skip navigation

More signal. Less noise.

Are you using threat intelligence to its full potential?

Are you using threat intelligence to its full potential? Download this free report via Recorded Future to learn 12 common threat intelligence use cases.

Daily briefing.

Monday's action against several firms the US Treasury Department regards as FSB cats' paws has prompted discussion over the security or lack thereof surrounding undersea cables. They are indeed susceptible to both tapping and intentional damage, but this is not a new problem. Undersea cables were both tapped and cut a hundred years ago during the First World War, and such activity has continued through today.

Alien Vault reports that North Korea's Lazarus Group is actively exploiting an ActiveX zero-day found on a site belonging to a South Korean security think tank.

Researchers at Defiant are tracking "Baba Yaga" malware, which generates spam links and redirections. It's also cannibalistic like its namesake: it removes competing malware from the devices it infects.

Yesterday was Patch Tuesday, and Microsoft addressed some fifty issues with its software. The products receiving upgrades include the Windows OS, Internet Explorer, Microsoft Edge, the ChakraCore JavaScript engine, and Microsoft Office, with its Microsoft Office Services and Web Apps. No zero-days this month, but the update did toggle Meltdown and Spectre mitigations to new default settings.

Bitcoin and other cryptocurrencies took a hit after the weekend disclosure of theft at the Coinrail ICO exchange. Cryptojacking continues to make a nuisance of itself. A study by Palo Alto Networks concludes that about 5% of the Monero out there was mined by malware, and that 2% of the daily hashrate comes from cryptojacked machines. Fortinet reports the recent emergence of PyRoMineIoT, cryptomining malware that propagates through the Eternal Romance exploit.

Notes.

Today's issue includes events affecting Australia, Canada, Chile, China, European Union, India, Netherlands, Russia, United States.

Under GDPR non-compliant companies face trade-offs on borrowed time, says Control Risks.

Control Risks says non-compliance is a truly enterprise risk for companies operating in the EU. It burdens already taxed programs with particular measures to protect personal data and disclose security issues. Many worry that resources catching up to GDPR before an incident occurs trade-off other critical initiatives, leaving them vulnerable nonetheless. Companies must get executives and experts involved in managing the risk and competing priorities. Let  Control Risks help you be both secure and compliant.

In today's podcast, we hear from our partners at Accenture, as Justin Harvey shares some thoughts on supply chain security. Our guests are Saher Naumaan and Kirsten Ward, who talk about RESET, BAE Systems’ event for women in cybersecurity.

The Cyber Security Summit: DC Metro on June 28 and Seattle on July 19 (Washington, DC, United States, June 28, 2018) Learn from cyber security experts from The U.S. Department of Justice, The NSA, Pulse Secure, CenturyLink and more as they brief you on the latest security threats facing your business.  This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers. Receive $95 VIP admission with promo code cyberwire95 at CyberSummitUSA.com ($350 without code). Your registration includes a catered breakfast, lunch, and cocktail reception. Passes are limited. Secure your ticket while space permits.

Cyber Attacks, Threats, and Vulnerabilities

Sponsored: You can’t defend yourself from an attack you don’t see coming. (LookingGlass Cyber) Enabling your team with high-quality threat intelligence will help you stop cyber attacks BEFORE your network is breached. Download LookingGlass’ eBook to learn more.

Explainer: How Vulnerable Are Undersea Cables That U.S. Says Russia Is Tracking? (RadioFreeEurope/RadioLiberty) Western powers have warned that Russia could attack deep-sea cables that form what is known as the "backbone of the global Internet," though some experts suggest the threat may be overblown.

North Korean Hackers Abuse ActiveX in Recent Attacks (SecurityWeek) ActiveX zero-day vulnerability discovered recently on the website of a South Korean think tank focused on national security has been abused by North Korea’s Lazarus group

Exclusive - U.S. counterspy warns World Cup travellers' devices could be hacked (Reuters) The top U.S. counterintelligence official is advising Americans travelling to Russia for football's World Cup beginning this week that they should not take electronic devices because they are likely to be hacked by criminals or the Russian government.

