skip navigation

More signal. Less noise.

How do you take the guesswork out of evaluating anti-malware products in-house?

Anti-malware protection is a cornerstone of information security, so when it comes to testing, don’t take the vendor’s word for it. Test for yourself.

Daily briefing.

Reports say that Israel alerted the US to the dangers Kaspersky security products posed to its users. Israeli intelligence officers monitoring Russian activity saw them using Kaspersky software as what the New York Times calls "an improvised search engine." They notified their American colleagues, and, the Times reports, this is the background to the US Government's decision to ban Kaspersky products from its networks.

Israeli intelligence services penetrated Kaspersky in 2014, sources say. Kaspersky discovered (and disclosed, without attribution) Israeli presence on its networks in 2015. Antivirus software is an attractive target because of the system access it receives.

It remains unclear whether Kaspersky was complicit in the exploitation, whether Russian services hacked Kaspersky, or whether those services infiltrated their agents into the company's workforce. Many observers think it unlikely that any Russian company would be able to refuse a request from their country's security services.

Another major consultancy has suffered data exposure. UpGuard reports that on September 17 their researchers found sensitive data belonging to Accenture exposed in four unsecured Amazon Web Services S3 buckets. It's unclear whether the data, now secured, were obtained by bad actors (Accenture says the only unauthorized scan they've detected came from UpGuard). Accenture also says the material exposed, including keys and credentials, was related to a decommissioned system.

Deloitte's breach may have grown worse. The Guardian reports that three-hundred-fifty clients (including US Government agencies and multinational corporations) suffered exposure. Deloitte, which had put the number of affected clients at six, disputes the report.


Today's issue includes events affecting Australia, Canada, China, Israel, Japan, Democratic Peoples Republic of Korea, Republic of Korea, Russia, Saudi Arabia, United Kingdom, United States.

Survey says: frameworks are good, compliance could be better.

How does the public sector view the state of cyber risk management, IT modernization, and the role of cybersecurity standards in improving our nation’s cyber posture?  A survey of government and industry attendees at the 2017 AWS Public Sector Summit provides a unique window into the perceptions, challenges and opportunities for cyber risk management. Download your copy of the 2017 Public Sector Cyber Risk Management Report.

In today's podcast, we talk with the Johns Hopkins University's Joe Carrigan, who gives us some follow-up on his discussion of password security and the use of password managers. Our guest is Brian NeSmith from Arctic Wolf, who shares the results of their IoT ransomware survey. 

CyberMaryland Conference: Baltimore Convention Center October 11-12 (Baltimore, Maryland, USA, October 11 - 12, 2017) The CyberMaryland Conference is an annual two-day event that brings together academia, government and private industry organizations. The theme, “Leading the Cyber Generation,” emphasizes information sharing and networking opportunities for development of cyber assets on both the human and technological side.

Cyber Security Summit: Boston and Los Angeles (Boston, Massachusetts, USA, November 8, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security on November 8 in Boston and November 29 in Los Angeles. Register with promo code cyberwire50 for half off your admission (Regular price $350).

Dateline AUSA 2017

Speed up information sharing to outmatch enemy, says acting U.S. Army secretary (Defense News) Near-peer competitors are going to school on the U.S. military's capabilities, warns acting Army Secretary Ryan McCarthy, and the service needs to find a balance where it can invest in countering irregular warfare but also supporting conventional efforts.

Interview: Joe Billingsley, founder of the Military Cyber Professionals Association (Defense News) The founder of the Military Cyber Professionals Association discusses the military's challenges attracting and retaining enough skilled people to its cyber billets.

How the US Army is Preparing to Fight Hybrid War in 2030 (Defense One) The future is little teams operating on land, in the air, and online, taking on enemies that haven’t declared themselves.

Hodges: Russian electronic warfare capability 'really effective' (Defense News) According to Lt. Gen. Ben Hodges, the commander of U.S. Army Europe, the Russian military demonstrated an

Eyeing Russia, lawmakers aim to boost Army electronic warfare (C4ISRNET) Worried the U.S. Army is unprepared to take on Russia in Europe, U.S. lawmakers have advanced legislative language to pressure the Pentagon to catch up on electronic warfare, long-range missiles and countering drones.

