skip navigation

More signal. Less noise.

Get your copy of the definitive guide to threat intelligence.

We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.

Daily briefing.

Secure email provider VFEmail sustained an attack yesterday that wiped its US infrastructure. It's a business-killer: the company will probably cease operations. "Every VM is lost," the company tweeted. "Every file server is lost, every backup is lost." The attacker's motive is unknown and may be simple malice, or just the lulz, effectively the same thing. ZDNet says a Bulgarian IP address turned up in the attack traffic, but there's no attribution yet. VFEmail advises against reconnecting email clients to their service lest even users' local backups be lost.

The EU deliberates a coordinated response to APT10's recent activity. Unanimity will be tough to achieve, Bloomberg reports: not every member sees the same things.

The AP says Norway has again warned of Russian GPS jamming. The Drive reports US Army Stryker combat vehicles have been hacked. Marine Times says the Corps has a shadow-IT problem with close air support.

President Trump yesterday signed an Executive Order designed to maintain American leadership in artificial intelligence against determined, effective Chinese competition. With that, and with both Microsoft and Google having cautiously warned investors that while they're all-in on AI, AI does pose certain risks to their business, there's a mood of speculation about AI's future as it affects the future of humanity. WIRED offers a cyberpunk version of what amounts to either logical atomism or the myth of the cave. Either early Wittgenstein or mid-career Plato, so squint through your VR goggles and take your pick (but watch out for the whales).

Notes.

Today's issue includes events affecting Australia, Armenia, Bulgaria, China, European Union, Israel, Lithuania, Luxembourg, Norway, Russia, South Africa, United Kingdom, United States.

Earn Your Master’s in Cybersecurity from Georgetown

Looking to advance your cybersecurity career? Check out Georgetown University's graduate program in Cybersecurity Risk Management. Ideal for working professionals, our program offers flexible options to take classes online, on campus, or through a combination of both—so you don’t have to interrupt your career to earn your degree. You'll leave the program with the expertise you need to effectively manage risks and navigate today’s increasingly complex cyber threats. Explore the program.

In today's podcast, out later this afternoon, we speak with our partners at the SANS Institute, as Dean of Research Johannes Ullrich (who's also the proprietor of the ISC Stormcast podcast) tells us about the use of hardware flaws for network access. Our guest, the Washington Post's Shane Harris, provides an update on the curious espionage case of Paul Whelan, currently pending in Russia.

Cyber Security Summits: February 13th in Atlanta and on April 2nd in Denver (Atlanta, Georgia, United States, February 13 - April 2, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, U.S. Secret Service, Darktrace and more. Passes are limited, secure yours today: www.CyberSummitUSA.com

Get an Insider View Into the Methods and Exploits of the World's Most Famous Hacker (Online, February 20, 2019) Attend this live webinar to get an inside view into the methods and exploits of Kevin Mitnick, the world's most famous hacker. Learn about the latest attack strategies and “What Would Kevin Do” to stop them. Save your spot today!

Rapid Prototyping Event: The Needles in the Haystack (Columbia, Maryland, United States, February 26 - 28, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Protoyping Event in which we hope to find a solution that can not only 'map' the network in the traditional sense but provide inferences as to the most important servers, workstations or hardware devices. Once these assets are identified they could be isolated, replicated or studied closely via live forensics.

CYBERTACOS RSA (San Francisco, California, United States, March 4, 2019) Join us for ALL YOU CAN EAT FREE TACOS! What better way to start your week at RSA? On Monday, March 4, CYBERTACOS is coming back to San Francisco as part of RSA. Join us from 7:00-10:00pm for networking, food and drinks.

Register for the RSA Conference 2019 today! (San Francisco, California, United States, March 4 - 8, 2019) Be part of an empowered global community at RSA Conference 2019, March 4 – 8 in San Francisco. With the latest cybersecurity solutions, countless experts and more, it’s easy to see why RSAC is infosec’s leading event.

