skip navigation

More signal. Less noise.

Daily briefing.

Germany's Bundestag was able to fend off an attack on its networks in January. Mounted by unspecified third-parties through a compromised Jerusalem Post site, the attack came during a period of heightened tension and concern over the prospect of influence operations targeting Western European elections. (Such concern continues, with Russian operations prompting the most fear.)

US General Votel, commanding US Central Command (which operates in the Middle East) says ISIS has sophisticated cyber capabilities (meaning, probably, information operations capabilities) but that the US is making significant (unspecified) inroads against those capabilities.

Cisco's efforts ("scramble") to close vulnerabilities in its products disclosed in WikiLeaks' Vault 7 release draw fresh, critical media attention to the US Vulnerabilities Equities Process. Some observers ask why Cisco should have learned about the exploitable bugs from Assange's group and not the US Intelligence Community. (Others think the answer is obvious: CIA is an espionage service interested in collection, not quality assurance.) 

Imperva reports that a new Mirai variant engaged in a fifty-four-hour distributed denial-of-service attack against an unnamed university network in the US.

A market failure in the black market might be regarded as a good thing, but perhaps not in this case: after failing to convince fellow criminals that his attack tool was worth buying, the creator of the NukeBot banking Trojan has simply released his (her?) source code to the world.

US prosecutors charge a State Department employee with "obstructing an official proceeding and making false statements." The underlying case involves spying for China.


Today's issue includes events affecting China, Germany, Israel, Russia, Singapore, South Africa, Spain, Syria, United States.

In today's podcast we hear from our partner Emily Wilson from Terbium Labs. She lays out a timeline of exposed information online. Our guest is Eric Geller, cybersecurity reporter at Politico, with a review of the Trump Administration’s cyber policies, so far.

Special editions of the podcast are also up. See Perspectives, Pitches, and Predictions from RSA, and an overview of how artificial intelligence is being applied to security.

The Cyber Security Summit: Atlanta and Dallas (Atlanta, GA, USA, April 6, 2017) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts.

Jailbreak Security Summit - Insecurity Tools (Laurel, Maryland, USA, April 28, 2017) Join some of the world's best security researchers as they talk about vulnerabilities in security tools at the only computer security event held at a production brewery. Attendance is limited to 100 to keep the Security Summit small and encourage conversation between speakers, attendees, and sponsors.

Dateline SINET ITSEF 2017

The CISO's Challenges: Crooks, Spies, Saboteurs, and Vandals (and the Convergence of the Four) (The CyberWire) The world, SINET Chairman and founder Robert Rodriguez believes, is less secure and more at risk than ever.

What the Russians want: How Russia uses cyber attacks and hybrid warfare to advance its interests (The CyberWIre) What, exactly, do the Russians want? Their very active cyber operations obviously serve state goals, but what are those goals, and how can they inform a Western response?

Federal CISOs are bracing for further cyber cuts in wake of Trump budget (Cyberscoop) A hiring freeze and deep cuts in President Donald Trump's budget has federal CISOs worried.

Cyber Attacks, Threats, and Vulnerabilities

German Parliament Foiled Cyber Attack by Hackers Via Israeli Website (US News & World Report) The German parliament was the target of fresh cyber attacks in January that attempted to piggy-back on an Israeli newspaper site to target politicians in Germany, Berlin's cyber security watchdog said on Wednesday.

Top general: ISIS ‘extraordinarily savvy’ in cyber (TheHill) Gen. Joseph Votel says military making gains in cyber ops.

Cisco learned from Wikileaks that the CIA had hacked its systems (CNBC) The Wikileaks documents describe how the CIA learned how to exploit flaws in Cisco's widely used Internet switches.

A scramble at Cisco exposes uncomfortable truths about U.S. cyber defense (St. Louis Post Dispatch) The company learned of vulnerabilities only after a disclosure by WikiLeaks of CIA hacking tools.

