summit brings together experts from across the globe to address a variety of cybersecurity issues impacting the world of business, education, information technology, economic...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.