skip navigation

More signal. Less noise.

Get trending threat insights delivered to your inbox.

Do you want trending information on hackers, exploits, and vulnerabilities every day for free? Subscribe now to the Recorded Future Cyber Daily.

Daily briefing.

Two new attack techniques similar to Spectre have been identified. These speculative execution side-channel attacks are researchers' discoveries, not attacks being observed in the wild. ARM, AMD, and Intel chipsets are all susceptible to the attacks. Speculative execution is a common and important feature of contemporary chip design, so any methods of exploiting it will have widespread impact. Intel, which paid a bug bounty of $100 thousand to the researchers, has offered advice on mitigating the issue. ARM says most of its chips are probably unaffected, but it has mitigation suggestions as well. AMD is still considering the matter. 

Manuals covering, among other militaria obtained from US sources, the MQ-9 Reaper drone and the MI Abrams main battle tank, have turned up for sale on the dark web. According to Recorded Future the asking price was only $200, knocked down recently to $150. The person responsible (described by Naked Security as a "sad sack") apparently had no real understanding of what he or she had, what it was worth, or where to sell it. But the sad sack knew enough to find Netgear routers with the password "admin" and follow familiar steps to exploit an FTP vulnerability, change the password, and get access. Some of the material appears to have been stolen from a US Air Force captain, other material is openly available from Defense Department sites. None of it is likely to be classified, but some at least was restricted from distribution to foreigners.

Twitter is purging bogus accounts.


Today's issue includes events affecting Afghanistan, China, Israel, Malta, NATO/OTAN, Portugal, Russia, Syria, United States.

Is your malware lab a pain to use? Want a ridiculously easy to use malware lab?

Security teams who use a cloud browser can reduce the time spent investigating cases by more than 50%. Instead of wasting time spinning up a VDI, using Tor or connecting to a jumpbox, get online in seconds with Silo, a secure cloud browser and egress from hundreds of points of presence around the world.

In today's podcast, we'll be hearing from our partners at CenturyLink, as Mike Benjamin shares insights into cryptojacking. Our guest is Yaniv Avidan from MinerEye, with a perspective on cloud GDPR compliance.

And this week's Hacking Humans podcast is also up. We hear about a prank phone call to the White House, discuss the sad story of a woman robbed of her retirement savings, and offer some notes on Twitter account-recovery scams. We're also joined by Charles Arthur, author of Cyber Wars-Hacks that Shocked the Business World, who lays some knowledge of social engineering on us.

The Cyber Security Summit: Seattle on July 19 and Chicago on August 29 (Seattle, Washington, United States, July 19, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, The NSA, Dell, CenturyLink and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350).

Dragos Industrial Security Conference (DISC) 11/5/18 (Hanover, Maryland, United States, November 5, 2018) Reserve your spot now for the Dragos Industrial Security Conference (DISC) on November 5th, 2018. DISC is a free, annual event for our customers, partners, and those from the ICS asset community. Visit for more information.

Cyber Attacks, Threats, and Vulnerabilities

Analysis: The Turkistan Islamic Party's jihad in Syria (FDD's Long War Journal) The Turkistan Islamic Party (TIP) in Afghanistan and Syria has long operated as part of the Taliban-al Qaeda axis. Earlier this year, however, the TIP's Syrian branch sided with Hay'at Tahrir al-Sham (HTS) during its battles with other rebel groups. This infighting and related events have complicated the picture with respect to the TIP in Syria. One TIP-affiliated outlet claimed earlier this year that the group's senior management had sent new leadership from Afghanistan to Syria.

​The return of Spectre (ZDNet) Two new ways to assault computers using Spectre-style attacks have been discovered. These can be used against any operating system running on AMD, ARM, and Intel processors.

Fresh Spectre Variants Come to Light (Threatpost) The newly-discovered Spectre variants can be exploited to uncover confidential data via microarchitectural side channels in CPUs.

Speculative Buffer Overflows: Attacks and Defenses (Arxiv) Practical attacks that exploit speculative execution can leak confidential information via microarchitectural side channels.

Details on an Air Force drone? $200 on the dark web (Fifth Domain) The hacked documents represent embarrassing security vulnerabilities and raises questions about basic cyber-hygiene in the U.S. military apparatus.

Hacker Selling Pentagon’s Killer Drone Manual on Dark Web for $150, Cheap (The Daily Beast) The seller was part of a small hacking crew based in South America that specializes in low-hanging fruit—like home-filing sharing networks that have no password by default.

Year-old router bug exploited to steal sensitive DOD drone, tank documents (Ars Technica) Hacker who offered Air Force, Army docs claimed to have exploited known Netgear FTP flaw.

