skip navigation

More signal. Less noise.

Get your copy of the definitive guide to threat intelligence.

We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.

Daily briefing.

This just in: humans now read the CyberWire on Alexa.

No time to read the Daily News Briefing? Let our own talent do it for you on your Alexa. Just say, "Alexa, what's my flash briefing?" or "Alexa, what's in the news?" after you've set the CyberWire as part of your flash briefing and the hosts of our podcast will take it away.

Yahoo reports that Bulgarian authorities have arrested a 20-year-old man in connection with a data breach at the national tax agency that exposed some seven-million people's personal information. The unidentified suspect is said to have been a legitimate penetration tester who went over to the dark side.

Congress is raising concerns about the 2020 US census, according to TheHill. This is the first census in which a significant portion of the data collection will be done online, with the attendant possibility of hacking, and a priori jitters are to be expected.

Researchers at Boston University report that they've demonstrated ways of defeating Media Access Control (MAC) address randomization Bluetooth Low Energy (BLE) uses to protect devices from being identified and tracked. Even properly, carefully implemented instances can yield a lot more information about a device than had generally been believed.

The US FBI has issued a Flash alert offering master decryption keys and other useful information concerning the now possibly retired but still troublesome GandCrab ransomware.

Monroe College, a proprietary school headquartered in the Bronx borough of New York, is grappling with a significant ransomware incident. Naked Security puts the extortion demand at $1.8 million; Inside Higher Ed says it's an even $2 million. Monroe has declined to say whether it will pay the ransom, but it has reverted to manual operations wherever possible.

The US House Armed Services Committee has asked to see “all National Security Presidential Memorandums relating to Department of Defense operations in cyberspace," Roll Call reports.

Notes.

Today's issue includes events affecting Bulgaria, Czech Republic, Germany, India, Iran, Israel, Lithuania, Russia, Ukraine, United Kingdom, United States.

Bring your own context.

A lot of people talk about moving away from passwords and, even moreso, about moving away from other knowledge-based modes of authentication. Why is this?

"And so what we've been advocating for - in fact, we do this millions and millions of times each day for some of the largest financial institutions in the country - is relying far less on the asking of questions, the knowledge information. That whole approach, frankly, is broken because criminals know your date of birth. It's on social media. It's been shared. The sad news is, with all the data breaches and hacks and so on out there, they have your Social Security number. They have your address. They have your mortgage payment information. The information has been shared with the bad guys."

—Patrick Cox, founder of TRUSTID, on the CyberWire Daily Podcast, 7.15.19.

You've seen the old war movies where the enemy spy tries to pass for a GI but he's tripped up because he doesn't know things any decent American would know, like what a Baltimore chop is, or who's Popeye's girlfriend? That's Hollywood, friends: it's not real. Trust us, Fancy Bear and Cozy Bear already know all that stuff. But just for the record, the answers, respectively, are a high bouncing fair ball that can't be caught in time to throw the batter out at first, and Olive Oyl. (Stone Panda? Charming Kitten? You knew that too, right?)

Conduct secure and anonymous research on the open and dark web.

If you are doing online research, the common web browser can betray you by exposing you and your organization to cyber attacks. Authentic8, the maker of Silo Cloud Browser and Silo Research Toolbox, ends this betrayal. Silo insulates and isolates all web data and code execution from user endpoints, providing powerful, proactive security even if you are gathering data and collections across the deep and dark web. Learn more.

In today's podcast, out later this afternoon, we speak with our partners at the University of Maryland's Center for Health and Homeland Security, as Ben Yelin talks discusses the US Department of Justice and attempts to break encryption in Facebook Messenger. Tamika Smith speaks with Alex Guirakhoo from Digital Shadows about scammers registering fake domains to try to capitalize on Facebook’s Libra cryptocurrency plans.

XM Cyber is coming to Black Hat (Las Vegas, Nevada, United States, August 3 - 8, 2019) Visit XM Cyber at our booth 875, to experience the first fully automated APT simulation platform to Simulate, validate and remediate hackers’ path to organizational critical assets.

