skip navigation

More signal. Less noise.

How to Build a Security Operations Center (SOC) on a Budget

Get an in-depth look at how organizations with limited resources can set up a successful operations center for monitoring, detecting, containing, and remediating IT threats across applications, devices, systems, networks, and locations. Get all 5 Chapters in 1 eBook. Download your free copy now

Daily briefing.

The Washington Post reports that US Cyber Command disrupted Russia's Internet Research Agency's networks on the day of the US midterm elections and for a short period afterwards, to prevent Russian trolls from causing trouble. Security expert Thomas Rid believes that "such an operation would be more of a pinprick" than a long-term deterrent, but some defense officials said that “grand strategic deterrence” wasn't the objective here. One official told the Post that "part of our objective is to throw a little curveball, inject a little friction, sow confusion."

Ukrainian President Petro Poroshenko accused Russia of launching DDoS attacks against Ukraine's Central Election Commission on February 24th and 25th, CyberScoop reports.

ESTsecurity came across a spearphishing document last week that poses as an invitation from the “Korea-U.S. Friendship Society” to a meeting in Seoul regarding the Trump-Kim summit. The company says the malware delivered is associated with North Korean hackers. CrowdStrike's vice president of intelligence Adam Meyers told CyberScoop that it's observed the same document lure being used by a suspected North Korean threat actor it calls "Velvet Chollima."

Trustwave discovered that the website for the Bangladeshi Embassy in Cairo was infected with a coinminer in October, and recently began distributing cryptomining malware to visitors via malicious Word documents. The site is still compromised, so steer clear. The researchers don't believe a nation-state is behind the activity, due to its lack of sophistication, but they say it serves as a reminder that even low-skilled attackers can compromise important government sites.

Notes.

Today's edition of the CyberWire reports events affecting Australia, Bangladesh, Brazil, China, Democratic People's Republic of Korea, Egypt, European Union, India, Indonesia, Russia, Singapore, Spain, Switzerland, Turkey, Ukraine, United Kingdom, United States.

What if you could augment your security team by adding zero staff?

Cylance’s industry-leading security experts analyze your cybersecurity requirements and design solutions that meet and often far exceed objectives. Cylance secures our clients quickly using years of hard-won expertise, and world class artificial intelligence. Let Cylance help you achieve a state of ThreatZero, bolster your organization’s security posture, and zero in on what really matters.

In today's podcast, out later this afternoon, we hear from David Dufour from Webroot with insights on their pending purchase by Carbonite. Our guest, Randy Vanderhoof from the Secure Technology Alliance, describes managing identity and fraud in the payment space.

CYBERTACOS RSA (San Francisco, California, United States, March 4, 2019) Join us for ALL YOU CAN EAT FREE TACOS! What better way to start your week at RSA? On Monday, March 4, CYBERTACOS is coming back to San Francisco as part of RSA. Join us from 7:00-10:00pm for networking, food and drinks.

Experience Deep Learning for Network Threat Protection at RSA 2019 (San Francisco, California, United States, March 4 - 8, 2019) Signatures and sandboxes can’t keep up with automated attacks. Visit Blue Hexagon booth N4204 and hear how we’re harnessing deep learning to stop known and unknown network threats in less than a second. Pick up a free copy of the book “How To Measure Anything in Cybersecurity Risk.”

Register for the RSA Conference 2019 today! (San Francisco, California, United States, March 4 - 8, 2019) Be part of an empowered global community at RSA Conference 2019, March 4 – 8 in San Francisco. With the latest cybersecurity solutions, countless experts and more, it’s easy to see why RSAC is infosec’s leading event.

XM Cyber is coming to RSA (San Francisco, California, United States, March 4 - 8, 2019) Visit XM Cyber at the Innovation City, Booth IC2233, to experience the first fully automated APT simulation platform to Simulate, validate and remediate every hacker’s path to organizational critical assets.

