skip navigation

More signal. Less noise.

Visit LookingGlass Cyber Solutions at BlackHat USA 2019

There are many weapons to choose from when it comes to cybersecurity solutions providers – and you must choose wisely. With LookingGlass Cyber Solutions as your security provider, its “Game Over” for threat actors trying to infiltrate your network. To learn more about our solutions, visit our experts at the LookingGlass Network & Chill Lounge, Mandalay Bay South, Palm A on level 3, August 7 & 8. Take a break from the hectic show floor for old school video games, happy hour from 3-7 PM, and a demo tailored to your organization’s security needs.

Daily briefing.

A Yahoo News investigative report concludes that Russia's SVR foreign intelligence service developed the disinformation that US Democratic National Committee data director Seth Rich was murdered to cover up corruption by then-Presidential candidate Hillary Clinton.

Last night Zoom revised its videoconferencing service to completely remove the local web server and add an option to its menu that enables users to remove the app. Two other changes planned for release Friday will save new users' choice of the "Always turn off my video" option and will permit returning users to turn video off by default. Zoom says it made these changes in response to widespread outcry against the way a user could have been unwittingly joined to a conference with their video on. The company had viewed these controversial aspects of its service as features, not bugs: design elements "essential to our seamless join process."

The UK's Information Commissioner's Office handed out its second big fine of the week for a GDPR violation. After levying £183 million ($229 million) against British Airways, the ICO announced Tuesday that it was fining Marriott £99,200,396 ($123 million) for a breach the hotel chain suffered in 2018 as it integrated its Starwood reservation system. The fine amounts to three percent of the chain's annual revenue, one percentage point lower than the maximum allowable fine under GDPR. Marriott, disappointed by the ruling, intends to appeal.

Tenable reports a range of ICS vulnerabilities.

Patch Tuesday brought seventy-seven fixes from Microsoft, including measures against two actively exploited zero-days.

Notes.

Today's issue includes events affecting China, European Union, Iran, Russia, United Kingdom, United States.

Bring your own context.

Using open source code can make development much more efficient and significantly reduce time-to-market. But this software supply chain carries some risks.

"When we look at open source component downloads that we examined last year, we saw 1 in 10 of these Java components being downloaded having known security vulnerabilities. And then also, in late last year, the JavaScript repository led by npm - or the npm packages used by JavaScript developers - they had analyzed 4 million component downloads, of which they found 51% had known vulnerabilities in them. It's really a matter of borrower beware."

—Derek E. Weeks, vice president at Sonatype, a provider of DevSecOps automation tools, on the CyberWire Daily Podcast, 7.8.19.

Risk, as always, can be either accepted, mitigated, or transferred, but it shouldn't be ignored.

Modernizing security analytics and operations with SOAPA.

Security operations is held back by the compromises of existing security analytics solutions, and throwing more money and time at the problem isn’t helping. Instead, you are left dealing with an army of point tools, exponential data growth, lack of context... the list goes on.

It's time to take a new approach to security analytics - explore how Devo can help evolve your SOC in this report by ESG.

In today's podcast, out later this afternoon, we speak with our partners at Cisco Talos, as Craig Williams discusses the Spelevo exploit kit. Tamika Smith speaks with Myke Lyons, CISO at Collibra, on new industry regulations based on the GDPR.

Cyber Security Summits: DC on July 16 and in Chicago on August 27 (Washington, DC, United States, July 16, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, The U.S. DOJ, Verizon, Center for Internet Security, IBM and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Passes are limited, secure yours today.

RSA Conference 2019 Asia Pacific & Japan (Singapore, Republic of Singapore, July 16 - 18, 2019) Join industry leaders and peers at the region’s leading cybersecurity event. Learn the latest issues and solutions, stay on top of new regulations, demo cutting-edge products, expand your skills and grow your personal network. Register now.

XM Cyber is coming to Black Hat (Las Vegas, Nevada, United States, August 3 - July 8, 2019) Visit XM Cyber at our booth 875, to experience the first fully automated APT simulation platform to Simulate, validate and remediate hackers’ path to organizational critical assets.

