skip navigation

More signal. Less noise.

Get your copy of the definitive guide to threat intelligence.

We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.

Daily briefing.

Avast follows up the trend toward cross-site request forgery attacks against routers with a report on the exploit kits used. The attacks had been noted earlier by Radware and NetLab. Victims continue to be concentrated in Brazil.

CoinDesk reports that Japanese alt-coin exchange Bitpoint has halted all activity while it investigates the theft of some $32 million in cryptocurrency.

The Wall Street Journal reported late Friday that the US Federal Trade Commission had approved a $5 billion settlement over Facebook privacy missteps in connection with the Cambridge Analytica data scandal. The agreement, which is thought to contain provisions for closer privacy oversight, now goes to the Justice Department's Civil Division for final review.

As big as $5 billion may seem, Congressional critics calling the settlement a "slap on the wrist" point to Facebook's very high revenues, which were, the Washington Post notes, $15 billion for the last quarter alone. An opinion piece in the Verge argues that in the context of profits and history, Facebook got off lightly.

Deutsche Welle reports that an "unprecedented" power failure affecting Argentina, Uruguay, and Paraguay yesterday remains under investigation, but Argentina's Energy Ministry says a cyber attack is "not among the main alternatives being considered." MSNBC quotes New York City's Mayor DeBlasio saying the city is "as certain as we can be" that Manhattan's weekend blackout was not caused by a cyber attack. Power has been largely restored in both instances. Official announcements concerning grid failures now routinely address the possibility of cyber attack.

Notes.

Today's issue includes events affecting Argentina, Bahrain, Brazil, Canada, China, Egypt, Germany, Iran, Japan, Libya, Morocco, Oman, Paraguay, Russia, Saudi Arabia, Sudan, Turkey, United Arab Emirates, the United Kingdom, United States, and Uruguay.

Bring your own context.

The UK's Information Commissioner's Office has fined two big companies, British Airways and Marriott, for violations of GDPR. The European General Data Protection Regulation, as has long been expected, will have global reach.

"And what's even more curious is that one of the businesses that was singled out was actually based in the United States. I think that should be a very big hallmark of things to come not only with United States businesses and international businesses doing operations in the EU theater of operations, but also, how is this going to change regulations and fines of data breaches around the world, not just in the EU?"

—Justin Harvey, global incident response leader at Accenture, on the CyberWire Daily Podcast, 7.11.19.

If nothing else, the enforcement actions should induce boards and C-suites to take a closer look at regulatory risk.

Conduct secure and anonymous research on the open and dark web.

If you are doing online research, the common web browser can betray you by exposing you and your organization to cyber attacks. Authentic8, the maker of Silo Cloud Browser and Silo Research Toolbox, ends this betrayal. Silo insulates and isolates all web data and code execution from user endpoints, providing powerful, proactive security even if you are gathering data and collections across the deep and dark web. Learn more.

In today's podcast, out later this afternoon, we speak with our partners at the Johns Hopkins University Information Security Institute, as Joe Carrigan discusses Apple's pushing an update to mitigate Zoom conferencing app vulnerabilities. Our guest is Patrick Cox from Neustar on government agencies using inadequate ID authentication via phone.

XM Cyber is coming to Black Hat (Las Vegas, Nevada, United States, August 3 - 8, 2019) Visit XM Cyber at our booth 875, to experience the first fully automated APT simulation platform to Simulate, validate and remediate hackers’ path to organizational critical assets.

Wicked6 Cyber Games (Las Vegas, Nevada, United States, August 8, 2019) Wicked6 is a fundraiser and cybersecurity exhibition in a thrilling esports arena in Las Vegas on August 8, 2019. It’s a week when cybersecurity leaders from around the world come to Las Vegas, and all are welcome to come by to experience this exciting and unique cyber competition as a player, sponsor, or avid fan. Wicked6 will raise funds for the Women’s Society of Cyberjutsu, a national 501(c)(3) nonprofit that promotes training, mentoring and more to advance women and girls in cybersecurity careers.