New Mirai Variant Unleashes 54-Hour DDoS Attack (Security Week) New variant of infamous IoT botnet launches attack against network of U.S. college

About 90% of Smart TVs Vulnerable to Remote Hacking via Rogue TV Signals (BleepingComputer) A new attack on smart TVs allows a malicious actor to take over devices using rogue DVB-T (Digital Video Broadcasting — Terrestrial) signals, get root access on the smart TV, and use the device for all sorts of nasty actions, ranging from DDoS attacks to spying on end users.

Millions of Websites Affected by IIS 6.0 Zero-Day (Security Week) More than 8 million websites could be exposed to a buffer overflow vulnerability in Internet Information Services (IIS) 6.0 that has been exploited in the wild since July 2016, researchers warn.

NukeBot Source Code Leaked After Marketing Fail (Security Week) The developer of the NukeBot banking Trojan has decided to release the malware’s source code after he failed to convince the cybercrime community that his creation is worth buying and that he is not a scammer.

This Stealthy Malware Remained Unnoticed for Three Years (Security Week) Stealthy command and control methods allowed a newly discovered malware family to fly under the radar for more than three years, Palo Alto Networks security researchers reveal.

Cyber Criminals Sharing Millions of Higher Education Institutions’ E-mails and Passwords on The Dark Web (Digital Citizens) For the new report, Cyber Criminals, College Credentials, and the Dark Web, Digital Citizens researchers talked with researchers at three cybersecurity companies about sales on Dark Web. Digital Citizens research also talked with a hacktivist who once pub

Potential SSL API flaw could reveal private keys (Tech Target) A researcher claims to have found Symantec SSL API issues with extremely dangerous consequences, but a lack of evidence causes confusion.

Another hole opens up in LastPass that could take weeks to fix (Naked Security) New flaw affects version 4.x across all browsers and platforms – here’s our advice on how to use LastPass safely while we wait for the fix

Security Patches, Mitigations, and Software Updates

Macs and iPhones patched – including 23 kernel-level holes (Naked Security) Yes, we always say, “Patch early, patch often.” But this time, patch even earlier!

Windows 10 Creators Update boosts security and makes 3D more interesting for businesses (GeekWire) Microsoft's Windows 10 Creators Update, set to roll out starting April 11, doesn't include a ton of new features specifically aimed at enterprise users. Th

This 13 year-old teen hacker has found bugs in Microsoft and Google (TechWorm) Meet This 13-Year-Old Hacker Who Has Found Bugs At Some Top Tech Companies He is like every other 13-year-old teenager. However, what makes him stand out a

Cyber Trends

IBM X-Force Finds over 4 Billion Records Leaked in 2016 | NewsFactor Network (News Factor) The number of records compromised by data breaches grew an historic 566 percent in 2016 from 600 million to more than 4 billion, according to IBM Security's X-Force Threat Intelligence Index.

New Research Reveals That 30 Percent Of Malware Attacks Are Zero Day Exploits - Information Security Buzz (Information Security Buzz) WatchGuard Launches New Quarterly Internet Security Report Embargoed. Thirty percent of malware can be classified as new or zero-day because it cannot be caught by legacy antivirus solutions, according to research published today in WatchGuard’s first Quarterly Internet Security Report, which explores the latest computer and network security threats affecting SMBs and distributed enterprises. The results …

Analysis of Top Malware and Internet Attacks (Watchguard) WatchGuard’s Threat Lab (previously the LiveSecurity Threat Team) is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.

Cloud & IoT; Or, How I Learned to Stop Worrying About Security & Love Innovation (Alien Vault) In technology circles, the term ‘disruption’ is often thrown around with reckless abandon.

The Next Big War Will Turn on AI, Says US Secret-Weapons Czar (Defense One) William Roper says the military must get better at feeding the voracious learning algorithms that will fight future battles.

Dealing with cyber vulnerabilities of US weapons systems [Commentary] (Defense News) While the Trump administration should be lauded for tackling our broken-down weapons platforms, no funds appear to be directed at identifying and fixing the biggest cyber vulnerabilities.

Cyber-security experts warn of risk of "massive attack" in South Africa (The South African) We might be increasingly connected, but we're also increasingly at risk.


