skip navigation

More signal. Less noise.

AT&T Cybersecurity Insights Report: Security at the Speed of 5G

AT&T Cybersecurity teamed up with 451 Research to survey organizations on their 5G security plans. Download today and see organizations’ 5G cybersecurity preparedness responses followed by gap analysis on what’s possibly being overlooked plus recommendations for strengthening 5G security efforts.

Daily briefing.

France's national cyber authority ANSSI (Agence nationale de la sécurité des systèmes d'information) hasn't ruled out "neutralizing" the threat actors responsible for the November 15th ransomware attack on a major Rouen medical center, Bloomberg reports. ANSSI has authorities and capabilities regular law enforcement agencies lack. The attack has been widely attributed to the Russian gang TA505.

Reuters notes that Facebook, in the first "correction notice" of its kind, has marked a user's post with “Facebook is legally required to tell you that the Singapore government says this post has false information.”

MixCloud, the widely used music-streaming service, confirmed over the weekend that it had been breached, with information on some twenty-one-million users apparently for sale in a dark web souk. ZDNet reports that the data include "usernames, email addresses, hashed password strings, users' country of origin, registration dates, last login dates, and IP addresses." MixCLoud emphasized in its disclosure that it does not store full paycard information.

Much advice is circulating about the threats lurking in holiday shopping. USAToday offers a rogues' gallery of potentially backdoored consumer electronics, and ESET reviews safety advice for online shoppers: be wary of gift cards and special offers received by email. Electronic greeting cards are also being used as malware vectors—Bleeping Computer describes one ongoing Thanksgiving-themed campaign. And "Grinchbots" are said, by NBC News, to be scalping the best online deals. It's an international problem: Computing says that about seven-thousand victims of Cyber Monday credit card fraud are expected in the UK alone.

Notes.

Today's issue includes events affecting Australia, Azerbaijan, Brazil, China, European Union, France, Germany, India, Iran, Kazakhstan, Netherlands, Panama, Russia, Singapore, Ukraine, United Kingdom, United States.

Bring your own context.

It can be easy to focus on national cyber resilience at the expense of paying attention to state, provincial, or local resilience. Shall we consider the case of Rhode Island, the smallest (in area) of the fifty US states?

"Yes. So the Rhode Island State Police has a very capable computer crime unit that responds and investigates cybersecurity incidents and help companies and organizations defend from cyber threats as much as they can. A few years back, they also established a joint cyber task force. This taskforce brings together members of the Rhode Island State Police crime unit that I just mentioned with individuals representing higher education, hospital, finance, utility, defense, the Rhode Island National Guard. And we provide a forum, similarly to what we do at the Pell Center, to share information, provide analysis and update on cyber threats. But it's also a way for the organization to meet the first responders, the law enforcement officials that would be coming in if there was a major incident. The group also oversees educational initiatives, tabletop exercises. They have a great cyber range. So there is a lot of different ways for the community to engage through this joint cyber task force."

—Francesca Spidalieri, cybersecurity consultant at Hathaway Global Strategies and senior fellow of cyber leadership in the Pell Center at Salve Regina University, on the CyberWire Daily Podcast, 11.27.19.

In some respects, resilience, like politics, is local.

Without proper context, cyber threat intelligence is useless.

The appearance of new threats and security challenges requires effective tools for their timely identification and in-depth analysis. Without proper contextualization, intelligence is completely useless. Context™ – Cyber Threat Intelligence Platform for enterprises and government agencies delivers cyber threat intelligence harvested from millions of data points from the Deep and Dark Web, combined with data science for objective and actionable insights.

In today's Daily Podcast, out later this afternoon, we speak with our partners at the Johns Hopkins University's Information Security Institute, as Joe Carrigan discusses victim blaming. 

And we have two CyberWire Special Edition Podcasts up as well, both interviews with authors. In the first, we speak with John Maeda, graphic designer, visual artist, and computer scientist, former President of the Rhode Island School of Design, and founder of the SIMPLICITY Consortium at the MIT Media Lab. His newly released book is How to Speak Machine: Computational Thinking for the Rest of Us. In the second, we offer an extended conversation with Peter W. Singer, author of LikeWar: the Weaponization of Social Media.

NXTWORK 2019 EMEA (London, United Kingdom, December 3 - 4, 2019) Join us at NXTWORK 2019 in London to learn, share, and collaborate with GameChangers from companies across the networking industry. This year’s event features keynotes from Juniper executives, breakout sessions, as well as various opportunities for certification testing and training.

