skip navigation

More signal. Less noise.

Daily briefing.

Be part of the CyberWire story with our new Patron program

We're pleased to announce that it's now possible to become a CyberWire Patron. Your support will help us continue to provide our free cyber security news service, the briefings and podcasts so many have come to use and enjoy. Thanks for your consideration, and as always, thanks for reading and listening. Become a patron today.

Two interesting discoveries were announced this morning. GuardiCore Labs has identified "Bondnet," a botnet said to consist of thousands of servers. So far it's been applied to mining cryptocurrencies, but it seems ready for weaponization into a distributed denial-of-service platform. Fidelis Cybersecurity has announced the reappearance of the Blackmoon banking Trojan, now with a new man-in-the-browser framework. Blackmoon has so far afflicted mostly South Korean financial services.

A widely distributed and unusually plausible phishing episode hit Internet users yesterday afternoon with a spoofed Google Docs email. Like the Pawn Storm (a.k.a. Fancy Bear) techniques Trend Micro recently described, the Google Docs worm was spread by abuse of 0Auth. Google and Cloudflare responded quickly, containing the incident in about an hour, which is being widely praised as a "blue team win," but all would do well to remain on the qui vive.

Trustwave reports that the Carbanak gang has refined its intrusion techniques, using phone call "follow-ups" to see whether phishing marks have opened (and swallowed) the phishbait. Carbanak has also come under suspicion in recent restaurant hacks affecting the Chipotle, Baja Fresh, and Ruby Tuesday chains.

Cerber ransomware now has VM and sandbox evasion capabilities, but extortion is less confined to ransomware than it had been. The Netflix hack is seen as a bellwether: criminals increasingly threaten either DDoS or sensitive information disclosure.

India's Aadhaar national ID system is in trouble. Its legality is under court challenge, and it's believed to have leaked more than one-hundred-thirty-five million individuals' biometric records.

Notes.

Today's issue includes events affecting China, European Union, Germany, India, Democratic Peoples Republic of Korea, Russia, United Kingdom, United States.

A note to our readers: Today, of course, is World Password Day. More importantly, it's also Star Wars Day, and many have taken the opportunity to draw security lessons from Alderann to Tatooine to Scarif, as they do here, here, and here. Enjoy, and may the fourth be with you. 

In today's podcast, we talk with Rick Howard from our partners at Palo Alto Networks. He'll be previewing this evening’s Cybersecurity Canon event (we'll be there, too). Our guest, Andrew Chanin of PureFunds, describes the upcoming Cyber Investing Summit (and we'll be at that one as well).

Who's in Your Cloud? Gaining Visibility Into Your Network and Critical Assets (Webinar, May 11, 2017) Since cloud services are accessible from anywhere, at any time, getting visibility into your cloud activity is critical. Delta Risk experts examine the increasing importance of cloud monitoring and how it can protect your organization.

Cyber Attacks, Threats, and Vulnerabilities

KONNI RAT Eyes North Korea (Infosecurity Magazine) A previously unknown remote administration tool has been uncovered after evading detection by the security community for more than three years.

The Bondnet Army (GuardiCore) GuardiCore Labs has recently picked up Bondnet, a botnet of thousands of compromised servers of varying power. Managed and controlled remotely, the Bondnet is currently used to mine different cryptocurrencies and is ready to be weaponized immediately for other purposes such as mounting DDoS attacks as shown by the Mirai Botnet. Among the botnet’s victims are high profile global companies, universities, city councils and other public institutions.

Blackmoon Rising: Banking Trojan Back with New Framework (Fidelis Cybersecurity) Banking trojans – true to their name – typically steal web credentials from users of financial services websites. Targeted services can include banks, wealth management firms, investment banks, retirement investment services companies and others – essentially any website where money can be accessed and managed.

Carbanak Hackers Refine Intrusion Tactics (Security Week) The prolific Carbanak crime group has refined its intrusion strategy and expanded its arsenal of tools used in attacks, a new Trustwave report reveals.

Thieves drain 2fa-protected bank accounts by abusing SS7 routing protocol (Ars Technica) The same weakness could be used to eavesdrop on calls and track users’ locations.

