skip navigation

More signal. Less noise.

What if your security solution could provide zero doubt?

A foundation of artificial intelligence delivers smart, simple, and secure solutions that change how organizations approach endpoint security. Cylance provides full-spectrum, predictive threat prevention and visibility across the enterprise to combat the everyday - as well as the most notorious and advanced - cyberattacks. Let Cylance help you understand how you can create real confidence in your organization’s security posture and zero in on what really matters.

Daily briefing.

German Federal criminal police have arrested a 20-year-old man in the #hackerangriff case. The suspect is a Hessian student; he says his motivation was "anger" and disaffection (ORF). An acquaintance in Heilbronn is being questioned as a witness (Frankfurter Allgemeine).

The US Government, with the NCSC in the lead, warns companies of all sizes about the threat of cyber espionage and recommends best practices for self-protection. Chinese espionage is the principal concern (Reuters).

The Czech Republic considers banning Huawei and ZTE devices on security grounds (Prague Monitor). Huawei meets with Japanese authorities to seek relaxation of that country's ban (RCR Wireless News). Some think Lenovo may be the next Chinese company to receive hostile international scrutiny (Bloomberg). A cyber cold war, complete with spheres of influence, is widely predicted (Defense One).

Facebook's investigation into Democrat inauthentic election influence operations widens (Washington Post).

WikiLeaks circulated a "confidential" legal memo to several news outlets outlining one-hundred-forty "false and defamatory" things they should stop saying about WikiLeaks and Julian Assange. The communiqué was probably prompted by reporting in the Guardian (Reuters). The memo, foreseeably leaked as soon as received, may be read full and unredacted at Ars Technica and elsewhere. Among the misapprehensions WikiLeaks' lawyers are particularly concerned to correct are: that Mr. Assange is a paid Russian agent, that WikiLeaks has "members" like al Qaeda (as opposed to employees, like any media outlet), and that Mr. Assange not only hates the United States, but also bleaches his hair and neglects his cat.


Today's issue includes events affecting Australia, Canada, China, Czech Republic, Ecuador, Germany, Ireland, Japan, Russia, Sweden, United Kingdom, United States.

Visualize Your Network Like the Most Infamous Hackers

Cyber threats are becoming more frequent and targeted. Bad actors are more adept at social engineering and investigating your network and infrastructure to understand your organization’s cyber strengths and weaknesses. This webinar delves into a robust threat model capable of repelling the world's most sophisticated hackers and nation-state actors. Join us for an introduction to ScoutThreat™, a threat management platform that helps analysts streamline threat analysis work and extract the maximum value from threat intelligence.

In today's podcast, up later this afternoon, we speak with our partners at Terbium Labs, as Emily Wilson talks about the nine lives of a credit card. Our guest is Robb Reck from Ping Identity, who has some thoughts on NIST password guidance.

And Recorded Future's latest podcast, "Putting Artificial Intelligence to Work," is also up. Produced in cooperation with the CyberWire, this episode features Tom Davenport, world-renowned thought leader and author, who discusses artificial intelligence and more with Recorded Future's chief data scientist, Bill Ladd.

Rapid Prototyping Event: The Wolf in Sheep's Clothing (Columbia, Maryland, United States, January 29 - 31, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM, is hosting a Rapid Protoyping Event which is interested in identifying UAM solutions that employ advanced real-time analysis of multiple data sources for detecting unauthorized activities.

Cyber Attacks, Threats, and Vulnerabilities

The United States and China - A Different Kind of Cyberwar (SecurityWeek) China is conducting a low and slow cyberwar, attempting to stay under the radar of recognition in the same way that individual hackers use low and slow techniques to remain hidden.

Could a Chinese-made Metro car spy on us? Many experts say yes. (Washington Post) Congress, the Pentagon and others are worried about Beijing’s takeover of the U.S. transit rail car market.

Why is Huawei allowed to install cell boxes when it is banned from 5G? (ABC News) Chinese telco giant Huawei has been prohibited from taking part in the rollout of 5G infrastructure in Australia, , so why is it installing small cell boxes in Sydney?

