skip navigation

More signal. Less noise.

Are you investing wisely in threat intelligence?

Download this free guide from Recorded Future to learn the 11 questions you must answer before buying threat intelligence.

Daily briefing.

University researchers in Hungary (at the Laboratory of Cryptography and System Security (CrySyS Lab) of the Budapest University of Technology and Economics) have announced the results of their study of the Shadow Brokers' leak of what are said to be NSA hacking tools. Their most interesting conclusions are that the tools in the "Territorial Dispute" modules were particularly adapted to discerning the activities of competing state intelligence services. WIRED looks at the Shadow Brokers' leaks and particularly laments the widespread dissemination of EternalBlue.

Corero says it's found a "kill switch" that can turn off memcache exploitation for denial-of-service purposes. They mix this good news with some bad: the vulnerability that can be used for DDoS also could enable attackers to steal or modify data on affected servers.

The Dutch Tax Authority sustained another distributed denial-of-service attack yesterday. The disruption lasted about five hours. The previous DDoS attack was in January; the suspect in that case was taken into custody last month. He said he did it for the lulz. No attribution yet in yesterday's attack.

CERT-In, India's Computer Emergency Response Team, reported to Parliament that more than twenty-thousand of the country's websites (including one-hundred-fourteen government sites) were attacked between last April and this past January.

FBI Director Wray resumed the Bureau's longstanding pleas for a non-backdoor backdoor.

The attempted assassination of a former GRU officer and his daughter in the UK appears to have used a nerve agent. The victims (including at least one first responder) remain in serious condition.

Notes.

Today's issue includes events affecting Australia, China, European Union, Hungary, India, Netherlands, Russia, United Kingdom, United States.

A note to our readers: the CyberWire is happy to have been chosen as a finalist for the Maryland Cybersecurity Diversity Award (and the Cybersecurity Association of Maryland's People's Choice Award). You can find out more about the awards (and how to vote for us, if you'd like) here.

How seamlessly is your data ingested across vendors?

To successfully fend off increasingly sophisticated cyber attacks, organizations need security tools that work effectively and efficiently across vendors. Join LookingGlass’ webinar with IBM and Cisco overviewing how STIX/TAXII2 standards-based technologies support solving those challenges in a new and effective manner. Sign up now!

In today's podcast, David Dufour from our partners at Webroot discusses vulnerabilities in cryptocurrency markets. Our guest is Richard Henderson from Absolute Software on protecting against insider threats.

How to Sell Your Cyber Startup's Software to Large Fortune 500 Companies (Fulton, Maryland, USA, March 15, 2018) Joe Silva, VP Cyber Threat & Intelligence at TransUnion, will share his perspective on how large Fortune 500 companies approach buying software from cyber start-ups. Early stage founders and technology innovators come to learn, network & enjoy free food & beverages.

Billington International Cybersecurity Summit (Washington, DC, USA, March 21, 2018) Billington International Cybersecurity Summit, March 21, Washington, D.C. Cybersecurity leaders from Asia, Europe, the Middle and U.S. on global threats and best practices, including Acting DoD CIO and Singapore Cyber Commissioner-designate. Sponsor Opportunities: Sandy Nuwar at 443-994-9832

Cyber Security Summits: Denver on March 22 & May 15 in Dallas (Denver, Colorado, USA, March 22, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, Darktrace, IBM and more. Register with promo code cyberwire50 for half off your admission (Regular price $350) https://CyberSummitUSA.com

Third Annual Cyber Investing Summit 5/15/18 (New York, New York, USA, May 15, 2018) Renowned cyber security executive David DeWalt will deliver the keynote address at the Third Annual Cyber Investing Summit. The Cyber Investing Summit is a unique all-day conference focused on the financial opportunities available in the rapidly growing cyber security industry. Panels will explore sector investment strategies, market growth forecasts, equity valuations, merger and acquisition activity, cryptocurrency protection, funding for startups, and more. Speakers include leading Chief Information Security Officers, VC founders, financial analysts, cyber security innovators from publicly traded and privately held companies, and government experts.

Dateline SINET ITSEF

SINET ITSEF 2018: The current state of cybersecurity. (The CyberWire) SINET ITSEF takes as its mission "bridging the gap between Silicon Valley and the Beltway," convening leaders in technology, investment, government, and business to discuss challenges and opportunities in cybersecurity. Panels and workshops take up questions of immediate and enduring concern to the security industry and its stakeholders.

The state of the industry (The CyberWire) Jerry Archer, Senior Vice President and Chief Security Officer, Sallie Mae, was honored as the recipient of the first SINET Impact Award. He and SINET CEO Robert Rodriguez discussed the state of the industry. Archer offered some particularly interesting observations on MIST as the future of cybersecurity.

RiskSense CEO to Discuss the Need for Bug Bounty Reform at SINET ITSEF 2018 (PR Newswire) RiskSense®, Inc., the pioneer in intelligent...

