skip navigation

More signal. Less noise.

Beginner’s Guide: Open Source Network Security Tools

With so many open source tools out there, it's hard to know where to start. Get your copy of “Beginner’s Guide: Open Source Network Security Tools” today to learn how you can use open source tools for: network discovery, network IDS, vulnerability scanning & penetration testing.

Daily briefing.

Proofpoint has identified spearphishing emails that hit at least three US companies in the utilities sector in mid-to-late July. The email domain was designed to be mistaken for one belonging to the US National Council of Examiners for Engineering and Surveying. An attached Microsoft Word document contained malicious macros that carried a malware package Proofpoint calls "LookBack." LookBack is a remote access Trojan accompanied by a command-and-control proxy mechanism. The researchers believe there's enough evidence to indicate that a nation-state was responsible, but not enough for further attribution, although there are some similarities to the Chinese group APT10.

The PCI Security Standards Council (PCI SSC) and the Retail and Hospitality ISAC warn of the rapidly developing threat of online paycard skimming. (The threat is best known as "Magecart.") The most common infection vector for the JavaScript sniffers that do the stealing have been third-party applications widely used by merchants. These typically include advertising scripts, live chat functions, and customer rating features. 

RiskIQ took a look at the recent phishing campaign targeting Bellingcat, and they've conclude that it was indeed closely focused on a small number of investigative journalists who've proven annoying gadflies to the Russian government. The campaign made adroit use of ProtonMail infrastructure, which lent more plausibility than the phishing attempts might otherwise have enjoyed.

Russia isn't the only government Bellingcat scrutinizes, the Daily Beast notes. The investigative site's reports led Facebook to take down three-hundred-fifty pages and accounts for "coordinated inauthenticity" organized by the Kingdom of Saudi Arabia.

Notes.

Today's issue includes events affecting Australia, Canada, China, European Union, Germany, Iran, Israel, Japan, New Zealand, Russia, Saudi Arabia, Switzerland, United Kingdom, United States.

Bring your own context.

So, a question: bots aren't natural persons. Are they artificial persons? Or are they really just modes in which natural persons express themselves?

"We can all agree that if it's this computer that's pretending to be a person and is being annoying, or manipulative, or harassing...these computer programs saying the same thing over and over again.... We could agree that that's not good. Low-hanging fruit: it shouldn't be complicated at all. So I think what [the state senator who sponsored California's bot law] thought, and what anyone might think [is that] we're not even dealing with how to deal with the tough questions of people who are abusive and on this platform, but just even machines that are.... What he discovered is that there is such an extreme kind of libertarian view in Silicon Valley that raised all these issues about bots that you wouldn't even think of, like, that bots actually are kind of like people speaking. You're like, really? Why? It seems like it's just the computer saying the same thing over and over again. But it's like, well, a person wrote it, and it's conveying ideas."

—Noam Cohen, author of The Know-It-Alls: The Rise of Silicon Valley as a Political Powerhouse and Social Wrecking Ball and New Yorker contributor, on the CyberWire Daily Podcast, 7.30.19.

Extending a principle to unanticipated particular cases is always challenging. So, is bot-speech just meretricious machine noise, or is it really human speech at one remove?

 

What if your security strategy added zeros to your bottom line?

Focusing on response alone is costly. You lose data. You lose infrastructure. You lose human and capital resources that could be productive elsewhere. And you lose your reputation. When you catch threats before they execute, you contain the problem, and the rewards add up. Let Blackberry Cylance help you understand how you can reduce your total cost of security controls, bolster your organization’s security posture, and zero in on what really matters.

In today's podcast, out later this afternoon, we speak with our partners at the University of Bristol, as Professor Awais Rashid talks about the ability to “smell” security issues in software. Our guest is Matt Howard from Sonatype, and he discusses their State of the Software Supply Chain report.

XM Cyber is coming to Black Hat (Las Vegas, Nevada, United States, August 3 - 8, 2019) Visit XM Cyber at our booth 875, to experience the first fully automated APT simulation platform to Simulate, validate and remediate hackers’ path to organizational critical assets.

Codenomicon August 6 Skyfall Lounge Las Vegas (Las Vegas, Nevada, United States, August 6, 2019) Black Hat is just around the corner! Join Synopsys at our exclusive cyber security professional event—codenomi-con. We’ll kick off a night of entertainment, networking, and leadership Aug. 6 at 6 p.m. Register today!