Wicked6 Cyber Games (Las Vegas, Nevada, United States, August 8, 2019) Wicked6 is a fundraiser and cybersecurity exhibition in a thrilling esports arena in Las Vegas on August 8, 2019. It’s a week when cybersecurity leaders from around the world come to Las Vegas, and all are welcome to come by to experience this exciting and unique cyber competition as a player, sponsor, or avid fan. Wicked6 will raise funds for the Women’s Society of Cyberjutsu, a national 501(c)(3) nonprofit that promotes training, mentoring and more to advance women and girls in cybersecurity careers.

Cyber Attacks, Threats, and Vulnerabilities

In systemic breach, hackers steal millions of Bulgarians' financial... (Reuters) Bulgaria's finance minister apologized to the country on Tuesday after admi...

Sprint says hackers breached customer accounts via Samsung website (ZDNet) Hackers had access to customer info such as names, billing, device details, and more.

Russia-linked Turla APT revamps arsenal to avoid detection with fileless malware (Computing) The hacking group has developed new forms of malware to avoid detection from software programs such as VPNs

Alarm sounds over census cybersecurity concerns (TheHill) Lawmakers are raising concerns that the upcoming 2020 census, which people are expected to fill out primarily online for the first time, is opening the door to potential cyber vulnerabilities. 

Aavgo security lapse exposed hotel bookings (TechCrunch) A security lapse at a hotel management startup has exposed hotel bookings and guests’ personal information. The security lapse was resolved Monday after TechCrunch reached out to Aavgo, a hospitality tech company based in San Francisco, which secured a server it had left online without a pass…

BREACH: Hospitality Management Platform Leaks Sensitive Client & Guest Data (WizCase) Wizcase recently uncovered a significant data breach in the hospitality industry. Guest communication platform AavGo has an exposed server  – ...

‘The Chinese have already broken into my stuff’: Cyber espionage concerns Army acquisition three-star (Army Times) Cyber security remains an issue for Army acquisition, and the solution may mean investing in resources to take some defense contractors completely “off the net," according to the principal military deputy to the Army acquisition chief.

Kamala Harris says Russian bots are targeting her. It's more complicated than that. (CNN) Sen. Kamala Harris has claimed her presidential campaign is being targeted on social media by Russian bots. But while US intelligence officials say Russian disinformation campaigns targeting Americans continue, verified evidence of attacks on specific candidates has yet to publicly emerge.

The Avast Abuser: Metamorfo Banking Malware Hides By Abusing Avast Executable (enSilo) In May 2019, enSilo detected a new activity by Brazilian cybercrime group, spreading Metamorfo - A Brazilian banking trojan.

Bluetooth LE’s anti-tracking technology beaten (Naked Security) Researchers have found a way to beat the MAC address randomisation feature used by Bluetooth to protect users from being tracked.

SupPy Chain Malware - Detecting malware in package manager repositories (ReversingLabs) Malicious actors are constantly on the lookout for new attack vectors and techniques, using them to infiltrate even the most secure of organizations.

Abusing Microsoft’s Azure domains to host phishing attacks (Zscaler) Zscaler ThreatLabZ team observed attackers are abusing Microsoft Azure custom domains to host phishing attacks. The Zscaler cloud security platform blocked 2,000 such attempts over a six-week period. Read more.

Researcher releases PoC code for critical Atlassian Crowd RCE flaw (Help Net Security) A researcher has released proof-of-concept code for a critical code execution vulnerability (CVE-2019-11580) in Atlassian Crowd.

How can attackers abuse artificial intelligence? (Help Net Security) A research group says attacks against AI systems are already occurring, difficult to identify, and potentially far more common than currently understood

Hackers demand $2 million from Monroe College in ransomware attack (Inside Higher Ed) College’s IT system was attacked by hackers demanding $2 million in Bitcoin. Experts warn that other institutions are vulnerable to similar attacks.

Ransomware attackers demand $1.8m from US college (Naked Security) The school, located in the Bronx and serving around 8,000 students, has declined to say whether it will pay up.

Syracuse cyber attack: Experts say schools easy prey for ransomware (Syracuse.com) Many schools not serious enough about cyber security.

Government ransomware payments are 10 times average (StateScoop) Between April and June, the average payment from government victims was $338,700, compared to $36,295 for all victims, according to cybersecurity firm Coveware.