Cyber Attacks, Threats, and Vulnerabilities

Symantec reveals WhatsApp and Telegram exploit that gives hackers access to your personal media (VentureBeat) Cybersecurity firm Symantec found an exploit that could allow WhatsApp and Telegram media files to be exposed and manipulated by malicious actors.

Intel officials warn of China’s growing threat to American tech secrets (C4ISRNET) While concerns over Huawei's involvement in 5G get a lot of attention, intelligence officials warn that China's efforts to steal American intellectual property go much farther, encompassing artificial intelligence, agriculture and more.

Alleged Iranian hacker who aided cyber espionage attacks on the US unmasked (Fox News) For years, “Mr. Tekide” has been well-known as a red flag within international cybersecurity communities. The alias has managed to evade being publicly identified despite being deemed a top malware developer and hacker whose crypters – which are used to conceal malware in an attack – have been used in cyber espionage attacks on the United States and broader West, as well as Sunni Arab countries and Israel. 

Brazil is at the forefront of a new type of router attack (ZDNet) Avast: More than 180,000 routers in Brazil had their DNS settings changed in Q1 2019.

Attacks in Turkey Used Excel Formula Injection (Infosecurity Magazine) Malicious spam attacks on Turkish organizations flew under the radar.

Bitpoint Exchange Hacked for $32 Million in Cryptocurrency (CoinDesk) Bitpoint, a licensed cryptocurrency exchange based in Japan, has had $32 million-worth of crypto assets stolen from the platform.

Phishing kits are licensed, managed and pirated like any other legitimate software (CyberScoop) Spearphishing schemes are pulling on practices from legitimate software companies in order to enhance the efficiency and distribution of their scams, according to new research published Wednesday.

The Evolution of a Russian Troll (Foreign Policy) Alexander Malkevich, whose employees were detained in Libya, is part of Moscow’s efforts to create a “concert of chaos” around the globe.

Kamala Harris Rips Russian Bots For Kaepernick Furor, Says They're Coming For Her (HuffPost) And Russian interference in the 2020 election could be even worse than the last time, she warns.

Japanese Exchange Bitpoint Hit By $32m Cyber-Attack (Infosecurity Magazine) Japanese Exchange Bitpoint Hit By $32m Cyber-Attack. Firm suspends services after notifying authorities

Dr.Web — innovative anti-virus technologies. Comprehensive protection from Internet threats. (Dr.Web) Doctor Web is a Russian IT-security solutions vendor developing Dr.Web anti-virus for businesses and personal use, as well as anti-virus as a service since 1992.

Agent Smith malware targets android apps; remove these 16 apps immediately (International Business Times) If you are an Android user then you should know that it is vulnerable to malware attacks, which can cause serious data theft. Recently a new malware called 'Agent Smith' is targeting android phones to bombard with advertisements.

New TrickBot Attack May Have Compromised 250 Million Email Addresses (Digital Trends) TrickBot returns with a new attack that teams up the malware with an email-based infection and distribution module dubbed TrickBooster. An investigation into TrickBooster's servers discovered a database with 250 million compromised email accounts, including from US government departments.

Hey, Google, why are your contractors listening to me? (Naked Security) Humans are listening to our recordings – some made by mistake – to improve speech recognition. But they’re not as anonymous as Google says.

Google defends letting human workers listen to Assistant voice conversations (The Verge) The public is waking up to the compromises of using AI assistants

China’s low-profile forensics champion caught in data privacy storm (South China Morning Post) Fujian-based digital forensics and information security specialist is believed to be linked to spy app used by Chinese police to extract data from citizens’ smartphones.

AP Exclusive: New election systems use vulnerable software (AP NEWS) Pennsylvania's message was clear: The state was taking a big step to keep its elections from being hacked in 2020. Last April, its top election official told counties they had to...

