skip navigation

More signal. Less noise.

How are you handling your cloud monitoring and security?

Cloud providers offer many security measures, but you’re ultimately responsible for securing your own data. While 53% of organizations are training their staff to manage cloud security, 30% of organizations plan to partner with an MSP. In our new white paper, we discuss the considerations you need to make before choosing a solution.

Daily briefing.

As journalists and others continue to sift through the Paradise Papers, the large trove of documents stolen and leaked from Appleby, a Bermuda law firm serving high-net-worth individuals and various corporations, the optics aren't good. It's unclear that any laws were broken (except by the unknown parties who obtained the leaked documents by unknown means) but the appearance of widespread tax avoidance by offshoring wealth is an unpleasant one. Much comment is drawn by the appearance of prominent public figures (the British Royal Family, the Canadian Prime Minister, various British politicians and Russian oligarchs, US political figures who evidently had to do with Russian oligarchs, etc.).

Apple is among the corporations mentioned in the leaks, and Apple says that its own use of various instruments available in the Channel Islands were not intended to avoid paying (for example) Irish taxes, but were in fact an effort to ensure that tax revenues properly went to the United States.

US election authorities keep an eye out for off-year election finagling this week. Not just vote manipulation (a potential risk) but influence operations (a known threat) are of concern. Troll-hunting has proven both difficult and interesting. One Russian troll, a fictitious person known in social media as "Jenna Abrams," had around 70,000 followers and a couple thousand friends. On the other hand, a number of real and innocent people have been booted from social media because the providers mistook them for trolls or catphish.

Symantec has announced its acquisition of VPN provider SurfEasy.


Today's issue includes events affecting Bermuda, China, Estonia, European Union, Finland, Ireland, Bailiwick of Jersey, Republic of Korea, NATO/OTAN, Philippines, Russia, United Kingdom, United States, and Vietnam.

What do AI and machine learning mean for cybersecurity?

We hear about them everywhere in cybersecurity. They sound cutting-edge, but what do they mean? And what value do they add? Find out exactly how significant AI and machine learning are, and how small nuances in their use can make a big difference.

In today's podcast we hear from our partners at Terbium Labs, as Emily Wilson offers some reflections on a recent cyber conference in the Netherlands. Our guest, Wesley Simpson from (ISC)2, makes the case that security is a people problem.

Cyber Security Summit: Boston and Los Angeles (Boston, Massachusetts, USA, November 8, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security on November 8 in Boston and November 29 in Los Angeles. Register with promo code cyberwire50 for half off your admission (Regular price $350).

Insider Threat - How to Unlock the Full Potential of Your Insider Threat Tools (Webinar, November 9, 2017) Insider threats continue to be a growing concern for security professionals. During this webinar, cybersecurity experts will discuss how to implement a holistic monitoring and detection solution to maximize your insider threat capabilities to improve your security posture.

Earn a master’s degree in cybersecurity from SANS (Online, November 21, 2017) Earn a master’s degree in cybersecurity from SANS, the world leader in information security training. Learn more at a free online information session on Tuesday, November 21st, at 1:00pm ET. For complete information on master’s degree and graduate certificate programs, visit

Dateline CyCon US 2017

The Russian group behind the DNC hack has been busy targeting cyber experts (Newsweek) After being called out in a speech at a cybersecurity conference, the Russian hackers have been targeting experts with emails mimicking invitations for this year's event.

What governments can learn from the original Russian cyber attack (FCW) Ten years after Estonia's networks came under siege from a Russian botnet, a group of officials gathered to discuss how the incident helped shape the future of cyber warfare.

In Finland, Mattis backs creation of a hybrid warfare center focused on Russia (Washington Post) Finland shares an 830-mile border with Russia and pays keen attention to Moscow’s actions.

Cyber Attacks, Threats, and Vulnerabilities

Pirates of the Caribbean: 66 years of secrets dug up in Paradise Papers (SC Media UK) The Queen’s offshore accounts, Russian links to Trump's top administration officials among 13.4 million documents exposed in Paradise Papers.


Russia tried to corrupt the 2016 election - could it do the same Tuesday? ( A cybersecurity expert talkd about the potential for Russia to corrupt voter systems in 2017.

Cognitive Mindhacks: How Attackers Spread Disinformation Campaigns (Dark Reading) Researchers investigate the tools and techniques behind cyber propaganda and fake news and how it changes public opinion.

Vietnam-backed hackers used Philippine president's website for attacks: report (TheHill) A group of hackers alleged to be backed by Vietnam's government compromised more than 100 websites to use in attacks, according to a Monday report from the cybersecurity firm Volexity.