55,000 cryptocurrency users affected in Bitpoint’s $28 million hack (Hard Fork | The Next Web) The president of embattled cryptocurrency exchange Bitpoint has revealed the full extent of last week's $28 million hack.

AI photo editor FaceApp goes viral again on iOS, raises questions about photo library access and clo (TechCrunch) FaceApp. So. The app has gone viral again after first doing so two years ago or so. The effect has gotten better but these apps, like many other one off viral apps, tend to come and go in waves driven by influencer networks or paid promotion. We first covered this particular AI photo editor  from […

Philips, DHS flag cyber vulnerability in EKG analysis software (MedTech Dive) Highly skilled, unauthorized users may be able to enable system options not purchased in Philips' Holter 2010 Plus software, but the company said the issue shouldn't compromise patient data or overall system operations.  

Security Patches, Mitigations, and Software Updates

Legacy Server BMC Remote Command Injection - US (Lenovo) Legacy Server BMC Remote Command Injection

Apple is silently updating Macs again to remove insecure software from Zoom’s partners (The Verge) RingCentral and Zhumu are now patched

Fake XMR bugs on Monero is fixed within a month after being found (Chepicap) Significant bugs that allow the creation of fake Monero was found by a blockchain developer.

Google deprecates XSS Auditor for Chrome (The Daily Swig) The age of browser XSS filters is over

Cyber Trends

Reflections on the Zoom/Mac Security Debacle (Insight for the Connected Enterprise) The vulnerability is all patched up, but questions linger.

Industry Response to the BlueKeep Vulnerability (BitSight) BitSight researchers analyzed companies around the world to see if there have been any changes in patching of externally exposed systems following BlueKeep.

Venafi Study: Are Financial Service Organizations More Likely to Suffer Certificate-Related Outages? (Venafi) Financial Service organizations are now the most likely sector to experience a certificate-related outage. Why? Read more.

Dragged Into the Light: Duo Security Report Reveals Businesses Gaining Control of Shadow IT (Virtual-Strategy Magazine) Analysis of millions of users, devices and apps shows organizations implementing zero-trust principles to secure skyrocketing cloud and mobile use

Marketplace

Startups or Targets? Silicon Valley Has Let Its Cybersecurity Guard Down, Experts Say (Fortune) “There are only four problems in cybersecurity: China, Russia, North Korea, and Iran,” said CrowdStrike CTO Dmitri Alperovitch, perhaps half joking, at the Fortune Brainstorm Tech conference.

Guest opinion: Acquire a company. Take on its cybersecurity troubles. (Silicon Valley Business Journal) If you’re an investor looking for the next unicorn, how do you know if that billion-dollar company has a sordid past — or a terminal illness?

Google Protest Leader Leaves, Warns of Company's Unchecked Power (Bloomberg) Meredith Whittaker sparked worker uprisings across tech sector. Google gaining power to impact world in ‘dangerous ways’: blog.

Most of the Google Walkout Organizers Have Left the Company (WIRED) Four of the seven organizers of a 20,000-person walkout at Google in November have quit. The latest to leave is Meredith Whittaker, a researcher on the ethics of AI.

CrowdStrike: Too Challenging To Win Here (Seeking Alpha) Recently IPOed fast-growing company with an enviable story. CrowdStrike has a huge assemble of A-list customers.Neverthless, its stock is unquestionably overvalued.

Even as It Hits All-Time Highs Is Zscaler a Buy? (The Motley Fool) The cybersecurity stock has been on a relentless run since its debut in March 2018.

Time For Check Point To Let Its Hair Down (Seeking Alpha) Check Point is a long time leader in IT security but has disappointing revenue growth of 3.4% YoY. Company fundamentals are great with extremely good free cash flow margin, SG&A expenses, and the company meets the software Rule of 40. Check Point appears to be prioritizing the balance sheet over growth and is in danger of losing market share to high growth competitors. The company may be a conservative investment but be prepared for single-digit growth for a couple of years and 15% growth long term.

