skip navigation

More signal. Less noise.

Looking for an introduction to AI for security professionals?

Your wait is over. A new book is out from the Cylance data science team, covering artificial intelligence and machine learning techniques in practical situations to improve the security professional’s ability to thrive in a data driven world. Whether you are reviewing logs or analyzing malware, being able to derive meaningful results and improve productivity is key. Order your free copy today.

Daily briefing.

A group of anti-ISIS Muslim hacktivists, "Daeshgram," has succeeded in breaking into ISIS news agency Amaq, and introducing fake news into Amaq's sites. Their goal, they say, is to contribute to the discrediting of ISIS by flooding Amaq users with bogus and scandalous, yet plausible, content. They have attempted to craft the fake news for believability (announcements that an ISIS radio station had been destroyed in an airstrike, things like that). ISIS handed Daeshgram a victory when it told followers not to trust links presented in Amaq. 

ISIS struck a Sufi mosque in Egypt over the weekend, killing more than 300 worshippers, many of them children. An attack on a mosque is unusual for the terrorist group, but they've been denouncing Sufism online for some time.

Observers note with misgivings an increase in North Korean university training on blockchain technology. Recorded Future, for example, dismisses the notion that this is an innocent intellectual trend. Most see the training as a harbinger of more attempts to loot Bitcoin and other cryptocurrencies on behalf of the Pyongyang regime. Criminal interest in cryptocurrency theft is rising across the board. The SANS Institute has been blogging about an increase in scans for Bitcoin and Ethereum wallets.

Imgur, the image-sharing service, disclosed Friday that it had been hacked in 2014, losing some 1.7 million email addresses and passwords, probably to brute-forcing. Researcher Troy Hunt discovered the breach on Thursday and immediately informed Imgur. Their swift disclosure is being widely commended. (Detection, of course, was slow.)


Today's issue includes events affecting Australia, Egypt, European Union, India, Democratic Peoples Republic of Korea, Republic of Korea, Oman, Pakistan, Russia, Saudi Arabia, United Kingdom, United States.

Your cyber security posture is right of boom.

Whether you're focused on IT or national security, exploits and data loss incidents put your mission at risk. Your current tools assess and analyze content after it's breached your network - they all work right of boom. It's only a matter of time until boom happens to you. Don't let it.

In today's podcast, we hear from our partners at the University of Maryland's Center for Health and Homeland Security, as legal expert Ben Yelin talks about the US Cyber Crime Fighting Act recently signed by President Trump.

Cyber Security Summit: Los Angeles (Los Angeles, California, USA, November 29, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security on November 29 in Los Angeles. Register with promo code cyberwire50 for half off your admission (Regular price $350).

Earn a master’s degree in cybersecurity from SANS (Online, December 21, 2017) Earn a master’s degree in cybersecurity from SANS, the world leader in information security training. Learn more at a free online information session on Thursday, December 21st, at 12:00pm noon ET. For complete information on master’s degree and graduate certificate programs, visit

Cyber Attacks, Threats, and Vulnerabilities

Anonymous Muslim Group Confusing ISIS with P[0]rn and Fake News (HackRead) A couple of weeks ago, it was reported that a group of Muslim hackers hacked into the official news website of the so-called Islamic State called Amaq and 

North Korean Citizens Study Cryptocurrencies at Pyongyang University (Bitcoin News) North Korean engagement with bitcoin and cryptocurrency appears to be ever growing, with recent reports indicating that university students are now able to access courses on cryptocurrency in the Hermit Kingdom.

North Korea's bitcoin crash course has experts worried (VICE News) The students at a Pyongyang university once accused of training the state’s hackers have been given a crash course in cryptocurrencies.

Imgur hack: Email addresses, passwords stolen from 1.7M accounts (CSO Online) Imgur, learning it was hacked in 2014, reacted quickly to notify the public that an attacker stole the email addresses and passwords for 1.7 million users.

Imgur Breach Exposes 1.7 Million Users (Infosecurity Magazine) Incident probably occurred back in 2014

There's Some Intense Web Scans Going on for Bitcoin and Ethereum Wallets (BleepingComputer) With both Bitcoin and Ethereum price hitting all-time highs in the past seven days, cyber-criminals have stepped up efforts to search and steal funds stored in these two cryptocurrencies.

