skip navigation

More signal. Less noise.

The Best Defense is a Good Offense

A defensive security posture is no match against today’s sophisticated adversaries—your organization needs to take a proactive approach to address these threats. To be successful, analysts need to understand the tactics, techniques, and procedures used against your organization. The key to understanding the adversary’s motives and patterns? Threat modeling, risk scoring, and gap analysis. Read more about the importance of threat modeling in our newest whitepaper, The Power of a Tailored Threat Model.

Daily briefing.

Australian Prime Minister Morrison said yesterday that three political parties (Liberal, Labour, and National) have been targeted by "sophisticated foreign actors". The attempts came to light during investigation of attempts on Parliament's systems. Chinese intelligence services are the leading suspect, according to the Sydney Morning Herald. The Guardian reports that China's Foreign Ministry denies any involvement, and reports of Chines attacks are both "baseless" and "irresponsible." 

Details on how the attacks were carried out remain sparse. They are said to have used (at some stage) a novel form of malware with China's "digital fingerprints," but it's possible that this could be misdirection by some other state's intelligence services. The Register says the operations could have been the work of China, Russia, Israel, or the United States, but that's a cautious statement of a priori possibility based on conjectured national capabilities. (And where, by the way, are France and United Kingdom on that list?) Official suspicion rests on China.

Avast reports a new malware family, "Rietspoof," spreading through instant messages.

Reports in the Telegraph and elsewhere suggest that a report on Huawei's security issues and the company's suitability for participation in 5G networks from the UK's National Cyber Security Centre will be very far from the harsh condemnation that had been widely suspected. The NCSC is believed to have concluded that the risks Huawei poses are manageable, and that GCHQ sees its way clear to mitigating them.

Facebook receives harsh criticism in the UK over data use and content management practices.

Notes.

Today's issue includes events affecting Australia, Canada, China, Czech Republic, European Union, Iran, India, Israel, Malta, New Zealand, Pakistan, United Arab Emirates, United Kingdom, United States.

Join the blue team with ExtraHop at RSA 2019.

Headed to San Francisco in March? Skip the rush of the show floor and book your threat hunting session in advance. ExtraHop puts you in the cockpit with network traffic analysis so you can be the blue team as an attack unfolds, reconstruct a database exfiltration, and more. Schedule your demo now to explore security at enterprise scale at RSA!

In today's podcast, out later this afternoon, we speak with our partners at the Johns Hopkins University's Information Security Institute, as Joe Carrigan tells about the implications of Apple's requirement that developers use two-factor authentication. Our guest is Igal Gofman from XM Cyber on how email can be used to compromise a network.

Experience Deep Learning for Network Threat Protection at RSA 2019 (San Francisco, California, United States, March 4 - 8, 2019) Signatures and sandboxes can’t keep up with automated attacks. Visit Blue Hexagon booth N4204 and hear how we’re harnessing deep learning to stop known and unknown network threats in less than a second. Pick up a free copy of the book “How To Measure Anything in Cybersecurity Risk.”

Register for the RSA Conference 2019 today! (San Francisco, California, United States, March 4 - 8, 2019) Be part of an empowered global community at RSA Conference 2019, March 4 – 8 in San Francisco. With the latest cybersecurity solutions, countless experts and more, it’s easy to see why RSAC is infosec’s leading event.

Visit LookingGlass at RSA 2019 to Handle Your Risky Business (San Francisco, California, United States, March 4 - 8, 2019) Join LookingGlass at RSA 2019 to learn more about how we can help you manage your organization’s risky business. Get a free expo pass when you reserve a personal, in-depth demo tailored to your security needs!

XM Cyber is coming to RSA (San Francisco, California, United States, March 4 - 8, 2019) Visit XM Cyber at the Innovation City, Booth IC2233, to experience the first fully automated APT simulation platform to Simulate, validate and remediate every hacker’s path to organizational critical assets.

5th Annual Cyber Security Conference for Executives (Baltimore, Maryland, United States, March 13, 2019) The 5th Annual Cyber Security Conference for Executives, hosted this year by The Johns Hopkins University Information Security Institute and Ankura, will be held on Wednesday, March 13th, in Baltimore, Maryland. This year’s theme is cybersecurity compliance and regulatory trends, and the conference will feature discussions with thought leaders across a variety of sectors. Join the discussion and learn about current and emerging cyber security threats to organizations, and how executives can better protect their enterprises. Register today!

Cyber Attacks, Threats, and Vulnerabilities

Pakistan foreign ministry’s website hacked; Islamabad suspects Indian hand in cyber attack (Firstpost) The official website of Pakistan's Ministry of Foreign Affairs was reportedly hacked on Saturday. The foreign ministry spokesperson Mohammad Faisal said complaints were received about the site being inaccessible by users from several countries.