PCI Security Standards Council to protect payment data & mPoS devices (Trustonic) The PCI SSC leads a global, cross-industry effort to increase payment security by providing flexible, industry-driven and effective data security standards and programs.

The 11 Coolest Endpoint Security CEOs of 2019 (You Should Know) (Best Endpoint Security Protection Software and Vendors) We’ve compiled a list of the 11 Coolest Endpoint Security CEOs of 2019! These leaders influence their cybersecurity products in profound ways!

UNITED STATES/UNITED KINGDOM : Hakluyt Cyber beefs up New-York team (Intelligence Online) Hakluyt Cyber, the corporate intelligence firm Hakluyt's dedicated subsidiary, has

ManTech appoints Julie Anna Barker as HR VP for Mission Cyber & Intelligence Solutions (Intelligence Community News) On July 15, Herndon, VA-based ManTech announced that it has named Julie Anna Barker as vice president of human resources for the company’s Mission Cyber & Intelligence Solutions (MCIS) Group. B…

Michael Best Adds Former Walgreens In-House Counsel (Michael Best & Friedrich LLP) Michael Best is pleased to announce that Rebecca Gerard has joined the firm’s Privacy & Cybersecurity Practice Group as an associate in Chicago.

Corelight Expands Executive Team with New Vice President of Engineering and Vice President of People (Yahoo) Corelight, providers of one of the most powerful network security monitoring solutions for cybersecurity, today welcomed two technology veterans to its growing leadership team: former Gigamon executive Kuldeep Sandhu joins as new vice president of engineering, and Penny DeFrank joins from Marqeta as

CynergisTek, Inc. Announces Retirement of Founder and Thought Leader Mac McMillan and Appoints His Successor Caleb Barlow as President & Chief Executive Officer to Lead the Company’s Next Stage of Growth (News Category Global Banking & Finance Reviews) CynergisTek, Inc. (NYSE AMERICAN: CTEK), today announced the appointment of Caleb Barlow to the positions of President and Chief Executive Officer, to succeed...

Products, Services, and Solutions

NNT and CIS Announce Strategic Partnership (PR Newswire) New Net Technologies (NNT™), the leading provider of SecureOps™, has announced a...

Radware Expands Its Cloud Workload Protection Service to Include Crypto-Jacking Detection (Yahoo) Radware® (RDWR), a leading provider of cyber security and application delivery solutions, today announced that its Cloud Workload Protection Service now identifies and mitigates coin-mining malware known as ‘crypto-jacking’ operations taking place in customers’ public cloud environments. Malicious cloud-based

Perimeter 81 Launches Zero Trust Application Access (PR Newswire) Perimeter 81, the leading Zero Trust Secure Network as a Service provider, announced today that it has...

CyberGRX Enriches Third-Party Cyber Risk Management Solution with Auto Inherent Risk Insights (BusinessWire) CyberGRX announces a new feature that provides users with visibility into potential threats in their ecosystem: Auto Inherent Risk (AIR) insights.

Group Salus Launches Cybersecurity Reputation Risk Assessment (PRWeb) Group Salus today announced an online Cybersecurity Reputation Risk Assessment – believed to be the first of its kind – to help small and medium-sized businesses ide

StackRox Added to the Department of Homeland Security Continuous Diagnostics and Mitigation (CDM) Program (StackRox) StackRox Kubernetes Security Platform is the First Container Security Solution Added to Approved Products List (APL)

SlashNext Partners with ThreatQuotient to Protect Organizations from Zero-Hour Phishing Threats (SlashNext) Integration Delivers Industry’s Broadest, Most Up-to-the-Minute, Blocking-Ready Phishing Threat Intelligence to ThreatQ Users PLEASANTON, …

Partnership Between Global Fintech Leaders OneSpan and Avaloq Helps Financial Institutions Prevent Fraud (West) Two leaders combine their strengths to arm financial institutions to stop account takeover, mobile malware, social engineering and other attacks

Aryaka Selected as Launch Partner for Microsoft Azure Networking Managed Service Provider (MSP) Program (Aryaka) Aryaka®, a leading global SD-WAN provider, today announced that Microsoft has selected the company as one of the first partners for its new Microsoft Azure Networking Managed Services Provider (MSP) Program. As a result, Aryaka will leverage Azure Networking Services Virtual WAN (VWAN) for an offering launched today timed …

Facebook launches UK reporting tool to clamp down on scam ads (the Guardian) Social media firm to investigate users’ complaints and take down violating posts

Trend Micro's Deep Security as a Service now available on the Microsoft Azure Marketplace (Help Net Security) Trend Micro announced the availability of its leading cloud solution, Deep Security as a Service, on the Microsoft Azure Marketplace.

