skip navigation

More signal. Less noise.

Are you investing wisely in threat intelligence?

Download this free guide from Recorded Future to learn the 11 questions you must answer before buying threat intelligence.

Daily briefing.

Schneider Electric has patched a vulnerability in its InduSoft Web Studio and InTouch Machine Edition. The products aren't themselves control systems, but rather toolsets used to develop SCADA systems, human-machine interfaces, and applications that connect automated systems. The bug, discovered and disclosed by Tenable, is a buffer-overflow issue that could be exploited to execute arbitrary code.

NetScout's Arbor Networks reported a possible backdoor in LoJack for Laptops, a tool that enables administrators to remotely lock, locate, and remove files from a stolen computer. Five LoJack agents were found to be communicating with four dodgy command-and-control domains, three of which have in the past been associated with Fancy Bear, Russia's GRU. Absolute Software, which makes LoJack for Laptops, says it's been in discussions with Arbor Networks, takes the matter seriously and is investigating, but doesn't believe its customers are at risk.

Travel reward points are relatively easy to monetize, and they're being sold in Russian-language dark web souks. Botnet operators often pick up such credentials incidentally in the course of other illicit activities, and for the most part they sell them to other criminals.

Becton Dickinson has advised that its medical devices using WPA2 encryption are vulnerable to KRACK key reinstallation attacks. This general Wi-Fi problem isn't confined to medical systems, but Becton Dickinson has issued a fix. And the US FDA has ordered the recall of about 465 thousand St. Jude implantable cardioverter defibrillators for a firmware update.

Today is World Password Day. Do you know where your credentials are? 


Today's issue includes events affecting .

There's a better way to stop data loss. Learn more!

Data loss is a big problem. Every organization that deals with electronic data needs to have a data loss prevention strategy in place. ObserveIT’s white paper, Building a Strategy for the Post-DLP World, explores how organizations have been dealing with data loss to date, why these strategies are failing, and what a better path forward looks like. Get information you need to build a data loss prevention strategy that works for the modern organization. Download your free copy.

In today's podcast we hear from our partners at the University of Maryland's Center for Health and Homeland Security, as Ben Yelin takes up the creepy and unpleasant topic of determining who’s responsible when an AI kills someone. (Dave Bowman, call your office.) Our guest,  Edna Conway from Cisco, discusses pervasive security architecture and third-party risk.

HackNYC2018 (New York, New York, United States, May 8 - 10, 2018) Cyber attacks are often called non-violent or non-kinetic attacks, but the simple truth is that there is a credible capability to use cyber attacks to achieve kinetic effects. Kinetic Cyber refers to a class of cyber attacks that can cause direct or indirect physical damage, injury or death solely through the exploitation of vulnerable information systems and processes. Use code CWIRE20 for 20% off the $50.00 individual ticket price.

Cyber Security Summits: May 15 in Dallas & Boston on June 5 (Dallas, Texas, United States, May 15, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, CenturyLink, IBM Security and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350)

Third Annual Cyber Investing Summit 5/15/18 (Dallas, Texas, United States, May 15, 2018) Renowned cyber security executive David DeWalt will deliver the keynote address at the Third Annual Cyber Investing Summit. The Cyber Investing Summit is a unique all-day conference focused on the financial opportunities available in the rapidly growing cyber security industry. Panels will explore sector investment strategies, market growth forecasts, equity valuations, merger and acquisition activity, cryptocurrency protection, funding for startups, and more. Speakers include leading Chief Information Security Officers, VC founders, financial analysts, cyber security innovators from publicly traded and privately held companies, and government experts.

Cyber Attacks, Threats, and Vulnerabilities

Tenable Research Advisory: Critical Schneider Electric InduSoft Web Studio and InTouch Machine Edition Vulnerability (Tenable™) Tenable Research recently discovered a new remote code execution vulnerability in Schneider Electric’s InduSoft Web Studio and InTouch Machine Edition.