5th Annual Cyber Security Conference for Executives (Baltimore, Maryland, United States, March 13, 2019) The 5th Annual Cyber Security Conference for Executives, hosted this year by The Johns Hopkins University Information Security Institute and Ankura, will be held on Wednesday, March 13th, in Baltimore, Maryland. This year’s theme is cybersecurity compliance and regulatory trends, and the conference will feature discussions with thought leaders across a variety of sectors. Join the discussion and learn about current and emerging cyber security threats to organizations, and how executives can better protect their enterprises. Register today!

Cyber Attacks, Threats, and Vulnerabilities

Cyber-Espionage Group Customizes Old, Public Tools (BleepingComputer) A cyber-espionage threat actor believed to operate from China relies for its activities on publicly available tools; the source code for some of them has been released as early as 2007.

State of the Bronze Union: A Brief Snapshot (Secureworks) The BRONZE UNION threat group focuses on espionage and targets a broad range of organizations and groups using a variety of tools and methods.

Cryptojacking Targets Education (Campus Technology) Malicious cryptomining or cryptojacking, as it's called, describes the theft of computer processing resources — electricity, cloud services and other digital assets — that are then exploited to do cryptocurrency mining without the owner's permission or knowledge.

A Peek into BRONZE UNION’s Toolbox (SecureWorks) Secureworks Counter Threat Unit researchers identified evidence of BRONZE UNION leveraging tools that have been publicly available for years. However, the variants used in 2018 included updated code.

North Korean hackers go on phishing expedition before Trump-Kim summit (CyberScoop) As President Donald Trump and North Korea’s Kim Jong Un prepare to meet again, cybersecurity researchers say Pyongyang-linked hackers are targeting Korean speakers with spearphishing emails tied to the diplomatic summit.

Web Site for a Bangladesh Embassy Compromised with Malicious Docs (BleepingComputer) The web site for the Bangladeshi Embassy in Cairo has been compromised so that it distributes malicious Word documents, which install malware downloaders onto an infected computer.

Ukraine’s president accuses Russia of launching cyberattack against election commission (CyberScoop) Weeks before Ukraine’s presidential election, the country’s president has accused the Russian government of conducting distributed denial-of-service attacks on Ukraine’s election commission, according to local media reports.

Poroshenko reports on DDOS-attacks on Ukrainian CEC from Russia on Feb 24-25 (Interfax-Ukraine) President of Ukraine Petro Poroshenko has said that the Central Election Commission (CEC) was subjected to DDoS attacks by the Russian Federation on February 24 and February 25.

Most Singapore employees using unapproved apps for work (ZDNet) To get work done, 95 percent of employees in the country acknowledge using applications not sanctioned for use in the office and while 98 percent of businesses have kicked off their digital transformation plans, just 18 percent have reached maturity.

Military file-sharing site brought back online after fixing security concerns (Stars and Stripes) A Defense Department website used to transfer large files containing sensitive unclassified information was brought back online earlier this month after being shuttered over security concerns last year.

Cryptocurrency Miners Exploit Latest Drupal Flaw (BankInfoSecurity) Just days after Drupal warned of a "highly critical" flaw in its web services modules, hackers came calling, exploiting the content management system

Drupal Vulnerability (CVE-2019-6340) Can Be Exploited for Remote Code Execution (TrendLabs Security Intelligence Blog) The content management framework Drupal recently fixed a vulnerability (CVE-2019-6340) in their core software, identified as SA-CORE-2019-003. The flaw is categorized as highly critical, exposing vulnerable installations to unauthenticated remote code execution (RCE). The vulnerability affects a substantial portion of Drupal installations, since it impacts the widely installed RESTful Web Services (rest) module.

Ready for another fright? Spectre flaws in today's computer chips can be exploited to hide, run stealthy malware (Register) Honey, I've shrunk the spyware and concealed it with speculative execution.

U.S. Cyber Command operation disrupted Internet access of Russian troll factory on day of 2018 midterms (Washington Post) Some senators credit more aggressive U.S. tactics with averting Russian interference in the elections.