Cyber Attacks, Threats, and Vulnerabilities

No blame yet over parliament cyber attack (9News) Senate President Scott Ryan says it's too early to attribute blame for a cyber attack on federal parliament...

Hackers wipe US servers of email provider VFEmail (ZDNet) Hackers did not ask for a ransom. VFEmail described the incident as "attack and destroy."

Email Provider VFEmail Suffers ‘Catastrophic’ Hack (KrebsOnecurity) Email provider VFEmail has suffered what the company is calling “catastrophic destruction” at the hands of an as-yet unknown intruder who trashed all of the company’s primary and backup data in the United States. The firm’s founder says he now fears some 18 years’ worth of customer email may be gone forever.

VFemail, spécialiste de l’e-mail anonyme, balayé par une attaque dévastatrice (LeMagIT) Le fournisseur opérait ses services depuis 2001. Toute son infrastructure aux Etats-Unis vient d’être effacée brutalement, sauvegardes y compris. Un incident qui soulève de très nombreuses questions.

Email provider VFEmail’s US servers wiped (Daily Swig) Data and backup files lost in attack

AWS Issues Alert for Multiple Container Systems (Infosecurity Magazine) Vulnerability impacts 11 AWS container management systems

Root Code Execution Flaw Threatens Container Platforms (Decipher) A flaw in runC, the underlying container runtime for many platforms, can give an attacker root access to vulnerable hosts.

620 million accounts stolen from 16 hacked websites now for sale on dark web, seller boasts (Register) Dubsmash, Armor Games, 500px, Whitepages, ShareThis, and more said to be up for grabs for $$$s in BTC

OkCupid Users Victims of Credential Stuffing (Infosecurity Magazine) OkCupid says there has been no data breach

Exposed: Instagram, OKCupid, Mumsnet All Face Data Concerns (Threatpost) Three major websites are making data-privacy news this week.

Windows App Runs on Mac, Downloads Info Stealer and Adware (TrendLabs Security Intelligence Blog) We found an EXE application that specifically runs on Mac to download an adware and info stealer, sidestepping built-in protection systems on the platform such as Gatekeeper. We suspect the cybercriminals developing this routine as an evasion technique for damaging infections and attacks in the future as our telemetry showed the highest numbers to be in the UK, Australia, Armenia, Luxembourg, South Africa and the US.

With Doctored Photos, Thieves Try to Steal Bitcoin (BankInfo Security) Cryptocurrency exchanges are seeing fraudsters submit doctored photos in an attempt to reset two-step verification on accounts. The ruse appears to have some degree

Cryptocurrency Exchanges Targeted by Fake Photo Scam (NewsBTC) Research indicates that large cryptocurrency exchanges are increasingly being targeted by scammers using doctored photographs to trick two-factor

Private Mossad for Hire (The New Yorker) Inside a plot to influence American elections, starting with one small-town race.

McDonalds app users hatin’ it after being hacked by hungry hamburglars (Naked Security) At least two users of the McDonalds mobile app aren’t lovin’ it after thieves hijacked their accounts and ordered hundreds of dollars of food for themselves.

Senators Urge Security Audit of Foreign VPNs (Infosecurity Magazine) Chinese and Russian apps could be a national security risk

Assessing the risk of foreign-made VPNs, browsers (GCN) Two senators want to know the national security risks of allowing federal employees to use some foreign-made browsers and virtual private networks on government smartphones and computers.

Trickbot Adds Remote Application Credential-Grabbing Capabilities to Its Repertoire (TrendLabs Security Intelligence Blog) Trickbot's authors clearly aren't done updating it — we recently found a new variant that uses an updated version of the pwgrab module that lets it grab remote application credentials.

Revolut boss denies British digital bank has Kremlin links (The Telegraph) The chief executive of fintech start-up Revolut has denied that his company has links to the Kremlin following a political dispute over its operations in Lithuania.