Fancy that, Fancy Bear: LoJack anti-laptop theft tool caught phoning home to the Kremlin (Register) Stolen PC locator plays double agent, say researchers

Medical devices vulnerable to KRACK Wi-Fi attacks (Naked Security) Some KRACKs still haven’t been papered over.

Privilege Escalation Bug Lurked in Linux Kernel for 8 Years (SecurityWeek) A security vulnerability in a driver leading to local privilege escalation in the latest Linux Kernel version was introduced 8 years ago, Check Point reveals.

Fake Flash Updates with a side of Domain Shadowing (RiskIQ) Fake Flash download pages have come to be a marker for all manners of malicious activity— exploit kits, Trojans, digital currency miners, phishing, etc.

Botnet Operators Cash in on Travel Rewards Program Credentials (Flashpoint) Specialty shops in the Russian-language underground are advertising login credentials for travel and hospitality rewards program accounts that were likely obtained incidentally while operating a botnet.

The Majority of Travel Booking Sites Fail Basic Security Tests. Here’s How to Protect Yourself (Money) Start implementing these preventative measures now.

A Remote Hack Hijacks Android Phones Via Electric Leaks in Their Memory (WIRED) Dutch researchers have pushed the mind-bending Rowhammer hacking technique one more step towards a practical attack.

Security Holes Make Home Routers Vulnerable (Infosecurity Magazine) Researchers discovered two vulnerabilities in a popular home router used by more than a million people.

Nigerian Email Scammers Are More Effective Than Ever (WIRED) Move over Nigerian Princes. A new generation of "Yahoo boys" are fine-tuning social engineering techniques and targeting small businesses.

What’s so special about the SamSam ransomware? [VIDEO] (Naked Security) SamSam ransomware: fewer victims, but bigger disruption and a higher decryption price if you get caught. Here’s what to do to stay safe.

Shutting out SamSam ransomware (Sophos News) 4 simple tips for improving your protection against targeted ransomware

Ransomware ‘Gold Rush’ looks finished, but threat remains warns F-Secure (TechSource International) A new F-Secure report finds that ransomware attacks exploded in 2017 thanks to WannaCry, but a decline in other types of ransomware signals a potential shift in

5 things to know about the cyber attack on Knox Co. election commission (WBIR) The most important thing to note---- the cyber attack did not impact the voting results in Knox County. It just delayed them getting to the public.

Security Patches, Mitigations, and Software Updates

Schneider Electric Patches Critical RCE Vulnerability (Threatpost) Researchers found a critical remote code execution vulnerability afflicting two Schneider Electric products that could give attackers to disrupt or shut down plant operations.

Heart Implants Recalled over Hack Fears (Computer Business Review) The US FDA has recalled an estimated 465,000 ICD a small device used to help treat irregular heartbeats – for firmware updates.

Product security bulletin for WPA2 "KRACK" Wi-Fi Vulnerability (Becton Dickinson) BD is monitoring the developing situation with a recently disclosed set of vulnerabilities found in the WPA2 protocol...

Microsoft patches Docker remote code execution bug (iTnews) No evidence of public exploit.

Microsoft Working on a Fix for Windows 10 Meltdown Patch Bypass (BleepingComputer) Microsoft's patches for the Meltdown vulnerability have had a fatal flaw all these past months, according to Alex Ionescu, a security researcher with cyber-security firm Crowdstrike.

Cyber Trends

Cybercriminals are exposing oil and gas — but the industry is turning a blind eye (Business Insider) The oil gas industry is one of the most targeted industries by cyber threats. But the industry has been turning a blind eye to the issue, spending almost nothin

The existing focus on control system cyber security is not appropriate (Control Global) The focus of control systems is reliability, availability, productivity, and safety which is directly affected by field devices such as process sensors, actuators, and drives. Yet the focus of cyber security has been on networks and data. There is also a lack of understanding of control systems.

Forcepoint VP says no automatic fix to rising cyber threats (The Economic Times) Forcepoint has unveiled what it calls a risk-adaptive protection solution that assesses risk and automatically provides proportional enforcement that can be dialed up or down.

Automation Exacerbates Cybersecurity Skills Gap (Dark Reading) Three out of four security pros say the more automated AI products they bring in, the harder it is to find trained staff to run the tools.