Courageous Women CISO Brunch with Synack and CyberWire at Black Hat (Las Vegas, Nevada, United States, August 7, 2019) Connect and Collaborate with Fellow CISO Security Leaders at Black Hat. As always, you can expect an intimate environment with delicious food, refreshing drinks, and great company. Join us Wednesday, August 7, 10:00 AM at Delano Las Vegas, Suite TBD.

Wicked6 Cyber Games (Las Vegas, Nevada, United States, August 8, 2019) Wicked6 is a fundraiser and cybersecurity exhibition in a thrilling esports arena in Las Vegas on August 8, 2019. It’s a week when cybersecurity leaders from around the world come to Las Vegas, and all are welcome to come by to experience this exciting and unique cyber competition as a player, sponsor, or avid fan. Wicked6 will raise funds for the Women’s Society of Cyberjutsu, a national 501(c)(3) nonprofit that promotes training, mentoring and more to advance women and girls in cybersecurity careers.

Cyber Attacks, Threats, and Vulnerabilities

LookBack Malware Targets the United States Utilities Sector with Phishing Attacks Impersonating Engineering Licensing Boards (Proofpoint) Proofpoint researchers document recent spear phishing campaigns and a new remote access Trojan targeting US utilities.

How One Researcher Helped Facebook Bust a Saudi Disinfo Campaign (The Daily Beast) Facebook announced Thursday the Saudi government had engaged in “coordinated inauthentic behavior” on the platform, crediting research from Bellingcat.

A Deeper Look at Phishing Against Bellingcat Staff Investigating Russia (RiskIQ) In this article, we’ll explore a different angle to the phishing campaign against Bellingcat by analyzing it from the outside-in perspective of RiskIQ.

UniCredit: No Proof That Cap One Accessed Customers’ Data (PYMNTS.com) UniCredit, in a memo to its staff on Thursday, said that an internal investigation showed no evidence that a recent data breach at Capital One involved any of its own data, according to a report by Reuters. Authorities investigating the case are trying to find out if the alleged hacker, Paige Thompson, hacked any other […]

‘Amateur’ Capital One hack stuns security (Phnom Penh Post) A Massive data breach at Capital One appeared to be an unsophisticated attack from a single hacker, raising questions about the security of the financial system and insider threats to cloud computing.

Capital One data breach: What you can do following the banking hack (CNET) The latest banking data breach exposed the records of almost 106 million people.

Two Leading Cybersecurity Organizations Issue Joint Bulletin on Threat of Online Skimming to Payment Security (PCI Security Standards Council) If you are a merchant of any size accepting credit cards, you must be in compliance with PCI Security Council standards. This site provides: credit card data security standards documents, PCIcompliant software and hardware, qualified security assessors, technical support, merchant guides and more.

Warning over boom in web skimming cyber crime targeting online stores (Computing) Malwarebytes claims to have blocked 65,000 web-skimming Magecart data theft attempts in July alone

Threat Actors Muddy Waters in Middle East with APT Hijacks, Fake Leaks in Q2 2019 (Dark Reading) Cyber security's comprehensive news site is now an online community for security professionals, outlining cyber threats and the technologies for defending against them.

Is The Cyber War With Iran Every Man For Himself? (International Business Times) Iran is at our doorstep, and DHS tells citizens to arm themselves.

Not Your Father’s Bots (Foreign Affairs) A new AI system can create fake news articles that look credible—at high speed and low cost.

New SystemBC Malware Uses Your PC to Hide Malicious Traffic (BleepingComputer) A new malware strain is being distributed by threat actors via exploit kits like Fallout and RIG to hide malicious network traffic with the help of SOCKS5 proxies set up on compromised computers.

SystemBC is like Christmas in July for SOCKS5 Malware and Exploit Kits (Proofpoint) Proofpoint researchers describe a previously undocumented proxy malware currently appearing in RIG and Fallout EK campaigns.

Update your iPhone now: severe vulnerability affecting iMessage (Wandera) All iOS versions below iOS 12.4 are severely vulnerable.As of August 1, only 9.6% of enterprise devices have been updated.Google’s Project Zero has uncovered six bugs in iOS that can be remotely exploited without any user interaction via the iMessage client. Apple has fully patched five of the

Honey Browser Extension Content Script Improper DOM Handling Browser Action UI Spoofing (RiskBased Security) The Honey Browser Extension for Chrome, Firefox, Safari, and Edge allows users to instantly find and apply coupon codes at checkout for over 30,000 online shopping sites and, according to the vendor, 10,000,000 members utilize the extension.

