skip navigation

More signal. Less noise.

What if your security strategy added zeros to your bottom line?

Focusing on response alone is costly. You lose data. You lose infrastructure. You lose human and capital resources that could be productive elsewhere. And you lose your reputation. When you catch threats before they execute, you contain the problem, and the rewards add up. Let Blackberry Cylance help you understand how you can reduce your total cost of security controls, bolster your organization’s security posture, and zero in on what really matters.

Daily briefing.

Like the CyberWire? Share it with a friend or colleague

If you enjoy the CyberWire and find it a valuable part of your day, why not share it with friends and colleagues? Send them an invitation to subscribe. And, as always, thanks for reading.

Facebook has closed some 2600 accounts for "coordinated inauthentic behavior," that is, for illegitimate political influence operations. The accounts were based in Russia, Kosovo, Iran, and Macedonia.

Norsk Hydro has largely returned to normal operations after last week's LockerGoga ransomware attack. Production in its Extruded Solutions division, most affected by the attack, had yesterday reached 70% to 80% of normal capacity.

Secondary attacks, whether opportunistic or planned, remain a concern. Norsk Hydro warns against spoofs, urging anyone receiving an email that appears to be from Norsk should contact the company before taking any action the email might suggest. Bogus communications could represent attempts to either spread the ransomware or defraud third-parties through social engineering.

ZDNet reports that losses from the attack so far may have amounted to some $40 million.This high-level estimate of direct costs may be compared to the roughly $100 million Mondelez lost to 2017's NotPetya attack, or the $300 million that same attack cost Maersk, but the incident is young and losses may increase. Norsk does have cyber insurance, led by AIG. How much Norsk's policies will cover remains to be determined.

Foreign Policy magazine discusses Russian reaction the Special Counsel Mueller's investigation, saying that the Kremlin too is claiming exoneration. But Moscow does so, one must observe, with far less justice than President Trump. The report the Attorney General rendered to Congress explicitly calls out Russian influence operations, and the Special Counsel's work resulted in indictment of twelve Russian intelligence officers, which hardly looks like exoneration.


Today's issue includes events affecting China, Egypt, European Union, India, Indonesia, Iran, Israel, Kazakhstan, Kosovo, NATO/OTAN, North Macedonia, Norway, Pakistan, Poland, Russia, Spain, United States, and Venezuela.

Global Threat Report: Year of the Next-Gen Cyberattack

Our Threat Analysis Unit researched the current state of cyberattacks across our customer base with our IR partners. See the results.

In today's podcast, up later this afternoon, we speak with our partners at Terbium Labs, as Emily Wilson discusses data collection and protecting PII. Our guest, Matthew Montgomery from Verizon, talks us through their Mobile Security Index report.

And Recorded Future's latest podcast, produced in cooperation with the CyberWire, is also up. In this episode, "The grugq Illuminates Influence Operations," to celebrate one hundred episodes of their podcast, they're joined by the grugq to discuss the history of influence operations, why they work, and what they may come to be.

Cyber Security Summits: April 2nd in Denver and in Philadelphia on April 25th (Denver, Colorado, United States, April 2 - 25, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, U.S. Secret Service, Dell, Oracle, Darktrace, Verizon and more. Passes are limited, secure yours today:

Global Cyber Innovation Summit (Baltimore, Maryland, United States, May 1 - 2, 2019) This unique, invitation-only forum brings together a preeminent group of leading Global 2000 CISO executives, cyber technology innovators, policy thought leaders, and members of the cyber investment community to catalyze the industry into creating more effective cyber defenses. Request an invitation today.

Cyber Attacks, Threats, and Vulnerabilities

Abuse of hidden “well-known” directory in HTTPS sites (Zscaler) Zscaler security research team detected several WordPress and Joomla sites that were serving Shade and Troldesh ransomware, backdoors, redirectors, and a variety of phishing pages. In this blog, we are focusing on the Shade and Troldesh ransomware and phishing pages that we detected.

How nation-state hacking groups are changing their TTPs (CyberScoop) Jen Miller-Osborn, Deputy Director of Threat Intelligence for Palo Alto Networks’ Unit 42, breaks down all of the research their unit has issued with regard to nation-state-linked APTs.

