skip navigation

More signal. Less noise.

The Best Defense is a Good Offense

A defensive security posture is no match against today’s sophisticated adversaries—your organization needs to take a proactive approach to address these threats. To be successful, analysts need to understand the tactics, techniques, and procedures used against your organization. The key to understanding the adversary’s motives and patterns? Threat modeling, risk scoring, and gap analysis. Read more about the importance of threat modeling in our newest whitepaper, The Power of a Tailored Threat Model.

Daily briefing.

Social media posed enough operational security problems for Russian forces operating against Ukraine that the Russian Army cracked down on their soldiers' online presence. It's a general problem: a NATO red team reports that military personnel put enough personal information online to render them vulnerable to influence and social engineering. Troops also discuss matters better left undiscussed.

Deep Instinct reports observing new instances of Separ credential-stealing malware. A maliciously crafted Adobe file is the typical infection vector. Once installed in a victim system, Separ lives off the land by abusing legitimate files and tools. The attack is simple but effective; the malicious script is short and easily overlooked.

A Vkontakte hack suggests where the limits of responsible disclosure may lie, and as Naked Security suggests, the line should probably be drawn on this side of spamming thousands of people to make a point. App developer Bagosi found an issue with Vkontakte, then decided to turn it loose in what the developer claimed was a harmless caper when Bagosi judged that Vkontakte wasn't paying sufficient attention. ZDNet says Vkontakte was not amused.

NCSC's dance with Huawei continues. On the one hand the company presents a risk to UK networks, but on the other it believes the risk may be manageable, and in any case, as Bloomberg reports, NCSC hasn't reached a decision yet. Its full report on telecoms security is due out in March. In the meantime, City A.M. says, NCSC boss Martin tells British telcos to up their security game.

Notes.

Today's issue includes events affecting Australia, China, European Union, Germany, Japan, Mexico, NATO/OTAN, Russia, United Kingdom, United States, and Venezuela.

Join the blue team with ExtraHop at RSA 2019.

Headed to San Francisco in March? Skip the rush of the show floor and book your threat hunting session in advance. ExtraHop puts you in the cockpit with network traffic analysis so you can be the blue team as an attack unfolds, reconstruct a database exfiltration, and more. Schedule your demo now to explore security at enterprise scale at RSA!

In today's podcast, up later this afternoon, we speak with our partners at Terbium Labs, as Emily Wilson discusses law enforcement on the dark web. Our UK correspondent Carole Theriault returns with stories of surveillance and facial recognition in London.

And Hacking Humans is up. In this episode, "Stop and think before you click that link," we've got followup from a listener on cognitive dissonance and behavioral science. Dave shares a listener story about a University Dean's List scam. Joe shares statistics from a government agency phishing test. Our catch of the day involves funds from the FBI, the IMF, and yes, Nigeria. Dave interviews Crane Hassold from Agari with phishing trends they've been tracking, plus his experiences as a former FBI agent.

Experience Deep Learning for Network Threat Protection at RSA 2019 (San Francisco, California, United States, March 4 - 8, 2019) Signatures and sandboxes can’t keep up with automated attacks. Visit Blue Hexagon booth N4204 and hear how we’re harnessing deep learning to stop known and unknown network threats in less than a second. Pick up a free copy of the book “How To Measure Anything in Cybersecurity Risk.”

Register for the RSA Conference 2019 today! (San Francisco, California, United States, March 4 - 8, 2019) Be part of an empowered global community at RSA Conference 2019, March 4 – 8 in San Francisco. With the latest cybersecurity solutions, countless experts and more, it’s easy to see why RSAC is infosec’s leading event.

Visit LookingGlass at RSA 2019 to Handle Your Risky Business (San Francisco, California, United States, March 4 - 8, 2019) Join LookingGlass at RSA 2019 to learn more about how we can help you manage your organization’s risky business. Get a free expo pass when you reserve a personal, in-depth demo tailored to your security needs!