CyberMaryland Job Fair, December 5, Baltimore. Visit ClearedJobs.Net or CyberSecJobs.com for details. (Baltimore, Maryland, United States, December 5, 2019) Cleared and non-cleared cybersecurity pros make your next career move at the free CyberMaryland Job Fair, December 5 in Baltimore. Meet face-to-face with leading cyber employers. Visit our site for more details.

CS4CA MENA returns to Dubai on 20th – 21st January 2020. Visit mena.cs4ca.com for details. (, January 20 - 21, 2020) #CS4CA MENA returns to Dubai on 20th – 21st January 2020 for an intimate and exclusive platform promoting in-depth cybersecurity knowledge and collaboration among IT & OT leaders from MENA’s Oil & Gas, Utilities, Chemicals, Aviation, Transport, Manufacturing industries.

Cyber Attacks, Threats, and Vulnerabilities

Dutch Govt Warns of 3 Ransomware Infecting 1,800 Businesses (BleepingComputer) A confidential report from the National Cyber Security Centre (NCSC) in the Netherlands informs that at least 1,800 companies are affected by ransomware across the world.

Cyber attack targets UK’s nuclear industry (The Telegraph) GCHQ cyber experts have been called in after a digital attack on a major player in Britain’s nuclear power ­industry triggered a security crisis.

RevengeHotels: cybercrime targeting hotel front desks worldwide (SecureList) RevengeHotels is a targeted cybercrime malware campaign against hotels, hostels, hospitality and tourism companies, mainly, but not exclusively, located in Brazil.

Data of 21 million Mixcloud users put up for sale on the dark web (ZDNet) Emails, usernames, and strong-hashed passwords sold for $2,000.

Mixcloud Investigating Alleged Data Breach Impacting 21 Million Users (Vice) Mixcloud is investigating data for sale on the dark web after Motherboard alerted the company of the issue.

Advanced Hacking Groups Keep Showing Up, Old Ones Evolve (BleepingComputer) Advancements in the threat landscape are clear from one year to another. Since last year, security researchers have seen new adversaries along with methods of compromise and more overt cyberattacks.

HPE warns of impending SSD disk doom (Naked Security) The company has revealed that many of its SSDs are set to permanently fail by default after 32,768 hours of operation.

Crypto Exchange Upbit Confirms Theft of $49M in Ether (CoinDesk) 342,000 ether have been taken from the wallets of South Korean crypto exchange Upbit, the firm's CEO says.

Ryuk Ransomware Forces Prosegur Security Firm to Shut Down Network (BleepingComputer) In a statement at midday today (local time), Spanish multinational security company Prosegur announced that it was the victim of a cybersecurity incident disrupting its telecommunication platform.

Security Firm Prosegur Hit By Ryuk Ransomware (GovInfo Security) Global security company Prosegur has blamed Ryuk ransomware for a service disruption that started Wednesday, which may have hampered networked alarms. Prosegur

Palo Alto Networks hit by data leak (TechRadar) Third-party vendor leaked employees' personal information online

New Chrome Password Stealer Sends Stolen Data to a MongoDB Database (BleepingComputer) A new trojan has been discovered that attempts to steal passwords stored in the Google Chrome browser. While this is nothing unique, what stands out is that the malware uses a remote MongoDB database to store the stolen passwords.

Magento Marketplace suffers data breach exposing confidential details of users (Computing) Magento's platform has been targeted in the past by Magecart scammers, but it claims its core products and services were not exposed in this latest incident

Adobe Magento Marketplace Exposed User Info in Data Breach (BleepingComputer) Magento Marketplace users were informed this week that a vulnerability allowed an unauthorized third party to gain access to some account information.

Fake Steam Skin Giveaway Site Steals your Login Credentials (BleepingComputer) A fake Steam skin giveaway site has been created that states it gives away news skins every day, but in reality it just steals your login credentials.

Hackers have reportedly figured out how to reactivate people's canceled Netflix accounts and start charging them again for monthly subscriptions (Business Insider) The hacks were reportedly enabled by the fact that Netflix stores customer data for 10 months after someone cancels an account.

Netflix account freeze – don’t click, it’s a scam! (Naked Security) The telltale signs are all there… but if you’re in a hurry, this Netflix scam passes the “visual appeal” test.

