skip navigation

More signal. Less noise.

Combating threats and protecting the enterprise data in the digital workspace.

Digital workspaces bring enormous benefits to organizations and their employees across the globe, but require new thinking when it comes to security. In our perimeter-less digital world, protecting, detecting, and remediating threats requires intelligence-driven approaches. Check out VMware’s insightful white paper describing a new, comprehensive and predictive approach. It highlights the importance of securing the evolving digital workspace and the need for enterprises to embrace a framework of trust between the components in their ecosystem.

Daily briefing.

The US and UK continue to warn that Russian cyber operators (associated in most reports with "Grizzly Steppe") continue the reconnaissance phase (and possibly the staging phase) of their ongoing battlespace preparation. US-CERT's warning contained a good deal of actionable advice on how to reduce vulnerability to such probes.

Observers note that the intelligence offered in justification of the airstrikes against targets in Syria associated with the Assad regime's use of chemical agents against restive civilians was based to a great extent on open sources. Comments by both the US and French governments indicate that social media were a particularly important source of information. Drone policies and tactics appear to be informing allied cyber action.

The  US income tax deadline (April 17th vice the customary 15th) has been extended an additional day. The Internal Revenue Service's online systems failed as eleventh-hour taxpayers attempted to file. The IRS said it's a "hardware issue," which is generally interpreted as meaning "we weren't hacked."

A US Federal judge in California has ruled that a class action suit complaining of Facebook's facial recognition technology can go forward. The judge noted that damages could be very high. Concerns about social media and privacy continue to run high. Forbes reports that an Israel-based surveillance firm, Terrogence, has used facial recognition features in Facebook and other platforms to build a very large database of biometric profiles.

Australian intelligence services are joining their counterparts in the UK and the US in regarding Chinese device manufacturer ZTE with suspicion.

Notes.

Today's issue includes events affecting Australia, China, France, Russia, United Kingdom, United States.

Cyber is the new battlefield.

Become a Cyber Spartan and Defend the Gates of America. At Invictus International Consulting we are hiring elite cyber, intelligence, and technology experts to serve our government and commercial clients. Join us.

In today's podcast, we speak with our partners at RSA Security, as CTO Zulfikar Ramzan shares his thoughts on this year's conference. Our guest is Kevin McNamee from Nokia, who discusses threat intelligence and mobile device ransomware.

XM Cyber is coming to RSA (San Francisco, California, United States, April 16 - 20, 2018) Visit XM Cyber at the Israeli Pavilion, South Hall booth 635, to experience the first automated APT simulation platform to expose, assess and amend every attack path to organizational critical assets.

HackNYC2018 (New York, New York, United States, May 8 - 10, 2018) Cyber attacks are often called non-violent or non-kinetic attacks, but the simple truth is that there is a credible capability to use cyber attacks to achieve kinetic effects. Kinetic Cyber refers to a class of cyber attacks that can cause direct or indirect physical damage, injury or death solely through the exploitation of vulnerable information systems and processes. Use code CWIRE20 for 20% off the $50.00 individual ticket price.

8th Annual (ISC)2 Security Congress (New Orleans, Louisiana, United States, October 9 - 11, 2018) The (ISC)2 Security Congress brings together the sharpest minds in cyber and information security for over 100 educational sessions covering 17 tracks. Join us to learn from the experts, share best practices, and make invaluable connections. Your all-access conference pass includes educational sessions, workshops, keynotes, networking events, career coaching, expo hall and pre-conference training. Save your seat at congress.isc2.org.

Dateline RSA Conference 2018

DHS secretary says US must fight hacks from abroad (CNET) Offensive cyberattacks are on the table in the face of hacks from other countries, Kirstjen Nielsen says.

Microsoft, Facebook, dozens more sign Cybersecurity Tech Accord (ZDNet) At the start of the RSA conference, major technology firms pledge to protect their users and stay out of government-launched cyber attacks.

Microsoft's Brad Smith urges action on nation-state cyberthreats (SearchSecurity) Microsoft President Brad Smith warned of nation-state cyberthreats at RSA Conference 2018 and called on governments to develop a 'digital Geneva Convention.'