UN Security Council panel finds Cosmos Bank cyber attack motivated by N Korea (The Economic Times) Its report comes nearly seven months after the malware attack on the bank.

Virus attacks Spain's defense intranet, foreign state suspected: paper (Reuters) A computer virus infected the Spanish Defence Ministry's intranet this mont...

North Korea-backed Lazarus hacker group continues to target crypto (Chepicap) According to the latest update from cybersecurity and anti-virus company Kaspersky Lab, the cybercrime group Lazarus is continuing to adopt new tactics in their ongoing attempt to hack cryptocurrencies.

Cryptocurrency businesses still being targeted by Lazarus (Securelist) Further tracking of Lazarus activities targeting the financial sector enabled us to discover a new operation, which utilizes PowerShell to control Windows systems and macOS malware for Apple users.

Facebook Blocks More Accounts Over Influence Campaigns (SecurityWeek) Facebook shut down more than 2,600 fake accounts linked to Iran, Russia, Macedonia and Kosovo and aiming to influence political sentiment in various parts of the world.

Removing Coordinated Inauthentic Behavior from Iran, Russia, Macedonia and Kosovo (Facebook Newsroom) We've removed Pages, Groups and accounts connected to Iran, Russia, Macedonia and Kosovo.

Scanbox Watering Hole Targets Pakistani and Tibetan Government Website Visitors (Recorded Future) Insikt Group examines recent Scanbox campaigns targeting a Pakistani government department and the Central Tibetan Administration in early March 2019.

ASUS Admits Its Live Update Utility Was Backdoored by APT Group (BleepingComputer) Asus confirmed today that its Live Update utility has been indeed infected with malicious code by an advanced persistent threat (APT) group as part of a supply chain attack which managed to compromise some of its servers.

Asus users hacked through bogus update (Avira Blog) Asus users hit with targeted malware in their official update. And if their MAC address was on a list -- they got even more.

LUCKY ELEPHANT Campaign Masquerading (NETSCOUT) In early March 2019, ASERT Researchers uncovered a credential harvesting campaign targeting mostly South Asian governments. The actors behind this campaign we call LUCKY ELEPHANT use doppelganger webpages to mimic legitimate entities such as foreign governments, telecommunications, and military.

Norsk Hydro's initial loss from cyber attack may exceed $40 million (Reuters) Norwegian aluminum maker Norsk Hydro may have lost more than $40 million in the ...

Norsk Hydro ransomware incident losses reach $40 million after one week (ZDNet) Norsk Hydro up and running with the exception of one business unit where "operations remain almost at a standstill."

PCS looks into Norsk Hydro cyber attack losses (Reinsurance News) Property Claims Services (PCS), a Verisk business, has begun investigating the loss potential of the recent cyber attack on aluminium manufacturing giant

What We Can Learn from the Ransomware Attack That Crippled Norsk Hydro (Data Center Knowledge) Cryptojacking may be the hot new trend in large-scale cybercrime, but ransomware is still alive and well.

Siemens SCALANCE X (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 5.4ATTENTION: Exploitable remotelyVendor: SiemensEquipment: SCALANCE XVulnerability: Expected Behavior Violation2. RISK EVALUATIONSuccessful exploitation of this vulnerability could allow an attacker to feed data over a mirror port and into the mirrored network.3. TECHNICAL DETAILS3.1 AFFECTED PRODUCTSThe following SCALANCE products are affected:

ENTTEC Lighting Controllers (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 7.5ATTENTION: Exploitable remotely/low skill level to exploitVendor: ENTTECEquipment: Datagate MK2, Storm 24, PixelatorVulnerability: Missing Authentication for Critical Function2. RISK EVALUATIONSuccessful exploitation of this vulnerability could reboot this device allowing a continual denial of service condition.

PHOENIX CONTACT RAD-80211-XD (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 9.9ATTENTION: Exploitable remotely/low skill level to exploitVendor: Phoenix ContactEquipment: RAD-80211-XDVulnerability: Command Injection2. RISK EVALUATIONSuccessful exploitation of this vulnerability could allow an attacker to execute system level commands with administrative privileges.