Google caught a Russian state hacker crew uploading badness to the Play Store (Register) Adtech firm also sent 12k phishing warnings to users of its services

5 scams to watch out for this shopping season (WeLiveSecurity) Black Friday and Cyber Monday are just around the corner and scammers are gearing up to flood you with bogus offers. Here are some of the most common types of shopping scams you should watch out for.

Beware of Thanksgiving eCard Emails Distributing Malware (BleepingComputer) With Thanksgiving being celebrated in the United States, malware distributors are sending out holiday themed emails to distribute the Emotet Trojan and other malware.

'Grinch bots' are here to ruin your holiday shopping (NBC News) Didn't catch that hot item online? That may be because you're competing with bots programmed to sweep up the best deals.

These holiday scams are heavy on naughty, totally lacking in nice (SentinelSource.com) It’s the most wonderful time of the year. But for consumers, it’s also the most dangerous.

New Ransomware Targets Removable And Attached Drives (neoRhino IT Solutions) There's a new and unusual ransomware strain making the rounds that you should be aware of. Called 'AnteFrigus,' it is primarily distributed via 'malvertising' that redirects users to the RIG exploit kit. One of the most unusual features of this...

Kids’ smartwatch security tracker can be hacked by anyone (Naked Security) For researchers at testing outfit AV-Test, the SMA M2 kids’ smartwatch is just the tip of an iceberg of terrible security.

Beware gifts bearing 'backdoors' and other security vulnerabilities this holiday season (USA TODAY) Don't be fooled by the discounts these companies offer. The cost to your privacy could be much greater than you bargained for.

Cyber-fraudsters increasingly collecting users’ selfies and IDs (Planet Biometrics News) In the third quarter of 2019, Kaspersky experts have detected a surge in fraud related to the stealing of personal and confidential documents through photos and selfies (often required for registration or identification purposes). In phishing emails, seemingly from payment systems and banks, users were asked under various pretexts to confirm their identity by going to a special page and uploading a selfie alongside a photo of the ID document.

Webroot: Don't be a security scrooge this holiday season (KGUN) The holiday season brings travel, giving back, shopping for our friends and family, and preparing for the New Year. But with all the holiday cheer, we may find ourselves becoming less cautious, especially when it comes to online safety

Facebook and Instagram back up after big Thanksgiving outages (The Verge) Good luck sharing Thanksgiving photos today

Facebook Says Outages Have Been Resolved (Wall Street Journal) Facebook said it identified the cause of a widespread outage of its Facebook, Messenger and Instagram platforms and had started restoring full access to affected users.

Cybersecurity: The web has a padlock problem - and your internet safety is at risk (ZDNet) We've been taught to look out for that little padlock to ensure a website is secure. But it's dangerous to rely on just one detail.

It’s Way Too Easy to Get a .gov Domain Name (KrebsOnSecurity) Many readers probably believe they can trust links and emails coming from U.S. federal government domain names, or else assume there are at least more stringent verification requirements involved in obtaining a .gov domain versus a commercial one ending in .com or .org.

Hacker’s paradise: Louisiana’s ransomware disaster far from over (National Cyber Security) Louisiana has brought some of its services back as it recovers from a targeted ransomware attack using the Ryuk malware on November 18.

Analysis: Louisiana cyberattack disrupts, but not worst-case (Shreveport Times) The cyberattack on state government offices was nowhere near the worst-case scenario.

Report: Millions of Americans at Risk After Huge Data and SMS Leak (vpnMentor) Introduction Led by Noam Rotem and Ran Locar, vpnMentor’s research team discovered a breached database belonging to the American communications company,

New phone scam targets businesses (Johnson City Press) Someone with a new phone scam has area businesses in its sights by trying to convince an employee their boss is stealing from the establishment. “Businesses have received calls –

Oyster card accounts locked with users asked to reset passwords (Computing) TfL acts for a second time following August security breach - again blaming the risk of credential stuffing

How SA came under sustained attack from hackers (Gadget) South Africa’s financial services sector experiences single longest running attack globally, according to new Mimecast report

Nearly half of Aussies can’t identify fake NAB website - survey (Security Brief) Phishing continues to be one of the leading attack methods because it allows cybercriminals to target people at scale using social engineering.

Phishing emails are still managing to catch everyone out (ZDNet) While the move to cloud computing is boosting security for some parts of the business, basic mistakes are still giving hackers a foot in the door.

A Pennsylvania County’s Election Day Nightmare Underscores Voting Machine Concerns (New York Times) How “everything went wrong” in Northampton County.