Wicked6 Cyber Games (Las Vegas, Nevada, United States, August 6, 2019) Wicked6 is a fundraiser and cybersecurity exhibition in a thrilling esports arena in Las Vegas on August 8, 2019. It’s a week when cybersecurity leaders from around the world come to Las Vegas, and all are welcome to come by to experience this exciting and unique cyber competition as a player, sponsor, or avid fan. Wicked6 will raise funds for the Women’s Society of Cyberjutsu, a national 501(c)(3) nonprofit that promotes training, mentoring and more to advance women and girls in cybersecurity careers.

Cyber Attacks, Threats, and Vulnerabilities

Exclusive: The true origins of the Seth Rich conspiracy theory. A Yahoo News investigation. (Yahoo News) In the summer of 2016, Russian intelligence agents secretly planted a fake report claiming that Democratic National Committee staffer Seth Rich was gunned down by a squad of assassins working for Hillary Clinton, giving rise to a notorious conspiracy theory that captivated conservative activists and

U.S. Coast Guard Issues Alert After Ship Heading Into Port Of New York Hit By Cyberattack (Forbes) The U.S. Coast Guard has warned that cybersecurity at sea needs to be taken a lot more seriously after a ship heading into the Port of New York fell victim to a cyberattack.

Maritime Safety Alert: Cyber Incident Exposes Potential Vulnerabilities Onboard Commercial Vessels (US Coast Guard) In February 2019, a deep draft vessel on an international voyage bound for the Port of New York and New Jersey reported that they were experiencing a significant cyber incident impacting their shipboard network.

Report: Russian intel started the Seth Rich rumor to cover for DNC hack (Ars Technica) Yahoo News' Michael Isikoff claims SVR was the source of story in "ConspiracyLand" podcast.

Tenable Research Discovers Vulnerability in Siemens Critical Infrastructure Design Software (Tenable®) Tenable®, Inc., the Cyber Exposure company, today announced its research team discovered a critical vulnerability in Siemens STEP 7 TIA Portal, design and automation software for industrial control systems (ICS). The vulnerability, which impacts the same family of devices compromised in the STUXNET attack, could be used as a stepping stone in a tailored attack against critical infrastructure, with the potential for catastrophic damage.

Nuclear Meltdown with Critical ICS Vulnerabilities (Medium) In 2019, almost a decade after the famed Stuxnet worm silently wreaked havoc on an Iranian uranium enrichment plant, SCADA vendors still…

Report: Detailed personal records of 188 million people found exposed on the web (Comparitech) A database containing nearly 188 million records of personal data was found exposed on the web and accessible to anyone with an internet connection. Some of the records appear to be from Pipl.com and LexisNexus, people search and legal search websites, respectively.

Over 90 Million Records Leaked by Chinese Public Security Department (BleepingComputer) A publicly accessible and unsecured ElasticSearch server owned by the Jiangsu Provincial Public Security Department of the Chinese province Jiangsu leaked two databases containing over 90 million people and business records.

Magecart activity and campaign enhancements (Zscaler) Magecart is a hacker group known for skimming credit or debit card details by injecting malicious JavaScript code into e-commerce sites. The Zscaler ThreatLabZ team had observed different methods for injecting skimming code and stealing payment card details. Read more.

Powload Loads Up on Evasion Techniques (TrendLabs Security Intelligence Blog) By sifting through six months’ worth of data (Jan-Jun 2019) covering over 50,000 samples from the Trend Micro™ Smart Protection Network™ infrastructure, we managed to gain insight into how Powload has incorporated new techniques to increase its effectiveness, especially in its ability to hide from detection.

A Deep Dive Into IcedID Malware: Part I - Unpacking, Hooking and Process Injection (Fortinet Blog) Learn more about IcedID, a banking trojan which performs web injection on browsers and acts as proxy to inspect and manipulate traffic. This is part one of a three part series.…

Anubis Android Malware Returns with Over 17,000 Samples (TrendLabs Security Intelligence Blog) While tracking the activities of the information-stealing Anubis, we saw two related servers and uncovered 17,491 samples of this Android malware.

BianLian banking trojan adds screen recorder to face off against Android users (SC Magazine) BianLian, which first appeared as a dropper in October 2018, has turned spyware by adding screen recording module

Backdoor discovered in Ruby strong_password library (Naked Security) An eagle-eyed developer has discovered a backdoor recently sneaked into a library (or ‘gem’) used by Ruby on Rails (RoR) web apps to check password strength.