Russia remains the greatest near-term threat to the US, intel official says (Army Times) Russia remains the greatest near-term threat to the United States, said the U.S. Army assistant deputy chief of staff for Intelligence on Monday.

4 areas where military cyber forces should focus in cyberspace (C4ISRNET) Given the vastness of cyberspace, one academic offers his view of the areas within cyber on which the DoD must focus its resources to be most effective.

Here’s how the Army’s Rapid Capabilities Office is working cyber (C4ISRNET) The RCO is currently working three areas of cyber, Doug Wiltsie, RCO director, told C4ISRNET Oct. 9 during the annual Association of the United States Army conference.

User feedback critical for the Army’s Rapid Capabilities Office (C4ISRNET) Hearing from operators allows the Army RCO to successfully reconfigure the first-look solutions it field tests.

Army consolidates network portfolio (C4ISRNET) The Army has taken a one network approach to its communications and network portfolio, consolidating related programs into a single project manager office.

The Army's network is 'fragile' and 'vulnerable' (C4ISRNET) Space is congested and contested, and the Army's partnership with industry must give the service the ability and endurance to fight in any domain of warfare in any environment, says Col. Enrique Costas, the project manager of defense communications and transmission systems for the Army's Program Executive Office for Enterprise Information Systems.

The Army is creating a modernization command to keep projects on track (Defense News) The Army is establishing a new organization to ensure its modernization programs get the attention, thought and forward movement needed to maintain overmatch against potential adversaries in the future.

A device for every soldier? The Army is considering it (C4ISRNET) Between the hours soldiers have to spend online for professional military education and the possibilities a handheld, touchscreen device could hold downrange, the Army is taking a step toward developing a standard-issue device for every soldier.

The Army’s combat training centers must adapt more quickly to real-time battlefield threats (Defense News) The Army’s combat training centers must implement real-time battlefield threats into pre-deployment training more quickly and cheaply, senior leaders said.

Cyber Attacks, Threats, and Vulnerabilities

Israel hacked Kaspersky, then tipped the NSA that its tools had been breached (Washington Post) The Russian cybersecurity firm is in the spotlight because of suspicions its products facilitate espionage.

How Israel Caught Russian Hackers Scouring the World for U.S. Secrets (New York Times) Exploiting the popular Kaspersky antivirus software, Russian hackers searched millions of computers for American intelligence keywords. Israeli intelligence tipped off American officials.

Kaspersky's U.S. spat a sign of Balkanisation in cyber world: Interpol (Reuters) Divisions along national lines, including actions taken by the United States against Russia's Kaspersky Lab, are making it harder to effectively fight cross-border cyber crime, a senior Interpol official told Reuters on Tuesday.

North Korean Hackers Stole U.S.-South Korean Military Plans, Lawmaker Says (New York Times) Among the data stolen in a hack last year was a plan to remove the North Korean leader Kim Jong-un, referred to as a “decapitation” plan.

North Korea Has Cyber Capabilities, But What Are They? (CyberDB) As of late, there has been indications that North Korea has been fosuing its cyber powers on stealing data, disseminating influence campaigns

Hacking North Korea Is Easy. Its Nukes? Not So Much (WIRED) Security researchers say penetrating North Korea's hacking operations and even its domestic intranet is possible. But not enough to stop its nuclear threat.

How the Chinese cyberthreat has evolved [Commentary] (Fifth Domain) With more than half of its 1.4 billion people online, the world’s most populous country is home to a slew of cyberspies and hackers. Indeed, China has likely stolen more secrets from businesses and governments than any other country.

Google uncovers Russian-bought ads on YouTube, Gmail and other platforms (Washington Post) The problem of Russian meddling on Google and Facebook is much greater than has been previously revealed.