Default router password leads to spilled military secrets (Naked Security) The hacker tried selling the US military files for $150 on the dark web, but only undercover analysts paid any attention.

Military Reaper Drone Documents Leaked on the Dark Web (Recorded Future) See how direct threat actor interaction allowed Insikt Group to discover MQ-9 Reaper drone documents and other leaked military information on the dark web.

Hacker Offers Access to Machine at International Airport for $10 (SecurityWeek) Researchers found that access to a system associated with a major international airport can be bought for only $10—with no zero-day exploit, elaborate phishing campaign, or watering hole attack

Organizations Leave Backdoors Open to Cheap Remote Desktop Protocol Attacks (McAfee Blogs) While researching underground hacker marketplaces, the McAfee Advanced Threat Research team has discovered that access linked to security and building automation systems of a major international airport could be bought for only US$10.

Issued for Abuse: Measuring the Underground Trade in Code Signing Certificates (University of Maryland) Recent measurements of the Windows code signing certificate ecosystem have highlighted various forms of abuse that allow malware authors to produce malicious code carrying valid digital signatures. However, the underground trade that allows miscreants to acquire such certificates is not well understood.

Timehop Admits GDPR Fumble (Infosecurity Magazine) Breach implications get more serious for firm

Multiple Bugs Found in QNAP Q'Center Web Console (Threatpost) QNAP said in a security advisorythat it has fixed the issues in Q'Center Virtual Appliance, and urged customers to update to the latest version.

Hola VPN's Chrome extension hacked to target MyEtherWallet users (HackRead) Hola VPN extention was hacked for five hours and used in monitoring the activities of some of the MyEtherWallet users.

Unknown and Unsecure Domains Bother Businesses (Infosecurity Magazine) Unknown and unsecure domains continue to be a problem for businesses

Do advances in voice technology pose a threat to enterprise security? (Help Net Security) Almost half of IT professionals said that voice security was either not a priority, or a lower priority than other threats including malware, and phishing.

Who's Reading Your Gmail Messages? (HackRead) Do you know your Gmail emails can be read by third-party app developers and there is a way you can stop them?

Tech-support scammers know EVERYTHING about my computer, Dell customer says (Ars Technica) It's time for Dell to say how scammers got serial numbers and other customer data.

Security Patches, Mitigations, and Software Updates

Why Your Twitter Follower Count Might Go Down This Week (WIRED) After purging millions of fake or suspicious accounts in recent months, Twitter announced a new policy around locked profiles.

Cyber Trends

Threats financial organizations will face in 2019 (Help Net Security) What type of threats will financial organizations face in 2019? According to IntSights Cyber Intelligence: breaches and extortion attempts.

Infosec and the future: Dr. Giovanni Vigna on lessons learned over 25 years (Help Net Security) When I asked Dr. Giovanni Vigna what are some of the most important lessons he has learned during the 25+ years he spent working in computer security, his answer was simple: always learn by doing and always innovate.

White Paper: An Executive Summary on the State of Privacy and Security Awareness in Government (MediaPRO) This white paper reveals an uncomfortable truth: basic cybersecurity and privacy awareness knowledge are lacking at U.S. government organizations.


How the access control market has developed and should direct itself in the coming years (Help Net Security) Smart cards have become synonymous with the access control market, continuing to be used across a variety of end markets including, healthcare,

Accelerating Pathways for Young Ethical Hackers in Cybersecurity (PRWeb) The world needs more “good guys” on this side of cyber warfare, which is why Synack, Nav Talent and premier program sponsor Morgan Stanley are teaming up to equip a future ...

ZTE shares soar after clearing last hurdle to lifting of U.S. ban (Reuters) Hong Kong shares of ZTE Corp surged nearly 24 percent on Thursday after China's No. 2 telecommunications equipment maker cleared the last hurdle to lifting a U.S. ban on component supplies.

ZTE and US sign agreement to lift ban in near future (South China Morning Post) US and ZTE sign escrow agreement; when ZTE completes US$400 million in an escrow account the ban on the company will be lifted

Intel Pays $100,000 Bounty for New Spectre Variants (SecurityWeek) Researchers who discovered two new variations of the Spectre attack receive $100,000 bounty from Intel

Broadcom to Buy CA Technologies for $18.9 Billion (Wall Street Journal) Broadcom struck a deal to buy software company CA Technologies for nearly $19 billion, a surprise move that takes the chip-making giant in a new direction.

Broadcom snaps up CA Technologies for $25 billion (CRN Australia) Deal expected to close by the end of the year.

