skip navigation

More signal. Less noise.

Are you using threat intelligence to its full potential?

Download this free report via Recorded Future to learn 12 common threat intelligence use cases.

Daily briefing.

A new variant of the Mirai Internet-of-things (IoT) botnet has been seen in the wild. Fortinet reports that this version is capable of establishing proxy servers in infected IoT devices.

University researchers in Singapore and London have determined that there are a lot of "buggy smart contracts on Ethereum." Essentially they created a private fork of the Ethereum blockchain and ran various permutations with live smart contracts. They found 34,200 contracts vulnerable to "undesired actions." They were able to verify and reproduce these "trace vulnerabilities" on some 3000 smart contracts that hold about $6 million in ether cryptocurrency. It would be difficult for criminals to do likewise and steal the money, but the researchers note that it wouldn't be impossible.

A "glitch" in Chase's customer-facing systems is said to have presented some customers with other customers' data. The glitch persisted for about two-and-a-half hours Wednesday evening, but appears to have been corrected.

Motherboard reports hacktivist break-ins at two surveillance software companies, Mobistealth and Spy Master Pro. The report characterizes them as "spyware companies," selling privacy-invading "stalkerware" to private citizens who use it to keep tabs on children, spouses, and other persons of interest.

Several reports are out on the state of security. Verizon's Mobile Index for2018 concludes that many companies are willing to sacrifice some mobile security for business reasons. The 2018 Data Security Report from Thales notes that increased Government migration to cloud services has been accompanied by 20% jump in data breaches. These are perhaps connected, maybe coincidental.


Today's issue includes events affecting European Union, Democratic Peoples Republic of Korea, New Zealand, Russia, Saudi Arabia, United Kingdom, United States.

Intelligent response to doing more with less.

Phishing, ransomware, and data breaches plague organizations of all sizes and industries, but the financial services market has always had the largest target on its back. How do you fend off these attacks when you don’t have the budget or resources for everything you need to protect your organization: data feeds, tools, analysis and mitigation? Learn more in our webinar on Wednesday, March 21 @ 2pm ET. Sign up now!

In today's podcast we hear from our partners at Terbium Labs, as Emily Wilson provides an update on Dark Web markets after last year’s Alpha Bay takedown. Our guest is Andrea Little Limbago from Endgame, discussing "The March Toward Data Localization."

Cyber Security Summits: February 28 in Atlanta & Denver on March 22 (Atlanta, Georgia, USA, February 28, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, Darktrace, IBM and more. Register with promo code cyberwire50 for half off your admission (Regular price $350)

Billington International Cybersecurity Summit (Washington, DC, USA, March 21, 2018) Billington International Cybersecurity Summit, March 21, Washington, D.C. Cybersecurity leaders from Asia, Europe, the Middle and U.S. on global threats and best practices, including Acting DoD CIO and Singapore Cyber Commissioner-designate. Sponsor Opportunities: Sandy Nuwar at 443-994-9832

Compete to win prize money plus the chance to be DataTribe’s next big investment (Online, March 23 - April 25, 2018) The DataTribe Inaugural Cyber Funding Competition: We put real firepower behind every idea. If you're part of a entrepreneurial technology team with a vision to disrupt cybersecurity and data sciences — we want to enhance your growth prospect with the opportunity for a DataTribe-financed seed capital of $2,000,000. Plus possible millions more in a Series A Venture Capital Round. The top three finalists will share $20,000 in prize money.

Cyber Attacks, Threats, and Vulnerabilities

Middle East telco targeted by North Korean hacking group: FireEye (Tahawul Tech) The targeting effort may have been on behalf of the North Korean government in an attempt to gather information on a former business partner, the report by security firm FireEye suggests.

Mirai Variant Sets Up Proxy Servers on Compromised Devices (SecurityWeek) A newly observed variant of the infamous Mirai botnet is capable of setting up proxy servers on the infected Internet of Things (IoT) devices, Fortinet warns.

3,000 Databases with 200 Million Unique accounts found on Dark Web (HackRead) One can buy any illegal product on Dark Web and now 3,000 databases with 200 million unique accounts found on Dark Web.