Microsoft Chief Legal Officer Brad Smith on security & dealing with China (CNBC) Microsoft President & Chief Legal Officer Brad Smith sits down with CNBC's Josh Lipton to talk about cyber security, new products, Facebook's data scandal and trade tensions with China.

RSA security conference has few surprises on Day 2— except this dancing fox and a magician (Mashable) The true hotness.

The winners of the 2018 SC Awards Honored in the U.S. (SC Media US) Trust Award Best Authentication Technology Winner Jumio Picture this: A clever fraudster prints out an enlarged copy of a stolen driver's license, ho

Cryptominers Leaped Ahead of Ransomware in Q1 2018, Comodo Cybersecurity Threat Research Labs' Global Malware Report Shows (PR Newswire) Comodo Cybersecurity, a global innovator and...

Akamai’s State of the Internet / Security: Carrier Insight Report Highlights the Importance of Information Sharing in Battle Against Cyber Threats (Akamai) Layered Analysis of Cyber Data, Including DNS Queries, Leads to Stronger Protection Against DDoS, Malware, and Botnet Attacks

Akamai announces enhancements to its cloud delivery platform (Channel World) Akamai Technologies announced significant enhancements that are designed to improve website, app, and network security without compromising the performance of digital applications.

Titan IC: LookingGlass Cyber Solutions Launches IRD-100™ a Fully-Programmable Stealth Security Appliance (BusinessWire) LookingGlass™ Cyber Solutions, a leader in threat intelligence-driven security, announced the general availability of the LookingGlass IRD-100 (Intell

Nuix Unveils a Lean-in Approach to Managing Cybersecurity Risk at RSA USA 2018 (Business Insider) SAN FRANCISCO, April 17, 2018 /PRNewswire/ -- RSA USA CONFERENCE -- Nuix (www.nuix.com), a cybersecurity, risk, and compliance software company, today unvei...

Corvil Says Treating Corporate Networks as a Perpetual “Cyber” Crime Scene Can Reduce the Cost and Impact of a Breach (Globe Newswire) With tough financial penalties on data breached businesses, firm believes Network Forensics are the Crown Jewel of the “Cyber Kill Chain” for when, not if, an attack occurs

New Patents from Secure Channels Inc. Offer Encrypted Security for Email, Document Distribution, Video Content, and Data Compression (PR Newswire) Secure Channels Inc., provider of innovative security solutions...

Optiv Security Furthers Rationalization and Optimization Strategy with Launch of Secure Data Reference Architecture (BusinessWire) Optiv launches secure data reference architecture, a proven, cyber security-specific solution for data ingestion, analysis and automation.

IoT Security Milestone for Intrinsic ID Authentication: More Than 100 Million Devices Protected (Design And Reuse) Intrinsic ID today announced its security technology has been deployed in more than 100 million devices. Intrinsic ID’s authentication technology is being demonstrated at the RSA Conference this week in San Francisco.

AlienVault Unveils Free Threat-Scanning Service for Endpoint Devices through Open Threat Exchange (GlobeNewswire News Room) OTX Endpoint Threat Hunter Delivers Simple, Fast Threat Visibility to Assess Business Risk from Malware and Other Threats

New Trustwave Consulting Practice Helps Enterprises Transform their Security Capabilities (BusinessWire) Trustwave unveiled a new cybersecurity consulting practice designed to help enterprises accelerate and bolster their security capabilities.

GuardiCore Enables Secure Rapid Container Deployment (GuardiCore) GuardiCore Centra Security Platform reduces compliance risks, enforces security policies within containerized applications and workloads.

Spirent Showcases Testing to Optimize Balance between Security and Performance at RSA 2018 (BusinessWire) Spirent will showcase technical discussions, demonstrations, and presentations on its capabilities in network testing for security and performance.

Cyber Attacks, Threats, and Vulnerabilities

U.S. and U.K. Are Blaming Russia for a Global Hacking Campaign and Giving Advice on How to Thwart It (Fortune) Cyberattacks are attributed to Russia for the second time this year.