New Election Systems Found to Use Vulnerable, Outdated Software (Time) The vast majority of 10,000 election jurisdictions nationwide use Windows 7 or an older operating system

Syracuse schools’ cyber attack is ransomware (Syracuse.com) The district is facing a six-figure ransom in order to retain control of its computer system.

New Bedford: public release of info on cyber attack could put city at further risk (South Coast Today) Cyber professionals have "strongly advised" the city against providing any details about the impacts of a computer virus

Argentina, Uruguay, Paraguay suffer massive power blackout (Deutsche Welle) A massive power grid failure left all of Argentina and parts of Uruguay and Paraguay without electricity, affecting around 50 million people. Power was mostly restored by evening.

NYC blackout 'not a cyber attack': mayor (Reuters) As officials seek answers for a five-hour blackout in New York's Manhattan, the city's mayor says the power outage was not a cyber attack or an act of terrorism. Rough Cut (no reporter narration).

12 top cloud security threats: The dirty dozen (CSO Online) More data and applications are moving to the cloud, which creates unique infosecurity challenges. Here are the "Treacherous 12," the top security threats organizations face when using cloud services.

6 ways malware can bypass endpoint protection (CSO Online) Breaches from attacks that defeat or run around endpoint protection measures are on the rise. Here's how attackers do it.

Security Patches, Mitigations, and Software Updates

Citrix plugs critical Citrix SD-WAN flaws, patch ASAP! (Help Net Security) Researchers have found critical vulnerabilities in Citrix SD-WAN and are urging administrators to patch them as soon as possible.

Cyber Trends

APT Groups Make Quadruple What They Spend on Attack Tools (Dark Reading) Some advanced persistent threat actors can spend north of $1 million on attacks, but the return on that investment can be huge.

Persistent Threats Can Last Inside SMB Networks for Years (Dark Reading) The average dwell time for riskware can be as much as 869 days.

In an online world, we could forget everything (Times) An unpretentious rom-com lured me into a labyrinth of historical reflection, mild technophobia and tentative neuroscience. Yesterday is directed by Danny Boyle and written by Richard Curtis (with...

Don’t blame flawed Silicon Valley for the rot of Wall Street and Washington (TechCrunch) The techlash is well underway. Blame Facebook! Blame Google! Blame Amazon! (Apple and Microsoft still seem relatively immune, for now.) And, I mean, there’s a lot of objectively blameworthy behavior there, especially in that first case. But I find myself wondering: why does the ire go beyond …

The CIO and CFO rarely agree on digital strategy (Computing) Less than a quarter of business leaders say that the CIO and CFO are aligned on the approach to digital transformation

Marketplace

Huawei Plans Extensive Layoffs in the U.S. (Wall Street Journal) Huawei Technologies is planning extensive job cuts at its U.S. operations as the Chinese technology giant continues to struggle with its American blacklisting.

Middle East Dictators Buy Spy Tech From Company Linked to IBM and Google (The Intercept) Iran and Syria are the only countries in the region where Semptian would refuse to sell its surveillance tools, an employee said.

enSilo Unveils Advanced Platform Capabilities, Announces Strong Growth and New Investment (PR Newswire) enSilo, the company protecting businesses around the world from data breaches and disruption caused by cyber...

OurPact returns to App Store, reviving debates about Apple’s impartiality (Ars Technica) What OurPact's return means for similar apps, iOS security, and antitrust cases against Apple.

The Czech Cyber Billionaire Who Built A Fortune On Free Software (Forbes) Pavel Baudis built a massive software company out of Czech communism's ashes. It's made him a billionaire and protected millions from cybercriminals.

Products, Services, and Solutions

New infosec products of the week: July 12, 2019 (Help Net Security) New infosec prodcuts of the week feature interesting releases from the following vendors: Barracuda, Pradeo, Exostar and Corsa Security.