Meet ‘Charming Kitten,’ the Iranian Hackers Linked to Air Force Defector (Foreign Policy) Monica Witt fled to Iran and was indicted for espionage—alongside an Iranian hacking luminary.

Chinese and Iranian Hackers Renew Their Attacks on U.S. Companies (New York Times) President Trump’s withdrawal from the Iran nuclear deal and his trade conflicts with China are believed to have inspired new waves of attacks.

Hacking of US networks traced to China and Iran (Boston Globe) Security experts believe hackers have been energized by President Trump’s withdrawal from the Iran nuclear deal last year and his trade conflicts with China.

Chinese spies suspected in cyber attack on major parties (Australian Financial Review) Suspicion is falling on Chinese spies for targeting the computer systems of Australia's three major political parties.

Australia accuses foreign government of cyber attack (RTE) Australia has said a "sophisticated state actor" has hacked the country's main political parties and parliament, just weeks before a closely-fought election.

'State actor' makes cyber attack on Australian political parties (The Conversation) “A sophisticated state actor” has hacked the networks of the major political parties, Prime Minister Scott Morrison has told Parliament. Recently the Parliament House network was disrupted, and the intrusion…

Australian prime minister blames 'state level' baddies for Oz parliament breach (Register) China, Russia, Israel and the US floated as potential culprits

What are cyber attacks and how do they happen? (Sydney Morning Herald) A major hack of political parties has come less than a fortnight after another hack of MPs databases in Parliament. What is a cyber attack and how does it happen?

China rejects Australian parliament cyber attack claims as 'baseless' and 'irresponsible' (Guardian) Foreign ministry spokesman says speculation and sanctions will only ‘poison the atmosphere for cooperation’

China the world's biggest hacking victim, Chinese report says (The Sydney Morning Herald) Beijing security firm Knownsec Information Technology reported on Monday that Chinese organisations suffered an average of 800 million cyber attacks daily in 2018.

Are shadowy agents targeting Canadians who criticize an Israeli spyware firm? (Global News) NSO Group is fighting three lawsuits that allege its spyware was used to monitor journalists, activists and a friend of Jamal Khashoggi in Canada.

Israeli cyber-intelligence firm: We shut down misuse of cyber systems (Jerusalem Post) NSO has denied any connection to the Khashoggi or Black Cube affairs.

Did China Steal Iron Dome From Israel? (The National Interest) Chinese hackers allegedly grabbed missile defense plans.

Demystifying the Crypter Used in Emotet, Qbot, and Dridex (Zscaler) Zscaler security research team recently spotted a common crypter being used in the recent Emotet, Qbot, and Dridex campaigns. In this research, we described the properties of crypted binaries that hold true across various mutations. Read more.

Rietspoof malware spreads via Facebook Messenger and Skype spam (ZDNet) Avast researchers spot new malware spreading via instant messaging clients.

Rietspoof Malware Family Increases Activity (Avast) Avast experts track a powerful new malware family called Rietspoof, which combines file formats to make malware more versatile.

Cryptojacking Applications Land in Microsoft Store (SecurityWeek) Eight applications designed to mine for crypto-currency without users’ knowledge made their way into the Microsoft Store, Symantec has discovered.

Microsoft removes eight cryptojacking apps from official store (ZDNet) Eight Windows 10 apps removed from the Microsoft Store after getting caught mining Monero behind users' backs.

Ransomware in City Hall (Panda Security Mediacenter) City officials in the city of Del Rio, Texas, reported a ransomware attack at the start of January that brought down their IT systems.

Hackers Found Phishing for Facebook Credentials (Dark Reading) A very realistic-looking login prompt is designed to capture users' Facebook credentials, researchers report.

Behold, the Facebook phishing scam that could dupe even vigilant users (Ars Technica) HTML block almost perfectly reproduces Facebook single sign-on Window.

Chinese facial recognition database exposes 2.5m people (Naked Security) A company operating a facial recognition system in China has exposed millions of residents’ personal information online.

Chinese company leaves Muslim-tracking facial recognition database exposed online (ZDNet) Researcher finds one of the databases used to track Uyghur Muslim population in Xinjiang.

Hacker puts up for sale third round of hacked databases on the Dark Web (ZDNet) Hacker is selling 93 million user records from eight companies, including GfyCat.

Mega-crackers back with nearly 100 million new stolen data records (Naked Security) Sounds like the crooks who tried to sell more than 600 million records last week are back with nearly 100 million more…

A Deep Dive on the Recent Widespread DNS Hijacking Attacks (KrebsOnSecurity) The U.S. government — along with a number of leading security companies — recently warned about a series of highly complex and widespread attacks that allowed suspected Iranian hackers to siphon huge volumes of email passwords and other sensitive data from multiple governments and private companies. But to date, the specifics of exactly how that attack went down and who was hit have remained shrouded in secrecy.