The Nation Municipality victim of randsomware cyber attack (Ottawa Matters) Although the municipality can confirm that information was encrypted by the malware, it hasn't found any evidence that information was inappropriately accessed or removed from its systems.

Security Patches, Mitigations, and Software Updates

Adobe tackles vulnerabilities in Dreamweaver, Experience Manager, Bridge (ZDNet) July’s patch update has landed and Flash is nowhere to be seen.

Two Zero-Days Fixed in This Month’s Patch Tuesday (Infosecurity Magazine) Two Zero-Days Fixed in This Month’s Patch Tuesday. Microsoft addresses 77 flaws including six publicly disclosed

July’s Patch Tuesday Fixes Critical Flaws in Microsoft Edge and Internet Explorer, Including 2 Exploited Vulnerabilities (TrendLabs Security Intelligence Blog) Critical patches covered in the release include fixes for Windows DHCP Server, Azure DevOps Server and Team Foundation Server, and .NET Framework, namely assigned as CVE-2019-0785, CVE-2019-1072, and CVE-2019-1113. Elevation of privilege vulnerabilities in Microsoft splwow64 (CVE-2019-0880) and Win32k (CVE-2019-1132), which were previously seen being exploited, have also been patched.

Patch Tuesday Lowdown, July 2019 Edition (KrebsOnSecurity) Microsoft today released software updates to plug almost 80 security holes in its Windows operating systems and related software.

July Patch Tuesday updates are now available for Windows 10 version 1903 and older, here’s what’s new (OnMSFT.com) Microsoft has just released the monthly “Patch Tuesday” updates for all supported versions of Windows 10.

Siemens SIPROTEC 5 and DIGSI 5 (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIPROTEC 5 and DIGISI 5 Vulnerabilities: Improper Input Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a denial-of-service condition and limited control of file upload, download, and delete functions.

Siemens CP, SIMATIC, SIMOCODE, SINAMICS, SITOP, and TIM (Update C) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: CP, SIMATIC, SIMOCODE, SINAMICS, SITOP, and TIM Vulnerability: Out-of-bounds Read 2.

Siemens SIMATIC PCS 7, WinCC, TIA Portal (Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC PCS 7, WinCC Runtime Professional, WinCC (TIA Portal) Vulnerabilities: SQL Injection, Uncaught Exception, Exposed Dangerous Method 2.

Siemens Industrial Products with OPC UA (Update C) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC, SINEC-NMS, SINEMA, SINEMURIK Industrial Control Products with OPC UA Vulnerability: Uncaught Exception 2.

Siemens CP1604 and CP1616 (Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: CP1604 and CP1616 Vulnerabilities: Cleartext Transmission of Sensitive Information, Cross-site Scripting, Cross-site Request Forgery 2.

Siemens Spectrum Power (CISA) 1. EXECUTIVE SUMMARY CVSS v3 4.7 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Spectrum Power Vulnerability: Cross-site Scripting 3. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to inject arbitrary code in a specially crafted HTTP request and monitor information.

Schneider Electric Zelio Soft 2 (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Zelio Soft 2 Vulnerability: Use After Free 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote code execution through the opening of a specially crafted project file.

Rockwell Automation PanelView 5510 (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Rockwell Automation Equipment: PanelView 5510 Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote unauthenticated user to gain root privileges on the device.

Emerson DeltaV Distributed Control System (CISA) 1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Low skill level to exploit Vendor: Emerson Equipment: DeltaV Distributed Control System (DCS) Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain administrative access to DeltaV Smart Switches.

GE Aestiva and Aespire Anesthesia (CISA) 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Equipment: Aestiva and Aespire Anesthesia Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker the ability to remotely modify GE Healthcare anesthesia device parameters.

Zoom patches Mac client after flaw allowed websites to turn on webcams without permission (TechCrunch) Video conferencing giant Zoom has published a patch for its Mac client removing a rogue web server from users’ computers that allowed any website to join a video call without permission. News of the vulnerability first emerged Monday after software engineer and security researcher Jonathan Le…

Zoom Will Fix the Flaw That Let Hackers Hijack Webcams (WIRED) While it at first dismissed the vulnerability, Zoom says it will release a patch Tuesday night.

