skip navigation

More signal. Less noise.

Get your copy of the definitive guide to threat intelligence.

We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.

Daily briefing.

The CyberWire's 6th annual Women in Cybersecurity Reception will be here in October.

Our 6th Annual Women in Cybersecurity Reception takes place October 24 at the International Spy Museum's new facility at L'Enfant Plaza in Washington, DC. The Women in Cybersecurity Reception highlights and celebrates the value and successes of women in the cybersecurity industry. The event focuses on networking, and it brings together leaders from the private sector, academia and government from across the region, and women at varying points in their careers. It's not a marketing event; it's just about creating connections. If you're interested in getting an invitation to this year's event, tell us a little bit about yourself and request one here. A very limited number of sponsorship opportunities remain, so please let us know if you're interested in one of those, too.

Twitter has identified and suspended 936 accounts it determined to be engaging in coordinated activity to discredit the ongoing protests in Hong Kong. China blocks Twitter, so the accounts either used VPNs or specially unblocked IP addresses on the mainland. Crediting Twitter with having tipped it off, Facebook followed suit, and terminated seven pages, three groups, and five accounts engaged in the same campaign of coordinated inauthenticity designed to mislead and misdirect protesters in Hong Kong. Facebook is also blocked in China. As the Wall Street Journal notes, the fact that many of the social media accounts involved were operating unblocked from the mainland strongly suggests that they were operating on behalf of the Chinese government.

Twitter also changed its advertising policy in a gesture toward cracking down on government-run influence campaigns. Henceforth the company will no longer sell advertising to state-sponsored media. Those media will continue to be able to tweet, just not buy ads. It seems likely that more state control will become covert and deniable.

Cisco Talos discovered and helped remediate eight vulnerabilities in Google's Nest Cam IQ Indoor camera. The issues could have been exploited to commit denial-of-service attacks, code execution, and information theft.

Researchers at vpnMentor report that they've found that the niche adult site, "Luscious," is leaky. That is, it exposes data on the roughly one-million registered users that include usernames, personal email addresses, activity logs, country of residence, and gender.

Lawfare has published an appeal for public engagement with the Cyberspace Solarium Commission.

Notes.

Today's issue includes events affecting China, France, Greece, India, Pakistan, Russia, United Arab Emirates, United States.

Bring your own context.

There's been enough litigation to show that insurance companies and their clients don't always agree on when a claim for damages incurred in a cyberattack should be paid. What about war clauses, for example?

"You need to have an understanding of at least one of the outcomes you need in order for them to pay out. But if you look at where they're basically saying the recent breach was an act of war, an act of war is becoming a common tool that insurance companies are using to limit their risk and liability for a breach. You have to assume that there will be collateral damage in any state-sponsored cyberwarfare campaign, right? If you look at the U.S. military, they sort of cordon off or they organize their theaters by coms. There's Northcom, Africom, Southcom. Cybercom is a global command, if that makes sense, right? So while - if you look at the U.S. and the Ukraine, we are - I Googled it - we are 5,687 miles away from the Ukraine. And while you might be 5,000-plus miles away from a conflict, if it's a cyber conflict, in most cases, you are digitally fractions of a second away from that conflict. If you have a public IP address, you are basically in theater. So you have to understand exactly what risks you're going to take in terms of what Get Out of Jail Free cards are there for the insurance company.... You have to understand what are the things that could nullify your policy, right? And you need to understand that we live in this world where if it's a digital conflict, if you have a public IP address, you are in theater, and you definitely run the risk of collateral damage in the way that physical confrontations don't."

—John Smith, principal sales engineer at ExtraHop, on the CyberWire Daily Podcast, 8.16.19.

Cyber insurance remains a maturing market, and some important actuarial data and risk decisions are still taking shape.

Is your cybersecurity program aligned with your business goals and objectives?

Cybersecurity is a business risk, not an IT problem, and a critical part of business strategy. Security should not be an afterthought. Taking a proactive approach facilitates board-level cyber initiative buy in, supports traction across business units, establishes management alignment for key priorities, and manages data complexity. Let Edwards Performance Solutions better structure and position your cybersecurity program – making it a business asset for continued success.

In today's podcast, out later this afternoon, we speak with our partners at Booz Allen Hamilton, as Michael Sechrist continues his discussion of cities' paying ransom to cyber extortionists. Our guest is John Bennett, General Manager of Identity and Access Management at LogMeIn, and he describes the growing cyber threats to small and medium businesses.