US disrupted alleged Russian trolls' internet access during midterms: Report (ABC News) U.S. cyber operators reportedly disrupted internet access for Russian operatives on the day of the 2018 midterm elections in a bid to hamper propaganda operations.

Latest 4G, 5G phone-location slurp attack is a doozy, but won't Torpedo Average Joe or Jane (Register) Needs manpower, bags of time, full knowledge of target.

New Attacks Show Signed PDF Documents Cannot Be Trusted (SecurityWeek) Many PDF viewers and online validation services contain vulnerabilities that can be exploited to make unauthorized changes to signed PDF documents without invalidating the signature, researchers warn.

PDF Signature Spoofing (PDF Insecurity) How to break PDF signatures.

Analyzing WordPress Remote Code Execution Vulnerabilities CVE-2019-8942 and CVE-2019-8943 (Trend Micro) We expound the technical details of remote code execution vulnerabilities in WordPress: CVE-2019-8942 and CVE-2019-8943.

Hackers Exploit WinRAR Vulnerability to Deliver Malware (SecurityWeek) Malicious hackers start exploiting a critical WinRAR vulnerability disclosed less than a week ago, just as RARLab releases the final version of the update that patches the flaw.

New Attack Runs Code After Closing Browser Tab (SecurityWeek) Security researchers have discovered that websites can abuse modern browser APIs to persistently abuse browser resources for nefarious operations even after their tabs or windows have been closed.

New Ransomware Proves No Operating System is Invincible (TechTalk) A new ransomware variant has been found targeting websites housed on Linux servers. After succesfully encrypting files, leaving them with...

Hacker steals $7.7 million in EOS cryptocurrency after blacklist snafu (ZDNet) One of 21 EOS blacklist maintainers failed to update its list, allowing the hacker to make off with the stolen funds.

Researchers break digital signatures for most desktop PDF viewers (ZDNet) Researchers faked signatures on 21 of 22 desktop PDF viewer apps and 5 out of 7 online PDF digital signing services.

Social Media Platforms and the Cybercrime Economy (Bromium) Learn how cybercriminals exploit social media platforms to spread malware and facilitate other crimes. Web of Profit: Social Media Platforms and the Cybercrime Economy.

Retailers have become the top target for credential stuffing attacks (ZDNet) Bots are being used to complete rapid-fire fraudulent purchases with very little effort from the hackers behind them.

‘Deep fake’ videos threaten the world order (The Times) Political convulsions are visible everywhere in the western democratic world. On both left and right, debate has become increasingly febrile and ideological. Non-consensus is the new normal, and...

Security Patches, Mitigations, and Software Updates

Google Enhances Google Play Protect on Android, but Is It Enough? (BleepingComputer) Google has made changes to Google Play Protect in order to better protect Android users from malicious apps. Will these protections, though, be enough?

NVIDIA Patches High Risk Vulnerabilities in GPU Display Drivers (SecurityWeek) NVIDIA has released a security update for the NVIDIA GPU display driver, to address several High severity vulnerabilities impacting GeForce, Quadro, NVS, and Tesla products.

SHAREit App Flaws Allow Hackers to Steal Files (Threatpost) SHAREit has fixed two flaws in its app that allow bad actors to authenticate their devices and steal files from a victim's device.

Cyber Trends

Two out of Five Digital Households Worldwide at Cyber Risk, Avast Reveals (Business Wire) Avast (LSE: AVST), the global leader in digital security products, today announced that two out of five digital households are vulnerable to cyber attacks.

Increasing security measures are driving cybercriminals to alter their techniques (Help Net Security) increased security measures and awareness are driving cybercriminals to alter their techniques in search of a better return on investment (ROI).

2019 State of IT Security Survey Takeaways (Bricata) A survey of readers by the trade publication eSecurity Planet found businesses plan to boost cybersecurity spending and identified specific areas of confidence and doubt around defenses.

Cybercrime & Hackers 'More Devastating' To SMB's Than Fire, Flood & Transit Strike Combined (Forbes) The majority of leaders among Small-Medium Businesses (SMBs) across the United States say that a cyberattack could end their business, while others remain unaware of potential disaster according to a new survey. Cybercrime is viewed as more detrimental than fire, flood and transit strike combined.

