skip navigation

More signal. Less noise.

What are the best practices and tools for SecOps in 2019?

Read the 2019 SANS Security Operations Survey report for key insights & strategies from principal SANS Instructor Christopher Crowley & SANS Director of Emerging Technologies John Pescatore. Download your copy now.

Daily briefing.

Assessment and penetration-testing company Immunity is selling a BlueKeep version as part of its CANVAS penetration testing suite, ZDNet reports. BlueKeep is already being exploited in the wild: Intezer finds it in the latest version of the WatchBog cryptojacking botnet.

Researchers at Lookout announced the discovery of "Monokle," described as a "new and sophisticated set of custom Android surveillanceware tools." There may be an iOS version lurking somewhere, but for now the Android toolkit is in use in the wild. Lookout attributes Monokle to the Special Technology Centre, Ltd., also known as STC, Ltd. or simply STC. The company is based in St. Petersburg, Russia, and was sanctioned in 2016 by a US Executive Order for its work on behalf of the GRU against US elections. Monokle is advanced mobile malware designed to collect and exfiltrate personal data from infected devices.

Hacktivist group Intrusion Truth has linked APT17 to Jinan bureau of the Chinese Ministry of State Security. They also say APT17 engages in some domestic crime on the side, selling data stolen from Chinese targets.

Proofpoint describes the activities of a Chinese Advanced Persistent Threat group it calls "Operation LagTime IT,” and which it tracks internally as TA428. LagTime is a cyber espionage operation that collects against East Asian targets, for the most part goverment agencies that oversee "government information technology, domestic affairs, foreign affairs, economic development, and political processes." The campaign uses a Remote Access Trojan, CotxRAT, as well as Poison Ivy payloads. These it distributes by phishing.

Notes.

Today's issue includes events affecting Argentina, Brazil, Chile, China, Dominican Republic, Ecuador, European Union, Oman, Peru, Russia, Turkey, United Kingdom, United States, and Uruguay.

Bring your own context.

There may be more to an insider threat program than we tend to think.

"What do you need to think about when you're creating an insider threat program? We've broken it into four steps. Number one - think about what team you're going to pull together. While I'm probably writing this for security practitioners, security is not the only stakeholder and maybe not even the most important stakeholder. We want to make sure we have HR. They're definitely a really important stakeholder. Legal's going to be a part of this, and depending on your company, product is a part of this, maybe sales. It really depends on who is it that's concerned about insiders and what they may do. The second step of creating the program is - what are the risks that you need to address for your company? You know some obvious ones - right? - theft of intellectual property, customer data that may get stolen. Based on what you do, you want to think about sabotage of your organizational systems. You know, are there national security concerns? If you're running a water plant, you know, maybe those are both pretty relevant. The third step that we looked at was identifying the critical controls that you need to watch - once again, you know, some things that are pretty much generally across the board you want to look at. Every company wants to look at their sales folks, their finance folks, their executive team, probably some IT system administrators."

—Robb Reck, CISO at Ping Identity, on the CyberWire Daily Podcast, 7.23.19.

It's a truism to say so, but an insider threat program is an exercise in risk management. Some of that risk might come from a poorly constructed program. Did you notice that HR and Legal both have a place on the team?

With LookingGlass, it’s Game Over For Threat Actors

There are many weapons to choose from when it comes to cybersecurity solutions providers – and you must choose wisely. With LookingGlass Cyber Solutions as your security provider, its “Game Over” for threat actors trying to infiltrate your network. To learn more about our solutions, visit our experts at the LookingGlass Network & Chill Lounge, Mandalay Bay South, Palm A on level 3, August 7 & 8. Take a break from the hectic show floor for old school video games, happy hour from 3-7 PM, and a demo tailored to your organization’s security needs.

In today's podcast, out later this afternoon, we talk with our partners at Booz Allen Hamilton, as Michael Sechrist shares thoughts on municipalities' paying ransomware. Our guest is Eric Murphy from SpyCloud, who discusses threat intelligence at scale. 

