skip navigation

More signal. Less noise.

Where do cyber security professionals go to find jobs and career advice? features thousands of opportunities across the country and overseas for cyber security pros. Check us out today by visiting

Daily briefing.

Olympic Destroyer, the threat group responsible for disruption of digital aspects of this past winter's Pyeongchang Olympic games, is apparently back. Kaspersky Lab is tracking activity that looks very much like Olympic Destroyer's against organizations associated with chemical and biological weapons control. Targets in Germany, France, Switzerland, Russia, and Ukraine are said to have been spearphished. The evidence for Olympic Destroyer's renewed activity lies principally in the obfuscation and spearphishing macros the recent attacks have employed. Kaspersky as usual offers no attribution, but US officials concluded in February that Olympic Destroyer was a Russian operation cloaked by false flags. Russia has objected to investigations linking it to chemical attacks in Salisbury and Syria, and this resentment is thought to provide a motive.

The US has charged Joshua Schulte with "unauthorized disclosure of classified information and other offenses relating to the theft of classified material" from the CIA. Schulte is alleged to be the source of WikiLeaks' Vault7. The defendant's careless search for, and online communications about, illicit pornography are thought to have constituted the opsec mistakes that led Federal agents to him.

Experts speculate that Liberty Life may have been the victim of a malicious insider in the data loss it disclosed over the weekend.

Another malicious insider may be behind "sabotage," including deliberately bad coding and data theft, at Tesla (or so Elon Musk believes).

The US Senate voted yesterday to revoke the lifeline the Administration had extended to ZTE. Huawei appears to be in Congressional crosshairs as well.


Today's issue includes events affecting Australia, Canada, China, Czech Republic, Hungary, Democratic Peoples Republic of Korea, NATO/OTAN, Poland, Romania, Russia, Singapore, Slovakia, South Africa, United States.

How sharp is your incident response to cyber threats? Learn more in LookingGlass’ webinar!

Enabling your team with high-quality threat intelligence is imperative to stopping cyber attacks BEFORE they breach your network. But what distinguishes high-quality, actionable threat intelligence from low-quality "noise"? How are cutting edge CISOs and IT security teams applying threat intelligence to incident response? Find out in LookingGlass’ webinar with Security Ledger. Tuesday, June 26 @ 2pm ET. Sign up now!

In today's podcast, we hear from our partners at Webroot, as David Dufour offers insights into the impact Webroot is seeing from GDPR. Our guest is Lenny Zeltser from Minerva Labs, discussing his IT and security "cheat sheets."

The Cyber Security Summit: DC Metro on June 28 and Seattle on July 19 (Washington, DC, United States, June 28, 2018) Learn from cyber security experts from The U.S. Department of Justice, The NSA, Pulse Secure, CenturyLink and more as they brief you on the latest security threats facing your business.  This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers. Receive $95 VIP admission with promo code cyberwire95 at ($350 without code). Your registration includes a catered breakfast, lunch, and cocktail reception. Passes are limited. Secure your ticket while space permits.

Cyber Attacks, Threats, and Vulnerabilities

Sponsored: You can’t defend yourself from an attack you don’t see coming. (LookingGlass Cyber) Enabling your team with high-quality threat intelligence will help you stop cyber attacks BEFORE your network is breached. Download LookingGlass’ eBook to learn more.

Hackers who sabotaged the Olympic games return for more mischief (Ars Technica) Olympic Destroyer gang may be planning new destructive hacks, researchers say.

The Olympic Destroyer Hackers May Be Targeting Biochem Threat Prevention Now (WIRED) A recent spate of attacks against biological and chemical threat protection agencies bears the hallmarks of the group hacker group behind Olympic Destroyer.

Liberty: Cyber security expert says "an inside job" lead to huge data breach (The South African) Liberty, one of South Africa's biggest insurers, has suffered a massive data breach at the hands of a hacking team.

Tesla saboteur caused extensive damage and leaked highly sensitive... (HOTforSecurity) Tesla CEO Elon Musk believes that the company is the victim of deliberate sabotage perpetrated by an employee. According to CNBC, the high profile executive sent an email to Tesla employees this weekend alleging that there was a saboteur in the company's ranks who... #dataleak #insiderthreat #tesla

Musk alleges Tesla Model 3 production has been sabotaged, according to CNBC (Ars Technica) A disgruntled employee is alleged to have sabotaged the company's systems.