Norway: GPS jamming during NATO drills in 2018 a big concern (AP NEWS) The Norwegian Intelligence Service says GPS signal disruption as seen during major NATO drills in Norway last year "is of particular concern" for the military and "is also a threat to civil aviation in peacetime."

The U.S. Army's New Up-Gunned Stryker Armored Vehicles Have Been Hacked (The Drive) A Pentagon report says 'adversaries' launched successful cyber attacks against systems on the new 30mm cannon-armed vehicles.

Marines have been personally downloading this software that helps coordinate air support. How that error and big cyber flaws are putting lives at risk. (Marine Corps Times) Some Marines downloaded the software onto personal devices, potentially putting themselves and their unit at risk.

A Popular Electric Scooter Can Be Hacked to Speed Up or Stop (WIRED) A hacker can accelerate Xiaomi M365 scooter—or hit the breaks—while a rider is on it.

Bezos Case Exposes Billionaires' Vulnerability to Hackers (SecurityWeek) The stunning revelation that a tabloid obtained below-the-belt selfies of Amazon founder Jeff Bezos -- the world's richest man -- suggests that even billionaires are not out of the reach of hackers.

Top Data Protection Issues Facing HNW Individuals (WealthBriefingAsia) Often referred to as "the oil" of the modern economy, data is strikingly vulnerable to abuse as more personal information goes online and can be cross-referenced. High net worth individuals are among those with the most to lose.

The Jeff Bezos privacy nightmare could happen to anyone — here’s how to prevent it (MarketWatch) Amazon founder has accused the National Enquirer tabloid of extortion after it acquired compromising photos.

1 in 3 FHFA employees failed phishing test (FCW) A penetration test found some concerning vulnerabilities at the Federal Housing Finance Agency, but auditors weren't able to gain access.

Lenovo Watch X was riddled with security bugs, researcher says (TechCrunch) Lenovo’s Watch X was widely panned as “absolutely terrible.” As it turns out, so was its security. The low-end $50 smartwatch was one of Lenovo’s cheapest smartwatches. Available only for the China market, anyone who wants one has to buy one directly from the mainland. Lucky…

Security Patches, Mitigations, and Software Updates

Temporary Patch Released For Adobe Reader Zero Day (Threatpost) The zero-day flaw in Adobe Reader DC could allow bad actors to steal victims’ NTLM hashes.

Apple Fixes Two Zero-Day iOS Vulnerabilities Exploited in the Wild (Security Boulevard) Apple's newly released iOS 12.1.4 includes fixes for two serious vulnerabilities that are already used by hackers.

Chrome OS Network Manager Sandboxed, Stripped of Root Privileges (SecurityWeek) The latest version of Chrome OS puts the Shill network manager in a sandbox and removes its root privileges.

You can now unsend messages in Facebook Messenger (Naked Security) Facebook Messenger has made available the ability to unsend, or in their words “remove for everyone” your mis-sent messages.

Cyber Trends

Microsoft: 70 percent of all security bugs are memory safety issues (ZDNet) Percentage of memory safety issues has been hovering at 70 percent for the past 12 years.

Healthcare Email Fraud Attack Attempts Jump 473% Over Two Years (Proofpoint) To better understand how email fraud is impacting healthcare organizations around the world, Proofpoint analyzed email fraud attacks targeting more than 450...

To Understand IoT Security: Look to the Clouds (Government Technology) The Internet of Things (IoT) is growing exponentially. But security and privacy concerns are piling up at the same time. How can we understand where this trend is heading? Here's what we can learn from the history of the cloud.

Healthcare Email Fraud Report (Proofpoint) Email fraud, also known as business email compromise (BEC), is one of today’s greatest cyber threats and it’s impacting healthcare organizations of all sizes across the globe.  Email fraud attacks are socially engineered to target people, rather than technology.  Fraudsters prey on human nature to steal money and valuable information from healthcare organizations’ staff,

Envisioning the Next Generation Cybersecurity Practices (Frost & Sullivan) Next Generation Security Critical to Protect the Future of Businesses Across Industry Sectors

The Average Cost of a Data Breach (TetherView) Today, few phrases strike fear into the hearts of companies quite like this one: data breach. How much does the average data breach cost?