And Hacking Humans is up, too. In today's edition, "Looking after Dad," Joe shares a story on the market economy of phishing. Dave explains how gamers are being taken advantage of on popular chat app Discord. The catch of the day includes a little bit of showbiz razzle-dazzle. Our anonymous guest this week shares his efforts to keep his father from falling for online scams.

XM Cyber is coming to Black Hat (Las Vegas, Nevada, United States, August 3 - 8, 2019) Visit XM Cyber at our booth 875, to experience the first fully automated APT simulation platform to Simulate, validate and remediate hackers’ path to organizational critical assets.

Codenomicon August 6 Skyfall Lounge Las Vegas (Las Vegas, Nevada, United States, August 6, 2019) Black Hat is just around the corner! Join Synopsys at our exclusive cyber security professional event—codenomi-con. We’ll kick off a night of entertainment, networking, and leadership Aug. 6 at 6 p.m. Register today!

Wicked6 Cyber Games (Las Vegas, Nevada, United States, August 8, 2019) Wicked6 is a fundraiser and cybersecurity exhibition in a thrilling esports arena in Las Vegas on August 8, 2019. It’s a week when cybersecurity leaders from around the world come to Las Vegas, and all are welcome to come by to experience this exciting and unique cyber competition as a player, sponsor, or avid fan. Wicked6 will raise funds for the Women’s Society of Cyberjutsu, a national 501(c)(3) nonprofit that promotes training, mentoring and more to advance women and girls in cybersecurity careers.

Cyber Attacks, Threats, and Vulnerabilities

US company selling weaponized BlueKeep exploit (ZDNet) An exploit for a vulnerability that Microsoft feared it may trigger the next WannaCry is now being sold commercially.

Linux Botnet Adding BlueKeep-Flawed Windows RDP Servers to Its Target List (The Hacker News) Widespread WatchBog Linux Botnet Scanning the Internet for Windows Systems Vulnerable to BlueKeep RDP Flaw

BlueKeep Scanner Discovered in Watchbog Cryptomining Malware (BleepingComputer) A new Watchbog malware variant can scan for Windows computers vulnerable to BlueKeep exploits, with previous variants only being utilized to infect Linux servers compromised using Jira, Exim, Nexus Repository Manager 3, ThinkPHP, and Solr Linux exploits.

Intezer - Watching the WatchBog: New BlueKeep Scanner and Linux Exploits (Intezer) Researchers have discovered a new version of WatchBog, a cryptocurrency-mining botnet operational since November 2018. It is estimated that 4,500 Linux machines have been infected by this new malware campaign since June 2019.

APT-doxing group exposes APT17 as Jinan bureau of China's Security Ministry (ZDNet) Intrusion Truth's previous two exposes -- for APT3 and APT10 -- resulted in DOJ charges. Will this one as well?

China's Security Ministry is running APT17 cyber-espionage group, claims Intrusion Truth (Computing) Intrusion Truth has revealed details of three individuals believed to be members of APT17

Chinese APT “Operation LagTime IT” Targets Government Information Technology Agencies in Eastern Asia (Proofpoint) Proofpoint researchers document "Operation LagTime IT," in which the Chinese APT TA428 has targeted government IT agencies and Ministry of Foreign Affairs in Asia...

Advanced mobile surveillanceware, made in Russia, found in the wild (Ars Technica) Monokle infected Android devices, but evidence suggests iOS versions may also exist.

New 'highly targeted' mobile malware, dubbed 'Monokle', linked to Russian hackers (Computing) Researchers believe the malware was created by STC, a Russian company accused of interfering in the 2016 US presidential election

A Russian military contractor has a new, shady Android malware kit (CyberScoop) A contractor for the GRU that was sanctioned for interfering in the 2016 U.S. election has developed Android malware being used in “highly-targeted” attacks.

