skip navigation

More signal. Less noise.

Get trending threat insights delivered to your inbox.

Do you want trending information on hackers, exploits, and vulnerabilities every day for free? Subscribe now to the Recorded Future Cyber Daily.

Daily briefing.

Engima Software has found that malware infections are off about 20% in countries on the days in which their teams are playing in the World Cup. There's been one exception to the trend—Russia—where infection rates have actually risen slightly. Enigma has tracked rising and falling infection rates against significant outside events for some time. Rates, for example, tend to spike during holiday shopping seasons, and to drop during penitential religious seasons like Lent.

There's some concern in the UK that a long-expected Russian cybercampaign directed against British infrastructure is only on hold during the World Cup, and that it will be executed once the games are over. Tensions between the two countries rose over the weekend as the first known death in the Salisbury nerve agent attacks occurred—a bystander, probably not a target of the attack at all.

Russia's President Putin Friday called for international cooperation on cybersecurity.

The Australian National University reported sustaining an attack on its networks last week. The Sydney Morning Herald says that Australian federal officials have confirmed both that the university's network was compromised, and that the attack was mounted from China.

Timehop, which resurfaces posts from social media accounts, Saturday disclosed a breach that compromised personal data of twenty-one million users. Roughly a fifth of those users had associated a phone number with their account. The attackers apparently accessed Timehop's cloud environment through an account unprotected by multifactor authentication.

The Reserve Bank of India no longer provides services to cryptocurrency exchanges.


Today's issue includes events affecting Australia, Austria, China, Cook Islands, Fiji, Germany, Kiribati, Marshall Islands, Micronesia, Nauru, New Caledonia, New Zealand, Nigeria, Niue, Palau, Papua New Guinea, Russia, Samoa, Solomon Islands, Switzerland, Tonga, Tuvalu, United Kingdom, United States, Vanuatu, and Vietnam.

Is your malware lab a pain to use? Want a ridiculously easy to use malware lab?

Security teams who use a cloud browser can reduce the time spent investigating cases by more than 50%. Instead of wasting time spinning up a VDI, using Tor or connecting to a jumpbox, get online in seconds with Silo, a secure cloud browser and egress from hundreds of points of presence around the world.

In today's podcast we speak with our partners at Accenture Labs, as Malek Ben Salem offers tips on GDPR compliance.

The Cyber Security Summit: Seattle on July 19 and Chicago on August 29 (Seattle, Washington, United States, July 19, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, The NSA, Dell, CenturyLink and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350).

Dragos Industrial Security Conference (DISC) 11/5/18 (Hanover, Maryland, United States, November 5, 2018) Reserve your spot now for the Dragos Industrial Security Conference (DISC) on November 5th, 2018. DISC is a free, annual event for our customers, partners, and those from the ICS asset community. Visit for more information.

Cyber Attacks, Threats, and Vulnerabilities

UK On Brink Of Russian Cyber Attack With Fears Putin Will Hit Britain As Soon As World Cup (Information Security Buzz) Earlier this morning, news broke that British spies are on high alert for President Putin to launch another targeted assault on UK infrastructure — or even order a fresh assassination attempt. Andrew Lloyd, President at Corero Network Security: “I can’t imagine that Russia or indeed England are going to enjoy being eliminated from the competition.There …

Top-ranked Australian university hit by Chinese hackers - media (euronews) Australia’s top-ranked university on Friday said it had spent several months fighting off a threat to its computer systems, which media said

Australian University Combats Hack of Computers Blamed on China (Bloomberg Quint) Australian University Combats Hack of Computers Blamed on China

Cyber terrorists target Nigerian govt agencies, banks (Daily Post Nigeria) Hackers believed to be operating from Asia are said to be gearing for a massive cyber-attack targeting banks and government agencies in Nigeria. This alarm

HNS Botnet Recent Activities (360 Netlab Blog) Author: Rootkiter, yegenshen HNS is an IoT botnet (Hide and Seek) originally discovered by BitDefender in January this year. In that report, the researchers pointed out that HNS used CVE-2016-10401, and other vulnerabilities to propagate malicious code and stole user information.

Vietnam Activists Flock to 'Safe' Social Media After Cyber Crackdown (SecurityWeek) Tens of thousands of Vietnamese social media users are flocking to a self-professed free speech platform to avoid tough internet controls in a new cybersecurity law

Trojan Either Encrypts Files or Mines for Cryptocurrency (SecurityWeek) The Rakhni ransomware can deploy a cryptocurrency miner or a file encryptor, based on the victim machine’s configuration.