Elon Musk sends company email about 'extensive and damaging sabotage' by employee (CNBC) Tesla CEO Elon Musk sent an e-mail to all employees late on Sunday night alleging a saboteur within the company's ranks had tweaked code on internal products and sent company data out without authorization.

Details emerge of Russian cyber attacks on Singapore Summit (Information Age) F5 Networks witnessed a wave of Russian cyber attacks coinciding with the Singapore Summit and historic Trump-Kim meeting last week

HeroRat: The new kid on the block of Android RATs (WeLiveSecurity) ESET researchers have discovered a new type of Android RAT called HeroRat, that is abusing the Telegram protocol for command and control, and data exfiltration.

75% of Malware Uploaded on “No-Distribute” Scanners Is Unknown to Researchers (BleepingComputer) Three-quarters of malware samples uploaded to "no-distribute scanners" are never shared on "multiscanners" like VirusTotal, and hence, they remain unknown to security firms and researchers for longer periods of time.

Zacinlo malware spams Windows 10 PCs with ads and takes screenshots (HackRead) The malware is equipped with several capabilities including adware, grabbing screenshots and spy on victim's online activities.

Six Years and Counting: Inside the Complex Zacinlo Ad Fraud Operation (Bitdefender Labs) For more than a decade, adware has helped software creators earn money while bringing free applications to the masses. Headliner games and applications have become widely available to computer and mobile users the world over, with no financial strings attached... #advancedmalware #adware #rootkit

Cyber-Criminals Are On The Offensive During the World Cup: Wallchart Phishing Campaign Exploits Soccer Fans (Check Point Blog) Keeping track of the World Cup can get overwhelming.   Cyber criminals are keenly aware of this pain point, seeking to use the buzz around the World Cup as cover for their sneaky attacks.   Check Point researchers have identified a phishing campaign targeting soccer fans, using the email subject line of ““World_Cup_2018_Schedule_and_Scoresheet_V1.86_CB-DL-Manager.”  This type…

13 Ways Cyber Criminals Spread Malware (HackRead) Here are 13 techniques used by cybercriminals for spreading malware - If you use the Internet you can be a victim any time so watch out.

Reminder: macOS still leaks secrets stored on encrypted drives (Ars Technica) Thumbnails from encrypted drives live on long after the drives are disconnected.

Multiple Zero-Day Bugs Found In 390 Axis Camera Models (Tom's Hardware) IoT security firm VDOO found multiple security flaws in the surveillance cameras from several vendors. The company disclosed that 390 camera models from Axis Communications were affected by multiple zero-day bugs.

Chicago Public Schools mistakenly emails private data of thousands of students, including names, phone numbers (Chicago Tribune) More than 3,700 families were affected by the data breach, which included names, email addresses, phone numbers and student ID numbers.

Ontario home care service provider victim of cyber attack (Global News) CarePartners said in a statement on Monday the attack breached its computer system and, as a result, both patient and employee information was inappropriately accessed.

Faked Video Will Complicate Justice by Twitter Mob (WIRED) Opinion: Videos provide transformative new avenues for justice, often summoning well-deserved Twitter mobs. Deep fakes could change all that.

Security Patches, Mitigations, and Software Updates

Google to Fix Location Data Leak in Google Home, Chromecast (KrebsOnSecurtiy) Google in the coming weeks is expected to fix a location privacy leak in two of its most popular consumer products. New research shows that Web sites can run a simple script in the background that collects precise location data on people who have a Google Home or Chromecast device installed anywhere on their local network.

Firefox fixes critical buffer overflow (Naked Security) Version 60.0.2 of the resurgent Firefox browser fixes a critical security flaw in its SVG rendering code.

“Unbreakable” Smart Lock Tapplock Issues Critical Security Patch (Threatpost) Researchers were able to discover a way to hack the device in less than an hour.

Cyber Trends

Cyber Threat Report CEE 2018 (CYBERSEC HUB) Do you know that only 35% of CEE companies have a cybersecurity strategy for customer data protection?

MPs: CNI Attacks Are Biggest Cyber-Threat. (Infosecurity Magazine) NCC Group poll seems to show growing awareness of cybersecurity


Huawei to Australia: We're not a security risk for 5G (CNNMoney) Huawei, one of China's top tech companies, is fighting back after reports say it may be banned from participating in Australia's 5G network.

