skip navigation

More signal. Less noise.

Do you know the best practices for applying threat intelligence?

Threat intelligence is one of the most talked about areas of information security today, but how do you actually use it? Learn best practices for applying threat intelligence with Recorded Future's latest white paper. Download your free copy now.

Daily briefing.

Research Saturday is up

We launched Research Saturday this weekend, a new weekly podcast that concentrates on current research in cybersecurity. The first edition was a conversation about the Cobian RAT with Deepen Desai, senior director of security research and operations at Zscaler. Give it a listen here.

As Germany prepares for Sunday's federal elections, the country remains on high alert for last-minute Russian election meddling.

State-sponsored activity is also observed in Switzerland and Singapore, but without direct attribution. (Some aspects of the attacks, however, remind some of Turla.)

ISIS has claimed responsibility for Friday's fizzled but damaging bombing in London's tube. The ISIS "soldier" suspected in the attack is in custody. Social media chatter from the group seeks to inspire attacks on hurricane aid centers in the US, soft targets with a lot of concentrated potential victims. In Syria a rival jihadist group that seemed destined to replace ISIS, Hayat Tahrir al-Sham, appears to be fragmenting as jihadist extremism metastasizes outside its core region.

Effects of the Equifax breach continue to expand, as do investigations. Some 400,000 individuals in the UK have been affected, as have an unknown number of Canadians. Canadian authorities have opened an investigation, as have more US states. The incident is now explained unambiguously as exploitation of a known but unpatched Apache Struts vulnerability.

The faux-grey hats of OurMine have gone after Vevo, breaching the video service and offering to leak 3.12TB of stolen data, most of which strike observers as fairly anodyne. The motive for the attack seems to be revenge for disrespect and consequent wounded self-regard: OurMine says they hacked Vevo because a Vevo employee was rude to an OurMine member on LinkedIn.

Cisco reports Avast's CCleaner (version 5.33) was infected with a multistage backdoor, apparently introduced in the supply chain. 

Notes.

Today's issue includes events affecting Australia, Canada, China, European Union, Germany, Israel, Democratic Peoples Republic of Korea, Republic of Korea, Qatar, Russia, Saudi Arabia, Singapore, Slovakia, Spain, Switzerland, Syria, United Kingdom, United States.

A note to our readers: We're spending tomorrow with our friends and neighbors at the Johns Hopkins University, as we attend the 4th annual Cyber Security Conference for Executives. Watch for live-tweets tomorrow and coverage this week.

Worried About Third Party Data Breaches?

We all know the consequences of a third party data breach; one vulnerability can cost your organization millions. But do you know what security measures to implement to successfully reduce your attack surface and prevent third party risk? Learn how in LookingGlass Cyber Solutions' webinar featuring VP of Intelligence Operations Eric Olson and Forrester Senior Analyst Nick Hayes on Wednesday, October 18, 1:30pm ET. Sign up now.

In today's podcast we get to know a new expert from our partners at Booz Allen Hamilton, as we chat with Chris Poulin. He leads Internet-of-things security strategy in Booz Allen’s Dark Labs, where he also dabbles in machine intelligence. Poulin joins Booz Allen from IBM, where he led their X-Force research teams and built the first prototype Watson for cybersecurity.

Earn a master’s degree in cybersecurity from SANS (Online, September 28, 2017) Earn a master’s degree in cybersecurity from SANS, the world leader in information security training. Learn more at a free online information session on Thursday, September 28th, at 12:00 pm (noon) ET. For complete information on master’s degree and graduate certificate programs, visit www.sans.edu.

3rd European Cybersecurity Forum – CYBERSEC (Krakow, Poland, October 9 - 10, 2017) CYBERSEC is a unique Europe-wide, annual public policy conference dedicated to strategic aspects of cybersecurity. Conference’s mission is to foster the building of a Europe-wide cybsersecurity system and create a dedicated collaborative platform for governments, international organisations, and key private-sector organisations.

CyberMaryland Job Fair, October 11, Baltimore visit ClearedJobs.Net or CyberSecJobs.com for details. (Baltimore, Maryland, USA, October 11, 2017) Cleared and non-cleared cybersecurity pros make your next career move at the CyberMaryland Job Fair, October 11 in Baltimore. Meet leading cyber employers including Delta Risk, Choice Hotels, Lockheed Martin, the NSA and more. Visit ClearedJobs.Net or CyberSecJobs.com for info.

Florida’s Annual Cybersecurity Conference (Tampa, Florida, USA, October 27, 2017) Networking the Future, the Florida Center for Cybersecurity's fourth annual conference, will host hundreds of technical and non-technical stakeholders from industry, government, the military, and academia to explore emerging threats, best practices, and the latest research and trends.

The International Information Sharing Conference on October 31 and November 1 in Washington, D.C. (Washington, DC, USA, October 31 - November 1, 2017) Join us for the inaugural International Information Sharing Conference hosted by the ISAO SO. This two-day event, a first of its kind, will convene practitioners from small businesses to multi-national corporations and from information sharing newcomers to well-established cybersecurity organizations.

Cyber Attacks, Threats, and Vulnerabilities

Islamic State claims its 'soldiers' carried out London tube bombing (FDD's Long War Journal) The Islamic State claims its "soldiers" carried out the London tube bombing earlier today. Twenty-nine people were injured in the attack. Earlier this month, the British government reported a surge in terror-related arrests. As of June 30, 204 people were in custody in the UK for suspected terrorism-related offenses and the "majority" of them, 91 percent, hold "Islamist extremist views."

Tweets linked to ISIS target hurricane cities (CNBC) Threatening social media posts possibly connected to ISIS have raised alerts in cities battered by recent hurricanes.