Attackers exploited SS7 flaws to empty Germans' bank accounts (Help Net Security) Cyber criminals have started exploiting a long-known security vulnerabilities in the SS7 protocols to bypass German banks' two-factor authentication.

Cerber Ransomware Version 6 Gets Anti-Vm and Anti-Sandboxing Features (BleepingComputer) Security researchers have spotted version 6 of the Cerber ransomware, and this new edition continues to add new features, heightening the overall complexity this ransomware family has been showing.

Netflix Incident A Sign Of Increase In Cyber Extortion Campaigns (Dark Reading) Attackers using threats of data exposure and DDoS disruptions to try and extort ransoms from organizations

Concern mounts at Indian ID scheme as portals ‘leak’ 100m people’s details (Naked Security) India’s controversial Aadhaar biometrics ID card scheme is increasingly needed for everything from travel to banking, yet worries are growing about the security of the data held on citizens

India's Aadhaar Biometrics Database Is About to Become a Security Nightmare (BleepingComputer) A report released on Monday by The Centre for Internet and Society reveals that over 135 million records from India's Aadhaar national ID systems have already leaked online.

Someone Hit the Internet with a Massive Google Doc Phishing Attack (Motherboard) PSA: don’t click on random Google Doc links.

Sneaky Gmail phishing attack fools with fake Google Docs app (CSO Online) Google Docs was pulled into a sneaky email phishing attack on Tuesday that was designed to trick users into giving up access to their Gmail accounts.

Google Docs Phishing Attack Abuses Legitimate Third-Party Sharing (Dark Reading) Phishing messages appear nearly identical to legitimate requests to share Google documents, because in many ways, they are.

All your Googles are belong to us: Look out for the Google Docs phishing worm (Ars Technica) An e-mail disguised as a Google Docs share is ingenious bit of malicious phishing.

OAUTH phishing against Google Docs ? beware! (SANS Internet Storm Center) We got several reports (thanks to Seren Thompson, Tahir Khan and Harry Vann) about OAUTH phishing attacks against Google users. The phishing attack arrives, of course, as an e-mail where it appears that a user (potentially even one on your contact list, so it looks very legitimate) has shared a document.

Google Shuts Down Docs Phishing Spree (Threatpost) Google has removed offending accounts involved in a widespread phishing attack today impersonating Google Docs.

Recent Google Docs Phishing attack is a win for Blue Teams (CSO Online) On Wednesday afternoon, social media exploded with reports of a new Phishing attack targeting users of Google Docs. The attack was clever, centered on getting the victim to grant permissions to an application called Google Docs before spreading to the victim's contacts. Fortunately, the attack didn't last long, thanks to the efforts of thoughtful users, Google, and Cloudflare.

It Took Google One Hour to Shut Down Massive Self-Replicating Phishing Campaign (BleepingComputer) A massive phishing campaign took place today, but Google's security staff was on hand and shut down the attacker's efforts within an hour after users first reported the problem on Reddit.

Don’t Open That Google Doc Unless You’re Positive It’s Legit (WIRED) A sneaky new phishing scam has taken Gmail inboxes by storm.

Don’t trust OAuth: Why the “Google Docs” worm was so convincing (Ars Technica) You really think someone would just go on the Internet and tell lies?

Greenwich Schools Warn Parents of Massive Google Cyber Attack (Greenwich Free Press) Phil Dunn, Greenwich Schools Chief Information Officer warns parents: DO NOT click any links containing shared Google Docs until you are instructed to; once you click a link, you authorize the sharing of your contact information and the attack spreads.

WhatsApp appears to have completely broken (The Independent) WhatsApp has completely broken. People are unable to send or receive chats or even load up conversations, according to users. And there doesn't seem to be any easy way of fixing the issue, which is affecting many of its users and is likely a problem with its servers. Problems with the app surged over the last hour, according to the website Down Detector.

WhatsApp was down for two hours and the internet wasn’t happy (The Verge) It's been a bit of a rough day if you enjoy using the internet. Google Docs experienced a widespread phishing attack, sending the internet into panic. Now WhatsApp has been down for more than an...