Cyber Trends

Ransomware Trends to Watch in 2018 (Recorded Future) While it won’t be as big of a menace in 2018, ransomware will continue to be a threat. Some industries will continue to be heavily targeted and there will likely be more state-sponsored disruption campaigns.

Cyberspace is the New Battlespace (Lawfare) Remarks at the 2018 Boston Conference on Cybersecurity.

FBI Director tells Boston College gathering that cyber threats ‘coming at us from all sides.’ (Boston Globe) FBI Director Christopher Wray said in a highly anticipated speech at Boston College that the FBI and its partners are worried about a widening range of threats.

SonicWall Cyber Threat Report Illustrates Intense Cyber Arms Race (CRN - India) SonicWall announced research and intelligence findings from its 2018 Cyber Threat Report. In sum, the company recorded 9.32 billion malware attacks in 2017 and saw more than 12,500 new Common Vulnerabilities and Exposures (CVE) reported for the year. “The cyber arms race affects every government, business, organization and individual. It cannot be won by any …

Study: 92 Percent of Health Care Organizations Leave SSH Key Privileged Access Unmanaged and Unsecured (Venafi) According to Venafi’s research, even though SSH keys provide the highest levels of administrative access, they are routinely untracked, unmanaged and poorly secured in health care organizations

Businesses Under Pressure - Employees Want Same Simple Access to Cloud Applications as Consumers, Finds Gemalto (BusinessWIre) New research from Gemalto, the world leader in digital security, found that the proliferation of cloud applications and use of a disparate range of de

Products, Services, and Solutions

New Forcepoint Human-Centric Security Innovations Accelerate Digital Transformation and Lower Risk (Forcepoint) Forcepoint Web Security adds additional CASB functionality with real-time, inline visibility and control of sanctioned enterprise cloud applications Forcepoint Web Security and Email Security available with industry-first single pricing model for SaaS, hybrid or on-premises deployments for budget flexibility Forcepoint V20000 appliance for Web, Email and Data Security delivers twice the performance of existing model, with support for more than 8,000 users

Aqua 3.0 Delivers Runtime Security for “Zero Infrastructure” Container-as-a-Service Environments (Aqua) Aqua Security’s patent-pending MicroEnforcer™ technology protects containers from within, reducing the dependency on a host environment Boston, MA – March 7, 2018 – Aqua Security, the market-leading platform provider for securing container-based and cloud-native applications across their entire lifecycle, today announced the availability of version 3.0 of its platform, featuring a new, patent-pending technology that …

Aqua 3.0 Introduces Kubernetes-Native Enterprise Security Controls (Aqua) Latest release builds on current Kubernetes capabilities to enhance security, further deepening Aqua’s cross-platform support for cloud-native application security Boston, MA – 7 March 2018 – Aqua Security, the market-leading platform provider for securing container-based and cloud-native applications, today announced the availability of version 3.0 of its platform featuring new security automation and controls for …

Threat Stack Enhances Integration Framework to Unify Security and Operations Teams (BusinessWire) Threat Stack, provider of the industry’s most comprehensive intrusion detection platform for cloud, hybrid-cloud, and on-premise environments, today a

McAfee Launches Security Platform for Azure Cloud (SecurityWeek) McAfee Skyhigh Security Cloud for Azure offers five use cases for Azure users: configuration and compliance audit, activity monitoring, threat protection, DLP, and account management.

WISeKey's Authentication IoT Blockchain Technology Adapted to Improve Gun-Control (GlobeNewswire News Room) WISeKey International Holding Ltd ("WISeKey"), (SIX: WIHN) a cybersecurity IoT platform company, today announced that its WISeAuthentic IoT Blockchain technology solution has been adapted to provide safer gun-control measures through a trusted blockchain ledger that digitally certifies, identifies and tracks the gun during its life cycle.

DigiCert Selected to Provide Root CA for AeroMACS (DigiCert) DigiCert Inc., the leading global provider of scalable identity and encryption solutions for the enterprise, today announced at the World ATM Congress in Madrid that it has been selected to host the Root CA for Aeronautical Mobile Airport Communication System (AeroMACS), the only wireless technology that has been validated by …

State Of Maryland To Assess The Reliability And Security Of Its 911 Network Infrastructure (PR Newswire) Mission Critical Partners (MCP), a leading provider of consulting...

Lockheed Martin unveils cyber war-fighting platform (Fifth Domain) Lockheed Martin unveiled its pitch for Cyber Command's unified platform.

Cellebrite Delivers Major Enhancements to Analytics Product Family to Make Digital Evidence More Actionable for Investigators and Prosecutors | Government Security News (GSN) Cellebrite, the leading provider of digital intelligence solutions, today announced key usability enhancements

Design and Innovation

‘Deep Voice’ Software Can Clone Anyone's Voice With Just 3.7 Seconds of Audio (Motherboard) Using snippets of voices, Baidu's ‘Deep Voice’ can generate new speech, accents, and tones.