A Jihadist Breakup in Syria (Foreign Affairs) Tahrir al-Sham has recently lost some of its most important leaders, but Syria’s most powerful jihadist group may well weather the current storm

US on high alert amid North Korea's cyber threats (Washington Examiner) North Korea's threats against the U.S. have brought a heightened sense of awareness around cyber threats.

Trading Bitcoin = Funding North Korean Regime? (Facts Chronicle) Gaining popularity in the last few years, the concept of cryptocurrency is now hoarding the internet with the introduction of Bitcoin. Unlike the conventional currency, this virtual currency is decentralized, is easy to set up, completely transparent and non-repudiable. Hence making the prospect of trading it even more delightful. However, recent reviews show that the …

Merkel braced for Russian cyber-attack as German election looms (The Australian) Every evening, German news­casters compete to deride this Sunday’s general election as the most boring yet. But behind the scenes in the glass-and-concrete cube of the federal chancellery, Angela Merkel’s aides heave a sigh of relief that another day has passed without Russia launching a cyber-attack on the vote.

Swiss defence ministry foils cyber attack (Reuters) Switzerland's defence ministryhas foiled a cyber attack by malware similar to that used inother global hacking campaigns, the government said in astatement on Friday.

Cyber attack on S’pore public organisation was by state-sponsored group: CSA (Today) An unnamed public organisation here was hit by an advanced persistent threat (APT) malware infection late last year, the Cyber Security Agency of Singapore (CSA) revealed on Thursday (Sept 14).

Equifax: 400,000 Brits caught up in US data breach (Computing) Equifax finally admits security breach affected some UK accounts

Canada's Privacy Watchdog Is Investigating Equifax (Motherboard) The credit firm still won't say how many Canadians are affected.

Comodo Discovers Equifax Executives’ Passwords for Sale (Comodo News and Internet Security Information) Following the Equifax data breach revelations, the Comodo Threat Intelligence Lab undertook a Dark Web analysis on the company and discovered 388 records

Here’s Why Equifax Yanked Its Apps From Apple And Google Last Week (Fast Company) A security researcher discovered a shocking vulnerability: “They quite frankly didn’t know what they were doing.”

Equifax Hackers Stole 200k Credit Card Accounts in One Fell Swoop (KrebsOnSecurity) Visa and MasterCard are sending confidential alerts to financial institutions across the United States this week, warning them about more than 200,000 credit cards that were stolen in the epic data breach announced last week at big-three credit bureau Equifax.

Equifax told in April it was 'vulnerable to data theft' (The Telegraph) Equifax was warned in April that it was “vulnerable to data theft and security breaches”, just weeks before the personal details of 143 million Americans were stolen.

‘We’ve Been Breached’: Inside the Equifax Hack (Wall Street Journal) The crisis has sent shock waves through the industry, spooked consumers and sparked investigations. A focus for inquiry is a software glitch that appears to be how the intruders got into the company’s systems.

Equifax breach victims might not know their data is exposed (Software Development Times) Equifax has been making headlines the last few weeks for a large security breach involving consumers in the U.S., U.K., and Canada. Attackers gathered the personal information of up to 143 million U.S. consumers, including credit card numbers for about 209,000 people. Other information accessed during the breach includes names, Social Security numbers, birth dates, … continue reading

Watch out for scammers pretending to be from Equifax (ConsumerAffairs) The phone call appears to be from Equifax, but you might not think that's unusual since you recently signed up for free credit monitoring after you learned

The blame game is on for Equifax data hack (Fox Business) The massive Equifax data breach that affected at least 143 million Americans has brought cybersecurity to the forefront of the conversation as the hunt to find out who’s ultimately to blame pervades.

Equifax Breach Raises Concerns About Employees’ Personal Data (SHRM) Employers should coordinate with their third-party administrators (TPAs) so that the TPAs notify plan participants of the potential vulnerability of their 401(k) accounts.

Equifax Hack: The Real Estate Industry Is Just As Vulnerable (Forbes) As smart cities begin to expand, it is becoming essential that real estate developers and investors keep cybersecurity top of mind. Smart buildings can improve building and tenant efficiency, but can also leave company and tenant information vulnerable to attacks.

Preliminary Thoughts on the Equifax Hack (CircleID) As you've undoubtedly heard, the Equifax credit reporting agency was hit by a major attack, exposing the personal data of 143 million Americans and many more people in other countries.

Why The Equifax Hack Doesn’t Matter! (Infosecurity Magazine) The Equifax breach doesn’t matter as your data was already out there!

What the Equifax breach means to me — an end user perspective (CSO Online) Recovery and resiliency or apathy. Which will prevail now that most everyone's PII has been exposed in the Equifax data breach?

Here's what your stolen identity is selling for on the dark web (SentinelSource.com) How much is your personal data worth to you? A lot. (Thanks, Equifax.) And how much is it worth to an identity thief?

Avast's CCleaner compromised to deliver malware to unsuspecting users in August and September, warns Cisco Talos (Computing) Anti-virus firm Avast compromised in suspected supply-chain attack

Welp, Vevo Just Got Hacked (Gizmodo) Another day, another multinational video service brought to its knees by a group of rogue hackers with a bone to pick.

OurMine Hacks Vevo After Employee Was Disrespectful to Hackers on LinkedIn (BleepingComputer) Hacking group OurMine has breached Vevo, a video hosting service, and has leaked files from the company's internal network.