Photography site 500px resets 14.8 million passwords after data breach (Naked Security) Photography website 500px has become the latest site to admit suffering a serious data breach.

Data breach allowed students to view other students’ admission files, sensitive personal data (The Stanford Daily) Before this week, Stanford students could view the Common Applications and high school transcripts of other students if they first

2.7 Million Health-Related Calls, Sensitive Info Exposed for Six Years (BleepingComputer) A server used to store real-time recordings of phone calls made to the 1177 Swedish Healthcare Guide service for health care information was found completely exposed to the Internet, with no user or password to protect it.

Bank of Valletta suspended all operations in wake of cyber attack (OODA Loop) In a relatively rare indecent, a large bank has temporarily ceased all operations after threat actors breached its systems. On Wednesday morning, the Maltese Bank of Valletta (BOV) discovered that hackers were making illicit transfers

42,000 AdventHealth Patients Impacted in Yearlong Data Breach (HealthITSecurity) Florida-based AdventHealth Medical Group Pulmonary and Sleep Medicine is notifying 42,000 patients of a 16-month breach, which compromised a trove of personal and health information.

The Aurora vulnerability is still being shunned by the electric industry - where is the education (Control Global) I had conversations with the retired engineering managers from the ONLY TWO utilities that worked with DOD on installing and monitoring of the Aurora hardware mitigation devices. When I told them about the push back from industry on Aurora, they were dumbfounded and depressed. Where is the appropriate education about Aurora and other physical-cyber threats for decision makers, grid engineers, and cyber security personnel?

Aadhaar Data Breach Largest in the World, says WEF’s Global Risk Report and Avast (Moneylife NEWS & VIEWS) During 2018, the secret and sensitive data of literally hundreds of millions of people has been torn open and exposed, then aggregated on various dark web lists for sale

Even years later, Twitter doesn’t delete your direct messages (TechCrunch) When does "delete" really mean delete? Not always, or even at all, if you're Twitter.

Marriott now lets you check if you’re a victim of the Starwood hack (TechCrunch) Hotel chain giant Marriott will now let you check if you’re a victim of the Starwood hack. The company confirmed to TechCrunch that it has put in place “a mechanism to enable guests to look up individual passport numbers to see if they were included in the set of unencrypted passport nu…

Website uses Artificial Intelligence to create utterly realistic human faces (HackRead) A new way for cybercriminals to create fake social media profiles and carry identity scams using Artificial Intelligence powered tool?

Hacks, Nudes, and Breaches: It's Been a Rough Month for Dating Apps (WIRED) Trouble at OkCupid, Coffee Meets Bagel, and Jack'd have made February a bad stretch for romantics online.

What Is Credential Stuffing? (WIRED) What happens to all those emails and passwords that get leaked? They're frequently used to try to break into users' other accounts across the internet.

Security Patches, Mitigations, and Software Updates

Two WordPress Plugin Authors Issue Bug Fixes (Infosecurity Magazine) Users of WP Cost Estimation & Payment Forms Builder and Simple Social Buttons plugins urged to update.

Apple fighting pirate app developers, will insist on 2FA for coders (Naked Security) Are you an Apple developer? Care about security? Using 2FA? You will be soon…

Cyber Trends

4 Ransomware Trends to Watch in 2019 (Recorded Future) Just as ransomware teams annually adjust their attacks based on the changing security landscape, security teams need to be able to adjust their protections.

Armis HIMSS 2019 Survey (Armis) Armis HIMSS 2019 Survey Healthcare Professionals Lack Confidence in Medical IoT Security; Majority Incapable of Stopping Cyber Attack For healthcare organizations, cyber security continues to be a major priority, and this was evident in the sessions and discussions at HIMSS … Read More

Challenging State of Vulnerability Management Today: Gaps in Resources, Risk and Visibility Weaken Cybersecurity Posture (Balbix) In the last two years, businesses and governments have seen data breaches like Equifax and Marriott impact 100s of millions of accounts each, as well as critical intellectual property (IP)and core operations.

Zimperium mobile threat data shows malware is a worry but still impacts few devices (BrianMadden.com) Our final review of mobile threat data comes from Zimperium, which showed mobile security data around app and device-based threats. Check it out.

CrowdStrike Annual Threat Report Details Attacker Insights and Reveals Industry’s First Adversary Rankings (AP NEWS) CrowdStrike ® Inc., the leader in cloud-delivered endpoint protection, today announced the release of the . Key findings in the report point to the escalating activities of nation-state actors and global eCrime actors across all targeted industries, and offer lessons learned from real-life intrusions.