StockX resets user passwords without warning (TechCrunch) StockX, a popular site for buying and selling sneakers and other apparel, has admitted it reset customer passwords after it was “alerted to suspicious activity” on its site, despite telling users it was a result of “system updates.” “We recently completed system update…

Advantech WebAccess HMI Designer (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Advantech Equipment: Advantech WebAccess HMI Designer Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to remotely execute arbitrary code.

Fuji Electric FRENIC Loader (CISA) 1. EXECUTIVE SUMMARY CVSS v3 4.4 ATTENTION: Low skill level to exploit Vendor: Fuji Electric Equipment: FRENIC Loader Vulnerability: Out-of-Bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow information disclosure. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of FRENIC Loader, an AC drive, are affected:

3S-Smart Software Solutions GmbH CODESYS V3 (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: 3S-Smart Software Solutions GmbH Equipment: CODESYS V3 Vulnerabilities: Unverified Ownership, Uncontrolled Memory Allocation 2.

3S-Smart Software Solutions GmbH CODESYS V3 (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low skill level to exploit Vendor: 3S-Smart Software Solutions GmbH Equipment: CODESYS V3 Vulnerability: Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow for an attacker with access to PLC traffic to obtain user credentials.

Rockwell Automation Arena Simulation Software (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Low skill level to exploit Vendor: Rockwell Automation Equipment: Arena Simulation Software Vulnerabilities: Use After Free, Information Exposure 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause a current Arena session to fault or enter a denial-of-service (DoS) state, allowing the attacker to run arbitrary code.

Rockwell Automation Arena Simulation Software (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Low skill level to exploit Vendor: Rockwell Automation Equipment: Arena Simulation Software Vulnerabilities: Use After Free, Information Exposure 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause a current Arena session to fault or enter a denial-of-service (DoS) state, allowing the attacker to run arbitrary code.

LCDS LAquis SCADA LQS File Parsing (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: LCDS—Leão Consultoria e Desenvolvimento de Sistemas LTDA ME Equipment: LAquis SCADA Vulnerabilities: Out-of-bounds Read, Type Confusion 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to obtain confidential information or execute remote code.

AirDrop Could Be Leaking Your Phone Number (iDrop News) While iMessage has been the focus of some pretty big security flaws in recent weeks, there’s a new vulnerability that’s been discovered that could allow

AirDrop security flaw can expose your phone number [Video] (9to5Mac) An AirDrop security flaw can allow anyone with a laptop and scanning software to see your phone number. The same is true when you share a Wi-Fi password ...

Neapolitan Backdoor Injection (Sucuri Blog) Our remediation team lead describes how attackers are using a variety of backdoors to avoid detection and maintain access on compromised websites.

LibreOffice handlers defend suite's security after 'unfortunately partial' patch (Register) When is a macro not a macro? When it comes with the product, apparently

We tested 21 Android antivirus apps and found these serious vulnerabilities (Comparitech) Android antivirus apps claim to protect your device, but we found a ton of security holes and privacy risks -- one of them even exposes your address book

Combolists-as-a-Service can now be added to the threat landscape (SC Magazine) Entrepreneurial cyber-criminals are now renting out access to databases that combine log-in, passwords and other details, having first curated and packaged stolen credentials before selling them.

Americans Are Making Phone Farms to Scam Free Money From Advertisers (Vice) Ordinary Americans are using armies of phones to generate cash to buy food, diapers, and beer through ad fraud.

Surveillance videos show alleged criminals attacking ATMs — and the crime is getting more common (CNBC) Hackers have turned their attention to ATMs. Two surveillance videos show alleged criminals attacking ATMs in order to drain them of cash. ATM crime and fraud costs the financial service industry billions each year.

North Carolina county falls for BEC scam, to the tune of $1,728,083 (Naked Security) The county could only claw back some of the $2,504,601 it paid to a scammer posing as a contractor working on building a new high school.

Homeless people keep arriving at Tarzana mansion thinking it’s a shelter, but it’s really a prank by online trolls (Daily News) The prank is the work of thousands of devoted viewers of online streamer ‘Ice Poseidon.’