9 Fast and Easy Ways To Lose Your Crypto Coins (SANS Internet Storm Center) Looking at the cost of cryptocurrencies this weekend, it looks like many of you will find a few bitcoins under your tree instead of a new game console.

Tether hits back after $31m cryptocurrency hack (Naked Security) The money isn’t out of reach, yet

U.K. NCSC Head Warns of Russian Cyber Threats to Critical Infrastructure (eSecurity Planet) 'Russia is seeking to undermine the international system,' Martin said.

Mirai Activity Picks up Once More After Publication of PoC Exploit Code (BleepingComputer) The publication of proof-of-concept (PoC) exploit code in a public vulnerabilities database has lead to increased activity from Mirai-based IoT botnets, Li Fengpei, a security researcher with Qihoo 360 Netlab, told Bleeping Computer today.

Newly Published Exploit Code Used to Spread Mirai Variant (Threatpost) Qihoo 360 Netlab researchers reported on Friday that they are tracking an uptick in activity associated with what it said is a variant of the Mirai botnet.

Necurs used to infect computers with Scarab ransomware (SC Media UK) A new strain of ransomware has been discovered that is being distributed by the Necurs botnet, according to security researchers.

Troldesh Nabs Top Ransomware Spot (Infosecurity Magazine) Bitdefender found that during 2017 alone, the number of new major ransomware families surpassed 160.

Ransomware surges again, as cybercrime-as-a-service becomes mainstream for crooks zdnet (Science and Technology) Purchase cybercrime-as-a-advantage apparatus championing intimidation much as malware and DDoS is no yearner upright something championing small equable or ambitious hackers digital image file. Organized crook pack are enchanting work of these help as the clandestine crook scene at to beautify another professionalised and fully fledged.

Disdain exploit kit and a side of social engineering deliver Neutrino Bot (The Programmings) Today we picked up new activity from an exploit kit that was first discovered back in August of this

SAML Post-Intrusion Attack Mirrors ‘Golden Ticket’ (Threatpost) A proof-of-concept attack demonstrates how adversaries can abuse the Security Assertion Markup Language framework to go unnoticed and assume multiple user identities.

A Hacking Group Is Already Exploiting the Office Equation Editor Bug (BleepingComputer) A week after details about a severe Microsoft Office vulnerability came to light, at least one criminal group is now using it to infect users.

Uber boss allegedly knew about hack (Computing) Uber's recently appointed CEO reportedly knew about the recent hack

Should Uber believe the hackers who say they deleted stolen data? (NBC News) Uber is confident the hackers kept their word - but security experts say it is impossible to know whether something has ever truly been deleted.

Should Uber Users be Worried About Data Hack? (Security Week) The theft of the personal data of 57 million Uber riders and drivers highlights how vulnerable we make ourselves when we install apps on our mobile phones and tablet computers.

Uber's massive security breach: Company faces probes, questions galore (SiliconBeat) Can Uber be trusted? The San Francisco company reportedly paid hackers $100,000 to delete data and keep quiet about the breach.

Devs working to stop Go math error bugging crypto software (Register) Programming language makes some fuzzy big numbers

Name+DOB+SSN=FAFSA Data Gold Mine (KrebsOnSecurity) KrebsOnSecurity has sought to call attention to online services which expose sensitive consumer data if the user knows a handful of static details about a person that are broadly for sale in the cybercrime underground, such as name, date of birth, and Social Security Number. Perhaps the most eye-opening example of this is on display at, the Web site set up by the U.S. Department of Education for anyone interested in applying for federal student financial aid.

Cyber attack risk creates uncertainty for unmanned vessels (Seatrade Maritime News) Read the latest maritime & shipping news from Europe. Including coverage of key shipping markets: London, Hamburg, Rotterdam, Athens, Oslo and Copenhagen

The Meetings Industry Is Not Worried Enough About Cybersecurity (Skift) When news broke in September that the credit-reporting firm Equifax was hacked, compromising the personal data of 143 million people, it was a wake-up call

YouTube Faces Fresh Backlash After Ads Appear Near Pedophile Comments (Wall Street Journal) A fresh wave of advertisers suspended commercials on YouTube after their ads showed up next to videos that appeared to attract pedophile viewers and comments.