Brexit countdown leaves British defense industry uneasy (Defense News) The two-year countdown to Britain’s withdrawal from the European Union has been officially triggered by Prime Minister Theresa May.

ICIT attacks shoddy attribution skills of APT-focused security vendors (SC Magazine UK) The Institute for Critical Infrastructure Technology's senior fellow James Scott has claimed that

Akamai buys software startup Soasta (ZDNet) Akamai said it plans to integrate Soasta's technology into its web performance solutions portfolio.

root9B Holdings Closes Secured Note Financing (PRNewswire) root9B Holdings, Inc. (Nasdaq: RTNB) ("RTNB") today announced the closing of the final tranche of its previously disclosed private placement financing consisting of secured convertible promissory notes and common stock purchase warrants for net proceeds of $2.25 million.

IDentrix Rebrands As Endera To Reflect Analytics-Based Approach To Insider Threat Risk For Businesses (BusinessWire) IDentrix, LLC, a leading provider of identity-based risk alerts solutions, announced today that it will change its name to Endera, effective immediate

FireEye Jumps 22.9% - Much More To Come (Seeking Alpha) All-time low to 22.9% gain in two weeks heralds the beginning of a new long-term uptrend. Time analysis indicates this cyclical stock is due for long-term upswing

SingTel aggressively moves to be an integrated telecoms service provider (Singapore Business Review) It’s sealing big deals with OTT, digital service providers.

What it takes to become an information assurance analyst (CSO Online) This in-demand role calls for a rare combination of superior communication skills and security chops. Learn how one information assurance analyst landed his current job, the skills and training that helped him get there, and where his sights are set now.

Products, Services, and Solutions

Nominum Partners with Malwarebytes to Add Remediation Options to its Network Protection and Device Security Solutions for Service Providers (Marketwired) Combination of Nominum N2 product suite with Malwarebytes brings closed loop security experience to subscribers with infected devices

Core Security Expands CoreLabs' Research to Encompass Vulnerabilities, Attack Paths, Identity, Network Threats and Data Science (PRNewswire) Core Security®, a leader in Vulnerability, Access Risk Management and...

Acronis Announces Active Protection, Adds Plesk, cPanel, Website Backup to Acronis Backup Cloud, Opens New Revenue Opportunities to Service Providers (Yahoo! Finance) Rapid adoption of cloud-based services and exponential data growth in the recent years have exposed a need for fast, powerful, and integrated data protection solutions. Backup is king, and Acronis, a global leader in hybrid cloud data protection and storage...

CUJO Internet Security Firewall for Smart Devices (The Windows Club) CUJO Smart Internet Security Firewall will keep all your Smart & Internet of Things (IoT) devices safe from hackers & malware. Read CUJO firewall review.

Sophos Taps March Communications to Elevate Reputation as Next-Gen Security Brand (Yahoo! Finance) Technology PR agency, March Communications, announced today that it has been selected by Sophos to serve as its North American PR agency of record. Sophos is a leading provider of next-generation network and endpoint security solutions.

Radware Launches DDoS Protection for Applications Hosted on Amazon Web Services and Azure (GlobeNewswire News Room) Expands Cloud Services Suite with New, Fully Managed Service that Provides Full Network and Application-Layer DDoS Protection for Public Cloud Providers AWS and Azure

Bitdefender adds security virtualisation and hunts for partners (MicroscopeUK) As Bitdefender launches a new security system for the age of virtualisation, its UK sales boss Jamie Pearce, explains why its partners are going to have to work harder

New IBM security tool uses machine learning to help businesses detect phishing - TechRepublic (TechRepublic) A new solution from IBM Trusteer automates website classification and can help label phishing websites 250% faster than traditional methods.

Imperva Protects Largest School District in Inland Southern California from Website Attacks (Yahoo! Finance) Imperva, Inc. , committed to protecting business-critical data and applications in the cloud and on-premises, today announced that the Corona-Norco Unified School District is using the Imperva Incapsula service to protect its 20 websites.

OPSWAT and Micromouse Form Partnership to Offer Security Solutions to Spanish Market (PRWeb) OPSWAT and Micromouse are working together to make the most effective cyber security solutions available to organizations in Spain.