Research and Development

Scientists claim major quantum computing milestone after getting two silicon qubits to communicate with each other (Computing) Scientists in Australia have found a way to pair two quantum qubits

Google Engineers Think This 72-Qubit Processor Can Achieve Quantum Supremacy (Motherboard) ”We are cautiously optimistic that quantum supremacy can be achieved with Bristlecone.”

Google Researchers Are Learning How Machines Learn (New York Times) So-called neural networks have greatly advanced artificial intelligence. But understanding how computers make their decisions can be difficult.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

KNOW Identity Conference 2018 (Washington, DC, USA, March 26 - 28, 2018) The premier global event for the identity industry, the KNOW Identity Conference is the nexus for identity innovation, offering a uniquely differentiated, powerful, and immersive event that convenes the...

Upcoming Events

AFFIRM and USCC 5th Annual Cybersecurity Summit (Arlington, Virginia, USA, March 8, 2018) The 5th Annual Cybersecurity Summit is a place for important discussions about the challenges with cyber-security and is also a significant benefit both for the AFFIRM scholarship program, which helps...

PCI Security Standards Council Middle East and Africa Forum (Cape Town, South Africa, March 14 - 15, 2018) Don’t miss the data security event of the year for the payment card industry. Join us for: networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes...

SecureWorld Boston (Boston, Massachussetts, USA, March 14 - 15, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Cyber 9-12 (Washington, DC, USA, March 16 - 17, 2018) Now entering its fifth year, the Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges...

Infosecurity Magazine Spring Virtual Conference (Online, March 21, 2018) Tune in on Wednesday March 21 for day two of our two-day online event to learn what’s going on at the heart of the industry. Our easy to digest format offers a mix of short sessions, panel debates and...

3rd Annual Billington International Cybersecurity Summit (Washington, DC, USA, March 21, 2018) With confirmed speakers from Estonia, Romania, Singapore, Sweden, the United States, and Kuwait, and with attendees from many more countries, this summit brings together world-class cybersecurity thought...

Infosecurity Magazine North America Virtual Conference (Online, March 21 - 22, 2018) Tune in on Wednesday March 21 for day two of our two-day online event to learn what’s going on at the heart of the industry. Our easy to digest format offers a mix of short sessions, panel debates and...

The Cyber Security Summit: Denver (Denver, Colorado, USA, March 22, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Women in CyberSecurity 2018 (Chicago, Illinois, USA, March 23 - 24, 2018) Through the WiCyS community and activities we expect to raise awareness about the importance and nature of cybersecurity career. We hope to generate interest among students to consider cybersecurity as...

Northeast Regional Security Education Symposium (Jersey City, New Jersey, USA, March 23, 2018) The Professional Security Studies Department at New Jersey City University (NJCU) will hold its Northeast Regional Security Education Symposium on Friday, March 23, 2018, from 8 am to 2 pm. The symposium...

SecureWorld Philadelphia (Philadelphia, Pennsylvania, USA, March 28 - 29, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

National Cyber League Spring Season (Chevy Chase, Maryland, USA, March 30 - May 25, 2018) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...

4th Middle East Cyber Security Summit (Riyadh, Saudi Arabia, April 4 - 5, 2018) The summit will feature state of the art presentations, hackathons and technology showcasing from regional and international experts and leading technology providers. One of the focus areas of the summit...

Cybersecurity: A Shared Responsibility (Auburn, Alabama, USA, April 8 - 10, 2018) During the 2018 SEC Academic Conference, we will explore three themes within cyber security: the underlying computer and communication technology; the economic and physical systems that are controlled...

Sea-Air-Space: The Navy League’s Global Maritime Exposition (National Harbor, Maryland, USA, April 9 - 11, 2018) Join us this April for Sea-Air-Space, the largest maritime exposition in the U.S., with 275+ exhibitors displaying the latest in maritime, defense and energy technology. This year’s theme, “Learn. Compete.

2018 Mississippi College Cybersecurity Summit (Clinton, Mississippi, USA, April 10 - 11, 2018) The 2018 Mississippi College Cybersecurity Summit is a conference designed to engage, educate, and raise awareness about cybersecurity across the nation. The 2018 Cybersecurity Summit will provide valuable...

ISC West 2018 (Las Vegas, Nevada, USA, April 11 - 13, 2018) ISC West is THE largest security industry trade show in the U.S. At ISC West, you will have the chance to network with over 30,000 security professionals through New Products & Technologies encompassing...

CYBERTACOS San Francisco (San Francisco, California, USA, April 16, 2018) CYBERTACOS is back and becoming one of the biggest cybersecurity networking events! Register today and join us for networking, food and drinks. This event includes a 45-minute meet the press panel made...

RSA Conference 2018 (San Francisco, California, USA, April 16 - 20, 2018) Take this opportunity to learn about new approaches to info security, discover the latest technology and interact with top security leaders and pioneers. Hands-on sessions, keynotes and informal gatherings...

Our Security Advocates (San Francisco, California, USA, April 17, 2018) OUR Security Advocates highlights a diverse set of experts from across information security, safety, trust, and other related fields. OURSA is a single-track, one-day conference with four topic sessions.

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.