This Bethesda company is betting on quantum physics as the answer to stronger data encryption (Washington Business Journal) The company’s first network will connect Wall Street with back-office operations in New Jersey, safeguarding high-value transactions and mission-critical data for banks.

Israeli Firm Radiflow Raises $18 Million to Grow Industrial Cybersecurity Business (SecurityWeek) Industrial cybersecurity firm Radiflow has raised $18 million in venture funding through an investment round led by Singapore-based engineering company ST Engineering.

Safe-T® Announces Acquisition of CyKick Labs' Intellectual Property and Marks (Markets Insider) Safe-T® (TASE: SAFE) (OTCQB: SFTTY), a leading provider of software-defined access solutions for the hybrid ...

Netskope nabs Sift Security to enhance infrastructure cloud security (TechCrunch) Netskope, a company that focuses on security in the cloud, announced today it has acquired Sift Security, a startup launched in 2014 to help secure cloud infrastructure services like Amazon, Microsoft and Google using machine learning. The company did not share terms of the deal, but Sift’s 1…

Ex-Cambridge Analytica employees spin out new company to scour your search history (Computing) Auspex International investor says that Google history is more valuable than Facebook data

Lockheed Seeks Cyber Capabilities to Reinforce Aircraft Products, Processes Via Guardtime Federal Alliance (GovCon Wire) Lockheed Martin (NYSE: LMT) has expanded its alliance with Guardt

Good news on the jobs front, as American cyber-security firm SkOUT Secure Intelligence announces the creation of 30 jobs in Portlaoise ( Good news for jobseekers this afternoon, as US-based cyber-security firm SkOUT Secure Intelligence has announced the creation of 30 jobs in Portlaoise. The new roles will include management, sales and business development, engineering, and technical...

Endgame Announces San Francisco Office Expansion to Increase West Coast Presence (GlobeNewswire News Room) Endpoint protection company Endgame plans to double the number of San Francisco-based employees by the end of 2018

MobileIron appoints Scott Hill as CFO (Help Net Security) MobileIron announced that Scott Hill has been appointed chief financial officer (CFO).

Gigamon Appoints Joan Dempsey to its Board of Directors (PRNewswire) Booz Allen Hamilton Executive Vice President and Senior Partner adds broad technology and federal government experience to Gigamon Board

Products, Services, and Solutions

Cylance Unveils “Cylance Smart Antivirus;” AI-Powered Antivirus for Consumers (BusinessWire) Cylance Inc., the leading provider of AI-driven, prevention-first security solutions, today launched Cylance Smart Antivirus, AI-powered antivirus sof

Janrain Partners With Akamai To Launch Next-Generation Secure Edge Technology To Protect Companies And Customers (PRNewswire) Janrain Secure Edge Brings Industry-leading Security from Akamai to the Janrain Identity Cloud®, The World's Largest Omnichannel Identity Network

ForeScout and Carbon Black Integrate to Reduce Business Impact of Cyber Threats (GlobeNewswire News Room) New technology integration improves endpoint security hygiene and fortifies threat defenses across the enterprise

Alcide Announces New Release of its Cloud-Native Security Platform for Modern Data Center and Cloud Environments (GlobeNewswire News Room) New features include Slack integration, Serverless support and a Threat Intelligence Feed

Dell EMC launches VMware-optimised data protection appliance for midmarket (CRN Australia) VMware-optimised appliance comes in a 2U form factor.

Ex-Anonymous member Adam Bennett targets SMBs with threat management platform Crystal Eye (CRN Australia) Adam Bennett looking to help SMBs simplify cybersecurity.

Manatt expands cybersecurity practice to meet client needs (Help Net Security) This expansion with Beierly, Reid and Treviño, reflects Manatt’s strategy of combining the legal practice and consulting in order to offer solutions to meet its clients’ business needs.

Put WhatsApp, Slack, admin privileges in a blender and what do you get? Wickr (Register) But are enterprises willing to pay for this suite smoothie?

Trusona extends its Partner Network ecosystem (The Paypers) Trusona, the #NoPasswords identity authentication provider, has unveiled its Partner Network, an ecosystem of strategic partners operating within the Identity and Access Management space.

Technologies, Techniques, and Standards

The Pentagon Wants to Automate Some Classification Decisions ( The proposed software would help defense officials make classification decisions and automatically enforce them.

What is the Tor Browser? How it works and how protects your identity (CSO Online) The Tor Browser is a web broswer that anonymizes your web traffic using the Tor network, making it easy to protect your identity online.