Two-Thirds of IT Professionals Believe Their Endpoint Security Tools Won't Prevent a Major Attack (Security Intelligence) According to a recent survey, two-thirds of security professionals believe their endpoint security tools are insufficient to protect their organizations from malware.

Fifty-Two Percent of Europeans are Open to Federated Identification, Finds Unisys Survey (PR Newswire) According to a new survey from Unisys Corporation (NYSE: UIS),...


Cambridge Analytica announces closure (CNN) Cambridge Analytica, the embattled data firm that worked on Donald Trump's 2016 presidential campaign, announced it is shutting down operations.

Firefox isn’t adding ads, it’s ‘sponsored content’ (Naked Security) Mozilla promises all the revenue-generating analytics, none of the privacy-skewering.

Insuring Uncle Sam’s cyber risk (CSO Online) The insurance sector needs to have panel members that are already cleared and approved by the DoD in advance of a cyber incident being reported and arguably before coverages are agreed upon within the four corners of an insurance policy.

Trusted Key Closes New Funding to Accelerate Secure Digital Identity Adoption (BusinessWire) Trusted Key Solutions Inc., a blockchain-based secure digital identity company, today announced that it has raised $3 million (USD) as part of a seed

Carbon Black IPO: 5 things to know about the cloud-based cybersecurity company (MarketWatch) Cybersecurity company Carbon Black Inc. is looking to be the next big tech IPO on Friday, as 2018 has seen a big revival in tech startups going public, especially those that are focused on cloud-based product offerings.

CACI takes $407M CDM cyber task order (Washington Technology) CACI International wins a potential $407.2 million task order to help implement cybersecurity tools as part of the government-wide Continuous Diagnostics and Mitigation program.

Ways for MSSPs to Survive in the New Infosec Age (Infosecurity Magazine) To remain competitive, MSSPs must change their mindsets to do more with less.

Here’s the Steve (not Jobs) who should have been mentioned at Maryland’s big cyber groundbreaking (Washington Business Journal) Without the efforts of this particular Steve, Gov. Larry Hogan probably doesn’t get away with proclaiming Maryland “the cyber capital of America."

Comodo Cybersecurity Names Steve Subar President and Chief Executive Officer (PR Newswire) Comodo Cybersecurity, a leader in innovative cybersecurity solutions,...

Attivo Networks® Expands Senior Leadership Team, Announces Steve Troyer as New Vice President of Business Development (Business Insider) Attivo Networks®, the leader in deception solutions for cybersecurity defense, today named Steve Troyer ...

Risk Intelligence recruits execs from Cobham and Maersk (ShippingWatch) Security analyst firm Risk Intelligence establishes a new organization. Employees from Cobham and Maersk Line are the first of a series of hires in the months to come, CEO Hans Tino Hansen tells ShippingWatch.

Zscaler Announces Departure of COO; Provides Date for Third Quarter Earnings Release (GlobeNewswire News Room) Zscaler, Inc. (NASDAQ:ZS), the leader in cloud security, today announced that William Welch has resigned as the company’s chief operating officer. Mr. Welch will remain with the company through May 14, 2018.

Centrify Hires Industry Veteran Mike Mooney as Chief Revenue Officer (BusinessWire) Centrify today announced that it has appointed Mike Mooney as Chief Revenue Officer.

Products, Services, and Solutions

SecBI to Support Orange Polska in Augmenting Its Managed Cyber Services (PR Newswire) SecBI, a disruptive player in automated cyber threat...

Ever AI Extends Product Suite with First U.S. Based Liveness Detection Offering (GlobeNewswire News Room) New features improve security for enterprise authentication and digital payments customers

Comodo CA and DonDominio Partner in Spain to Deliver a Unified Platform for Managing Domains, Hosting Plans and TLS/SSL Security (GlobeNewswire News Room) Spanish market sees an increased need for EV certificates due to the exponential growth in phishing attacks; EV certificates identify legitimate sites

FHOOSH Advances Government/Defense Cybersecurity Focus With Addition of Custom High-Speed Accelerator Kit, New Expert Advisor (PRWeb) High-speed cybersecurity leader FHOOSH™, Inc. has released its Government/Defense Custom Accelerator Kit to jumpstart government, military and first responder team

Iron Mountain Introduces Iron Cloud Critical Protection and Recovery to Safeguard High-value Data (PR Newswire) Iron Mountain Incorporated® (NYSE: IRM), the global leader in storage and...