Opinion | Google and Facebook Worsen Media Bias (Wall Street Journal) Silicon Valley’s advertising monopoly translates into editorial influence.

People still shocked by how easy it is to track someone online (Help Net Security) McAfee discovered less than a fifth (17%) of Brits who lost or had their phone stolen (43%) made any attempt to prevent criminals from accessing data.

Juniper Networks CIO Reflects on 7-Year Cloud Initiative (WSJ) It took seven years for Juniper Networks Inc. to move all of its data and applications from 18 corporate data centers to the cloud, but Chief Information Officer Bob Worrall said the transition is paying off.

Nearly Two-Thirds of Organizations Say Tech Skills Gap Is Already Impacting IT Audits: New Study Identifies Five Top Skills Auditors Seek to Build (BusinessWire) Technologies such as AI are reshaping the future of IT auditors, but auditors are largely optimistic about the future, according to new research from

Everyday AI - Innovative Technology Solutions (Innovative Technology Solutions) There’s no question about it, IT makes the world go around. Systems need to be integrated, data needs to be protected and on Friday nights,…

88% of UK businesses breached during the last 12 months (Help Net Security) The UK’s cyber threat environment is intensifying. Attacks are growing in volume, and the average number of breaches has increased.

Experian: US Suffers the Most Online Fraud (Dark Reading) New data from the credit reporting firm shows the sheer scale of online activity in the US also has made businesses and consumers there prime targets.

Marketplace

2019 has security execs crying uncle (SC Media) By Jon Check, senior director, cyber protection solutions at Raytheon Intelligence, Information and Services From the halls of government to C-Suites

PerimeterX Raises $43M In Series C Funding To Fuel Expansion into New Markets and Accelerate Product Development (PR Newswire) PerimeterX has secured $43 million in Series C funding to expand its product portfolio beyond its PX Bot...

Axonius Raises $13 Million Series A to Help Enterprises Automate Cybersecurity Asset Management and Security Policy Enforcement (AP NEWS) Cybersecurity asset management company Axonius today announced that it has raised $13 million in Series A funding. Bessemer Venture Partners led the round with participation from existing investors YL Ventures, Vertex, WTI and Emerge. The company will use the new funding to accelerate customer growth and expedite product innovations for the Axonius Cybersecurity Asset Management Platform.

UK identity data intelligence firm GBG conditionally acquires American firm in $300M deal (Bankless Times) GBG, the UK-headquartered Identity Data Intelligence specialist, has conditionally agreed to acquire the entire issued share capital of IDology, a US-based provider of identity verification and fra…

Could Demisto Be a Good Fit for Palo Alto Networks? (Market Realist) Demisto could boost automation offerings

This Chicago team wants to protect your data with encryption hardware (Built In Chicago) image via Diamond Key SecurityDigital security is everything these days, as news of data breaches are becoming as co

Apple and Google accused of helping 'enforce gender apartheid' by hosting Saudi government app that tracks women and stops them leaving the country (Business Insider) Absher, an app that Saudi men use to monitor women's travel and stop them leaving, is available for download on iTunes and the Google Play store.

Amazon takes latest step into the smart home with deal for Wi-Fi system company Eero (The Telegraph) Amazon has bought a Silicon Valley Wi-Fi router maker that will help keep its ever-growing line of smart home products online in homes that suffer from patchy internet coverage.

I Tried to Block Amazon From My Life. It Was Impossible (Gizmodo) Not even a custom-built VPN could stop Jeff Bezos's behemoth from slipping through the digital cracks.