Nasty browser exploit returns for everyone except Microsoft Edge users (Trusted Reviews) A notorious 'download bomb' exploit has returned with a vengeance after having been patched out in Chrome earlier this year, but not for Microsoft Edge.

Timehop discloses July 4 data breach affecting 21 million (TechCrunch) Timehop has disclosed a security breach that has compromised the personal data (names and emails) of 21 million users (essentially its entire user base). Around a fifth of the affected users — or 4.7M — have also had a phone number that was attached to their account breached in the atta…

Timehop Security Incident, July 4th, 2018 (Timehop) On July 4, 2018, Timehop experienced a network intrusion that led to a breach of some of your data.

Hacker Steals Customers' Text Messages from Android Spyware Company (Motherboard) A hacker has stolen text messages and call metadata from SpyHuman, a firm selling malware to the everyday consumer. It’s the fifth such consumer spyware company to be targeted recently.

SIM card in bird’s GPS tracker used to rack up $2,700 phone bill (Naked Security) Researchers assumed the bird was dead when its GPS signal stopped moving. A few weeks later the team received a giant phone bill.

USB Fans Handed Out at Trump-Kim Summit Deemed Harmless (BleepingComputer) Two separate sources have confirmed that the USB-powered fans handed out at the North Korea-United States political summit that took place on June 12 were most likely clean and not infected with malware.

Malware Infections Drop 20% During World Cup Soccer Games Worldwide (Enigma Software Group USA LLC) Computer malware infections drop 20% on game day in countries that are playing World Cup games: a sign that people are turning off their computers and watching the games instead.

Android devices with pre-installed malware sold in developing markets (Help Net Security) Manu new low-end Android smartphone devices being sold to consumers in developing markets come with pre-installed malware.

DrupalGangster: An old threat actor trying to cash-in off the latest Drupal vulnerability (Akamai) Written by Moshe Zioni, Yossef Daya, and team Akamai Threat Research has observed an increase in attacks attempting to exploit a recent Drupal vulnerability (CVE-2018-7600). Much like recent vulnerabilities in Apache Struts, attackers have attempted to use this exploit for...

What sensitive data is lurking on your old SD card? (Naked Security) SD cards – those tiny devices that go into your camera or tablet – may be small, but they can hold a lot of revealing information.

Crypto Thefts Triple, Driving Growth in Coin Money-Laundering ( Criminals are stealing more cryptocurrency from exchanges, and that’s driving growth in a cottage industry of services that allows for money laundering of coins, according to a new report.

Watch Out for This Chrome Tech Support Scam (PCMAG) Scammers are never one to miss an opportunity on the internet, and a Google Chrome browser bug has presented a potentially very lucrative one. Read the details here and don't fall for this underhanded scare tactic.

Tech Support Scammers Revive “Download Bomb” Attack for Web Browsers (Total Security Daily Advisor) Back in February 2018 researchers from antivirus software company Malwarebytes reported on a rash of fake browser alerts that directed people to reach out to Microsoft tech support. These alerts contained generic information about various maladies users picked up while browsing (such as ‘a virus’ or ‘spyware’) and provided an error code and a phone …

The dirty secret about Bitcoin: It's amplifying ransomware, cybercrime, and more (TechRepublic) As Bitcoin grows in popularity, potential buyers need to be aware of risks that go along with it.

German web hosting firm DomainFactory suffers data breach (Help Net Security) DomainFactory, one of the largest web hosting companies in Germany, has suffered a data breach. The attacker had access to a variety of customer info.

Macy's Ecommerce Data Breached Via Third Party, Company Says (Media Post) A third party was able to gain access to customer email addresses and other data, Macy's says, according to a report.

Smart TVs are spying on you through your phone (Naked Security) Smart TVs in millions of homes are using other devices on the same network in order to snitch on everything you watch and everywhere you go.

EDITORIAL: When your TV starts watching you, it's time to demand greater privacy (Chicago Sun-Times) As the federal government loses interest in our privacy, Illinois legislators should step up to protect us from incessant data mining and reselling.

Wisconsin County Reveals Phishing Attack Most Likely to Blame for Data Breach (Security Boulevard) A county in Wisconsin revealed that a phishing attack was most likely to blame for a data breach of some service recipients’ personal information. On 22 June, Manitowoc County posted a statement about the incident to its website. County officials wrote that they first learned of the attack on 24 April. Upon discovery of the … Read More The post Wisconsin County Reveals Phishing Attack Most Likely to Blame for Data Breach appeared first on The State of Security.

Government warns Australians about convincing fake myGov, Medicare phishing scam (CRN Australia) Email asks recipients to input bank details for Medicare payments.

