skip navigation

More signal. Less noise.

2017 cyberattacks proved more numerous, sophisticated, and ruthless than in years past.

WannaCry, NotPetya, ransomware-as-a-service, and fileless attacks abounded. And, that’s not everything. The victims of cybercrime ranged from private businesses to the fundamental practices of democracy. Read The Cylance Threat Report: 2017 Year in Review Report and learn about the threat trends and malware families their customers faced in 2017.

Daily briefing.

Magecart strikes again, this time at Philippine media conglomerate ABS-CBN.

ESET researchers report an infestation of malicious financial apps in Google Play. The apps have since been removed. In operation since June of this year, they presented themselves as apps belonging to the Commonwealth Bank of Australia, the Australia and New Zealand Banking Group Limited, the ASB Bank, the TSB Bank, PostFinance (Swiss Post's financial services unit), the Polish Bank Zachodni WBK (now rebranded as Santander Bank Polska), and Bitpanda. This last is one of the more interesting targets: Bitpanda is an Austrian cryptocurrency exchange that doesn't even have an app.

Zscaler notes that a cloud hosting service is being abused by hackers. Congeco Peer 1 is hosting domains used to serve a range of phishing attacks and attempts on cryptocurrency wallets. According to Zscaler's blog, the problems have been around since February of this year.

Determined to do better this election cycle, Facebook is offering bipartisan help to campaigns, get-out-the-vote support, and an anti-disinformation war room.

The UK's ICO will fine Equifax £500,000 for last year's data breach. Some 15 million individuals were affected in the UK.

Beijing has opened a campaign to influence Taiwan's coming elections. Expecting this to be the case, Taiwan is preparing itself. So far, new malware tools have been discovered targeting government agencies. Taiwan officials believe the number of cyber attacks will rise before their November elections in an attempt to undermine President Tsai Ing-wen and her efforts to resist Beijing’s claim to Taiwan.


Today's issue includes events affecting Austria, Canada, China, Iran, Ireland, Philippines, Poland, Singapore, Russia, Taiwan, United Kingdom, United States.

Yesterday’s Scorecard Won’t Protect Your From Tomorrow’s Breach

With 56% of global organizations experiencing third party breaches, it’s no surprise that third party risk is the hottest cybersecurity topic. Threat actors will continue to target third parties as long as their vulnerabilities go unchecked. You need a 24x7x365 monitoring solution. Read LookingGlass’ eBook to learn how to build a successful third party risk program, so your organization isn’t left relying on old data to protect your employees, customers, and brand.

In today's podcast, we speak with our partners at Cisco Talos, as Craig Williams suggests ways of distinguishing between features from bugs with respect to security. Our guest is Roela Santos from Engility, describing the CyberWarrior scholarship for veterans.

This week's Hacking Humans is also up. In this episode, Dave warns of scammers taking advantage of hurricane Florence, both on the phone and in person. Joe shares a scheme targeting the kindness of local churchgoers. A cosmic variation on the Nigerian email scam is discussed, and Joe interviews his Johns Hopkins University colleague Chris Venghaus, who leads a tech support scammer on a wild goose chase.

Cyber Security Summits: September 25 in NYC on October 16 in Phoenix (New York, New York, United States, September 25, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, The NSA, Google, IBM, Darktrace, CenturyLink and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350)

FireEye Cyber Defense Summit 2018 (Washington, DC, United States, October 1 - 4, 2018) Get trained by a FireEye expert at our annual Cyber Defense Summit. Training opportunities at this event offer attendees hands-on, small-group, interactive sessions with some of the most experienced FireEye cyber security experts.

Dragos Industrial Security Conference (DISC) 11/5/18 (Hanover, Maryland, United States, November 5, 2018) Reserve your spot now for the Dragos Industrial Security Conference (DISC) on November 5th, 2018. DISC is a free, annual event for our customers, partners, and those from the ICS asset community. Visit for more information.

Cyber Attacks, Threats, and Vulnerabilities

Chinese cyber spies target Taiwan's leader before elections (The Sydney Morning Herald) The attacks are intended to undermine a president who has defied Beijing's efforts to bring the democratically ruled island under its control.

Security firm warns of increased hacking bids in Middle East (Khaleej Times) The firm expects the cyber attacks to continue because of the current geopolitical climate.

