skip navigation

More signal. Less noise.

AT&T Cybersecurity Insights Report: Security at the Speed of 5G

AT&T Cybersecurity teamed up with 451 Research to survey organizations on their 5G security plans. Download today and see organizations’ 5G cybersecurity preparedness responses followed by gap analysis on what’s possibly being overlooked plus recommendations for strengthening 5G security efforts.

Daily briefing.

CyberWire Pro, coming in 2020.

We're pleased to announce our new subscription program, CyberWire Pro, launching early in 2020. For cyber security professionals and others who want to stay abreast of our rapidly evolving industry, CyberWire Pro is an independent news service you can depend upon to stay informed and save time. Learn more and sign up to get launch updates here.

Another accusation of Russian-government phishing comes from UK Labour politician Ben Bradshaw, whom the Guardian describes as a frequent critic of Moscow's influence operations. Bradshaw says he received email from an "Andrei" who claimed to be a "whistleblower" inside Russian President Putin's administration. The email's attachments purported to describe Russian disinformation operations, but upon further review they appeared possibly malicious. The NCSC is investigating.

IBM researchers describe a new, destructive wiper, ZeroCleare, which is active in the wild against energy sector targets in the Middle East. IBM regards it as likely that ZeroCleare, which in some respects resembles Shamoon, is being deployed by Iranian state actors.

North Korean hackers belonging to the Lazarus Group who inserted DTrack malware into administrative systems at India's Kudankulam nuclear facility were, according to the International Business Times, after thorium reactor design information.

Big pharma giant Merck is wrangling with its insurers over the $1.3 billion in losses the company incurred as the result of the NotPetya infestation it suffered on July 27, 2017. The insurers balk at paying because it appears that the NotPetya attack, generally and credibly attributed to the Russian government, may have amounted to an act of war. The malware was initially deployed as part of Russia's hybrid war against Ukraine, but spread rapidly to targets elsewhere in the world. The matter is now being litigated, Claims Journal reports, in a Union County, New Jersey, court.

National Interest seeks to make Air Force flesh creep with accounts of F-15 hacking demonstrations.

Notes.

Today's issue includes events affecting Australia, Brazil, Canada, China, Colombia, European Union, India, Jamaica, Japan, Democratic Peoples Republic of Korea, NATO/OTAN, New Zealand, Russia, United Kingdom, United States.

Bring your own context.

Spare a thought for the Federal CISO.

"If you have fifty regulations that you're trying to adhere to and if you have an inspector general report that has thirty-two findings of areas that can be improved and if you have eight programs that you can try and sequence in which order you get to the recommendations or you get to the actions first, it's useful to have a high-level principal like that, where you can say, the things that I'm going to really seek to do first are the things that are going to help with an objective like that. And we've seen a lot of interest, increasing interest, from decision-makers in government in adopting a format like that."

—Robert Sheldon, head of technology strategy for public sector at CrowdStrike, on the CyberWire's Caveat podcast, 12.4.19.

There are bureaucratic virtues as well as the familiar vices, the red tape everyone complains about. Some of those virtues are accountability, due process, procedural equity, careful stewardship of public funds. May the virtues win.

A recommendation to our readers.

If you're interested in space and communications (technology, policy, business, and operations), take a look at Cosmic AES Signals & Space. It offers a monthly overview of news in this sector.

Today's summary cited the National Journal as the source for concerns about F-15 hacking. That should be the National Interest, and the text above has been corrected to reflect that.

Without proper context, cyber threat intelligence is useless.

The appearance of new threats and security challenges requires effective tools for their timely identification and in-depth analysis. Without proper contextualization, intelligence is completely useless. Context™ – Cyber Threat Intelligence Platform for enterprises and government agencies delivers cyber threat intelligence harvested from millions of data points from the Deep and Dark Web, combined with data science for objective and actionable insights.

In today's Daily Podcast, out later this afternoon, we speak with our partners at Booz Allen Hamilton, as Michael Sechrist discusses security concerns with messaging apps like Slack. Our guest is Roger Hale from YL Ventures; he shares thoughts on the CISO's changing role in risk management.

And Caveat, our weekly cyber law and policy podcast, is up. In this episode, "Moving the needle in the federal space," Ben describes US Senate Democrats' proposal for new privacy legislation. We have a story from the Supreme Court of Pennsylvania on the 5th Amendment and password privacy. And later in show we interview Robert Sheldon, Head of Technology Strategy for Public Sector at CrowdStrike, discussing Federal cybersecurity and how those efforts connect to broader IT modernization initiatives.