Monokle The Mobile Surveillance Tooling of the Special Technology Center (Lookout) Lookout has discovered a highly targeted mobile malware threat that uses a new and sophisticated set of custom Android surveillanceware tools called Monokle that has possible connections to Russian threat actors

Deep Dive into Guildma Malware (Avast) For several months now, we have been tracking malware called Guildma. Guildma is powerful combination of a RAT (remote access tool), spyware, password stealer and banker malware, mainly distributed via malicious attachments in phishing email campaigns.

Emotet: A Technical Analysis of the Destructive, Polymorphic Malware (Bromium) A technical analysis of Emotet including business model, infection lifecycle, binary analysis, and indicators of compromise.

Own The Router, Own The Traffic (SecureWorks) As threat actors increasingly target supply chains, man-on-the-side techniques introduce another layer of complexity that organizations must consider.

Imperva Blocks Our Largest DDoS L7/Brute Force Attack Ever (Peaking at 292,000 RPS) (Imperva Blog) Imagine you’re a developer building a new web application. You’ve followed all of the security best practices, hired a reputable penetration testing company before launch, and gone through extensive bug fixing to remove any vulnerabilities. However, would you be confident that your application could survive the largest and longest DDoS attack that you’d ever seen? …

How IoT Opens the Door for Insider Attacks Against Industrial Infrastructure (SecurityWeek) With the surplus of IoT and sensor data available, information — such as blueprints, intellectual property and sensitive customer data — will be targeted by competitors and nation states.

How cyber criminals are still snaring victims using seven-year-old malware (ZDNet) Researchers analysed millions of posts made on dark web forums across a 12 month period -- here's what they found out and what it means for your security.

Bishop Fox Researchers Discover High-Risk Vulnerability in InterSystems Application (PR Newswire) Bishop Fox, the largest private cybersecurity professional services firm focused on offensive security testing, has...

U-Boot RCE Vulnerabilities Affecting IoT Devices (Semmle) Semmle’s security research team discovers 13 vulnerabilities in U-Boot leading to potential Remote Code Execution (RCE) when U-Boot is configured to use networking to fetch data.

Five Zero-Days Found in Comodo Anti-Virus Software (Infosecurity Magazine) An attacker could install malware to escalate to the highest privileges, researchers say

Facebook admits to Messenger Kids security hole (Naked Security) A hole in the supposed closed-loop messaging system allowed children to join group chats with people their parents hadn’t approved.

Facebook Knows More About You Than the CIA (WIRED) Facebook hired Yael Eisenstat, a CIA veteran, to help it address election meddling. Now she's deeply worried about the company's sway over our lives.

SharePoint Online scam – sadly, phishing’s not dead (Naked Security) Not all phishes contain easily spotted errors or obviously dodgy web links – here’s how to stay safe…

Indiana County Targeted in Malware Assault on Computers (SecurityWeek) Officials of an Indiana county say they are trying to determine the extent of a malware attack on the county’s computers.

Louisiana school systems cyber attacked; emergency declared (Washington Post) Louisiana Gov. John Bel Edwards has issued an emergency declaration after malware attacks against three school systems in the state have been detected

Facebook’s Libra currency spawns a wave of fakes, including on Facebook itself (Washington Post) The fakes could undermine Facebook's efforts to inspire confidence and satisfy the regulators now scrutinizing the global currency.

Security Patches, Mitigations, and Software Updates

Apple’s July patchfest fixes bugs in multiple products (Naked Security) Apple released fixes for various products this week, including one for a bug that has been public with proof-of-concept code for two months.

Cyber Trends

Cloudy with a Chance of Entropy (Unit42) Cloudy with a Chance of Entropy The term “cloud” has been popular in the business lexicon since 2006 when Amazon Web Services (AWS) launched its Elastic Compute Cloud (EC2). The latest Cloud Threat Report from Unit 42, which was released today, shows that organizations continue to struggle with securing public cloud platforms some 13 years

In Just One Evil Internet Minute, Over Two Phish Are Detected And $2.9 Million Is Lost To Cybercrime, Reveals RiskIQ (West) RiskIQ, the global leader in attack surface management, released its annual “Evil Internet Minute” report today. The company tapped proprietary global intelligence and third-party research to analyze the volume of malicious activity on the internet, revealing that cybercriminals cost the global economy $2.9 million every minute last year, a total of $1.5 trillion.