Nucleus Cyber Integrates with Microsoft Information Protection (MIP) t (PRWeb) Nucleus Cyber, the intelligent data-centric security company for the modern workplace, today at Microsoft Inspire in Las Vegas announced its NC Protect solution now u

How Alphabet security moonshot Chronicle fits in at Google Cloud (ComputerworldUK) In late June this year, Google parent company Alphabet announced that Chronicle - the 'moonshot' spinout that became a standalone security company - would be folded into Google Cloud. Here's what it promises to bring to customers

BlackBerry juices up threat hunting software (ComputerWeekly) Things changed at BlackBerry, more than once, to be fair. The company that used to be known as Research in Motion (RIM) decided to drop the somewhat incongruous name and some bright spark in ...

Technologies, Techniques, and Standards

GDPR One Year Anniversary: A Risk-Based approach to GDPR is key for achieving compliance (Gemalto blog) Data protection has become a global hot topic since the General Data Protection Regulation (GDPR) took effect on May 25th last year.

“Five Eyes” Nations Finish Large-Scale Cyber Exercise (Air Force Magazine) Military personnel from the US and the other “Five Eyes” intelligence-sharing partner nations came together for a large-scale exercise focused on preparing for cyberattacks and keeping adversaries out of critical infrastructure.

U.S. Companies Learn to Defend Themselves in Cyberspace (Wall Street Journal) By deploying dozens of specialized defense tools against hostile hackers, “cyber-resilient” firms are minimizing their digital risk.

Thycotic expert on achieving maturity in privileged access security (Intelligent CIO Europe) Joseph Carson, Chief Security Scientist and Advisory CISO, Thycotic, explores how organisations can develop more advanced strategies for protecting privileged

How To Clear Out Your Zombie Apps and Online Accounts (WIRED) All those services you signed up for but forgot about? They're a security risk. Here's how to get rid of them.

To slow down cyber attacks, know what you have and deceive them (Federal News Network) Craig Harber, the CTO for Fidelis Cybersecurity, said there are several steps agencies can take to reduce their risks.

As FTC cracks down, data ethics is now a strategic business weapon (TechCrunch) $5 billion. That’s the apparent size of Facebook’s latest fine for violating data privacy. While many believe the sum is a slap on the wrist, it’s still the largest amount the FTC has ever levied on a tech company. 

Design and Innovation

The Toxic Potential of YouTube’s Feedback Loop (WIRED) Opinion: I worked on AI for YouTube’s "recommended for you" feature. We underestimated how the algorithms could go terribly wrong.

German banks to stop using SMS to deliver second authentication/verification factor (Help Net Security) German banks are moving away from SMS-based customer authentication and transaction verification (SMS-TAN), as the method is deemed to be too insecure.

Research and Development

DARPA demonstrates warfighting force with artificial intelligence as a true partner (Defence Blog) The Defense Advanced Research Projects Agency, commonly known as DARPA, has provided details of the program that highlights manned-unmanned teaming to enhance capabilities for ground units, giving …

Peter Cochrane: Much of what we're told about quantum computing is nonsense (Computing) Articles and presentations on quantum computing are often completely wrong, warns Professor Peter Cochrane

On the Viability of Conspiratorial Beliefs (Plos One) Conspiratorial ideation is the tendency of individuals to believe that events and power relations are secretly manipulated by certain clandestine groups and organisations. Many of these ostensibly explanatory conjectures are non-falsifiable, lacking in evidence or demonstrably false, yet public acceptance remains high.

Academia

Danville Community College team participates in Virginia Cyber Cup Competition (GoDanRiver.com) Special to the Register & Bee

Legislation, Policy, and Regulation

Microsoft Office 365: Banned in German schools over privacy fears (ZDNet) State of Hesse says student and teacher information could be "exposed" to US spy agencies.

The Shifting Dynamics of Britain's National Security Threats (Global Security Review) With the advent of the twenty-first century came differing classifications of national security threats and a shifting order of strategic preeminence. The risk of extremism and consistent alienation of citizens in European countries have both expanded and diversified. Some European Union member states in the EU require security sector reforms and the replacement of old …

'Hybrid war': Army Chief Bipin Rawat talks about future wars - Here’s what India is planning (Times Now News) The nature of modern-day warfare has shifted from physical to virtual and with the increase in state-sponsored cyber-attacks India has taken concrete steps to secure its interests.