Tata Communications and Thales team up to boost data security around IoT (FutureIoT) Tata Communications and Thales are joining forces to develop a secure global IoT connectivity solution. ““IoT could transform how businesses

CyberArk Doubles Down On Training With Partner Program Updates (CRN) CyberArk has revised its partner program tiers to focus solely on certifications and unveiled new training modules to help solution providers deliver pre-sales support. 

Fortinet to Secure Canadian Government's Perimeter Services (Yahoo) Fortinet (FTNT), which already protects the IT infrastructure of the Canadian government, will provide cloud and data center services to Shared Services Canada and its clients to protect Internet edge.

BehavioSec Strengthens Anti-Fraud Lead With Updated Behavioral Biometrics Platform Defeating Credential Compromise Attacks Ahead of Compliance Deadlines (BusinessWire) BehavioSec today announced new capabilities strengthening the BehavioSec Behavioral Biometrics Platform.

Claroty Extends Visibility of Market-Leading Industrial Cybersecurity Platform to the Internet of Things (PR Newswire) Claroty, the global leader in industrial cybersecurity, today introduced several enhancements to Continuous Threat...

Technologies, Techniques, and Standards

FBI Releases Master Decryption Keys for GandCrab Ransomware (BleepingComputer) In an FBI Flash Alert, the FBI has released the master decryption keys for the Gandcrab Ransomware versions 4, 5, 5.0.4, 5.1, and 5.2. Using these keys, any individual or organization can create and release their very own GandCrab decryptor.

FBI shares master decryption keys for prolific GandCrab ransomware (The Washington Times) The FBI shared computer code Monday designed to counter a prolific and lucrative type of ransomware virus claiming victims in the U.S. and abroad.

12 Events at Black Hat USA 2019 You Won't Want to Miss (Bricata) We looked at the Black Hat USA 2019 agenda through the lenses of network security and rounded up 12 events you won't want to miss.

A blueprint for cyber disruption response (GCN) National Governors Association offers recommendations on how states can build cyber disruption response plans based on its analysis of 15 states' current plans.

Should You Build Your Infrastructure to be Hit by a Cyber Attack? (Infosecurity Magazine) How do you prepare for an attack you cannot stop? Try passive survivability

Cybersecurity Tools for CPAs (The CPA Journal) In a speech at Baruch College's 18th Annual Financial Reporting Conference, PCAOB member Kathleen Hamm stated: “Technology offers the promise of combining

Design and Innovation

Asian consortium plans blockchain-based mobile ID system (Naked Security) A group of Asian companies want to create a blockchain-based service to turn your phone into a mobile ID system.

Academia

Cyberattacks inflict deep harm at technology-rich schools (Washington Post) Cyberattacks on schools are leading to disruptions in instruction in districts that have thoroughly integrated technology

National security agencies tap Clemson professors’ Russian trolling research (Clemson University) Research by two Clemson University professors on Russian social media trolling has drawn the interest of U.S. agencies charged with protecting the country’s national security.

UPSC Topper Calls Out The Culture Of Cyber Bullying Targeted At People With Disabilities (ScoopWhoop) Ira Singhal points out the need for inclusive schools and to de-associate derogatory connotations implied with words like 'andha, behra, kubda'.

Legislation, Policy, and Regulation

A necessary rise: Lithuania bolsters its cybersecurity, catching the attention of other nations (Fifth Domain) Lithuania's recent efforts to build up cybersecurity are catching the attention of the international community and putting the country at the forefront of cybersecurity development.