Veriff raises $7.7M Series A to become the ‘Stripe for identity’ (TechCrunch) Veriff, the Estonian startup that wants to become something akin to the ‘Stripe for identity’, has raised $7.7 million in Series A funding. Leading the round is Mosaic Ventures, joining an impressive list of backers that include Taavet Hinrikus, Ashton Kutcher, Paul Buchheit, Elad Gil, …

Booz Allen Hamilton opens cybersecurity innovation hub in Annapolis Junction (Baltimore Sun) Booz Allen Hamilton to open its sixth innovation hub in Annapolis Junction to encourage collaboration among cyber security experts.

Booz Allen Invests in Cyber Talent and Growth with New Central Maryland Innovation Hub (BusinessWire) Newest iHub joins network of collaborative spaces across the country designed to accelerate ideation, learning and entrepreneurship

Products, Services, and Solutions

U.S. Department of Defense Information Network (DoDIN) Supports Digital Resilience by Adding RedSeal Platform to its Approved Products List (APL) (GlobeNewswire News Room) Thorough testing from Joint Interoperability Test Command (JTIC) and DoD Interoperability (IO) certifies RedSeal is secure, trusted and approved to model and monitor U.S. Army, Navy, Air Force, Marine Corps and DISA networks

ST Engineering and SafeRide Technologies Announce Strategic Partnership to Protect Connected and Autonomous Vehicles from Cyberattack (PR Newswire) T Engineering, a global technology, defense and...

NY Department of Financial Services Grants Cryptocurrency License to Square (New York Law Journal) The state’s top financial regulator said that the company founded by Twitter Inc. CEO Jack Dorsey had obtained the license giving New York residents the ability to buy and sell bitcoin through its Cash App.

Technologies, Techniques, and Standards

Sponsored: Automate and Orchestrate Your Cybersecurity Processes (ThreatConnect)

Early detection of compromised credentials can greatly reduce impact of attacks (Help Net Security) Increases in cybercriminal success rates suggest that the credential theft industry is growing in the European region both in innovation and scope.

Cyber X-Games 2018 focuses on critical infrastructure (DVIDS) Cyber X-Games 2018 brought 72 participants from various U. S. Army Reserve cyber and network defense units, Air Force cyber and network operations centers (squadrons), ROTC Cadets and civilian network and cyber professionals from government contractor entities June 9-18 to the University of Texas at San Antonio (UTSA).

Design and Innovation

Sponsored: Closing the Last Gap in Data Security: Protecting Data in Use (Enveil) Industry analyst firm 451 Research highlights how startup Enveil tackles the encryption-in-use problem with a new take on homomorphic encryption.

Research and Development

Carbon Nanotube Optics Poised to Provide Pathway to Optical-Based Quantum Cryptography and Quantum C (EurekAlert!) Depiction of a carbon nanotube defect site generated by functionalization of a nanotube with a simple organic molecule.  Altering the electronic structure at the defect enables room-temperature single photon emission at telecom wavelengths.

‘Gaming disorder’ is officially recognized by the World Health Organization (TechCrunch) Honestly, “gaming disorder” sounds like a phrase tossed around by irritated parents and significant others. After much back and forth, however, the term was just granted validity, as the World Health Organization opted to include it in the latest edition of its Internal Classification of Diseases. …

Legislation, Policy, and Regulation

NATO cyber team to add another teammate (Fifth Domain) Romania will join the NATO’s cyber training and research center next year, according to the country’s prime minister.

U.S. lawmakers warn Canada about Chinese telecom giant Huawei (The Globe and Mail) Senior members of U.S. intelligence committees say Huawei is a national-security threat to a network of Canada’s allies

China's Huawei rebuts Australian security concerns (Reuters) Chinese telecoms equipment maker Huawei Technologies has refuted Australian claims it poses a security risk, calling the criticism "ill-informed" in an open letter that threatens to inflame already heightened Sino-Canberra tensions. Thuy...

Senate Rebukes Trump With Vote to Reinstate ZTE Sales Ban (Wall Street Journal) The measure was wrapped in a larger, must-pass defense bill, which will need to be reconciled with House version

Republicans and Democrats can unite—against helping this one Chinese company (Quartz) A bipartisan majority in the Senate voted for revoking a lifeline to tech giant ZTE.