Millions of Dollars In Ethereum Are Vulnerable to Hackers Right Now (Motherboard) Researchers discovered 34,200 buggy smart contracts on Ethereum.

Cryptocurrency Fraud: In the Midst of a Gold Rush, Beware of Scammers (SecurityWeek) With better security practices both on an individual and organizational level, you can mitigate the risk of cryptocurrency fraud while remaining an active user.

Chase ‘Glitch’ Exposed Customer Accounts (KrebsOnSecurity) Multiple customers have reported logging in to their bank accounts, only to be presented with another customer’s bank account details. Chase has acknowledged the incident, saying it was caused by an internal “glitch” Wednesday evening that did not involve any kind of hacking attempt or cyber attack.

How one guy could have taken over any Tinder account (but didn’t) (Naked Security) The potential outcome of the Tinder security hole – complete account takeover, with a crook logged in as you

Private chats and user accounts could be exposed by Tinder security bug (SC Media UK) An easy-to-exploit bug has left Tinder accounts and private chats exposed to hackers, revealed a researcher this week.

Another baby monitor is allowing strangers to spy on children (Naked Security) Researchers say Mi-Cam is easy to hijack: turn it off to keep the kids from being eyeballed by prying eyes or chatted up by strangers.

Something is bugging me about Apple, Google and Amazon's smart speakers (CRN Australia) [Comment] Something is bugging me about these listening devices.

Hacker Strikes ‘Stalkerware’ Companies, Stealing Alleged Texts and GPS Locations of Customers (Motherboard) Nearly a year after Motherboard reported the data breaches of two spyware companies, another hacker has independently targeted two more.

Hacker claims spyware maker Retina-X has been breached, again (Naked Security) Retina-X denies that the vigilante hacker got in

Military, FBI, and ICE Are Customers of Controversial ‘Stalkerware’ (Motherboard) Consumer spyware is popular not just with the general population, but also with members of the US government.

US Government in Border Security Fail (Infosecurity Magazine) US Government in Border Security Fail. Officers unable to verify smart chip on e-Passports for over a decade

Security Patches, Mitigations, and Software Updates

Cisco Patches Critical Flaws in UCDM, ESC Products (SecurityWeek) Cisco patches critical vulnerabilities in Unified Communications and Elastic Services Controller products

Several Vulnerabilities Patched in Drupal (SecurityWeek) Several vulnerabilities, including ones rated critical, patched in Drupal with the release of versions 8.4.5 and 7.57

ZTE Maven 2 updated to February security patch via build B32 (The Android Soul) Android updates, best phones, apps and games

Google calls out Microsoft for failing to fix reported flaw ( Google’s Project Zero has gone public with a Windows 10 flaw that Microsoft claimed to have fixed in its February security update

Cyber Trends

Data breaches at federal agencies jumped 20 percent last year (Fifth Domain) Agencies are storing more data in cloud services, but does that make it easier to breach?

2018 Thales Data Threat Report Federal Government Edition | Data Security Issues, Risks, Trends, and Concerns (Thales e-Security) Driven by escalating cyberattacks, traditional insider threats, privacy requirements and data residency regulations, enterprises around the world are facing increasing pressures to protect their data and reduce the exposure of their organizations to data related risks.

Verizon Report: 32% of Organizations Sacrificed Mobile Security for Business Reasons (Wireless Week) Verizon warned this week that a significant number of businesses and other organizations fell short in securing their mobile data due to a lack of awareness about threats — or by placing a higher priority on getting products to market.

Mobile Security Index 2018 (Verizon Enterprise Solutions) Find out which mobile security threats have companies worried and see how you can protect devices and data in Verizon’s Mobile Security Index 2018.

Email inboxes still the weakest link in security perimeters (Help Net Security) Over one-third of all security incidents start with phishing emails or malicious attachments sent to company employees, according to F-Secure.

White Paper: The Impact of Cybersecurity Incidents on Financial Institutions (Generali) Data breaches are an ever-increasing threat to every industry, with the number of U.S. data breach incidents hitting a new record of 1,579 breaches in 2017. Of the data breaches reported last year, 8.5 percent involved the financial sector, including entities such as banks, credit unions, credit card companies, mortgage and loan brokers, financial services.