XM Cyber is coming to RSA (San Francisco, California, United States, March 4 - 8, 2019) Visit XM Cyber at the Innovation City, Booth IC2233, to experience the first fully automated APT simulation platform to Simulate, validate and remediate every hacker’s path to organizational critical assets.

5th Annual Cyber Security Conference for Executives (Baltimore, Maryland, United States, March 13, 2019) The 5th Annual Cyber Security Conference for Executives, hosted this year by The Johns Hopkins University Information Security Institute and Ankura, will be held on Wednesday, March 13th, in Baltimore, Maryland. This year’s theme is cybersecurity compliance and regulatory trends, and the conference will feature discussions with thought leaders across a variety of sectors. Join the discussion and learn about current and emerging cyber security threats to organizations, and how executives can better protect their enterprises. Register today!

Cyber Attacks, Threats, and Vulnerabilities

NATO troops got catfished & honeypotted on social media, revealing serious vulnerabilities (Military Times) Troops gave up all sorts of worrisome data to fake accounts NATO set up, until Facebook shut some of them down.

European cyberattacks signal more Russian election meddling: Microsoft (Washington Examiner) Recent cyberattacks discovered by Microsoft validate Europe's fears that Russia, already blamed for meddling in the U.S. presidential election and the Brexit campaign, is aggressively targeting its parliamentary elections this spring.

SNTP denounced cyberattack on several Venezuelan news portals (Infosurhoy) The freedom of expression organization reported that the attacks kept media websites offline, preventing the dissemination of content.

Toyota Australia hit by cyber attack (NewsComAu) Toyota Australia staff have been told to switch off their computers after the country’s No. 1 car brand was hit by a cyber attack.

Hackers 'scramble' patient files in Melbourne heart clinic cyber attack (Guardian) Federal agencies investigating breach, reported to be a ransom demand

Hard-to-detect credential-theft malware has infected 1,200 and is still going (Ars Technica) Separ's living-off-the-land approach bypasses many antimalware providers.

A New Wave of the Separ Info-Stealer is Infecting Organizations through “Living off the Land” Attack Methods (Deep Instinct) Our research team put together a list of the most interesting cybersecurity stories from the past week.

Ryuk, Exploring the Human Connection (McAfee Blogs) In collaboration with Bill Siegel and Alex Holdtman from Coveware.   At the beginning of 2019, McAfee ATR published an article describing how the

The NoRelationship Attack Bypasses Office 365 Email Attachment Security (Avanan) By removing external links from the document.xml.rels relationship file in Word documents, hackers bypassed link parsers with URLs that were known to be malicious.

Password Manager Firms Blast Back at ‘Leaky Password’ Revelations (Threatpost) 1Password, Dashlane, KeePass and LastPass each downplay what researchers say is a flaw in how the utilities manage memory.

Formjacking Surpasses Ransomware and Cryptojacking as Top Threat of 2018 (BleepingComputer) A new year in review report from Symantec shows that formjacking accompanied by supply chain attacks were the fastest growing threats of 2018, while living-off-the-land (LotL) attacks saw a large boost in adoption from threat actors, with PowerShell scripts usage, for example, seeing a formidable 1000% increase.

Forget Phishing and Ransomware. Formjacking Is the New Favorite Hack of Cyber Crooks (Fortune) As older hacks show diminishing returns, hackers are turning to more sophisticated and lucrative attacks.

Researcher: Not Hard for a Hacker to Capsize a Ship at Sea (Threatpost) Capsizing a ship with a cyberattack is a relatively low-skill enterprise, according to an analysis from Pen Test Partners.

Sinking a ship and hiding the evidence (Pen Test Partners) Our earlier work on Voyage Data Recorder manipulation got us thinking about how a malicious individual or organisation might bring about the demise of a ship

Virus attack! Hackers unleash social media worm after bug report ignored (Naked Security) Is it ok to launch a benign proof of concept that you know will go wide, to bring a flaw to people’s attention, or should you stay quiet?