YouTube adverts fund paedophile habits (Times) Some of the world’s biggest brands are advertising on YouTube videos showing scantily clad children that have attracted comments from hundreds of paedophiles, The Times can reveal. BT, Adidas...

City's systems to be 'online soon' following cyber attack (The Daily Herald) The city continues its work in restoring its systems after it was attacked by hackers last month, which resulted in the shut down of

Should you risk buying your child smart toys currently on offer? (Help Net Security) As the end-of-the-year holiday season approaches, many security researchers, consumer groups and even governments warn against buying specific smart toys.

Facebook flaw allowed unauthorised users to delete any photo (Graham Cluley) A security researcher found a way of deleting *any* photo on Facebook after the social network rolled out a new polling feature.

It flies, and it snoops: Norway’s pricey F-35s caught sending ‘sensitive data’ to US (RT International) Norway surprised to discover its new fleet of F-35 fighter jets relay 'sensitive data' to US-manufacturer Lockheed Martin.

Security Patches, Mitigations, and Software Updates

Firefox Will Warn Users When Visiting Sites That Suffered a Data Breach (BleepingComputer) Mozilla engineers are working on a notifications system for Firefox that shows a security warning to users visiting sites that have suffered data breaches.

Apple's Latest MacOS Security Update Contained Fix for Plug-n-Hack USB Attack (BleepingComputer) Details have emerged about one of the vulnerabilities patched by Apple in macOS on October 31, with the release of macOS High Sierra 10.13.1, Sierra 10.12.6, and El Capitan 10.11.6.

Cyber Trends

Time to Pull an Uber and Disclose your Data Breach Now (Dark Reading) There is never a good time to reveal a cyber attack. But with EU's GDPR looming, the fallout is only going to get harder and more expensive if you wait.

​Australia 'fair game' when it comes to the threat of a cyber attack (ZDNet) For a country with a culture based on taking things as they come, Check Point has said Australia is taking the threat of cybersecurity seriously.

Oman on top in cyber security readiness in Arab world (GulfNews) Sultanate s focus on risks and ways to address them secures it first rank among Arab states and 4th worldwide in Global Cyber Security Index 2017

Finally, India is gearing up to face cyber security threats (The Economic Times) Almost half of IT decision makers around the world, including India, still believe that business executives are not making cybersecurity a significant enough priority or focus, according to a survey by cyber security solutions provider Fortinet.


McAfee Acquires Skyhigh Networks (Infosecurity Magazine) Deal comes less than eight months after McAfee's spinout from Intel

Move to Silicon Valley vital for ambitious European tech groups (Financial Times) There is no better place to find scale-up capital than the US

The Nordic Web launches an Angel fund to find the region’s under-the-radar startups (TechCrunch) The Nordic Web, a research and analysis company which specialises in covering data on tech companies emerging out of the Nordic region, has started a new..

Former Prelert execs launch a new cybersecurity startup in Boston (Boston Business Journal) The startup was born out of DARPA-backed artificial intelligence research done at Columbia University, but now it's coming to Boston to tap into the city's sales and cybersecurity talent.

Chromebook exploit earns researcher second $100k bounty (Naked Security) A year on from Google’s last $100,000 bug bounty payout, the same researcher has found a second critical persistent compromise of Chrome OS.

ESET: The security firm hoping to secure the world, one user at a time (IT Pro Portal) Security firm marks 30 years of existence with new releases and an all-new headquarters.

Tenable growth, exit could be key to building regional cyber hub (Washington Business Journal) Tenable President Jack Huffard talked possible IPO timing for his closely watched cyber company. Because timing is everything.

NHS to hire hackers for £20 million cyberdefence plan (Times) The NHS is to spend £20 million on a central cybersecurity unit that will use “ethical hackers” to probe for weakness in health service defences. Health chiefs say they will monitor the internet...