Indicators of poor password hygiene exposed (Help Net Security) The 2018 Credential Exposure Report identifies trends in online security habits and the data criminals tend to steal and use.

Employees are major risk to employers’ cyber security, study finds (Irish Times) A third of workers used own email for work, and 24% shared files with family and friends

74% of organizations face outages due to expired certificates (Help Net Security) Many companies have overlooked the critical importance of digital certificate management and it could cost them up to $67.2 million over the next two years.

The importance of consumer trust in the second-hand mobile market (Help Net Security) Many consumers would be willing to trade in an old mobile device if more stringent data management processes were in place.

The Soothing Promise of Our Own Artisanal Internet (WIRED) As unease with Big Tech grows, some prescribe a slower, less viral online existence. "Eat independent sites, mostly not Facebook."

Microsoft Wants To Pick The News You Read (Daily Caller) Microsoft has developed a browser that directs readers not to look at conservative websites

We get the journalism we deserve (Quartz) The levels of media literacy are too low to sustain high-quality journalism.

Marketplace

It’s Huawei against the world as spying concerns mount (South China Morning Post) With its finance chief facing charges in the US, the telecoms giant is finding it increasingly difficult to find a friend.

Huawei founder says US cannot 'crush' telecoms giant (Al Jazeera) In interview with BBC, Ren Zhengfei describes arrest of his daughter and Huawei executive as 'politically motivated'.

Samsung Bets Big on Network Gear as Huawei Battles Security Fears (NDTV Gadgets 360) Potential customers are taking notice of Samsung's efforts to reinvent itself as a top-tier supplier for 5G wireless networks

Splunk pulls out of Russia (Computerworld) Splunk has announced it will cease selling its platform to organisations in Russia. The decision also applies to subsidiaries whose parent companies are based in Russia and businesses that “would use the software or services within the territory”.

Amazon expansion into Saudi Arabia in doubt after feud between Jeff Bezos and Crown Prince (The Telegraph) Amazon's plans to expand into Saudi Arabia have been thrown into doubt by a feud between Jeff Bezos and the Saudi Crown Prince.

Dark Cubed Acquires Fenris IV Incorporated (PR Newswire) Dark Cubed today announces the acquisition of Fenris IV Incorporated, a Charlottesville, Virginia-based cyber...

Micro Focus acquires Interset to expand cybersecurity expertise (Help Net Security) Micro Focus acquired Interset, a worldwide leader in security analytics software that provides highly intelligent and accurate cyber-threat protection.

Siemens expands its cybersecurity charter activities to suppliers (eeNews Europe) Siemens has expanded its 'Charter of Trust' cybersecurity alliance to governments and universities, as well as insisting all its suppliers sign a cybersecurity contract based on the charter.

IBM sets forth with a strong cybersecurity message (CSO Online) IBM has a strong cybersecurity message, but there's a gap between IBM security and its corporate vision. If IBM can bridge this gap, it can carve out a unique market position.

The Lucrative Government Spyware Industry Has a New 'One-Stop-Shop' for Hacking Everything (Gizmodo) How do you build the next $1 billion unicorn start-up in the hacking industry? One group of spy technology entrepreneurs says it’s found the answer.

NSO founders sell low then buy high (Globes) It sounds like a gamble but Omri Lavie and Shalev Hulio's business record shows they know a thing or two about entrepreneurship.

Md. security firm tapped for Alphabet anti-malware project (Baltimore Business Journal) VirusTotal analyzes billions of files for malicious content, for more than 500,000 users worlwide, including Fortune 500 companies and governments.

Niantic is hiring Security Engineers to combat hackers and data miners (Wizards Unite Hub) In an effort to combat cheaters, hackers, API crackers and data miners ahead of Wizards Unite release, Niantic is hiring Security Engineers with experience in hardening game clients and corporate networks. Two new job listings have appeared on Niantic’s Careers page: Security Engineer (Client), offered in SF, LA and Sunnyvale (California), Seattle and Zurich Security …

Apple’s Executive Shake-Up Readies Company for Life After iPhone (Wall Street Journal) Apple is shaking up leadership and reordering priorities across its services, artificial intelligence, hardware and retail divisions as it works to reduce the company’s reliance on iPhone sales.

Louis Abdilla resigns as chief executive of Content Security after 19 years (CRN Australia) Co-founder Louis Abdilla steps down after 19 years.