New Orleans-area school targeted by cyber attack (Fox8Live) Another area school has become the target of cyber-attacks.

A cyber-attack gets $700,000 from the City of Naples (WFTX) Naples City Manager Charles T. Chapman IV tells Fox 4 the city was the victim of a criminal cyber-attack. He says the thieves got away with $700,000.

Security Patches, Mitigations, and Software Updates

Google blocks websites certified by DarkMatter, after Reuters reports (Reuters) Alphabet's Google has blacklisted websites approved by a United Arab Emirat...

IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Spectrum Protect Snapshot on AIX and Linux (CVE-2018-1890, CVE-2018-12547) Security Bulletin - IBM PSIRT Blog (IBM PSIRT Blog) Multiple vulnerabilities in IBM® Runtime Environment Java™ were disclosed as part of the IBM Java SDK updates in January 2019.

G Suite news: Anomalous alert activity for Google Drive, Advanced Protection for enterprise users (Help Net Security) New security options for G Suite customers can alert organizations about data exfiltration attempts on Google Drive and help them protect high-risk users.

PowerShell Empire Framework Is No Longer Maintained (BleepingComputer) The Empire post-exploitation framework used by hackers of all hats alike has been discontinued this week, passing the torch to newer tools for offensive activities

Cyber Trends

94% of attacks hitting financial services use one of four methods (Help Net Security) Newly released data by Akamai shows that 50% of all unique organizations impacted by observed phishing domains were from the financial services sector.

5G will make devices more vulnerable to cyberattacks: Akamai CEO (Yahoo) Tom Leighton the co-founder and CEO of Akamai Technologies (AKAM), talks to Yahoo Finance's On the Move about the increasing threat of cyber attacks.

Despite Unclear RoI, Security Fears, IoT Adoption is Booming: Microsoft (Computer Business Review) IoT adoption report: projects typically fail during the proof of concept stage as the implementation costs start to spiral

Many companies don't know the depth of their IoT-related risk exposure (Help Net Security) Cyberattacks caused by unsecured IoT/IIoT devices are increasing because many companies don’t know the depth and breadth of the risk exposures.

Ponemon Institute Reveals Security Teams Spend Approximately 25 Percent of Their Time Chasing False Positives; Response Times Stymied by Legacy Tools (BusinessWire) Exabeam and Ponemon discovered security personnel in U.S. enterprises waste approximately 25 percent of their time chasing false positives.

Brace for controversy: Edward Snowden has written a memoir (Ars Technica) Permanent Record will go on sale in September.

Marketplace

For board of directors, cybersecurity literacy is essential (SearchSecurity) For the board of directors, cybersecurity information is essential. This means, among other things, that CISOs need a seat at the table. Joyce Brocaglia's initiative, BoardSuited, aims to equip security pros with the abilities they need to make the move to the C-suite.

Capital One Hack Hits the Reputation of a Tech-Savvy Bank (Wall Street Journal) Capital One has been known as a bank that plowed into new technology. But a recent hack could shift the lender’s approach from advantage to liability.

Cybersecurity - Fighting the Good Fight Infographic (St. Bonaventure University) Check out this infographic for details about a career in "ethical hacking" and cybersecurity!

How to Get Started in a Cyber Security Career (Phoenix TS TechRoots Blog) Our SME offers guidance on where to start and what to learn for a cyber security career.

The must-have skills for cybersecurity aren't what you think (SearchSecurity) Essential skills for cybersecurity are not just technical ones, though those get the most attention. Just as essential to any functioning security strategy are so-called 'soft' qualities like leadership buy-in and the ability to communicate technical issues in layman's terms.

GoSecure Acquires EdgeWave to Bolster Managed Detection and Response Capabilities (BusinessWire) GoSecure, a leading provider of Managed Detection and Response (MDR) services, announces the acquisition of EdgeWave, a leader in email security.

Everbridge acquires threat intelligence firm NC4 for $83M (Boston Business Journal) Everbridge (Nasdaq: EVBG), a critical event management firm headquartered in Burlington, is acquiring a Califorina-based provider of threat intelligence software for a sum of cash and company’s stock worth approximately $83 million.

A10 Networks Is in Trouble: Company for Sale, CEO Leaving (Light Reading) A10 Networks, which is struggling to develop a 5G, network security and analytics strategy, is now up for sale. And the founder and CEO is on his way out.