CyberMaryland Job Fair, December 5, Baltimore. Visit ClearedJobs.Net or CyberSecJobs.com for details. (Baltimore, Maryland, United States, December 5, 2019) Cleared and non-cleared cybersecurity pros make your next career move at the free CyberMaryland Job Fair, December 5 in Baltimore. Meet face-to-face with leading cyber employers. Visit our site for more details.

CS4CA MENA returns to Dubai on 20th – 21st January 2020. Visit mena.cs4ca.com for details. (, January 20 - 21, 2020) #CS4CA MENA returns to Dubai on 20th – 21st January 2020 for an intimate and exclusive platform promoting in-depth cybersecurity knowledge and collaboration among IT & OT leaders from MENA’s Oil & Gas, Utilities, Chemicals, Aviation, Transport, Manufacturing industries.

Cyber Attacks, Threats, and Vulnerabilities

Labour's Ben Bradshaw claims he was target of Russian cyber-attack (the Guardian) Frequent critic of Kremlin interference in the UK was sent suspicious email from Moscow

Iranian hackers deploy new ZeroCleare data-wiping malware (ZDNet) IBM identifies new ZeroCleare destructive malware targeting energy companies active in the Middle East region.

StrandHogg vulnerability enables malicious software to masquerade as trusted Android apps (Computing) The vulnerability stems from a multitasking feature in Android,Security ,StrandHogg vulnerability,Android OS,Promon,TaskAffinity

TrickBot Expands in Japan Ahead of the Holidays (Dark Reading) Data indicates TrickBot operators are modifying its modules and launching widespread campaigns around the world.

New Malware Campaign Uses Trojanized 'Tetris' Game: Report (BankInfo Security) A new malware campaign uses a Trojanized version of the game Tetris to target healthcare and educational institutions for credential stealing, according to

New Zealand’s gun buyback scheme impacted by data breach, SAP to blame (ZDNet) SAP has been left red-faced for allowing the security lapse to occur.

North Korea Hackers Breached Indian Nuke Reactor In Search For Advanced Thorium Technology (International Business Times) Thorium-based nuclear power can replace Uranium based nuclear power.

How Hackers Could Shut down America's F-15s (The National Interest) A real threat.

Millions of SMS messages exposed in database security lapse (TechCrunch) Exclusive: The exposed database was left unprotected without a password. None of the data was encrypted.

SMS company exposes millions of text messages, credentials online (Naked Security) Researchers at VpnMentor claim that the TrueDialog data leak exposure could have compromised tens of millions of people.

Ad fraud: Fake local news sites are rolling in the dough (Naked Security) “forbesbusinessinsider.com?” Names like that sound close enough to real news domains to pass, but bots are the only ones visiting.

Text-Based Deepfakes, Model Hacking Among Top AI Threats (Wall Street Journal) Companies should brace themselves for two emerging threats related to artificial intelligence: text-based deepfakes and AI model hacking, cybersecurity experts said.

SIMjacker, here’s what the latest major flaw in mobile devices teaches us (Miracle Tech) It was discovered in recent days by the security company AdaptiveMobile Security, and it is a really serious threat to the world of mobile phones and more.

Hackers Target Major Brands: Disney and Macy’s Breached (Business2Community) Fraudsters are warming up for the holidays, targeting household names through e-commerce site hacking and credential stuffing attacks. On November 19, 2019, news broke that Macy’s e-commerce site was infiltrated by a third party, embedding malicious code into Macy’s online checkout page.

Zoom Opens Video Device Security Hole — Again (No Jitter) A second Zoom operating system workaround, this one for Cisco, Poly, and Lifesize endpoints, becomes a security hack.

Moxa AWK-3121 (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits available Vendor: Moxa Equipment: AWK-3121 Vulnerabilities: Cleartext Transmission of Sensitive Information, Improper Access Control, Sensitive Cookie without ‘HTTPONLY’ Flag, Improper Restriction of Operations within the Bounds of a Memory Buffer, CSRF, Command Injection, Cross-site Scripting 2.