Cyber Warrior Women Summer Social: Sip and Paint (Columbia, MD, United States, August 21, 2019) Join the Cybersecurity Association of Maryland, Inc. (CAMI) for the annual Cyber Warrior Women Summer Social, an all-about-fun-and-networking event! We're adding an artistic element to this year's event with a wine glass painting exercise. No previous art experience required.

Cyber Security Summits: Chicago on August 27 and on September 17 in Charlotte (Chicago, Illinois, United States, August 27, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, Google, IBM, Darktrace, and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Passes are limited, secure yours today: www.CyberSummitUSA.com

Second Annual DataTribe Challenge (Online, October 1, 2019) Register now for a chance to be DataTribe's next world-class company. Finalists will split a $20,000 prize, and the winner may receive $2m in funding from DataTribe. Contestants have until October 1st to apply at www.datatribe.com/challenge­.

Zero Day Con (Washington, DC, USA, October 22, 2019) Zero Day Con hosts a day of expert discussion on security approaches to regain control over your systems, data, and information. Join us to examine insights, security technologies, and key priorities to secure your systems. Get a 30% discount for Labor Day using code LABOR30.

Cyber Attacks, Threats, and Vulnerabilities

Twitter, Facebook Target Accounts Spreading Misinformation on Hong Kong Protests (Wall Street Journal) Twitter took down more than 900 accounts that it said were part of a Chinese government campaign to discredit protesters in Hong Kong by spreading misinformation.

Information operations directed at Hong Kong (Twitter) We are disclosing a significant state-backed information operation focused on the situation in Hong Kong, specifically the protest movement and their calls for political change.

Removing Coordinated Inauthentic Behavior From China (Facebook Newsroom) We removed seven Pages, three Groups and five Facebook accounts as part of a small network that originated in China and focused on Hong Kong.

India sees dramatic rise in cyber attacks post-Kashmir decision: Kaspersky (Express Computer) There has been a rise in cyber attacks on Indian institutions after the abrogation of Article 370 and 35A and the country needs to be extra careful when it comes to the security of websites and critical infrastructure

The Rise of “Bulletproof” Residential Networks (KrebsOnSecurity) Cybercrooks increasingly are anonymizing their malicious traffic by routing it through residential broadband and wireless data connections.

Vulnerabilities in Google Nest Cam IQ can be used to hijack the camera, leak data (ZDNet) The indoor security device was subject to bugs which threatened user privacy.

Vulnerability Spotlight: Multiple bugs in OpenWeave and Nest Labs Nest Cam IQ indoor camera (Cisco Talos) A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group

61 impacted versions of Apache Struts left off security advisories (Naked Security) Researchers found that 24 security advisories inaccurately listed affected versions for the open-source development framework.

Hacker Releases First Public Jailbreak for Up-to-Date iPhones in Years (Vice) Apple accidentally unpatched a vulnerability it had already fixed, making current versions of iOS vulnerable to hackers.

Apple's iOS 12.4 Has a Bug That Enabled a Jailbreak (Digital Trends) It appears iOS 12.4 may not be the safest version of iOS, according to a new report. Apparently, Apple accidentally unpatched a security flaw that was previously fixed in iOS 12.3 -- and the result is that any phone with iOS 12.4 can now be jailbroken. We don't recommend users jailbreak their iPhones.

You Can Jailbreak Your iPhone Again (But Maybe You Shouldn’t) (WIRED) Apple reintroduced a previously fixed bug in iOS 12.4, which has led to a jailbreak revival.

Adult website data leak connected private users to content uploads (ZDNet) An open database provided full access to user emails and the content they uploaded, liked, and shared.

Report: Data Breach in Adult Site Compromises Privacy of All Users (vpnMentor) Led by Noam Rotem and Ran Locar, vpnMentor’s research team discovered a data breach in adult site Luscious. Luscious is a niche pornographic image site ...

Hackers Use Fake NordVPN Website to Deliver Banking Trojan (BleepingComputer) The attackers who previously breached and abused the website of free multimedia editor VSDC to distribute the Win32.Bolik.2 banking Trojan have now switched their tactics.

Vulnerability Summary for the Week of August 12, 2019 (CISA) The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available

Texas Cyber Attack Has Taken 23 Government Agencies Offline (Forbes) The Texas Department of Information Resources (DIR) has confirmed that 23 government agencies have, so far, been taken offline by a ransomware attack over the weekend.

Alarm in Texas as 23 towns hit by 'coordinated' ransomware attack (CNBC) The attacks come after state and local ransomware attacks in New York, Louisiana, Maryland and Florida resulted in the loss of significant sums.