IRONSCALES Partners with Check Point to Improve Automatic Detection & Remediation of Email Security Threats (PRWeb) Combination of cyber security technologies to help organizations fight the proliferation of targeted phishing attacks through automatic forensics and response to suspicious emails.

Equifax, Experian, and TransUnion to Offer Free Credit Security Freezes for Active Duty Military (PRNewswire) The Consumer Data Industry Association (CDIA) today announced that the...

Qualys Delivers Continuous Security and Compliance to Google Cloud Platform Customers (Yahoo! Finance) Qualys, Inc . (NASDAQ: QLYS), a pioneer and leading provider of cloud-based security and compliance solutions, today announced that it has extended ...

TransPerfect Takes Debut Award at Digital Identity Summit (Yahoo! Finance) TransPerfect, a leading provider of technology solutions for global business, announced that it has been named as the recipient of the Digital Identity Excellence Award in the Debut category at the Digital Identity Summit hosted by ThreatMetrix®, The Digital Identity Company.

Bay Dynamics Adds Value to Risk Fabric (eSecurity Planet) Bay Dynamics' latest security release looks at potential losses from security risks to help IT departments set priorities.

Technologies, Techniques, and Standards

DISA Cyber Program Focuses on Operational Risk (SIGNAL Magazine) A new DISA cyber assessment program provides a greater understanding of mission operational risks and cybersecurity postures.

40% of industrial computers were hacked in 2016, here are 5 ways to protect your business - TechRepublic (TechRepublic) Two out of five industrial computers faced cyberattacks in the second half of 2016, according to Kaspersky Lab, and the risk is increasing. Here's how to prevent these attacks.

Migrate, Manage, Protect: Organizations’ Journey to Productivity & Collaboration in the Cloud (AvePoint) The cloud is no longer an enterprise anomaly. Wherever you look—the public sector, Fortune 500 corporations, Main Street businesses—organizations are turning to cloud systems to scale their operations, increase their employees’ productivity, and facilitate innovation around their products, services, and customer experiences.

Research and Development

Oxford University using quantum cryptography to revolutionise mobile payments security (International Business Times UK) The system uses ultra-fast light pulses to securely transmit quantum keys between devices and payment terminals.

Secrecy obligation for the digital piggy bank ( "Do you collect bonus points?" This question is part of daily purchasing routine. More than 80% of German households participate in bonus programs. They run the risk of disclosing sensitive information about themselves, if such a system is misused. For this reason, the Cryptography and Security Group of Karlsruhe Institute of Technology (KIT) develops a digital bonus and payment system that protects anonymity of clients, but also offers the added values desired by operators.

Legislation, Policy, and Regulation

UAE Government encouraged to make national resilience a strategic imperative (CPI Financial) The growing number of natural and man-made disasters around the world–from earthquakes and floods to recent cyberattacks against organisations–highlights the need for GCC countries to adopt a National Resilience framework, according to a Booz Allen Hamilton report titled Building National Resilience.

Cyber Changed War, But The Causes And Conduct Of Conflict Remain Human (The Huffington Post) Security in the century ahead will depend more on our moral imagination than it will on amazing technological breakthroughs.

Former NSA director Michael Hayden: Be ready for worldwide shakeups (Palm Beach Daily News) You don’t need to have done a stint as the head of the National Security Agency or the CIA to...

Litigation, Investigation, and Law Enforcement

State employee charged in FBI probe (TheHill) A State Department employee pleaded not guilty in court on Wednesday after being charged in an FBI investigation, the Department of Justice announced.

State Department Employee Arrested and Charged With Concealing Extensive Contacts With Foreign Agents (US Department of Justice) A federal complaint was unsealed today charging Candace Marie Claiborne, 60, of Washington, D.C., and an employee of the U.S. Department of State, with obstructing an official proceeding and making false statements to the FBI, both felony offenses, for allegedly concealing numerous contacts that she had over a period of years with foreign intelligence agents.