Reliable Controls LicenseManager (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Reliable Controls Equipment: LicenseManager Vulnerability: Unquoted Search Path or Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to crash the system, view sensitive data, or execute arbitrary commands.

Colombia Warns About the Scam of Asking Ransom in Bitcoin (NameCoinNews) In Colombia, the police authorities are warning its people about the scam in which the attacker is asking for the ransom in cryptocurrency bitcoin (BTC). This ransom is demanded in exchange for not disclosing the private details of the person who had kidnapped the victims. In this scam, the victim got an email from his …

Two Weeks Later Louisiana OMV Offices Still Impacted by Cyber Attack (News15 | Lafayette, LA) Louisiana OMV offices are still being impacted two weeks after a ransomware attack. Offices in Lafayette, Baton Rouge, and New Orleans are back open, but more than a dozen Louisiana’s motor vehicle offices still remain closed from the cyber attack. Officials think the attack to several state servers happened started with an email with a link. …

Darknet: Hacking Tools and Stolen Data at Bargain Prices (The Rio Times) Stolen data, weapons, drugs and particularly cybercrime services are not only moved via dark channels but are also offered via illegal platforms and relevant forums in the dark realms of the cyber world.

When Rogue Insiders Go to the Dark Web (Dark Reading) Employees gone bad sell stolen company information, sometimes openly touting their companies, researchers say.

Rogue Staff Member at Leading Cybersecurity Company Leaks Customer Data (Comforte Insights) Another cybersecurity company has fallen victim to a data breach. This time, the attack came from within. How can attacks like this be prevented?

The Cybercriminal Forum in 2019: An Enduring Model (Digital Shadows) We took a deep-dive into the cybercriminal underground to investigate the persistence of forums, uncovering several reasons they remain attractive amid appealing alternatives.

Security Patches, Mitigations, and Software Updates

Microsoft Forms Now Automatically Blocks Confirmed Phishing (BleepingComputer) Microsoft is rolling out automatic blocking for repeated Microsoft Forms phishing attempts to boost the product's security by stopping attackers from abusing forms and surveys to harvest sensitive data from their targets.

Moxa Patches Wireless Device (ISSSource) Moxa has a patch available to handle multiple vulnerabilities in its AWK-3121 which has reached its end of life and is being replaced, according to a report with CISA.

Cyber Trends

New Report Reveals Rapid Growth in Crowdsourced Security Testing for Compliance (BusinessWire) Crowdsourced security testing adoption posed to increase by 4x in 2020 driven by compliance and a desire for a continuous cadence.

GDPR Compliance Rate Remains Low According to New Talend Research (Talend) 58% of surveyed businesses worldwide failed to address requests made from individuals seeking to obtain a copy of their personal data as required by GDPR (General Data Protection Regulation) within the one-month time limit set out in the regulation, reveals updated research from Talend (NASDAQ: TLND), a global leader in cloud data integration and data …

141 Cybersecurity Predictions For 2020 (Forbes) 141 predictions for 2020 from key participants in the cybersecurity defense industry, highlighting all that’s hot today and tomorrow

Attention finance industry: Here are the cybersecurity threats coming in 2020 (HousingWire) A new report from cybersecurity company Kaspersky states that the amount of data held by financial services companies makes them prime targets for “cyberthreat actors.” but the company cautions that even the most advanced security protocols may not be enough to protect against an attack.

Hackers to greatly diversify their tactics in 2020 (SecurityInfoWatch) Experian make five cybersecurity predictions for the year ahead in its annual ‘Data Breach Industry Forecast’

Marketplace

Columbia's Tenable makes $78 million acquisition (Baltimore Business Journal) All of Indegy's roughly 60 employees, including its CEO Barak Perelman, will be brought on as Tenable employees through the deal.

Tenable Acquires Operational Technology Security Leader Indegy (Tenable®) Cybersecurity market leaders create the industry's first unified, risk-based platform for IT and OT security Tenable®, Inc., the Cyber Exposure company, today announced that it has acquired Indegy Ltd., a leader in industrial cybersecurity which provides visibility, security and control across operational technology (OT) environments.

Panorays Raises $15 Million Series A to Accelerate Third-Party Security Management (Panorays) Panorays has raised $15 million in a Series A funding round led by Oak HC/FT, which will be used to expand marketing and sales to accelerate growth.