Cyber Mindset Exposed: Keeper Unveils its 2019 SMB Cyberthreat Study (Keeper Blog) Over the past month, Keeper Security surveyed 500 senior decision makers at SMBs to uncover more about their mindsets around cyberthreats (likely or not?) and common misperceptions (too new, too old, whose job is it anyways?). The findings underscore just how unprepared businesses are for cyberattacks. Here are the top …

Irdeto Global Connected Industries Cybersecurity Survey (Irdeto) The Irdeto Global Connected Industries Cybersecurity Survey polled 700 security decision makers across Connected Health, Connected Transport and Connected Manufacturing plus IT and technology* (who manufacture IoT devices) industries about cyberattacks targeting their organization, concerns about the types of attacks that could target their organization, security measures currently in place and much more.

Survey Finds Insiders Pose Serious Threat to Data Security (Nucleus Cyber) Nucleus Cyber, the intelligent data-centric security company for the modern workplace, issued new warnings about the dangers malicious and negligent insiders pose to data and enterprise systems, following the publication of the 2019 Insider Threat Report conducted with Cybersecurity Insiders.

US Signal ‘State of Web and DDoS Attacks’ Survey Reveals that 83 Percent of Organizations Have Been Hit with a DDoS Attack in the Last Two Years (PRWeb) US Signal, a leading data center services provider, today released its 2019 State of Web and DDoS Attacks survey. The study—which included data derived f

Government breaches - can you trust the US Government with your data? (Comparitech) The US government suffered 443 data breaches since 2014, with 2018 being the worst year so far, according to a new study by Comparitech. Data breaches are often associated with the private sector—hackers break into databases owned by businesses to steal user data and other valuable information. But the government is also a frequent target …

SonicWall 2019 Mid-Year Threat Report Shows Worldwide Malware Decrease of 20%, Rise in Ransomware-as-a-Service, IoT Attacks and Cryptojacking (PR Newswire) SonicWall today announced the findings from its mid-year update of the 2019 SonicWall Cyber Threat Report,...

Banks' Inevitable Race To The Cloud (Forbes) Despite proof and evidence of the benefits, skepticism around cloud computing in banking remains. Rest assured, it won't take 100 years for popular opinion to change. Even if we are talking about bankers.

How social media has coarsened our minds (Times) Few writers are prophetic. An American media studies professor called Neil Postman was. In 1985 he published Amusing Ourselves to Death, a polemic that warned society was becoming trivialised by...

Marketplace

Facebook Posts Strong Earnings, Revenue Growth (Wall Street Journal) Facebook pushed past a record-setting privacy fine in the second quarter to post strong earnings and revenue of $16.9 billion, up 28% from a year ago.

Facebook warns of costly privacy changes, discloses another U.S. probe (Reuters) Facebook Inc said on Wednesday that new rules and product changes aimed at prote...

Facebook's (FB) CEO Mark Zuckerberg on Q2 2019 Results - Earnings Call Transcript (Seeking Alpha) Good afternoon. My name is Mike and I will be your conference operator today. At this time I would like to welcome everyone to the Facebook Second Quarter 2019 Earnings Call. All lines have been placed on mute to prevent any background noise.

Products, Services, and Solutions

Baffin Bay Network’s Threat Protection Service Provides Unparalleled Cloud-Based Security (BusinessWire) Baffin Bay Network’s Threat Protection Service Provides Unparalleled Cloud-Based Security

Absolute Announces Significant Updates to its Enterprise Resilience Edition, Simplifying Security Policy Deployments and Remote Management of Device Fleets (BusinessWire) Absolute (TSX: ABT), the leader in endpoint resilience, today announced the latest update to its Enterprise Resilience Edition. The new release provid

StealthAUDIT Gives Active Directory Administrators Important New Insight, Data Mining Abilities to Aid Cloud Migration and Streamline Audit & Regulatory Compliance (BusinessWire) STEALTHbits Technologies, Inc., a cybersecurity software company focused on protecting an organization’s sensitive data and the credentials attackers

Neo4j and Thales bring data security to the graph database (Help Net Security) Neo4j Enterprise Edition and Thales Vormetric Transparent Encryption comprehensive integration delivers data-at-rest encryption.