NorthState Technology Solutions Introduces Multi-Cloud Exchange (PR Newswire) NorthState Technology Solutions, a secure cloud and IT solutions...

Streamr and Fysical to partner to reshape human location data market (Medium) One of the world’s largest providers of human location data to the advertising industry is changing its business model in the wake of the…

Comprehensive OT Cybersecurity from Nozomi Networks & Fortinet (Nozomi Networks) At the RSA Conference in San Francisco, many CISOs and IT leaders shared that OT risk management, defense and resiliency topped their must-have list. Nozomi Networks and Fortinet deliver one ‘knock-out’ IT/OT cybersecurity solution for network and operational visibility, risk assessment, and proactive defense. Read on to see how it tackles two of the most common OT use cases.

Virtustream Makes Security Risk Management SaaS-Y With Viewtrust (SDxCentral) Cloud company Virtustream launched a software-as-a-service (SaaS) version of its risk management and compliance monitoring product Viewtrust. The move exten

Thinfilm debuts CNECT Blockchain Services for product provenance, supply-chain traceability, secure transfer of ownership (Computer Technology Review) Thin Film Electronics ASA launched on Wednesday CNECT Blockchain Services to enable product traceability and secure transfer of ownership capabilities in the CNECT Cloud Platform.

ESET's Free Cybersecurity Awareness Training Program Now Gamified (IT News Online) ESET announced that the latest version of its free ESET Cybersecurity Awareness Training program now includes new interactive and

British port deploys AI system to keep attackers at bay (Computing) Port IT chief claims that conventional cyber security methods are no longer working

Technologies, Techniques, and Standards

Why a NATO team defended a made-up country’s infrastructure (Fifth Domain) NATO is working on coordinating its cyber defense across the alliance. But is the organization too large to effectively respond to cyber attacks?

ECB designs cyber attack simulation for financial firms (Reuters) The European Central Bank has designed a new test simulating cyber attacks on banks, stock exchanges and other firms that are critical for the functioning of the financial system, it said on Wednesday.

The critical need for automation in agency cyber defense (GCN) With a system of integrated, orchestrated security solutions, agencies can shorten the time to detection so that forensic analysis can begin immediately and defenses hardened.

USAF expects challenge in certifying modernised nuclear weapon systems for cyber age (Jane's 360) The USAF expects a challenge with certifying revamped nuclear weapon systems for cyber. Its legacy ICBMs, aircraft, and cruise missiles were certified long before the internet era.

Industry CMO on the Downstream Risks of "Logo Disclosures" (SecurityWeek) Failures in the coordinated approach to vulnerability disclosures can seem attractive from an initial marketing perspective, but are damaging to both the industry and its users.

Who’s in Charge of IoT Security? The Role of the CSO Referee (Data Center Knowledge) IoT is creating a push-pull environment within organizations, with operations pushing to take advantage of IoT-enabled technology and IT pulling back due to security concerns.

5 Critical Reasons Why SMBs Should Outsource Tech Support (TechStory) Deciding to outsource is a big decision, which can save at least 40% of your costs over a period. Here are 5 critical reasons why SMBs should outsource tech support.

Design and Innovation

​Windows 10: We're going to kill off passwords and here's how, says Microsoft (ZDNet) Microsoft wants to banish '​inconvenient, insecure, and expensive' passwords. So what's going to replace them?

Five reasons to kill off passwords as we know them (Future Five) Centrify, a provider of Zero Trust Security are calling for the end of password protection.