Guess what happened after VEVO told its hackers to 'f**k off'... (Graham Cluley) A hacking gang posted 3.12 terabytes of VEVO's internal files online, after it discovered the company was being reckless with its security.

iXintpwn/YJSNPI Abuses iOS’s Config Profile, can Crash Devices (TrendLabs Security Intelligence Blog) Apple's walled garden is not entirely unbreachable. This is exemplified by iXintpwn/YJSNPI, a malicious profile that can render the iOS device unresponsive.

The Pirate Bay hijacked users' CPU power to mine cryptocurrency Monero (CSO Online) The Pirate Bay gave no warning to users before running a "test" that embedded JavaScript to run a cryptocurrency miner that hogged CPU resources.

New Malicious Ads Mine Cryptocurrency in Your Browser (PCMAG) Why bother infecting a PC when you can profit from mining cryptocurrency while your victim browses the Internet?

Cryptocurrency mining is used by cybercriminals to make a quick profit (WeLiveSecurity) Cryptocurrency mining has been used by cybercriminals to make a quick and easy profit while corrupting the victim’s machine in the process.

'ExpensiveWall' Malware Charged Android Users for Bogus Services (PCMAG) Users will need to manually remove the offending apps from their devices to ensure they won't be charged fees for services they never signed up for.

ExpensiveWall Android malware sneaks into Google Play Store (SlashGear) It seems almost too ironic that the Google Play Store has been secretly invaded by even more malware after it has promoted its Google Play Protect security platform for Android. Boasting of technol…

Ten Malicious Libraries Found on PyPI - Python Package Index (Bleeping Computer) The Slovak National Security Office (NBU) has identified ten malicious Python libraries uploaded on PyPI — Python Package Index — the official third-party software repository for the Python programming language.

Devs unknowingly use “malicious” modules snuck into official Python repository (Ars Technica) Code packages available in PyPI contained modified installation scripts.

Attackers Can Bypass SKEL Protection in macOS High Sierra (BleepingComputer) A new security feature added in macOS High Sierra (10.13) named "Secure Kernel Extension Loading" (SKEL) can be bypassed to allow the loading of malicious kernel extensions.

Cybercriminals deploying assortment of banking Trojans and ransomware (Help Net Security) Banking trojans were extensively used by cybercriminals during August, with three variants appearing in the Check Point Global Threat Impact Index.

Rogue Wordpress Plugin Allowed Spam Injection (Threatpost) A rogue version of the WordPress plugin called “Display Widget” allowed third-parties to injecting spam advertising content into victims’ sites.

Google purges malware apps with millions of downloads (CNET) Malicious Android apps can force your phone to send text messages to fraudulent services and steal your money.

Developers Unwittingly Embedded Malware in Their Android Apps via Shady SDK (BleepingComputer) Malware authors hid malicious code inside a software development kit (SDK) that developers embedded in their Android apps, unwittingly exposing their users to a mobile malware strain that Check Point identifies as ExpensiveWall.

Fitbit’ Fitness Tracker Devices Leak Personal Data: Researchers (HackRead) We do know that the inherent flaws in wearable devices especially the fitness trackers can prove to be detrimental to our security because of the nature of

How One of Apple's Key Privacy Safeguards Falls Short (WIRED) Apple has boasted of its use of a cutting-edge data science known as "differential privacy." Researchers say they're doing it wrong.

LinkedIn Phishing Scam Steals Gmail Credentials Through Google Docs (HackRead) LinkedIn, a business and employment-oriented social networking website contain personal information of more than 500 million users from around the world ma

Fake eBay Invoices Plague Consumers (WHNT.com) A Wombat Security Technologies survey reports that 85% of organizations, worldwide, have been targeted by phishing attacks. One among those is eBay - continually targeted by scammers. Below is an example of a new phishing email that is making the rounds to inboxes across the nation. It claims to be from eBay stating that the recipient owes hundreds of dollars for an item they did not purchase.

DHS reissues 165 Medicare numbers in response to darknet scandal (Computerworld) The Department of Human Services (DHS) has issued around 165 individuals with new Medicare numbers as a precaution following the darknet ‘Medicare Machine’ scandal.

Doctors Urge Restraint Over Dark Web Saga (The Bull) Doctors are urging the federal government not to overreact to the sale of personal Medicare details on the dark web.

Content Delivery Networks Offer More Bandwidth, but Can Hide Malware (Security Intelligence) Cybercriminals are using content delivery networks to spread malware. This vector is especially effective because it is difficult to block CDN IPs.

Shipping has 'collective blindness' and must improve its cyber security (Loadstar) Shipping remains blind to the threat posed by insufficient cyber security.

Cyber attack could sink cruise ships, Government advice warns (The Telegraph) Cruise ships could be sunk by cyber terrorists, official Government guidance has warned in a drive to improve protections from online attacks.

Interview: Paul Rosen on cyber security (IBC) IBC2017: "Plan, prepare and practice," Cyber Security expert and former Chief of Staff at the Department of Homeland Security Paul Rosen told IBC365 regarding the prevalent risks of cyber threats.

An Unexpected Security Problem in the Cloud (Wall Street Journal) Misconfigured software and services are leading to accidental exposures of company data.

How Secure is Information Stored on a Cloud Server? (1redDrop) A cloud server from a recognized service provider is as secure as any privately managed data center; and resources are shared, which brings down the cost.

Democrat-linked data firm exposed Alaskans' voter info (Must Read Alaska) Records that contain extensive details about all Alaska registered voters were exposed to the public on the Internet, due to a database error at a Democrat-related Big Data firm.

The Dangers of the Hackable Car (Wall Street Journal) As cars go increasingly digital—and connected—cybersecurity experts worry that they also are becoming a lot more vulnerable

Villain or hero? A Vandal Cuts Off Internet for Thousands of New Yorkers (Motherboard) New Yorkers hate Time Warner so much, it brings them together.