Russia’s Grizzly Steppe gunning for vulnerable routers (Naked Security) Russian Government hackers stand accused of targeting millions of routers

How Social Media Built the Case for Trump’s Strike on Syria (Foreign Policy) Evidence of chemical weapons used to require a chain of custody. Now, open-source intelligence is often enough.

Meet the Russian-Owned Firm Creating an Army of Traveling ‘Proxies’ (Foreign Policy) A former senior Russian intelligence official has created an American tech firm that pays people to go places and film things.

An Elaborate Hack Shows How Much Damage IoT Bugs Can Do (WIRED) Rube-Goldbergesque IoT hacks are surprisingly simple to pull off—and can do a ton of damage.

IRS gives taxpayers extra day to file after processing system crashes (FederalNewsRadio.com) The IRS is giving taxpayers an extra day to file their taxes after experiencing a partial outage of its online systems Tuesday, the final day for millions of Americans to file their 2017 tax returns.

IRS Extends Tax Filing for One Day After Computer Problems (Wall Street Journal) The IRS issued a one-day, penalty-free extension for tax filers after suffering an all-day computer breakdown on Tuesday that prevented taxpayers from filing returns electronically on the day 2017 payments were due.

The NHS is 'not ready' for another cyber attack (nechronicle) MPs warn the health service hasn't learnt the lessons of last year's cyber attack as experts warn of Russian threat

Despite Decline in Use of Adobe Flash, Vulnerabilities Will Continue to Cause Concern (McAfee Blogs) This post was researched and written with the assistance of Tim Hux, Abhishek Karnik, Asheer Malhotra, and Steve Povolny McAfee Advanced Threat Research team analysts have studied Adobe Flash Player for years because it is a popular target for attacks. As always, we advise customers to remain current with McAfee’s

Mysterious company is using Facebook to build a massive facial-recognition database (Mashable) It's not just Cambridge Analytica.

Facebook: 3 reasons we’re tracking non-users (Naked Security) It’s just how the internet works, Facebook said.

Why ‘remote detonator’ is a bad name for your Wi-Fi network (Naked Security) Police called, building evacuated…

How the Rise of Cryptocurrencies Is Shaping the Cyber Crime Landscape: Blockchain Infrastructure Use (FireEye) Cyber criminals have always been attracted to cryptocurrencies because it provides a certain level of anonymity and can be easily monetized.

Security Patches, Mitigations, and Software Updates

Analyzing Oracle Security – Critical Patch Update for April 2018 (Security Boulevard) Today Oracle has released its quarterly patch update. Oracle warns that if customers fail to apply available patches, attackers become successful in their attempts to maliciously exploit vulnerabilities. April’s CPU fixes a total of 254 security vulnerabilities.

Cyber Trends

The Human Factor 2018 Report (Proofpoint) Human Nature is the Vulnerability Today's advanced attacks target people, not just technology. Cyber criminals are scaling up people-centered threats and attacks that rely on human interaction.  Below are our key findings from data collected across our global customer base and analysis of over 1 billion messages per day. Fill out the form to get your copy.

With Investors Watching, Companies Remain Behind in Building their Cyber Workforce (BusinessWire) A new survey from Booz Allen finds that organizations must shift from plugging holes to a new approach amid a scarcity of qualified cyber talent.

State of Cybersecurity 2018 (ISACA) For the fourth year in a row, ISACA has surveyed security leaders worldwide to determine their insights and experiences with key cybersecurity issues, ranging from workforce challenges and opportunities to the emerging threat landscape.

86 per cent of cloud migration fears are still data breaches and los (Computing) Is GDPR still stoking fears?,Cloud and Infrastructure

The cloud has caused 'pretty negative byproducts' - Cisco (CRN) Vendor claims four out of five of its customers are in more than one cloud and need help addressing 'massively disrupted' environments

Marketplace

How much would you pay for Facebook? (Quartz) For the typical person, a new study suggests an account is worth around $50 a month.

