skip navigation

More signal. Less noise.

Where do cyber security professionals go to find jobs and career advice? features thousands of opportunities across the country and overseas for cyber security pros. Check us out today by visiting

Daily briefing.

Ukraine's SBU security service warns that various government agencies in Kiev are under cyberattack, again. No attribution so far.

ESET reports that Telebots and BlackEnergy, and therefore Industroyer and NotPetya, are linked to the same threat actor.

Observers look at cyberattacks against the ports of Barcelona and San Diego and conclude that commingling IT and OT yields unacceptably high risk.

Cisco's Talos research group has found a new Android Trojan, "GPlayed." It masquerades as the Play store, using the name "Google Play Marketplace" to further the imposture.

Skepticism over Bloomberg's Chinese supply chain attack story continues to rise. Some sources have walked back their statements to Bloomberg. Other observers point to an implausibility: if Chinese intelligence services really had seeded the supply chain as effectively as the story suggests, why would they engage in all the noisy hacking they've continued to conduct?

Facebook has purged more "inauthentic" sites. In this case the 559 pages and 251 accounts the social network took down were for the most part American. The problem, in Facebook's view, is their "coordinated inauthenticity." The company admits that inauthentic content is "often indistinguishable from legitimate political debate," and is trying to develop that distinction on the basis of behavior as opposed to content. The inauthenticity specified is moneymaking: clickbaiting people into ad farms.

The UK and Netherlands intend to push the EU to develop more effective sanctions against cyberattack.

Reuters says the Five Eyes and friends have agreed to closer cooperation against Russian and Chinese cyber operations.


Today's issue includes events affecting Australia, Canada, China, European Union, Germany, Japan, Netherlands, New Zealand, Russia, Ukraine, United Kingdom, United States.

Find out what midsized enterprises are doing right to hit the cybersecurity “sweet spot.”

Despite having bigger budgets and greater resources, large enterprises aren't better protected from cyberattacks than are their smaller counterparts. The sweet spot for cybersecurity is found among midsized businesses, which testing finds performed best at protecting their assets and mitigating their security risks. That's the conclusion of Coalfire's inaugural Coalfire Penetration Risk Report, based on more than 300 penetration tests in 148 companies worldwide.  Download the report to gather data-driven insights and make informed decisions based on Coalfire’s innovative analysis.

In today's podcast, we hear from our partners at the University of Maryland, as Jonathan Katz discusses the use of a cryptographic ledger to provide accountability for law enforcement. Our guest is April Wensel from Compassionate Coding on her work bringing emotional intelligence and ethics to the tech industry.

Cyber Security Summits: October 16 in Phoenix and on November 29 in Los Angeles (Phoenix, Arizona, United States, October 16, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, The CIA, Verizon, AT&T, CenturyLink and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350)

SecurityWeek 2018 Industrial Control Systems (ICS) Cyber Security Conference (Atlanta, Georgia, United States, October 22 - 25, 2018) SecurityWeek’s ICS Cyber Security Conference is the conference where ICS users, ICS vendors, system security providers and government representatives meet to discuss the latest cyber-incidents, analyze their causes and cooperate on solutions. Register today for the original ICS/SCADA Cyber Security Conference – October 22-25 in Atlanta.

Maryland Cybersecurity Career & Education Fair (Rockville, Maryland, United States, November 9 - 10, 2018) Join us for two dynamic days that put on display why Maryland is where cyber works. Friday will feature a career and education fair, connecting cybersecurity job seekers with opportunities across the state of Maryland. On Saturday, high school and undergraduate students compete in our cyber challenge.

Cyber Attacks, Threats, and Vulnerabilities

UNIAN: SBU - Ukrainian government agencies targeted in another cyber attack (KyivPost) The Security Service of Ukraine has reported a new cyber attack on government agencies, according to the SBU press center.

Security researchers find solid evidence linking Industroyer to NotPetya (ZDNet) A web of code reuse and shared infrastructure links together a slew of famous cyber-attacks.

Researchers link tools used in NotPetya and Ukraine grid hacks (Cyberscoop) New research provides evidence that TeleBots, a group with Russian military ties, was involved with the NotPetya and BlackEnergy incidents in Ukraine.