BREAKING: Derry technology firm creating 69 new jobs (Derry Now) North West based technology firm Metacompliance is recruiting 69 new jobs over the next three years to help develop its worldwide sales and market presence.

Worcester IT Firm Titania takes on apprentice thanks to new funding scheme (Worcester News) A WORCESTER IT firm has been taking advantage of a new graduate grant scheme to take on apprentices.

Tech Industry Vet Andy Meister Appointed Silent Circle Engineering VP (GovCon Executive) Andy Meister, formerly vice president of engineering at OptioLabs, has been appointed to the same po

Products, Services, and Solutions

Rohde & Schwarz Cybersecurity and Radisys Partner to Bring Networking and Security Solution for European Service Providers (Pressebox) Rohde & Schwarz Cybersecurity's R&S Traffic Analytics Solution combined with Radisys' FlowEngine TDE-2000 deliver improved subscriber security and reduced network...

Rohde & Schwarz Cybersecurity and Napatech Launch Advanced Network Threat Detection Solution at Black Hat Europe 2017 (Rohde & Schwarz) The solution combines a real-time intrusion detection system and network traffic recording capabilities to detect known and unknown cyber threats early on

GlobalPlatform Standardizes Secure OS and Firmware Loading on Secure Elements (Fintech Finance) Enables OS loading post-issuance, device refurbishment & firmware transfer to new devices GlobalPlatform has published its Open Firmware Loader for Tamper Resistant Elements (OFL). The free spe…

Solve Insider Data Breach Risks With Meridian Technologies' Acceletest (PRNewswire) Enterprises work hard to protect their customers' data; however,...

Thanksgiving 101: Helping your mobile devices survive the trip (Prey Project) A few things you want to cover when securing your laptops, phones, and tablets before going on your way to celebrate Thanksgiving!

Infront's $11 million answer to government cloud sprawl, shadow IT and bill shock (CRN Australia) Wants to help spurned IT teams take back control.

Avast bundles Avast Free Antivirus with CCleaner after buying Piriform (Windows Report - Windows 10 and Microsoft News, How-to Tips) Piriform, the maker of CCleaner, was acquired by Avast back in July 2017. Avast is well-known for its line of free and commercial security products …

Calling Barracuda's WAF a firewall is seriously selling it short (CSO Online) The Barracuda Web Application Firewall (WAF) is more than a firewall, it's like the core of an independent bastion of cybersecurity, able to inspect both inbound and outgoing traffic.

There’s Now a Dark Web Version of Wikipedia (Motherboard) People living under censorious regimes can use it to surf Wikipedia.

Technologies, Techniques, and Standards

Lessons from Zapad — jamming, NATO and the future of Belarus (Defense News) Col. Kaupo Rosin, Estonia’s head of military intelligence, laid out his big takeaways from Zapad during a November interview with Defense News.

Six data security questions that every board needs to ask (Help Net Security) Boards can take the risk management concepts they already know, and apply those to cybersecurity by framing the conversation using these six questions.

Not everything is sophisticated, let's keep it simple (Help Net Security) The term sophisticated threat gets used quite a lot. Now don’t get me wrong; I love the word. But is the term perhaps overused?

50 Cyber Security Interview Question & Answers for sure shot Success (GreyCampus) Nervous about Cyber Security interview? This article covers the top 50 information security interview questions & answers, that a cybersecurity professional is likely to be asked in an interview.

Things you should know before Cyber Monday shopping (WXYZ) Cyber Monday is just two days away and people will be looking for some great deals. But there are some things to remember when you're shopping online so you don't become a victim:

Design and Innovation

What is vulnerability management? Processes and software for prioritizing threats (CSO Online) Organizations handle vulnerability management in various ways, from training and best-practice implementations to filtering out all but the most dangerous threats. Here's a look at some of today's more innovative solutions.

Fighting fake news online wins these three projects accolades (TechCrunch) There are few greater threats to democracy in the world today than the proliferation of fake news and propaganda. So it was no surprise that this..

How Russia Polices Yandex, Its Most Popular Search Engine (Motherboard) Google said it would demote Russia Today and Sputnik, but the Russian government has tried to control what news appears on Yandex for years.