Your next bank card will have a fingerprint scanner built-in (WIRED UK) Mastercard says it is ready to issue thousands of biometric bank cards as its fingerprint scanners become useful

Machine learning use case to ID unhappy employees (SearchCIO) A machine learning use case at Telus International is helping the IT services company better predict who might be on the verge of quitting.

Ludwig Wittgenstein was one of the great 20th-century philosophers. He also invented the emoji (Quartz) Eighty years ago, philosopher Ludwig Wittgenstein had a brainwave.

iPhone’s weirdest glitch yet: Ask Siri to define “mother” twice, learn a bad word (Ars Technica) Hint: Four syllables, rhymes with "other shucker."

Research and Development

Companies Grapple With AI’s Opaque Decision-Making Process (Wall Street Journal) Artificial intelligence is becoming more pervasive as companies look to drive innovation and competitive advantage, but some executives say they are coming up against a big challenge: advanced AI systems are not able to explain how they make decisions.

What the Pentagon is learning from its massive machine learning project (C4ISRNET) Project Maven has already deployed in five or six locations across Africa and the Middle East. Here's what officials are learning from those deployments so far.

Facial Recognition for Robots Advances With AI, Machine Learning (Robotics Business Review) Software improvements and better vision are helping facial recognition grow beyond security use cases. Future robots will not only know who you are, but how old you are, your gender, and emotional state to provide better service.


NYU and NY Cyber Command team up to offer cheap cybersecurity education and training (SC Media US) Earlier this year NYU Tandon School of Engineering and New York's Cyber Command joined forces to announce one of the country's most affordable Cybersecurity Master's Degree in the form of its NY Cyber Fellows program.

Legislation, Policy, and Regulation

Trump administration may throw out PPD-20, the approval process for cyber warfare (Cyberscoop) The White House is looking to rescind PPD-20, a memorandum that helps guide the use of government-backed hacking operations.

Russian government strengthening national cyber-security prior to World Cup (SC Media UK) The Russian government, together with the national special services, is continuing strengthening the country's cyber-security prior to the World Cup.

U.S. Weighs Curbs on Chinese Telecom Firms Over National-Security Concerns (Wall Street Journal) The Trump administration is considering executive action that would restrict some Chinese companies’ ability to sell telecommunications equipment in the U.S., based on national-security concerns.

How the U.S. Government Learned to Stop Worrying About The Global Internet and Kicked Russians Off Its Networks ( The Obama administration was willing to accept some risks to keep global tech markets free and flowing. That era’s over.

McCain book: US should consider cyberattack to punish Putin (Defense News) In his book, set to launch later this month, Sen. John McCain says it’s time for America to go on the offensive in the information war with Russia.

Tech giants hit by NSA spying slam encryption backdoors (ZDNet) The tech coalition includes Apple, Facebook, Google, Microsoft, and Verizon and Yahoo's parent company Oath — all of which were hit by claims of complicity with US government's surveillance.

Lawyers, security specialists sort through Privacy Shield impact on new EU data rule (Inside Cybersecurity) The impact of the U.S.-European Union Privacy Shield on companies' compliance with the separate EU General Data Protection Regulation -- taking effect on May 25 -- continues to be a matter of debate and speculation among corporate security professionals and attorneys as GDPR implementation nears.

Should I retweet this? What does the Hatch Act say? ( The federal agency that enforces compliance with the Hatch Act offers new guidance to federal employees on the use of political commentary in social media.

A new leader for Army Cyber Command (Fifth Domain) Maj. Gen. Stephen Fogarty was nominated to be the next commander of Army Cyber Command.

Litigation, Investigation, and Law Enforcement

Russia Isn’t Just Interfering in Elections Around the World. It’s Doing Something Far Worse (Atlantic Council) Russian President Vladimir Putin will stop at nothing in his hunt for dissidents abroad. In his determination, he has found some powerful allies within Western democracies—a practice that should alarm those who prize justice and the rule of law.

Xerox Fires CEO After Manhattan Supreme Court Defeat (New York Law Journal) Faced with a devastating court ruling, Xerox on Tuesday threw in the towel, firing its CEO and half of its board of directors to resolve a proxy contest.