Patriot Technologies acquires Communication Technologies & Consulting (EnterpriseTalk) Patriot Technologies, Inc. a fast-growing Frederick, MD-based custom manufacturer of cybersecurity platforms and devices recently announced the completion of its acquisition of Communication Technologies & Consulting

Huawei to move research center to Canada over US sanctions (TheHill) The founder of Chinese tech giant Huawei has said the company is moving its U.S. research center to Canada due to U.S. sanctions on the firm.

Huawei is facing a backlash in China when it can least afford it (CNN) Huawei is facing a growing backlash in China after new details came to light in the case of a former employee who was arrested and jailed for 251 days following an unproven accusation of blackmail from the company.

Google Co-Founders Page, Brin Give Up Management Roles (Wall Street Journal) Larry Page and Sergey Brin said they would hand control of Alphabet immediately to Sundar Pichai, Google’s existing CEO, stepping back at a potential inflection point for the company.

How Google founders Larry Page and Sergey Brin left Alphabet to avoid their 'Bill Gates moment' (The Telegraph) You can hardly blame Larry Page for standing down as chief executive officer at Alphabet.

This Top Cybersecurity Stock Is a Buy After Its Latest Plunge (The Motley Fool) Weak guidance sent Palo Alto Networks' shares down, but investors need to keep their eyes on the long-term opportunity.

Peter Thiel’s Palantir has quietly secured £39m of UK government deals (NS Tech)

Peter Thiel’s controversial data analytics firm Palantir quietly secured a £28m contract from the Ministry of Defence last year, taking the total value of UK government deals won by the firm

Wipro to establish Cyber Defence Centre in Melbourne (The Economic Times) The new centre in South Melbourne will offer protection from cyber-attacks to the organisations and will generate 100 new tech jobs for locals. According to Wipro Senior Vice President Raja Ukil, "The launch of the centre in Melbourne showcases Wipro's commitment to leverage local talent and specialised expertise to cater to the cyber security needs of the region."

RSA Conference 2020 unveils keynote line-up with world-class experts (Help Net Security) RSA Conference today announced its initial line-up of keynote speakers for RSA Conference 2020, taking place at the Moscone Center in San Francisco.

Nuspire Hires Lewie Dunsworth As New CEO (PRWeb) Nuspire, a Managed Security Services Provider (MSSP), announced today that it has hired Lewie Dunsworth as the new CEO. Saylor Frase, Nuspire’s previous

KnowBe4 Hires Mark Patton as Senior Vice President of Engineering (PRWeb) KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced it has hired Mark Patton as sen

AlgoSec Appoints Chief Revenue Officer & Chief Financial Officer to Manage Growth Acceleration (West) Leading network security management solution provider appoints two industry veterans to drive expansion fuelled by multiple growth avenues and new revenue initiatives

Products, Services, and Solutions

ICIT and Cybrary form Strategic Partnership for Technical Cybersecurity Skills Training (West) ICIT Members Will Receive Exclusive Discounts on Cybrary Tools to Assess, Develop, and Measure Their Technical Security Skills

Collibra is FedRAMP Authorized (Collibra) No one takes security more seriously than the government. Collibra takes data protection and security seriously.

SonicWall Strengthens MSSP Security Offerings, Simplifies Account Management, Product Registration, Licensing Control (PR Newswire) Increasingly sought out and relied upon by organizations spanning all verticals, managed security service providers (MSSP) have an expanded and...

Lastline Simplifies Securing Amazon Web Services with Industry-Leading Network Detection and Response (PR Newswire) Lastline®, a cybersecurity leader in AI-powered network detection and response (NDR), today announced a technology integration with Amazon Web...

Sophos Cloud Optix Advancements Simplify Cloud Security (West) New Features and Capabilities Showcased at AWS re:Invent 2019

Aviatrix Cloud-Native Networking Software Extends to Enterprise Branch Offices with CloudWAN Servi (Aviatrix Blog) Leverages Existing Cisco IOS Branch Routers with No “Rip and Replace”; Integrates with AWS Transit Gateway Network Manager and AWS Global Accelerator for Operational Simplicity and Low Latency Branch Office Connectivity

Nomad Digital launches private Trackside Radio technology (Intelligent Transport) The Nomad Digital solution provides passengers a seamless, high speed WiFi connection throughout their journey, including through tunnels or under bridges.