Dangerous cyber attacks may not be detected by network monitoring – engineers are also needed (Control Global) Sophisticated cyber attacks can be misidentified as malfunctions. This brings up the need for out-of-band sensor monitoring as an independent view of the process conditions from the potentially compromised IP networks. The current focus on IT/OT convergence rather than reaching out to engineering will continue to lead to “blind spots” when it comes to detecting sophisticated cyber attacks such as Stuxnet and the Triconex cyber attacks.

Venezuela's Bid to Revive Key Power Plant Hits a Snag (Bloomberg) State company woos Argentine company Impsa to finish turbines. Work, school canceled with much of nation lacking electricity

Russian deployment in Venezuela includes 'cybersecurity personnel':... (Reuters) A Russian military contingent that arrived in Venezuela over the weekend, drawin...

How Zello Became a Lifeline for Venezuelans Under Maduro (WIRED) A dedicated community of Zello moderators uses the voice-chat app to bring news and coordinate aid amid the country's political and economic crisis.

How Microsoft found a Huawei driver that opened systems to attack (Ars Technica) Monitoring systems were looking for attacks using technique popularized by the NSA.

What is AI fuzzing? And why it may be the next big cybersecurity threat (CSO Online) Pairing artificial intelligence or machine learning with traditional fuzzing techniques creates a powerful tool to find application or system vulnerabilities — for both researchers and cyber criminals.

UC Browser for Android, Desktop Exposes 500+ Million Users to MiTM Attacks (BleepingComputer) The extremely popular UC Browser and UC Browser Mini Android applications with a total of over 600 million installs expose their users to MiTM attacks by downloading and installing extra modules from their own servers using unprotected channels and bypassing Google Play's servers altogether.

Microsoft Account Email Phishing Attempt Looks Legitimate (neoRhino IT Solutions) Researchers have discovered a pair of nasty phishing campaigns that are making use of Microsoft's Azure Blob Storage in a bid to steal the recipient's Microsoft and Outlook account credentials. Both campaigns are noteworthy in that they utilize well-constructed landing...

These Employees Are Most Likely to Be in Cybercriminals' Crosshairs (PCMAG) Sixty-seven percent of all highly-targeted attacks are carried out against 'lower-level employees' such as customer service representatives.

Slack's security worries some CEOs, who say that employees 'never shut up' on the app (CNBC) As companies replace email with a broader range of collaboration and productivity tools, the risk of insider data theft is increasing.

Employee Attack Likelihood: The Hidden Indicator Nobody Talks About (Panorays) Human behavior affects the likelihood of cyberattacks, and can be assessed by examining elements like social posture, presence of security team and employee security awareness. This research describes how the "human element" can be incorporated into cyber posture ratings.

Hosting Provider Finally Takes Down Spyware Leak of Thousands of Photos and Phone Calls (Motherboard) After Motherboard reported that a consumer spyware vendor left a lot of incredibly sensitive and private data online, the company’s hosting provider took it down.

More than 110,000 Australians caught up in September's Facebook cyber-attack (Guardian) Hackers were able to access users’ movements, hometown, search history, email and phone number

CrowdStrike: Cybercrime groups joining forces to pack more punch (SearchSecurity) A recent blog post from CrowdStrike detailed evidence of enhanced collaboration between cybercrime groups Lunar Spider and Wizard Spider. Learn what such partnerships signify.

Security Patches, Mitigations, and Software Updates

iOS 12.2 Fixes Serious SMS, Kernel Flaws (Decipher) In iOS 12.2 Apple has patched many serious flaws, including an SMS bug that allows code execution with one click.

NVIDIA Patches High Severity GeForce Experience Vulnerability (BleepingComputer) NVIDIA released a security update for the NVIDIA GeForce Experience software for Windows to patch a vulnerability that could allow potential local attackers with basic user privileges to elevate privileges, trigger code execution, and perform denial-of-service (DoS) attacks.

New Settings Help Hackers Test Facebook Mobile Apps (SecurityWeek) Facebook introduces new settings for its mobile apps to make it easier for white hat hackers to conduct security testing.

CVE-2019-0192: Mitigating Unsecure Deserialization in Apache Solr (TrendLabs Security Intelligence Blog) We took a closer look at CVE-2019-0192, an unsecure deserialization vulnerability in Apache Solr, and how it can be mitigated.