Research and Development

IBM and MIT Pair up for a Ten Year Research Project into Artifical Intelligence (Interesting Engineering) MIT and IBM have teamed up to tackle AI. The two institutions have formed a lab that will research the future of AI technology.

Could the Army identify bad guys by their gait? (C4ISRNET) A team at the U.S. Army Communications-Electronics Research, Development and Engineering Center (CERDEC) wants to take biometric data — from fingerprints to how someone walks and beyond — to the battlefield.


Schools Are Training Students to Be Cyber Sleuths (Education Week - Curriculum Matters) With a growing field and a dearth of skilled workers to fill available jobs, it's little wonder there's a push to get middle and high school students into cybersecurity training.

Legislation, Policy, and Regulation

Deterring Cyberattacks (Foreign Affairs) For years, the United States has failed to devise a strategy to deter or respond to cyberattacks. In the future, it must communicate what behavior is acceptable and what is not—and what Washington will do about it.

Pakistan laughingly says its fight against terrorists is 'unmatched in the world' (FDD's Long War Journal) "Pakistan's resolve, actions and successes in the fight against terrorism, terrorist violence and terrorists is unmatched in the world," the Ministry of Foreign Affairs said the day after Lashkar-e-Taiba leader Hafiz Saeed was freed from house arrest.

Enough about personal data, what about (restrictions to) the free flow of “non-personal data” ? (Lexology) As part of its Digital Single Market strategy, the European Commission published on 13 September 2017 a proposal for a Regulation “on a framework for…

Experts: Creation of Saudi cybersecurity center boosts internet user confidence (Arab News) Participants at the Information Security Conference, which concluded on Tuesday in Riyadh, strongly felt that the establishment of the National Cyber Security Center (NCSC) provided added confidence and security to internet users at all levels.

The 'huge' hole in the government's Russian software ban (POLITICO) DHS' ban on Kapersky software doesn't cover networks that contractors operate, even though employees may use them to discuss government work.

Clock ticking down on NSA surveillance powers (TheHill) "The biggest concern for us is the time crunch," a House aide told The Hill.

NSA Internet Surveillance Under Section 702 Violates the First Amendment (Electronic Frontier Foundation) The First Amendment is too often overlooked in discussions of the National Security Agency’s vast surveillance authorities. But as Congress considers whether to reauthorize Section 702 of FISA this winter, we must remember that it’s not just our Fourth Amendment rights to privacy that are in...

As DOJ calls for “responsible encryption,” expert asks “responsible to whom?” (Ars Technica) Video: At Ars Live, Riana Pfefferkorn brings us up to speed on the Crypto Wars du jour.

The time to hack-proof the 2018 election is expiring — and Congress is way behind (POLITICO) “Not a lot of time, no question,” one senator says.

States turning to insurance for cyber attacks (The Quad-City Times) Cyber attacks on government agencies — like the recent event where hackers gained access to Iowa’s public employee pension accounts, stealing hundreds of thousands of dollars —

Litigation, Investigation, and Law Enforcement

Army failings left Egyptian mosque an easy target for terror (Times) Jihadists were able to evade security checkpoints on Friday to carry out the worst terrorist attack in Egyptian history despite having issued a warning a week earlier that the Sinai mosque would be...

Former deputy defense minister released days after arrest on covert cyber political activities (Yonhap News Agency) A former deputy defense minister was released on Friday, 13 days after he was arrested for his alleged involvement in surreptitious cyberspace activities aimed at influencing public opinion in favor of a former conservative government.

Report: FBI failed to tell US officials they were targets of Russian hackers (TheHill) The FBI reportedly did not inform U.S. government officials that a Russian hacking operation was attempting to breach their personal emails.

Apple served with warrant for Texas mass killer’s iCloud data (Naked Security) Texas police are looking for any data stored by gunman Devin Patrick Kelley, who was found with an iPhone after he killed himself.

Regulators To Probe Uber After Covering Up Massive Data Breach, Says Report (The Daily Caller) Regulatory bodies in multiple countries are set to investigate Uber after the company revealed Tuesday that it was hacked last year, leaving 57 million people's personal data compromised. Uber repo

Uber in Legal Cross-Hairs Over Hack Cover-Up (The Bull) Two US states said Wednesday they are investigating Uber's cover-up of a hack at the ride-sharing giant that compromised the personal information of 57 million users and drivers.