Cloudflare Said To Pursue September IPO, We Say Heck Yes (Crunchbase News) Cloudflare is reportedly going public this year, meaning that we have at least two big-name IPOs left in the tank.

Nasdaq-Listed Radware to Scout for Cloud Security Startups (CTECH - www.calcalistech.com) The information security company is actively looking for acquisitions, chief financial officer Doron Abramovitch said in a Wednesday interview with Calcalist

Cybersecurity Firm Unexpectedly Swings To Profit As Shares Surge (Investor's Business Daily) Rapid7 earnings and revenue for the second quarter beat analyst estimates, as the cybersecurity firm said new investments lie ahead. The Rapid7 earnings news sent shares up on Thursday.

Passion, ingenuity and hard work: The cybersecurity startup story of Israel (Help Net Security) Israel’s DIY approach supports it entrepreneurial spirit and success. The constraints that Israeli people have to work against creates innovation.

Leading Zero Trust Access Security Provider Pulse Secure Becomes a Member of MSPAlliance® (Pulse Secure) Pulse Secure, the leading provider of software-defined Secure Access solutions to both enterprises and service providers, today announced that it has become a member of the MSPAlliance, the oldest managed services group and the only accrediting and standards based body created specifically for the managed services provider industry.

Optiv Security Appoints Todd Weber Chief Technology Officer for the Americas (Optiv) Enterprise digital transformation efforts combined with advanced and innovative attack intents have left many organizations’ security operations teams overwhelmed by an inordinately high volume, velocity and variety of cybersecurity data and threats.

Rapid7 appoints Christina Kosmowski to Board of Directors (West) Rapid7, Inc. (NASDAQ: RPD), a leading provider of security analytics and automation, today announced that it has appointed Christina Kosmowski to its Board of Directors, effective July 31, 2019.

CSIRO's Data61 to find new CEO following Adrian Turner's resignation (ZDNet) Turner is stepping down to set up a new venture after four years with Australia's innovation arm.

Products, Services, and Solutions

New infosec products of the week: August 2, 2019 (Help Net Security) Qualys is making its Global IT Asset Discovery and Inventory app available to all businesses for free

Stronger Together: Imperva API Security is Integrated with Red Hat 3scale API Management | Imperva (Imperva) Most enterprises today deploy a multitude of touchpoints where consumers can interact and access the information they require. For many organizations, APIs (Application Programming Interfaces) are the bread-and-butter for enabling inter-enterprise process automation, IoT devices and mobile applications.  Even though they are working behind the scenes, APIs are ubiquitous. They help to deliver sports updates, …

Cengage Adds Free Password Management to Subscription Service (Campus Technology) Cengage is now offering free password management for users of its Cengage Unlimited textbook subscription service.

FireEye Adds Web Shell Detection to Protect Servers « FireEye Adds Web Shell Detection to Protect Servers (FireEye) FireEye web shell detection is available in the 8.3.0 release of FireEye Network Security.

Fortinet Accelerates and Secures the Cloud On-Ramp with New Next-Generation Firewalls (Yahoo) John Maddison, EVP of products and solutions at Fortinet“An accelerated and secure cloud on-ramp is essential in today’s digital economy..

Zain Jordan partners with Infoblox to provide secure Internet experience (Intelligent CIO Middle East) Zain, a leading telecom company in Jordan, has implemented the market leading Infoblox ActiveTrust solution to enable secure Internet browsing for its subscribers.

Avast Rolls Out New Router Security Service For Italian Customers (MorningstarUK) (Alliance News) - Consumer cybersecurity firm Avast PLC said Thursday it is rolling-out a new ...

MSP to MSSP: Chillisoft fleshes out security offer with Eset Enterprise (New Zealand Reseller News) Security software specialist distributor Chillisoft is making it easier for managed service providers to extend into managed security services via new Eset tools.

SafeBreach launches new platform to prioritize, mitigate security gaps (SearchSecurity) SafeBreach has launched SafeBreach GRID, a breach and attack simulation application that helps security teams prioritize and manage security gaps identified by breach simulation.