HackerOne Appoints Growth Hilarie Koplow-McAdams to Board (FinSMEs) HackerOne, a San Francisco, CA-based provider of a hacker-powered security platform, appointed Hilarie Koplow-McAdams, Venture Partner at BEA to Board

Products, Services, and Solutions

Pulse Secure First to Deliver Secure Access for Hybrid IT with Software Defined Perimeter (SDP) Solutions (Pulse Secure) New Pulse Access Suite with SDP delivers provisioning simplicity, scale and superior economics

Free Remote Browser Service For Small Businesses Under Cyber Attack (PR Newswire) Remote browser provider WEBGAP, today announced the launch of their free remote browser service for small...

QuintessenceLabs Releases Expanded Key Management Client (AP NEWS) QuintessenceLabs, the leader in quantum-enhanced cybersecurity, today announced the release of an enhanced version of their KMIP client software development kit (SDK), qClient.

JP Morgan rolls out first US bank-backed cryptocurrency to transform payments business (CNBC) Engineers at the lender have created the "JPM Coin," a digital token that will be used to instantly settle transactions in its wholesale payments business.

Symantec Improves Email Security With Fraud Protection (eWEEK) Symantec is looking to help reduce the risk of Business Email Compromise (BEC) attacks with a new offering that makes it easier to implement and manage Domain-based Message Authentication, Reporting and Conformance (DMARC) for email authenticity.

Curtiss-Wright receives encryption certification for secure data storage in trusted computing uses (Military & Aerospace Electronics) The Curtiss-Wright Corp. Defense Solutions division in Ashburn, Va., has received Common Criteria certification for the hardware and software disk encryption layers in the company's Data Transport System (DTS1) network-attached storage device.

Symantec helps business stop email compromise attacks (Help Net Security) Symantec announced Email Fraud Protection, an automated solution that helps organizations block fraudulent emails from reaching enterprises.

Explainer: Cybersecurity firm DarkMatter’s military smartphone (The National) The Katim R01 is the latest in the company's ultra-secure smartphone product range

Hysolate extends cybersecurity isolation platform to protect sensitive information (Help Net Security) Hysolate, pioneer of secure software-defined endpoints, announced major extensions to the Hysolate cybersecurity isolation platform.

Tenable doubles cyber exposure technology integrations (Zawya) Tenable®, Inc., the Cyber Exposure company, today announced that the company more than doubled its Cyber Exposure Ecosystem throughout 2018, including 43 new or enhanced technology integrations and 20 new integration partners.

IBM Aligns With Twistlock on Container Security (Container Journal) Twistlock has extended its container security relationship with IBM to include integration with IBM Cloud Security Advisor.

Building security into cloud native apps with NGINX (Help Net Security) Not many know that a tool like NGINX can also be used for security. In most architectures, traffic passes through NGINX reverse-proxy instances.

Cylance announces CylancePROTECT on AWS Marketplace (Help Net Security) Cylance, the leading provider of AI-driven, prevention-first security solutions, announced its award-winning endpoint protection offering, CylancePROTECT.

QuintessenceLabs updates qClient, expands KMIP client support for large organizations (Help Net Security) QuintessenceLabs announced the release of an enhanced version of their KMIP client software development kit (SDK), qClient.

ThreatConnect announces its interoperability with RSA Archer (Help Net Security) ThreatConnect, provider of the industry’s only extensible, intelligence-driven security platform, is proud to announce its interoperability with RSA Archer.

ISC2 extends training offerings beyond certification (Help Net Security) The ISC2 Professional Development Institute combats a global shortage of skilled and trained professionals to defend organizations against cyber threats.

Mitsubishi Electric Develops Cyber Defense Technology for Connected Cars (Tires and Parts) This is an age when many vehicles have sophisticated electronic systems and AI systems that are vulnerable to attack. Mitsubishi Electric Corporation has now come up with a multi-layered defense technology.

Technologies, Techniques, and Standards

Analysis | The Cybersecurity 202: This nonprofit has a plan to dramatically improve the weakest cybersecurity link (Washington Post) Small businesses account for more than half of breaches.

GCA Cybersecurity Toolkit for Small Business (GCA Cybersecurity Toolkit for Small Business) Discover free, effective tools that small businesses can use today to take immediate action to reduce cyber risk and strengthen defenses. Learn more.

Cybersicherheit: Mindestanforderungen für neue Lieferanten bei Siemens (Industrie Magazin) Der deutsche Industriekonzern führt im Bereich Cybersicherheit schrittweise Mindestanforderungen für neue Lieferanten ein. Das schwächste Glied einer industriellen Lieferkette sei entscheidend für die gesamte Sicherheit, hieß es. Auch Telekom, Allianz oder Airbus machen mit.

The Internet of Things Security Institute releases an Security Framework for Smart Cities and Critical Infrastructure. (EIN News) Alan Mihalic President of the IoTSI says the objective is to provide frameworks that can be implemented from the base build through to the build completion.