Monero Miner-Malware Uses RADMIN, MIMIKATZ to Infect, Propagate via Vulnerability (TrendLabs Security Intelligence Blog) We noticed a sudden increase in hack tool installation attempts from various industries in China, Taiwan, Italy and Hong Kong. We found a trojan combining RADMIN and MIMIKATZ to drop a Monero miner by exploiting MS17-010 for propagation, likely taking advantage of the Lunar New Year holidays.

Microsoft Edge Secret Whitelist Allows Facebook to Autorun Flash (BleepingComputer) Microsoft's Edge web browser comes with a hidden whitelist file designed to allow Facebook to circumvent the built-in click-to-play security policy to autorun Flash content without having to ask for user consent.

University of New Haven Researchers Discover Critical Vulnerabilities in Popular Virtual Reality Application (University of New Haven) Using Bigscreen, a popular virtual reality application, researchers at the University of New Haven were able to listen to users’ conversations and access their computers without their knowledge.

Tokyo company uncovers 2.7bn stolen passwords worldwide (Nikkei Asian Review) Emails at small businesses hacked and sold on darknet, Soliton finds

Flaw in mIRC App Allows Attackers to Execute Commands Remotely (BleepingComputer) A vulnerability was discovered in the mIRC application that could allow attackers to execute commands, such as the downloading and installation of malware, on a vulnerable computer.

Micro Focus Filr Multiple Vulnerabilities (SecureAuth) ...A vulnerability was found in the Micro Focus Filr Appliance, which would allow an attacker with regular user access to read arbitrary files of the filesystem. Furthermore, a vulnerability in the famtd daemon could allow a local attacker to elevate privileges...

Agent Tesla keylogger delivered inside a Power ISO .daa archive (My Online Security) We never fail to be astonished by the ingenuity and attempts from malware bad actors to get their malware delivered to their intended victims. However in many cases, like this one…

Siegeware: When criminals take over your smart building (WeLiveSecurity) Siegeware is what you get when cybercriminals mix the concept of ransomware with building automation systems and then abuse equipment control software.

Spectre bugs likely to 'haunt us for a long time' as software alone can't fix all of them, warn Google researchers (Computing) Spectre vulnerability affects microprocessors able to carry out branch prediction

Thousands of Android apps bypass Advertising ID to track users (Naked Security) Six years after it was introduced, it looks as if Android’s Advertising ID (AAID) might no longer be the privacy forcefield Google claimed it would be.

Android does not escape from ransomware: the most serious threats and how to avoid them (Symantec) Symantec helps consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. The Symantec Connect community allows customers and users of Symantec to network and learn more about creative and innovative ways to use Symantec products and technologies.

Millions of “private” medical helpline calls exposed on internet (Naked Security) Ever wondered what happens to helpline calls recorded “to ensure you get the service you deserve”? It can all go terribly wrong…

If you think your deleted Twitter DMs are sliding into the trash, you’re wrong (Naked Security) They’re never deleted, just erased from the UI. You can still see archived messages if you download your data.

How much does it cost to launch a cyberattack? (CSO Online) Just like in regular business, cyber criminals have a cost of operation and a return on investment to worry about. Unfortunately, a new report from Deloitte has found the cost of committing cyber crime is incredibly low.

Ransomware Revenue Earning Does Not Match Infection Decline (Infosecurity Magazine) Attackers in 2018 targeting businesses as they were more likely to pay ransom

Value of Stolen Card and Amazon Account Details Rockets (Infosecurity Magazine) Top10VPN report reveals surging dark web prices in some categories

ATM Hacking Has Gotten So Easy, the Malware's a Game (WIRED) A strain of ATM malware called WinPot turns the act of cashing out into something like a slot machine.

Facebook hoax? Can you sniff out gas station card skimmers using Bluetooth? (Naked Security) A viral post suggests (wrongly) that card skimmers always use Bluetooth. Anyway, just looking at nearby Bluetooth names doesn’t help much…

RiskIQ 2018 Holiday Shopping Snapshot (RiskIQ) Read the Report

Epic Games and Nestle pull ads from YouTube after they appear next to disturbing videos featuring children (The Telegraph) Epic Games and Nestle have pulled their pre-roll advertising on YouTube after ads for its videogame Fortnite appeared next to disturbing videos of children online.