New iCloud Phishing Scam steals credit card data, access device' camera (HackRead) When it comes to phishing scams, the general concept is that cyber criminals will only send a link to trick users into logging in with their social media...

Fuze collaboration platform exposed online meetings to attackers as a result of 'improper access control' (Computing) Glaring access control flaw meant Fuze meetings were indexed by search engines

Security snafu left Fuze recordings accessible to all (TheINQUIRER) But it's fixed now

WordPress admins, take note: RCE and password reset vulnerabilities revealed (Help Net Security) POC exploit code for an unauthenticated RCE flaw in WordPress 4.6 and info about a password reset 0day vulnerability in v4.7.4 has been released.

Unity 3D Forums Hacked by OurMine Hacking Group (HackRead) The OurMine hackers are back in the news again. This time the group hacked and defaced the official domain of Unity 3D Forums leaving a deface page along with...

Gannett hit with email phishing attack (USA TODAY) The attack was discovered when the perpetrators attempted a fraudulent wire transfer of money.

Researcher: ‘Baseless Assumptions’ Exist About Intel AMT Vulnerability (Threatpost) Embedi, which is behind the Intel AMT vulnerability revealed Monday, seeks to clarify “baseless assumptions” being made about the flaw.

This elite cybercrime group is wreaking havoc on the U.S. restaurant industry (Cyberscoop) A sophisticated hacking group with suspected ties to cybercrime gangs operating in Eastern Europe is now actively targeting and breaching prominent brand-name restaurants in the U.S. A recently disclosed data breach suffered by the Chipotle chain was carried out by hackers linked to a group known as FIN7 or Carbanak Group, CyberScoop has learned. In addition to Chipotle, the hackers appears to be targeting national restaurant franchises Baja Fresh and Ruby Tuesday, according to malware samples and other evidence CyberScoop obtained.

Sabre Warns Hotels: Card Data Potentially Compromised (BankInfo Security) Travel industry software giant Sabre has alerted hotels that its software-as-a-service SynXis Central Reservations system - used by more than 36,000 properties -

Sabre hires Mandiant to probe breach in hotel reservation system (Reuters) Sabre Corp said on Tuesday there had been a breach in its hospitality unit's hotel reservation system and had hired FireEye Inc's Mandiant forensics division to probe the incident.

Centrify calls for two-factor authentication mandate (Scoop) Centrify calls for two-factor authentication mandate after Sabre reveals data breach

Want to get your Android phone purring? Don’t install Full Optimizer (Naked Security) Full Optimizer and its little brother, Full Optimizer Lite, don’t optimize your phone – instead they aggressively deliver ads. Here’s what SophosLabs has learned about these apps

Robots Under Attack: Trend Micro Uncovers New Risks (Infosecurity Magazine) Robots Under Attack: Trend Micro Uncovers New Risks. New report highlights threat to Industry 4.0

Industrial Robots are Hackable: How Do We Fix Them? (Trend Micro: Simply Security) Discuss cyber attacks involving robots and many people might think you’re talking about the latest Hollywood blockbuster to hit the screens. The reality, however, is that industrial robotic systems now form a vital cog in the manufacturing process of everything from silicon chips to cars and even glassware. A new Trend Micro report, Rogue Robots:...

Cyber Trends

Seeing Security from the Other Side of the Window (Dark Reading) From the vantage of our business colleagues, security professionals are a cranky bunch who always need more money, but can't explain why.

The State of Cyber: Dashlane Unveils New Data on America's Passwords (Yahoo! Finance) As part of its campaign, Dashlane conducted an in-depth study of Americans' password habits. Dashlane's new research found that the average American has 150 accounts that require passwords. The company projects the total of number accounts Americans will need passwords for will double to 300

2017 witnessed 5,000-fold decrease in largest spam botnet mailings | Latest News & Updates at Daily News & Analysis (dna) 2017 witnessed 5,000-fold decrease in largest spam botnet mailings - According to Kaspersky Lab’s Spam and phishing in Q1 2017 report, the world's largest spam botnet and Necurs demonstrated a relative decline in its fraudulent mailshot traffic. In December 2016, Kaspersky Lab’s spam traps detected over 35 million fraudulent mail shots but in March 2017 that number fell to almost 7,000.