Zoom for Mac made it too easy for hackers to access webcams. Here’s what to do [Updated] (Ars Technica) Read this before clicking on that Web link in your bathrobe.

Firefox to include tracker blocking report feature (Naked Security) Mozilla has introduced a lot of tracker blocking protections into Firefox lately. Now, it is planning a new feature that will let you see how many online snoopers you’ve successfully evaded. …

Cyber Trends

Mobile Security in the Financial Services Sector Report (Wandera) Mobile Security in the Financial Services An overview of mobile security challenges facing modern Financial Services companies, including changing technologies and compliance with government regulations, as well as an in-depth analysis of how mobile cyber …

Netwrix Survey: 32% of Healthcare Organizations Store All Their Sensitive Data in the Cloud, Yet Lack the Resources to Protect It (Yahoo) Netwrix, a vendor of information security and governance software, today released an infographic based on the findings of its global 2019 Netwrix Cloud Data Security Report for the healthcare industry. The infographic provides an industry perspective of the

Healthcare Needs Cybersecurity Pros that Anticipate What Threat Actors Will Do Next (Bricata) Seasoned security leader Rebecca Wynn says healthcare is behind on the security curve and fixing that begins with finding people that can anticipate threats.

Cybersecurity Training Study Reveals Phishing Identification and Data Protection Are the Top Problem Areas for End Users (Proofpoint) End users incorrectly answered one in four questions about phishing, underscoring the need for ongoing education to significantly reduce risk

State of Application Security at S&P Global World's 100 Largest Banks (Immuniweb) 97 out of 100 largest banks are vulnerable to web and mobile attacks enabling hackers to steal sensitive data.

New LastPass Study Finds 92 percent of Businesses Experience Identity Challenges (West) LastPass by LogMeIn today announced the results of a new study conducted by Vanson Bourne to offer small and medium businesses (SMBs) insights into the state of identity and access management (IAM) and actionable steps to improve their IAM program.

These three things make your business an easy target for a cyber attack (USA TODAY) A new study shows cloud applications are vulnerable entryways for hackers to gain access to company data. The good news is you can protect yourself.

Cyber-Attacks Cost Global Firms $45bn in 2018 (Infosecurity Magazine) Cyber-Attacks Cost Global Firms $45bn in 2018. Internet Society report shows black hats are getting better at making money

Cyber ​​attacks cost $45 billion in 2018 with Ransomware at top (HackRead) An estimated 2 million cyberattacks took place in 2018 costing more than $45 billion in damages worldwide.

Are humans ready for AI to take control of digital security? (Help Net Security) A quarter of people in EMEA prefer their cybersecurity managed by AI in new online survey conducted by Palo Alto Networks and YouGov.

Computers may take the place of parliament (Times) If this column were a book it might be called: My Dad, the Theory of Measurement and the End of Representative Democracy. When my mum died and we cleared out their house, I took home some of my...

Marketplace

Good Governance: Do Boards Need Cyber Security Experts? (Forbes) As an executive or a board member, nothing can ruin a day faster than a cybersecurity breach.

IISP Gets Royal Charter Status to Professionalize Cyber Industry (Infosecurity Magazine) IISP Gets Royal Charter Status to Professionalize Cyber Industry. Greater prestige could help combat skills shortages

Mozilla blocks spy firm DarkMatter from Firefox citing ‘significant risk’ to users (TechCrunch) Firefox maker Mozilla said it will not trust certificates from surveillance maker DarkMatter, ending a months-long effort to be whitelisted by the popular browser. Months earlier, the United Arab Emirates-based DarkMatter had asked Mozilla to formally trust its root certificates in the Firefox cert…

Apple aims privacy billboard at Google’s controversial smart-city (Naked Security) It’s outside of Sidewalk Labs HQ in Toronto, where Google’s sister company is working on stuffing the city with data-collecting sensors.

YL Ventures Closes Fourth Fund with $120M of Committed Capital (BusinessWire) YL Ventures, the Silicon Valley venture capital firm specializing in seed-stage investing in Israeli cybersecurity startups, today announced it has cl

Internet Isolation Leader Menlo Security Raises $75 Million in Series D Funding (BusinessWire) Menlo Security today announced $75 million in Series D funding, led by clients advised by JP Morgan Asset Management.