Meet Russian Twitter troll Jenna Abrams and her 2,752 friends (Naked Security) The alt-right blogger had almost 70,000 followers, was an utter fiction, and wasn’t alone.

Twitter employee deleting POTUS account is a lesson for all companies (CSO Online) A trusted insider turned the lights out on Twitter account of President Donald Trump, reminding us all how superuser access can be abused.

Twitter Re-Activated an Account It Told Congress Was Connected to a Russian Troll Farm (Motherboard) Robert Delaware got his account back after the company misidentified him as a Russian troll, but Twitter won't say if this could have happened to others.

Qakbot, Emotet Increasingly Targeting Business Users: Microsoft (Security Week) The Quackbot and Emotet information stealing Trojans have been showing renewed activity over the past several months and are increasingly targeting enterprises, small and medium businesses, and other organizations, Microsoft says.

REDBALDKNIGHT/BRONZE BULTER’s Daserf Backdoor Now Using Steganography (TrendLabs Security Intelligence Blog) We found various versions of the Daserf backdoor, employed by cyberespionage group REDBALDKNIGHT / BRONZE BULTER, using steganography to better hide itself.

Misconfigured Amazon S3 Buckets Expose Users, Companies to Stealthy MitM Attacks (BleepingComputer) Hackers can exploit exposed Amazon S3 buckets to carry out silent Man-in-the-Middle attacks or other hacks on a company's customers or internal staff.

Info on Vulnerable Adults and Victims Leaked by Charity (Infosecurity Magazine) Info on Vulnerable Adults and Victims Leaked by Charity. Scottish Appropriate Adult Network site is still down

British cryptocurrency Electroneum hit by cyber attack after raising £30m (The Telegraph) A UK cryptocurrency startup that raised $40m (£30m) has been hit by a cyber attack that has shut investors out of their accounts for several days.

Have you heard about Bitcoin multipliers? (Help Net Security) Professedly, they are services that multiply any Bitcoin amount you send them by several times, and return to you the total amount after a few hours.

Multi-vector Attack on Android Throws the Kitchen Sink at Victims (Infosecurity Magazine) A banking credential phish is followed by tricking the victim into installing the Marcher banking trojan, and attempts to steal credit-card info.

Comcast Internet service crippled; affecting users across US (HackRead) If you are using Comcast's Internet service and facing issues with your connection then you are not alone, there are millions of people around the United S

How a Tiny Error Caused Internet Outages Across the US (WIRED) A simple misconfiguration spiraled into outages for internet service providers and large internet platforms around the US.

Thought WannaCry was bad? You ain't seen nothing yet, says Sophos (Inquirer) Firm says cyber crims will launch 'more complex' ransomware attacks next year,Security ,Security,ransomware,wannacry,notpetya

DDoS Flaw Found in Brother Printers (Dark Reading) All Brother printers with a Debut Web front-end carry a flaw that allows attackers to distribute a single malformed HTTP POST request, researchers revealed today.

The Internet Sees Nearly 30,000 Distinct DoS Attacks Each Day: Study (Security Week) The incidence of denial-of-service (DoS) attacks has consistently grown over the last few years, "steadily becoming one of the biggest threats to Internet stability and reliability." Over the last year or so, the emergence of IoT-based botnets -- such as Mirai and more recently Reaper, with as yet unknown total capacity -- has left security researchers wondering whether a distributed denial-of-service (DDoS) attack could soon take down the entire internet.

Cyber-attack impact hangs over Maersk’s Q3 earnings (JOC) Maersk is preparing to release its third quarter results that will reflect...

Hackers Leak Nude Photos of WWE Diva Maria Kanellis AGAIN (HackRead) The latest WWE celebrity to have her privacy invaded is 35-year-old Mary Louis Kanellis who goes by her ring name of Maria Kanellis. The immensely popular

It Takes a Buck to Make a Million on the Dark Web (Dark Reading) The cost for malware tools and services can add up, but the returns from cybercrime campaigns can be enormous, says Recorded Future.

Security experts say next major cyberattack could affect the nation’s utilities (Insurance Business) Experts have suggested that state-sponsored hackers could easily shut off America’s utilities using malware

Cyber Trends

GDPR is confusing businesses, claims Trend Micro report (Computing) Businesses are struggling to understand how the GDPR will work, suggests survey

How GDPR affects your organization (Help Net Security) If your do business in Europe or if you have any electronic data associated with EU citizens, you will be required to have “State of the Art" security.