Trump and Kim USB fan raises eyebrows (BBC News) Cyber-security experts warn about a laptop-powered fan given to reporters at the summit.

The danger lurking in the Singapore summit’s freebies (Fifth Domain) Journalists at the Singapore summit received a free USB powered fan. It could be a digital death-trap.

New 'PyRoMineIoT' Malware Spreads via NSA-Linked Exploit (SecurityWeek) Cryptocurrency miner malware PyRoMineIoT uses NSA-linked exploit to spread and leverages infected machines to scan for vulnerable IoT devices

BabaYaga: The WordPress Malware That Eats Other Malware (Wordfence) Recently, Defiant’s analysts have been tracking a particularly sophisticated malware infection responsible for generating spam links and redirection, while still remaining relatively difficult for victims to detect. Dubbed “BabaYaga” by our team, this infection is notable for containing code capable of removing its competition. BabaYaga actually has the ability to remove other malware. While this …

Trik Spam Botnet Leaks 43 Million Email Addresses (BleepingComputer) Over 43 million email addresses have leaked from the command and control server of a spam botnet, a security researcher has told Bleeping Computer today.

Inspector general: 2 US dams at risk of ‘insider threats’ (Fifth Domain) An evaluation released Monday by the U.S. Department of the Interior doesn't name the two dams, and spokeswoman Nancy DiPaolo cited national security concerns. But they are among five dams operated by the U.S. Bureau of Reclamation that are considered

DHS experts warn it's a "matter of time" before hackers hit commercial airliners (CBS News) At a presentation in January, researchers warned it is "a matter of time before a cybersecurity breach on an airline occurs"

Analysis Of Banco De Chile + Continued Cyber Attacks On Banks (Information Security Buzz) As you may have heard, Banco de Chile is the latest victim in a string of cyber attacks targeting payment transfer systems and in a similar vein to the recent Mexico heist, hackers wreaked havoc on banking operations. Ofer Israeli, CEO at Illusive Networks, believes the Lazarus Group, one of the most notorious band of cybercriminals, is behind this, …

New Android malware stealing financial data from users in India: Quick Heal (Hindustan Times) The two new Android malware are said to appear in the form of notifications from WhatsApp, Facebook, and banking apps as well.

Security consultants mop up after PageUp breach (CRN Australia) Melbourne's Hivint works to remediate after attack.

Phishing theft of $93G at clean energy agency went unreported for months (Boston Herald) A cyber scammer stole nearly $94,000 in public funds from the Massachusetts Clean Energy Center last year, with news of the theft-by-email taking 8 months to reach the quasi-public agency’s board of directors, according to a state audit.

Millions of Dixons Carphone customers' details stolen in huge cyber attack (The Independent) Hackers had access to people's personal information, the retailer said

Facebook knows exactly how many times you’ve searched for your ex (Quartz) There's good news: you can delete your queries.

TechMan Texts: Microsoft didn't really detect that security error (Pittsburgh Post-Gazette) If you use a computer, chances are you’ve seen a pop-up message like this: “Microsoft detected security error. Due to suspicious activity found on your ...

County increasing security after April 23 cyber attack (Dawson News) County Manager David Headley recently released details about the ransomware attack that crippled Dawson County government computer systems earlier this year.

Another week, another bitcoin hack, another huge price drop (WIRED UK) Bitcoin is a technology solution for a financial problem, but it's undermined by poor tech infrastructure. Coinrail is the latest cryptocurrency exchange to be hacked

Around 5% of All Monero Currently in Circulation Has Been Mined Using Malware (BleepingComputer) At least 5% of all the Monero cryptocurrency currently in circulation has been mined using malware, and about 2% of the total daily hashrate comes from devices infected with cryptocurrency-mining malware.

Security Patches, Mitigations, and Software Updates

Microsoft June 2018 Patch Tuesday Fixes 50 Security Issues (BleepingComputer) Microsoft has released the June 2018 Patch Tuesday security updates, and this month's release comes with fixes for 50 vulnerabilities.

Microsoft Patch Tuesday, June 2018 Edition (KrebsOnSecurity) Microsoft today pushed out a bevy of software updates to fix more than four dozen security holes in Windows and related software.