Security Patches, Mitigations, and Software Updates

VMware Patches Bug That Allows Guest to Execute Code on Host (Threatpost) Users who run four different types of VMware products, ESXi, vCenter Server, Fusion and Workstation, are being encouraged to update to address a series of vulnerabilities, one critical.

Chrome will tag FTP sites as "Not secure" (Help Net Security) Google Chrome 63, expected to be released sometime around December, will label resources delivered over the FTP protocol as "Not secure".

Google Will Auto-Delete Android Backups If Users Don't Use Their Phones for 2 Weeks (BleepingComputer) Google will automatically delete all of a user's Android backup files — stored in his Google Drive account — if the user does not use his phone for two weeks.

Cyber Trends

Digital Terrorism Is The New Global Threat (BW Businessworld) Ravikumar Sreedharan - The survey found that the top two security concerns for consumers are: Identity theft and bankcard fraud. These are threats that impact all businesses and government agencies, , Digital Terrorism, cyber security, consumers, internet

Forming a united front against cyber attacks (Manufacturers' Monthly) As we enter a more interconnected world, the danger of a cyber attack increases exponentially. Manufacturers’ Monthly investigates. In May this year, a global ransomware attack, Wannacry, targeted more than 200,000 computers in more than 150 countries. Businesses’ computers were taken hostage by the ransomware, which would not allow them to access their files unless … Continue reading Forming a united front against cyber attacks →

Mobile apps still the 'Wild West' of online security (BetaNews) Most app stores are still failing to adequately protect their users from malicious and fraudulent app downloads.

Security Does Not Equal Privacy (HuffPost UK) There's a misconception among trusting mobile and Wi-Fi network users that often leaves personal data dangling on a hook over a sea of ready hackers...

Public, Hybrid Cloud Security Fears Abound (Dark Reading) Most CISOs say encryption is the most effective security tool for data in the public cloud, but only one in six encrypt all data stored there.

Most cloud services still not GDPR-ready (Help Net Security) Netskope found that unfortunately nearly three-quarters of cloud services still lack key capabilities to ensure GDPR compliance.

Changing Cyber Threats Call For New Protection Strategies (Infosecurity Magazine) Changes in cybercrime techniques mean that companies need to be sure their strategies—from security practices to cyber insurance coverage—keep pace.

AI will change the face of security, but is it still the stuff of sci-fi? (Help Net Security) The perfect vision for the future of AI in the security industry is the creation of an advanced system that can take care of everything for us.

The Future of Artificial Intelligence, According to Pop Culture (GoldSeek) The unpredictable nature of superintelligent, self-improving machines lends itself quite nicely to the dramatic storylines of movies and books.

Marketplace

Five things to know about the Kaspersky-Russia controversy (TheHill) Government scrutiny of Moscow-based cybersecurity firm Kaspersky Lab grew this week after the Trump administration barred federal agencies and departments from using software produced by the company, citing potential risks to U.S.

Feds whack Kaspersky — now what? (FederalNewsRadio.com) DHS needs to be more forthcoming with what it knows about Kaspersky after giving agencies 90 days to remove its products from their networks.

Kaspersky Lab Unlikely to Salvage US Government Business Amid US-Russia Tensions (Sputnik) Russia-based software firm Kaspersky Lab, whose products have been banned from use in US government agencies over alleged links to the Russian authorities, is unlikely to get a fair trial in the United States as it has become entangled in the complicated relationship between Washington and Moscow, experts told Sputnik.

US action against Kaspersky is unfair competition - Kremlin (Telecompaper) US action against Kaspersky Laboratory is designed to undermine the competitive position of Russian firms worldwide and amounts to unfair competition, Dmitry Peskov, a spokesman for the Kremlin told reporters, according to Reuters.

Editorial: From Russia with . . . (Boston Herald) “The Capitalists will sell us the rope with which we will hang them.” — Vladimir Ilyich LeninSurely Lenin would have had a good laugh over the fact that it has taken this long for the U.S. government to move to ban all federal agencies from using software made by the Russian cybersecurity firm Kaspersky Lab.A directive issued Wednesday by the Department of Homeland Security gives agencies 90 days to develop a plan for removing the software.

Equifax breach could hurt Jack Ma’s acquisition of MoneyGram (New York Post) Jack Ma may turn out to be the most high-profile victim of the Equifax cyber-attack. A multi-agency presidential advisory panel weighing the approval of the $1.2 billion purchase of MoneyGram by th…

Cyberinsurers Look to Measure Risk (Wall Street Journal) Companies have come up with a ratings system based on some unusual methodology.

Spyware Company That Said It Would Leave Spyware World Shows Up At Arms Fair (Motherboard) Aglaya said it wasn't interested in selling sketchy products to governments. Now, it's advertising the same products at arms shows.

Palantir's IPO Plans are Just as Secretive as the Company Itself (NASDAQ.com) Palantir Technologies is a privately-held software and services company that has taken Silicon Valley by storm since its launch back in 2004. It was founded by Peter Thiel, Nathan Gettings, Joe Lonsdale, Stephen Cohen, Garry Tan, and Alex Karp (now CEO) with the idea of "creating the world's best user experience for working with data, one that empowers people to ask and answer complex questions without requiring them to master querying languages, statistical modeling, or the command line."

Cisco Investors Have It Backwards (Seeking Alpha) Cisco’s transformation creates opportunities and risks. So far, the recurring revenue benefits have mostly gone to debtholders. But the common has much greater

Big Interview: Symantec on Norton products and future plans (PCR) Norton by Symantec is a household name synonymous with security software, but now the company is making the leap into the physical realm.