Cybersecurity Firm Onapsis Lands $31M Round as it Plots IPO Path (BostInno) Boston cybersecurity company Onapsis said on Friday that it has raised a $31 million funding round led by Philadelphia-based private equity firm LLR Partners as it looks to a potential IPO in three to four years.

Spirion to Accelerate Growth in Protection of Sensitive Data from Device to Cloud with Investment from Riverside (PR Newswire) The Riverside Company, a private equity investment partner,...

'Local option' ESET on hunt for 700 partners (CRN) End-point security vendor announces recruitment drive to boost its UK reseller ranks

Cisco mocks 'scorned ex-lover' HPE at Partner Connection Week, while going after Palo Alto Networks and Nutanix (CRN) Networking giant targets Palo Alto and Nutanix with sales promos, while swiping at HPE over Hurricane Harvey supply chain problems

Former Qualys Executive Mark Butler Joins MegaplanIT as the New Senior Vice President and Chief Information Security Officer (PR Newswire) MegaplanIT, LLC. (https://www.megaplanit.com), an industry leading...

Products, Services, and Solutions

NSS Labs Announces 2018 Advanced Endpoint Protection Group Test Results (GlobeNewswire News Room) 11 products receive Recommended Rating; 4 products receive Security Recommended Rating; 1 product receives Neutral rating; and 5 products receive Caution Rating

CrowdStrike Strengthens and Expands Alliances with Top Technology Companies (BusinessWire) CrowdStrike® Inc., the leader in cloud-delivered endpoint protection, today announced the growth and expansion of its Elevate Partner Program, buildin

Cyberbit Technology Powers New Cyber Range for A1 Telekom Austria (PR Newswire) Austria's largest telco, and Cyberbit Ltd., a world leading...

VMware AppDefense Introduces Least Privilege Security for Containerized Applications (Network Virtualization) VMware AppDefense continues to expand with new capabilities, new partnerships, and global expansion

Sprint Smart UC Launch Enables Companies to Elevate Employee Collaboration and Enable Deeper Customer Engagement (PR Newswire) Sprint (NYSE: S) today announced the launch of Sprint Smart UC;...

Tripwire Expands Cloud Security Capabilities with Cloud Management Assessor (Tripwire) New functionality tackles publicly exposed cloud data; core secure configuration functionality now supports Google Cloud Platform

cPacket Adds Packet Capture Capability at 40Gbps Line Rate to Its cClear Solution (GlobeNewswire News Room) With 40Gbps and 100Gbps Networks Proliferating Across Industries, cPacket’s cStor Fulfills a Critical Need to Manage and Secure High-Speed Networks

Gmail’s new ‘Confidential Mode’ won’t be completely private (Naked Security) Have you ever wished it were possible to delete an email from a recipient’s inbox days, weeks or months after it was sent? If so and you’re a Gmail or G Suite user, it looks as if Google migh…

Accellion Introduces One-Click Compliance Reports to Accelerate Regulatory Audits (Accellion) New Reports Help CISOs Quickly Prove Full Visibility and Control of Sensitive Information for Compliance with GDPR, HIPAA, GLBA, ITAR and other Regulations

Technologies, Techniques, and Standards

This is how it feels to face a major cyber attack (ZDNet) Some of those at the centre of some of the biggest cyberattacks of last year have given advice on what happened on the day - here's what they learned and how you can plan to respond if you're attacked.

Traditional firewalls fall short in protecting organizations, says survey (Naked Security) A new survey, sponsored by Sophos, asked IT managers how their firewall technology is working for them. The results are in.

Cyber Operations in Conflict: Lessons from Analytic Wargames (CLTC) Policymakers and military leaders may need to broaden their assumptions about how state and non-state actors are likely to use hacking and other cyber operations in future crises and conflicts, according to a new report, Cyber Operations in Conflict: Lessons from Analytic Wargames. Authored by researchers from American University and...

What is File Carving and How Does it Enhance Network Security? (Bricata) File carving is a technique that reconstructs data even after it’s been deleted. In cybersecurity, modern intrusion detection systems (IDS) can use that technique to analyze network traffic for malicious files without slowing or interrupting the network traffic flow. #bro #ids #networksecurity

5 simple tips for better computer security (Naked Security) Small steps really can make a big impact.