Do Business Leaders Listen to Their Own Security Professionals? (SecurityWeek) A survey of 800 senior executives demonstrates a mismatch in cyber threat understanding between business leaders and security professionals.

Oxford University research suggests that social media is not to blame for social fragmentation (Computing) Most people use the internet to broaden their media horizons, claims Dr Grant Blank - not lock themselves up in 'echo chambers'

Password habits among young Brits show worrying trend (WeLiveSecurity) A potentially troublesome trend among young Brits has highlighted that their password habits are sloppy and careless according to a new survey.

One Million Kiwis Affected by Cybercrime (Scoop News) One Million Kiwis Affected by Cybercrime 2017 Norton Cyber Security Insights Report Reveals half of New Zealanders still sharing passwords AUCKLAND, New Zealand – 22 February 2018 – More than one-third of New Zealand’s adult online population ...


SparkCognition Announces it has Raised $56.5 Million in Funding (SiliconHills) Austin-based SparkCognition announced this week it has raised $56.5 million in funding. The artificial intelligence company previously announced last June that it had closed on a Series B round of funding for $32.5 million. But since then, it landed additional investors that push the round of funding even higher to $56.5 million. The investors included …

Why FireEye Can Have a Successful 2018 ( Going into FireEye's (NASDAQ: FEYE) fourth-quarter results, there were indications of a potential market share loss -- the cybersecurity specialist's growth had been muted in recent quarters despite the launch

Three Milwaukee blockchain startups you should know (Milwaukee Business Journal) Three Milwaukee-based startups pitched their company's digital blockchain platforms Wednesday at an event held on Marquette University's campus.

The Safety of U.S. Data Could Rest in Georgia (US News & World Report) As more data migrates online, not enough people are protecting it. But Georgia has taken on the problem.

Daron M. Hartvigsen Joins Ankura Consulting as Managing Director (PR Newswire) Ankura today announced the appointment of Daron M. Hartvigsen as Managing...

Products, Services, and Solutions

New infosec products of the week​: February 23, 2018 (Help Net Security) Cisco offers cloud-based endpoint security solutions for MSSPs Cisco is offering MSSPs security, visibility, and control of customer endpoints. Their endpoint security portfolio includes: Cisco AMP for Endpoints, Cisco Umbrella, and Meraki Systems Manager to offer protection against advanced malware and threats. AMP

OPAQ Networks Joins Palo Alto Networks NextWave Partner Ecosystem (BusinessWire) OPAQ Networks allows channel partners to deliver Palo Alto Networks Next-Generation Firewalls as a Service without buying or leasing hardware.

Defending Democracy: Dashlane to Offer Free Password Protection to Political Campaigns (PR Newswire) Dashlane, the award-winning password manager, announces a new initiative to...

Dell Unveils Four New 'Product Agnostic' Certifications Around Cloud, Services And Security (CRN) "Certifications have always been primarily product-based, but our new certifications are in many areas product agnostic," said Dell EMC's Charles Atkins.

Technologies, Techniques, and Standards

CIS Controls Version 7 (SANS Internet Storm Center) The Center for Internet Security (CIS) has been working diligently to update the CIS Controls (formerly known as the Critical Security Controls).

The Obvious Partnership — Compliance and Cybersecurity (JD Supra) Cybersecurity compliance, like the compliance profession, is rapidly growing. The forces pushing cyber compliance are two-fold: the ever-increasing...

3 Types of Cyberattacks and How to Stop Them: FINRA Conference (ThinkAdvisor) One key reminder: Many attacks are due to human error.

Enter boardroom, set hair on fire. How not to tackle incident response (SC Media UK) Event anomalies can be an indicator of attack, but they can also just be an IT problem. Research suggests the latter might be more common than you think.

How Silicon Valley Can Protect U.S. Democracy (Foreign Affairs) U.S. social media companies need to take proactive steps to address vulnerabilities that Vladimir Putin is exploiting.