US forces have much to learn from Ukraine’s fight with Russia, says State Department official (Military Times) “Ukraine is a laboratory of techniques and procedures,” George Kent, deputy assistant secretary in the European and Eurasian Bureau at the U.S. Department of State, told Military Times Tuesday afternoon

What good are ‘exceptional’ cyber capabilities without authority? (Fifth Domain) Secretary of Defense nominee Mark Esper spoke to Congress on the importance of a streamlined framework for authorizing cyber operations outside U.S. networks.

House demands to see Trump’s cyberwarfare directive (Roll Call) In a rare instance of bipartisan pushback against the White House, lawmakers have repeatedly asked for the still-secret memo.

What good are ‘exceptional’ cyber capabilities without authority? (Fifth Domain) Secretary of Defense nominee Mark Esper spoke to Congress on the importance of a streamlined framework for authorizing cyber operations outside U.S. networks.

Cyber Command tested ‘persistent engagement’ in June exercise (Fifth Domain) Cyber Flag 2019 focused on testing out persistent engagement.

Trump's Pentagon pick 'confident' in 2020 election security (CyberScoop) Defense Secretary nominee Mark Esper told the Senate Armed Services Committee Tuesday that he is confident in the security of the 2020 elections.

Analysis | The Cybersecurity 202: Security hawks in Congress seek to tie Trump's hands on Huawei (Washington Post) A new bipartisan bill would prevent a rollback of restrictions on the Chinese company.

Bipartisan lawmakers roll out bill to keep Huawei blacklisted (ZDNet) The legislation, introduced in the House and the Senate, would stop the president from reversing the US trade ban against Huawei.

​Senators grill Facebook executive on company’s cryptocurrency plans (Silicon Valley Business Journal) Facebook’s cryptocurrency project, Libra, has an ambitious goal: to offer an alternative financial system that makes it possible to send money around the world with few fees. But almost immediately, the company has run into resistance from lawmakers from both sides of the aisle.

Highlights from Facebook’s Libra Senate hearing (TechCrunch) Facebook will only build its own Calibra cryptocurrency wallet into Messenger and WhatsApp, and will refuse to embed competing wallets, the head of Calibra David Marcus told the Senate Banking Committee today. While some, like Senator Brown, blustered that “Facebook is dangerous!,” othe…

​Fighting Big Tech makes for some uncomfortable bedfellows (Silicon Valley Business Journal) Conservatives are showing up at largely liberal conferences to call for breaking up Facebook and Google. Liberals are going on conservative TV shows to do the same. It’s awkward.

Utilities need accelerated declassification to protect against cyber attacks: NERC CEO (Utility Dive) With the potential for a cyberattack at an all-time high, NERC is urging the U.S. government to increase information sharing by rapidly declassifying information on potential threats.

Comms Alliance seeking compo and clearer data retention regime (CRN Australia) Telco's spend exceeded government grant.

UNITED STATES : Christopher Porter, former FireEye chief, takes charge of cyber at ODNI (Intelligence Online) Christopher Porter, the former technical director of the cyber-security firm

ISRAEL : Perimeter combat in Israeli cyber-defence apparatus (Intelligence Online) Tensions are growing between Yigal Unna, the head of the Israel National Cyber Directorate (INCD), and Nadav Argaman, the director

Litigation, Investigation, and Law Enforcement

Trump threatens to ‘take a look’ at Google for China ties (Washington Post) Trump’s shot at Google came in a tweet that cited recent comments from Peter Thiel, a venture capitalist and one of the president’s top supporters, who this week called for the FBI and the CIA to probe the company on grounds it may have committed treason for its operations in China.

Amazon in EU Crosshairs as Vestager Fights Big Tech to the End (Bloomberg) EU to escalate investigation targeting Marketplace platform. Qualcomm also set to face further EU fine in coming days.

Mikhail Rytikov arrested after allegedly providing bulletproof hosting to Russian security - CyberScoop (CyberScoop) Mikhail Rytikov, a Ukrainian national, was apprehended in Odessa as part of an operation carried out with help from the U.S. and U.K.