Analysis | The Cybersecurity 202: Pennsylvania voting debacle gives ammunition to paper ballot push (Washington Post) An apparent software glitch led to a hugely incorrect vote count.

Ohio Election Day cyber attack attempt traced to Panama (The Repository) Ohio Secretary of State Frank LaRose said that the “SQL injection” attack was detected by the state’s internal systems. He called the

Russian firm's attempt to hack Ohio voting systems thwarted (TheHill) State election officials said Ohio detected and stopped an election-related cyberattack earlier this month, The Associated Press reported.

Most 2020 candidates are still at risk of DNC-style attacks (TechCrunch) Only seven out of 21 candidates are using a basic email security feature that helps prevent targeted phishing attacks.

Rudy Giuliani’s security company gets an “F” for website security (Quartz) The president's cybersecurity adviser doesn't maintain even the most rudimentary security protocols.

Ransomware Locks Medical Records at Great Plains Health (BleepingComputer) Great Plains Health medical center is recovering from a ransomware incident that hit its computer network at the beginning of the week and forced switching to pen and paper to maintain activity.

“No indication” data lost during cyber attack on James Fisher and Son (The Mail) Cumbrian marine services firm James Fisher and Sons has said there is no indication that personal or commercially sensitive data was lost during a…

The worst cyber attack in DoD history came from a USB drive found in a parking lot (We Are The Mighty) The NSA and DoD quickly determined the cause of the infection, and banned thumb drives as a response. They then collected thousands of thumb drives from officers and other troops in the field, finding they were all infected with the worm as well. Reports of new infections to the network didn't slow ...

Cyber Trends

Top 25 Most Dangerous Vulnerabilities Refreshed After 8 Years (BleepingComputer) For the first time in eight years, the list with the most dangerous 25 software vulnerabilities received an update that promises to be relevant for current times.

Group-IB annual report on trends and forecasts in cyberthreat landscape (Group-IB) Strategic intelligence data on state-sponsored groups, industry-specific cyberthreats, targeted attacks on banks and banking clients

Most businesses have yet to allocate a CCPA compliance budget (Help Net Security) Only 15% of organizations report having a mature approach to data privacy, 59% have yet to allocate a CCPA compliance budget.

The $6 Trillion Problem The Energy Industry Is Ignoring (OilPrice.com) The $6 Trillion Problem The Energy Industry Is Ignoring

A decade of hacking: The most notable cyber-security events of the 2010s (ZDNet) ZDNet takes a look over the most important data breaches, cyber-attacks, and malware strains of the last decade.

Marketplace

Cyber-security M&A - a victim of nationalism and macroeconomics? (SC Magazine) Governments working to close the shutters on possible routes into their country's national security infrastructure have begun to vet M&A or other corporate transactions entailing investing in technology.

Palo Alto Networks brings its cyber startup acquisitions together in Prisma Cloud (SiliconANGLE) Palo Alto Networks brings its cyber startup acquisitions together in Prisma Cloud - SiliconANGLE

Palo Alto Adds to Cloud Security Suite With Aporeto (Channelnomics) Company building out Prisma portfolio through acquisitions

SecuLetter Attracts a USD 6 Million Series B Funding (PR Newswire) SecuLetter, a member company of the Born2Global Centre, has attracted a USD 6 million series B investment, and received corporate valuation of...

The fall and rise of a spyware empire (MIT Technology Review) Human rights abuse and a decimated reputation killed Hacking Team. The new owners want to rebuild.

Huawei CEO Speaks Out About US Ban (Pandaily) In an interview with CNN, Ren Zhengfei decided to break the silence and address the issue implying that the the US has treated Huawei unfairly.

Exclusive: China's ByteDance moves to ringfence its TikTok app amid U.S. probe - sources (Reuters) ByteDance has stepped up efforts to separate its social media app TikTok from mu...

An update on recent content and account questions (Newsroom | TikTok) By Eric Han, Head of Safety, TikTok USThere has been significant interest and confusion regarding a user's two TikTok accounts and her viral video talking about the Uighur community in China. In this

Facebook Ruined Democracy, Says Palo Alto’s Nir Zuk (CTECH) In the race between two of the world’s most dominant cybersecurity companies, Palo Alto may have pulled ahead, but Check Point still looms in the rear view mirror

Tech’s Pioneers Have Been Left Behind. Their Stocks Are Cheap—and Complicated. (Barron's) As Xerox makes a daring bid for HP Inc., old-line tech struggles for relevance. Weighing the future of tech pioneers like Cisco, IBM, Intel, and Oracle.