Welcoming NAB Ventures & Scaling SearchLight for Growth (Digital Shadows) Today is an exciting day for Digital Shadows. Earlier this morning, we announced a $10m focused investment to scale our industry-leading SearchLight service.

NTT Security Completes Acquisition of Application Security Provider, WhiteHat Security (BusinessWire) NTT Security has announced that it has completed the acquisition of WhiteHat Security

Braes Capital Acquires Cybersecurity Services Company Siege Technologies (Yahoo) Braes Capital, a Houston based merchant bank, today announced the acquisition of Siege Technologies, a leader in high end cyber research and development for the federal market. This acquisition marks the beginning of Braes Capital's investment into protecting

Check Point Scouts for New Headquarters (CTECH - www.calcalistech.com) Check Point is looking for new offices that will house all of the company’s Israel-based employees, which number approximately 2,200, currently split among different campuses

Cybersecurity Leader Alex Burkardt Joins VERA as Vice President of Field Engineering (PR Newswire) VERA, the leader in data-centric security, today announced that Alex Burkardt has joined the company as Vice...

Cyber Defense Group Appoints Conor Sherman As Managing Partner (Yahoo) Team Growth Includes New Senior Security Consultant, Jacob Horne

Products, Services, and Solutions

Optiv Security Announces Availability of Advanced Fusion Center to Empower Organizations to Reduce Risk and Operational Costs (Optiv) Enterprise digital transformation efforts combined with advanced and innovative attack intents have left many organizations’ security operations teams overwhelmed by an inordinately high volume, velocity and variety of cybersecurity data and threats.

How Cloud Security Guardian enhances public cloud security (Barracuda) Get a first look at Barracuda Cloud Security Guardian for Azure and how it helps organizations improve their security posture in the public cloud.

Brighterion and Elavon to Fight Fraud with Artificial Intelligence (Yahoo) While the global implementation of EMV chip technology has reduced fraud activity for card payments, the payments ecosystem is still battling the threat of new and emerging fraud payment schemes online. Brighterion, a Mastercard company, and Elavon, a global payments provider and subsidiary of U.S.

CyFIR Announces Partnership With HCL To Enhance The BigFix Platform (Yahoo) CyFIR, an enterprise software and managed services company that provides digital forensics and incident response solutions, today announced a new partnership ...

Cynash Announces Commercial Availability of New Cynalytic™ Analytics P (PRWeb) Cynash Inc., a leading developer of industrial control system (ICS) cybersecurity solutions for critical energy, water and transportation, announces the commerci

PwC Audits Expressvpn Servers to Confirm Essential Privacy Protections (Home of internet privacy) We take your privacy and security extremely seriously. That means no activity logs, no connection logs, no sensitive information.

F-Secure’s New Global Partner Program Unifies Technology, Training, and Benefits (Financial IT) Businesses can’t secure their IT estates without help. They need to create trustworthy relationships with cyber security providers that have the solutions and expertise needed to predict, prevent, detect, and respond to security incidents. And cyber security company F-Secure is launching a new program to help its business-to-business (B2B) IT reseller partners bring the benefits of a holistic cyber security approach to their customers.

Dragos WorldView Industrial Threat Intelligence Now Available Through Anomali Threat Platform (BusinessWire) Dragos today announced that Dragos’ WorldView industrial threat intelligence will integrate with the Anomali Threat Platform.

$22bn Global Insurance Broker Selects Konfidas as a Partner in Cybersecurity Excellence for the Israeli Market (PR Newswire) Konfidas, a leading cybersecurity company in Israel, and Howden a Global Insurance Brokers have joined forces to ...

Technologies, Techniques, and Standards

NHS CIO discusses revamped security two years on from Wannacry (Computing) Will Smart discusses the refreshed NHS cyber strategy which will apply across the organisation, as ransomware refuses to disappear

VPNs Stress Server Security, Vendor Reputation When Choosing Server Locations (Global Security Mag Online) Server security, proximity to the user base, server vendor reputation, and reliable connection tops the list of deciding factors when VPN providers choose their server locations

DCIG Publishes Report on Detecting/Preventing Malware in Enterprise Backup Environments (Asigra) Asigra Inc., a leading cloud backup, recovery and restore software provider since 1986, today announced that the Data Center Infrastructure Group (DCIG), has published a report titled “Creating a Secondary Perimeter to Detect Malware in Your Enterprise Backup Environment.”