Design and Innovation

Google Assistant will support over 30 languages by year-end, become multilingual (TechCrunch) Google Assistant, the search giant's answer to Alexa that lives on Android smartphones, tablets, and Google Home speakers, will expand to more languages over..

Kleros introduces a blockchain ‘Dispute Resolution Layer’ for virtually everything (Bankless Times) Kleros, whose name means ‘chance’ in Greek and is related to the Kleroterion, which was a stone randomization device used in democratic processes in ancient Greece, has introduced a new decentralized autonomous organization built on the Ethereum blockchain that will act as a dispute resolution layer for virtually any

Research and Development

Army Research Lab awards $25 million contract for Internet of Battlefield Things (Fifth Domain) An Army research lab is partnering with academia and industry to develop seamless communication between man and machine for fast-paced battlefields.

Legislation, Policy, and Regulation

Is Naming and Shaming a Legitimate Strategy in Cyberspace? (TechNative) Does attempting to name and shame hostile cyber activity count as a valid deterrence strategy? In January 2018, the White House Cybersecurity Coordinator stated that the U.S. government planned to strengthen its cyber deterrence policy over the course of this year.

America’s Voting Systems Are Still Dangerously Vulnerable to Hackers (Slate Magazine) Russian interference in the next election could be even more damaging.

States Rush to Defend 2018 Election From Russia After Late Start ( Weeks before the first U.S. primaries, 40 state election officials filed into a guarded Maryland office for a classified briefing about the threats they’re sure to face between now and the November vote.

Concerns about Russian meddling sink Kagan election observer bill (Maryland Daily Record) Concerns about Russian interference in Maryland elections took down a bill supporters said was meant to make the process of hosting international observers more secure.

Zirkin: Cyberbullying bill will fly out of committee (Maryland Daily Record) The chairman of the Senate Judicial Proceedings Committee said Thursday that a bill that stiffens penalties against online bullying will “fly out of committee.”

Why US Sanctions Are So Lethal (The Diplomat) The anatomy of a Chinese tech-company disaster.

Litigation, Investigation, and Law Enforcement

Amid controversy over Intel CEO's stock sale, SEC warns executives about trading shares before disclosing security breaches (Business Insider) Intel CEO Brian Krzanich sold shares before the Meltdown and Spectre attacks became public. The SEC is warning other executives not to do anything similar.

Intel did not tell U.S. cyber officials about chip flaws until made public (Reuters) Intel Corp did not inform U.S. cyber security officials of the so-called Meltdown and Spectre chip security flaws until they leaked to the public, six months after Alphabet Inc notified the chipmaker of the problems, according to letters sent by tech companies to lawmakers on Thursday.

Intel confirms it didn't tell national security officials about chip flaws ( There was "no indication that any of these vulnerabilities had been exploited by malicious actors," the chipmaker said.

Intel covered up Meltdown and Spectre security flaws, claim Apple and Google (Computing) Intel didn't bother telling US-CERT about the vulnerabilities until information about them was leaked in January

'The SEC Has a Big Problem Now' After Broad Whistleblower Protections Curbed (New York Law Journal) “They’ve been encouraging people to report internally. Now they have to think twice about that because they’re essentially encouraging people to report internally and go into harm’s way.”

Bitcoin exchange founder charged with covering up hack (Naked Security) Prosecutors charged Jon Montroll, chief of the belly-up BitFunder, of trying to cover up a hack that gutted it of 6,000 Bitcoins.

Grand Jury Returns New 32-Count Indictment Against Manafort, Gates (New York Law Journal) The superseding indictment came from a grand jury in Alexandria Virginia separate from the Washington D.C. grand jury that indicted the two men in Washington D.C. last year.

Palantir ordered to open books to investor seeking U.S. fraud investigation (CNBC) The lawsuit alleged that Palantir wrongly barred investors from selling stock in the privately owned company.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Security Titans (Scottsdale, Arizona, USA, February 23, 2018) Security Titans is a ground-breaking event, bringing the biggest names in Information Security together - all in one day, on a single stage to give the nation's cyber security industry access to the very...