What parents should know before sharing about your kids online (CBS News) A child's online footprint can begin before they are even born – starting when parents upload sonograms to social media

Swedish Privacy Snafu Affected More Companies (Infosecurity Magazine) Security vendor finds additional 120 exposed servers

‘Sustained and ongoing’ disinformation assault targets Dem presidential candidates (POLITICO) A coordinated barrage of social media attacks suggests the involvement of foreign state actors.

Truth is the casualty of America’s political war (Times) Oscars weekend is upon us and there’s the usual excited last-minute jockeying for attention among the Hollywood crowd. This year’s show will once again include solemn intonements to public virtue...

Security Patches, Mitigations, and Software Updates

Microsoft publishes security alert on IIS bug that causes 100% CPU usage spikes (ZDNet) Microsoft releases updates to fix bug that froze systems when IIS handled malformed HTTP/2 requests.

Facebook flaw could have allowed an attacker to hijack accounts (Naked Security) The CSRF bypass flaw has now been fixed, and the researcher who discovered it has netted $25,000.

Google has created a new browser API ‘Trusted Types’ to fight against DOM XSS attacks | Cyware Hacker News (Cyware) Security Features - Google has been working on a new Chrome browser API, that new feature fights against DOM-based XSS attacks. Check out to know more about this new feature!

Google’s working on stopping sites from blocking Incognito mode (Naked Security) Google Chrome’s Incognito mode hasn’t been an impenetrable privacy shield: For years, it’s been a snap for web developers to detect when Chrome users are browsing in private mode …

How to update Windows 10 for side channel vulnerability fixes (CSO Online) Since Spectre and Meltdown were discovered in 2018, other side channel vulnerabilities have emerged. These are the mitigations to consider for each of them.

Cyber Trends

Cybersecurity Perspectives 2019 (Scale Venture Partners) “Cybersecurity Perspectives 2019” is Scale's annual snapshot of the top issues facing enterprises navigating today's complex security landscape

BDO Cyber Threat Insights - Q4 2018 (BDO) Special focus: cyber threats and the public sector.

Report Details AI and ML Cybersecurity Arms Race (Dark Reading) Aite Group report finds that machine learning-powered cybersecurity solutions are becoming must-haves for threat detection and response.

How are businesses facing the cybersecurity challenges of increasing cloud adoption? (Help Net Security) Cloud services serve core functions essential to all aspects of business operations, but getting cloud security right is still a challenge for many.

Marketplace

Here are the big VC winners in Palo Alto Networks $560M purchase of McAfee vets' startup (Silicon Valley Business Journal) Demisto was figured to be worth about $218 million, according to PitchBook Data, when it raised $43 million of Series C venture funding in a deal led by Greylock Partners in October.

Cybersecurity Startup Armorblox Raises $16.5M, Launches Out Of Stealth (Crunchbase News) Investment into cybersecurity companies nearly doubled from 2016 to 2018, with investors pumping $5.4 billion into ventures addressing threat mitigation, according to Scale Venture Partners’ cyber report released today.

We’re simpler, faster and cheaper – Huawei (Telecoms.com) For years the Huawei message has been we’re better, but its MWC tag-line might have a slightly different look to it this year.

Apple’s executive shakeup suggests post-iPhone focus on services (Silicon Valley Business Journal) Apple CEO Tim Cook is reorganizing Silicon Valley’s most valuable company as it enters a new chapter in its history — one without a blockbuster hardware product on the horizon.

Britain's AI sector draws record funding even as 'brain drain' continues (The Telegraph) British artificial intelligence companies are attracting almost as much capital as the rest of Europe combined, figures have shown, even as experts caution the UK is suffering from a "brain drain" of its best talent.