NBN Co says scammers are impersonating its staff (CRN Australia) Warns that some individuals are asking for personal info and bank details.

ExxonMobil Bungles Rewards Card Debut (KrebsOnSecurity) Energy giant ExxonMobil recently sent snail mail letters to its Plenti rewards card members stating that the points program was being replaced with a new one called Exxon Mobil Rewards+. Unfortunately, the letter includes a confusing toll free number and directs customers to a parked page that tries to foist Web browser extensions on visitors.

Despite Chrome’s pending “mark of shame,” 3 major news sites aren’t HTTPS (Ars Technica) Newsweek, Time, and Fox remain vulnerable to injection, man-in-middle attacks.

Security Patches, Mitigations, and Software Updates

What Do Chrome's New Security Warnings Mean for You? (Infosecurity Magazine) What will Google Chrome's security updates mean for Chrome users and website operators?

Chrome and Firefox pull history-stealing browser extension (Naked Security) An extension used by about two million people has been pulled by Chrome and Firefox after it was found exfiltrating browsing data.

All the Ways iOS 12 Will Make Your iPhone More Secure (WIRED) From hacking protections to smarter two-factor, iOS 12 will lock down your iPhone better than ever.

July 2018 Patch Tuesday forecast: The fireworks and the finally (Help Net Security) In this July 2018 Patch Tuesday forecast, Chris Goettl from Ivanti guesses what we might see on the patch side this month.

Cyber Trends

The importance of online security in maintaining the integrity of Tech Giants (Insider) Earlier this year, a host of the world’s biggest tech firms agreed to a joint security charter, designed to guard their customers and products from cyber-attacks.

Linux experts are crap at passwords! (Naked Security) Last week’s megastory was the Gentoo breach that saw an entire online Linux code repository hacked – now we know how it happened…

Hacker vs. Cybercriminals: What's the Difference and Why It Matters (Nerd's Magazine) "Hacker" is often used as a term for one who does anything nefarious online. But calling all hackers criminals is like saying anyone with a gun is a killer

RIP “crypto” (Fayette Advocate) Apple’s Shortcuts will flip the switch on Siri’s potentialThe electric aircraft is taking offAn immodest proposal: it’s time for scooter superhighways

What’s really driving Africa’s cyber-security skills shortage? (IT-Online) A lack of skilled resources is not the only factor behind the cyber-security workforce shortage, writes Rick Rogers, area manager for Africa at Check Point Technologies.


Cybersecurity Startup Safe-T Files for $10M IPO, Looks At Channel For Growth (CRN) Israeli firm Safe-T plans to use the proceeds from the IPO to scale up product marketing and sales, as well as for research and development into new technologies to expand the company's business.

Huawei says ‘unfounded’ lockout by US costing its own consumers US$20 billion (South China Morning Post) While Huawei and ZTE have seen their network equipment sales flourish across the world, US security concerns have kept the two companies from selling infrastructure products to American telecoms operators

ZTE allowed to resume some U.S. business activities just months after 7-year ban issued (Mashable) ZTE was banned by the Commerce Department for repeatedly misleading the U.S. government. President Trump is helping the Chinese company come back.

Is IBM's billion-dollar deal really that big? (CRN Australia) [Comment] Depends how you look at it.

Fortinet: A Better Palo Alto? (Seeking Alpha) Fortinet has been exceeding IT security market growth.

Crypto and venture’s biggest names are backing a new distributed ledger project called Oasis Labs (TechCrunch) A team of top security researchers from the University of California, Berkeley and MIT have come together to launch a new cryptographic project that combines secure software and hardware to enable privacy-preserving smart contracts under the banner of Oasis Labs. That vision, which is being markete…

Startup Think Cyber Security Joins LORCA (Infosecurity Magazine) London Office for Rapid Cybersecurity Advancement welcomes first cohort of businesses

First phase of Augusta's Georgia Cyber Center to open Tuesday (The Augusta Chronicle) The Georgia Technology Authority anticipated about 500 people would RSVP for the Georgia Cyber Center grand opening Tuesday.

Products, Services, and Solutions

DNotes Global Inc Announces Proof of Concept for DNotes Pay Automated Online Payment System (DNotes Global) DNotes Global, Inc. announced on Friday that an experimental Proof of Concept for its DNotes Pay automated online payment tool is now available for download and testing. The new payment system is a streamlined, simplified, and user-friendly tool that provides automatic payment, confirmation, and delivery of digital products.

ALTEN Calsoft Labs Joins ShadowDragon and Cloudly to Build Cybersecurity Practices (Markets Insider) ALTEN Calsoft Labs, a next-generation digital transformation company, rolls out a plan to Prevent Cyber Attack...