Small Budgets Cripple Cybersecurity Efforts of Local Governments (Dark Reading) A survey of local government chief information officers finds that insufficient funding for cybersecurity is the biggest obstacle in achieving high levels of cyber safety.

Most Federal Agencies Remain Vulnerable to Cyberattack (Lifezette) Government websites lag woefully behind private sector in speed, usability and security

Majority of workers blindly open email attachments (Help Net Security) The vast majority (82 percent) of users open email attachments if they appear to be from a known contact, despite the prevalence of well-known sophisticate

Rethinking web security against large local attacks (The Mandarin) Cyber research for the Australian financial sector has revealed a significant increase in domestic attacks, suggesting public agencies need to strengthen their upstream defences and no longer rely only on geo-blocking to defend their key data.

Verizon DBIR 2017 loses international contributors (TechTarget) Looking at the overall numbers for the contributors to the Verizon Data Breach Investigations Report (DBIR) from the past five years, it would seem like the amount of partners is hitting a plateau, but looking at the specifics raises questions about international data sharing.

European businesses not seeking help from the security industry ahead of GDPR (Help Net Security) Compliance and GDPR are not seen as important reasons for employing 3rd party security firms, despite the need for knowledge to comply with regulations.

Marketplace

Coalfire Issues First Annual FedRAMP Marketplace Report (Businesswire) Coalfire, a leader in cybersecurity risk management and compliance services, today announced the results of its first annual FedRAMP marketplace repor

General Dynamics makes cybersecurity products acquisition (Washington Business Journal) Falls Church-based General Dynamics Corp. (NYSE: GD) is growing its cybersecurity product line, announcing Tuesday that it had purchased a cyber products division of Phoenix-based Advatech Pacific Inc.

IBM to snap up remnants of Verizon's cloud business (ZDNet) After bowing out of the public cloud last year, Verizon is now shedding its private cloud offerings.

So who is tech giant Palantir? (San Jose Mercury News) Usually swirling in a shroud of secrecy, data mining giant Palantir recently rubbed residents of Palo Alto the wrong way over its use of a public park.

Microsoft, IBM Could Be Subject to New Chinese Security Reviews (TheStreet) Starting in June, China will perform security reviews on both foreign and domestic technology firms providing hardware or services in the country.

ManTech sees 'resurgence' following string of big contract wins (Washington Business Journal) Over the last six months, ManTech has secured key wins with the FBI, the National Geospatial-Intelligence Agency and the Department of Homeland Security.

Science Applications Int'l (SAIC) Secures $27M Task Order from U.S. Marine Forces Cyberspace Command (Street Insider) The Space and Naval Warfare Systems Center (SSC) Pacific awarded Science Applications International Corp. (NYSE: SAIC) a task order to provide the U.S. Marine Corps Forces Cyberspace Command (MARFORCYBER) and subordinate commands, including the Marine Corps Cyberspace Warfare Group and the Marine Corps Cyberspace Operations Group, with comprehensive cyber support services for systems architecture, cyber defense and offense, planning, information assurance, and engineering.

Fortscale Beefs Up Partner Programs, Aims to Recruit More Vendors (Channel Partners) Cybersecurity firm Fortscale says it is expanding and strengthening its partner programs to “fuel company growth and create new revenue streams for

Augusta’s cyber industry has billion dollar a year potential, says CSRA Alliance consultant (Augusta Chronicle) A former executive with the National Cyber Research Park said the Augusta region has the potential to turn its cyber assets into a $1 billion-a-year industry.

Darktrace wins four Stevie® Awards (Cambridge Network) News from Cambridge businesses. Network members upload news here about their products, services and achievements.

Bricata Adds Two More Veteran Cyber Security Executives to Roster (Benzinga) Ability to attract premier talent viewed as additional market validation for a new and unique approach to next generation intrusion prevention and detection

Security software developer FHOOSH names Bill Bonney to executive post (CSO Online) Bonney will help drive CISO solutions and partnerships.