Palo Alto Networks' Cybersecurity Transformation Is Yielding Results (The Motley Fool) And it made its eighth acquisition in two years.

Proofpoint Augments DLP Capabilities With ObserveIT Buyout (Yahoo) Proofpoint (PFPT) acquires ObserveIT's technologies to allow enterprises monitor user activity with sensitive data, identify the location of the activity and rectify the risk.

Can Zscaler Still Scale Up in Q3? (The Motley Fool) The leading cybersecurity outfit still has a lot of potential, though investors have to pay up for a piece of the action.

3 Reasons This Stock Is a Top Cybersecurity Pick (The Motley Fool) The improvement in key metrics and steps to boost growth make this cybersecurity stock a long-term pick.

Ottawa’s AI ethics test didn’t consider Palantir’s controversial work with U.S. law enforcement (The Logic) Civil rights groups have criticized the company’s contracts with immigration authorities and police forces

ExtraHop : Honored as One of Washington‘s Best Companies to Work For by Seattle Business Magazine (Hoback Herald) ExtraHop®, provider of enterprise cyber analytics from the inside out, announced today it has been honored as one of Washington’s best companies to

Crypto Needs Journalists More Than It Wants to Admit (Fortune) A battle between a huge crypto exchange and a tiny news startup highlights one of crypto's biggest problems - its distaste for facts.

Can industry help Homeland Security develop its cyber workforce? (Fifth Domain) DHS seeks input from industry on several project objectives for its forthcoming cybersecurity talent management system.

Twitter says it won’t delete tweets from those who have died (Naked Security) It “was a miss on our part”, Twitter said.

Twitter pauses plan to delete inactive accounts (Axios) The move comes amid concerns it would delete accounts from those who had died.

Five cybersecurity certifications that provide value to employers (Help Net Security) Wondering about cybersecurity certifications value? Here are a few guiding thoughts on how you should be thinking about professional certifications.

ICIT Honors Dr. Ron Ross (NIST) and Suzette Kent (OMB) at 2019 ICIT Gala & Benefit (Yahoo) ICIT (Institute for Critical Infrastructure Technology) honored Dr. Ron Ross (Fellow, NIST) and Suzette Kent (Federal CIO, Office of Management and Budget) as its 2019 Pioneer and 2019 Pinnacle Award Recipient respectively. The honorees were recognized at the 2019 ICIT Gala & Benefit held Nov 7, 2019

Party like a spy: Spookstock is intel world's hush-hush bash (Star Tribune) Sometime earlier this year, one of the most elite social events in Washington took place, but without any fanfare or news coverage.

American cybersecurity business to expand Manchester operations (Prolific North) Global cybersecurity consultancy, Coalfire, is investing in a 5,500sq ft office space in City Tower.

Channel veteran Nigel Spence joins Check Point (ARN) Long-time channel manager Nigel Spence has joined cyber security vendor Check Point to oversee its cloud partnerships.

Meet the Briton helping Silicon Valley scour the dark web for ‘multi-billion dollar’ crimes (The Telegraph) Homegrown Tech Talent:

FTI Consulting Expands Global Cybersecurity Practice with Two Senior Managing Director Appointments (Benzinga) FTI Consulting, Inc. (NYSE:FCN) today announced the continued expansion of its Cybersecurity practice with the appointment of two...

Products, Services, and Solutions

"World’s first" secure IoT beacon device launched (The Internet Of All Things) The IoT Security Beacon embeds the Bluetooth 5 RSL10 System-in-Package (RSL10 SIP) from ON Semiconductor.

Trend Micro launches Cloud One to meet strategic cloud priorities (Channel World) Cloud One allows developers to rapidly build applications using the cloud services they want while managing their organization’s risk. 

Westpac hires IBM to probe its AUSTRAC debacle (iTnews) Big Blue's Promontory retained to rake over regulatory scandal.

GitGuardian, the security startup hunting down online secrets to keep companies safe from hackers (Cloud Pro) More than 3,000 company credentials unwittingly end up online everyday. GitGuardian helps firms plug these leaks

Endace and Athena Dynamics partner to expand cybersecurity and network monitoring market (Help Net Security) Endace, a world leader in high-speed network recording, playback and analytics hosting, has announced a partnership with Athena Dynamics in Singapore.