Senate hearing to focus on Russian disinformation tactics (WTOP) Some tactics Russia used to meddle in last year’s presidential election would give shivers to anyone who believes in American democracy, the Senate intelligence committee’s top Democrat says. Sen. Mark Warner of…

Senate intel committee to hold 20 interviews in Russia probe (Military Times) The Senate Select Intelligence Committee’s investigation into Russian interference in the 2016 election will move into the interview phase next week, with 20 people expected to talk to Senate investigators about Russia’s role in President Donald Trump’s win and possible ties to the campaign, the heads of the committee said Wednesday.

Report: NSA Ready To Share Intel Docs With Congress But DNI Blocking Transfer (The Daily Caller) The National Security Agency is ready to distribute intelligence documents related to intelligence intercepts of Trump transition team associates, but the Director of National Intelligence is blocking

Senator Wants Answers From Opposition Research Firm Behind Trump Dossier (The Daily Caller) The head of the Senate Judiciary Committee hopes to unmask the identity of the Republican and Democratic political operatives who financed the opposition research of Donald Trump that ended up in a sa

Who is ‘Source D’? The man said to be behind the Trump-Russia dossier’s most salacious claim. (Washington Post) The story of Sergei Millian illustrates the challenge confronting the FBI as it seeks to separate fact from fiction.

Lawmakers scathing over FBI’s facial recognition database (Naked Security) Around half of all Americans are in the FBI’s database, and most don’t have any criminal history at all

Russian Pleads Guilty to Role in Linux Botnet Scheme (Security Week) Maxim Senakh, 41, of Velikii Novgorod, Russia, pleaded guilty on Tuesday before a U.S. judge to charges related to an international scheme involving the Linux botnet known as Ebury.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

2nd Annual Billington International Cybersecurity Summit (Washington, DC, USA, March 30, 2017) The 2nd Annual Billington International Cybersecurity Summit on March 30, 2017 at the National Press Club in Washington, DC will feature over 300 world class cybersecurity decision-makers from allied nations...

Yale Cyber Leadership Forum: Bridging the divide between law, technology, and business (New Haven, Connecticut, USA, March 30 - April 1, 2017) The Yale Cyber Leadership Forum will take place on Yale University's campus and will focus on bridging the divide between law, technology and business in cybersecurity. With McKinsey & Company as our knowledge...

WiCyS 2017: Women in Cybersecurity (Tucson, Arizona, USA, March 31 - April 1, 2017) The WiCyS initiative has, since 2013, become a continuing effort to recruit, retain and advance women in cybersecurity. It brings together women (students/faculty/researchers/professionals) in cybersecurity...

GITECH Summit 2017: Revolution of Solutions (Annapolis, Maryland, USA, April 2 - 4, 2017) The GITEC Summit “Revolution of Solutions: Transforming Government” will be held April 2-4, 2017 at the Westin Annapolis. This year’s summit will focus on the continued transition and transformation surrounding...

SeaAirSpace (National Harbor, Maryland, USA, April 3 - 5, 2017) The Navy League's Sea-Air-Space Exposition brings the U.S. defense industrial base, private-sector U.S. companies and key military decision makers together for an annual innovative, educational, professional...

InfoSec World Conference and Expo 2017 (ChampionsGate, Florida, USA, April 3 - 5, 2017) The conference will feature security practitioners who speak from experience on the real-world challenges companies are facing today. The conference is most suitable for those whose responsibilities include...

Cyber Security Summit: Atlanta (Atlanta, Georgia, USA, April 6, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Atlanta. Receive...

SANS 2017 (Orlando, Florida, USA, April 7 - 14, 2017) Success in information security requires making a commitment to a career of learning, from the fundamentals to advanced techniques. To put you firmly on that learning path, join us at SANS 2017 in Orlando,...

Unprecedented Counterintelligence Threats: Protecting People, Information and Assets in the 21st Century. (Arlington, Virginia, USA, April 10, 2017) This full day symposium will provide insights into evolving threats to the nations security and identify effective ways of addressing them. Highlights Include: A keynote address from National Counterintelligence...