Palo Alto Networks CEO: We Are Now Bigger Than Check Point, Fast Approaching Size Of Cisco's Security Business (CRN) 'I think one of the things that a lot of partners don't realize because we've grown so quickly in such a short amount of time is actually how big Palo Alto Networks is,' CEO Mark McLauglin tells CRN.

FireEye's new marketing chief says the company has a 'compelling' story to tell (Security Brief) Cybersecurity intelligence firm FireEye has named Vasu Jakkal as the company’s new chief marketing officer.

Symantec: A Blow To The Bearish Thesis (Seeking Alpha) Symantec just made a deft move to ease the burden on Norton and the consumer security division. Positive black-swan events deliver after developments relating t

Cirrus Networks snags disaster recovery contract with Pilbara Ports Authority (CRN Australia) Worth in excess of $1.4 million.

Burnaby's Fortinet bulking up to combat brewing cyber threats (Vancouver Sun) International cybersecurity firm Fortinet is on the hunt to hire as many as 1,000 tech experts to fill its newly expanded data hub in Burnaby and help it keep on top of a rapidly expanding “t…

EU security chief: Europe faces a "cyber security skills gap" (Government Computing) EU needs to develop better cyber hygiene habits; and businesses and risk-based cyber security programmes to cope with current cyber security challenges

The Battle for Cybersecurity Talent in America (Infosecurity Magazine) The Battle for Cybersecurity Talent in America: East Coast .vs. West Coast

Cost of User Security Training Tops $290K Per Year (Infosecurity Magazine) Employees spend seven hours a year in training and learning best practices to help keep the business secure.

Is cyber security education a waste? (Information Age) Large enterprises are wasting nearly $300k per year on security education: so why are endpoint attacks more successful than ever?

Germany's Siemens to set up robotics research center in China (Reuters) German industrial group Siemens said on Thursday it was setting up a robotics research center in China, the world's biggest market for industrial robots.

KeyW Appoints Kirk Herdman as Executive Vice President of Corporate Strategy and Business Development (Business Insider) The KeyW Holding Corporation (NASDAQ:KEYW) announced today that it has appointed Kirk Herdman as executive vice president (EVP) of Corporate Strategy and Business Development. Mr. Herdman joined KeyW in April this year through the company’s acquisition of Sotera Defense Solutions. He most recently served as the company’s EVP of Corporate Strategy.

Verve Industrial Protection Announces Appointment of Experienced Cyber Security Executive Jim Crowley, as Vice President Sales & Marketing (Business Insider) Verve Industrial Protection, the global leader in industrial control system (ICS) cybersecurity, today announced the appointment of Jim Crowley as Vice President Sales and Marketing. He will be responsible for revenue generation and new customer acquisition globally.

Products, Services, and Solutions

New infosec products of the week​: September 15, 2017 (Help Net Security) This week's new infosec releases include the following vendors: AdaptiveMobile, Elcomsoft, FinalCode, and Fujitsu.

Israel's CYBONET Launches A Comprehensive Cyber Security Solution For SMEs (PRWeb) The Cybowall Solution is a threat detection and response platform engineered for small and medium sized enterprises (SMEs). Combining both affordability and functionality, Cybowall provides organizations with a single security tool that delivers those capabilities necessary to identify and respond to active threats and potential vulnerabilities within the network.

Keybase launches fully encrypted Slack-like communications tool — and it’s free (TechCrunch) Keybase added to its encrypted tool kit today when it launched Keybase Teams, an open source, Slack-like communications tool with end-to-end encryption...

Zix Acquires Entelligence Messaging Server Business to Strengthen Its Industry-Leading Email Encryption Solutions (BusinessWire) The acquisition of Entelligence Messaging Server demonstrates Zix’s ongoing commitment to deliver the industry’s premier email encryption

Telefónica, Palo Alto Networks Launch Cloud-Based Security Softwa (SDxCentral) Telefónica, working with Palo Alto Networks, has launched a cloud-based security software serrive to protect customers’ Internet access.

UBF launches first cyber threat sharing platform for UAE banks (GulfNews) Banks to share cyber security intelligence on Anomali ThreatStream

China Telecom Global Taps Versa Networks for SD-WAN Service (Light Reading) Global arm of China Telecom using Versa's SD-WAN and SD-Security for complete cloud-based portfolio.

Building security by design - a discussion of VMware App Defense (diginomica) Could AppDefense be the answer to persistent hacking? It tackles the problem through the need for security by design.

Technologies, Techniques, and Standards

Equifax Breach Hindsight - What If They Used Containers? (Aquasec) Would the Equifax breach have happened if they’d been using containers?

Equifax Bungles the Details Over and Over Again (Bloomberg.com) The fine print on its consumer protection website is befuddling even to a professor of contract law.

Equifax: four simple steps to secure yourself (Naked Security) Take these four steps to get through the Equifax breach with your identity and finances intact

No end in sight for huge data breaches (Banking Exchange) Focusing on protecting privileged accounts and consolidation defenses might be the next, best answer By now about 143 million Americans know, or ought...

7 Cybersecurity Questions Every Leader Should Ask (Forbes) I recently interviewed the former CIO for the White House (under the Bush administration), Theresa Payton, about why marketers must start engaging in cybersecurity before crises like the recent Equifax cybersecurity incident emerge

Cyber-Attack Response Guidance for Covered Entities and Business Associates (The National Law Review) The Health Insurance Portability and Accountability Act ("HIPAA") contains minimum security standards that Covered Entities and Business Associates must employ to safeguard protected healt

​DPP launches cyber security programme (IBC) The Digital Production Partnership has unveiled a new cyber security programme which enables UK broadcasters and their suppliers to self-assess against a number of key security criteria.