Products, Services, and Solutions

Netwrix Introduces New Netwrix Auditor 9.0 (Netwirx) Upgraded Netwrix Auditor platform enables users to shield their IT infrastructures and data from ransomware and malicious insiders

STEALTHbits Leapfrogs Data Access Governance Market With New Technology (Marketwired) Announces latest release of flagship product -- StealthAUDIT 8.0

Skybox Security: Organizations Must Change Approach to Vulnerability Management to Stay Ahead of Real-World Threats (Yahoo! Finance) Skybox™ Security, a global leader in cybersecurity operations, analytics and reporting, today announced the availability of threat-centric vulnerability management for the Skybox™ Security Suite, signaling ...

SyferLock Joins Pulse Secure’s Technology Partner Program (Technuter) SyferLock Technology Corporation today announced that it has joined Pulse Secure’s Technology Partner Program and has proven interoperability of SyferLock’s GridGuard two-factor and multi-factor authentication solutions with Pulse Connect Secure and Pulse Workspace.

Chiron to Deliver "Information Security Operations Tradecraft Methodology" for Domestic and International Markets (PRNewswire) Chiron Technology Services, Inc. has incorporated a new dedicated...

Code42 Partners with Okta to Secure the Cloud and Protect Employee Data (Yahoo! Finance) Code42, the leader in cloud-based endpoint data protection and recovery, today announced a partnership with Okta to provide enterprise customers with added security and ease for their cloud adoption strategies.

PhishMe Adds New Modules to CBFree to Help All Organizations Thwart Ransomware and Business Email Compromise (Yahoo! Finance) PhishMe , the leading provider of human-phishing defense solutions, today announced the availability of five new interactive modules for its complimentary computer-based training program, CBFree.

Leidos And Fortinet Sign Agreement For Managed Security Services (Defense Daily Network) Leidos and Fortinet signed a partnership agreement allowing Leidos to act as an expert service provider for the Fortinet Security Fabric portfolio, Leidos

Deloitte Cyber Risk Mgmt Service Portfolio Gets NSA Accreditation (GovCon Wire) Deloitte has secured Certified Incident Response Assistance designa

BMC Launches SecOps Response Service for 'Cloudy' Enterprises (eSecurity Planet) The security and compliance platform banishes security blind spots for businesses that have embraced a multi-cloud approach to IT.

Endpoint security can halt the ransomware scourge in its tracks (Security Brief) Ransomware is one of cybersecurity’s biggest problems - attack volumes are skyrocketing by 100% every year and attackers are getting rich.

Darktrace: You can't stop compromise, in fact you're probably compromised right now (Computing) Security firm outlines why traditional security techniques no longer work, with both networks and hacking techniques evolving so rapdily that security teams can't keep up.

Technologies, Techniques, and Standards

Proposed NIST Password Guidelines Soften Length, Complexity Focus (Threatpost) NIST’s latest password guidelines focus less on length and complexity of secrets and more on other measures such as 2FA, throttling, and blacklists.

The long history, and short future, of the password (The Conversation) Going as far back as the Bible, and as widely known as the phrase 'Open, Sesame,' passwords are a textual link to our past. But they may not be around much longer.

World Password Day: Make the Internet a more secure place (Help Net Security) Identity theft is one of the world’s fastest growing crimes, but adding strong authentication to your password can prevent it. Today is World Password Day,

Making security everybody's business goes beyond strong passwords (Help Net Security) Making security everybody’s business means that application owners understand their applications including their user base and the info in those apps.

Threat Intelligence: A Critical Defense Tool for Your Security Operations (Recorded Future) Threat intelligence and information sharing is raising a new kind of awareness around new methods of attack, especially when in combination with your SIEM.

Elite 6 Cyber Winner: Training a force to operate in cyberspace (C4ISRNET) Training a force to operate in cyberspace, a significantly more complex and dynamic environment than other domains, has caused substantial changes in how the Army views traditional training models.

A typical day of attack or ‘an episode’: How DISA battles cyberthreats (C4ISRNET) DISA Director Lt. Gen. Alan Lynn distinguishes between the never-ending responsibility of coordinating cyber defense for the agency, a typical day of attack and a major incident.