Hacker study: Russia could get into U.S. voting machines (POLITICO) American voting machines are full of foreign-made hardware and software, including from China, and a top group of hackers and national security officials says that means they could have been infiltrated last year and into the future.

Accenture inadvertently exposes highly sensitive corporate, client data online (Help Net Security) Corporate consulting giant Accenture left bucketloads of sensitive corporate and client data exposed online for anyone to access.

Accenture left four servers of sensitive data completely unprotected (Engadget) The exposed data included passwords, decryption keys and client information.

System Shock: How A Cloud Leak Exposed Accenture's Business (UpGuard) Multiple sensitive buckets belonging to the corporation were found publicly exposed, revealing credentials, keys, and customer information.

Data Breach Exposed Medical Records, Including Blood Test Results, of Over 100 Thousand Patients (Gizmodo) In the latest leak of sensitive medical records in the United States, lab test results and other patient files belonging to an estimated 150,000 Americans were unearthed online by security researchers late last month.

Deloitte Hack Compromised Government Emails (CIO Today) The hack into the accountancy giant Deloitte compromised a server that contained the emails of an estimated 350 clients, including four US government departments, the United Nations and some of the world's biggest multinationals, the Guardian has been told.

Deloitte hack hit server containing emails from across US government (Guardian) Exclusive: Cyber-attack was far more widespread than firm admits, say sources, with data from as many as 350 clients in compromised system

Fast Flux Botnets Still Wreaking Havoc (Akama) Akamai today announced results of new research into the behavior of a malicious botnet employing Fast Flux techniques. The findings are compiled in a new white paper – Digging Deeper - An In-Depth Analysis of a Fast Flux Network.

Learning from the Disqus data breach (Naked Security) What does the Disqus data breach tell us about security?

Busted! Founder sells $51m website, hacks it, tries to sell site its own data (Naked Security) What’s worse than Dracula sucking your blood? Dracula sucking your blood and then trying to sell it back to you

Unique security challenges facing the Census Bureau (Fifth Domain) With all that public data and a huge temporary workforce coming in every 10 years, Census deals with security concerns no other agency faces.

Report: Online trolls targeting US troops, veterans (Military Times) Oxford researchers say they see patterns of foreign activists trying to confuse or upset military communities online.

Criminals stole millions from E. Europe banks with ATM “overdraft” hack (Ars Technica) Crime ring opened minimal accounts with banks, then boosted their withdrawal limits.

Hacked websites force visitors to mine cryptocurrency (IT Pro Portal) Schools and charities among those affected in mining scam.

Inside the Middle Eastern and North African cybercriminal underground (Help Net Security) An investigation of the Middle Eastern and North African cybercriminal underground found that prices for malware are more expensive than in other regions.

Four of the Five Biggest Defense Contractors in the World lack Encryption (Hashed Out) Lockheed Martin, Northrop Grumman, Boeing and Raytheon all lack basic encryption on their websites, this is not a good statement to make about security.

Millions of Pornhub users targeted in malvertising attack (Guardian) Security firm uncovers hacking group KovCoreG’s attempts to trick browsers of world’s largest adult site into installing fake updates

Security Patches, Mitigations, and Software Updates

October Patch Tuesday 2017 (Ivanti Blog) Halloween might be just around the corner, but this Patch Tuesday wasn’t scary and we didn’t see Microsoft play any

Microsoft October Patch Tuesday Fixes 62 Security Issues, Including a Zero-Day (BleepingComputer) Earlier today, Microsoft published the October 2017 Patch Tuesday, the company's monthly update train, addressing important security issues, but also some mundane bugfixes.

Bugs in Windows DNS client open millions of users to attack (Help Net Security) Microsoft has provided fixes for critical Windows DNS client bugs, which could be exploited by attackers to gain access to the target's system.

Cyber Trends

Hackers go after Australian ICT, managed services providers (Help Net Security) The Australian Cyber Security Centre (ACSC) has released its annual Threat Report, which encompasses the period between 1 July 2016 and 30 June 2017.