New TeleBots backdoor links Industroyer to NotPetya for first time (WeLiveSecurity) ESET’s analysis of a new TeleBots backdoor has uncovered the first evidence linking Industroyer to NotPetya, revealing a rumored connection that was not previously proven.

Facebook purged over 800 U.S. accounts and pages for pushing political spam (Washington Post) Facebook cracked down on over 800 accounts and publishers on Thursday, saying that the politically-oriented accounts violated its policies against spam.

Facebook: Most political trolls are American, not Russian (The Telegraph) Facebook has banned hundreds of pages and accounts which it says were fraudulently flooding its site with partisan political content – although they came from the US instead of being associated with Russia.

If Supermicro boards were so bug-ridden, why would hackers ever need implants? (Ars Technica) Whether spy chips reported by Bloomberg existed, attackers had much easier options.

Google Exposes User Data, Continues Deciding Which Sites Are Secure: What The Experts Say (Information Security Buzz) We now know that Google knowingly avoided disclosing its own data breach. At the same time it announces the decision to “fully remove trust in Symantec’s old infrastructure and all of the certificates it has issued” when it releases Chrome 70 later this month. Bill Holtz is CEO of Comodo CA, web security provider and the world’s largest commercial Certificate …

Cisco's Talos Group discovers new Android trojan (iTWire) A new Android trojan, named GPlayed, has been spotted by Cisco's Talos Intelligence Group which says it has an icon very similar to Google Apps and us...

An Examination of a Phishing Kit Dubbed Luis (Akamai) There have been plenty of articles describing the structure of phishing emails, and how to spot them. However, less explored, are phishing websites - what they are, how they are used, and how users can protect themselves. We'll take a...

Troubled waters: cyber-attacks on San Diego and Barcelona's ports show risk of IT/OT convergence (Computing) Operational technology has been kept separate from IT in the past - but as that changes, systems are being exposed to attacks,Threats and Risks ,Darktrace,computer security,Cyber security

Security warning: Attackers are using these five hacking tools to target you (ZDNet) Free - but powerful - tools are being used by everyone ranging from cyber criminals to nation-state operators, says a report by five government security agencies.

Fake Adobe Flash Updates Hide Malicious Crypto Miners (Threatpost) A fake Adobe update actually updates victims' Flash - but also installs malicious cryptomining malware.

PoC exploit for Windows Shell RCE released (Help Net Security) A PoC exploit for a RCE vulnerability (CVE-2018-8495) that can be exploited via Microsoft Edge has been published and can be easily adapted by attackers.

Stolen Apple IDs in China Lead to Mobile-Payment Pilfering (Wall Street Journal) China’s two mobile-payments giants, Alibaba affiliate Alipay and Tencent's WeChat Pay, said stolen Apple IDs were used to swipe customer funds, and called on Apple to address the issue.

Scam callers impersonating Parke County Deputies for personal information and money (WTHI News) Parke County residents are saying they are receiving phone calls from deputies demanding money.... or so it seems. Now the Sheriff's office is taking action.

FitMetrix Exposes “Millions” of Customers’ Data (Infosecurity Magazine) Unprotected cloud database again to blame

Yale 'smart' security app crash left people locked out of their homes for 24 hours (Computing) Yale smart lock crash locks users in - and out - of their homes,Big Data and Analytics,Cloud and Infrastructure ,yale,burglar alarm,smart locks,smart alarm

‘Payment Notification’ Is Top Healthcare Phishing Attack Subject (HealthITSecurity) The term “Payment Notification” is the top healthcare phishing attack subject, appearing in more than half of healthcare phishing attack campaigns in 2018.

Security Patches, Mitigations, and Software Updates

Google's Project Zero thwarts another major bug in Facebook's WhatsApp (Inquirer) And Facebook fixed it in good time. So yay.,Security ,Security,Hacking,Facebook,Google

Patch Tuesday, October 2018 Edition (KrebsOnSecurity) Microsoft this week released software updates to fix roughly 50 security problems with various versions of its Windows operating system and related software, including one flaw that is already being exploited and another for which exploit code is publicly available.