Technologies, Techniques, and Standards

What is KMIP and Why Should Anyone Care? (Infosecurity Magazine) KMIP allows the interoperable exchange of data between different key management servers and clients, but why does it matter?

Analysis | The Cybersecurity 202: Twitter's fake account purge can help turn the tide against influence campaigns (Washington Post) That's critical ahead of the midterms.

Cyber in movies is cool, but can the Army do it? (Fifth Domain) Leaders on an Army team that experiments with bringing cyber weapons to the battlefield say their top priority is managing commanders’ expectations.

What it takes to build a zero trust network (CSO Online) Zero trust networks offer better protection against data breaches, but the road to them can be arduous.

In Security, What We Don't See Can Hurt Us (SecurityWeek) When an organization works to expand its field of view and reduce its organizational blind spot, it goes a long way towards improving the organization’s overall information security posture.

Does Your Security Awareness Program Bridge the Generation Gap? (Security Intelligence) As more millennials enter the workforce, organizations should consider different approaches to security awareness training to account for generational knowledge gaps.

Rules automation puts the "Sec" in DevSecOps (Help Net Security) In the DevSecOps model, security teams are integrated into the DevOps process, and they can embed security functions and controls.

Hiring Alone Will Not Solve Government’s Security Problems ( It's going to take more than increased employees to keep up with vulnerabilities.

WP Security Audit Log: Keeping a watchful eye on your WordPress sites (Help Net Security) The WP Security Audit Log plugin offers reports, email alerts, search, archiving, users sessions management, mirroring, automated reports, etc.

Corps denies using dating apps to recruit new Marines (Marine Corps Times) The Marine Corps has firmly denied encouraging recruiters to use dating apps as a recruiting tool.

The hunter becomes the hunted: How cyber counterintelligence works (Panda Security Mediacenter) Counterintelligence takes as a jumping off point one basic premise: if someone is going to attack your company, the best defense is a good offense.

Design and Innovation

Google AdSense Banned a Random Web Page About a 32-Year-Old Bill Because It Was About Sexual Abuse (Motherboard) A page about a 1986 porn bill got demonetized shows how algorithms can’t be expected to make judgement calls.

Research and Development

Scientists Invented AI Made From DNA (Motherboard) Researchers made a neural network out of DNA that can recognize handwritten numbers.

Don't Just Lecture Robots—Make Them Learn (WIRED) By drawing on prior experience, a humanoid-ish robot can watch a human pick up an apple and drop it in a bowl, then do the same itself, even if it’s never seen an apple before.

Legislation, Policy, and Regulation

Guess which world leader is urging cybersecurity cooperation (Fifth Domain) President Vladimir Putin on Friday called for closer international cooperation in fending off cyberattacks.

Cryptocurrency Exchanges Banned in India (Infosecurity Magazine) Will India's ban on cryptocurrencies drive traders to black markets?

Australia, NZ to sign security pact with South Pacific nations (The Straits Times) Australia and New Zealand are set to sign a wide-ranging security pact with South Pacific nations in September, amid growing concern about nations such as China expanding ties in the region..

Cyber warfare is grave threat, but India is not yet prepared for it: General Hooda (IANS Interview) (Business Standard) Cyber warfare is emerging as a grave threat with a potential to wreak havoc in a war situation, but India is not yet prepared to handle it effectively, a former Indian Army general has said.

Trump taps DOE veteran to head Homeland Security research arm (Cyberscoop) President Donald Trump plans to nominate William Bryan to be undersecretary for science and technology at the Department of Homeland Security – the top tech adviser to Secretary Kirstjen Nielsen.

Litigation, Investigation, and Law Enforcement

Germany alleged to have spied on Swiss firms in Austria (SWI A dozen branches of Swiss firms in Austria were targeted by German spies between 1999 and 2006, according to the SonntagsBlick newspaper.

Woman dies after being exposed to Soviet-era nerve agent, UK authorities say (CNN) A woman who was exposed to Soviet-era nerve agent Novichok died Sunday, the Metropolitan Police said in a written statement.

Murder inquiry launched after Amesbury novichok victim dies (Times) A woman has died in hospital more than a week after she was exposed to novichok in the first death from the nerve agent attack on Britain that the government has attributed to Russia. The killing...

UK to open a London court specializing in cybercrime (CSO) UK to build a new "cutting edge" court house that will deal with fraud and cybercrime cases.

London cyber court welcomed (Professional Security) A planned court in London for cases of cybercrime, fraud, and economic crime has been welcomed.