Why it’s time to stop calling users “n00bs” and “1d10ts” (Naked Security) We’ve tried blaming users for 30 years, and it hasn’t worked. Here’s a new way – listen to them and get them on your side…


Symantec Won't Allow Third-Party Government Reviews Of Its Security Software (CRN) The move comes as competitors in the security space – including Kaspersky Lab and HPE - face backlash for their reported cooperation with third-party government reviews.

Dragos to Contribute its ICS/OT Expertise as a NIST NCCoE National Cybersecurity Excellence Partner (PRNewswire) Dragos ( announced today that it has become a National...

With new strategy, Dell will invest $1B into the 'internet of things' (SiliconANGLE) Dell Technologies Inc. may be late to the “internet of things” party, but it has brought plenty of friends.

Can Peter Thiel pull a rabbit from his hat with Palantir? (PE Hub) Palantir is more than one of the world’s most valuable enterprise software unicorns. It could be one of the largest enterprise IPOs of a generation. Because of its success, the involvement of [Founders Fund investor] Peter Thiel and the nature of its secret work, it has become a fascination and darling …

MACH37 Cyber Accelerator Opens Applications for Spring 2018 Session (GlobeNewswire News Room) Spring 2018 Cohort Session to Begin on March 13th

Accenture's federal arm adds Cybercom vet Franz -- Washington Technology (Washington Technology) Accenture's federal subsidiary hires retired Army Maj. Gen. and former Cyber Command official George Franz.

Products, Services, and Solutions

UpGuard Automates Vendor Risk Management with New CyberRisk Product (PRWeb) Cyber resilience company unveils product to automate third party risk detection

Netwrix Becomes Oracle PartnerNetwork Silver Level Partner (Netwrix) Achieving Silver Level status enables Netwrix to empower customers to boost the security of their structured data

Corero in partnership deal with US provider (Stock Market Wire) - Corero Network Security has signed a resell partnership agreement with a leading US-based global cloud DDoS service provider.

Carbon Black and IBM Security Deliver Increased Visibility for SOCs to Accelerate Incident Response (BusinessWire) Carbon Black, the leader in next-generation endpoint security, today announced an expansion of its collaboration with IBM Sec

Technologies, Techniques, and Standards

Massive drill validates Israel’s cyber-secure C4I network (C4ISRNET) While Israel demonstrated many of the integrated C4I capabilities in Israel’s 2014 Gaza war, the drill marked the first time the IDF could evaluate technologies, tactics and procedures on such a broad scale.

Design and Innovation

A new project that helps with DNS security (Cyberscoop) Andre Ludwig, CTO for the Global Cyber Alliance, talks with Shaun Waterman about a free DNS service his organization will be rolling out in November.


Australian university opens blockchain cryptocurrency research lab (Econo Times) Australia’s Monash University has opened a joint blockchain cryptocurrency research and development lab at its Clayton campus.

King Saud University Partners with Northrop Grumman for CyberArabia to Drive Innovation in Cyber Security Among University Students Nationwide (Northrop Grumman Newsroom) RIYADH, Oct. 9, 2017 – King Saud University and Northrop Grumman Corporation (NYSE: NOC) are joining hands for CyberArabia to foster innovation in cyber security among Saudi university students. The third annual cyber security workshop and...

Rutgers University Announces Launch of Cyber Security Certificate Program (Markets Insider) The Center for Innovation Education at Rutgers University (RIE) has partnered with Socratic Arts, Inc. to announce the launch of an intensive 24-week online Cyber Security Certificate Program beginning November 27, 2017. Development was funded by the Department of Defense, and the curriculum was developed in partnership with government-selected information security experts. The program is now being offered to the public as a non-credit certificate.

Legislation, Policy, and Regulation

Trump admin, China reaffirm commitment to 2015 cyber agreement (Fifth Domain) At the first ever U.S.-China Law Enforcement Cybersecurity Dialogue, both countries reaffirmed their commitment to the cybersecurity agreement between the Chinese and American presidents in 2015.