One in four UK workers have maliciously leaked business data (ComputerWeekly) Insider threat research has revealed that 24% of workers purposely shared info with other companies and nearly 50% have received an email by mistake

Security Alerts – A Case of the Boy Who Cried Wolf? (Infosecurity Magazine) Alerts and alarms are designed to draw attention, but when the barrage is constant, it’s easy to become desensitized.


Ransomware cyber insurance "not quite there yet in terms of knowing what to insure" (Computing) The landscape's changing fast, and insurance isn't quite keeping up, argues leading security consultant

Symantec Announces Acquisition of SurfEasy, Inc. (BusinessWire) Symantec Corp. (Nasdaq:SYMC), the world’s leading cyber security company, today announced that it has acquired SurfEasy, Inc., a leading Virtual

Symantec Announces Acquisition of SurfEasy, Inc. (null) Symantec Corp. (Nasdaq:SYMC), the world’s leading cyber security company, today announced that it has acquired SurfEasy, Inc., a leading Virtual

Symantec Announces Acquisition of SurfEasy, Inc. (BusinessWire) Symantec Corp. (Nasdaq:SYMC), the world’s leading cyber security company, today announced that it has acquired SurfEasy, Inc., a leading Virtual

Symantec Announces Acquisition of SurfEasy, Inc. (null) Symantec Corp. (Nasdaq:SYMC), the world’s leading cyber security company, today announced that it has acquired SurfEasy, Inc., a leading Virtual

Germany’s Continental confirms buy of Israel cybersecurity firm Argus (Times of Israel) Financial details of the deal not disclosed, but Hebrew media estimates it at $400m

DigiCert’s acquisition of Symantec’s security business is good news for customers (CSO Online) DigiCert’s already capable team gains some of the industry’s best talent and resources in the area of SSL/TLS certificates and related PKI solutions.

Booz Allen Hamilton boosts headcount in Greater Washington, aims for more acquisitions (Washington Business Journal) The McLean-based company has plans to free up more cash for stock buybacks in the midst of an ongoing Justice Department investigation.

Products, Services, and Solutions

Distil Networks Announces New JavaScript Deployment Option (Distil Networks) New method completes Distil Anywhere Architecture giving enterprises the ability to block bots via a Secure CDN, in the Data Center, on AWS, their own infrastructure, and/or via JavaScript integration

Tracking State-Sponsored Cyber Operations (Council on Foreign Relations) A new database of state-sponsored cyber operations brings more clarity to how states use cyberspace to promote their interests. 

Avira SafeThings™ reimagines home security in the IoT world, without adding another device in the house (Avira Blog) Avira SafeThings™ is a router app and behavioral threat intelligence platform that protects the connected home without additional infrastructure.

Kromtech Security Center Releases S3 Inspector for Amazon S3 Users (MacKeeper™ Security Research Center) Kromtech Security Center Releases Tool to Identify and Prevent Data Leaks for Amazon S3 Users

Malwarebytes tracking missed detections in traditional anti-virus (CSO Online) Tracking real-world scans on systems over the first six months of 2017, Malwarebytes says that typical desktop anti-virus solutions aren't cutting it. The company examined detection data from nearly 10 million endpoints, and discovered some of the most notable names in the anti-virus industry, even those who rank high in lab testing, are missing basic threats completely.

Technologies, Techniques, and Standards

Check These iOS 11 Privacy and Security Settings Right Now (WIRED) Heads up, iPhone owners. iOS 11 comes with a batch of security features that merit your attention.

What is the cyber kill chain? Why it's not always the right approach to cyber attacks (CSO Online) The cyber kill chain breaks down each stage of a malware attack where you can identify and stop it, but be aware of how attack strategies are changing.

When Ransomware Strikes: 7 Steps You Can Take Now to Prepare (Dark Reading) Ransomware is still on the rise. These operational tips can help lessen the blow if you're hit.

Simple Banking Security Tip: Verbal Passwords (KrebsOnSecurity) There was a time when I was content to let my bank authenticate me over the phone by asking for some personal identifiers (SSN/DOB) that are broadly for sale in the cybercrime underground.

The Myth of Security Enabling Your Business (Security Week) Organizations that do not invest even in baseline security are realistically uncompetitive

Design and Innovation

Security, privacy issues we need to solve before non-medical implants become pervasive (Help Net Security) An overview of the current use of medical and non-medical implants, and the security and privacy issues that are likely to arise due to it in the future.

Facebook: upload your nudes to stop revenge porn (Naked Security) WHAAAA???? Stop, breathe… it actually makes sense


Maryland to launch 'NSA Day of Cyber' school challenge (Baltimore Sun) The demand for cybersecurity professionals is growing 12 times faster than the overall job market.