Delaying Further Symantec TLS Certificate Distrust (Mozilla Security Blog) Due to a long list of documented issues, Mozilla previously announced our intent to distrust TLS certificates issued by the Symantec Certification Authority, which is ...

Cyber Trends

DHS, FBI chiefs say cyber inflects every security and criminal threat (FCW) Cybersecurity isn't the only threat facing the country, but an Oct. 10 Senate Homeland Security hearing hammered home the extent to which the digital revolution touches every problem in the national security space.

Q2 2018 Quarterly Threat Report (eSentire) The 2018 Quarterly Threat Report provides a quarterly snapshot of threat events and trends investigated by the eSentire Security Operations Center (SOC).

Identity Spoofing Hits the Jackpot as the Primary Attack Vector on Gaming and Gambling Sites, Reveals New ThreatMetrix Cybercrime Report (AP NEWS) ThreatMetrix ®, a  LexisNexis® Risk Solutions Company , today released insights into cybercrime attacks on the gaming and gambling sector in its Q2 2018 Gaming & Gambling Report .

One-Third of US Adults Hit with Identity Theft (Dark Reading) That's double the global average and more than three times the rate of French and German adults.

The rise of the chief compliance officer (Digital Guardian) What does the role entail, and does your organisation need one?

AI has triggered 'so many concerns in the world' - Google Cloud CEO (CRN) Diane Greene says that AI is a 'power for good', but warns that the tech industry has to address worries,Vendor ,google cloud platform,Next,Diane Greene,Artificial Intelligence (AI)


Demisto Secures $43 Million Series C Round Led by Greylock Partners (Venture Dreams) Demisto, the US-based company operating in the space of Security Orchestration, Automation and Response (SOAR) technology, has announced the closing of a $43 million Series C funding round led by Greylock Partners. Additional investors participating in this funding round include early investors Accel Partners, ClearSky Security and others, bringing total funding to date to $69 …

Thales makes concessions to soothe EU's Gemalto deal worries (euronews) Thales has offered concessions to address European Union antitrust concerns over the French aerospace

Nyotron Enters Into Strategic Partnership With Ingram Micro to Scale Business Operations Globally | Nyotron (Nyotron) Partnership Agreement Includes $10 Million Investment and Channel Agreement to Help Cybersecurity Pioneer Increase US Presence and Build Channel Program

Products, Services, and Solutions

New infosec products of the week​: October 12, 2018 (Help Net Security) Featured infosec products of the week include releases from: Alert Logic, Arcserve, AVG, EclecticIQ, Portnox, Utimaco, WhiteHat Security.

Securonix Selects Cylance for End-to-End AI-Enabled Security Intelligence and Threat Prevention (Cylance) Partnership To Provide Clients with Seamless Integration with CylancePROTECT and Securonix Security Analytics

Lockpath Introduces Two New Editions of the Keylight Platform (PR Newswire) Lockpath, a leading provider of integrated risk management solutions, today announced the availability of...

Carbon Black Debuts Threat Hunting On Endpoint Protection Platform (CRN) Cb ThreatHunter continuously collects unfiltered data, making it easier for security teams to proactively hunt threats, uncover suspicious and stealthy behavior, and disrupt active attacks.

Technologies, Techniques, and Standards

NCSC is monitoring the internet to block DDoS and other cyber attacks (Computing) Technical director Ian Levy says it will be awesome if it works,

Why big business can bank on cyber failures (Global Banking and Finance) When it comes to cyber failures, it’s the big names that make the news. It seems that almost every other day we hear about the latest multi-national bank

Threat Hunters & Security Analysts: A Dynamic Duo (Dark Reading) Fighting spying with spying, threat hunters bring the proactive mindset of network reconnaissance and repair to the enterprise security team.

12 Free, Ready-to-Use Security Tools (Dark Reading) There's no excuse for not knowing your exposure. These free tools can help you analyze what your company is up against and point ways to developing a more thorough security program.