How Fracking Companies Use Facebook Surveillance to Ban Protest (Motherboard) Oil and gas companies are discrediting activists using social media to justify banning their protests.

Facebook, Google, Amazon and other tech giants could be non-compliant with GDPR, claims EU consumer group (Computing) AI GDPR compliance tool could be used to web crawl for non-compliant privacy policies

NSO Group bloke charged with $50m theft of government malware (Register) Alleged unethical behavior from a grey hat? Who'd a thunk it?

Employee allegedly stole government spyware and hid it under his bed (Naked Security) Spyware that’s supposed to be sold to governments was stolen and hidden under a mattress while it was offered for sale on the dark web.

When an insider rides Pegasus into the dark web (CSO Online) An NSO Group employee, who'd worked there for only about 90 days, copied the company's Pegasus software and offered it for sale on the dark web for $50 million.

Crooks hack gas station fuel pump to steal 600 gallons of gas (HackRead) Apparently, both crooks were able to hack into a fuel pump with an electronic device to steal 600 gallons of gas.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Audit Your Digital Risk (Washington, DC, USA, August 7 - 8, 2018) Recent reports indicate that manufacturing is the most heavily targeted industry for cyber attacks in the past year. According to a study released by NTT Security, 34% of all documented cyber attacks in...

Upcoming Events

Cyber Security Summit 2018 (Newport, Rhode Island, USA, July 18 - 20, 2018) Join us for Opal Group’s Cyber Security Summit – set in Newport, RI, this premier event will gather C-Level & Senior Executives responsible for defending their companies’ critical infrastructures together...

The Cyber Security Summit: Seattle (Seattle, Washington, USA, July 19, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Health Cybersecurity Summit 2018 (Santa Clara, California, USA, July 20, 2018) Worried about being hacked? Not sure how to respond to a cyber incursion? The first line of defense is a cyber threat preparedness strategy that includes coordination with critical infrastructure and emergency...

Global Cyber Security Summit (Kathmandu, Nepal, July 27 - 28, 2018) Information Security Response Team Nepal (NPCERT) is all set to host a Global Cyber Security Summit (GCSS) on July 27 with the theme “Building Global Alliance for Cyber Resilience”. The two-day event aims...

SINET61 2018 (Melbourne, Victoria, Australia, July 31 - August 1, 2018) Promoting cybersecurity on a global scale. SINET – Melbourne provides a venue where international solution providers can engage with leaders of government, business and the investment community to advance...

Community College Cyber Summit (3CS) (Gresham, Oregon, USA, August 2 - 4, 2018) 3CS is the only national academic conference focused on cybersecurity education at community colleges. Who should attend 3CS? College faculty and administrators, IT faculty who are involved or who would...

2018 Community College Cyber Summit (3CS) (Gresham and Portland, Oregon, USA, August 2 - 4, 2018) 3CS is organized and produced by the National CyberWatch Center, National Resource Center for Systems Security and Information Assurance (CSSIA), CyberWatch West (CWW), and Broadening Advanced Technological...

2nd Billington Automotive Cybersecurity Summit (Detroit, Michigan, USA, August 3, 2018) The 2nd summit on August 3 in Detroit, MI will be the top leadership summit on auto cybersecurity convening a who’s who of speakers in the automotive cybersecurity ecosystem. The inaugural summit included,...

2nd Billington Automotive Cybersecurity Summit (Detroit, Michigan, USA, August 3, 2018) The 2nd summit on August 3 in Detroit, MI will be the top leadership summit on auto cybersecurity convening a who’s who of speakers in the automotive cybersecurity ecosystem. The inaugural summit included,...

Black Hat USA 2018 (Las Vegas, Nevada, USA, August 4 - 9, 2018) Now in its 21st year, Black Hat USA is the world's leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2018 opens with four days...

Audit Your Digital Risk (Washington, DC, USA, August 7 - 8, 2018) Recent reports indicate that manufacturing is the most heavily targeted industry for cyber attacks in the past year. According to a study released by NTT Security, 34% of all documented cyber attacks in...

DefCon 26 (Las Vegas, Nevada, USA, August 9 - 12, 2018) DEF CON has been a part of the hacker community for over two decades. $280.00 USD, cash for all four days. Everyone pays the same: The government, the media, the ‘well known hackers’, the unknown script...

CyberTexas 2018 (San Antonio, Texas, USA, August 14 - 15, 2018) The 2018 CyberTexas Conference will bring members of the CyberUSA community together with industry and government members of Texas to create long-term values for the cybersecurity ecosystem in San Antonio...

SecureWorld Bay Area (Santa Clara, California, USA, August 21, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.