Analyzing ARP to Discover & Exploit Stale Network Address Configurations (Black Hills Information Security) Justin Angel// Introduction In penetration testing, ARP is most commonly discussed in terms of poisoning attacks where an attacker achieves a man-in-the-middle (MITM) position between victim nodes by contaminating the ARP cache tables of neighboring hosts. While initially inspired by this technique and the desire to derive a means of passively obtaining a list of …

arch4ngel/eavesarp (GitHub) Analyze ARP requests to identify intercommunicating hosts and stale network address configurations (SNACs) - arch4ngel/eavesarp

U.S. Coast Guard shares cybersecurity best practices for commercial vessels (Help Net Security) Spurred by a recent cyber incident they were called in to help resolve, the U.S. Coast Guard has detailed basic measures to improve vessels 'cybersecurity.

Are Army Reserve soldiers prepared to defeat cyberthreats? (Fifth Domain) A recent exercise evaluated Reserve cyber soldier readiness to defend DoD critical assets from international hackers.

Design and Innovation

Twitter updates hate speech rules to include dehumanizing speech around religion (TechCrunch) Against a backdrop of rising violence against religious minorities around the world, Twitter today said that it would update its hateful conduct rules to include dehumanizing speech against religious groups. “After months of conversations and feedback from the public, external experts and our…

Research and Development

NanoLock Security Granted US Patent for its Cloud-to-Flash Electronic Security Solution (Nanonolock Security) First patent granted from intellectual property (IP) portfolio, which includes several additional patent applications for the company’s cyber defense  solution for connected edge devices Nitzanei Oz, Israel – July 9, 2019 – NanoLock Security, the industry’s only cloud-to-flash, powerful security and management solution for Internet of Things (IoT) and connected edge devices, today announces that …

Tanushree Mitra among first to receive research grant providing access to Facebook data (Virginia Tech) The assistant professor of computer science and a faculty member at the Discovery Analytics Center is also one of only two women to receive the Social Media and Democracy Research Grant. Mitra and her team will study how misinformation and other problematic content spread on the platform.

News - Groups of employees influence a business’s information security, according to study (UAB News) Research results show that an organization’s ability to successfully manage information security incidents is determined by the actions of its employees, among other factors. Information security managers should look for...

Legislation, Policy, and Regulation

Controversial European Digital Copyright Directive comes into force (Computing) Emma Stevens, lawyer in the Technology sector at Coffin Mew, dissects the new EU directive on copyright in the digital single market

What the US needs to counter ‘unprecedented’ Chinese influence in South America (Defense News) China now has

Perspective | The Internet is already being weaponized. The U.S. cyberattack on Iran won’t help. (Washington Post) The troubling implications of a new form of warfare.

Cyber Strikes Do Not Equate to Cyber Warfare (TechNative) In response to Iran’s attacks on oil tankers and the downing of a surveillance drone, the United States Cyber Command launched cyber attacks against Islamic Revolutionary Guard Corp’s missile systems, according to news reporting Per sources, the attack crippled computers used to control some of Iran’s rocket and missile launchers. Iran immediately  denied that the attack was successful, although officials confirmed that cyber attacks were transpiring.  Details of how this attack was deployed remains vague, as such military equipment is generally considered a hard target not easily accessible by remote operations.  Even the 2010 Stuxnet attack required a person direct

The Commerce Department will accept applications from companies that want to supply Huawei, but it remains blacklisted (TechCrunch) About two months after Huawei was placed on the Commerce Department’s Entity List, the Chinese telecom equipment and smartphone giant will be able to do business with American suppliers again–but only if they get a license from the U.S. government. Commerce Secretary Wilbur Ross made the anno…

Social media giants face US grilling over failure to protect children  (The Telegraph) Social media giants are set to be hauled in front of the US senators over harmful content being shown to young children.

Government's digital strategy has lost momentum, claims Science and Technology Committee report (Computing) MPs slam government's faltering digital strategy

U.S. mayors group adopts resolution proposed by Baltimore, vowing not to pay ransoms to hackers (Baltimore Sun) The U.S. Conference of Mayors unanimously adopted a resolution proposed by Baltimore calling on members to refuse to pay ransoms to hackers if their cities fall victim to cyberattacks.