Glenwood schools recovering from cyber attack (KMAland.com) Glenwood's School District starts the new academic year with a major technology-related hangover.

Software bug caused CBP airport system outage (FCW) A computer system outage that led to long passenger lines at international airports across the country on Aug. 19 was caused by a software bug, according to Customs and Border Protection.

Security Patches, Mitigations, and Software Updates

VLC Vulnerabilities Discovered by the Semmle Security Research Team () Semmle’s security research team discovers 11 bugs in VLC, the popular media player. The VLC vulnerability CVE-2019-14438 could potentially allow an attacker to take control of the user’s computer.

Multiple HTTP/2 DoS flaws found by Netflix (Naked Security) Netflix has identified several denial of service (DoS) flaws in HTTP/2, a popular network protocol that underpins large parts of the web. Exploiting them could bring servers grinding to a halt.

Cyber Trends

Top 100 Global Fintech Startups Have Exploitable Security Vulnerability (ValueWalk) 8 main websites and 64 subdomains have at least one publicly disclosed and exploitable security vulnerability of a medium or high-risk.

State of Application Security at Top 100 Global Fintech Startups (Immuniweb) 98 of 100 most prominent and well-funded fintech startups are vulnerable to phishing, web and mobile application security attacks.

Lack of Critical Infrastructure Cybersecurity Investments in Smart Cities Will Seed the Future IoT Vulnerabilities (BusinessWire) Urban population is on the rise worldwide and smart city development projects are harnessing the power of the Internet of Things (IoT) to develop more

FISMA report tells how tools, capabilities, data protecting against cyber attacks | Federal News Network (Federal News Network) In the annual Federal Information Security Management Act (FISMA) report to Congress, which the administration made public on Aug. 16, OMB says the number of cyber incidents dropped by 12%

What Americans Think About Ransomware (Dark Reading) New Harris Poll survey says most will weigh candidates' cybersecurity positions.

Marketplace

Updating our advertising policies on state media (Twitter) Today, we are updating our advertising policies with respect to state media. Going forward, we will not accept advertising from state-controlled news media entities.

Instagram Launches Bug Bounty for Apps that Steal User Data (Vice) On Wednesday, Facebook expanded beyond its bounties for third party apps stealing user data to also apply to Instagram.

Enhancing Instagram Security (Facebook) We know how important it is to have the best talent in the security community helping us keep our apps safe

FTC chairman says Facebook's plan to merge brands may make it... (U.S.) Facebook Inc's plan to integrate Instagram and WhatsApp more closely could ...

How Honeywell is eliminating IT/OT cybersecurity roadblocks (ETCIO.com) Ashish Gaikwad, Managing Director, Honeywell Automation India Limited shares his views on why industrial cybersecurity has to emerge as the frontline ..

Zscaler Stock Plunges On Downgrade, As The Cybersecurity IPO Cools Off (Investor's Business Daily) Zscaler stock plunged on Monday despite a broad rally in technology companies, as reports said OTR Global downgraded the cybersecurity firm to negative.

David Damato Joins Gemini as Chief Security Officer (PR Newswire) Gemini Trust Company, LLC (Gemini), a leading cryptocurrency exchange and custodian, announced today that David Damato...

RiskIQ Taps FireEye Veteran Dean Ćoza to Lead Product, Technology Teams (Yahoo) RiskIQ, the global leader in attack surface management, today announced the appointment of Dean Ćoza to its leadership team as Chief Product Officer. Most recently the Executive Vice President at Absolute Software, Ćoza brings over 20 years of experience leading product and technology teams at industry

Products, Services, and Solutions

101domain Launches MMX & ICM Registry's New AdultBlock Service (Yahoo) Blocks Registrations in .ADULT, .PORN, .SEX and .XXX VISTA, Calif. , Aug. 19, 2019 /PRNewswire/ -- 101domain , the domain registrar known for carrying the largest selection of top-level domains in the ...

IGI Launches Next Generation of Nodeware™  Vulnerability Management Platform (Infinite Group, Inc.) The latest version of Nodeware offers the same powerful vulnerability management technology with the addition of an industry-leading scanning engine and other improved functions     PITTSFORD, N.Y., August 14, 2019 —  IGI (OT

BAE Systems Raises the Bar for Multi-Domain Cybersecurity with XTS Guard 7 (Yahoo) BAE Systems has launched its next-generation XTS® Guard 7, which provides U.S. intelligence organizations with secure access to geospatial imagery and data through multi-directional transfer of different data types across classified and unclassified domains.