Broadcaster ABS-CBN customer data stolen, sent to Russian servers (ZDNet) Updated: The data theft is the work of Magecart, a group connected to attacks against British Airways and Ticketmaster.

CBA and ANZ caught in fake banking apps scam (Canberra Times) Thousands of banking customers have been caught in a fake banking app scam, prompting questions about Google Play’s app authentication process.

The latest cloud hosting service to serve malware (Zscaler) In recent years, there have been many studies related to compromised cloud hosting services.

New Botnet Hides in Blockchain DNS Mist and Removes Cryptominer (BleepingComputer) A new botnet captured the attention of security researchers through its harmless behavior and the use of an original communication channel with its command and control center.

Password bypass flaw in Western Digital My Cloud drives puts data at risk (TechCrunch) A security researcher has published details of a vulnerability in a popular cloud storage drive after the company failed to issue security patches for over a year. Remco Vermeulen found a privilege escalation bug in Western Digital’s My Cloud devices, which he said allows an attacker to bypas…

NewEgg cracked in breach, hosted card-stealing code within its own checkout (Ars Technica) Like British Airways breach, attack blended with site code, sent data to lookalike domain.

A Major Bug In Bitcoin Software Could Have Crashed the Currency (Motherboard) 'For less than $80,000, you could have brought down the entire network.'

Bogus finance apps on Google Play target users worldwide (Help Net Security) ESET researchers have discovered bogus finance apps impersonating various services and the Austrian cryptocurrency exchange Bitpanda on Google Play.

How Hackers Use Social Media and Emails to Hack Virtual Crypto Wallets (CoinCentral) Social media and email addresses have become vital elements of everyday life in the contemporary world, for both networking and businesses. And now, the two are among the primary avenues targeted by virtual wallet hackers.

Manipulation tactics that you fall for in phishing attacks - Help Net Security (Help Net Security) Malicious actors prey on a company’s workforce – often using common psychological tactics to manipulate people into sending money or providing access.

FBI, cyber protection team called on Beatrice cyberattack (KETV) No information believed stolen or destroyed

Cyber Trends

IoT Malware Detections Soar 273% Since 2017 (Infosecurity Magazine) IoT Malware Detections Soar 273% Since 2017. Kaspersky Lab warns home users of growing threat

SMBs Fear Phishing, Fall Short on Cyber Training (Infosecurity Magazine) A lack of resources leaves SMBs unaware of top cyber threats, says Webroot.

What's driving claims in cyber insurance? (Insurance Business) A recent analysis of claims data lifted the lid on the true cost of cyber criminals' activities

Government Hacking Raises New Security Concerns (Stanford Law School) News of governments such as Russia and North Korea deploying their tech teams to hack into companies for political reasons has made headlines (think S


Facebook plans voter drive, partners with Democratic/Republican Institutes (TechCrunch) Facebook will push users to register to vote through a partnership with TurboVote, has partnered with the International Republican Institute and National Democratic Institute nonprofits to monitor foreign election interference and will publish a weekly report of trends and issues emerging from its …

Inside Facebook’s Election ‘War Room’ (NYTimes) Seven weeks before the midterm elections, the social network is setting up a central hub to root out disinformation and false news. We visited the operation.

Options Abound for Cyber Security Jobseekers, but Finding the Right Fit Takes Work (Security Boulevard) We've all heard the familiar refrain any time cyber security professionals gather: There aren't enough qualified security employees to fill the glut of available positions.

Products, Services, and Solutions

Ivanti Patch for Windows Achieves Common Criteria EAL 2+ Certification (Markets Insider) Ivanti, the company that unifies IT to better manage and secure the digital workplace, today announced that I...

Cavirin Delivers Breakthrough Resource Visibility and Security Posture Intelligence for Hybrid Cloud Infrastructures (Cavirin) Deployment of New CyberPosture Intelligence Arms Customers with Full Control of All Assessment Data

Arilou Of NNG Group And Ohmio Announce Working Together To Secure Autonomous Buses (NNG) The agreement between the companies is a significant step in the adoption of cyber security solutions in the industry.

Fintech Firm Rolls Out New Cybersecurity Platform (ThinkAdvisor) Entreda aims to help broker-dealers RIAs and advisors nearly 75% of whom have been the target of a cyberattack.