Legislation, Policy, and Regulation

US Combatant Commands With Chinese Flare: The PLA’s New Joint Command Structure (The Diplomat) A China specialist and a military strategist discuss The PLA’s emerging command structure.

Ex-NSA Director Says Companies Should Never Hack Back Because They Could Start Wars (Motherboard) Keith Alexander, the retired general who headed the NSA for nine years, is not a fan of letting companies go after hackers.

Litigation, Investigation, and Law Enforcement

DNC Subpoenaed in ‘Dossier’ Lawsuit (Foreign Policy) Media organization being sued by Russian billionaire tries a new tactic.

Apple has reportedly relocated its international cash to Jersey (TechCrunch) Last year, the EU ordered Apple to pay up to $14.5 billion for illegal tax benefits in Ireland. The company smelled something fishy when Commissioner..

Paradise Papers: Apple and Nike in secret moves to avoid multibillion tax bill (Times) Secret attempts by two of the world’s biggest companies to avoid billions of pounds in tax have been laid bare in leaked papers. Apple and Nike used offshore entities to legally minimise their...

Apple denies offshoring after 'Paradise Papers' revelation (CRN Australia) Says restructure in Ireland was to preserve tax in the US.

Paradise papers: How perceived immorality sometimes trumps criminality in media coverage (IFSEC Global | Security and Fire News and Resources) It’s revealing to compare the media coverage of the Paradise Papers hack to that of other high-profile data thefts. It’s …

Paradise papers: How perceived immorality sometimes trumps criminality in media coverage (IFSEC Global | Security and Fire News and Resources) It’s revealing to compare the media coverage of the Paradise Papers hack to that of other high-profile data thefts. It’s …

Paradise papers: How perceived immorality sometimes trumps criminality in media coverage (IFSEC Global | Security and Fire News and Resources) It’s revealing to compare the media coverage of the Paradise Papers hack to that of other high-profile data thefts. It’s …

Paradise papers: How perceived immorality sometimes trumps criminality in media coverage (IFSEC Global | Security and Fire News and Resources) It’s revealing to compare the media coverage of the Paradise Papers hack to that of other high-profile data thefts. It’s …

Homeless, fugitive hacker seeks asylum in Mexico (CSO Online) A homeless, fugitive member of Anonymous asked Mexico for asylum and 'protection from persecution perpetrated by the government of the USA.'

Ex-Defense Minister Faces Questioning on Cyber Command's Alleged Irregularities (KBS World Radio) Former National Security Adviser Kim Kwan-jin appeared before prosecutors on Tuesday for questioning over the military cyber warfare command’s

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

National Initiative for Cybersecurity Education Conference and Expo (Dayton, Ohio, USA, November 7 - 8, 2017) Cybersecurity has emerged as one of the leading creators of jobs and opportunity for all economic sectors. The demand for cybersecurity positions in both the public and private sector is large and growing,...

RSA Conference 2017 Abu Dhabi (Abu Dhabi, UAE, November 7 - 8, 2017) RSA Conference 2017 Abu Dhabi is the leading information security event in the region. This year's Conference will take place 7 to 8 November at the Emirates Palace in Abu Dhabi. Join us for two days of...

CyCon US (Washington, DC, USA, November 7 - 8, 2017) The 2017 International Conference on Cyber Conflict U.S. (CyCon U.S.) will take place 7-8 Nov 2017 at the Ronald Reagan Building in Washington D.C. CyCon U.S. facilitates knowledge generation and information...

SINET Showcase 2017 (Washington, DC, USA, November 8 - 9, 2017) SINET – Washington DC provides a platform to identify and highlight “best-of-class” security companies that are addressing the most pressing needs and requirements in Cybersecurity. As always, this event...

Cyber Southwest (Tucson, Arizona, USA, November 9, 2017) CSW will focus on creating a positive, unique, and highly productive unification point to further Arizona's developing leadership in cybersecurity. Cyber Southwest is an annual event, and a platform for...

Fourth Annual JLCW Conference (New York, New York, USA, November 9, 2017) The 2017 Journal of Law and Cyber Warfare symposium speakers represent an unparalleled group of cyber security experts with a wide variety of industry expertise and knowledge. Attendees will hear from...

4th Annual Journal of Law & Cyber Warfare Conference (New York, New York, USA, November 9, 2017) Join thought leaders across the industry for a day of collaboration and education with an outstanding group of cyber security experts. In this one-day program, we continue JLCW's 5+ year reputation for...

2017 ICIT Gala & Benefit (Washington, DC, USA, November 9, 2017) The Annual ICIT Gala and Benefit is the year’s most prestigious and intimate gathering of legislative, agency and private sector leaders committed to protecting our Nation’s critical infrastructures. This...