Technologies, Techniques, and Standards

Enterprise neglect leaves Black Friday cybersecurity responsibility to customers (CIO Dive) Cybercriminals feed on shoppers with weak personal cyber hygiene. Have companies done enough to protect customers?

Cyber security leaders prepare as criminals gear up for 'Cyber Monday' (WDTV) The deals will be hot and consumers are looking to take advantage. But criminals are also hoping to cash in this Cyber Monday.

The DAA Announces the Development of New CCPA Tools for Ad Industry (Cooley) On November 25, 2019, the Digital Advertising Alliance announced it is developing cross-industry tools for publishers, brands, agencies and adtech to provide a mechanism to opt out under the Califo…

How can financial institutions prevent shopping season fraud? (Help Net Security) In order to prevent shopping season fraud, financial institutions need to take responsibility to ensure the shopping season doesn't create problems.

Post NordVPN Data Exposure: Using Domain Threat Intelligence to Prevent MitM Attacks (CircleID) NordVPN admitted last month that its data center located in Finland was hacked on March 5, 2018. While the virtual private network (VPN) service provider claimed it learned of the incident as early as April 13, 2019, it only confirmed the compromise last month after reports that its expired Transport Layer Security (TLS) certificate and its private key were leaked.

Windows 10 Clone On The Menu As Hackers’ Favorite Hacking Tool Gets Update (Forbes) Kali Linux is more of a hacking tool than an OS. It comes with hundreds of preinstalled penetration testing applications, the Metasploit Framework (used for creating and executing security exploits) supports it as a platform and, oh yes, it can now pretend to be Windows 10.

Pennsylvania Completes Pilot Post-Election Audits Using Cutting-Edge Security Measure (MyChesCo) Secretary of State Kathy Boockvar announced that pilot enhanced post-election audits performed in Mercer County and Philadelphia provided valuable insight into how these audits can confirm the …

CIS Debuts New Benchmarks, Hardened Images at AWS re:Invent (PR Newswire) The Center for Internet Security, Inc. (CIS®) launched a new Department of Defense (DoD) STIG compliant CIS Benchmark and Hardened Image for...

How the Defense Digital Service revamped Army cyber training (Fifth Domain) Forces currently have to go to multiple locations for different levels of training prior to going to the operational force.

Make it fun: A cyber exec’s take on training a workforce (Fifth Domain) Circadence’s Keenan Skelly talks about some of the best ways to train the workforce on cyber.

Design and Innovation

Contract for Web Can't Fix Privacy Problems If Security Isn't Included (Decipher) As the inventor of the World Wide Web, Tim Berners-Lee proposed the [Contract for the Web](https://contractfortheweb.org/) as a way to address problems such as misinformation, mass surveillance and censorship online, but the list is not a realistic blueprint for action.

Can Artificial Intelligence Break Your Porn Habit? Lamar Odom Thinks So (Observer) Meet the growing “purity-industrial complex,” in which eager entrepreneurs are rolling out AI-powered purity solutions.

Research and Development

'Magnetic domain wall' circuit design could enable magnetic wave-based computing - little or no electricity required (Computing) Creating a practical magnetic-waves-based device requires efficient modulation of spin-wave propagation

Defence offers $4.5M for cyber security research (ARN) Australia’s Department of Defence has laid down $4.5 million in funding for technology companies and academics to design its cyber security future.

Can a computer have intuition? (Verizon) Developers programmed computers to have intuitive thinking.

Legislation, Policy, and Regulation

Access to internet via mobile data restored: ISNA (Tehran Times) Access to the internet through mobile data networks is being restored in Tehran and some other provinces, according to ISNA.

USA – Iran: Cyber war part of hybrid war (Modern Diplomacy) Tensions are runing high again after a lull of several weeks in an open propaganda battle and a psychological war between the United States and its allies, on the one hand, and the Islamic Republic of Iran (IRI), on the other. Apparently, the current situation could hardly be described as a lull as Washington, with […]

China and Russia Beware: How the Pentagon Can Win the Tech Arms Race (The National Interest) The DoD is in need of reform.

Can ‘defend forward’ lead to greater cyber deterrence? (Fifth Domain) While deterrence above armed conflict has largely worked, deterrence in cyberspace below that threshold has not.

EU raises eyebrows at possible US encryption ban (Naked Security) EU officials have warned that they may not take kindly to a US encryption ban or insertion of crypto backdoor technology.