Group-IB introduces Secure Bank, a solution for anti-fraud protection (Help Net Security) Group-IB’s Secure Bank aims to prevent client-side fraud and attacks across sessions, platforms, devices, channels, and entities.

US Signal partners with Cloudflare to deliver DDoS protection service (Help Net Security) US Signal partners with Cloudflare to bring new service that delivers DDoS mitigation for network, transport and application layers and is backed by a SLA.

Security, insurance providers want to help you evaluate your cyber risk (CSO) A host of security vendors are targeting governance-minded companies with tools for formalising the evaluation and management of cybsersecurity risk across an organisation.

Technologies, Techniques, and Standards

The “One Thing” in Cyber (Medium) Cyber security professionals often borrow terms from public health. A “disease vector” is the path an infectious disease takes through a…

Your Cyber-Enemy May Not Be the Person You Suspect (Entrepreneur) The less-obvious risk often is the most dangerous. Protecting your company and personal assets starts with understanding real versus perceived threats.

INSIGHT: Thinking of Hiring In-House Cyber Counsel? Here Are Some Tips (Bloomberg) In boardrooms across the nation, there is one risk that stands above all others: cybersecurity.

Utilising web browser forensics for cyber security investigations (Information Age) Barry Shteiman, VP, Research and Innovation at Exabeam, explains why browser forensics represents a critical step in the cyber security.

What Is Cryptojacking? Find Out About This Year's Biggest Cybercrime (CoinCentral) It sounds like an adrenaline-packed adventure sport.

How do you protect digital channels from cyber threats? (Help Net Security) A well-thought out social media presence is a must, but too few of them think about the potential repercussions of an attack targeting it.

Trump administration to send U.S. cellphones a test alert on Thursday (Reuters) The Trump administration will send a message to all U.S. cellphones on Thursday ...

Better security needed to harness the positive potential of AI, mitigate risks of attacks (Help Net Security) In order to harness AI potential, especially for security, enterprises must make the needed investments in well-trained staffs.

Design and Innovation

Who ate all the PII? Not the blockchain, thankfully (Register) GDPR be praised, new product keeps personally identifiable information off the chain

How the HTC Exodus Blockchain Phone Plans to Secure Your Cryptocurrency (WIRED) HTC starts filling in the details of its so-called blockchain smartphone, expected to launch later this year.

SparkLabs is launching a cybersecurity and blockchain accelerator program in the US (TechCrunch) Investment firm SparkLabs has run accelerator programs across APAC, now it has announced its first that’ll be based on U.S. soil and it’s a cybersecurity and blockchain program that’ll be located in Washington, D.C. from next year. The program will be led by former Startup Grind C…

IBM launches software to detect racist and sexist AI (The Telegraph) New software designed to strip out unconscious racial or sexist bias within organisations has been developed by IBM, allowing executives to monitor whether decisions are being shaped by ingrained prejudice.


UNO cybersecurity program prepares students for FBI and NSA careers (Gateway) Not even hospital equipment or pacemakers are safe from cyber-attacks. The Cybersecurity program at the University of Nebraska at Omaha (UNO) is teaching new professionals who can protect data and devices from hackers. Cybersecurity is a fast-paced field. Things change so quickly that certain classes aren’t taught more than a few semesters …

Legislation, Policy, and Regulation

Singapore to draw up formal Asean mechanism for cyber security (The Straits Times) Singapore will draw up a formal Asean cyber security mechanism to discuss cyber diplomacy, policy and operational issues, in a bid to shore up defences against online attacks that target the region.. Read more at

Ottawa launches probe of cyber security (The Globe and Mail) Australia and U.S. have already imposed ban on China’s Huawei from participating in new wireless cellular networks

Irish utility networks vulnerable to cyber attacks set for security increase (irishmirror) New measures have been introduced by Minister Denis Naughten to protect us from digital attacks

What’s in the House and Senate Intelligence Authorization Bills for Fiscal 2019? (Lawfare) The House and Senate intelligence committees have put forth a draft of their priorities for the intelligence community in 2019.

Cyberinfrastructure strategic plan bill clears NJ panel (MonroeNow) "Big data" requires new forms of processing in order to enhance decision making, insight discovery, and optimal processing.

Connecticut’s defenses deflect cyber attacks (The Hour) Connecticut fights off 10 million cybersecurity attacks a week - from casual hackers to countries such as Russia - and so far the state has not suffered a serious penetration, a new report concludes.