Microsoft to Windows 7, Windows 8 users: We're about to end forum tech support (ZDNet) If you have a Windows 7 or 8, Office 2013, or Surface Pro problem, you'll have to rely on the community for answers.

Google removes inline installation option for Chrome extensions (Help Net Security) Google is shutting down an often used vector for delivering malicious Chrome extensions to users by removing the inline installation option.

Crestron Patches Command Injection Flaw in DGE-100 Controller (SecurityWeek) Crestron patches critical command injection vulnerability affecting the console service on its Digital Graphics Engine 100 (DGE-100) and other controllers

Cyber Trends

Sponsored: Busting Threat Intelligence Myths: A Guide for Security Professionals (Recorded Future) See how you can begin to augment your cybersecurity skills with powerful and contextualized threat intelligence.

DNS amplification attacks rise twofold in Q1, according to Nexusguard DDoS attack data (Business Insider Singapore) Cybersecurity researchers advise organizations seek virtual patches, secure configurations throughout device and service lifecycles

Majority of execs have paid a hacker's ransom, Radware finds (ROI-NJ) A majority of executives have paid a hacker’s ransom following a cyber attack, according to Radware’s 2018 Executive Application and Network Security Report. Radware, a provider of cybersecurity and application delivery solutions based in Mahwah, reported 53 percent of executives it surveyed have paid ransom following a breach. “A ransom payment may make the problem …

Has paying the ransom become business as usual? (Help Net Security) According to the 2018 Executive Application and Network Security Report, 53% of executives reported paying a hacker’s ransom following a cyber-attack.

Cost of lagging DevOps and microservice enablement? $34 million per year (Help Net Security) 74% believe DevOps enablement capabilities are essential, but only 33% believe their organization has the ability to deliver those capabilities.

Banks planning further integration of regulatory data (Help Net Security) Most global banks want to integrate their regulatory workflow data. But keeping up to date with the fast pace of regulatory change is hindering that move.

Marketplace

Investors wipe $3 billion off China's ZTE as U.S. settlement sinks in (Reuters) Investors wiped about $3 billion off embattled Chinese telecommunications giant ZTE Corp's market value as it resumed trade on Wednesday after agreeing to pay up to $1.4 billion in penalties to the U.S. government.

Commentary: How Bailing Out ZTE Damaged America’s Credibility (Fortune) Specifically toward Iran

China's Huawei set to win $120 million Perth contract despite spying concerns (Financial Review) Chinese phone company Huawei is set to emerge as the winning bidder for a major telecommunication contract in Perth, despite strict federal government conditions and strong objections from national security experts.

Huawei is still growing in Bellevue despite national security backlash (Puget Sound Business Journal) Huawei is waiting for scrutiny to pass and believes a phone deal with AT&T is more likely after regulators approved its Time Warner takeover, according to a source.

Today, the EU Will Vote on a Motion That Recommends Banning Kaspersky Products From Official EU Networks (BleepingComputer) In a plenary session of the European Parliament that will be held today in Strasbourg, France, members of the European Parliament (MEPs) will vote on a motion for resolution which includes a clause to ban the use of software programs "that have been confirmed as malicious, such as Kaspersky Lab."

Kaspersky looks to grow 25% by 2019 in India (ETtech.com) The company today detects more than 3 lakh new malwares daily, Kaspersky Lab South Asia general manager Shrenik Bhayani told ET.

'Warranty included' -the future of cybersecurity? (CRN) CrowdStrike's announcement of a cyber warranty offering has some questioning if this is the start of an industry trend

WSJ Top 25 Tech Companies to Watch 2018 (Wall Street Journal) Three industries—AI, blockchain and cybersecurity—dominate the list of companies that look like emerging tech leaders.

Siemens Selects Claroty as Strategic Partner for Advanced Anomaly Detection and Invests in Company (Claroty) Claroty, the leader in cybersecurity for industrial control networks, and Siemens, a global technology powerhouse focusing on the areas of electrification, automation, and digitalization, today announced a global partnership.