Revolut to recruit hackers to secure its own IT infrastructure from potential data breaches and cyber-attacks (Computing) New recruits will scour the dark web for potential threats and test the company's own cyber defences

20 Can't-Miss Seminars, Sessions and Panels at #RSAC this Year (Bricata) The RSA Conference (RSAC) will bring together nearly 700 speakers across 500 sessions; we've gone through every description to recommend 20 "can't miss" sessions for 2019.

Perspecta Wins New $905 Million Program to Provide Cyberspace Operations Support to the United States Army Cyber Command (PR Newswire) Perspecta Inc. (NYSE: PRSP), a leading U.S. government services provider, announced today that it has been...

ECS clinches FBI cyber work after protest turmoil (Washington Technology) ECS Federal has been cleared to proceed with its cybersecurity work at the FBI after prevailing in a protest from a rival.

How cybersecurity firm Forcepoint plans to speed up India growth (Techcircle) Austin, Texas-based cybersecurity solutions provider Forcepoint is betting on its recently launched Next Generation Firewall (NGFW), part of its suite of network security solutions, to boost India revenue, a top company executive told TechCircle.

Hacking that Helps: Kevin Roh’s 120/120 Challenge (Synack) Personal resolutions and challenges crop up frequently at the beginning of a new year. Just like all humans, hackers love to set inspiring resolutions too. It’s cool to see our SRT hackers setting goals to be more active and successful on the Synack platform or even hackers not yet members of the SRT striving to …

Cybersecurity Brothers Join Billionaire Club (Celebrity Net Worth) It seems not a day goes by without a data breach or malware attack and that has been good for Ken and Michael Xie, the brothers who founded the cybers...

King & Union Appoints Christopher Clark as CTO (PR Newswire) King & Union, the provider of Avalon, the first collaborative cyber integration and analysis platform, today...

IronNet Cybersecurity Appoints Sean Foster as Chief Revenue Officer (PR Newswire) IronNet Cybersecurity announced today that it has appointed Sean D. Foster as Chief Revenue Officer reporting to...

Renowned Architecture and Threat Modeling Visionary Brook S.E. Schoenfield Joins IOActive World-Class Advisory Practice (IOActive) Industry Programmatic Security Expert Will Advise IOActive’s Global 1000 Clients with Strategic Security Programs

Onapsis Builds Global ERP Security Partner Ecosystem with Appointment of Darren Gaeta as VP of Worldwide Alliances (GlobeNewswire News Room) Onapsis, the global leader in ERP cybersecurity and compliance, today announced that it has appointed Darren Gaeta as VP of Worldwide Alliances.

Cyren’s Lior Samuelson To Exit CEO Job, Stay On As Chairman (CRN) Samuelson will be involved in the selection and on-boarding on his successor, and will continue to serve as chairman of Cyren's board of directors after he departs as CEO.

Products, Services, and Solutions

Netsurion First to Deliver Both EDR and SIEM Technologies as a Single Managed Security Service (GlobeNewswire News Room) Netsurion, a leading provider of managed network connectivity, security, and compliance solutions, today announced EventTracker EDR, the industry’s first managed endpoint threat detection and response (EDR) solution that is part of a unified SIEM platform and delivered as a managed security service.

Forescout Unveils the Industry's First Unified Device Visibility and Control Platform for IT and OT Security - Forescout (Forescout) Integrates SecurityMatters technology into its core platform to deliver true end-to-end situational awareness across IT and OT networks Extends visibility for multi-cloud, SDN and industrial environments through new integrations with Microsoft Azure, Cisco ACI and Belden switching portfolio Advances automation of controls for network segmentation and incident response through new integrations with Fortinet, Cisco DNA-Center …

XM Cyber Expands HaXM Automated Purple Team Platform With New Capabilities and Certifications (PR Newswire) XM Cyber, the multi-award-winning breach and attack simulation (BAS) leader, today unveiled new capabilities...