GDPR Fear is Stifling Employees, Here’s How to Fix It (Infosecurity Magazine) A level of accountability is, of course, necessary, because businesses will not be GDPR compliant without it.

Design and Innovation

FICO, Chamber of Commerce release tool to score businesses on cybersecurity (TheHill) FICO and the U.S. Chamber of Commerce released a new tool Thursday to score how strong businesses' protections are when it comes to cybersecurity.

Analysis | The Cybersecurity 202: Kanye West is going to make password security great again (Washington Post) Yes, his password is bad. But the celeb put security in the spotlight.

China’s central bank hiring cryptography experts for digital money development (South China Morning Post) PBOC is leading the world in the development of a sovereign virtual currency that is cheaper to handle and easier to trace

Research and Development

DARPA wants to teach and test ‘common sense’ for AI (TechCrunch) It's a funny thing, AI. It can identify objects in a fraction of a second, imitate the human voice, and recommend new music, but most machine "intelligence" lacks the most basic understanding of everyday objects and actions — in other words, common sense. DARPA is teaming up with the Seattle-based …

How to protect jets, missiles and ships from cyberattacks (Fifth Domain) Experts told Fifth Domain that protecting American weapons systems from cyberattacks will require a culture of cyber hygiene, resilient systems and a workforce overhaul.


Securing campus networks became more challenging (Help Net Security) A global Infoblox survey reveals that 81 percent of IT professionals believe securing campus networks has become more challenging in the last two years.

Legislation, Policy, and Regulation

Nato to be fully operational in cyber space by 2023 ( Nato is aiming to achieve full operational readiness in cyber space within five years.

Military intelligence offers career path in today's Russia (AP NEWS) "First time here?" the conductor on the train that stops at the logging outpost of Loyga asks some departing passengers. "My condolences — there isn't even cell phone connection." This desolate village, deep in the far northern Arkhangelsk region, is the hometown of one of the suspected GRU Russian military intelligence agents who is believed to have poisoned a former Russian spy in Britain. The other alleged attacker and an alleged military intelligence operative accused of a hacking attack in the Netherlands come from equally dismal places.

U.K., Netherlands Lead EU Push for New Cyber Sanctions (Bloomberg) Memo sent to EU countries ahead of leaders’ summit next week

U.S. Needs a Global Alliance Against Russia’s Cyberattacks (Bloomberg) Washington can coordinate with Europe, the UN, Interpol and nongovernmental groups.

Exclusive: Five Eyes intelligence alliance builds coalition to counter China (Reuters) The five nations in the world's leading intelligence-sharing network have...

Trump vows to punish China amid spying row (Times) President Trump threatened to punish China further for its aggression towards the United States as tensions between the two economic rivals escalated sharply yesterday. Mr Trump warned that there...

This Act may be cited as the ‘‘Protect our Elections 5 Act’’. (US Senate) To amend the Help America Vote Act of 2002 to require States to take steps to ensure domestic ownership and control of election service providers, and for other purposes

Here's the US Army's New Russia-Era Shopping List (Defense One) After Putin's Ukraine invasion, the Army's future command wants longer guns, better cybersecurity, and a new way to buy weapons.

Ukrainian church wins independence battle against Moscow Patriarchate (Deutsche Welle) Ukraine should have its own Orthodox church, independent from Moscow, the Istanbul-based Ecumenical Patriarchate has ruled in a bitter row. Representatives of Russia's Patriarch Kirill slammed the move as "catastrophic."

Litigation, Investigation, and Law Enforcement

Kaspersky Lab treason suspect is hospitalized in critical condition after suffering pulmonary embolism in jail (Meduza) Ruslan Stoyanov, the former Kaspersky Lab expert now on trial for treason, was recently rushed to the hospital in critical condition, after suffering a pulmonary embolism on October 1, his lawyer told the independent television network Dozhd.

Google questioned over delay in disclosing vulnerability (CRN Australia) US senate asks why Google+ vulnerability wasn't made public sooner.