Amazon buys Eero: What does it mean for your privacy? (TechCrunch) In case you hadn’t seen, Amazon is buying router maker Eero. And in case you hadn’t heard, people are pretty angry. Deluged in a swarm of angry tweets and social media posts, many have taken to reading tea leaves to try to understand what the acquisition means for ordinary privacy-minde…

Google Wifi vs. Eero: Which mesh router system should you buy? (Android Central) Both are great consumer mesh wireless systems, but which is best for you?

Google and Microsoft Warn That AI May Do Dumb Things (WIRED) Google and Microsoft have added warnings to their "risk factors" for investors about potential legal and ethical problems from their artificial intelligence projects.

Google warns rise of AI may backfire on company (The Telegraph) Google has warned that advances in artificial intelligence may have a negative impact on its business, leading to fines and concerns over ethics.

Former executive of Duo Security, Zscaler joins IronNet as co-CEO (Reuters) IronNet Cybersecurity Inc, a startup led by former U.S. National Security Agency...

Products, Services, and Solutions

Tenable Adds 'Predictive Prioritization' to Vulnerability Management Offering (SecurityWeek) Tenable’s new Predictive Prioritization service is designed to help customers of its vulnerability management offering prioritize flaws that have the greatest likelihood of being exploited.

Trustonic helps Mobile Operators improve financial performance while significantly reducing asset theft & fraud (GlobeNewswire News Room) Slashes theft & fraud across an operator’s device portfolio by combining mobile device and app protection expertise with unique integration into the smartphone manufacturing ecosystem

EZShield Releases Dual Exclusive Resources for Financial Institutions To Protect Account Holders From Identity Crimes (WebWire) EZShield, a portfolio company of The Wicks Group, today announced a series of new resources tailored to address how Financial Institutions (FIs) can combat identity crimes and mobile cybersecurity threats as it impacts the omni-channel customer experience.

Aquila, Inc. joins LMNTRIX Partner Program to Deliver an Outcome-Driven Multi-Vector Cybersecurity Platform (Life Pulse Health) LMNTRIX, the next-generation cybersecurity venture of MSSP pioneer Carlo Minassian, has announced a partnership with Albuque…

Plurilock Introduces New ADAPT MFA Product, 2019 Authentication Guidel (PRWeb) Victoria-based cybersecurity company Plurilock today announced the release of its newest product, ADAPT MFA. ADAPT MFA provides next-generation

Google wants to bring encryption to all with Adiantum (The Verge) ‘Everyone should have privacy and security, regardless of their phone’s price tag’

A New Tool Protects Videos From Deepfakes and Tampering (WIRED) Many of the body cameras worn by police are woefully vulnerable to hacking and manipulation. Amber Authenticate wants to fix that—with the blockchain.

Microsoft & Google expand security tools to political parties in Canada & Europe (ZDNet) Microsoft extends AccountGuard to Canada while Google expands Project Shield to EU Parliament political campaigns.

Technologies, Techniques, and Standards

Quantifying Security Posture is Key to Mitigating Risk (Infosecurity Magazine) What is required for effective risk measurement

#TEISS19: Brute Force Won’t Change Peoples' Behaviors, You Must ‘Modify’ Their Beliefs (Infosecurity Magazine) How security leaders can effect changes in behaviors to improve security buy-in from the C-suite

Boards Must Become More Technical to Make Orgs More Secure (Infosecurity Magazine) Ciaran Martin outlines vision for a more secure Britain

Security Professionals Win When They Can Master Risk Communications (SecurityWeek) The ability to customize threat intelligence scores allows you to prioritize threats to your organization and reevaluate and reprioritize as new data and context becomes available.

Mirror Chess Is Not Good Cyber (Forbes) In chess, mirroring your opponents is a terrible strategy because the opponent is intelligent and you become predictable due to asymmetries in the game. This analogy is perfect for security and helps us see where mirroring in cybersecurity is likewise an awful strategy with critical secondary issues

Crash Course in How Cyberattacks Start (IndustryWeek) In order to effectively defend against such attacks, it is critical to understand how an attacker thinks and how the actual attack is conducted.