Academia

Engility And Center For Cyber Safety And Education Announce CyberWarrior™ Scholarships (Engility) Scholarship program helps military veterans reenter the workforce

Legislation, Policy, and Regulation

Israel and Iran face a showdown in Syria (Times) I have grown old waiting for the Third World War: from the autumn of 1962 to the spring of 2018, Armageddon seemed just around the corner. Last weekend was no different. Hard-wired for disaster, I...

How Obama’s drone playbook could influence future cyber operations (C4ISRNET) The head of U.S. Cyber Command said the government is currently working through how to use cyber capabilities in areas where U.S. forces are not engaged in active combat.

UK Government Is Cozy with Companies Selling Spytech (Motherboard) It’s well documented that UK companies export surveillance technology to democracies and authoritarian regimes. But the UK government is much closer to these companies than the public may realize.

Why Do the US and China Take the Approaches to IP Protection That They Do? (The Diplomat) What explains the divergent approaches between the two powers?

FCC Moves to Block Wireless Carriers From Using Subsidies to Buy Chinese Telecom Gear (Wall Street Journal) U.S. regulators adopted a measure on Tuesday aimed at barring wireless carriers from using federal subsidies to buy telecommunications gear made by Chinese manufacturers.

ZTE Penalty Shows Peril of Lying to U.S. (Wall Street Journal) The seven-year ban on U.S. exports to Chinese telecommunications giant ZTE Corp. announced this week shook up markets and rattled the company's suppliers, but it also illustrates the pitfalls of misleading law enforcement, said observers and attorneys.

Chinese telco ZTE on Australian spy agencies radar after UK, US bans (Financial Review) A second Chinese telco company could be blacklisted in Australia after the UK and US slapped restrictions on ZTE on national security grounds.

“Privacy is not for sale,” says Telegram founder (Naked Security) Telegram founder Pavel Durov has spoken out after Russia started blocking Telegram encrypted messaging.

The Haspel Nomination and the Torture Question (Foreign Affairs) What Her Confirmation Would Mean for Obama's Delicate Bargain

Litigation, Investigation, and Law Enforcement

Facebook facial recognition faces lawsuit (BBC News) Damages could amount to "billions of dollars", the judge says.

The Teens Who Hacked Microsoft's Videogame Empire—And Went Too Far (WIRED) Among those involved in David Pokora's so-called Xbox Underground, one would become an informant, one would become a fugitive, and one would end up dead.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Decompiling the Government: Getting Technologists and Policymakers to Speak the Same Language (New York, New York, USA, May 3, 2018) This event brings together technologists and leading policymakers, lawyers, and journalists to bridge the gap between non-technical and technical cyber professionals and features Lisa Monaco, former Assistant...

Upcoming Events

5th Annual Cybersecurity Summit (McLean, Virginia, USA, April 24, 2018) Join the Potomac Officers Club for the Fifth Annual Cybersecurity Summit to hear from public and private sector leaders on how federal agencies can improve their respective data security measures.

Secutech (Taipei, Taiwan, April 25 - 27, 2018) To meet the rising demand for intelligent and customised solutions, Secutech converges security and safety, ICT, IoT, artificial intelligence, big data, edge computing, intelligent video analytics and...

Industrial Control Systems (ICS) Cyber Security Conference Asia (Singapore, April 25 - 27, 2018) The Central ICS/SCADA Cyber Security Event of the Year for the APAC Region. Three days of multi-track training & workshops for days for operations, control systems and IT security professionals to connect...

INFILTRATE (Miami Beach, Florida, USA, April 26 - 27, 2018) INFILTRATE is a "pure offense" security conference aimed at the experienced to advanced practitioner. With the late-90s hacker con as its inspiration, the event has limited attendance in order to foster...

Automotive Cybersecurity Summit 2018 (Chicago, Illinois, USA, May 1 - 8, 2018) Smart Vehicles. Smart Infrastructures. The 2nd annual Automotive Cybersecurity Summit brings together public and private-sector manufacturers, suppliers, assemblers, technology providers and V2X partners...