Sixgill Announces New Sense Vision™ Feature Set for Sense, Delivering Machine Learning Assisted, Video Data Automation (BusinessWire) Sixgill, LLC, the leader in data automation and authenticity for Internet of Everything (IoE) applications, today announced that Sense Vision has been

Morgan Stanley Creates Encrypted Vault for Wealth-Management Customers (Wall Street Journal) Morgan Stanley is offering its 3.2 million wealth-management customers an encrypted platform where they can store financial documents and share them with the bank more securely than faxing, emailing or mailing information.

Technologies, Techniques, and Standards

NIST Recommends Tightened DoD Contractor Security (Breaking Defense) An interconnected ecosystem of primes, subs, suppliers, and partners mean one weak link can bring down the entire chain.

What happened at the military’s biggest cyber training exercise to date (Fifth Domain) The Army is taking a multifaceted approach to test and build the next generation cyber training platform for all of DoD's cyberwarriors.

IDSA Guidance on Zero Trust (Identity Defined Security Alliance) The Identity Defined Security Alliance published new guidance on Zero Trust and will be discussing in a panel session at Black Hat 2019.

How Cities Can Protect Against Ransomware Attacks (Threatpost) In the second of a two part series discussing recent ransomware attacks against municipalities, Shawn Taylor with Forescout talks about how cities can protect themselves.

Design and Innovation

Should Companies Bolster Their Cybersecurity by 'Hacking Back?' (Fortune) American business leaders are thinking about how best to defend themselves against cyber attacks.

Research and Development

Anonymous data can be 'de-anonymised' to reveal people's real identities, researchers warn (Computing) Machine learning algorithm can identify 99.98 per cent of people in any anonymised dataset, claim Imperial College researchers

Legislation, Policy, and Regulation

Will Congress finally see withheld cyber documents? (Fifth Domain) Rep. Mac Thornberry said the Trump administration will provide policy documents related to approving cyber operations.

Should Cyber Arms Be Treated Like Bioweapons? (Defense One) A recent paper suggests that the two are more closely related under international law than previously thought. But the analogy, while useful, is not exact.

The challenge in securing critical information (Fifth Domain) In the United States, the rapid advancement of connected devices poses a major security threat to critical information.

Theresa May resigns, Boris Johnson becomes U.K. prime minister, in elaborate transition of power (Washington Post) Johnson is the queen’s 14th prime minister.

PM Johnson to host new cabinet to chart Brexit course (AFP.com) Britain's newly installed Prime Minister Boris Johnson holds his first cabinet meeting on Thursday faced with the burning challenge of resolving the three-year Brexit crisis in three months.

Ben Wallace Named New Defence Secretary (Forces Network) Mr Wallace takes over the position from his predecessor Penny Mordaunt.

Turkey Is a Bad Place to Be an Influencer (Foreign Policy) Anxious about its failure to establish cultural hegemony, the Erdogan government is going after internet stars.

Pentagon efforts to counter China's influence in cyberspace extend to South America (Inside CYbersecurity) The Defense Department's Southern Command is working to provide cyber defense training and IT infrastructure to several South American militaries in a bid to blunt China's growing technological influence in the region, a move that comes amid action on several fronts for countering the cybersecurity threat from Beijing.

UAE's du says U.S. ban on Huawei not an issue for 5G network (Reuters) United Arab Emirates telecoms company du has discussed U.S. restrictions on Huaw...

Rubio on Huawei (The Washington Times) Sen. Marco Rubio is confident that Congress will codify in law Trump administration restrictions imposed on China’s telecommunications giant Huawei Technologies, a company the Florida Republican says poses a national security threat to the United States.