Is China's Huawei Watching You? (Epoch Times) Huawei plays a key role in China’s programs of mass surveillance, human rights abuse, and technological dominance.

Double trouble: Two-pronged cyber attack infects victims with data-stealing trojan malware and ransomware (ZDNet) A 'prolific' malvertising campaign has been used to distribute the Vidar information stealer and GandCrab ransomware.

GandCrab Operators Use Vidar Infostealer as a Forerunner (BleepingComputer) Cybercriminals behind GandCrab have mixed the infostealer Vidar in the distribution process of the ransomware piece, which helps increase their profits by pilfering sensitive information before encrypting the computer files.

These 14 Apple Apps Could Pose A Big Security Risk (Forbes) Apple’s App Store is again under scrutiny as apps installed by users a million times are hijacked by a malware server previously associated with Android

Over a dozen iPhone apps found to be infected with Golduck malware (TechJuice) Security researchers have found that over a dozen apps available for iOS have been infected with a malware whose primary target previously was Android devices.

Adware Disguised as Game, TV, Remote Control Apps Infect 9 Million Google Play Users (TrendLabs Security Intelligence Blog) We recently discovered an active adware family (AndroidOS_HidenAd) disguised as 85 apps on the Google Play store with a total of 9 million downloads.

Thousands of Internet connected hot tubs vulnerable to remote attacks (HackRead) Weak security practices have rendered IoT devices vulnerable to hacking and all sorts of cyber-attacks. According to the research from a Buckinghamshire-based security group Pen Test Partners, hot tubs can also be hacked using an app simply because there isn’t any authentication process in place.

Hackers Steal Customer Data From Manufacturing Company (SecurityWeek) Hackers managed to compromise Memphis-based Titan Manufacturing and Distributing’s computer system and steal customer payment card data for nearly a year.

No Android passcode? No problem! Skype unlocked it for you (Naked Security) Microsoft closed the hole, which let any unauthenticated phone-grabber answer a Skype call and then roam around on your mobile.

Lokibot via Fake DHL quotation using .ace attachments (My Online Security) With Christmas over we are starting to see an increase in malware campaigns. It is not up to the usual level yet because the Russian Gangs are still on their Xmas breaks, but the rest of the scumbags…

Emergency System Network Hacked to Send Spam (Threatpost) Just as ex-tropical Cyclone Penny moved toward the coast of Queensland, Australia, users of Early Warning Network reported receiving strange messages from the emergency system.

Secure-D uncovers pre-installed malware on Alcatel Android smartphones manufactured by TCL (Upstream) TCL manufactured Alcatel Android smartphones are being shipped with pre-installed malware Read full report

Ursnif, Emotet, Dridex and BitPaymer Malware Families Team Up to Wreak Havoc (Security Intelligence) Researchers discovered a link between four malware families — Ursnif, Emotet, Dridex and BitPaymer — that suggests threat actors may be combining efforts to develop more sophisticated attack vectors.

World Trade Center Hack Shows Cyber Risks for Law Firms (New York Law Journal) The Dark Overlord says it hacked insurers Hiscox and Lloyd's of London as well as World Trade Center owner Silverstein Properties.

Law firm duped out of €97,000 in cyber scam (Independent) A law firm transferred €97,000 to cyber criminals after its email system was hacked.

Almost $500,000 in Ethereum Classic coin stolen by forking its blockchain (Ars Technica) Rollback attack let attackers spend 88,500 previously spent coins.

Coinbase freezes Ethereum Classic trading following attack (TechCrunch) Coinbase is preparing to list a lot of new coins this year, but its first major piece of action in 2019 is to temporarily pause one of its existing portfolio. The exchange said it has stopped all trading on Ethereum Classic — a cryptocurrency it added back in August — after it detected …

The Latest Threats to ATM Security (SecurityWeek) The current state of automated teller machine (ATM) security is far from optimal, but the unique security challenges around ATMs make improvements difficult.

Cyber-attack on Luas transport system may affect 3,226 users (CISO MAG) Personal information of 3,226 people who used Luas tram services may have been compromised in a potential cyber-attack. The Dublin-based tram service operator stated that unknown intruders defaced its website and demanded a ransom of one Bitcoin. In a social media post, Transdev, the company that operates the Luas, declared that its website got compromised …

Threat of a Remote Cyberattack on Today's Aircraft Is Real (Dark Reading) We need more stringent controls and government action to prevent a catastrophic disaster.