ShieldX Leverages New Amazon VPC Ingress Routing to Bring Comprehensive Network Security to AWS Deployments (Yahoo) Leveraging both Amazon VPC Traffic Mirroring and the New Amazon VPC Ingress Routing Capabilities Allows Users to Monitor and Block Malicious East/West and North/South Traffic

Flashpoint Expands Business Risk Intelligence Capabilities for Managed Security Service Providers (Flashpoint) Company’s Commitment to Managed Security Service Providers (MSSPs) Helps Them Meet  Growing Demand for More Proactive, Value-Added Services

Morphisec Achieves AWS Security Competency Status for Cloud Server Workload Protection (PRWeb) Morphisec, a leader in Moving Target Defense, today announced that the company has achieved Amazon Web Services (AWS) Security Competency

Darktrace’s self-learning AI security systems are now in AWS Marketplace (TechRadar) Cyber AI platform is a powerful solution for responding to emerging threats

Technologies, Techniques, and Standards

NSA to Issue Updated Cloud Security Guidance (Wall Street Journal) The National Security Agency plans to issue updated guidance to companies on cybersecurity in the cloud, a senior official said, amid a series of attacks that have targeted service providers in recent months.

NIST Developing Hardware Security Guidelines for Enterprises (Decipher) The federal government’s technical standards body is working on best practices for verifying the security and integrity of hardware, a notoriously difficult problem.

From cyber attack to heart attack: the hidden human impact of hospital hacks (New Statesman) Today’s hospitals are not sacrosanct. The large amounts of patient and staff data that they collect and store can make them prime targets for cyber attacks.

Tardy for the CCPA Party? Tips for Your Last Month Before the Deadline (Cooley) With a month left before the January 1, 2020 deadline to comply with the California Consumer Privacy Act, covered businesses should ideally be well on their way to compliance. But what if you procr…

How to migrate apps and workloads to the cloud securely and efficiently (Tufin) What’s common to all cloud migration projects, whether they are lift-and-shift, migration between cloud platforms, or app refactoring projects, is that the end results are portable workloads (e.g. application, database, storage, VM, etc.) cloud-native or not, that can potentially run in the cloud, or on-prem.

Hackers Red Team:Tribal Knowledge Offensive Cybersecurity (Irish Tech News) Tribe of Hackers Red Team: Tribal Knowledge from the Best in Offensive Cybersecurity, reviewed

Don’t obsess over the security of Chinese wireless gear. Do this instead (Fast Company) If you want to keep your data secure, it pays to worry less about Huawei and ZTE and more about the communications apps you choose to use.

Uncovering vulnerabilities in Cryptographic libraries: Mayhem, Matrixssl, and WolfSSL (ForAllSecure) ForAllSecure Engineer, Tyler Nighswander, uncovers vulnerabilities in two popular cryptographic libraries, MatrixSSL and WolfSSL, utilizing Mayhem, a next-generation fuzzer.

SystemDistrict Virus Removal Guide for Mac (SensorsTechForum.com) SystemDistrict is an undesired program that affects macOS as well as Safari and Chrome. Remove SystemDistrict virus from MacOS

Design and Innovation

New crypto-cracking record reached, with less help than usual from Moore’s Law (Ars Technica) 795-bit factoring and discrete logarithms achieved using more efficient algorithms.

Post Quantum Cryptography (DigiCert) Quantum computing will change everything. With current technology we estimate it would take a few quadrillion years to crack 2048-bit encryption.

MIT deepfake video 'Nixon announcing Apollo 11 disaster' shows the power of disinformation (Newsweek) Disinformation and deepfakes are especially acute concerns in the run-up to the 2020 presidential election.

Research and Development

How a National Lab is Securing Electric Vehicles and Smart Cars of the Future (Nextgov.com) At Argonne, a holistic approach is accelerating discoveries and bolstering the fight against emerging transportation threats.

4 INL technologies to get national recognition (Post Register) Four Idaho National Laboratory technologies recently won prestigious national awards.

Academia

IBM Canada and the University of Ottawa launch cybersecurity hub (Canadian Manufacturing) The software giant and the university say they will address critical government, public and private sector needs for advanced cybersecurity

Opinion: Why Cyber Security should be taught in our schools (Easier) Opinion: Why Cyber Security should be taught in our schools. Technology, technology and more technology. That’s all schoolchildren need to know these days with approx. nine out of 10 households having access to the internet.