Russia Warns US-funded RFE/RL It May Face 'Restrictions' (VOA) Move follows Moscow’s warning it could respond tit-for-tat if Washington restricts operations of Russian state-funded RT TV, Sputnik in US

Under pressure, Western tech firms bow to Russian demands to share cyber secrets (Reuters) Western technology companies, including Cisco, IBM and SAP, are acceding to demands by Moscow for access to closely guarded product security secrets, at a time when Russia has been accused of a growing number of cyber attacks on the West, a Reuters investigation has found.

How does US-Japan defense agreement apply to cyberattacks? (Fifth Domain) When Secretary of Defense Jim Mattis, Secretary of State Rex Tillerson, Japanese Defense Minister Itsunori Onodera and Japanese Foreign Minister Taro Kono met at the State Department in August, it was taken as another sign that the two nations consider cybersecurity as important as land, air or sea defensive capabilities.

Rep. Bob Goodlatte: Protecting national security and securing individual liberty need not conflict (Washington Examiner) Congress has an opportunity to reform one of the intelligence community's most important national security tools to ensure it protects lives...

Will an Act of Congress Elevate Cybersecurity? (Design News) Senate takes up measure what would hold government-purchased IoT devices to security standards.

Go cyber: Airmen can earn cash and promotions, get set up for civilian life (Fifth Domain) The Air Force doesn’t want to be next on the infamous list of major cyberattacks. And that spells opportunities for airmen who are interested in scoring bonuses and retention pay, retraining opportunities, and perhaps even a better shot at getting a promotion.

Litigation, Investigation, and Law Enforcement

Suspected NYC attack plotter: Philippines 'breeding ground for terrorists' (The Japan Times) A Filipino suspect in a thwarted jihadi plot targeting New York City had boasted that his country was "a breeding ground for terrorists," the U.S. Justice

Imran Awan ‘Very Strongly’ Wants To Block Review Of Hard Drive, Was Using Alias (The Daily Caller) Lawyers for Imran Awan, an ex-aide who ran information technology (IT) for Democratic Rep. Debbie Wasserman Schultz, “feel very strongly” that data recovered from a hard drive on Capitol Hill sho

‘Dire Consequences’: Wife Of Indicted Dem IT Aide Says He ‘Threatened To Harm The Lives’ (The Daily Caller) The indicted husband-and-wife team of former IT aides to Democratic Rep. Debbie Wasserman Schultz sat directly across from each other at the defendants' table in federal court Friday in Washington,

Security concerns rise as police find surveillance device intercepted private text messages (The Globe and Mail) The findings centre on federal correctional officials who launched a surveillance effort that aimed to locate inmates’ contraband phones in an Ontario prison, but which also ended up intercepting several text messages sent by jail guards

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Exploring Health IT Innovation and Cybersecurity in the Digital Era (Kalamzoo, MIchigan, USA, November 2 - 3, 2017) Government, industry and academic leaders in health information technology and cybersecurity will headline a conference focused on "Exploring Health IT Innovation and Cybersecurity in the Digital Era"...

Upcoming Events

Global Conference on Cyberspace (GCCS) (New Dehli, India, November 23 - 24, 2017) The Global Conference on Cyberspace (GCCS) aims to deliberate on the issues related to promotion of cooperation in cyberspace, norms for responsible behaviors in cyberspace and to enhance cyber capacity...

Aviation Cyber Security (London, England, UK, November 21 - 22, 2017) Join us on November 21/22 in London, England for the Cyber Senate Aviation Cyber Security Summit. We will address key issues such as the importance of information sharing and collaboration, supply chain...

Federal IT Security Conference (Columbia, Maryland, USA, November 14, 2017) The Federal IT Security Institute (FITSI) in partnership with Phoenix TS in Columbia, MD is hosting the second annual Federal IT Security Conference. Speakers from NIST, DHS, the Defense Department as...

Sector (Toronto, Ontario, Canada, November 13 - 15, 2017) Illuminating the Black Art of Security. Now entering its 11th year, SecTor has built a reputation of bringing together experts from around the world to share their latest research and techniques involving...