FireMon State of Hybrid Cloud Security Survey (FireMon) Lack of Visibility, Speed of Cloud Business Initiatives Hamstring the Ability to Secure and Manage Hybrid Environments

Cyberthreat Index for Business (AppRiver) The AppRiver Cyberthreat Index for Business was developed by independent firms Idea Loft and Equation Research, in consultation with University of West Florida Center for Cybersecurity, using survey data collected online in January of 2019.

SSL-based Threats | Security Report (Zscaler) The SSL traffic and threats report by ThreatLabZ showcases the prevalent SSL-based threats that are targeting companies. Download the report to learn more.

NETSCOUT Highlights Dawn of the Terrorbit Era (NETSCOUT) This latest Report from NETSCOUT Threat Intelligence Reveals New Findings on IoT Vulnerabilities, Nation State Actors, and Increase in DDoS Frequency and Attack Size

IBM X-Force Threat Intelligence Index (IBM) IBM Managed Security Services threat research series help you keep pace with an evolving threat landscape and protect your networks and data from threats.

“Access to personal data by the state poses an enormous threat to privacy” (CISOMAG) In an exclusive interaction with CISO MAG’s Rudra Srinivas, Jackson talks about his role in the organization and the need for implementing cybersecurity measures.

60% of enterprises suffer data loss due to printer security breaches (CISOMAG) According to the security research firm, Quocirca printers which are connected to an organization’s network are the potential vector for cyber-attacks.

Healthcare Breaches Affected 11.5 Million People in 2018 (Infosecurity Magazine) Hacking and IT incidents are found to be the root cause of nearly half of healthcare data breaches, says report.

Privileged Credential Abuse a Top Attack Vector (Infosecurity Magazine) Credential abuse was involved in 74% of breaches, survey finds.

More Than 22,000 Vulnerabilities Disclosed In 2018 (Risk Based Security) Risk Based Security today announced the publication of its 2018 Year End Vulnerability QuickView Report, showing over 22,000 new vulnerabilities were disclosed during the year. While approximately 33% of published vulnerabilities received a CVSSv2 score of 7 or above, the number of vulnerabilities scoring 9 or above declined for the third year in a row.

Why Not Always Multi-Factor Authentication? (SecurityWeek) According to a survey of 2,600 IT professionals conducted by security awareness training firm KnowBe4, only 38 percent of large companies use multi-factor authentication (MFA) while a whopping 62 percent of small to midsize companies don’t.

Centrify Survey Confirms that Most Organizations are Not Prioritizing Privileged Access Management, Despite Knowing Privileged Credential Abuse is the Preferred Attack Vector (Digital Journal) Centrify, a leading provider of cloud-ready Zero Trust Privilege to secure modern enterprises, today announced results of a new survey revealing that most IT decision makers are not prioritizing Privileged Access Management (PAM) practices and solutions, despite knowing privileged credential abuse is involved in almost three out of every four breaches.

Fool Me Once… American Consumers Are Slow to Trust but Quicker to Forgive Security Breaches Than Their British Counterparts, Research from PCI Pal Finds (BusinessWire) US/UK consumer comparison release

The Dynamic Future of Business (OneLogin) We live in an incredibly dynamic age with an unprecedented rate of innovation - and technology continues to play a central role.

Marketplace

Obsidian Security raises $20 million in a Series B financing round (Obsidian) Obsidian Security, the intelligent identity protection company, has raised $20 million in a Series B financing round, bringing the company’s total funding to $30 million.

Ordr raises $16.5 million for network-level cybersecurity (VentureBeat) Ordr, a startup developing a 'network-level' cybersecurity solution, announced it has raised $16.5 million in series A financing.