Today, hacks are annoying. In future smart cities, they could kill (Digital Trends) Lax computer security is something everybody complains about, but no one does anything to fix it. Witness the egregious examples of security lapses ranging from Equifax to Yahoo that have compromised the personal data of billions of people.

Operational Technology (OT) network monitoring can’t detect “subtle” process sensor issues (Control Global) There is a common misperception that an OT network monitoring solution from any OT network monitoring vendor can find subtle process sensor issues (e.g., sensor drift when the sensor is still in normal operating range, clogged sensing lines when the sensor is still in operating range, etc.). This misperception is why there is a need for the engineering community to be involved.

BenefitMall announces data breach (Insurance Business) Some customers’ personal information may have been compromised in the phishing attack

Top vulnerabilities hospital executives should address immediately (Help Net Security) The three most critical and common high-security cyber risks facing healthcare delivery organizations and their partners have been uncovered.

Cyber Trends

Rise of DevOps exposes organizations to risk via container vulnerabilities (Help Net Security) 60% of respondents to a Tripwire and Dimensional Research study reported their organizations have experienced container security incidents in the past year.

60% of Organizations Suffered a Container Security Incident in 2018, Finds Study (The State of Security) Tripwire surveyed 311 IT security professionals who manage environments with containers at companies with over 100 employees. Read this report to find out about some of the biggest container security challenges organizations face.

2019’s top three cybersecurity trends - Akamai (Channel Life) Cybercriminals have been moving towards a ‘gig economy’ – an underground community of malicious actors exchanging services.

Extreme Cybersecurity Predictions for 2019 (Security Boulevard) Prediction blogs are fun but also kind of dangerous because we’re putting in writing educated guesses that may never come true and then we look, um, wrong. Also dangerous because if we’re going to get any airtime at all, we have to really push the boundary of incredulity. So here at Shape, we’ve decided to … Continue reading "Extreme Cybersecurity Predictions for 2019"

How Facebook's privacy woes might change the rules of the road in 2019 (CSO Online) Following a string of data privacy and protection missteps, Facebook faces potential backlash from legislators and consumers that could affect all companies that process consumer data.

Contactless Fraud Losses Double but Remain Low (Infosecurity Magazine) UK victims still lost nearly £1.2m in first 10 months of 2018


Cybersecurity put under investor microscope (Pensions & Investments) Firms at risk as their clients begin a thorough examination of all data security practices.

Growing demand to meet regulatory compliance drives overall network encryption market (Help Net Security) The global network encryption market size is expected to grow from USD 2.9 billion in 2018 to USD 4.6 billion by 2023, at a CAGR of 9.8%.

Huawei's 5G security scrutiny pain could be Cisco's gain – analysts (Register) Have enterprise networking portfolio, will travel

Western Tech Is Ready to Name the Next Red Menace (Bloomberg) Huawei isn’t the only Chinese company that’s likely to be labeled a global security threat.

Radware to Acquire ShieldSquare for Expansion of Its Cloud Security Portfolio (Nasdaq) ShieldSquare's Cloud-Based Anti-Bot Solutions Help Online Businesses Differentiate Between Human & Non-Human Traffic on Websites, Mobile Applications & APIs

Neustar Completes Acquisition of Leading Caller Authentication and Fraud Solution Provider TRUSTID (BusinessWire) Neustar Completes Acquisition of TRUSTID - Combination Creates Powerful Capability to Combat Consumer Fraud

DH2i Closes 2018 With Record Customer Acquisition and Revenues, Driven by Bar-Raising Product Innovation and Strategic Partnerships (DH2i) DH2i has closed out 2018 with record customer acquisition and revenue numbers, driven by its bar-raising product innovation and strategic partnerships.  We have also enjoyed a number of awards and accolades from across the industry.

Top 25 Cybersecurity Companies of 2018 (TSR) The SaaS Report is pleased to announce The Top 25 Cybersecurity Companies of 2018.