Getting some intelligence from malspam (SANS Internet Storm Center) Many of us are receiving a lot of malspam every day. By "malspam", I mean spam messages that contain a malicious document.

As healthcare interest in threat intelligence grows, lack of expertise is limiting use (Healthcare IT News) While 86 percent of IT security professionals found threat data valuable to their security missions, only 51 are using the intelligence to handle risk, Ponemon says.

Toronto hospital backs new encryption security strategy (Healthcare IT News) The tech is designed to bring medical staff and patients closer together through private online communications, protecting this exchange of data as well as sensitive data at rest.

Developing an effective cyber resilience strategy to deal with the threat of ransomware (CSO) Cyberattacks are constantly evolving, and it seems like every day there’s a new story about an organisation that’s been breached.

The Limits of Antivirus Software (Wall Street Journal) While antivirus software helps protect against hacks, it doesn’t provide the invincibility that many users believe.

Tips for the Safe Implementation of Electronic Bill Pay (Infosecurity Magazine) Electronic bill presentiment and payment is only a few years old, and data theft is becoming a serious issue.

Is universal end-to-end encrypted email possible (or even desirable)? (CSO Online) End-to-end email encryption is getting more attention as security and compliance concerns mount, but practical use cases are rapidly being eaten away by other technologies.

DDoS protection, mitigation and defense: 7 essential tips (CSO Online) Protecting your network from DDoS attacks starts with planning your response. Here, security experts offer their best advice for fighting back.

Design and Innovation

The Loopix Anonymity System Wants to Be a More Secure Alternative to Tor (BleepingComputer) Loopix is a new anonymity network developed by a group of researchers from University College London (UCL) that comes with all the good parts of previous systems and new additions to improve security.

iPhone X and Face ID: The Good, The Bad, and The Ugly (Digit) Apple have unveiled their new facial recognition technology for smartphones, and it could come with a whole host of security problems...

Apple's Face ID can be quickly disabled in an emergency (Help Net Security) Apple has implemented easy methods to disable Face ID if the user is ever in a position of being forced to unlock the device without actually wanting to.

Facial recognition technology explained (Android Authority) More and more smartphones now come equipped with facial recognition security, so here's everything you need to know about how they work.

Who is to blame for algorithmic outrage? (TechCrunch) This week we saw a few high-profile demonstrations of the ability to target advertising to unsavory groups generated or suggested by major internet companies...

Research and Development

Can the US Military Re-Invent the Microchip for the AI Era? (Defense One) As conventional microchip design reaches its limits, DARPA is pouring money into the specialty chips that might power tomorrow’s autonomous machines.

Virtual StrongBox Racks Up Two More Patents for Its Secure Customer Engagement Platform (PRNewswire) Virtual StrongBox, Inc. has earned two more patents – its fifth and...

Academia

Augusta University to host two cybersecurity conferences in September (WRDW) Cybersecurity experts, according to a press release, will make their way to Augusta University’s campus Friday and Saturday for two major conferences, discussing the latest trends in cyberattack and cyber defense.

Legislation, Policy, and Regulation

Brussels losing patience with US over data-sharing agreement (Financial Times) Privacy Shield review hindered by Trump delays in appointing key officials

Senior CPC official stresses cyber security ahead of key Party congress (Ecns.com) Senior Communist Party of China (CPC) official Liu Yunshan on Saturday asked for more to be done to create a sound cyber environment ahead of the 19th National Congress of the CPC next month.

UK Data Protection Bill lands: Oh dear, security researchers – where's your exemption? (Register) So if re-identifying folk from anonymised data is to be a crime...

Netanyahu, Peña Nieto meet, agree to bolster Israel-Mexico cyber security ties (Haaretz) Peña Nieto says Mexico accepted Israel’s offer to help it and the U.S. develop Central America; Netanyahu invites Mexican leader to Jerusalem

When is a cyber attack an act of war? We don’t know, warns ex-Obama adviser (VentureBeat) As warfare becomes increasingly digital, countries are facing a major problem: It's hard to define when a cyberattack constitutes an act of war. Avril Haines, a former deputy national security adviser during the Obama administration, said today that while there are established norms around what counts as a physical act of war, those same metrics don't exist for digital attacks.

An Era of Authoritarian Influence? (Foreign Affairs) Authoritarian states are boldly seeking to influence Western democracies. How should liberal governments respond?

Senators Propose US Elections Cybersecurity Commission (Dark Reading) The proposed commission would aim to review the 2016 election process and safeguard future elections from interference.

Can Washington Protect America's Electoral Process from the next Cyber Attack? (The National Interest) Congress needs to act on a major elections-security initiative this year.

Congress Must Do More To Speed Up DOD Cyber Acquisitions (Law360) Millions of times each day, adversaries scan the U.S. Department of Defense’s networks seeking vulnerabilities. Because cyberthreats evolve so quickly and the DOD isn’t keeping pace, a catastrophic failure looms. Among the problems with the way this fight is being prosecuted are stifling acquisition procedures that make the DOD too slow for cyber.

Agency CIOs in the eye of brewing reorg storm (FederalNewsRadio.com) The reorganization plans of three agencies show a trend of consolidating, centralizing back-office functions.