Cequence Security hauls in $17M Series B investment to help protect applications (TechCrunch) Cequence Security, a startup that helps companies protect applications against business logic attacks, announced a $17 million Series B investment today. The round was by led by Dell Technologies Capital with participation from Shasta Ventures, the firm that had led the company’s $8 million A…

KnowBe4 Expands into Brazil with the Acquisition of El Pescador (Florida Trend) KnowBe4, the provider of the world’s largest security awareness training and simulated phishing, announced it has entered the Brazilian market by purchasing El Pescador, a company previously owned by Tempest – a national cybersecurity leader.

GlobalSign, Microsoft join forces to strengthen mobile security (DataCentreNews) Identity and security solutions GMO GlobalSign announced it has joined the Microsoft Intelligent Security Association, a collaborative initiative to help organisations worldwide defend against increasingly sophisticated, fast-moving threats.

WISeKey signs a perpetual license agreement with Daimler AG for certain components of its ISTANA PKI platform (AP NEWS) WISeKey signs a perpetual license agreement with Daimler AG for certain components of its ISTANA PKI platform GENEVA, ZUG, Switzerland, February 27, 2019 -WISeKey International Holding Ltd...

B2B Media Platform CyberRisk Alliance Acquires InfoSec World Conference And Expo (Forbes) The acquisition is the first for a startup in the fast-growing cybersecurity market.

Telcos ask global firms to list data security issues (The Economic Times) The closed door meeting in Barcelona had members of EU, data protection lobbying bodies, members from Vodafone Group, Huawei, ZTE, amongst others.

Turkcell CEO: US Fear of Chinese AI Fuels Anti-Huawei Campaign (Light Reading) Boss of Turkish mobile operator comes out in support of Huawei and blames a tech arms race between the US and China for the backlash.

Curv raises $6.5 million for keyless cryptography (VentureBeat) Curv, which uses cryptography to secure the digital economy, has raised $6.5 million and unveiled its first institutional digital asset wallet service.

IDFC Parampara backs cybersecurity firm CloudSEK (VCCircle) CloudSEK Info Security Pvt. Ltd, which develops software-as-a-service (SaaS) information security risk management solutions, said it has raised Rs 3.5 crore ($490,000 at current exchange rate) in a fresh funding round from IDFC Parampara Early Stage Opportunities Fund.

Kenna Security and Sonatype Partner to Enhance Risk-Based Vulnerability Management with Open Source Intelligence (GlobeNewswire) New relationship underscores the need for enterprises to manage open source risk as part of an integrated and comprehensive security program.

Palo Alto Networks beats Q2 expectations, rolls out new AI-based platform (ZDNet) The new Cortex platform allows security operations teams to speed the analysis of massive data sets.

Manufacturers given onus to handle automated vehicle security in Australia (ZDNet) The National Transport Commission has said cybersecurity has been dealt with via a 'performance-based approach', with no prescriptions provided by government.

Ex-Cylance, Carbon Black executives' startup raises $20 million in second funding round (Reuters) Cybersecurity company Obsidian Security raised $20 million in a funding round participated by Greylock Partners, the company told Reuters on Tuesday, a day ahead of a planned announcement.

Indonesia cannot 'be paranoid' about curbing Huawei as telcos sign deals: minister (Reuters) Indonesia “can’t be paranoid” about curbing the use of Huawei’s wireless technology over security concerns, as too many of its telecommunication companies are dependent on foreign equipment, communications minister Rudiantara told Reuters.

Telecoms industry sees need to tighten network security, regardless of Huawei (Reuters) The telecoms industry is acutely aware of the need to ensure that ever-more complex mobile networks are safe, the head of its main lobby group told Reuters, as debate swirls over whether to bar some equipment vendors on national security grounds.

Expanding Its Cyber Security Consulting Strength, Crypsis Grows Its New York and Austin Locations (Business Wire) In response to accelerating demand for its cyber security services, The Crypsis Group announced today that it is expanding its offices in New York City and Austin and adding key leadership personnel in both locations.

Filling Vacant Cybersecurity Jobs: The Role of 'Reskilling' (BankInfoSecurity) How can the many job openings for cybersecurity specialists be filled? "Reskilling" can play a critical role, says Greg Touhill, the nation's first federal CISO

SecureSky, Inc. Secures Seed Financing Round (PR Newswire) SecureSky, Inc., a cloud security management company, has completed a seed financing round of $6.5M, provided by a...