France Not Ruling Out Response to Cyber Attack on Hospital (Bloomberg) Rouen hospital hit by ransomware Nov. 15 and halted for days. Cyber attackers increasingly attack health services worldwide.

Draft Code of Practice: securing the Internet of Things for consumers (Lexology) Although expressed as a voluntary code, it's also possible that regulators such as the ACCC could rely on the international norms reflected in the…

China seeks to root out fake news and deepfakes with new online content rules (Reuters) Chinese regulators have announced new rules governing video and audio content on...

China launches mandatory face scans for mobile users (Quartz) The new policy went into effect Sunday amid worries about privacy and surveillance.

When China Rules the Web (Foreign Affairs) China is set to remake cyberspace in its own image. That will make the Internet less open and allow Beijing to reap vast economic, diplomatic, and security benefits that once flowed to Washington.

Wary of China, Germany Plans Rapid State Intervention to Protect Key Industries (New York Times) Germany set out plans on Friday to create a government committee to step in quickly to protect companies against foreign takeovers, a sign of concern about China and others acquiring its technology.

Germany to debate China's role in 5G (ECNS) Germany's ruling Christian Democratic Union unanimously voted to hold a debate in the Bundestag on the involvement of foreign suppliers in the country's network infrastructure.

Row over Chinese 5G equipment further strains U.S.-German relations (CBS News) U.S. Ambassador Richard Grenell called a German official's remarks this week "an insult to the thousands of American troops who helped ensure Germany's security."

Germany's difficult choice could be whether to alienate the US or China (CNBC) The alliance between Berlin and Washington has been historically important and secure but has waned in recent years, even before Trump's arrival in the White House.

Exclusive: U.S. weighs new regulations to further restrict Huawei suppliers - sources (Reuters) The U.S. government may expand its power to stop more foreign shipments of produ...

US weighs new regulations to further restrict Huawei suppliers (CNBC) The U.S. Commerce Department in May placed Huawei Technologies on a trade blacklist, citing national security concerns. Putting Huawei on the list allowed the U.S. government to restrict sales of U.S.-made goods to the company.

Turkey to host international cybersecurity exercise (DailySabah) Turkey is set to host Cyber Shield 2019, an international cybersecurity exercise, in Ankara on Dec. 19-20. Participants from around the globe will take...

CISA partners with OMB to stand up vulnerability disclosure policies at civilian agencies (Federal News Network) CISA and OMB will require civilian agencies to develop vulnerability disclosure policies.

DHS issues draft order requiring agencies to bolster cybersecurity (TheHill) The Department of Homeland Security’s (DHS) cybersecurity agency on Wednesday issued a draft order that would require federal agencies to increase protections against cyber vulnerabilities.

How Homeland Security plans to secure government websites (Fifth Domain) DHS's cyber unit issued a draft directive to secure federal government websites.

How America fails its whistleblowers (Vox) Whistleblowers who work with classified information have a few options. All of them are bad.

Stopping Grinch BOTS (US House of Representatives) “Allowing grinch bots to rig prices and squeeze consumers during the holiday season hurts American families, small business owners, product makers and entrepreneurs. We will not allow this market manipulation to go unchecked.”

Northern Comdr, Army vice chief among 3 in race for COAS (Daily Excelsior) Govt to name CDS, new Army chief PM, MoD to take call shortly Sanjeev Pargal JAMMU, Nov 29: While appointment of Army chief Gen Bipin Rawat as first Chief

Litigation, Investigation, and Law Enforcement

Opinion | The Criminal Silicon Valley Is Thriving (New York Times) Eastern Europe’s cybercriminals are highly sophisticated. Can they be coaxed into more honest work?

Has Huawei’s Darkest Secret Just Been Exposed By This New Surveillance Report? (Forbes) A new report claims Huawei has not been truthful about its surveillance work for the Chinese state. And the timing could not be worse.

Defector spy not of enough interest to be a threat, intelligence agencies say (news.com.au) A Chinese defector - claiming to be a former spy - reportedly had never been considered enough of a threat to attract any interest from intelligence agencies. The Daily Telegraph reports advice given to the government's National Security Committee of Cabinet claimed Mr Wang had not been deemed a foreign agent at a level that…

Law Enforcement Shuts Down Imminent Monitor Malware, Makes Arrests (BleepingComputer) Law enforcement agencies from numerous countries have shut down the Imminent Monitor Remote Access Trojan (RAT) and have arrested thirteen of its most prolific users.