Six Steps to Segmentation in a Perimeterless World, Part 2 (SecurityWeek) Network Segmentation can prevent lateral movement and effectively improve security, and is a continuous journey that every organization should take.

Security wellness takes more than a fad diet (Help Net Security) Like the dizzying array of diet and exercise options offering a quick fix, the security landscape is made more complex by the volume of available solutions.

Undertaking the crucial task of bringing cryptography to activists (Equal Times) A group of journalists and activists slowly trickle into a room. They take a seat. Some talk amongst each other, others play around with their phones. They think they are there for a workshop, but unbeknownst to them, they are being hacked. Five minutes after their arrival, a security expert has cracked most of their phones, and with it, sensitive information about contacts, co-activists, planned protests and stories. The story is real, yet nobody got hurt. The course was organised by the (...)

Email Impersonation Scams (Hakin9 - IT Security Magazine) What You or Your IT Staff Can Do to Protect Your Business A major cyber threat to Australian businesses is email-based …

Design and Innovation

DigiCert and Utimaco work on securing the future of IoT from quantum computing threats through collaboration with Microsoft (Utimaco) Today, DigiCert, Inc., the world’s leading provider of TLS/SSL, IoT and PKI solutions; Utimaco, one of the world’s top three Hardware Security Module providers; and Microsoft Research, a leader in quantum-safe cryptography, announced a successful test implementation of the “Picnic” algorithm, with digital certificates used to encrypt, authenticate and provide integrity for connected devices commonly referred to as the Internet of Things (IoT).

IBM's fast-talking AI machine just lost to a human champion in a live debate (CNN) People are great at arguing. But a project from IBM shows that computers are getting quite good at it, too.

AR Will Spark the Next Big Tech Platform—Call It Mirrorworld (WIRED) We are building a 1-to-1 map of almost unimaginable scope. When it's complete, our physical reality will merge with the digital universe.

Research and Development

What comes after air gaps? DARPA asks world for ideas (Naked Security) According to DARPA, air gapping computers and data is a security idea that has run its course and urgently needs to be replaced.

Academia

Intrusion Prevention Systems Prove Key to Campus Defense (Technology Solutions That Drive Education) Whether standalone or integrated into a next-gen firewall, IPS is a valuable part of network security for higher education.

Legislation, Policy, and Regulation

EU Considers Response to China Hacking After U.K. Evidence, Sources Say (Bloomberg) European Union member states are considering a possible joint response to cyber attacks allegedly conducted by a Chinese state-linked hacker group after the U.K. presented evidence last month about network infiltration, according to people familiar with the matter.

Russia prepping for US cyberattack by turning off entire internet (New York Post) Russia is shutting off its internet as part of a dramatic test to help it defend against devastating cyberattacks. The experiment is part of preparations for a potential cyberwar with the US that c…

Russia plans to briefly disconnect from the internet to see what happens (The Independent) The trial comes amid escalating cyber war rhetoric between Russia and the West

US Intensifies Pressure on Allies to Avoid Huawei, ZTE (BankInfo Security) The Trump administration is leading a broadside against Chinese telecommunications giants Huawei and ZTE. But concerns that Chinese networking gear could be used as

China to suffer limited impact from ban on Chinese telecoms imports (South China Morning Post) US president set to sign an executive order banning companies in the US wireless sector from buying Chinese telecoms equipment

Rural U.S. Carriers Resist Proposed Chinese Telecom Ban Aimed at Huawei (Wall Street Journal) President Trump is mulling an order that could ban Chinese telecom gear from U.S. networks, but the plan is facing resistance from rural carriers who rely on Huawei equipment.

Hit big tech hard but don’t crush free speech (Times) The campaign for state regulation of the press was always absurd, not only because it was illiberal but because it was already far too late. “Newspapers, through whichever medium they are delivered .