SiteLock Announces the Availability of New VPN Solution (SiteLock) Website security leader expands product portfolio to protect business and consumer data, empower safe internet browsing

K2 Cyber Security Unveils the First Cloud Workload Protection Platform to Prevent Zero-Day Attacks in Real Time with No False Positives (BusinessWire) K2 Cyber Security, Inc. today announced the general availability of its cloud workload security platform, featuring two fundamental innovations that t

AlgoSec Announces Support for Privileged Access Control to Enhance Security Management and Reduce Network Attack Surface (Global Security Mag Online) AlgoSecn has announced support for the CyberArk Privileged Access Security Solution. This enables joint customers to further enhance their organization’s security management processes with centralized control of device credentials and privileged accounts.

CRXcavator: Democratizing Chrome Extension Security (Duo Security) To provide users and IT teams with actionable intelligence about Chrome extensions, Duo Labs is excited to announce the public beta of CRXcavator (rhymes with “excavator”), a free service that analyzes Chrome extensions and produces comprehensive security reports.

Radware Launches Cloud Workload Protection Service (Nasdaq) Radware® (NASDAQ:RDWR), a leading provider of cyber security and application delivery solutions, today launches its Cloud Workload Protection (CWP) Service.

Elysium Analytics Launches First Cognitive SIEM (Elysium Analytics) Modern SIEM platform drives critical new SOC intelligence to counter polymorphic, advanced cybersecurity threats SANTA CLARA, CA – 8am ET, 20th February 2019 – Elysium Analytics, the cognitive cybersecurity business incubated by System Soft Technologies, today announced the availability of the industry’s first cognitive security information and event management platform (Cognitive SIEM).   The Elysium …

Light Point Security Reveals Most Flexible Browser Isolation Platform With the Release of Its Clientless Version (PR Newswire) Light Point Security, the pioneer of Browser Isolation, today announced the launch of its clientless version included...

SANS Cyber Workforce Academy - Maryland Announces 2018 Success And 2019 Schedule (PR Newswire) At a time when the talent shortage in cybersecurity continues to challenge employers and individuals have...

Comodo Cybersecurity Debuts Partner Program In Channel-Only Push (CRN) The new Comodo Cybersecurity Partner Program will provide a 20 percent deal registration discount to all, and MDF and lead generation for larger solution providers.

StorageCraft optimizing OneXafe solution for healthcare providers (Help Net Security) StorageCraft optimized OneXafe solution — the industry’s first converged data platform for both primary and secondary data, and data protection.

Netskope extends its cloud security tools to Google's cloud (SiliconANGLE) Netskope extends its cloud security tools to Google's cloud

Trustwave and Cybereason Forge Alliance to Bolster Managed Endpoint Security (BusinessWire) Trustwave and Cybereason forge a strategic alliance to bolster managed endpoint security.

Symantec's Email Fraud Protection Offering Combats BEC (eWEEK) Symantec improves email security with fraud protection, and Azure Maps gets new SDKs, services and expanded features for mobility.

Technologies, Techniques, and Standards

What Does Winning Look Like to the Global Engagement Center? (TechNative) In February 2019, Lea Gabrielle has been appointed to lead the Department of State's Global Engagement Center, a hub for countering propaganda throughout the world

Endpoint Security is Tip of the Spear for DoD’s Cloud Plans (Meritalk) The Department of Defense’s recently released Cloud Strategy covers a lot of territory, from an emphasis on the multibillion dollar Joint Enterprise Defense Initiative as a foundation of its plans, to its description of seven strategic objectives it wants to achieve in the cloud.

Password Managers Have A Security Flaw -- Here's How To Avoid It (Forbes) A major issue is affecting password managers such as 1Password, Dashlane, KeePass and LastPass. Here's what to do

Prevent shadow IT: Companies need security covering multiple communication vectors (Help Net Security) There is a critical need for companies to adopt comprehensive and secure enterprise communications platforms to prevent shadow IT.

CISO's guide to an effective post-incident board report (Help Net Security) Itay Yanovski talks about what CISOs can learn from Marriott’s and British Airways’ response to these high profile cyber attacks.

Cyberattacks in a Global Supply Chain: How Compliance Officers Can Mitigate Risk (Security Boulevard) (The following is an article authored by Panorays CEO and Co-Founder Matan Or-El that was recently printed in Compliance & Ethics Professional.)