INVESTIGATION NOTICE: The Schall Law Firm Announces it is Investigating Claims Against Alphabet Inc. and Encourages Investors with Losses in Excess of $100,000 to Contact the Firm (Yahoo) The Schall Law Firm, a national shareholder rights litigation firm, announces that it is investigating claims on behalf of investors of Alphabet Inc. (''Alphabet'' or ''the Company'') (NASDAQ: GOOG; NASDAQ: GOOGL) for violations of §§10(b) and 20(a) of the Securities Exchange Act of 1934 and Rule 10b-5 promulgated thereunder by the U.S. Securities and Exchange Commission.

Internet operator challenges network tapping by German spy agency (Reuters) Internet exchange operator DE-CIX said on Thursday it had filed a constitutional...

'I Could Ruin Your Business Right Now': Listen to a SIM-Jacking, Account-Stealing Ransom (Motherboard) Jared Goetz's credit card was fraudulently charged, his phone cut-off, and his email account hacked. But in an extraordinary phone call, Goetz managed to talk the hacker down, and get his digital life back.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Geneva Information Security Day (Geneva, Switzerland, October 12, 2018) Geneva Information Security Day (GISD) is a leading European cybersecurity conference created as a vendor-independent platform for open and actionable discussion of emerging digital threats and remedies,...

FAIRCON18 (Pittsburgh, Pennsylvnia, USA, October 14 - 18, 2018) Focused on advancing cyber, operational risk management.The event will feature in-depth training seminars, insightful presentations from industry leaders, candid executive and practitioner-led discussions...

The Cyber Security Summit: Phoenix (Phoenix, Arizona, USA, October 16, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Zero Day Con: Hacking Democracy (Washington, DC, USA, October 16, 2018) Join Zero Day Con and Strategic Cyber Ventures on October 16th in Washington, D.C. to examine the path forward in reducing our attack surface, managing risk, regaining control of our networks and data,...

FAIRCON18 (Pittsburgh, Pennsylvania, USA, October 16 - 17, 2018) Hosted by the FAIR Institute and Carnegie Mellon University’s Software Engineering Institute (SEI) and the Heinz College of Information Systems and Public Policy, the 2018 FAIR Conference brings leaders...

PCI Security Standards Europe Community Meeting (London, England, UK, October 16 - 18, 2018) The PCI Security Standards Council’s 2018 Europe Community Meeting is THE place to be. We will provide you with the information and tools to help secure payment data. We lead a global, cross industry effort...

SecureWorld Cincinnati (Cincinnati, Ohio, USA, October 17, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

2018 ISSA International Conference (Atlanta, Georgia, USA, October 17 - 18, 2018) Join us for solution oriented, proactive and innovative sessions focused on Securing Tomorrow Today. Every day, cyber threats become increasingly intricate and difficult to detect. No cyber security professional...

Fifth Annual Cyber Warfare Symposium (New York, New York, USA, October 18, 2018) The Fifth Annual Cyber Warfare Symposium is an annual one-day event presented by the Journal of Law & Cyber Warfare in conjunction with academia, government and private industry organizations at NYU School...

5th Annual Women in Cyber Security Reception (Washington, DC, United States, October 18, 2018) This annual networking event highlights and celebrates the value and successes of women in the cyber security industry. Leaders from the private sector, academia, and government from across the region...

National Insider Threat Special Interest Group (NITSIG) - Insider Threat Symposium & Expo (Laurel, Maryland, USA, October 19, 2018) The NITSIG will hold an Insider Threat Symposium & Expo (ITS&E), on October 19, 2018, at the Johns Hopkins University Applied Physics Laboratory, in Laurel, Maryland. This is a must attend event if you...

2018 ICS Cyber Security Conference USA (Atlanta, Georgia, USA, October 22 - 25, 2018) SecurityWeek’s Industrial Control Systems (ICS) Cyber Security Conference is the largest and longest-running event series focused on industrial cybersecurity. Since 2002, the conference has gathered ICS...

Energy Tech 2018 (Cleveland, Ohio, USA, October 22 - 26, 2018) The annual EnergyTech Conference & Expo is an organized event, supported by NASA and INCOSE, highlighting advancements in Energy, Smart-Grids and Microgrids, Aerospace, Critical Infrastructure, Security...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.