Countermeasure (Ottawa, Ontario, Canada, November 9 - 10, 2017) Now into its sixth year in Ottawa, and consistently advancing in both size and content quality, COUNTERMEASURE continues to be the national capital's premier IT security event. As in years past, attendees...

2017 ICIT Gala & Benefit (Washington, DC, USA, November 9, 2017) The Annual ICIT Gala and Benefit is the year’s most prestigious and intimate gathering of legislative, agency and private sector leaders committed to protecting our Nation’s critical infrastructures. This...

4th Annual Journal of Law & Cyber Warfare Conference (New York, New York, USA, November 9, 2017) Join thought leaders across the industry for a day of collaboration and education with an outstanding group of cyber security experts. In this one-day program, we continue JLCW's 5+ year reputation for...

Fourth Annual JLCW Conference (New York, New York, USA, November 9, 2017) The 2017 Journal of Law and Cyber Warfare symposium speakers represent an unparalleled group of cyber security experts with a wide variety of industry expertise and knowledge. Attendees will hear from...

SINET Showcase 2017 (Washington, DC, USA, November 8 - 9, 2017) SINET – Washington DC provides a platform to identify and highlight “best-of-class” security companies that are addressing the most pressing needs and requirements in Cybersecurity. As always, this event...

CyCon US (Washington, DC, USA, November 7 - 8, 2017) The 2017 International Conference on Cyber Conflict U.S. (CyCon U.S.) will take place 7-8 Nov 2017 at the Ronald Reagan Building in Washington D.C. CyCon U.S. facilitates knowledge generation and information...

RSA Conference 2017 Abu Dhabi (Abu Dhabi, UAE, November 7 - 8, 2017) RSA Conference 2017 Abu Dhabi is the leading information security event in the region. This year's Conference will take place 7 to 8 November at the Emirates Palace in Abu Dhabi. Join us for two days of...

National Initiative for Cybersecurity Education Conference and Expo (Dayton, Ohio, USA, November 7 - 8, 2017) Cybersecurity has emerged as one of the leading creators of jobs and opportunity for all economic sectors. The demand for cybersecurity positions in both the public and private sector is large and growing,...

POC 2017 (Seoul, Korea, November 2 - 3, 2017) POC started in 2006 and has been organized by Korean hackers & security experts. It is an international security & hacking conference in Korea. POC doesn't pursue money. POC concentrates on technical and...

Cyber Security Summit: Boston (Boston, Massachusetts, USA, November 1, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Boston. Receive...

2017 International Information Sharing Conference (Washington, DC, USA, October 31 - November 1, 2017) Join us for the inaugural International Information Sharing Conference hosted by the Information Sharing and Analysis Organization Standards Organization (ISAO SO), with participation from the Department...

2017 International Information Sharing Conference (Washington, DC, USA, October 31 - November 1, 2017) Join us for the inaugural International Information Sharing Conference hosted by the Information Sharing and Analysis Organization Standards Organization (ISAO SO), with participation from the Department...

2017 Annual Conference: Networking the Future (Tampa, Florida, USA, October 27, 2017) Networking the Future is the Florida Center for Cybersecurity's fourth annual conference and will host hundreds of cybersecurity technical and non-technical stakeholders from industry, government, the...

RETR3AT Cybersecurity Conference (Montreat, North Carolina, USA, October 27, 2017) Each year, Montreat College’s Center for Cybersecurity Education and Leadership hosts RETR3AT, a conference designed to engage, educate, and raise awareness about cybersecurity in Western North Carolina...

RETR3AT Cybersecurity Conference (Montreat, North Carolina, USA, October 27, 2017) Each year, Montreat College’s Center for Cybersecurity Education and Leadership hosts RETR3AT, a conference designed to engage, educate, and raise awareness about cybersecurity in Western North Carolina...

Florida Center for Cybersecurity 2017 Annual Conference (Tampa, Florida, USA, October 27, 2017) Networking the Future is the Florida Center for Cybersecurity's fourth annual conference and will host hundreds of cybersecurity technical and non-technical stakeholders from industry, government, the...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.