Tenable and Siemens partner to secure critical infrastructure & reduce cybersecurity risks (Windpower Engineering & Development) Tenable, Inc., the Cyber Exposure company, announced the industry’s first solution designed to reduce cybersecurity risk across converged IT/OT environments. The company has enhanced its Tenable.io platform and Industrial Security — an asset discovery and vulnerability detection solution for Operational Technology (OT) systems. Tenable is working in partnership with Siemens to better enable organizations to…

VictorOps bought for $120M, plans to expand in Boulder (Times Call) VictorOps, a Boulder software developer and incident management solutions provider, has been bought for $120 million by San Francisco-based data platform company Splunk.

Deep Instinct Continues Momentum in North America with the Addition of a VP of Technology and Opening of New Headquarters (BusinessWire) Deep Instinct, the first company to apply deep learning to cybersecurity, announced today the appointment of Jason Mical to Vice President of Technolo

Optiv Security Announces Key Executive Appointments Aligned to Global Services Expansion and Business Growth Strategy (Financial Post) Optiv Security, the world’s leading security solutions integrator, today announced it has named Chad Holmes as chief services and operations officer and Nate Brady as chief financial offic…

Products, Services, and Solutions

Paladin Cyber Introduces Paladin Browser Protection as Google Chrome Extension, the First-Ever Comprehensive Cyber Protection Toolkit (CIO Dive) Free extension keeps hackers out of consumer’s browsers and inboxes to protect private information

Dataguise and Snowflake Join Forces to Provide Complete Compliance Readiness for Highly Regulated Organizations (GlobeNewswire News Room) Dataguise Provides Data Privacy/Compliance Wrapper for the Data Warehouse Built for the Cloud

Untangle Releases NG Firewall 14.0 with Enhanced Support for Secure SD-WAN (Untangle) Latest Update Reduces Connectivity Costs and Simplifies Management at the Network Edge SAN JOSE, Calif.– June 12, 2018 – Untangle®, Inc., a leader in comp

Seattle International Film Festival Deploys WatchGuard APs to Ensure Robust, Secure Wi-Fi for Guests and Staff (PR Newswire) WatchGuard® Technologies, a leader in advanced network security solutions,...

Telos ID to Provide Nationwide Fingerprinting Services to U.S. Census Bureau (Telos) Identity Management Leader Teams with IndraSoft to Support Census Hiring   Ashburn, Va. – June 13, 2018 – Telos Identity Management Solutions, LLC (Telos ID) was awarded a subcontract under IndraSoft, Inc.’s $64 million, multi-year…

High-Tech Bridge launches VAR partnership program for ImmuniWeb® AI (CIO) High-Tech Bridge, a global provider of web and mobile application security and winner of SC Awards 2018 Europe’s “Best usage of Machine Learning / AI” category, announces a launch of an international Value Added Reseller (VAR) partnership program today.

MyShield – Cool Cousin and Neex (Blonde 2.0 PR system) The open source platform is battling online fraud in the crypto sphere through community involvement and a digital rewards ecosystem

MSPAlliance Launches GDPR Program for Service Providers (PR Newswire) The International Association of Cloud & Managed Service...

NSS Labs to Develop Its 2018 Web Browser Security Comparative Reports (GlobeNewswire News Room) The Company Invites Industry Engagement to Help Evolve Its Forthcoming Test and Methodology

Sophos Launches Email Advanced Service to Improve Security (eWEEK) Sophos expands its security portfolio with an enhanced email security service that protects against threats and helps to improve email integrity and authenticity.

Gemalto unveils new virtualized encryption platform (Security Brief) “Gemalto’s launch of a virtualised network encryption platform redefines network data security by providing the crypto-agility required."

Technologies, Techniques, and Standards

Sponsored: Automate and Orchestrate Your Cybersecurity Processes (ThreatConnect)

Cybersecurity Must be Both Strategic and Tactical: 7 Takeaways... (Bricata) Healthcare struggles to get complete visibility into the IT infrastructure because it’s often an eclectic mix of technologies amassed both from organic purchased and company acquisition. The additional constraints of budget limits, and the move to the... #cloudsecurity #healthcaresecurity #ids

Somebody Else's Security: Rethinking Cloud FUD (Infosecurity Magazine) The list of enterprise IT organizations who had their private data publicly exposed in 2017 because of misconfigured AWS S3 buckets is long.