Trump’s Plan to Keep America First in AI (WIRED) The US joined more than a dozen other countries with national AI strategies when President Trump signed an executive order to create the American AI Initiative.

Here’s what you need to know about Trump’s ‘American AI Initiative’ (Popular Science) President Trump issued an executive order today announcing what the White House calls an “American AI Initiative.”

Is 2019 the year national privacy law is established in the US? (Help Net Security) Data breaches and privacy violations are now commonplace. Unfortunately, the consequences for US companies involved can be complicated. A company’s

Data Privacy Top of Mind for 2020 Candidates (Infosecurity Magazine) Sen. Amy Klobuchar says she would focus on creating data privacy regulations

What’s needed now? Trustwave cyber leader says more collaboration, security standards in contracts (Inside Cybersecurity) More information sharing and better collaboration between industries, along with government using its contracting power to drive up security performance, are among the chief policy needs in the cyber space, according to Jeremy Batterman, who leads cyber firm Trustwave’s SpiderLabs Fusion Center here.

Why the new Air Force’s cyber and information strategy is a return to the past (Fifth Domain) What is being hailed as a major breakthrough in the Air Force's cyber and information plan is a return to previous plans.

Analysis | The Cybersecurity 202: Senate committee leaders worry no one’s in charge on cybersecurity (Washington Post) Sens. Rounds and Johnson are considering creating a new centralized agency for cyber.

Where cybersecurity legislation 'goes to die' in Congress (POLITICO) Advocates for major cyber bills say Wisconsin Sen. Ron Johnson has been a roadblock ever since he arrived in Washington.

Litigation, Investigation, and Law Enforcement

Tinder lover must repay businessman’s £182,000 (Times) A lovestruck businessman who handed £182,000 to a woman 20 years his junior after meeting her on the dating app Tinder has won a court fight to make her pay the money back. Marcel Kooter, 57...

Secret Service busts online car sales crime ring (Naked Security) They posed as military needing to offload cars before deployment, allegedly posting bogus ads on Craigslist, eBay, and AutoTrader.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Cybersecurity, Privacy & Trust: A Media Perspective (San Francisco, California, United States, February 21, 2019) As cyberattacks escalate and public awareness around data privacy and security risks increases, companies are grappling with how to comply with regulations and restore consumer trust. From rethinking how...

RiskSec 2019 (Philadelphia, Pennsylvania, USA, May 8, 2019) RiskSec 2019 will provide insights from thought leaders across various industries, focusing on the most significant issues that CISOs and other security professionals face every day. Learn about new approaches...

Upcoming Events

NITSIG Meeting: Insider Threat Detection & Mitigation Using External Data Sources (Laurel, Maryland, USA, February 12, 2019) Gathering and analyzing Internal data sources is very important for Insider Threat Detection. Equally important is knowing what External data sources are also available to create the "Big Picture" of potential...

National Security Technology Forum and Exposition (NSTFX) (San Diego, California, USA, February 12, 2019) AFCEA International and the University of California, San Diego are proud to host a new and innovative event entitled “The National Security Technology Forum and Exposition (NSTFX)”. NSTFX will bring...

3rd Next Generation Cyber Security for Utilities (Denver, Colorado, USA, February 13 - 14, 2019) With the value of damages caused by cyber-attacks growing rapidly every year, adopting a new and comprehensive approach to cyber security for utilities is more important than ever. Among essential facilities...

BSides Huntsville (Huntsville, Alabama, USA, February 15 - 16, 2019) The fun and cheap way to earn CEU's. Instead of paying way too much to listen to some guy in a suit try and sell you something, you can pay just a few bucks to hear actual programmers and hackers talk...

Border Security: Physical Wall vs. Virtual Wall (Arlington, Virginia, USA, February 18, 2019) Marymount University ISACA Student Group (MUISG) has its CyberNight at MU scheduled for 9 March 2019 from 6-8pm. Panelists will discuss Border Security: Physical vs Virtual Wall. This is an educational...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.