ThreatConnect Added to the DHS Continuous Diagnostics and Mitigation Program’s Approved Products List (BusinessWire) ThreatConnect, Inc.®, provider of the industry’s only intelligence-driven security operations platform, is proud to announce that it has been added to

Technologies, Techniques, and Standards

Exabeam 2019 State of the SOC Report: 5 Key Takeaways (MSSP Alert) CIOs and CISOs are increasingly concerned about incident response, automation and threat hunting, according to the Exabeam "2019 State of the Report."

How to Enable the Windows 10 Tamper Protection Security Feature (BleepingComputer) With the release of the Windows 10 May 2019 Update, Microsoft introduced a new security feature called Tamper Protection that protects security settings for Windows Defender antivirus from being disabled by malware or third-party programs.

Why OSINT Analysts Need to Manage Their Digital Identities (Federal News Network) There’s another kind of intelligence gathering, just as important to commercial, military, diplomatic and political operations: open source intelligence.

NYC's real-time cyber defense platform (GCN) New York City's Cyber Command built an open-source, cloud-based data pipeline -- a security log aggregation platform that analysts use to quickly detect and mitigate cyber threats.

Design and Innovation

Facebook open-sources algorithms for detecting child exploitation and terrorism imagery (The Verge) Crowdsourcing a better solution to disturbing photos and videos

Full Fact has been fact-checking Facebook posts for six months. Here’s what they think needs to change (Nieman Lab) More scale, more transparency, and more help with health-related posts.

Microsoft is right, mandatory password changes are obsolete (Help Net Security) Microsoft has recently come out and said that mandatory password changing is ancient and obsolete. This goes directly against everything we were trained

Academia

National Science Foundation cybersecurity grant extended for Penn College (Penn State University) The National Science Foundation recently rewarded Pennsylvania College of Technology’s commitment to tomorrow’s cybersecurity workforce by extending a grant for an additional year.

Legislation, Policy, and Regulation

Cyberspace administration passes review on precondition for purchase contracts for network products and services (International Law Office) The Cyberspace Administration of China recently released the Cybersecurity Review Measures (Draft for Comment). According to the draft, where an operator of critical information infrastructure purchases a network product or service, it must make an ex ante assessment of the potential security risks that could emerge once the product or service is put into operation and produce a security report accordingly.

Undeclared Wars in Cyberspace Are Becoming More Aggressive and Automated (Singularity Hub) The 2020 fiscal budget calls for spending $17.4 billion on cyber-related activities, with the Department of Defense (DoD) alone earmarked for $9.6 billion.

Barr and 'Five Eyes' pledge unity on 'emerging threats' — but questions on Huawei and ISIS remain (Washington Examiner) The so-called "Five Eyes" nations agreed on a lot coming out of their security summit in London this week, but didn't end up with concrete plans for two major challenges: the security threat posed by Chinese tech firm Huawei, and the stalemate over how to deal with thousands of foreign-born Islamic…

Incoming: Cyber Threats Need Less Hand-to-Hand Combat, More Collective Defense (SIGNAL Magazine) We need strategies and mesh solutions, such as managed security services, that are designed at the enterprise level and include all Defense Department stakeholders, regardless of how small or niche they are, to ensure that all are adequately protected.

New Senate bill seeks improvements to federal cybersecurity - Homeland Preparedness News (Homeland Preparedness News) U.S. Sens. John Cornyn (R-TX) and Maggie Hassan (D-NH) introduced cybersecurity legislation this week, seeking to improve the work of the Department of Homeland Security’s (DHS) Continuous Diagnostics and Mitigation (CDM) program. Their solution is the Advancing Cybersecurity Continuing Diagnostics … Read More »

Effort to Exempt “HR Data” from CCPA Falters (Cooley) Labor groups concerned about employee privacy have succeeded in slowing the effort to pass legislation exempting employer-held information from the California Consumer Privacy Act (“CCPA”).  T…

After cyber attack cripples Strafford County, Hassan joins fed push for more spending (Union Leader) Four weeks after a cyberattack, Strafford County Commission Chairman George Maglaras says the lingering damage caused by the computer virus is serious.

Litigation, Investigation, and Law Enforcement

Will Capital One be held accountable for data breach? In Canada, probably not (Financial Post) Our ‘toothless’ enforcement system is unlikely to levy any large penalties. Rather, individuals will have to fight through civil suits

Republicans launch inquiry into data breaches (Financial Times) House panel requests briefings with Capital One and Amazon over nature of information stolen

FTC Antitrust Probe of Facebook Scrutinizes Its Acquisitions (Wall Street Journal) The Federal Trade Commission is examining Facebook’s acquisitions as part of its antitrust investigation into the social-media giant—to determine if they were part of a campaign to snap up potential rivals before they could become a threat, according to people familiar with the matter.