R9B Announces Expansion of Colorado Springs Based Global Adversary Pursuit Center (PR Newswire) 12,000 square foot expansion to house more than 150 cybersecurity professionals supporting increased global customer growth and emerging technology development ...

Products, Services, and Solutions

Radiflow Incorporates Dynamic Vulnerability Assessment Scoring Into Its Industrial Threat Detection Solution (PR Newswire) Radiflow, a leading provider of industrial cybersecurity solutions for industrial automation networks, today...

SparkCognition adds new AI-built cyber defense capabilities to major DeepArmorⓇ v2.0 release (PR Newswire) SparkCognition, a global artificial intelligence (AI) company, announced the release details for version 2.0 of...

Cybersecurity firm Quick Heal rolls out cloud-based mobility solutions (Techcircle) Seqrite, an enterprise solutions arm of cybersecurity firm Quick Heal Technologies Ltd, has come up with two cloud-based mobility solutions – MobiSmart and mSuite -- targeted at enterprises with BYOD (bring your own device) policy.

Avast Threat Labs Debuts apklab.io - an Intelligence-driven Threat Hunting Platform for the Security Analyst Community (PR Newswire) Avast, a leading global cybersecurity provider, today announced the launch of...

Recorded Future Launches Plug and Play Browser Extension Providing Seamless Access to Threat Intelligence (PR Newswire) Recorded Future, the leading threat intelligence company, today announced Recorded Future Express, a new offering that...

How WebAuthn aims to solve the password problem (Help Net Security) WebAuthn is a standard for creating and accessing public key credentials on the web, to enable strong authentication of users.

MTRIX Expands Biometric Authentication Portfolio with Nok Nok Labs Solutions (PR Newswire) Nok Nok Labs (Nok Nok), the trusted leader in next-generation authentication, today announced a partnership...

Facebook will introduce 'clear history' tool this year: CFO (Reuters) Facebook Inc will introduce a tool allowing users to clear their browsing history this year, which will affect the company’s ability to target advertisements, Chief Financial Officer David Wehner told an investment conference on Tuesday.

Fluency Integrates Webroot BrightCloud® Threat Intelligence Services into Award-Winning Central Log Management Solution (PR Newswire) Fluency® today announced it integrated next-generation Webroot BrightCloud® Threat Intelligence Services into its central log management solution to uniquely address organizations' complicated compliance and privacy requirements.

Nevada Department of Corrections Locks in EfficientIP to Achieve Full Network Visibility (Benzinga) EfficientIP, a leading provider of network security and automation solutions specializing in DDI (DNS-DHCP-IPAM), today announced...

Proofpoint Essentials Enhanced with New Advanced Threat Insight and Management Experience (Proofpoint) Leading cybersecurity company expands its award-winning cloud-based solution for small and medium enterprises to stop advanced attacks

Nok Nok Labs Announces Successful Deployment of Biometric Authentication for Internet Banking Customers at MUFG Bank, Ltd with Hitachi Ltd (PR Newswire) Nok Nok Labs (Nok Nok), the trusted leader in next-generation authentication today announced that its partner...

TimeClock Plus Announces Trio of Security and Privacy Audit Reports (PR Newswire) TimeClock Plus, an enterprise-grade time and attendance solution provider, today announced the results of...

Leading Educational Institutions Select Humio's Data-Driven Security Platform To Enable Instant Visibility And Investigation Of Risks And Compromises (PR Newswire) Humio, the only solution enabling live observability through fast, efficient and easily scalable log

SyncDog Inc. Collaborates with FullScope IT to Secure Mobile Data in Highly Regulated Industries (Business Wire) SyncDog Inc., the leading Independent Software Vendor (ISV) for next generation mobile security and data loss prevention, today announced a partnership

Meta Networks Zero-Trust Software Defined Perimeter Outpaces Enterpris (PRWeb) Meta Networks Ltd., the technology leader in Software Defined Perimeter (SDP) solutions for secure remote access, today announced its latest generation

wolfSSL Announces wolfBoot Secure Bootloader (PRWeb) wolfSSL, a leading provider of TLS cryptography and the world’s first commercial release of TLS 1.3 announces the commercial release of wolfBoot!