Trump is rattling sabers in cyberspace — but is the U.S. ready? (POLITICO) While cyber defenses are improving, some experts worry about how the U.S. would recover from an even larger strike.

How should the US respond to ‘gray zone’ activity? Here are three options (Defense News) A Center for Strategic and International Studies report lays out a campaign plan to respond to

House votes to curb Trump’s war powers, challenging Senate to act (Defense News) The House has passed legislation with limits on President Donald Trump’s ability to strike Iran without the consent of Congress.

Are Congress and the White House on a collision course in cyber? (Fifth Domain) The Trump administration has ignored Congress's request to see documents governing cyber operations.

Huawei calls on US to lift export restrictions (AP NEWS) The chairman of Huawei said Friday the Chinese tech giant has yet to see any benefit from President Donald Trump's promise to allow U.S. companies to sell some components to...

Why Canada Must Protect its 5G Networks from Huawei (The National Interest) Canadians deserve to reap the benefits of next generation technology, but not at the cost of its national security.

Regulators pressed on Chinese gear in energy supply chain (FCW) A House panel grilled energy regulators about the presence of Huawei and ZTE gear in power providers' operations.

Army chief Milley strongly backs 'dual hat' role at Cyber Command (FCW) Army Chief of Staff Gen. Mark Milley testified during his confirmation hearing that filling DOD's leadership vacancies was essential to the 'effectiveness and efficiency of the department.'

Are more robust cyber partnerships on the horizon? (Fifth Domain) Joint Chiefs nominee Gen. Mark Milley expressed the need to partner with U.S. agencies and the private sector to protect and reinforce U.S. capabilities.

Policy Brief: Principles for Responsible Data Handling (Internet Society) Introduction More and more of our activities generate data which is collected and used in ways we don’t see and can’t control. While the data is used for analytics and targeted advertising that can potentially improve services enhance our experience as consumers or public service users, its use can also undermine privacy, autonomy, and trust …

If 5G Networking Is a U.S. Intel Priority, Should It Receive U.S. Intel Funding? (Breitbart) David P. Goldman, China policy expert and frequent guest on Breitbart News Tonight, offered what he described as a “modest proposal” in an article published Thursday at PJ Media: If 5G wireless is so clearly a concern for U.S. intelligence, a portion of the intelligence budget should be invested in creating an American competitor to China’s dominant Huawei corporation.

Right-wingers say Twitter’s “bias” against them should be illegal (Ars Technica) Conservatives are split on whether section 230 harms or preserves free speech.

The new way data will be managed in federal agencies (Federal Times) New Office of Management and Budget guidance directs a new data management structure within agencies.

State lacks basic cyber hygiene (Longview Daily News) Imagine a customer service survey composed of a series of questions and circles to fill in according to your level of response: A circle left blank means "Poor." A half-darkened

Military Discipline in the Social Media Age: How the New Top Marine Plans to Lead (Military.com) Policing social media use for the military's youngest force is a hefty mission.

Litigation, Investigation, and Law Enforcement

Police chase leaker as diplomatic row dominates final Tory leadership TV tussle (Times) Counterterrorism officers are investigating the leak of comments by the British ambassador about President Trump. The decision to call in the Metropolitan Police after Whitehall spent a week...

FTC Approves Roughly $5 Billion Facebook Settlement (Wall Street Journal) The Federal Trade Commission voted this week to approve a roughly $5 billion settlement with Facebook over a long-running probe into the tech giant’s privacy missteps, according to a person familiar with the matter.

FTC votes to approve $5 billion settlement with Facebook in privacy probe (Washington Post) The Federal Trade Commission voted to approve a roughly $5 billion settlement with Facebook ending an investigation into its privacy practices, according to a source familiar with the matter but not authorized to speak on the record, a deal that could result in unprecedented federal oversight of the company.