U.S. Businesses Look for Cybersecurity Help From Consulting and Training Vendors (PR Newswire) Many U.S. companies are looking for assistance from cybersecurity consulting and training vendors as they face...

You Can Now Get $1 Million for Hacking WhatsApp and iMessage (Motherboard) Companies that buy and sell exploits, or zero-days, are now willing to offer seven figures for hacks that allow spies and cops to steal WhatsApp, iMessage and other chat app messages.

Zerodium Raises Zero-Day Payout Ceiling to $2M (Threatpost) Apple exploits will fetch the highest price.

Renowned Cryptographer Dr. Whitfield Diffie Joins Quantum Xchange's Advisory Board (BusinessWire) Quantum Xchange today announced that Dr. Whitfield “Whit” Diffie has joined the company’s advisory board.

Products, Services, and Solutions

Pindrop Launches Voice Identity Platform for IoT, Voice Assistants, Smart Homes and Offices, and Connected Cars (BusinessWire) Pindrop extends enterprise-grade identity technology to voice-enabled consumer and enterprise devices as the trusted form of authentication

Nok Nok Labs Announces Commercial Deployment of Biometric Authentication at SoftBank for their Mobile Customers (PR Newswire) Nok Nok Labs, a leader in next-generation authentication and co-author of multiple FIDO (Fast IDentity Online)...

Illumio Launches Supercluster Technology (Illumio) Illumio’s Policy Compute Engine (PCE) Supercluster delivers the first and only global security policies for 100,000+ workloads

BlackRidge Technology Demonstrates New Identity-based Cybersecurity Solution for IoT Networks at CES 2019 (PR Newswire) BlackRidge Technology International, Inc. (OTCQB: BRTI), a leading provider of next-generation cyber defense...

Naval Dome Introduces New Dashboard for Optimum Cyber Monitoring (Maritime Executive) Maritime security specialist Naval Dome has come up with an innovative approach to managing the cyber security status of all protected systems onboard ships, allowing shipboard and shoreside staff to monitor and evaluate fleet-wide system data, even when they are offline. Until now, only crew members have been able to access a ship’s offline data sets.

Marlink Expands VSAT Services to Transpetrol Tanker Fleet (Maritime Executive) Marlink has been awarded a contract renewal to expand its Sealink VSAT service to international ship...

Akamai To Add Customer Identity Access Management Capability To Enhance Digital Trust By Acquiring Janrain Inc. (PR Newswire) Akamai Technologies (NASDAQ: AKAM), the intelligent edge platform for securing and delivering digital...

AppGuard releases server protection (Help Net Security) AppGuard Server addresses the significant gap in adequate server protection enterprises and organizations currently face.

Ledger unveils new Nano X hardware wallet (Help Net Security) The Ledger Nano X has a Bluetooth feature which allows users to connect the device to their smartphone, providing mobility without sacrificing security.

New technology protects from GNSS spoofing attacks (Help Net Security) Regulus Pyramid GNSS Receiver is capable of detecting spoofing attacks, allowing mobile phones, cars and IoT devices to receive GNSS spoofing protection.

McAfee joins hands with Dell and Verizon to secure mobile devices (Domain News) McAfee is collaborating with Dell and Verizon to provide protection against emerging cyberthreats and secure smartphones and tablets.

BlockCypher to Release Grinmint into Production 48 Hours Prior to Grin (PRWeb) BlockCypher announced today that the Grinmint production release will occur 48 hours prior to the Grin mainnet launch. As announced by the Grin development

Huawei unveils new data chip amid global concerns over security risks (Global News) Huawei and other Chinese technology companies that rely on Western technology are stepping up efforts to develop their own.

Technologies, Techniques, and Standards

Boards and the CISO/CIO Perspective: Collaboration Drives Resiliency (Advanced Cyber Security Center) ACSC executives weigh in on how strategic partnerships between boards and management can improve cyber maturity in organizations

Is Privileged Access Management still a pain? - Help Net Security (Help Net Security) Being equipped with a Privileged Access Management (PAM) solution is one of the best ways to keep privileged accounts under control and well-protected.