Crisis response: Battling through a degraded network (C4ISRNET) The military is increasingly reliant on the network for operations. So what happens when the quality is degraded? Return to the basics, said a panel of leaders from the various services.

Navy: Cyber resilience also means having a plan to operate without a network (C4ISRNET) Defending the Navy’s networks in cyberspace isn’t always about leveraging the latest innovative technology.

RCO: Electronic warfare capability hits European soil (C4ISRNET) The Army’s Rapid Capabilities Office has sent its near-term electronic warfare capability solution to Europe, and soldiers there will get a chance to put it to the test this summer, said RCO Director Doug Wiltsie.

Design and Innovation

The One Hire Facebook Really Needs to Make to Curb Violence (WIRED) By involving ethicists and social scientists in its product-building process, Facebook could better anticipate problems before they fester.

Research and Development

Dissect Cyber Alert For Small Businesses Targeted By Cyber Criminals (Homeland Security Today) To reduce losses from cybercrime, the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) Cyber Security Division (CSD) funded a new research initiative focused on the best way to alert small businesses to potential threats. The project, called Dissect Cyber, is being led by a threat analyst training and alert provider of same name. CSD is part of S&T’s Homeland Security Advanced Research Projects Agency.

Galois Awarded $1 million IARPA Contract To Improve Security Of Data Computation (PRWeb) RAMPARTS initiative to explore feasibility of leveraging fully homomorphic encryption (FHE) to secure data processing in untrusted environments

Academia

Doctoral student wins Best Full Paper Award at national cyber security conference (Oakland University) Ahmad Mansour, a Computer Science and Informatics Ph.D. candidate at Oakland University, recently won the award for Best Full Paper at the 12th annual Cyber and Information Security Research Conference held at the Oak Ridge National Laboratory in Tennessee.

Legislation, Policy, and Regulation

China announces tighter regulations for online news (BBC News) Editors must be government approved, and staff trained, assessed and accredited by the authorities.

China tightens rules on online news, network providers (Reuters) China on Tuesday issued tighter rules for online news portals and network providers, the latest step in President Xi Jinping's push to secure the internet and maintain strict party control over content.

Cabinet Office privacy advisor steps down because of lack of backing (Computing) Jerry Fishenden says Cabinet Office ministers have not been interested in the privacy group since Francis Maude's departure

Pentagon ends civilian hiring freeze, but tells managers to carefully scrutinize all positions (FederalNewsRadio.com) DoD ended the civilian hiring freeze, saying leaders should proceed with decisions to fill positions, but new hires would no longer require permission.

Networking is war fighting, says DISA director (C4ISRNET) The head of DISA notes that the agency assists in war fighting by running DoD's network globally.

Defense intelligence has opportunity to be ‘reimagined’ (C4ISRNET) With the goal of providing military commanders and policy-makers with the best possible analysis, defense intelligence has reached a point where innovations in information technology and cyber present an opportunity to drastically reimagine the entire enterprise, according to a Defense Intelligence Agency expert.

What is the Army doing to assure GPS and navigation? (C4ISRNET) All domains of war will be contested. This is the notion of multi-domain battle. And it includes the GPS signals that the military and the commercial world — think everyday navigation for ride-hailing app Uber — are so reliant upon for location and timing of operations.

The FBI Director Thinks a Law Against Encryption Is Possible Under Trump (Motherboard) The director of the FBI James Comey once again leaves the door open for a law that forces tech companies to put backdoors into their products.

Litigation, Investigation, and Law Enforcement

India’s Supreme Court hears challenge to biometric authentication system (CSO Online) Two lawsuits being heard this week before India’s Supreme Court question a requirement imposed by the government that individuals should quote a biometrics-based authentication number when filing their tax returns.

As Russia Investigation Widens, U.S. Lawmakers Get Rare Access to Raw Intel (Foreign Policy) The Senate Intel Committee takes a field trip to CIA headquarters.

FBI Director James Comey 'mildly nauseous' Clinton email probe decisions may have impacted election (USA TODAY) FBI Director James Comey staunchly defended his decision to publicly announce the reopening of the probe into Hillary Clinton's private email server 11 days before the November election, telling a Senate panel on Wednesday it would have been the "death of the FBI as an institution in America" had he remained silent about possible new evidence.