Law In Order uses Darktrace AI platform for ‘sensitive’ document protection (ITWire) Australian and Asian legal document and digital solutions provider Law In Order is using security firm Darktrace’s cyber AI platform to protect sensitive client information.

Technologies, Techniques, and Standards

5G may increase cybersecurity risks in the near term: Darktrace (CNBC) Nicole Eagan, co-CEO of Darktrace, discusses the use of artificial intelligence in cybersecurity. She also says the world needs to be prepared to deal with cyber attacks having physical consequences.

Securing Maritime Assets Demands a New Approach (All About Shipping) At this moment, cyber-attacks threaten thousands of vulnerable cargo ships, which carry billions of dollars’ worth of goods.

Control system cyber incident hunting – input for a playbook on control system cyber incident investigations (Control Global) It is important to train engineers and IT/OT and expand the scope from network threat hunting to include ICS incident hunting. Perhaps we as an industry could collaborate on this important, but missing, task.

Big Data On The Army Front Line: DCGS-A Upgraded (Breaking Defense) The Army is upgrading its intelligence system to give forward commanders full access to the cloud -- and work when the enemy takes the network down.

Design and Innovation

Can government hasten requirements to meet cyber challenges? (C4ISRNET) C4ISRNET sat down with Todd Hicks, Leonardo DRS’ chief technology officer to discuss the challenges in the cyber domain, and how industry is working to combat them.

4 big problems the intelligence community faces moving to a new data system (C4ISRNET) The Defense Intelligence Agency wants to move quickly in developing the Machine-assisted Analytic Rapid-repository System, but the massive project which will transform how the intelligence community uses data faces some hard problems.

DIA chief: Take ‘proprietary’ out of your vocabulary (C4ISRNET) Defense Intelligence Agency Director Lt. Gen. Robert Ashley said one of the biggest problems his agency faces is interoperability.

Peter Cochrane: AI and the emergent properties of good, bad and evil (Computing) Forget Asimov's 'Three Laws of Robotics', robots will almost certainly go off the rails at some point in the future - but they still won't be as bad as human beings.

Research and Development

MIPT and HUAWEI started cooperation in the field of artificial intelligence (Eurekalert) Russia's Center for Artificial Intelligence (AI) Research under the National Technology Initiative based on MIPT and Huawei agreed to cooperate.

The quantum revolution is coming, and Chinese scientists are at the forefront (Washington Post) A Shanghai conference reveals the extent of the Chinese research commitment to a field with big economic and military applications.

Academia

GV creates new biomedical & cybernetic engineering degrees (Grand Valley Lanthorn) Grand Valley State University works hard to be an adaptive and advancing school, often creating new degrees to satisfy a changing job market and economy. As both of these things change, GVSU has created news degrees in biomedical science like Biomedical Engineering with electrical emphasis, which is for students who will apply the fundamentals of...

UWF Center for Cybersecurity launches Cybersecurity for All program to enhance workforce development - University of West Florida Newsroom (University of West Florida Newsroom) The University of West Florida Center for Cybersecurity is launching the Cybersecurity for All® program, an innovative program to enhance readiness for evolving cybersecurity work roles and address the critical shortage of cybersecurity professionals. Courses and advanced certificates will be available for organizations and individuals starting in September. Cybersecurity job openings top 13,000 in Florida …

DarkMatter and Khalifa University launch new research award (Intelligent CIO Middle East) DarkMatter Group, a leading digital and cyber transformation firm, and Khalifa University of Science and Technology, have announced the launch of a US$1.5 million Cyber Security Research Award (CRA).

Legislation, Policy, and Regulation

Afghanistan vows to crush Islamic State havens after attack (Military Times) President Ashraf Ghani's comments came as Afghanistan mourns at least 63 people, including children, killed in the Kabul bombing at a wedding hall late Saturday night.

A look at the Islamic State affiliate’s rise in Afghanistan (Military Times) A suicide bombing at a wedding party in Kabul claimed by a local Islamic State affiliate has renewed fears about the growing threat posed by its thousands of fighters, as well as their ability to plot global attacks from a stronghold in the forbidding mountains of northeastern Afghanistan.

Putin tells Macron: ‘I don’t want yellow vests in Russia’ (Times) President Putin raised France’s yellow-vest protest movement to deflect a lecture on democracy from his French host and said that Moscow would never tolerate such demonstrations. The Russian leader...

As US, China fight trade war, Greece opens up to Huawei's 5G ambitions (ZDNet) Despite some countries' reservations about Huawei, Greece is busy running 5G projects with the Chinese giant.