Facebook Set For Record $5bn FTC Fine (Infosecurity Magazine) Facebook Set For Record $5bn FTC Fine. Social network penalized after Cambridge Analytica scandal

Facebook’s $5 billion FTC fine is an embarrassing joke (The Verge) Facebook gets away with it again

Why BA and Marriott were hit with massive GDPR fines - and how you can avoid one (Computing) Coffin Mew's Guy Cartwright explains why BA and Marriott have hit with big GDPR fines - and what you can do to minimise yours if the worst comes to the worst

Special counsel Mueller's testimony delayed until July 24 (KLEW) WASHINGTON (AP) — Special counsel Robert Mueller's testimony to Congress has been delayed until July 24 under an agreement that gives lawmakers more time to question him. Mueller had been scheduled to testify July 17 before two house committees about the findings of his Russia investigation. But lawmakers in both parties complained that the short length of the hearings would not allow enough time for all members to ask questions.

Revealed: This Is Palantir’s Top-Secret User Manual for Cops (Vice) Motherboard obtained a Palantir user manual through a public records request, and it gives unprecedented insight into how the company logs and tracks individuals.

Lawsuit claims FedEx misled investors after cyber attack (WMCA) A lawsuit claims FedEx violated federal securities laws after a cyber attack.

China Arrests Another Canadian, Adding to Diplomatic Tensions (New York Times) The person was detained last week, Ottawa said, around the same time as 16 foreign students and teachers were held on drug charges elsewhere in China.

Blah blah Blaha: Slovak infosec firm ESET sues politico who called them 'outrageous fascists' (Register) He also said they're working with the CIA

Cyber virus at Strafford County becomes criminal probe (Union Leader) A virus that infected Strafford County computers last month has turned into a criminal investigation and moved a U.S. senator to demand more answers.

Heather Mills Gets An Apology and ‘Substantial’ Settlement in Spyware Case (Threatpost) Rupert Murdoch's News Group has agreed to pay damages to Paul McCartney's ex as part of the massive phone-hacking scandal by UK tabloids.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Integrate (Melbourne, Victoria, Australia, August 27 - 29, 2019) Get ready to think beyond and lose yourself in the technology of tomorrow at Integrate 2019. Integrate is Australia's leading event dedicated to helping businesses harness the power of AV technology to...

CyberCon (Anaheim, California, USA, November 19 - 21, 2019) CyberCon is a solutions-based cybersecurity conference connecting executives and decisions makers in the power and utilities sector to cybersecurity experts and industry specific solutions. By attending,...

Upcoming Events

The Digital Economy and Consumer Welfare: A Commonsense Approach to Federal Privacy Law (Washington, DC, USA, July 15, 2019) CompTIA will convene a panel discussion on why federal privacy legislation is critical to protect consumer data and promote U.S. leadership and innovation. Join tech industry representatives and thought...

Insider Threat Program Development - Management Training Course (Mountain View, California, USA, July 15 - 16, 2019) The Insider Threat Defense Group will hold our highly sought after Insider Threat Program (ITP) Development - Management Training Course, in Mountain View, California, on July 15-16, 2019. This comprehensive...

Raleigh Cybersecurity Conference (Raleigh, North Carolina, USA, July 18, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...

Cybertech Midwest 2019 (Indianapolis, Indiana, USA, July 24 - 25, 2019) Cybertech is the cyber industry’s foremost B2B networking platform featuring cutting-edge content by top executives, government officials, and leading decision-makers from the world of cyber. Our Cybertech...

Smoky Mountain Bigfoot Conference (Gaitlinsburg, Tennessee, USA, July 27, 2019) Join us for the first ever Smoky Mountain Bigfoot Conference. We have some of America's most experienced Bigfoot researchers and investigators including Cliff Barackman, Bigfoot Field Researcher and co-host...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.