What business leaders can learn from Jeff Bezos’ leaked texts (TechCrunch) The ‘below the belt selfie’ media circus surrounding Jeff Bezos has made encrypted communications top of mind among nervous executive handlers. Their assumption is that a product with serious cryptography like Wickr – where I work – or Signal could have helped help Mr. Bezos and Amazon avoid this drama.

Brutal Hacks Teach Hard Disaster Recovery Lessons (Decipher) The hack of VFEmail, a hosted email provider, can be a reminder of how disaster recovery planning can be a life saver.

Tips on How to Fight Back Against DNS Spoofing Attacks (Threatpost) Despite a welcome and needed DNS revamp, preventable abuse continues.

Is the City of Ottawa prepared for a cyber attack? Management think so (Ottawa Citizen) In the fourth quarter of 2018 alone, more than 4,000 attempts to compromise City of Ottawa workstations and laptops were prevented, according to city data.“Like any major municipality, we&rsq…

Why Security Needs to Automate, Too (IT Business Edge) The same tools being used to augment the development and operations side of the house can also be applied to automation in security.

An ID-eal position: Banks and trusted digital identity (Mobey Forum) The rapid pace of digital transformation has left many industries scrambling to find secure, convenient ways of establishing identity for digital services.

A Level Playing Field for Threat Intelligence (Infosecurity Magazine) The five priorities that every threat intelligence strategy should consider.

New Michigan Cybersecurity Leader Emphasizes Collaboration (Government Technology) Meet Chris DeRusha, Michigan's new chief security officer — a former White House adviser who has been working for the state for about a year. DeRusha got his start under CIO David DeVries, who has since stepped down.

Fleet Cyber Command Official Discusses Command Cyber Operational Readiness Inspections at WEST 2019 (DVIDS) Capt. Kris Kearton, Director of U.S. Fleet Cyber Command's Office of Compliance and Assessment, spoke about Command Cyber Operational Readiness Inspections (CCORI) during WEST 2019, the premier naval conference and exposition on the West Coast, at the San Diego Convention Center, Feb. 15.

Design and Innovation

Can Mark Zuckerberg's 'supreme court' end Facebook's era of absolute monarchy? (The Telegraph) Suppose that, ten years from now, you make a post on a social network.

Mark Zuckerberg is in serious trouble - and not just with lawmakers (The Telegraph) Facebook wants you to know that it is changing.

The Pentagon Needs to Woo AI Experts Away From Big Tech (WIRED) Opinion: Without more DOD investment, there just aren’t enough incentives to lure talent away from high-paying jobs with great benefits into a life of public service.

Research and Development

White House: 'We don't really have a clue' about state of AI research (Federal News Network) Kelvin Droegemeier, the new head of the White House's Office of Science and Technology Policy, says the United States lacks clear answers to basic questions about the current state of AI research.

Machine-learning techniques often produce misleading or wrong results, researcher warns (Computing) Algorithms don't know how to say 'the data is not clear' or 'I don't know'

Porn-detecting bots might not be able to tell the difference between grot and art (Trusted Reviews) Content filters are often the first, last and only line of defence between innocent users and copping an eyeful of sexually explicit images in the last pla | Trusted Reviews

Academia

Czech Technical University dumps Huawei (Prague Daily Monitor) Lupa.cz reports that the Czech Technical University (ČVUT), the country's top technical institution, has decided to end its collaboration with Chinese telecommunications giant, Huawei.

University of Central Florida Opens Its Doors to the Lockheed Martin Cyber Innovation Lab (PR Newswire) Lockheed Martin (NYSE: LMT) and the University of Central Florida (UCF) celebrated the grand opening of a new...

The Best Cyber Offense Is A Good Cyber Defense – Texas Cyber NSA-Accredited Schools (San Marcos Corridor News) Texas colleges and universities have risen to the challenge to protect our nation...

California's Government Officials Support Cybersecurity Education (PR Newswire) California's government provides services that millions of people across the state rely on. Imagine what...

Legislation, Policy, and Regulation

Cyber blitzkrieg replaces cyber Pearl Harbor (ZDNet) The first wartime cyber attack against electricity grids was in 1999, says one of Australia's leading cyber strategists, but 20 years later we're still not ready to face 'multi-vector' cyber attacks.

Australia has a challenge of scaling defence capabilities for large cyber attacks (ZDNet) Major General Marcus Thompson says Australia's ability to scale its defence capabilities when it comes to the crunch is what keeps him up at night.

You mightn't know it, but you are already a 'combatant' in cyberspace (ABC News) Cybersecurity is everyone's business and could come to resemble the Dunkirk evacuation of World War II.

US officials sound the alarm over daily conflicts (C4ISRNET) In recent months, officials said that the United States is engaged within the information sphere in heightened operations with adversaries while there is no declared conflict.