The rising importance of Data Loss Prevention in today's data protection landscape (Help Net Security) Roman Foeckl, founder and CEO of CoSoSys, talks about the growing importance of Data Loss Prevention at both endpoint and development level.

3 ways the Navy wants to protect its weapons from cyberattacks (Fifth Domain) Th Navy's research represents the core of good cybersecurity, both inside and outside the Pentagon.

Research and Development

DARPA’s plan for AI to understand the world (C4ISRNET) A new DARPA program seeks to use AI to better understand and predict world events.

DARPA wants innovative research to mind the GAPS (FCW) The military research outfit wants to find a better way to securely transfer sensitive data from air-gapped DOD systems to less secure, internet-facing ones.

Microsoft Leads The AI Patent Race Going Into 2019 (Forbes) There have been over 154,000 AI patents filed worldwide since 2010 with the majority being in health fields (29.5%), Industry-specific solutions (25.3%) and AI-based digital security (15.7%). Machine learning dominates the AI patent landscape today.

Legislation, Policy, and Regulation

China, Huawei, and the Coming Technological Cold War (Defense One) 2019 might be the year that splinters the global technology system into distinct spheres of influence.

A New Cold War Has Begun (Foreign Policy) The United States and China will be locked in a contest for decades. But Washington can win if it stays more patient than Beijing.

China Is Shooting Itself in the Foot Over Huawei (Foreign Policy) Beijing's hostage diplomacy is confirming the West's suspicions.

Gov't orders assessment of risks to critical infrastructure by ZTE and Huawei (Prague Daily Monitor) Prime Minister Andrej Babiš (ANO) announced that the cabinet had asked all those responsible for the country's critical infrastructure to assess the threat posed by communications equipment, manufactured by Chinese giants Huawei and ZTE.

U.S. initiative warns firms of hacking by China, other countries (Reuters) The Trump administration on Monday launched a drive to push U.S. firms to better...

Huawei holds talks with Japanese authorities over ban (RCR Wireless News) In December, the Japanese government had implemented a ban on government purchases of equipment from Chinese vendors

NCSC Starts Campaign to Help Industry Fight Foreign State Threats (BleepingComputer) The U.S. National Counterintelligence and Security Center (NCSC) started distributing informative materials ranging from brochures to videos to privately held companies around the country advertising increased awareness of rising cybersecurity threats from nation-state actors.

National Counterintelligence and Security Center Launches Campaign to Help Private Industry Guard Against Threats from Nation State Actors (DNI) National Counterintelligence and Security Center Launches...

Sen. Mike Rounds: An incredibly destructive cyberattack is a threat we must guard against (Fox News) Now, more than ever, the U.S. defense strategy must include protecting our military and civilian infrastructure from cyberattacks.

Analysis | The Cybersecurity 202: How one key Democrat plans to watchdog offensive hacking operations (Washington Post) Rep. Jim Langevin says Trump's policy change risks being too aggressive.

Ceremony Celebrates Creation of New Navy Cyber Warfare Development Group Reserve Unit (DVIDS) Navy Reserve leaders formally inaugurated a new Navy Cyber Warfare Development Group (NCWDG) Reserve unit during a ceremony at Club Meade, Jan. 4.

Trump struggles to replace Mattis as Pentagon chief (POLITICO) Former GOP Sen. Jon Kyl is at least the second person to say he's not interested in the traditionally sought-after top Pentagon post.

Litigation, Investigation, and Law Enforcement

German Student Admits to Huge Data Dump on Public Figures (Bloomberg) A 20-year-old German man from the state of Hesse has confessed to publishing a huge trove of private data linked to Chancellor Angela Merkel and hundreds of other public figures.

Datendiebstahl: 20-Jähriger nennt „Ärger“ als Motiv (ORF) „Verärgerung über öffentliche Äußerungen“ der betroffenen deutschen Politiker und Politikerinnen und anderer Personen des öffentlichen Lebens hat ein tatverdächtiger 20-Jährige als Motiv für seinen umfassenden Datendiebs...