Legislation, Policy, and Regulation

Power Politics Could Impede Progress on Responsible Regulation of Cyberspace (Chatham House) A new Chatham House paper examines the prospects of countries reaching agreement on issues of sovereignty and non-intervention in cyberspace in the face of persistent, low-level, state-to-state cyber attacks.

Analysis | The U.N. passed a Russia-backed cybercrime resolution. That’s not good news for Internet freedom. (Washington Post) Moscow is becoming far more skilled in advancing its agenda at the U.N.

When do cyberattacks deserve a response from NATO? (Fifth Domain) The biggest concern for the NATO alliance might not be agreeing on a framework for when collective defense is triggered from a cyberattack, but rather, how can the alliance address daily cyber events that fall below the level of armed conflict?

NATO to define plan to counter Russia’s hybrid warfare tactics (Defense News) “Maintain technological edge is the only way we can avoid obsolescence,” warns British Defence Secretary Ben Wallace.

NATO recognizes China 'challenges' for the first time | DW | 03.12.2019 (Deutsche Welle) For the first time in NATO's history, the alliance is recognizing the challenges posed by China's rise in a summit declaration. NATO's chief said Beijing's growing military capabilities had "implications for all allies."

NATO struggles with its China conundrum (Defense News) Each of the 29 NATO nations has a different relationship with China. Can the alliance find a coherent strategy for dealing with Beijing?

The US can't use Cold War tactics to engage with China, says former NSA head Michael Rogers (CNBC) China's main goal is to achieve 21st century technological dominance, argued Admiral Michael Rogers, former head of the NSA and U.S. Cyber Command, in a recent cybersecurity podcast. He also explained some of the tactics that are hard to counter, such as IP theft, government subsidies of tech companies, and linking corporate interests to education and government research.

EU countries warn on risks linked to foreign 5G suppliers (POLITICO) National capitals called on telecom companies to address risks associated with vendors from third countries.

European Commission's new president promises GDPR-style legislation on AI (Computing) Von der Leyen said that Europe set the pattern for the world the GDPR, and we have to do the same with artificial intelligence

ICO: Organisations using AI systems must provide clear explanations of decisions made (Computing) Organisations must also ensure that their use of AI is transparent and accountable

Privacy Matters | India needs a new law to regulate govt surveillance (Moneycontrol) While the State’s surveillance on its citizens is legal under certain circumstances, it’s unconstitutional. There should be judicial surveillance on the authorities who have the power to allow surveillance on individuals to stop breach of power.

China makes facial recognition mandatory for new SIM card purchases (Computing) The move will help crack down on scams, according to the government,Privacy ,Facial recognition,Wechat,Tencent,China Unicom

China protests as US House passes Uygur bill demanding sanctions over Xinjiang (South China Morning Post) Legislation urges the US government to act to counter China’s crackdown on Muslims and other minorities, and would prohibit export of certain US technologies that could be used in state-sponsored suppression.

Exclusive: White House considered kicking Huawei out of U.S. banking system - sources (Reuters) The Trump administration considered banning China's Huawei from the U.S. fi...

Verizon CEO says he doesn't want a 5G 'cold war' between the US and China (CNBC) "One of the beauties of this industry is ... that you can bring your phone from whichever country you're in and go to another country and it works," Verizon CEO Hans Vestberg says.

Senate cyber caucus to hold briefing this week on ransomware attacks (TheHill) The Senate Cybersecurity Caucus will hold a classified briefing Wednesday to address the ongoing spree of ransomware attacks on local governments, school districts and other entities nationwide.

How the Marine Corps thinks about beating adversaries in cyberspace - CyberScoop (CyberScoop) There are a lot of products on the market purporting to be the best way to run defense against nation-state adversaries’ email spearphishing attempts.

Portland plans to propose the strictest facial recognition ban in the country (Fast Company) Portland, Oregon, aims to ban the use of the controversial technology not only by city government, but also by private companies.

New Marine Corps guidance clarifies political activity allowed on social media (Marine Corps Times) Active-duty members are allowed to “friend” or “like” social media pages, but they cannot ask others to “follow” or “like” them.

National cyber policy being developed to protect citizens (Jamaica Observer) Minister of National Security, Dr Horace Chang, says that to further pro...