Comey on why he sent that letter to Congress (CNN) FBI Director James Comey is testifying before Congress Wednesday, and received several sharp questions on his decision to alert Congress just days before the election that his agency was investigating emails on Anthony Weiner's laptop that were potentially related to a probe of Hillary Clinton's use of a private server.

FBI Boss Comey Finally Explains His Infamous Clinton Letter (WIRED) The most candid look yet at what prompted James Comey to make the Clinton email investigation public right before the election.

Deconstructing Comey's testimony on Clinton emails (BBC News) FBI Director James Comey defends his decision to reopen the Clinton email investigation.

Clinton: FBI Letter and “Russian WikiLeaks” Cost Me Election (Infosecurity Magazine) Clinton: FBI Letter and “Russian WikiLeaks” Cost Me Election. Former frontrunner in no doubt about impact of last minute “events”

Judicial Watch claims more evidence of classified info in Clinton emails (Washington Examiner) "These new emails show Hillary Clinton is a serial violator of various laws concerning the handling of classified material," Judicial Watch...

FBI's Comey dangerous definition of "valid" journalism (Errata Security) The First Amendment, the "freedom of speech" one, does not mention journalists. When it says "freedom of the press" it means the physical printing press...

US Intelligence “transparency report” reveals breadth of surveillance by NSA, others (Ars Technica) Over 151 million call records collected to track 42 targets under new "limited" access arrangement.

IRS, Education Dept. delayed reporting major data breach, lawmakers claim (FederalNewsRadio.com) The House Oversight Committee scolded the IRS and Education Dept. for not sounding the alarm sooner on a major cyber incident.

Tinder orders researcher to remove dataset of 40,000 profile pictures (Naked Security) Faces scraped from Tinder were being used to train artificial intelligence, according to the researcher

Sextortion suspect must unlock her seized iPhone, judge rules (Ars Technica) "For me, this is like turning over a key to a safety deposit box."

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

AFCEA/GMU Critical Issues in C4I Symposium (Fairfax, Virginia, USA, May 24 - 25, 2017) The AFCEA/GMU Critical Issues in C4I Symposium brings academia, industry and government together annually to address important issues in C4I technology and systems R&D. The agenda for 2017 will include:...

Upcoming Events

Cyber Security Summit in Dallas (Dallas, Texas, USA, May 5, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from Proofpoint, CenturyLink, IBM and more. Register with promo code cyberwire50 for half off...

OWASP Annual AppSec EU Security Conference (Belfast, UK, May 8 - 12, 2017) Welcome to OWASP Annual AppSec EU Security Conference, the premier application security conference for European developers and security experts. AppSec EU provides thought leadership, amazing talks, informative...

Law Enforcement and Public Safety Technology Forum (Washington, DC, USA, May 9 - 10, 2017) For the ninth year, AFCEA Bethesda is gathering the law enforcement and public safety IT community. The Law Enforcement and Public Safety Technology Forum will bring together more than 300 executives,...

SANS Security West 2017 (San Diego, California, USA, May 9 - 18, 2017) Cybersecurity skills and knowledge are in high demand. Cyber attacks and data breaches are more frequent and sophisticated, and organizations are grappling with how to best defend themselves. As a result,...

OWASP AppSec EU (Belfast, Northern Ireland, UK, May 12 - 18, 2017) Welcome to OWASP Annual AppSec EU Security Conference, the premier application security conference for European developers and security experts. AppSec EU provides thought leadership, amazing talks, informative...

EnergySec Security Education Week (Austin, Texas, USA, May 14 - 19, 2017) The Energy Sector Security Consortium, Inc.'s Security Education Week is designed for early to mid career cybersecurity professionals currently employed at electric utilities in North America. Students...

K(no)w Identity Conference (Washington, DC, USA, May 15 - 17, 2017) To converge identity experts from across all industries in one space, to be at the nexus of ideas and policies that will fundamentally change identity around the world. Provides business leaders, privacy...

Global Cybersecurity Innovation Summit Advancing International Collaboration (London, England, UK, May 16 - 17, 2017) SINET – London creates a forum to build and maintain international relationships required to foster vital information sharing, broad awareness and the adoption of innovative Cybersecurity technologies.