Nach Hacker-Angriff: Bundeskriminalamt durchsucht Wohnung in Heilbronn (Frankfurter Allgemeine) Im Zusammenhang mit dem Diebstahl persönlicher Daten Hunderter deutscher Politiker und Prominenter ist ein 19 Jahre alter Mann als Zeuge befragt worden. Er soll mit dem verantwortlichen Hacker in Kontakt gewesen sein.

Hackerangriff: Seehofer wehrt sich gegen brisanten Vorwurf - und richtet Warnung an Bevölkerung (Frankfurter Neue Presse) Nach dem Hackerangriff auf Politiker und Prominente ist ein 20-Jähriger in Hessen vorläufig festgenommen und inzwischen schon wieder freigelassen worden. 

Democrats ran influence campaigns in at least three states during the midterm elections (The Verge) How Russian-style tactics found new life on Facebook in 2018

Facebook is investigating the political pages and ads of another group backed by Reid Hoffman (Washington Post) Facebook said it is investigating whether an organization backed by Internet billionaire and Democratic megadonor Reid Hoffman violated the social media giant’s policies when it set up several misleading news pages in a bid to target U.S. voters with left-leaning political messages.

Secret campaign to use Russian-inspired tactics in 2017 Ala. election stirs anxiety for Democrats (Washington Post) Party operatives and a research firm known to have roles in “Project Birmingham” are distancing themselves from its most controversial activities.

Here Are The Obama-Era Officials Allegedly Behind The Alabama False Flag Campaign (Daily Caller) The campaign worked like a charm

Paul Whelan’s Brother: Family Knew Little About His Interest in Russia (Foreign Policy) They learned about the Marine’s dishonorable discharge from media.

WikiLeaks tells reporters 140 things not to say about Julian Assange (Reuters) WikiLeaks on Sunday advised journalists not to report 140 different "false ...

Please don’t repeat these things WikiLeaks says you can’t say about Assange (updated) (Ars Technica) Confidential memo promptly leaked.

Wikileaks tells world’s press what not to say about Assange (Times) The words “private” and “confidential” have had little deterrent effect on Julian Assange during his long career leaking other people’s secrets. It was no small irony, then, that the terminology...

Robert Mueller’s 2019 To-Do List (WIRED) The special counsel has lots of unfinished business—more indictments, more witnesses, a final report—to tackle this year. Here’s a rundown.

Court says Vizio’s secret smart TV tracking class-action settlement can move forward (TechCrunch) A long-running class-action lawsuit filed after consumer electronics giant Vizio was caught spying on customer viewing habits can be settled, subject to a final approval, a court has ruled. The group of Vizio customers alleged in its 2016-filed complaint that the company was covertly collecting vie…

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

G’Day USA US-Australia Dialogue on Cyber Security (San Francisco, California, USA, March 4, 2019) The 2019 G’Day USA US-Australian Dialogue on Cyber Security will be held in San Francisco in the margins of the annual RSA Conference, which attracts more than 45,000 cyber and digital industry leaders.

Upcoming Events

SINET Global Institute CISO Series (Scottsdale, Arizona, USA, January 15 - 16, 2019) By invitation only. These intimate CISO workshops address the challenges that Board of Directors are placing on security and risk executives, and how to successfully manage and communicate today’s enterprise...

CPX Asia 360 2019 (Bangkok, Thailand, January 21 - 23, 2019) CPX 360 - the industry’s premier cyber security summit and expo - brings together the world’s leading cyber security experts to one venue. Gain a deep understanding of current challenges cyber security...

CPX Americas 360 2019 (Las Vegas, Nevada, USA, February 4 - 6, 2019) CPX 360 promises to be the premier cyber security summit. CPX 360 is where you’ll receive up-to-the-minute intelligence about global threats and other vital topics from the world’s leading cyber security...

QuBit Conference Belgrade 2019 (Belgrade, Romania, February 7, 2019) QuBit is a Cybersecurity Community Event connecting the East and West. We create a unique way to meet the best and the brightest minds in the information security fields across multiple industries, and...

NITSIG Meeting: Insider Threat Detection & Mitigation Using External Data Sources (Laurel, Maryland, USA, February 12, 2019) Gathering and analyzing Internal data sources is very important for Insider Threat Detection. Equally important is knowing what External data sources are also available to create the "Big Picture" of potential...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.