ACT Government hacks expose weaknesses in territory's cyber security: expert (ABC News) Two hacking attacks on the ACT Government show a lack of basic cyber hygiene, according to a security expert, who warns smaller governments are a potential target for criminals.

Exclusive: EU antitrust regulators say they are investigating Google's data collection (Reuters) EU antitrust regulators are investigating Google's collection of data, the ...

Apple changes Crimea map to meet Russian demands (BBC News) Apple Maps now shows Crimea - annexed from Ukraine in 2014 - as part of Russia, when viewed there.

India plans security audit of WhatsApp after hacking attempt (Reuters) India wants to conduct an audit of WhatsApp's security systems following re...

Government plans WhatsApp security systems audit (The Times of India) India Business News: The government wants to conduct an audit and inspection of security systems and processes of Facebook-owned instant messenger WhatsApp over the Pegasu

WhatsApp snooping: Questions on how India tackling data breach (Sify) The WhatsApp snooping row that involves privacy infringement of 121 Indian users out of 1,400 globally via third-party Israeli Pegasus spyware is now witnessing serious questions on the part of the government in handling such a crucial matter in the absence of a robust digital legal framework.

Airbus fires 16 over suspected German army spying: report (The Local Germany) European aviation giant Airbus has fired 16 employees over a case that had prompted Germany to open a probe into suspected industrial espionage, German media reported Sunday.

A convicted German murderer won the right to have all mention of his crime scrubbed from internet search results under 'right to be forgotten' laws (Business Insider) The man finished a life sentence in 2002 for shooting dead two people in 1981. He told the court he wants to live his new life free from his past.

Facebook issues corrective label on user's post under new Singapore fake news law (Reuters) Facebook said on Saturday it had issued a correction notice on a user's pos...

Huawei plans legal challenge to latest US pressure: report (Space Daily) Chinese telecoms giant Huawei is preparing a legal counterpunch against new moves by American regulators to bar the company from accessing $8.5 billion in US federal funds for services and equipment, a report said Friday.

Jeffrey Epstein, Blackmail and a Lucrative ‘Hot List’ (New York Times) A shadowy hacker claimed to have the financier’s sex tapes. Two top lawyers wondered: What would the men in those videos pay to keep them secret?

Facebook Breach Victims Can Sue For 'Reasonable' Security (BankInfo Security) Victims of a massive 2018 Facebook data breach can continue a class-action lawsuit to try and force the social network to maintain "reasonable"

In new world of data breaches and dark web deals, identity theft goes mainstream: JPSO (National Cyber Security) Identity theft used to be a more complicated, hands-on racket that included mail theft, dumpster diving, scam telephone calls and emailed offers.

Researcher Arrested for Allegedly Teaching North Korea About Cryptocurrency (Vice) Virgil Griffith has been arrested for allegedly giving a presentation on cryptocurrency in North Korea, where discussion touched on evading sanctions. Griffith maintains his presentation contained basic concepts that could be found online.

An NSA contractor allegedly scammed the Pentagon out of $100,000 (Quartz) The nation's signals intelligence agency is a prime target for fraud.

Hawaii man indicted on charges of cyberstalking family in Utah (Maryland Daily Record) U.S. prosecutors arrested Loren Okamura, whom they accuse of sending hundreds of unwanted service providers to the home, including plumbers and prostitutes.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

WSJ Pro Cybersecurity Executive Forum (New York, New York, USA, December 3, 2019) Cybersecurity risks are rapidly changing, so this year’s forum and masterclasses have been redesigned to focus on timely topics including: lessons from the most recent major hacks, what and how to report...

International Security Expo 2019 (London, England, UK, December 3 - 4, 2019) International Security Expo, formerly UK Security Expo showcases over 1,000 of the latest innovative security products to help you improve your security. Featured over the 2 days are 13 free to attend,...

Insider Threat Program Development & Management Training (College Park, Maryland, USA, December 3 - 4, 2019) The Insider Threat Defense Group will hold its highly sought after and very affordable Insider Threat Program (ITP) Development & Management Course, at the University of Maryland College Park Campus.

Dallas Cybersecurity Conference (Dallas, Texas, USA, December 4, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...

CISO Leadership Forum (Austin, Texas, USA, December 4 - 5, 2019) Forget the typical conference, which may or may not focus on the latest industry buzz, vendor specific pitches or trendy new development. Our learning sessions are vendor agnostic only as we focus on peer-to-peer...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.