CyberThreat 18 (Westminster, England, UK, February 27 - 28, 2018) Hosted by the UK’s National Cyber Security Centre, a part of GCHQ, and the SANS Institute, CyberThreat18 brings together a packed schedule of talks on a broad range of familiar and less familiar topics...

Midlands Cyber: US Cyber Market Workshop (Lutterworth, England, UK, February 27, 2018) We are delighted to announce that we will be running two workshops, led by Andy Williams, the International Director of the iCyber Centre @bwtech, Maryland. The workshops have been tailored by the team...

European Cybersecurity Forum – CYBERSEC Brussels (Brussels, Belgium, February 27, 2018) CYBERSEC Forum is an unique opportunity to meet and discuss the current issues of cyber disruption and ever-changing landscape of cybersecurity related threats. Our mission is to foster the building of...

The Cyber Security Summit: Atlanta (Atlanta, Georgia, USA, February 28, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

PrivacyCon 2018 (Washington, DC, USA, February 28, 2018) The 2018 PrivacyCon will expand collaboration among leading privacy and security researchers, academics, industry representatives, consumer advocates, and the government. As part of this initiative, the...

NITSIG Meeting: Protecting Controlled Unclassified Information On U.S. Government Contractor Information Systems (Laurel, Maryland, USA, March 2, 2018) This meeting will discuss the security control requirements for the protection of Controlled Unclassified Information (CUI), for contractor information systems upon which CUI is processed, stored on, or...

Insider Threat Program Management With Legal Guidance Training Course (Herndon, Virginia, USA, March 6 - 7, 2018) The course will cover current regulations like National Insider Threat Policy NITP and NISPOM Conforming Change 2, and more. The course will provide the ITP Manager and Facility Security Officer with the...

SINET ITSEF 2018 (Silicon Valley, California, USA, March 7 - 8, 2018) Bridging the gap between Silicon Valley and the Beltway. SINET – Silicon Valley provides a venue where entrepreneurs can meet and interact directly with leaders of government, business and the investment...

PCI Security Standards Council Middle East and Africa Forum (Cape Town, South Africa, March 14 - 15, 2018) Don’t miss the data security event of the year for the payment card industry. Join us for: networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes...

SecureWorld Boston (Boston, Massachussetts, USA, March 14 - 15, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Cyber 9-12 (Washington, DC, USA, March 16 - 17, 2018) Now entering its fifth year, the Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges...

Infosecurity Magazine Spring Virtual Conference (Online, March 21, 2018) Tune in on Wednesday March 21 for day two of our two-day online event to learn what’s going on at the heart of the industry. Our easy to digest format offers a mix of short sessions, panel debates and...

3rd Annual Billington International Cybersecurity Summit (Washington, DC, USA, March 21, 2018) With confirmed speakers from Estonia, Romania, Singapore, Sweden, the United States, and Kuwait, and with attendees from many more countries, this summit brings together world-class cybersecurity thought...

Infosecurity Magazine North America Virtual Conference (Online, March 21 - 22, 2018) Tune in on Wednesday March 21 for day two of our two-day online event to learn what’s going on at the heart of the industry. Our easy to digest format offers a mix of short sessions, panel debates and...

The Cyber Security Summit: Denver (Denver, Colorado, USA, March 22, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Women in CyberSecurity 2018 (Chicago, Illinois, USA, March 23 - 24, 2018) Through the WiCyS community and activities we expect to raise awareness about the importance and nature of cybersecurity career. We hope to generate interest among students to consider cybersecurity as...

SecureWorld Philadelphia (Philadelphia, Pennsylvania, USA, March 28 - 29, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

National Cyber League Spring Season (Chevy Chase, Maryland, USA, March 30 - May 25, 2018) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...

4th Middle East Cyber Security Summit (Riyadh, Saudi Arabia, April 4 - 5, 2018) The summit will feature state of the art presentations, hackathons and technology showcasing from regional and international experts and leading technology providers. One of the focus areas of the summit...

Cybersecurity: A Shared Responsibility (Auburn, Alabama, USA, April 8 - 10, 2018) During the 2018 SEC Academic Conference, we will explore three themes within cyber security: the underlying computer and communication technology; the economic and physical systems that are controlled...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.