Trump's ZTE deal in doubt as US Senate votes to reject the compromise (Computing) Trump vows to oppose amendment to National Defense Authorization Act that would block ZTE deal

Analysis | The Cybersecurity 202: Senate defense bill pushes Trump to get tougher on Russian hacking (Washington Post) But it may have little impact on Trump's policy.

America has reason to remember its consumer protection tradition when it comes to privacy (TheHill) The United States has a long history of consumer protection and product safety, led by government, nonprofit organizations, businesses and individuals.

Litigation, Investigation, and Law Enforcement

Ex-CIA employee charged in major leak of agency hacking tools (Washington Post) Joshua Adam Schulte was charged under the Espionage Act in connection with the leak of tools that were posted online by WikiLeaks.

Ex-CIA engineer charged with massive leak to WikiLeaks (POLITICO) Schulte the fourth person to face charges related to classified leaks since Trump took office.

Joshua Adam Schulte Charged with the Unauthorized Disclosure of Classified Information and Other Offenses Relating to the Theft of Classified Material from the Central Intelligence Agency (US Department of Justice) John C. Demers, Assistant Attorney General for National Security, Geoffrey S. Berman, United States Attorney for the Southern District of New York, and William F. Sweeney Jr., Assistant Director-in-Charge of the New York Field Office of the Federal Bureau of Investigation (“FBI”), announced today that Joshua Adam Schulte was charged in a 13-count Superseding Indictment (the “Indictment”) in connection with his alleged theft of classified national defense information from the Central Intelligence Agency (“CIA”) and the transmission of that material to an organization that purports to publicly disseminate classified, sensitive, and confidential information (“Organization-1”).  The Indictment also charges Schulte with the receipt, possession, and transportation of child pornography, as well as criminal copyright infringement.  Schulte, who is presently detained on the child pornography charges, will be arraigned by U.S. District Judge Paul A. Crotty.

Man who allegedly gave Vault 7 cache to WikiLeaks busted by poor opsec (Ars Technica) FBI used passwords used on suspect's cellphone to also get into his computer.

House lawmakers to press Justice Dept. inspector general on Clinton probe report (Washington Post) Michael Horowitz speaks to Congress in a second hearing about politicization at the FBI.

Comey refuses to testify to Congress, Grassley says McCabe pleads Fifth Amendment (The Washington Times) Fired FBI Director James Comey refused to appear before Congress on Monday to talk about his handling of the Clinton email investigation, and his fired deputy, Andrew McCabe, asserted his Fifth Amendment rights against self-incrimination.

Opinion | Yet another Russia contact with the Trump campaign team. What are they hiding? (Washington Post) Roger Stone and Michael Caputo said they never had contact with Russians. But they had.

The Man Who Saw the Dangers of Cambridge Analytica Years Ago (WIRED) Researchers at the Psychometrics Centre knew better than most how Facebook data can be manipulated, but investigations and suspensions have halted their work.

S.Africa's Information Regulator seeks meeting with Liberty over... (Reuters) South Africa's Information Regulator said on Monday it was concerned over reports of a data breach at Liberty Holdings and had requested an urgent meeting with the insurer's CEO to get more details on the cyber attack.

Audi CEO connected to diesel scandal arrested in Germany after phone taps (Ars Technica) The arrest comes a week after Rupert Stadler's home was raided.

OPM breach fraud (Help Net Security) The data breach suffered by the Office of Personnel Management (OPM) is, by now, very old news, but some of the people involved and affected are still feeling the repercussions.

Woman Guilty of Fraud Using Stolen Info from OPM Data Breach (US Department of Justice) A Maryland woman pleaded guilty today to participating in a scheme to use the stolen identification information of victims of the U.S. Office of Personnel Management (OPM) data breach to obtain fraudulent personal and vehicle loans through Langley Federal Credit Union (LFCU).

Mass. Man Pleads Guilty in ATM Jackpotting Operation (Dark Reading) Citizens Bank ATM and others targeted in the scheme.