Why Modern Security Teams can no Longer Overlook Benefits of Orchestration (Infosecurity Magazine) Once IT teams have orchestration technologies supporting security processes, they can make an active impact to the efficiency of employees

Design and Innovation

Highlights & transcript from Zuckerberg’s 20K-word ethics talk (TechCrunch) Mark Zuckerberg says it might be right for Facebook to let people pay to not see ads, but that it would feel wrong to charge users for extra privacy controls. That’s just one of the fascinating philosophical views the CEO shared during the first of his public talks he’s promised as part…

Academia

Students and alumni test cyber skills in Cyber 2.0 challenge (University of North Georgia) Students and alumni from the University of North Georgia (UNG) were among the 58 competitors for a $100,000 prize in the USA Hackers Challenge hosted by UNG and Israeli cybersecurity company Cyber 2.0 on Feb. 14 at Georgia Tech Research Institute (GTRI).

Legislation, Policy, and Regulation

UK spy chief tells telcos to improve cyber security (City A.M.) The UK needs higher standards of cyber security across the telecoms sector, a top spy boss said today, insisting no conclusion has been reached about

NCSC Boss: Huawei Security Concerns Aren’t About China (Infosecurity Magazine) But thinktank warns allowing firm to build 5G networks would be irresponsible

Britain says Huawei has not fixed ‘serious’ problems affecting network security (Washington Post) U.S. officials have raised concern with allies and foreign partners, including Britain, about allowing the Chinese company’s parts in their 5G networks.

U.K. Cybersecurity Chief Says No Decision Made on Huawei Ban (Bloomberg) Martin Says U.K. Huawei oversight is most ‘rigorous’ in world. Country of origin not key factor in assessing cyber risk.

As US pushes to ban Huawei, UK considers softer approach (WSB Radio) Britain can handle the security risks involved with using mobile networks made by China's Huawei, the cybersecurity chief said Wednesday, adding to a growing debate among countries on whether the company should be banned, as the U.S. wants.

Keeping Huawei Hardware Out of the U.S. Is Not Enough to Secure 5G (Lawfare) The Trump administration’s efforts to protect the security of fifth-generation, or 5G, wireless networks by limiting the deployment of Chinese technology both domestically and globally meld trade policy with cybersecurity policy. On both counts, it should not be considered sufficient.

China ditches 2015 cybersecurity pact with US (American Military News) China is not playing nice when it comes to cybersecurity. Analysts have determined that China has thrown out a mutual cybersecurity agreement made with the U.S. in 2015.

Trump Should Ignore Chinese Manufacturers' Phony Promises (Forbes) Chinese products may be cheap, but they cost Americans in our personal safety, national security, and industrial competitiveness.

White House Orders Agencies to Defend the Skies From Cyberattacks (Nextgov.com) In its National Strategy for Aviation Security, the Trump administration called on the government to be more proactive in spotting threats to U.S. airspace.

The cybersecurity legislation agenda: 5 areas to watch (CSO Online) The 116th Congress is only a few months old, but far-reaching cybersecurity bills to protect infrastructure and the supply chain, ensure election integrity, and build a security workforce are now being considered. Here’s the list.

Partisan Rift Threatens Federal Data-Privacy Efforts (Wall Street Journal) Congress set the stage last year to pass a sweeping consumer data-privacy law in 2019, but prospects for legislation are dimming amid sharpening divides among lawmakers over how far the federal government should go in reining in Big Tech.

Trump grows frustrated with Coats, leading some to fear he might be fired (Washington Post) Intelligence chief is “not loyal,” Trump said after testimony that contradicted the president.

Vermont CIO orders purge of Kaspersky and ZTE products (StateScoop) Following federal crackdowns on the Russian and Chinese firms over national security concerns, Vermont CIO John Quinn gives his state’s agencies 90 days to remove those companies’ products.

DoD’s network defenders get new deputy commander (Fifth Domain) Cyber defense hub Joint Force Headquarters-DoDIN is getting a new No. 2.