Opinion | The laws governing cyberspace have got a lot scarier (LiveMint) Rising instances of cyberattacks suggest that we might be accepting a world of endless warfare

Kremlin seeks more control over internet in Russia (TheHill) Russia is taking steps to tighten its grip on the internet within its borders, as the nation’s legislature advanced legislation this week that would test temporarily disconnecting Russia from the global internet.

Will the EU’s new copyright directive ruin the web? (Naked Security) Articles 11 and 13 live on, with the dreaded ‘link tax’, ‘meme killer’, ‘censorship machine’ and all.

Military Offensive Cyber-Capabilities: Small-State Perspectives (Center for Security Studies) This Policy Brief provides an overview of the military cyber-defence strategies and capabilities of Norway and of the Netherlands.

India Is Cracking Down on Ecommerce and Free Speech (WIRED) Following China's lead, India is restricting some sales by global ecommerce companies, and weakening protections around online free speech.

Europe's cybersecurity gap threatens infrastructure, elections (Deutsche Welle) Cybersecurity experts have met with government officials ahead of the Munich Security Conference to discuss the vulnerabilities in our critical infrastructure — and many ask when Europe will finally shore up its gaps.

Cyber spies for hire: efforts to control cyber weapons ignore the agents who use them (The Conversation) Cyber attacks need two components – the tools to exploit vulnerabilities and the people with the expertise to deploy them.

Britain 'believes Huawei 5G security risks can be mitigated' (The Telegraph) Britain has reportedly decided it can mitigate the risks arising from the use of Huawei Technologies in 5G networks, despite warnings from the US about leaving the telecoms network vulnerable to Chinese espionage.

Huawei threat to UK national security can be contained, intelligence chiefs say (The Independent) Other nations including Australia and New Zealand have blocked or banned Huawei from involvement in their 5G networks

UK spy chief raises concerns over use of Huawei for 5G rollout (Al Jazeera) Concerns over 'monopoly supplier' warrant 'proper conversation', head of MI6 says at Munich Security Conference.

New Zealand holding talks on Huawei security fears: PM Jacinda Ardern (Moneycontrol) New Zealand's intelligence agency last November barred the country's biggest telco Spark from using Huawei equipment in its planned 5G network, citing "significant security risks".

Pence sharpens Huawei criticism in Munich security speech (Nikkei Asian Review) Chinese supplier poses risk to telecom infrastructure, US vice president says

Czech cyber watchdog confirms warning against Huawei (Radio Praha) The National Cyber and Information Security Agency has reiterated its warning that Huawei and ZTE products should not be used in Czech critical infrastructure. The agency sent its reply to Huawei on Thursday, following the company’s request for a cancellation or modification of its statement originally issued in December last year.

China tells world to ignore Mike Pence ‘lectures’ (Washington Examiner) European leaders should disregard "lectures" from Vice President Mike Pence and other U.S. officials about Chinese encroachment into Europe, a top diplomat from the communist nation said Saturday.

Huawei Backlash: China Accuses 'Lying' U.S. Of 'Unjust And Immoral Bullying' (Forbes) Huawei has become the quasi-proxy for the tech war between the U.S. and China. The world’s largest 5G equipment manufacturer is exposed, caught in the crossfire between Beijing and Washington D.C., and needs to quickly restore confidence before its too late.

Huawei Fight Sees EU Hit by Crossfire in Tech War's Key Battle (Bloomberg) Chinese official slaps down Pence’s claims about hacking risk. U.S. is threatening action against nations that use Huawei

5G security risks remain even if Huawei gets the all clear (The Telegraph) British intelligence has ruled that any risks from using equipment made by Huawei, a Chinese company accused of “dubious covert practices”, are manageable.

Regulate Facebook now, say UK MPs (BBC News) The House of Commons publishes its report into fake news with some strong criticism of Facebook.

Facebook targeted in scathing report by British Parliament (Silicon Valley Business Journal) A British parliamentary committee issued a scathing report accusing the social media giant of breaking data privacy and competition laws and calling for new regulations to rein in the technology industry.

Facebook 'open to meaningful regulation' after damning fake news report (The Telegraph) Facebook has claimed it is open to "meaningful regulation" from British MPs after a damning report accused it of behaving like a "digital gangster" in the online world.

Ministers must act now on social media (The Telegraph) The internet is a liberating force, but also a potentially malign one.

How to Regulate the Internet Without Becoming a Dictator (Foreign Policy) The British model of filtering data rather than content can protect citizens while preserving an open internet.

Kinetic Weapons Remain a Priority as Cyber War Rages (SIGNAL Magazine) Cyber war may be raging, but the maritime services balance cyber and kinetic priorities.