Bossert out front as Trump's detail man on homeland threats (WTOP) At nearly 6-foot-6, Tom Bossert is hard to miss. Yet he came and went through the gilded lobby at Trump Tower multiple times during the presidential transition largely unnoticed among the parade…

Editorial: And the enemy within (Boston Herald) The White House and Attorney General Jeff Sessions may be obsessed with leaks of classified information from within their own ranks, but the real problem of protecting the nation’s secrets is far more basic than that.Some 700,000 reviews for government security clearances are pending at the moment and that has led some agencies — such the Defense Department — to issue interim security clearances. And down that road lies the potential for real disaster.

Litigation, Investigation, and Law Enforcement

Parsons Green bombing: Foster couple unaware of terror suspect’s troubled background (Times) The couple who acted as foster parents for a young refugee suspected of carrying out the Parsons Green bombing are upset that they were not warned about his troubled background, friends said. The...

London terror attack: Suspect in Parsons Green bombing given away by his hat (Times) A refugee suspected of planting a bomb on a London Underground train was arrested because he was wearing a distinctive hat that matched one captured in CCTV pictures of the crime scene, The Times...

7/7 ‘mastermind’ is seized in Iraq (Times) The al-Qaeda leader who is thought to have devised the plan for the July 7 suicide bombings in London and an array of terrorist plots against Britain has been captured by the Americans. Abd al-Hadi...

Congressman on Equifax: Can’t legislate against stupidity but can hold people accountable (CNBC) "I want to ask all the questions, then we'll get to what the actions are going forward," Rep. Greg Walden, R-Ore., told CNBC.

Top House Dem asks Equifax rivals about security measures after record breach (TheHill) A top Democrat on the House Financial Services Committee asked Equifax’s competitors on Wednesday whether they’ve taken steps to prevent a similar security breach.

Mississippi AG joins multi-state investigation into Equifax data breach (Daily Journal) Mississippi Attorney General Jim Hood joined 31 attorneys general on Friday in requesting credit reporting firm Equifax disable links for enrollment in fee-based credit monitoring services in the

Liability for Data Breaches (GalkinLaw) Data breaches occur all too often. It's critical for businesses to understand data breach liability and how to successfully negotiate a mutually beneficial data breach clause. This post is a guide to this negotiation.

Catalan president gives instructions on Twitter after referendum website blocked (Newsline) This post was originally published on this site Published time: 17 Sep, 2017 20:30 Catalan President Carles Puigdemont has taken to Twitter to explain how voters can use proxies to access the referendum instruction website ahead of the controversial vote on October 1. The official website for the Catalonia independence referendum was blocked in Spain …

Snap blocks Al Jazeera in Saudi Arabia to “comply with local laws” (TechCrunch) Snap has bowed to pressure from the government of Saudi Arabia to censor a news channel operated by the Qatar-based news broadcaster, Al Jazeera, from the..

Three of China's Biggest Bitcoin Exchanges Are Shutting Down (Motherboard) The announcements come in response to a Chinese directive to halt Bitcoin trades by the end of the month

The Awan breach on Capitol Hill gets murkier and leads to more questions (Circa) On April 6, at midnight, in a small room once used as a phone booth on the second floor of the Rayburn House Office Building, a Capitol Hill Police Officer doing his security rounds discovered…

Adam Schiff: Social media and search engine companies need to testify before Congress on Russian ad buys (Washington Examiner) Schiff, the ranking member on the House Permanent Select Committee on Intelligence, said the committee had requested more information from F...

Senators propose 9/11-style commission on Russian interference (TheHill) Sens. Kirsten Gillibrand and Lindsey Graham say such a panel is urgently needed.

Intelligence, Politicization, and the Russia Probe (Lawfare) Is CIA Director Mike Pompeo helping President Trump bury the Russia investigation?

Whistleblower or wrongdoer? White House correct on Comey violations (TheHill) The former FBI director took questionable action when used his memos as a sword once he was fired.

Trump condemns Rice's unmasking: 'What she did was wrong' (TheHill) President Trump ripped former national security adviser Susan Rice on Thursday for unmasking the names of his top aides in an intelligence report.

'Pay-to-play' at Clinton State Department exposed in new emails, watchdog says (Fox News) Newly disclosed emails expose fresh examples of pay to play at the Clinton State Department, a conservative watchdog group said Thursday.

ISPs can keep sharing your browsing history after California no-vote (Ars Technica) Lawmakers fail to vote on opt-in rule that would protect your browsing history.

Newly Declassified Documents (IC on the Record) Today, the ODNI, in consultation with the Department of Justice (DOJ), is releasing additional FISA Section 702 documents regarding the 2011 certification documents and adding those documents to a related prior post...

Feds in California are aggressively going after Silk Road, AlphaBay vendors (Ars Technica) Federal courthouse in Fresno is set to see a lot of action in coming months.

Contact made with suspect in school threat investigation (Daily Inter Lake) The investigation into the Flathead Valley’s school-threat scare took two new turns on Saturday.The Flathead C

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Cyber Security Conference for Executives (Baltimore, Maryland, USA, September 19, 2017) The Johns Hopkins University Information Security Institute and COMPASS Cyber Security are hosting the 4th Annual Cyber Security Conference for Executives on Tuesday, September, 19. It will be held on...

4th Annual Industrial Control Cybersecurity Europe (London, England, UK, September 19 - 20, 2017) Against a backdrop of targeted Industrial Control System cyber attacks against energy firms in the Ukraine power industry, the massive attacks against the Norway oil and gas industry, cyber attacks on...

Cyber Everywhere: Collaboration, Integration, Automatio (Washington, DC, USA, September 20, 2017) We’ve seen all of the cyber headlines this year – new policies emerging, old policies evolving, the cyber workforce is multiplying, and rapidly growing connected devices are complicating governance. While...