Litigation, Investigation, and Law Enforcement

Equifax fined £500,000 for data breach of 15m UK customers (The Telegraph) Equifax has been slapped with a £500,000 fine by Britain’s data watchdog for failing to protect 15m people whose personal details were stolen in a cyber-attack last year.

EU says Facebook must comply with EU consumer rules by end-2018 or... (Reuters) Europe's justice chief gave U.S. social media giant Facebook until the end ...

NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO (Dark Reading) Suit underscores longtime battle between vendors and labs over control of security testing protocols.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Detect 18 (National Harbor, Maryland, USA, September 19 - 21, 2018) Detect '18 is the single largest conference dedicated to threat intelligence. This year we're calling on fellow "Threatbusters" to wage a high-tech battle against apparitions (aka bad actors) and learn...

Cyber Beacon (Washington, DC, USA, September 20, 2018) Cyber Beacon is the flagship event of the National Defense University's College of Information and Cyberspace (NDU CIC). The conference brings together cyber experts from across the national security community,...

IT Security Leadership Exchange (Phoenix, Arizona, USA, September 23 - 25, 2018) IT Security Leadership Exchange is an invitation-only, strategic business summit that gathers Chief Information Security Officers (CISOs), senior decision-makers, and industry experts to address the unique...

Global Security Exchange (Las Vegas, Nevada, USA, September 23 - 27, 2018) Global Security Exchange—formerly the ASIS Annual Seminar and Exhibits—delivers new opportunities to exchange key ideas and best practices, expand global connections, and experience innovations. The GSX...

Merging of Cyber Criminal and Nation State Techniques: A Look at the Lazarus Group (Loudon, Virginia, USA, September 24, 2018) This presentation on North Korea's Lazarus Group as a case study of the convergence of organized cyber crime and nation-state intelligence services will be led by Allan Liska, a solutions architect at...

Connect Security World 2018 (Marseilles, France, September 24 - 26, 2018) While the number of IoT devices predicted by 2020 varies within tens of billions, all analysts agree that security is now the top concern of organizations looking at deploying IoT solutions. To address...

The Cyber Security Summit: New York (New York, New York, USA, September 25, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

5th Cyber Operations for National Defense Symposium (Washington, DC, USA, September 25 - 26, 2018) The 2018 Cyber Operations for National Defense Symposium will focus on the evolving nature of US Cyber policies and strategies. Cyber leaders from throughout the federal government will come together to...

PCI Security Standards North America Community Meeting (Las Vegas, Nevada, USA, September 25 - 27, 2018) The PCI Security Standards Council’s 2018 North America Community Meeting is THE place to be. We provide you the information and tools to help secure payment data. We lead a global, cross industry effort...

Hack the Capitol (Washington, DC, USA, September 26 - 27, 2018) The National Security Institute is partnering with the Wilson Center and ICS Village to host Hack the Capitol, a two-day event focused on Industrial Control Systems (ICS) and security. ICS are used throughout...

COSAC & SABSA World Congress (Kildare, Ireland, September 30 - October 4, 2018) For 25 years COSAC has delivered a trusted environment in which to deliver information security value from shared experience and intensive, productive, participative debate and development. Sales content...

Monterey Cyber Security Workshop 2018 (Pacific Grove, California, USA, October 1 - 2, 2018) People with special expertise interested in making progress on the subjects at hand meet at the Monterey Incubator for a workshop to build an understanding of vital issues of the day. The workshop follows...

Cyber Defense Summit 2018 (Washington, DC, USA, October 1 - 4, 2018) FireEye's annual Cyber Defense Summit will feature both training and an opportunity to hear from the experts. Introductory, intermediate and advanced training courses will be provided during the first...

Retail Cyber Intelligence Summit (Denver, Colorado, USA, October 2 - 3, 2018) Network with 250+ CISOs and their teams from retail and consumer facing industries: restaurants, hospitality, gaming, convenience, grocery and more. Share best practices, gain insights, network. This conference...

IP Expo Europe (London, England, UK, October 3 - 4, 2018) IP EXPO Europe is Europe's number ONE IT event for those looking to find out how the latest IT innovations can drive their business forward. IP EXPO Europe is co-located at Digital Transformation EXPO...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.