Protecting Energy Critical Infrastructure a Key Challenge for DHS (Homeland Security Today) Following industry and government protocols derived from lessons learned is essential for protecting vital infrastructure.

DHS in Cybersecurity: Data Sharing and Collaboration Program (CIOReview) DHS in Cybersecurity: Data Sharing and Collaboration Program By CIOReview - Every sector has been witnessing a drastic change in the way businesses operate with the introduction of AI. From homeland...

Should we profit from the sale of our personal data? (Naked Security) Don’t spend that 30 cents all in one place!

Litigation, Investigation, and Law Enforcement

Meeting the Canadian ‘voice of Islamic State’ (Times) You may recognise the voice of the thin Canadian in Hasakah. Until his capture on a battlefield in Syria last month, the 35-year-old man from Toronto was the voice of Islamic State, the mysterious...

American Held in Moscow a Prisoner to Paperwork (Foreign Policy) Paul Whelan’s family can’t discuss his case with the U.S. Embassy until he returns a signed waiver.

Opinion | As spy stories go, this may be a first (TheSpec.com) U.S. Air Force counter-intelligence specialist Monica Witt seems like an unlikely candidate to have shifted her loyalties to Iran, Rosie DiManno writes.

US prosecutors drag Darktrace into Autonomy fraud case (The Telegraph) The British cyber security company Darktrace has been pulled into the US fraud case against former Autonomy executives Mike Lynch and Sushovan Hussain.

As if Canada's Huawei decision isn't tricky enough: a 5G ban risks a lawsuit (CBC News) As the Trudeau government decides whether to join its security and trading partners in banning Huawei Canada from supplying technology to build Canada's 5G wireless networks, it risks an expensive lawsuit under the terms of a foreign investor protection agreement signed by its predecessor.

Interview: Huawei aims to resolve cyber security controversy in Czech Republic in "friendly and reasonable" way (Xinhua) Radoslaw Kedzia, CEO for Huawei in the Czech Republic, said Huawei's aim is to resolve current cyber security controversy in the country in a "friendly and reasonable" way.

Judge won’t unseal legal docs in fight to break Messenger encryption (Naked Security) The Feds tried—and failed—to force Facebook to break its encryption so investigators could listen in on suspected MS-13 gang conversations.

Zscaler Can’t Use EU Privacy Law in Finjan Patent Dispute (Bloomberg Law) Zscaler Inc. will have to turn over internal company emails to Finjan Holdings Inc. after failing to convince a judge that the European Union’s strict privacy regime prevented disclosure.

Utilities face ongoing challenges to secure the grid (Tampa Bay Times) The North American Electric Reliability Corp., a nonprofit tasked with enforcing grid protection compliance, fined an unnamed utility $10 million — its largest ever penalty — in late January.

Even If The Fortnite Lawsuits Fail, This Issue Isn’t Going Away (Intelligencer) (Quartz) Being able to perfectly reproduce movements into infinity is a new, legally unexplored issue.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Insider Threat Program (ITP) Management - Insider Threat Detection & Data Analysis (Miami, Florida, USA, April 22 - 23, 2019) Insider Threat Program Management - Insider Threat Detection & Data Analysis Training The Insider Threat Defense Group will be holding its next class "Insider Threat Program (ITP) Management - Insider Threat Detection & Data Analysis", in Miami, FL, on April 22-23, 2019. At the completion of this training, students will be well versed on how to develop, implement, manage or enhance an ITP, and have the in-depth knowledge to gather, correlate and analyze an extensive amount of raw data sources to detect and mitigate Insider Threat Risks. The course has been taught to over 540+ organizations.

Upcoming Events

Insider Threat Program Development-Management Training Course (Herndon, Virginia, USA, February 18 - 19, 2019) Insider Threat Defense announced it will hold its highly sought after 2 day Insider Threat Program Development-Management Training Course, in Herndon, VA, on February 19-208, 2019. This 2 day training...

CPX Europe 360 2019 (Vienna, Austria, February 18 - 20, 2019) CPX 360 - the industry’s premier cyber security summit and expo - brings together the world’s leading cyber security experts to one venue. Gain a deep understanding of current challenges cyber security...

Cybersecurity, Privacy & Trust: A Media Perspective (San Francisco, California, United States, February 21, 2019) As cyberattacks escalate and public awareness around data privacy and security risks increases, companies are grappling with how to comply with regulations and restore consumer trust. From rethinking how...

National Cyber League Spring Season (Various, February 25 - March 24, 2019) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...

BSides Columbus 2019 (Columbus, Ohio, USA, March 1, 2019) BSides Columbus is a volunteer-run conference that gives local (and not-so-local) information-security enthusiasts a platform to share their discoveries and breakthroughs with the Central Ohio infosec...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.