How to Secure Your AWS Storage Buckets (Data Center Knowledge) Amazon is responsible for securing its cloud. Your security inside its cloud is on you.

Akamai Mitigates Largest DDoS Attack in Firm’s History (Meri Talk) Akamai today released an Attack Spotlight recounting how it mitigated the largest distributed denial of service (DDoS) attack in its history. Earlier this year, an Akamai client, an unnamed software company, was the target of a massive DDoS attack–one that broke the 1 terabyte per second threshold for the first time.

10 Security Projects CISOs Should Consider: Gartner Analyst (eSecurity Planet) Gartner analyst lists 10 security projects CISOs should consider this year - and 10 they should have already done.

5 simple tips to keep your business secure from cyberattacks (The Economic Times) Several experts have cited the urgent need for SMEs to secure their online premises, however, many SMEs do not go beyond installing a basic anti-virus solution.

Design and Innovation

Sponsored: Closing the Last Gap in Data Security: Protecting Data in Use (Enveil) Industry analyst firm 451 Research highlights how startup Enveil tackles the encryption-in-use problem with a new take on homomorphic encryption.

USCYBERCOM Awards Cyber Innovation Contract to MISI (MISI) The Maryland Innovation and Security Institute (MISI) has been awarded a five-year Partnership Intermediary Agreement (PIA) by United States Cyber Command (USCYBERCOM) to innovate new technologies in an unclassified, state-of-the-art facility located in Columbia, MD.

Security Vulnerabilities: A Threat to Automotive Innovation (SecurityWeek) As automakers rush to bring more connected cars to market, it is important that they don't skip the basics of cybersecurity and compromise the safety of their vehicles.

Legislation, Policy, and Regulation

Chinese attacks on contractors ‘a phenomenon’ on the rise (Fifth Domain) China's reported hacking of a Navy defense contractor illustrates the struggle to guard secrets.

Panel: Kremlin Now Reaping Benefits From Years of Investment in Information Warfare (USNI News) The Russian strategic decision to value information dominance over cyber warfare is reaping major dividends in sowing distrust among the Western democracies, a former director of the CIA and NSA said on Monday. In the 1990s, “Russia went to door number two” in choosing information dominance, partially because many in the Kremlin then were familiar …

Feds lay out plan to boost online defences amid shortfall of cyber warriors (CTVNews) The federal government unveiled its plan to bolster Canada's defences against nefarious online attacks and crime Tuesday, even as it acknowledged a shortage of skilled cyber-warriors to meet the country's needs.

Legislators want to mandate WH cyber post (again) (Federal Times) The White House cyber coordinator post was left vacant after its most recent occupant Rob Joyce announced his return to the National Security Agency in May 2018.

DHS putting the pedal to the metal for one of its major cyber programs (FederalNewsRadio.com) Kevin Cox, the program manager for the continuous diagnostics and mitigation program, said ongoing assessments and mobile security are among the top priorities for 2018 and beyond.

OPM wants to know the most critical cyber workforce needs (Fifth Domain) And it wants to know earlier than previously requested.

US repeals net neutrality rules, what happens now? (Help Net Security) Net neutrality rules have been officially repealed in the US on Monday, as the Restoring Internet Freedom Order by the Federal Communications Commission

2018 NSA Law Day Speech (Lawfare) Remarks delivered to the 29th annual National Security Agency Law Day on June 8.

Litigation, Investigation, and Law Enforcement

Kaspersky sues Dutch newspaper for defamation (The Stack) Embattled security firm Kaspersky has taken its fight against 'fake news' to the next level by suing Dutch newspaper De Telegraaf for defamation.