Fed Examined Amazon’s Cloud in New Scrutiny for Tech (Wall Street Journal) The visit to an Amazon facility in Virginia is a first for federal banking regulators.

Perspective | Don’t count on a big cash payout from Equifax. But still get the free credit monitoring. It’s far more valuable. (Washington Post) So many consumers want the $125 cash offer in lieu of free credit monitoring that many won't get much money.

NY Set to Recoup $1.3 Million in Settlement With Cisco Systems in Cybersecurity Whistleblower Case (New York Law Journal) The $6 million settlement, of which New York will receive $1.3 million, was part of a larger $8.6 million settlement announced by attorneys for the whistleblower Wednesday.

Whistleblower Vindicated in Cisco Cybersecurity Case (Voice of America) A computer security expert who has won a trailblazing  payout in a whistleblower lawsuit over critical security flaws he found in October 2008 in Cisco Systems Inc. video surveillance software thought his discovery would be a career-boosting milestone. James Glenn imagined at the time that Cisco would credit him on its website. The software was, after all, used at major U.S.

YouTube Tweaked Algorithm to Appease FTC But Creators are Worried (Bloomberg) A software update that came in July, without explanation, was designed to promote “quality” children’s videos

Google will pause listening to EU voice recordings while regulators investigate (The Verge) Germany’s data protection commissioner is investigating

Facebook says it was 'not our role' to remove fake news during Australian election (the Guardian) Facebook executive Simon Milner says company ‘only removes content that violates our community standards’

Cops Are Giving Amazon's Ring Your Real-Time 911 Caller Data (Gizmodo) Amazon-owned home security company Ring is pursuing contracts with police departments that would grant it direct access to real-time emergency dispatch data, Gizmodo has learned.

You'll Get Your Equifax Money. It Just Might Take a While (Wired) Despite the FTC pushing people away from an Equifax cash payout, there's a good chance you'll get all $125. Eventually.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

SINET Canada (Toronto, Ontario, Canada, September 12, 2019) SINET Canada's theme this year is "accelerating innovation clusters." The conference follows SINET's proven approach: a rich yet intimate conference where participants from industry and government can...

The Risk Institute's 6th Annual Conference: Emerging Technologies (Columbus, Ohio, USA, September 26, 2019) The Risk Institute at The Ohio State University Fisher College of Business, a leading risk-management research organization, will host its Sixth Annual Conference, focused this year on Emerging TechnologiesThe...

SINET Showcase (Washington, DC, USA, November 6 - 7, 2019) SINET Showcase provides a platform to identify and highlight “best-of-class” security companies that are addressing the most pressing needs and requirements in Cybersecurity. Each year, SINET evaluates...

SINET: Global Cybersecurity Innovation Summit (London, England, UK, January 30, 2020) Advancing global collaboration and innovation, SINET convenes a summit of international cybersecurity leaders at the British Museum. The conference will bring together innovators, investors, researchers,...

Upcoming Events

Sacramento Cybersecurity Conference (Sacramento, California, USA, August 8, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...

Wicked6 Cyber Games (Las Vegas, Nevada, USA, August 8, 2019) On August 8, 2019, six elite collegiate cyber teams go head-to-head in the thrilling environment of a Las Vegas esports arena. They’ll battle it out as they search for and defeat the foe, all while an...

Hack the Sea (Las Vegas, Nevada, USA, August 8 - 11, 2019) Hack The Sea is a three day mini-conference that will be held in the villages of DEF CON 27. Hack The Sea will provide a variety of hands-on, collaborative learning experiences ranging from mini-workshops...

DEF CON 27 (Las Vegas, Nevada, USA, August 8 - 11, 2019) DEF CON is a hacker convention which takes place immediately following Black Hat in Las Vegas every year.

Insider Threat Mitigation Boot Camp Training (Las Vegas, Nevada, USA, August 9, 2019) The Insider Threat Defense Group will hold our highly sought Insider Threat Mitigation Training, in Las Vegas, Nevada, at the Tropicana Las Vegas Casino Hotel. This comprehensive one-day training will...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.