Army to get new leader for electronic warfare programs (C4ISRNET) The Army’s primary program office for electronic warfare and sensors is getting a new boss and it's a familiar face.

Litigation, Investigation, and Law Enforcement

​US lawmakers seek Zuckerberg briefing over Facebook privacy concerns (Silicon Valley Business Journal) Members of Congress have written to Mark Zuckerberg demanding an explanation over allegations that Facebook leaked some of its users’ private health information.

7 Scenarios for How the Mueller Probe Might 'Wrap Up' (WIRED) New reports say that Robert Mueller will be "wrapping up" his investigation soon. Here's what that might actually mean.

Intellectual property theft part of 'a pattern of dubious tactics" by Huawei, claims report (Computing) New claims of intellectual property theft come two weeks after FBI sting was revealed

Zurich vs Mondelez: the vast costs of large-scale cyberattacks (Panda Security Mediacenter) It is estimated that Mondelez lost $100 million after the NotPetya cyberattack. Now the company's insurer Zurich claims that it has no obligation to pay up.

"Down The Rabbit Hole I Go": How A Young Woman Followed Two Hackers' Lies To Her Death (BuzzFeed News) Tomi Masters was a 23-year-old from Indiana who moved to California with dreams of making it big in the cannabis business. Then she met a hacker who introduced her to a dark new world of digital manipulation, suspicion, paranoia, and fear — one that swallowed her alive and left her floating in a river in the Philippines.

Police believe airport insider was behind Gatwick drone chaos (Times) The drone attack that brought Gatwick to a standstill before Christmas is believed to have been an “inside job”, according to Whitehall sources. Police think a current or former airport employee...

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

U.S. Commercial Service at RSAC2019 (San Francisco, California, USA, March 4 - 8, 2019) In partnership with RSA Conference 2019, we at the U.S. Department of Commerce are excited to offer U.S. exhibitors at RSAC 2019 services to assist in entering or increasing their presence in international...

2019 Air Force Intelligence Community Security Review Board (SRB) (San Antonio, Texas, USA, March 16 - February 19, 2019) The 2019 Air Force (AF) Intelligence Community (IC) Security Review Board (SRB) is set to convene on 16 & 17 April 2019 at the Omni San Antonio Hotel at the Colonnade, San Antonio, TX. This two-day event...

Norwich University CGCS 2019 Cyber Security Summit (Northfielf, Vermont, USA, June 18 - 19, 2019) Mid- and executive-level managers seeking to broaden their organizations’ approaches to prudent cyber security practices will gain insight through a series of workshops and discussions on relevant issues...

ACSC 2019: Collaborate (Boston, Massachusetts, USA, November 7, 2019) The 2019 Annual Conference is a chance for ACSC members and people from the New England cybersecurity community to come together and share information, network, and learn about the latest information in...

Upcoming Events

Cybersecurity, Privacy & Trust: A Media Perspective (San Francisco, California, United States, February 21, 2019) As cyberattacks escalate and public awareness around data privacy and security risks increases, companies are grappling with how to comply with regulations and restore consumer trust. From rethinking how...

National Cyber League Spring Season (Various, February 25 - March 24, 2019) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...

BSides Columbus 2019 (Columbus, Ohio, USA, March 1, 2019) BSides Columbus is a volunteer-run conference that gives local (and not-so-local) information-security enthusiasts a platform to share their discoveries and breakthroughs with the Central Ohio infosec...

FAIR Analysis Fundamentals Training Course before the 2019 RSA Conference (San Francisco, California, USA, March 3 - 4, 2019) FAIR Analysis Fundamentals training from FAIR Institute Technical Advisor, RiskLens, provides the conceptual foundation and practical experience necessary to competently perform FAIR analyses. This training...

G’Day USA US-Australia Dialogue on Cyber Security (San Francisco, California, USA, March 4, 2019) The 2019 G’Day USA US-Australian Dialogue on Cyber Security will be held in San Francisco in the margins of the annual RSA Conference, which attracts more than 45,000 cyber and digital industry leaders.

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.