Identity eats security: How identity management is driving security (CSO Online) New intelligent identity management systems are changing the way organizations authenticate users and devices, and they’re making identity the new security perimeter.

Departing Employees Should Not Mean Departing Data (Infosecurity Magazine) With more than two-thirds of organizations experiencing data theft when employees depart, you need to protect your organization against insider threats.

Design and Innovation

Your Google phone will soon screen nuisance calls (Naked Security) Google is reportedly adding a new feature to its phone app that will breathe a sigh of relief to beleaguered phone users everywhere: Built-in screening for nuisance callers.

Catalyzing Innovation via Centers, Labs, and Foundries (Forbes) Collaboration can involve combinations of government, industry and academia working together to meet difficult challenges and cultivate new ideas. A growing trend for leading companies is creating technology specific innovation centers, labs and foundries to accelerate collaboration and invention.

Research and Development

China, Russia, and the US Are All Building Centers for Military AI (Defense One) But their burgeoning approaches to state-sponsored research are divergent as the countries themselves.

Future Quantum Computers Already Threatening Today’s Data ( Large-scale quantum computing could be just five years away.

Facebook Opens Its Private Servers to Scientists Studying Fake News (WIRED) Social Science One, an independent research commission, will give social scientists unprecedented access to Facebook's data.

Facebook doesn't want to eradicate fake news. If it did they'd kick out InfoWars (Graham Cluley) Facebook would like you to believe that it’s serious about ridding its platform of fake news. So how come InfoWars, one of the most notorious outlets of sick conspiracy theories, is allowed to maintain a page on the social network?


During Raytheon visit, Gov. Northam praises UVA’s Cyber Defense Team for winning national award ( Powerhouse defense contractor Raytheon and students from the University of Virginia received praise from Gov. Ralph Northam Tuesday during his visit to Raytheon's offices in Dulles.

Legislation, Policy, and Regulation

Is NATO capable of modern deterrence? (Defense News) In the era of Little Green Men and propaganda, how does one deter a foe?

Israel seeks global collaboration to defend cyber attacks ( Israel believes a partnership with other nations and sharing information would result in stronger defence against cyber attacks.

Outdated DoD IT Jeopardizes National Security: Report (SecurityWeek) 86% of DoD IT managers said that failing to modernize legacy DoD systems is putting U.S. national security in jeopardy.

Analysis | The Cybersecurity 202: Election security legislation may be gaining steam in Congress (Washington Post) A flurry of hearings took place this week.

New Cyber HQ Completely Restructuring DoD Network Operation (MeriTalk) Paul Craft, director of operations at the Joint Force Headquarters Department of Defense Information Network (JFHQ-DoDIN), spoke today at the Defense Systems Summit about how his relatively new component of U.S. Cyber Command is now tasked with operating and securing the entirety of DoD’s sprawling IT network infrastructure and has undertaken a complete restructuring of network operations for all of DoD.

Fish Out of Water: How the Military Is an Impossible Place for Hackers, and What to Do About It (War on the Rocks) The U.S. military established Cyber Command almost a decade ago, but it fails to maximize its contributions to national mission. Struggles on all levels —

Malta Signs Cryptocurrency and Blockchain Bills into Law (CoinCentral) The government of Malta confirmed last week that it had approved three crucial bills that provide the necessary regulatory framework for the blockchain and cryptocurrency market.

Litigation, Investigation, and Law Enforcement

Senators Fear Meltdown and Spectre Disclosure Gave China an Edge (WIRED) By not informing the US government in advance of two industry-wide hardware flaws, Intel may have inadvertently given ammo to China's hackers.

The Chinese Government Likely Knew about Spectre and Meltdown Bugs Before the U.S. ( Fixing hardware and software vulnerabilities requires global information sharing—and that includes U.S. cyber adversaries.

Stolen U.S. Military Drone Documents Found for Sale on Dark Web, Researchers Say (Wall Street Journal) An unidentified hacker tried to sell purported U.S. military documents containing information about combat drones, a cybersecurity research firm said, after they were allegedly stolen from an Air Force officer’s computer.

Kaspersky Makes Last Ditch Argument to Halt Congressional Ban from Being Implemented ( Multiple agencies have set Monday, July 16, as the deadline for the ban to be implemented in new procurements.

Chinese Hackers Stole Large Amounts of Secret U.S. Submarine-Warfare Data, Military Says (Wall Street Journal) The Defense Department’s inspector general is investigating a security breach after Chinese hackers allegedly stole large amounts of sensitive data from a Navy contractor.