Denim Group’s ThreadFix 3.0 Delivers Unified Vulnerability Management for Networking Infrastructure and Applications (BusinessWire) Denim Group’s ThreadFix 3.0 Delivers Unified Vulnerability Management for Networking Infrastructure and Applications

Cofense Vision Offers SOC and IR Teams Greater Visibility into Phishing Threats Delivered to Inboxes (PR Newswire) Today Cofense™, the leading provider of intelligent phishing defense solutions world-wide, announced the general...

Cato Fortifies Cloud-native Security Services with New Threat Prevention and Detection Engines (Cato Networks) Cato introduces zero-footprint Managed Threat Detection and Response (MDR) service, and integrates SentinelOne zero-day threat prevention to boost its seamless multi-layer network protection

SecurityScorecard Releases Atlas™ Questionnaire Platform (SecurityScorecard) SecurityScorecard announces availability of Atlas​​, a questionnaire and evidence exchange platform that enables enterprises to easily manage, complete, and analyze cybersecurity questionnaires and evidence-based internal security controls at scale

Munich Re Teams Up with CyberCube to Bolster Cyber Risk Analytics (PR Newswire) CyberCube, a leading provider of cyber risk analytics for the (re)insurance industry, today announced that Munich...

Technologies, Techniques, and Standards

IBM Research Suggests a Solution to the Internet of Things' Biggest Security Problem (IoT For All) IBM research has revealed a way to patch security vulnerabilities before they exist, by combining recurrent and convolutional deep learning neural networks.

Why AI and ML are not cybersecurity solutions--yet (TechRepublic) AI and ML are often touted as silver bullets, but real-world applications for the technology seem thin on the ground.

Inside the biometrics of those post-Brexit blue passports (ComputerworldUK) The Entrust founder behind the UK's current e-passport and his successor at Gemalto discuss developments in passport security.

Is India Ready For a Cyber Attack? (The Quint) Cyber warfare is turning into the next means of attack and India is working towards building its defence.

Mitigating Merger and Acquisition Risks (Infosecurity Magazine) Bringing together two organizations is rarely a straightforward task, and cybersecurity risks are often overlooked

Password managers remain an important security tool despite new vulnerability report (CSO Online) Experts downplay discovery of a vulnerability that can expose passwords in a computer's memory. Hackers likely to take easier paths to stealing passwords.

Design and Innovation

Jazz Networks wins USCYBERCOM competition (Intelligence Community News) Jazz Networks of New York, NY announced on February 25 that it placed first in a competition to detect insider threat attacks in real-time during a simulated U.S. Cyber Command battlefield.

Analysis | The Cybersecurity 202: Your phone could soon recognize you based on how you move or walk (Washington Post) A Pentagon identity verification system could be commercially available in 18 months.

Academia

Context sponsors first university HackBack CTF event (Context Information Security UK) Student entrepreneur launches TryHackMe to help fill the cyber skills gap.

Legislation, Policy, and Regulation

CISA Makes Tech and Cyber Centerpieces of National Emergency Comms Plan (Nextgov.com) The public has a month to weigh in on the updated strategy.

California AG Wants to Add Teeth to State Data Privacy Law (Government Technology) Legislation passed over the summer gives consumers in the state more insight into what companies do with their data, but Attorney General Xavier Becerra wants to be able to go after companies that do not comply.

Senators Call for Ban of Chinese Tech in U.S. Infrastructure (Government Technology) The bipartisan group, led by members of the Intelligence Committee, are urging the Trump administration to ban electrical components made by Huawei from being used in energy infrastructure.