What Huawei’s CEO Has to Say about the US Ban (Market Realist) In an interview with Yahoo Finance, Huawei CEO Ren Zhengfei discussed why he thinks the Trump administration targeted Huawei.

A Big Choice for Big Tech (Foreign Affairs) Don't break up digital giants that monopolize online markets; force them to share their data with their competitors instead.

NSA Launches Cybersecurity Arm To Defend The U.S. From Foreign Adversaries (Forbes) The U.S. intelligence agency has announced the launch of a cybersecurity directorate to help to defend against foreign adversaries. Is it a good idea?

NSA’s Cybersecurity Directorate Is ‘Back to the Future’ (Breaking Defense) The elevation of the cybersecurity mission to "it's own Directorate raises its stature in NSA to a prominence that is absolutely needed," says one former NSA official.

Pentagon Picks GOP House Candidate to Lead Cyber Office (Bloomberg) Katie Arrington will lead new information security office. Arrington landed Pentagon job after failed 2018 Congress run.

Low Barr: Don't give me that crap about security, just put the backdoors in the encryption, roars US Attorney General (Register) I don't want to hear about hackers and keys, nerds – make it happen, or we'll pass a law making it happen

How the Mueller investigation was hampered by encryption apps and disappearing messages (CNN) Robert Mueller and his team accumulated scores of communications over its nearly two year investigation -- not just texts and emails, but also Apple iMessages, and messages from LinkedIn, Facebook and Twitter.

The Mueller Report Shows Politicians Must Unite to Fight Election Interference (Foreign Affairs) It's time to put partisanship aside.

Don’t outlaw facial recognition (Federal News Network) Congress should enable facial with good oversight, not ban it before it understands its capabilities,

Bill boosting cyber R&D between U.S. and Israel passes House (FCW) The House quietly passed legislation on July 23 that would expand cybersecurity research and development partnerships between several federal agencies and the government of Israel.

Senate committee advances 'deepfakes' legislation (TheHill) A Senate committee on Wednesday approved legislation designed to lessen the threats posed by altered or manipulated videos known as "deepfakes."

A New Law Makes Bots Identify Themselves—That's the Problem (WIRED) California's so-called 'bot bill,' which aims to protect users from automated bots on Twitter and other platforms, is noble, flashy, intriguing...and inept.

Litigation, Investigation, and Law Enforcement

Facebook Penalty Sends Message to Big Tech (Wall Street Journal) The record $5 billion fine and oversight conditions regulators imposed on Facebook for privacy violations put tech companies on notice that failing to protect consumer data may lead to greater legal risks than previously.

Facebook Latest FTC Headache: Probe of Social Media Competition (Bloomberg) New investigation is disclosed after record privacy settlement. Justice Department also looking at conduct of tech companies.

Facebook to pay separate $100 million SEC fine over Cambridge Analytica scandal (Engadget) On top of its FTC fine, Facebook is also facing a smaller penalty from the SEC for its Cambridge Analytica privacy failures.

Facebook’s FTC Deal: Record Fine With Scant Ad-Business Reform (Bloomberg) Social media giant agreed to ‘changes’ it’s already made. Massive data collection, ad targeting won’t be affected.

UNITED STATES OF AMERICA, Plaintiff v. FACEBOOK, Inc., a corporation, Defendant. Case No. 19-cv-2184 COMPLAINT FOR CIVIL PENALTIES, INJUNCTION, AND OTHER RELIEF (Federal Trade Commission) Plaintiff, the United States of America, acting by and through the Consumer Protection Branch of the U.S. Department of Justice, alleges that...

FTC Agreement Brings Rigorous New Standards for Protecting Your Privacy (Facebook Newsroom) After months of negotiations, we've reached an agreement with the Federal Trade Commission that provides a comprehensive new framework for protecting people's privacy and the information they give us.