Application of the Law of War to Cyber Operations (Washington, DC, USA, May 3, 2018) Cyber law experts meeting at the George Washington University will cover Title 10 vs. Title 32 vs. Title 50 and the lawful and operational restrictions related to these authorities. The panelists will...

Global Cyber Security in Healthcare & Pharma Summit (London, England, UK, May 3 - 4, 2018) The number of cyber-attacks in healthcare is on the rise, and the industry must do more to prevent and respond to these incidents. The Global Cyber Security in Healthcare & Pharma Summit 2018 will bring...

Secure Summit DC (Washington, DC, USA, May 7 - 8, 2018) (ISC)² Secure Summit DC will assemble the best minds in cybersecurity for two days of insightful discussions, workshops and best-practices sharing. The goal of the event is to equip security leaders to...

HACKNYC (New York, New York, USA, May 8 - 10, 2018) The recent flood of data breach news may numb us to the threat of attacks with kinetic effects--direct or indirect physical damage, injury, or death. Hack NYC focus’ on our preparation for, and resilience...

Insider Threat Program Management With Legal Guidance Training Course (Herndon, Virginia, USA, May 8 - 9, 2018) This training will provide the ITP Manager, Facility Security Officer, and others (CIO, CISO, Human Resources, IT, Etc.) supporting an ITP, with the knowledge and resources to develop, manage, or enhance...

SecureWorld Kansas CIty (Kansas City, Missouri, USA, May 9, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Cyber Investing Summit (New York, New York, USA, May 15, 2018) Now in its third year, the Cyber Investing Summit is an all-day conference focusing on investing in the cyber security industry, which is predicted to exceed $1 trillion in cumulative spending on products...

Third Annual Cyber Investing Summit (New York, New York, USA, May 15, 2018) Renowned cyber security executive David DeWalt will deliver the keynote address at the Third Annual Cyber Investing Summit. The Cyber Investing Summit is a unique all-day conference focused on the financial...

The Cyber Security Summit: Dallas (Dallas, Texas, USA, May 15, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Digital Utilitites Europe (Amserdam, the Netherlands, May 16 - 17, 2018) The conference will bring together key industry stakeholders to address the current challenges of the digitisation in the utilities sector. Join us in Amsterdam to hear latest business case studies and...

SecureWorld Houston (Houston, Texas, USA, May 17, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Ignite18 (Anaheim, California, USA, May 21 - 24, 2018) Palo Alto Networks' sixth annual conference features highly technical insights based on firsthand experiences with next-generation security technologies, groundbreaking new threat research, or innovative...

AFCEA/GMU Critical Issues in C4I Symposium (Fairfax, Virginia, USA, May 22 - 23, 2018) The AFCEA/GMU Critical Issues in C4I Symposium brings academia, industry and government together annually to address important issues in technology and systems research and development. The agenda for...

3rd Annual Nuclear Industrial Control Cybersecurity and Resilience Overview (Warrington, England, UK, May 22 - 23, 2018) Now in its 3rd year, the Cyber Senate Nuclear Industrial Control Cyber Security and Resilience Conference will take place on May 22/23rd in Warrington United Kingdom. This two day executive forum will...

PCI Security Standards Council’s Asia-Pacific Community Meeting (Tokyo, Japan, May 23 - 24, 2018) Join us for: networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes and industry expert speakers. The PCI Security Standards Council’s 2018...

North American Financial Information Summit (New York, New York, USA, May 23, 2018) Data is the most vital asset of any financial services firm. With volumes increasing exponentially, and the complexity and structure continuously changing, it is more vital than ever to keep on top of...

SecureWorld Atlanta (Atlanta, Georgia, USA, May 30 - 31, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

RISKSEC (New York, New York, USA, May 31, 2018) Welcome to the 2018 New York City RiskSec Conference. As SC Media approaches our 30th anniversary, we fully understand the avalanche of cybersecurity-related problems, responsibilities and aspirations...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.