Hack In the Box Security Conference (Amsterdam, the Netherlands, April 10 - 14, 2017) Back again at the NH Grand Krasnapolsky, HITB2017AMS takes place from the 10th till 14th of April 2017 and features a new set of 2 and 3-day technical trainings followed by a 2-day conference with a Capture ...

Cyber Warrior Women: Blazing the Trail (Catonsville, Maryland, USA, April 19, 2017) Join the Cybersecurity Association of Maryland, Inc. (CAMI), in partnership with The CyberWire, Fort Meade Alliance, and presenting sponsor Exelon Corporation, for "Cyber Warrior Women: Blazing the Trail."...

ISSA CISO Executive Forum: Information Security, Privacy and Legal Collaboration (Washington, DC, USA, April 20 - 21, 2017) Information Security, Privacy and Legal programs must be closely aligned to be successful in today’s world. Customer and vendor contracts require strong security language. Privacy has moved to the forefront...

International Conference on Cyber Engagement 2017 (Washington, DC, USA, April 24, 2017) Georgetown University's seventh annual International Conference on Cyber Engagement promotes dialogue among policymakers, academics, and key industry stakeholders from across the globe, and explores the...

SANS Baltimore Spring 2017 (Baltimore, Maryland, USA, April 24 - 29, 2017) SANS Institute, the global leader in information security training, today announced the course line-up for SANS Baltimore Spring 2017 taking place April 24 – 29. All courses offered at SANS Baltimore are...

Defence Information 2017 (Cranfield, England, UK, April 26 - 27, 2017) Defence Information 2017 is the major annual communications event of Joint Information Group activities (the JIG reports to the Defence Suppliers Forum) and the Event’s content spans both Information and...

Defence Information 2017 (Cranfield, England, UK, April 26 - 27, 2017) Defence Information 2017 is the major annual communications event of Joint Information Group activities (the JIG reports to the Defence Suppliers Forum) and the Event’s content spans both Information and...

Crimestoppers Conference (Eden Project, Bodelva, St Austell , April 27, 2017) Crimestoppers is organising a major one-day conference designed to help local businesses shore up their online security. A range of expert speakers will pinpoint typical cyber pitfalls to avoid. 80% of...

Atlantic Security Conference (Halifax, Nova Scotia, Canada, April 27 - 28, 2017) Atlantic Canada's non-profit, annual information security conference. AtlSecCon, the first security conference in Eastern Canada focusing on bringing some of the worlds brightest and darkest minds together...

SANS Automotive Cybersecurity Summit 2017 (Detroit, Michigan, USA, May 1 - 8, 2017) SANS will hold its inaugural Automotive Cybersecurity Summit to address the specific issues and challenges around securing automotive organizations and their products. Join us for a comprehensive look...

cybergamut Tech Tuesday: Distributed Responder ARP: Using SDN to Re-Engineer ARP from within the Network (Elkridge, Maryland, USA, and online at various local nodes, May 2, 2017) We present the architecture and initial implementation of distributed responder ARP (DR-ARP), a software defined networking (SDN) enabled enhancement of the standard address resolution protocol (ARP) intended...

Cyber Security Summit in Dallas (Dallas, Texas, USA, May 5, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from Proofpoint, CenturyLink, IBM and more. Register with promo code cyberwire50 for half off...

OWASP Annual AppSec EU Security Conference (Belfast, UK, May 8 - 12, 2017) Welcome to OWASP Annual AppSec EU Security Conference, the premier application security conference for European developers and security experts. AppSec EU provides thought leadership, amazing talks, informative...

SANS Security West 2017 (San Diego, California, USA, May 9 - 18, 2017) Cybersecurity skills and knowledge are in high demand. Cyber attacks and data breaches are more frequent and sophisticated, and organizations are grappling with how to best defend themselves. As a result,...

OWASP AppSec EU (Belfast, Northern Ireland, UK, May 12 - 18, 2017) Welcome to OWASP Annual AppSec EU Security Conference, the premier application security conference for European developers and security experts. AppSec EU provides thought leadership, amazing talks, informative...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.