Facebook ends friend data access for Microsoft and Sony, the last 2 of its legacy partners, under FTC deal (TechCrunch) One more consequence of the FTC’s investigation of Facebook, which culminated in a record $5 billion settlement announced today: it’s finally tightening another string in its privacy policy by cutting off access to friend data for Microsoft and Sony, the company announced today. It desc…

FTC Sues Cambridge Analytica, Settles with Former CEO and App Developer (Federal Trade Commission) The Federal Trade Commission filed an administrative complaint against data analytics company Cambridge Analytica, and filed settlements for public comment with Cambridge Analytica’s former chief executive and an app developer who worked with the company, alleging they employed deceptive tactics to harvest personal information from tens of millions of Facebook users for voter profiling and targeting.

Transcript of Robert S. Mueller III’s testimony before the House Judiciary Committee (Washington Post) The former special counsel answered questions Wednesday from the panel about his investigation into possible obstruction of justice by President Trump.

Analysis | 6 takeaways from Robert Mueller’s testimony (Washington Post) What Mueller said -- and didn't say -- and what it means.

Have we learned anything new from Mueller? (BBC News) Robert Mueller said he didn't want to testify about his Trump-Russia report. And his reluctance shone through.

Robert Mueller refuses to help Democrats harm Donald Trump (Times) Democrats failed to secure new ammunition for the impeachment of President Trump from the long-awaited testimony of Robert Mueller to Congress yesterday, an occasion seen as their last big push to...

Trump says ‘we had a very good day’ after Mueller hearings end (Washington Post) The former special counsel appeared at two House hearings to address questions for the first time about his report.

Analysis | The Cybersecurity 202: Mueller made a case for election security, but lawmakers seemed largely uninterested (Washington Post) They focused instead on obstruction of justice -- and partisan sniping.

American Hustle (Foreign Affairs) Donald Trump and the Mueller report are x-rays, revealing much of what has gone awry in American politics and society in recent years.

Treasury Secretary Finds No Security Concerns With Google Work in China (Wall Street Journal) Treasury Secretary Steven Mnuchin said he and President Trump have found no national-security concerns about work Google is doing in China, a rebuke of claims made by billionaire Peter Thiel.

FBI investigators describe Methbot investigation as 'beautiful concert of things shutting down (CyberScoop) The law operation, detailed Wednesday by FBI officials involved in the matter, targeted the Methbot/3ve fraud scheme.

Cyber blackmailing cases at 100 a month in Oman (Zawya) 53 per cent of the registered cases are targeted at men

John McAfee 'released from confinement' (CNET) The antivirus software pioneer was arrested by the Dominican Republic and had firearms and ammunition seized, a new report says.

Four Arrested Over Hacking of Brazil Justice Minister's Phone (SecurityWeek) Brazilian federal police arrested four people over the hacking of cell phones belonging to Justice Minister Sergio Moro and prosecutors involved in a massive corruption probe.

Judge to hear arguments in Georgia voting machine case (Washington Post) A federal judge is considering whether to order Georgia to immediately stop using its outdated voting machines

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Cybertech Midwest 2019 (Indianapolis, Indiana, USA, July 24 - 25, 2019) Cybertech is the cyber industry’s foremost B2B networking platform featuring cutting-edge content by top executives, government officials, and leading decision-makers from the world of cyber. Our Cybertech...

Smoky Mountain Bigfoot Conference (Gaitlinsburg, Tennessee, USA, July 27, 2019) Join us for the first ever Smoky Mountain Bigfoot Conference. We have some of America's most experienced Bigfoot researchers and investigators including Cliff Barackman, Bigfoot Field Researcher and co-host...

Cyber:Secured Forum 2019 (Dallas, Texas, USA, July 29 - 31, 2019) Cyber:Secured Forum delivers two days of in-depth content on cybersecurity trends and best practices related to the delivery of physical security systems and other integrated systems. Collaboratively developed...

Community College Cyber Summit (3CS) (Bossier City, Louisiana, USA, July 30 - August 1, 2019) The 2019 Community College Cyber Summit (3CS) at Bossier Parish Community College in Louisiana marks the sixth annual edition of 3CS. 3CS is the only national academic conference focused on cybersecurity...

New York City Cybersecurity Conference (New York, New York, USA, August 1, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.