Litigation, Investigation, and Law Enforcement

Marriott to face $123 million fine by UK authorities over data breach (TechCrunch) The U.K. data protection authority said it will serve hotel giant Marriott with a £99 million ($123 million) fine for a data breach that exposed up to 383 million guests. Marriott revealed last year that its acquired Starwood properties had its central reservation database hacked, including five mi…

Marriott Faces $124 Million Fine Over Starwood Data Breach (Wall Street Journal) Marriott International faces a potential £99.2 million ($123.6 million) fine over a consumer-data breach as the U.K.’s privacy watchdog raises pressure on businesses to comply with Europe’s data-protection rules.

Statement: Intention to fine Marriott International, Inc more than £99 million under GDPR for data breach (Information Commissioner's Office) Statement in response to Marriott International, Inc’s filing with the US Securities and Exchange Commission that the Information Commissioner's Office (ICO) intends to fine it for breaches of data protection law.

EX-99.1 (Marriott International Update on Starwood Reservation Database Security Incident) (US Securities and Exchange Commission) Marriott International announced that the UK Information Commissioner’s Office (ICO) has communicated its intent to issue a fine in the amount of £99,200,396 against the company in relation to the Starwood guest reservation database incident that Marriott announced on November 30, 2018. Marriott has the right to respond before any final determination is made and a fine can be issued by the ICO. The company intends to respond and vigorously defend its position.

Nearly £100m for Marriott, £138m for BA - what is the take home message from these sudden massive ICO fines? (Computing) Eerke Boiten, Professor of Cyber Security at De Montfort University, warns that the ICO's new habit of issuing big fines could backfire

T-Mobile says it can’t be sued by users because of forced-arbitration clause (Ars Technica) T-Mobile fights suit that says it broke law by selling users' phone-location data.

Facebook Faces Activist, EU Judges in ‘Schrems II’ Privacy Case (Bloomberg) EU top court hears arguments on safety of data-transfer tools. Facebook says commerce could stutter if data pacts scrapped.

Trump’s Twitter blocks violate First Amendment rights, appeals court affirms (Ars Technica) The best response to criticism is "more speech, not less," court rules.

First, they lost their children. Then the conspiracy theories started. Now, the parents of Newtown are fighting back. (Washington Post) Parents see gains in a fight many hesitated to wage.

Google suspends Trends emails after revealing murder suspect’s name (Naked Security) People subscribed to Google Trends in New Zealand were emailed the murder suspect’s name in violation of a New Zealand court’s order.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

The Digital Economy and Consumer Welfare: A Commonsense Approach to Federal Privacy Law (Washington, DC, USA, July 15, 2019) CompTIA will convene a panel discussion on why federal privacy legislation is critical to protect consumer data and promote U.S. leadership and innovation. Join tech industry representatives and thought...

Industrial Control Systems Joint Working Group (ICSJWG) Fall Meeting (Springfield, Massachusetts, USA, August 27 - 29, 2019) The Cybersecurity and Infrastructure Security Agency (CISA) hosts the Industrial Control Systems Joint Working Group (ICSJWG) to facilitate information sharing and reduce the risk to the nation’s industrial...

Upcoming Events

Minneapolis Cybersecurity Conference (Minneapolis, Minnesota, USA, July 11, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...

The Digital Economy and Consumer Welfare: A Commonsense Approach to Federal Privacy Law (Washington, DC, USA, July 15, 2019) CompTIA will convene a panel discussion on why federal privacy legislation is critical to protect consumer data and promote U.S. leadership and innovation. Join tech industry representatives and thought...

Insider Threat Program Development - Management Training Course (Mountain View, California, USA, July 15 - 16, 2019) The Insider Threat Defense Group will hold our highly sought after Insider Threat Program (ITP) Development - Management Training Course, in Mountain View, California, on July 15-16, 2019. This comprehensive...

Raleigh Cybersecurity Conference (Raleigh, North Carolina, USA, July 18, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...

Cybertech Midwest 2019 (Indianapolis, Indiana, USA, July 24 - 25, 2019) Cybertech is the cyber industry’s foremost B2B networking platform featuring cutting-edge content by top executives, government officials, and leading decision-makers from the world of cyber. Our Cybertech...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.