Countermeasure (Ottawa, Ontario, Canada, November 9 - 10, 2017) Now into its sixth year in Ottawa, and consistently advancing in both size and content quality, COUNTERMEASURE continues to be the national capital's premier IT security event. As in years past, attendees...

Sector (Toronto, Ontario, Canada, November 13 - 15, 2017) Illuminating the Black Art of Security. Now entering its 11th year, SecTor has built a reputation of bringing together experts from around the world to share their latest research and techniques involving...

Second Annual Federal IT Security Conference (FITSC)! (Columbia, Maryland, USA, November 14, 2017) The Federal IT Security Institute (FITSI) in partnership with Phoenix TS in Columbia, MD is hosting the second annual Federal IT Security Conference. Speakers from NIST, DHS, the Defense Department as...

Federal IT Security Conference (Columbia, Maryland, USA, November 14, 2017) The Federal IT Security Institute (FITSI) in partnership with Phoenix TS in Columbia, MD is hosting the second annual Federal IT Security Conference. Speakers from NIST, DHS, the Defense Department as...

2017 Capital Cybersecurity Summit (Tysons Corner, Virginia, USA, November 14 - 15, 2017) Join cyber experts from the FBI, DHS, Palo Alto Networks, Distil, Google, AWS, Tenable and more at the 2017 Capital Cybersecurity Summit. FBI Cyber Division Deputy Assistant Director Howard Marshall and...

Cyber Security Opportunities in Mexico Webinar (Washington, DC, USA, November 15, 2017) Learn about the cyber security opportunities in Mexico. Mexico is ranked 28th out of 164 countries in the ITU's 2017 Global Cyber Security Index. Companies spend approximately 3.5% of their IT budgets...

Aviation Cyber Security (London, England, UK, November 21 - 22, 2017) Join us on November 21/22 in London, England for the Cyber Senate Aviation Cyber Security Summit. We will address key issues such as the importance of information sharing and collaboration, supply chain...

Global Conference on Cyberspace (GCCS) (New Dehli, India, November 23 - 24, 2017) The Global Conference on Cyberspace (GCCS) aims to deliberate on the issues related to promotion of cooperation in cyberspace, norms for responsible behaviors in cyberspace and to enhance cyber capacity...

AutoMobility LA (Los Angeles, California, USA, November 27 - 30, 2017) The Los Angeles Auto Show Press & Trade Days and Connected Car Expo have MERGED to form AutoMobility LA, the new auto industry’s first true trade show. Register to join us in Los Angeles this November.

INsecurity (National Harbor, Maryland, USA, November 29 - 30, 2017) Organized by Dark Reading, the web’s most trusted online community for the exchange of information about cybersecurity issues. INsecurity focuses on the everyday practices of the IT security department,...

INsecurity (National Harbor, Maryland, USA, November 29 - 30, 2017) INsecurity is for the defenders of enterprise security—those defending corporate networks—and offers real-world case studies, peer sharing and practical, actionable content for IT professionals grappling...

Cyber Security, Oil, Gas & Power 2017 (London, England, UK, November 29 - 30, 2017) ACI’s Cyber Security - Oil, Gas, Power Conference will bring together key stakeholders from energy majors and technology industries, to discuss the challenges and opportunities found in the current systems.

Cyber Security Summit Los Angeles (Los Angeles, California, USA, November 30, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Los Angeles. Receive...

cyberSecure (New York, New York, USA, December 4 - 5, 2017) cyberSecure is a unique cross-industry conference that moves beyond the technology of cyber risk management, data security and privacy. Unlike other cybersecurity events, cyberSecure brings together corporate...

National Insider Threat Special Interest Group Meeting (Virginia Chapter) (Herndon, Virginia, USA, December 5, 2017) The National Insider Threat Special Interest Group (NITSIG) is excited to announce it has established a Virginia Chapter. NITSIG Members and others may attend meetings at no charge. Attendees will receive...

Cyber Security Indonesia 2017: Shaping National Capacity for Cyber Security (Jakarta, Indonesia, December 6 - 7, 2017) Cyber Security Indonesia 2017 exhibition and conference, brought to you by the organisers of the Indonesia Infrastructure Week, will bring cyber security solutions providers together with key government...

Third International Conference on Information Security and Digital Forensics (ISDF 2017) (Thessaloniki, Greece, December 8 - 10, 2017) A 3 day event, with presentations delivered by researchers from the international community, including presentations from keynote speakers and state-of-the-art lectures.

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.