'Winter has come' for Iranian charged with HBO hack (Sky News) The indictment claims Behzad Mesri is a former Iranian military who stole unaired episodes of several HBO series for ransom.

Inside Airbnb’s Russian Money-Laundering Problem (The Daily Beast) Russian crime forums have been using the home-sharing service to shuffle around cash under the table, sometimes with the help of legitimate Airbnb hosts.

Enigma Software Group Files Notice of Appeal Taking Case Against Malwarebytes for Predatory Unfair Practices to the 9th Circuit (PRNewswire) Enigma Software Group pressing appeal on its claims that Malwarebytes has abused the law to gain competitive...

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

AutoMobility LA (Los Angeles, California, USA, November 27 - 30, 2017) The Los Angeles Auto Show Press & Trade Days and Connected Car Expo have MERGED to form AutoMobility LA, the new auto industry’s first true trade show. Register to join us in Los Angeles this November.

CyberCon 2017: Beyond Cybersecurity (Pentagon City, Virginia, USA, November 28, 2017) The cyber front is about more than just security. Defending in cyberspace takes a holistic approach, encompassing technology, policy and people. That’s why we’re bringing together military, intelligence...

INsecurity (National Harbor, Maryland, USA, November 29 - 30, 2017) Organized by Dark Reading, the web’s most trusted online community for the exchange of information about cybersecurity issues. INsecurity focuses on the everyday practices of the IT security department,...

INsecurity (National Harbor, Maryland, USA, November 29 - 30, 2017) INsecurity is for the defenders of enterprise security—those defending corporate networks—and offers real-world case studies, peer sharing and practical, actionable content for IT professionals grappling...

Cyber Security, Oil, Gas & Power 2017 (London, England, UK, November 29 - 30, 2017) ACI’s Cyber Security - Oil, Gas, Power Conference will bring together key stakeholders from energy majors and technology industries, to discuss the challenges and opportunities found in the current systems.

Cyber Security Summit Los Angeles (Los Angeles, California, USA, November 30, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Los Angeles. Receive...

cyberSecure (New York, New York, USA, December 4 - 5, 2017) cyberSecure is a unique cross-industry conference that moves beyond the technology of cyber risk management, data security and privacy. It brings together corporate leaders from multiple function areas...

cyberSecure (New York, New York, USA, December 4 - 5, 2017) cyberSecure is a unique cross-industry conference that moves beyond the technology of cyber risk management, data security and privacy. Unlike other cybersecurity events, cyberSecure brings together corporate...

National Insider Threat Special Interest Group Meeting (Virginia Chapter) (Herndon, Virginia, USA, December 5, 2017) The National Insider Threat Special Interest Group (NITSIG) is excited to announce it has established a Virginia Chapter. NITSIG Members and others may attend meetings at no charge. Attendees will receive...

Hackers Challenge (New York, New York, USA, December 6, 2017) Welcome to the Hackers Challenge - a must-attend event for IT security professionals across all industries. Radware and Cisco invite experienced hackers to attack the cyber-defense of a website within...

Cyber Security Indonesia 2017: Shaping National Capacity for Cyber Security (Jakarta, Indonesia, December 6 - 7, 2017) Cyber Security Indonesia 2017 exhibition and conference, brought to you by the organisers of the Indonesia Infrastructure Week, will bring cyber security solutions providers together with key government...

Third International Conference on Information Security and Digital Forensics (ISDF 2017) (Thessaloniki, Greece, December 8 - 10, 2017) A 3 day event, with presentations delivered by researchers from the international community, including presentations from keynote speakers and state-of-the-art lectures.

International Conference on Cyber Security: Forging Global Alliances for Cyber Resilience (New York, New York, USA, January 8 - 11, 2018) The Federal Bureau of Investigation and Fordham University will host the Seventh International Conference on Cyber Security (ICCS 2018) on January 8-11, 2018, in New York City. ICCS is held every eighteen...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.