Ukrainian hacker sought by US arrested (Yahoo) Ukraine has arrested an alleged major computer hacker who has been sought by the United States for years. The head of Ukraine's national security service Ivan Bakanov said Tuesday that Mykhailo Rytikov was arrested in the city of Odessa, in an operation conducted in coordination with Britain and

Bulgarian cybersecurity worker detained over tax agency hack attack (Yahoo) A 20-year-old Bulgarian cybersecurity worker has been arrested on suspicion of involvement in a hacking attack that stole millions of taxpayers' personal and financial data, interior ministry officials said on Wednesday. The man, who works for a company that protects IT systems against breaches,

A popular teen on Instagram was killed. Now the gruesome photos are spreading across the Web. (Washington Post) The horrific killing of Bianca Devins has drawn headlines, with the slaying's brutality underscored by its broadcast online.

JetBlue Bomb Scare Set Off with Apple AirDrop (Threatpost) Someone AirDropped a picture of a suicide vest to multiple people on a JetBlue flight, prompting an evacuation.

So verschickt "Adolf Hitler" von nsdap.de seine Drohungen (T-online) In der Hölle hat die Digitalisierung Einzug gehalten, sagte Siemens-Chef Joe Kaeser nach einer Morddrohung per E-Mail von adolf.hitler@nsdap.de. Umschlagplatz

Siemens unter Peter Löscher, das iranische Atomprogramm & Stuxnet (German Daily News - Amerikas deutschsprachige Zeitung) Der aktuelle Fall einer Bedrohung des Siemens-CEO Joe Kaeser ruft einen Urheberrechtsfall bei der Generalstaatsanwaltschaft Frankfurt am Main ins Gedächtnis: Beschuldiger war ein iranischer Beschaffungsagent – in Bezug zu Siemens-Software.

Ad Fraud Hits Digital Agencies and the Courts: Major Brands Pull Nine-Figure Ad Spend While Litigation, Refunds and Chargebacks Give Ad Market a Black Eye (Yahoo) Multiple, recent marketplace events are finally shedding overdue light on the invisible crime of ad fraud. Major brands P&G and Unilever have put their digital advertising campaigns under a microscope, and they don't like what they see.

Security being increased at Baltimore city buildings after fired IT employee gained ‘unfettered access’ to sensitive areas (Baltimore Sun) Security is being increased at Baltimore’s municipal buildings after a former city technology employee, fired for having alleged hacking tools on his city computer, managed to bypass security at the Abel Wolman Municipal Building downtown and gain “unfettered access” to sensitive areas, according to a report by the city’s inspector general and multiple sources familiar with the investigation.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

EXCHANGE 2-19 (New York, New York, USA, October 16 - 17, 2019) BitSight presents EXCHANGE 2019, The Intersection of Business and Cyber Risk, an event for security and risk professionals to navigate the demands of today's dynamic cyber risk landscape. During this two-day...

North American International Cyber Summit (Detroit, Michigan, USA, October 28, 2019) Taking the Lead: Collaborating to Solve National Cyber Security Problems – Building partnerships and balancing competition and information sharing for improved security. The theme is designed to highlight...

Upcoming Events

Raleigh Cybersecurity Conference (Raleigh, North Carolina, USA, July 18, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...

Cybertech Midwest 2019 (Indianapolis, Indiana, USA, July 24 - 25, 2019) Cybertech is the cyber industry’s foremost B2B networking platform featuring cutting-edge content by top executives, government officials, and leading decision-makers from the world of cyber. Our Cybertech...

Smoky Mountain Bigfoot Conference (Gaitlinsburg, Tennessee, USA, July 27, 2019) Join us for the first ever Smoky Mountain Bigfoot Conference. We have some of America's most experienced Bigfoot researchers and investigators including Cliff Barackman, Bigfoot Field Researcher and co-host...

Cyber:Secured Forum 2019 (Dallas, Texas, USA, July 29 - 31, 2019) Cyber:Secured Forum delivers two days of in-depth content on cybersecurity trends and best practices related to the delivery of physical security systems and other integrated systems. Collaboratively developed...

Community College Cyber Summit (3CS) (Bossier City, Louisiana, USA, July 30 - August 1, 2019) The 2019 Community College Cyber Summit (3CS) at Bossier Parish Community College in Louisiana marks the sixth annual edition of 3CS. 3CS is the only national academic conference focused on cybersecurity...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.