Leidos's Treatment of Female Whistle-Blower Gets Pentagon Review ( Defense Department attorneys are reviewing possible disciplinary action against Leidos Holdings Inc. after the Pentagon’s inspector general backed allegations that the information technology company retaliated against a female subcontractor for complaining of a hostile work environment.

How to safely be a whistleblower in your organization (ExpressVPN) An ExpressVPN guide detailing how to blow the whistle on a company or organization. Part 1 looks at how and why you should become a whistleblower.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Cyber Security Dallas (Dallas, Texas, USA, October 31 - November 1, 2018) Cyber Security Dallas will bring top speakers and industry experts to the Dallas-Fort Worth (DFW) metroplex, which boasts one of the largest concentrations of corporate headquarters in the United States.

Upcoming Events

National Cyber League Spring Season (Chevy Chase, Maryland, USA, March 30 - May 25, 2018) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...

Automotive Cybersecurity Summit 2018 (Chicago, Illinois, USA, May 1 - 8, 2018) Smart Vehicles. Smart Infrastructures. The 2nd annual Automotive Cybersecurity Summit brings together public and private-sector manufacturers, suppliers, assemblers, technology providers and V2X partners...

Application of the Law of War to Cyber Operations (Washington, DC, USA, May 3, 2018) Cyber law experts meeting at the George Washington University will cover Title 10 vs. Title 32 vs. Title 50 and the lawful and operational restrictions related to these authorities. The panelists will...

Global Cyber Security in Healthcare & Pharma Summit (London, England, UK, May 3 - 4, 2018) The number of cyber-attacks in healthcare is on the rise, and the industry must do more to prevent and respond to these incidents. The Global Cyber Security in Healthcare & Pharma Summit 2018 will bring...

Decompiling the Government: Getting Technologists and Policymakers to Speak the Same Language (New York, New York, USA, May 3, 2018) This event brings together technologists and leading policymakers, lawyers, and journalists to bridge the gap between non-technical and technical cyber professionals and features Lisa Monaco, former Assistant...

Secure Summit DC (Washington, DC, USA, May 7 - 8, 2018) (ISC)² Secure Summit DC will assemble the best minds in cybersecurity for two days of insightful discussions, workshops and best-practices sharing. The goal of the event is to equip security leaders to...

Insider Threat Program Management With Legal Guidance Training Course (Herndon, Virginia, USA, May 8 - 9, 2018) This training will provide the ITP Manager, Facility Security Officer, and others (CIO, CISO, Human Resources, IT, Etc.) supporting an ITP, with the knowledge and resources to develop, manage, or enhance...

HACKNYC (New York, New York, USA, May 8 - 10, 2018) The recent flood of data breach news may numb us to the threat of attacks with kinetic effects--direct or indirect physical damage, injury, or death. Hack NYC focus’ on our preparation for, and resilience...

SecureWorld Kansas CIty (Kansas City, Missouri, USA, May 9, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Cyber Ready 2018 Cybersecurity/Intel Conference (MacDill Air Force Base, Florida, USA, May 14, 2018) Major General Mike Ennis (USMC, ret), CIA National Clandestine Service's first Deputy Director for Community Human Intelligence (HUMINT), will deliver the keynote. The conference will also feature an all-audience...

Cyber Investing Summit (New York, New York, USA, May 15, 2018) Now in its third year, the Cyber Investing Summit is an all-day conference focusing on investing in the cyber security industry, which is predicted to exceed $1 trillion in cumulative spending on products...

Third Annual Cyber Investing Summit (New York, New York, USA, May 15, 2018) Renowned cyber security executive David DeWalt will deliver the keynote address at the Third Annual Cyber Investing Summit. The Cyber Investing Summit is a unique all-day conference focused on the financial...

The Cyber Security Summit: Dallas (Dallas, Texas, USA, May 15, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Digital Utilitites Europe (Amserdam, the Netherlands, May 16 - 17, 2018) The conference will bring together key industry stakeholders to address the current challenges of the digitisation in the utilities sector. Join us in Amsterdam to hear latest business case studies and...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.