Public Sector Cyber Security Conference: Defending the Public from Cyber-Attacks (Salford, England, UK, May 17, 2017) Join us for the Public Sector Cyber Security Conference where leading experts will explain how to protect the vital services provided by central Government, local councils and the NHS. Learn how to safeguard...

PCI Security Standards Council: 2017Asia-Pacific Community Meeting (Bangkok, Thailand, May 17 - 18, 2017) Two days of networking and one-of-a-kind partnership opportunities await you. Whether you want to learn more about updates in the payment card industry or showcase a new product, you’ll find it all at...

2017 Georgetown Cybersecurity Law Institute (Washington, DC, USA, May 17 - 18, 2017) It is more important than ever that in-house and outside counsel stay abreast of the most current developments and best practices in cybersecurity. At our Institute you will receive insights on the best...

Northsec Applied Security Event (Montreal, Québec, Canada, May 18 - 21, 2017) The conference will feature technical and applied workshops hosted in parallel for the most motivated attendees. Topics include application and infrastructure (pentesting, network security, software and/or...

SANS Northern Virginia - Reston 2017 (Reston, Virginia, USA, May 21 - 26, 2017) This event features comprehensive hands-on technical training from some of the best instructors in the industry and includes courses that will prepare you or your technical staff for DoD 8570 and GIAC...

Enfuse 2017 (Las Vegas, Nevada, USA, May 22 - 25, 2017) Enfuse™ is a three-day security and digital investigations conference where specialists, executives, and experts break new ground for the year ahead. Enfuse offers unsurpassed networking opportunities,...

2017 Cyber Investing Summit (New York, New York, USA, May 23, 2017) The 2nd Annual Cyber Investing Summit is an all-day conference focusing on investing in the $100+ billion dollar cyber security industry. Attendees will explore the financial opportunities, trends, challenges,...

Citrix Synergy (Orlando, Florida, USA, May 23 - 25, 2017) Learn how to solve your IT flexibility, workforce continuity, security and networking challenges—and power your business like never before—with the workspace of the future.

AFCEA/GMU Critical Issues in C4I Symposium (Fairfax, Virginia, USA, May 24 - 25, 2017) The AFCEA/GMU Critical Issues in C4I Symposium brings academia, industry and government together annually to address important issues in C4I technology and systems R&D.

SECON 2017 (Jersey City, New Jersey, USA, May 25, 2017) Social engineering impacts security. (ISC)2 New Jersey Chapter is a 501(c)(3) not-for-profit charitable organization. Our chapter’s mission is to disseminate knowledge, exchange ideas, and encourage community...

Cyber Southwest (Tucson, Arizona, USA, May 27, 2017) CSW will be dedicated to furthering the discussion on cyber education and workforce development in Arizona, healthcare cybersecurity, and technical training in areas such as threat intelligence, insider...

SANS Atlanta 2017 (Atlanta, Georgia, USA, May 30 - June 4, 2017) Learn the most effective steps to prevent attacks and detect adversaries with actionable techniques that you can directly apply when you get back to work. Take advantage of tips and tricks from the experts...

Cyber Security Summit: Seattle (Seattle, Washington, USA, June 1, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Seattle. Receive...

Cyber Security Summit: Seattle (Seattle, Washington, USA, June 1, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Seattle. Receive...

SANS Houston 2017 (Houston, Texas, USA, June 5 - 10, 2017) At SANS Houston 2017, SANS offers hands-on, immersion-style security, security management, and pen testing training courses taught by real-world practitioners. The site of SANS Houston 2017, June 5-10,...

Infosecurity Europe 2017 (London, England, UK, June 6 - 8, 2017) Infosecurity Europe is the region's number one information security event featuring Europe's largest and most comprehensive conference programme and over 360 exhibitors showcasing the most relevant information...

Cyber 8.0 Conference (Columbia, Maryland, USA, June 7, 2017) Join the Howard County Chamber of Commerce for their 8th annual cyber conference, where they will explore innovation, funding, and growth. Participants can expect riveting discussions from cyber innovators...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.