U.S. consumer regulator forms task force to monitor big tech (Reuters) The Federal Trade Commission, under pressure to keep closer tabs on big tech companies such as Alphabet’s Google and Facebook, said on Tuesday it would create a task force to monitor the sector and investigate anticompetitive conduct.

FTC’s Bureau of Competition Launches Task Force to Monitor Technology Markets (Federal Trade Commission) The Federal Trade Commission’s Bureau of Competition announced the creation of a task force dedicated to monitoring competition in U.S. technology markets, investigating any potential anticompetitive conduct in those markets, and taking enforcement actions when warranted.

U.S. says Europe getting its message on 'deceitful' Huawei (Reuters) European governments are listening to the U.S. message that China's Huawei exposes telecoms networks to security risks, a senior U.S. cyber official said on Tuesday.

Europe calls for facts not fears in Huawei security row (Reuters) Facts not fears should decide the future of telecoms network security in Europe, industry leaders and policy chiefs said this week, brushing off U.S. calls for a ban on Chinese vendors.

Mozilla fears encryption law could turn its employees into insider threats (Naked Security) Mozilla has told the Australian government that its anti-encryption laws could turn its own employees into insider threats.

Tech Industry Pushes for Australian Encryption Law Changes (BankInfoSecurity) Technology organizations say Australia's anti-encryption law passed in December is already undermining trust in their local operations. The comments come as a

Security Clearance Delays Are Hurting the Pentagon's Tech Workforce (Nextgov.com) The Defense Department is also looking to build out its recruitment staff, officials told Congress.

Litigation, Investigation, and Law Enforcement

YouTube and Instagram fail to take down Momo challenge videos despite police warnings (The Telegraph) YouTube and Instagram have failed to take down content featuring a disturbing online game that encourages children to self-harm despite new warnings from the police.

Former Russian Cybersecurity Chief Sentenced to 22 Years in Prison (KrebsOnSecurity) A Russian court has handed down lengthy prison terms for two men convicted on treason charges for allegedly sharing information about Russian cybercriminals with U.S. law enforcement officials.

Russia Jails Former Top Cyber-Cop in U.S.-Linked Treason Case (Bloomberg) Court orders ex-FSB official Mikhailov jailed for 22 years. Kremlin denied case linked to alleged U.S. election hacking.

Former Grad Destroys Computers with Killer USB (Infosecurity Magazine) A graduate of The College of Saint Rose allegedly destroyed 50 college-owned computers.

Police bust their own radio shop manager for dodgy software updates (Naked Security) Police allege that he updated radios with fraudulent software from a radio enthusiast who allegedly hacked encrypted radios for drug cartels.

The Senate Commerce Committee is demanding answers from Google CEO Sundar Pichai about the company's failure to disclose a microphone inside Nest home security devices (Business Insider) "Google's failure to disclose a microphone within its Nest Secure product raises serious questions about its commitment to consumer transparency and disclosure."

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

National Cyber League Spring Season (Various, February 25 - March 24, 2019) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...

BSides Columbus 2019 (Columbus, Ohio, USA, March 1, 2019) BSides Columbus is a volunteer-run conference that gives local (and not-so-local) information-security enthusiasts a platform to share their discoveries and breakthroughs with the Central Ohio infosec...

FAIR Analysis Fundamentals Training Course before the 2019 RSA Conference (San Francisco, California, USA, March 3 - 4, 2019) FAIR Analysis Fundamentals training from FAIR Institute Technical Advisor, RiskLens, provides the conceptual foundation and practical experience necessary to competently perform FAIR analyses. This training...

G’Day USA US-Australia Dialogue on Cyber Security (San Francisco, California, USA, March 4, 2019) The 2019 G’Day USA US-Australian Dialogue on Cyber Security will be held in San Francisco in the margins of the annual RSA Conference, which attracts more than 45,000 cyber and digital industry leaders.

RSA 2019 (San Francisco, California, USA, March 4 - 8, 2019) This year’s theme is, to put it simply, Better. Which means working hard to find better solutions. Making better connections with peers from around the world. And keeping the digital world safe so everyone...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.