7 Time 'Jeopardy!' Winner Pleads Guilty to Hacking Into the Email of Students and Faculty (Motherboard) I’ll take “unauthorized access to a computer system” for $500, Alex.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

The Air Force Information Technology & Cyberpower Conference (Montgomery, Alabama, USA, August 27 - 29, 2018) As the premiere Air Force cyber security annual event, the Air Force Information Technology & Cyberpower Conference (AFITC) returns to Montgomery, Alabama in August of 2018. As a critical intersection...

Upcoming Events

Norwich University Cyber Security Summit (Northfield, Vermont, USA, June 18 - 20, 2018) Norwich University’s College of Graduate and Continuing Studies (CGCS) is pleased to announce the second annual Cyber Security Summit in June 2018. The summit, presented in a continuing education format,...

Insider Threat Program Management With Legal Guidance Training Course (Tyson's Corner, Virginia, USA, June 19 - 20, 2018) This training will provide the ITP Manager, Facility Security Officer, and others (CIO, CISO, Human Resources, IT, Etc.) supporting an ITP, with the knowledge and resources to develop, manage, or enhance...

GovSummit (Washington, DC, USA, June 27 - 28, 2018) GovSummit -- the government security conference hosted annually by the Security Industry Association -- brings together government security leaders with private industry technologists for top-quality information...

The Cyber Security Summit: DC Metro (Tysons Corner, Virginia, USA, June 28, 2018) Learn from cyber security experts from The U.S. Department of Justice, The NSA, Pulse Secure, CenturyLink and more as they brief you on the latest security threats facing your business. This event is...

Impact Optimize2018 (Rosemont, Illinois, USA, June 28, 2018) Impact Optimize2018, the first-ever IT and Business Security Summit hosted by Impact, will provide attendees with actionable steps that enable the betterment of information, network and cybersecurity.

Nuclear Asset Information Monitoring and Maintenance (Warrington, England, UK, July 3 - 4, 2018) On July 3rd and 4th in Warrington United Kingdom, nuclear industry leaders will meet for the IoE Events Nuclear Asset Information, Monitoring and Maintenance conference to further develop the sector’s...

Cyber Security Summit 2018 (Newport, Rhode Island, USA, July 18 - 20, 2018) Join us for Opal Group’s Cyber Security Summit – set in Newport, RI, this premier event will gather C-Level & Senior Executives responsible for defending their companies’ critical infrastructures together...

The Cyber Security Summit: Seattle (Seattle, Washington, USA, July 19, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Health Cybersecurity Summit 2018 (Santa Clara, California, USA, July 20, 2018) Worried about being hacked? Not sure how to respond to a cyber incursion? The first line of defense is a cyber threat preparedness strategy that includes coordination with critical infrastructure and emergency...

Global Cyber Security Summit (Kathmandu, Nepal, July 27 - 28, 2018) Information Security Response Team Nepal (NPCERT) is all set to host a Global Cyber Security Summit (GCSS) on July 27 with the theme “Building Global Alliance for Cyber Resilience”. The two-day event aims...

SINET61 2018 (Melbourne, Victoria, Australia, July 31 - August 1, 2018) Promoting cybersecurity on a global scale. SINET – Melbourne provides a venue where international solution providers can engage with leaders of government, business and the investment community to advance...

Community College Cyber Summit (3CS) (Gresham, Oregon, USA, August 2 - 4, 2018) 3CS is the only national academic conference focused on cybersecurity education at community colleges. Who should attend 3CS? College faculty and administrators, IT faculty who are involved or who would...

2018 Community College Cyber Summit (3CS) (Gresham and Portland, Oregon, USA, August 2 - 4, 2018) 3CS is organized and produced by the National CyberWatch Center, National Resource Center for Systems Security and Information Assurance (CSSIA), CyberWatch West (CWW), and Broadening Advanced Technological...

2nd Billington Automotive Cybersecurity Summit (Detroit, Michigan, USA, August 3, 2018) The 2nd summit on August 3 in Detroit, MI will be the top leadership summit on auto cybersecurity convening a who’s who of speakers in the automotive cybersecurity ecosystem. The inaugural summit included,...

2nd Billington Automotive Cybersecurity Summit (Detroit, Michigan, USA, August 3, 2018) The 2nd summit on August 3 in Detroit, MI will be the top leadership summit on auto cybersecurity convening a who’s who of speakers in the automotive cybersecurity ecosystem. The inaugural summit included,...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.