US Commerce Department adds 46 Huawei affiliates to entity list (TechCrunch) Update: Huawei has responded to the DoC’s move, We oppose the US Commerce Department’s decision to add another 46 Huawei affiliates to the Entity List. It’s clear that this decision, made at this particular time, is politically motivated and has nothing to do with national securit…

Trump says he doesn't want to do business with Huawei due to 'national security threat' (CNET) Despite this, the Commerce Department is apparently extending its reprieve allowing Huawei to do business with US companies.

Analysis | The Cybersecurity 202: Huawei uncertainty continues with three-month ban extension (Washington Post) It’s still not clear if Trump will jettison the ban as part of a trade deal with Beijing.

Announcing the Cyberspace Solarium Commission (Lawfare) A new team is developing strategies to tackle threats from cyberspace—and it wants your ideas.

Getting the Drop in Cyberspace (Lawfare) The idea that the best defense is a good offense is a risky proposition—and there is little evidence that it is actually true.

Cyber Command changed its approach. Is the difference noticeable? (Fifth Domain) Industry representatives in the threat intelligence space said it is too early to tell if Cyber Command's new assertive approach is having a direct effect on cyberspace.

Navy Moving Ahead to Create Special Cyber Office - USNI News (USNI News) The Navy Department will soon create a new office led by a special assistant to the secretary who will have sweeping authority to integrate and manage the critical areas of information management and security, aided by four deputies responsible for buying the right technology, determining strategies to better handle digital information and …

Navy Wrestles With Cyber Policy As China and Iran Hack Away (Breaking Defense) "We’re spending a lot of money in this area right now, but we don’t understand where we’re spending it” says Navy undersecretary Thomas Modly.

Litigation, Investigation, and Law Enforcement

States to Move Forward With Antitrust Probe of Big Tech Firms (Wall Street Journal) A group of state attorneys general is preparing to move forward with a joint antitrust investigation of big technology companies, according to people familiar with the situation, adding another layer of scrutiny to an industry already under a federal spotlight.

Did Facebook know about “View As” bug before 2018 breach? (Naked Security) Even though Facebook protected employees, it failed to fix the vulnerability or to protect most users, a court filing charges.

Trump alleges Google manipulated voters against him (TheHill) President Trump alleged Monday that Google manipulated millions of voters into supporting former Secretary of State Hillary Clinton in the 2016 election, saying the company “should be sued” in his latest attack

Did SEAL Team 6 commit unlawful command influence in catfishing case? (Navy Times) Called the “mortal enemy of military justice,” UCI occurs when superiors utter words or take actions that improperly influence the outcome of court-martial cases, jeopardize the appellate process or undermine the public’s confidence in the armed forces by appearing to tip the scales of justice.

YouTube sues alleged copyright troll over extortion of multiple YouTubers (The Verge) Minecraft and gaming creators were allegedly affected.

Investigating cyber-security at U.S. Central Command (FOX13news) While the college admissions scandal exposed students getting undue help on their exams, FOX 13 started hearing and investigating claims of a different kind of cheating in one of the most sensitive parts of our government. 

Fake Cop Allegedly Tricked Phone Companies Into Giving Him People’s Location Data (The Daily Beast) Bail bondsman Matthew Marre is accused of impersonating a law enforcement officer who claimed people were in danger of killing themselves—and Verizon and T-Mobile believed him.

Russian Man Who Tried to Burn Down Offices of Internet Regulator Reportedly Gets Probation (Gizmodo) Earlier this month, a court in Russia’s Ulyanovsk Region sentenced a man to one and a half years’ probation after he reportedly tried not one, not two, but three times to burn down the regional offices of national internet regulator Roskomnadzor, with Interfax reporting (via TorrentFreak) that one local said he had done so to seek revenge over blocking of piracy sites.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

SecureWorld Bay Area (Santa Clara, California, USA, August 21, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...

Pittsburgh Cybersecurity Conference (Pittsburgh, Pennsylvania, USA, August 22, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...

Industrial Control Systems Joint Working Group (ICSJWG) Fall Meeting (Springfield, Massachusetts, USA, August 27 - 29, 2019) The Cybersecurity and Infrastructure Security Agency (CISA) hosts the Industrial Control Systems Joint Working Group (ICSJWG) to facilitate information sharing and reduce the risk to the nation’s industrial...

Integrate (Melbourne, Victoria, Australia, August 27 - 29, 2019) Get ready to think beyond and lose yourself in the technology of tomorrow at Integrate 2019. Integrate is Australia's leading event dedicated to helping businesses harness the power of AV technology to...

Washington DC Cybersecurity Conference (Washington, DC, USA, August 29, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.