Dutch hacker, big cyber-politics, and the anatomy of ‘real’ fake news. (Nota Bene) Almost 21 years ago, I embarked on a mission to make the world a safer, better place. Today, we're proud to protect with our cybersecurity solutions the digital lives of over 400 million consumers and

Two men killed over false child kidnapping claims on WhatsApp, Facebook (CNN) Twenty-seven people have been arrested after two men were beaten to death by a mob following false social media reports suggesting they were child kidnappers, police in India said.

Florida skips gun background checks for a year after employee forgets login (Naked Security) The Florida Department of Agriculture and Consumer Services stopped using the FBI’s crime database in February 2016 because an employee couldn’t log in.

Yahoo fined £250,000 over cyber-attack (BBC News) The fine relates to a data breach in 2014 which affected more than 500,000 Yahoo customers.

Feds Bust Dozens of Email Scammers, but Your Inbox Still Isn’t Safe (WIRED) The arrest of dozens of Nigerian email scammers and their associates is a small, but important, first step toward tackling an enormous problem.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Dynamic Connections 2018 (Palm Springs, California, USA, June 12 - 14, 2018) Together with you, our customers and partners, we’ll come together for 2 ½ days to learn, explore and create the possible at Dynamic Connections 2018 (DC18). To get ahead of the most critical, most pervasive...

Social Engineering—Rhode Island (Newport, Rhode Island, USA, June 16, 2018) Welcome to the first ever social engineering conference in Rhode Island!

NITSIG Meeting: Protecting Controlled Unclassified Information On U.S. Government Contractor Information Systems (Herndon, Virginia, USA, June 18, 2018) This meeting will discuss the security control requirements for the protection of Controlled Unclassified Information (CUI), for contractor information systems upon which CUI is processed, stored on, or...

Norwich University Cyber Security Summit (Northfield, Vermont, USA, June 18 - 20, 2018) Norwich University’s College of Graduate and Continuing Studies (CGCS) is pleased to announce the second annual Cyber Security Summit in June 2018. The summit, presented in a continuing education format,...

Insider Threat Program Management With Legal Guidance Training Course (Tyson's Corner, Virginia, USA, June 19 - 20, 2018) This training will provide the ITP Manager, Facility Security Officer, and others (CIO, CISO, Human Resources, IT, Etc.) supporting an ITP, with the knowledge and resources to develop, manage, or enhance...

GovSummit (Washington, DC, USA, June 27 - 28, 2018) GovSummit -- the government security conference hosted annually by the Security Industry Association -- brings together government security leaders with private industry technologists for top-quality information...

The Cyber Security Summit: DC Metro (Tysons Corner, Virginia, USA, June 28, 2018) Learn from cyber security experts from The U.S. Department of Justice, The NSA, Pulse Secure, CenturyLink and more as they brief you on the latest security threats facing your business. This event is...

Impact Optimize2018 (Rosemont, Illinois, USA, June 28, 2018) Impact Optimize2018, the first-ever IT and Business Security Summit hosted by Impact, will provide attendees with actionable steps that enable the betterment of information, network and cybersecurity.

Nuclear Asset Information Monitoring and Maintenance (Warrington, England, UK, July 3 - 4, 2018) On July 3rd and 4th in Warrington United Kingdom, nuclear industry leaders will meet for the IoE Events Nuclear Asset Information, Monitoring and Maintenance conference to further develop the sector’s...

Cyber Security Summit 2018 (Newport, Rhode Island, USA, July 18 - 20, 2018) Join us for Opal Group’s Cyber Security Summit – set in Newport, RI, this premier event will gather C-Level & Senior Executives responsible for defending their companies’ critical infrastructures together...

The Cyber Security Summit: Seattle (Seattle, Washington, USA, July 19, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Health Cybersecurity Summit 2018 (Santa Clara, California, USA, July 20, 2018) Worried about being hacked? Not sure how to respond to a cyber incursion? The first line of defense is a cyber threat preparedness strategy that includes coordination with critical infrastructure and emergency...

Global Cyber Security Summit (Kathmandu, Nepal, July 27 - 28, 2018) Information Security Response Team Nepal (NPCERT) is all set to host a Global Cyber Security Summit (GCSS) on July 27 with the theme “Building Global Alliance for Cyber Resilience”. The two-day event aims...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.