New Nebraska guard cyber unit deployed on its first mission (KETV) New battlefield "not about planes and tanks and infantry"

Nebraska National Guard cyber protection unit headed to D.C. to help secure networks, election system (Omaha.com) The Nebraska National Guard's 179th Cyber Protection Team, which was formed two years ago, is headed to Fort Meade, Maryland, for a year to help military and government agencies secure

Litigation, Investigation, and Law Enforcement

Merck Cyberattack's $1.3 Billion Question: Was It an Act of War? (Claims Journal) By the time Deb Dellapena arrived for work at Merck & Co.'s 90-acre campus north of Philadelphia, there was a handwritten sign on the door: The

Tories may have broken law in compiling voter data via polls spread on Facebook (The Telegraph) The Conservative Party may have broken the law by using "misleading" surveys and online games to hoover up voters' personal data without properly asking for consent, experts have warned.

Analysis | The Cybersecurity 202: Ukraine claims threaten Senate consensus on Russian hacking (Washington Post) GOP senators are increasingly willing to back Trump’s baseless claims

How the Ukraine pressure campaign began as an effort to undercut the Mueller investigation (Washington Post) Rudolph W. Giuliani’s efforts to undermine the special counsel probe eventually snowballed into the current impeachment crisis gripping the capital.

CrowdStrike, Ukraine, and the DNC server: Timeline and facts (CSO Online) Politicizing cybersecurity only serves to undermine trust in its practices and objectivity, experts fear.

IM RAT spy tool seller raided, busted, kicked offline (Naked Security) The spyware gave complete control of victimized computers, sold for as little as$25, and was bought by 14,500 hackers worldwide.

Google's proposed acquisition of Looker invites probe from UK's competition watchdog (Computing) The CMA is inviting comments from interested parties on the merger by 20th December

FBI Asked Sony for Data on User Who Allegedly Used PlayStation Network to Sell Cocaine (Vice) The search warrant application even asks what games the suspect played and their progress.

Former Google employees who say they were fired for organizing are filing labor charges against the company (Vox) The move is the latest escalation in growing tensions between employee organizers and management at the search giant.

Bestiality, Stabbings, and Child Porn: Why Facebook Moderators Are Suing the Company for Trauma (Vice) “My first day on the job, I witnessed someone being beaten to death with a plank of wood with nails in it and repeatedly stabbed.”

Facebook expands its efforts against ad discrimination (TechCrunch) Under the terms of a settlement with the ACLU and other civil rights groups earlier this year, Facebook has been taking steps to prevent discriminatory ad targeting. Specifically, the company says ads in the United States that involve housing, employment or credit can no longer be targeted based on…

NSS Labs Dismisses Antitrust Complaint Against Anti-Malware Testing Standards Organization and Endpoint Security Vendors (NSS Labs, Inc.) NSS Labs, Inc., a global leader and trusted source for independent cybersecurity product testing, today dismissed its antitrust complaint without prejudice. The lawsuit was filed September 18, 2018 with the United States District Court in Northern California against CrowdStrike, Symantec Corporation, ESET LLC, Anti-Malware Testing Standards Organization (AMTSO) and Does 1-50.

Hezbollah member gets 40 years for scouting possible sites for terrorist attacks in New York (Washington Post) Ali Kourani tried to become an FBI informant in 2017 but misled investigators.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

International Security Expo 2019 (London, England, UK, December 3 - 4, 2019) International Security Expo, formerly UK Security Expo showcases over 1,000 of the latest innovative security products to help you improve your security. Featured over the 2 days are 13 free to attend,...

Insider Threat Program Development & Management Training (College Park, Maryland, USA, December 3 - 4, 2019) The Insider Threat Defense Group will hold its highly sought after and very affordable Insider Threat Program (ITP) Development & Management Course, at the University of Maryland College Park Campus.

Dallas Cybersecurity Conference (Dallas, Texas, USA, December 4, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...

CISO Leadership Forum (Austin, Texas, USA, December 4 - 5, 2019) Forget the typical conference, which may or may not focus on the latest industry buzz, vendor specific pitches or trendy new development. Our learning sessions are vendor agnostic only as we focus on peer-to-peer...

International Cyber Risk Management Conference (Bermuda, December 4 - 6, 2019) The International Cyber Risk Management Conference (ICRMC) provides delegates with an essential forum to learn from experts, network and share experiences with peers and colleagues, and get the answers...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.