Homeland Security official "suspects" Russia targeted all 50 states in 2016 (CBS News) "I would suspect that the Russians scanned all 50 states" and territories, DHS Undersecretary Christopher Krebs tells Congress

Notorious ‘Hijack Factory’ Shunned from Web (KrebsOnSecurity) Score one for the good guys: Bitcanal, a Portuguese Web hosting firm long accused of helping spammers hijack large swaths of dormant Internet address space over the years, was summarily kicked off the Internet this week after a half-dozen of the company’s bandwidth providers chose to sever ties with the company.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

PCI Security Standards North America Community Meeting (Las Vegas, Nevada, USA, September 25 - 27, 2018) The PCI Security Standards Council’s 2018 North America Community Meeting is THE place to be. We provide you the information and tools to help secure payment data. We lead a global, cross industry effort...

Zero Day Con: Hacking Democracy (Washington, DC, USA, October 16, 2018) Join Zero Day Con and Strategic Cyber Ventures on October 16th in Washington, D.C. to examine the path forward in reducing our attack surface, managing risk, regaining control of our networks and data,...

PCI Security Standards Europe Community Meeting (London, England, UK, October 16 - 18, 2018) The PCI Security Standards Council’s 2018 Europe Community Meeting is THE place to be. We will provide you with the information and tools to help secure payment data. We lead a global, cross industry effort...

Upcoming Events

Cyber Security Summit 2018 (Newport, Rhode Island, USA, July 18 - 20, 2018) Join us for Opal Group’s Cyber Security Summit – set in Newport, RI, this premier event will gather C-Level & Senior Executives responsible for defending their companies’ critical infrastructures together...

The Cyber Security Summit: Seattle (Seattle, Washington, USA, July 19, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Health Cybersecurity Summit 2018 (Santa Clara, California, USA, July 20, 2018) Worried about being hacked? Not sure how to respond to a cyber incursion? The first line of defense is a cyber threat preparedness strategy that includes coordination with critical infrastructure and emergency...

Global Cyber Security Summit (Kathmandu, Nepal, July 27 - 28, 2018) Information Security Response Team Nepal (NPCERT) is all set to host a Global Cyber Security Summit (GCSS) on July 27 with the theme “Building Global Alliance for Cyber Resilience”. The two-day event aims...

SINET61 2018 (Melbourne, Victoria, Australia, July 31 - August 1, 2018) Promoting cybersecurity on a global scale. SINET – Melbourne provides a venue where international solution providers can engage with leaders of government, business and the investment community to advance...

Community College Cyber Summit (3CS) (Gresham, Oregon, USA, August 2 - 4, 2018) 3CS is the only national academic conference focused on cybersecurity education at community colleges. Who should attend 3CS? College faculty and administrators, IT faculty who are involved or who would...

2018 Community College Cyber Summit (3CS) (Gresham and Portland, Oregon, USA, August 2 - 4, 2018) 3CS is organized and produced by the National CyberWatch Center, National Resource Center for Systems Security and Information Assurance (CSSIA), CyberWatch West (CWW), and Broadening Advanced Technological...

2nd Billington Automotive Cybersecurity Summit (Detroit, Michigan, USA, August 3, 2018) The 2nd summit on August 3 in Detroit, MI will be the top leadership summit on auto cybersecurity convening a who’s who of speakers in the automotive cybersecurity ecosystem. The inaugural summit included,...

2nd Billington Automotive Cybersecurity Summit (Detroit, Michigan, USA, August 3, 2018) The 2nd summit on August 3 in Detroit, MI will be the top leadership summit on auto cybersecurity convening a who’s who of speakers in the automotive cybersecurity ecosystem. The inaugural summit included,...

Black Hat USA 2018 (Las Vegas, Nevada, USA, August 4 - 9, 2018) Now in its 21st year, Black Hat USA is the world's leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2018 opens with four days...

Audit Your Digital Risk (Washington, DC, USA, August 7 - 8, 2018) Recent reports indicate that manufacturing is the most heavily targeted industry for cyber attacks in the past year. According to a study released by NTT Security, 34% of all documented cyber attacks in...

DefCon 26 (Las Vegas, Nevada, USA, August 9 - 12, 2018) DEF CON has been a part of the hacker community for over two decades. $280.00 USD, cash for all four days. Everyone pays the same: The government, the media, the ‘well known hackers’, the unknown script...

CyberTexas 2018 (San Antonio, Texas, USA, August 14 - 15, 2018) The 2018 CyberTexas Conference will bring members of the CyberUSA community together with industry and government members of Texas to create long-term values for the cybersecurity ecosystem in San Antonio...

SecureWorld Bay Area (Santa Clara, California, USA, August 21, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.