10th Cyber Defence Summit (Dubai, UAE, September 20, 2017) Naseba’s 10th Cyber Defence Summit will address the importance of protecting critical infrastructure and sensitive information, help companies procure cyber security solutions and services, and create...

Maine Cyber Safety Institute (Waterville, Maine, USA, September 20 - 21, 2017) The Summit intends to help business protect themselves from possible losses. The Information Security Community, representing cyber professionals, found that 54% of anticipated cyberattacks against their...

2017 Washington, D.C. CISO Executive Leadership Summit (Washington, DC, USA, September 21, 2017) Highly interactive sessions will provide many opportunities for attendees, speakers and panelists to be engaged in both learning and discussion. The objective for the day is to deliver high quality useful...

Connect Security World (Marseille, France, September 25, 2017 - 27, 2014) As IoT solutions are transitioning from hype to real deployments, the “Internet of insecure things” threat is gaining ground. To address unlimited risks, threats and vulnerabilities surrounding IoT, a...

(ISC)2 Security Congress (Austin, Texas, USA, September 25 - 27, 2017) (ISC)² Security Congress cybersecurity conference brings together nearly 1,500 cybersecurity professionals, offers 100+ educational and thought-leadership sessions, and fosters collaboration with forward-thinking...

Connect Security World (Marseille, France, September 25 - 27, 2017) As IoT solutions are transitioning from hype to real deployments, the “Internet of insecure things” threat is gaining ground. To address unlimited risks, threats and vulnerabilities surrounding IoT, a...

SINET61 2017 (Sydney, Australia, September 26 - 27, 2017) Promoting cybersecurity on a global scale. SINET – Sydney provides a venue where international solution providers can engage with leaders of government, business and the investment community to advance...

O'Reilly Velocity Conference (New York, New York, USA, October 1 - 4, 2017) Learn how to manage, grow, and evolve your systems. If you're building and managing complex distributed systems and want to learn how to bake in resiliency, you need to be at Velocity.

24th International Computer Security Symposium and 9th SABSA World Congress (COSAC 2017) (Naas, County Kildare, Ireland, October 1 - 5, 2017) If you thought symposiums on information security and risk were all the same, look again! COSAC is an entirely different experience. Conceived by practising professionals for experienced professionals,...

Cybersecurity Nexus North America 2017 (CSX) (Washington, DC, USA, October 2 - 4, 2017) Be a part of a global conversation with professionals facing the same challenges as you at the nexus—where all things cyber security meet. Cyber security doesn’t take a vacation and it doesn’t sleep. You...

Atlanta Cyber Week (Atlanta, Georgia, USA, October 2 - 6, 2017) Atlanta Cyber Week is a public-private collaboration hosting multiple events during the first week of October that highlight the pillars of the region’s cybersecurity ecosystem and create an opportunity...

4th Annual Industrial Control Cyber Security USA Summit (Sacramento, California, USA, October 3 - 4, 2017) Against a backdrop of targeted Industrial Control System cyber attacks, such as those against energy firms in the Ukraine power industry, the massive attacks against the Norway oil and gas industry, cyber...

4th Annual Industrial Control Cyber Security Summit USA (Sacramento, California, USA, October 3 - 4, 2017) Against a backdrop of continued ICS targeted cyber attacks against energy firms in the Ukraine power industry (CRASHOVERRIDE), the massive attacks against the Norway oil and gas industry, cyber attacks...

CyberSecurity4Rail (Brussels, Belgium, October 4, 2017) Facilitated by Hit Rail, this conference will bring together experts in cybercrime and digital security, plus leaders in ICT and representatives from transport and railway companies, European organisations...

Infosecurity North America (Boston, Massachusetts, USA, October 4 - 5, 2017) Organized by Infosecurity Group, which has provided the global information security community with some of the largest, longest established conferences and expos over the past 22 years including Infosecurity...

Hacker Halted (Atlanta, Georgia, USA, October 9 - 10, 2017) The theme for Hacker Halted 2017 is The Art of Cyber War: Lessons from Sun Tzu. 2,500 years ago, Sun Tzu wrote 13 chapters on military strategy. Fast forward to today and we are still learning from those...

European Cybersecurity Forum – CYBERSEC (Krakow, Poland, October 9 - 10, 2017) The Fourth Industrial Revolution is in full swing, giving a strong impulse to the growth of Europe’s innovation-driven economy that can compete with world’s economic superpowers. Let’s start the dialogue...

2017 ISSA International Conference (San Diego, California, USA, October 9 - 11, 2017) Each day, cyber threats become increasingly intricate and difficult to detect. Over the past year, we saw that with the rise of device connectivity came boundless opportunities for malicious hackers to...

Maryland Cyber Day Marketplace (Baltimore, Maryland, USA, October 10, 2017) Hundreds of cybersecurity providers and buyers in one location on one day. Maryland Cyber Day Marketplace provides the opportunity for cybersecurity buyers to connect with, get to know and purchase cybersecurity...

Cyber at the Crossroads (Adelphi, Maryland, USA, October 10, 2017) Join the Cyber Center for Education & Innovation (CCEI), Home of the National Cryptologic Museum (NCM) for a one-day symposium of renowned national cybersecurity leaders, including experts from past and...

ManuSec USA (Chicago, Illinois, USA, October 11 - 12, 2017) This series will bridge the gap between the process control and corporate IT senior level professionals, allowing them to discuss challenges, critical issues and debate best practice guidelines.

CyberMaryland (Baltimore, Maryland, USA, October 11 - 12, 2017) Maryland is recognized as a cybersecurity leader - nationally and internationally. The state has developed cybersecurity experts, education and training programs, technology, products, systems and infrastructure.

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.