Cyber Trends

Security Analytics and Machine Learning Fuel Next-Generation Cyber Defenses, Finds ‘2019 Cyberthreat Defense Report’ (BusinessWire) CyberEdge Group, the leading research and marketing firm serving the security industry’s top vendors, today announced the availability of its sixth an

Majority of Businesses Still Experience Outages: Are You Protecting Your Certificates? (Venafi) According to Venafi Survey, 60% of Organizations Experienced Certificate-Related Outages Last Year. Read the blog to find out more.

Trust Has a Number: First-of-its-Kind Synack Report Reveals Trust Scores to Measure and Compare Security Performance (PR Newswire) Trust has a number. The 2019 Trust Report shares what it is. The report, released today, is the first...

Survey: Geopolitical Issues Affect How Two-Thirds of Cybersecurity Professionals Do Business (The State of Security) Tripwire surveyed the opinions of 218 security professionals at RSA Security Conference 2019 about how geopolitical trends are shaping their business.

Cyber-Criminals Prey Heavily on Construction Pros (Builder Online) Data shows construction and real estate are the second and third most at-risk industries for phishing and malware attacks.

10 Movies All Security Pros Should Watch (Dark Reading) Don't expect to read about any of the classics, like 'War Games' or 'Sneakers,' which have appeared on so many lists before. Rather, we've broadened our horizons with this great mix of documentaries, hacker movies, and flicks based on short stories.


Insurers Creating a Consumer Ratings Service for Cybersecurity Industry (Wall Street Journal) Some of the world’s biggest insurers plan to work together on an assessment of the best cybersecurity available to businesses, an unusual collaboration that highlights the rising dangers posed by hackers.

Misaligned Cybersecurity Policies and Products Accentuate the Talent Shortage (Security Boulevard) As the shortage of security talent widens, the associated policies and products must be reconsidered from the perspective of the overall security posture.

How Great Story Telling Is Changing Cybersecurity Marketing (AlleyWatch) The Hero's Journey is as timeless as it is captivating and compelling. When applied to cybersecurity marketing, The Hero's Journey casts the CISO and his team as the hero, and the vendors’ product as the magic element that staves off the enemy and transforms the CISO's company to a safer, protected place.                                                                                                                     

ZTE steps up 5G investments after near-death experience (South China Morning Post) The Shenzhen-based telecoms equipment giant is expected to report its biggest-ever annual loss to cap 2018, when it was brought to the brink of collapse by a US export ban.

Cybersecurity Startup GreyNoise Secures Seed Funding to Reduce Internet Background Noise (PR Newswire) GreyNoise Intelligence, founded by Andrew Morris, today announced that the company has completed a $600K seed...

Cyber Risk Assessment Firm Sayata Labs Emerges From Stealth (SecurityWeek) Sayata Labs, a company that provides risk assessment solutions for the cyber insurance industry, emerges from stealth mode with $6.5 million in seed funding.

Carbonite Closes Acquisition of Webroot (Odessa American) Carbonite, Inc. (NASDAQ: CARB), a leading cloud-based data protection provider, today closed its previously announced acquisition of Webroot Inc. The combination of cloud-based backup and recovery with cloud-based cybersecurity introduces a new approach to data protection for the endpoint.

Palantir wins competition to build Army intelligence system (Washington Post) The Silicon Valley company’s win caps a contentious fight with a Beltway giant.

US Army selects Northrop Grumman for R4 contract for cyber and electronic warfare capabilities (Jane's 360) The US army has selected Northrop Grumman to compete for individual task orders under the USD982 million R4 indefinite-delivery/indefinite-quantity (ID/IQ) contract for cyber and electronic warfare (EW) capabilities. The army will use the R4 ID/IQ contract to support its cyber electromagnetic

KBR Arm Wins Cyber & Engineering Services Military Contracts (Zacks Investment Research) KBR will provide IT, cyber security and engineering services through three contracts to the U.S. military department, further boosting its Government Service segment.

Biggest-ever marketing push aims to make Akamai a household name (Boston Globe) Travelers who pass through Logan Airport might spot something they haven’t seen before: Akamai Technologies billboards.

AT&T Cybersecurity Sets Sights on Threat Intelligence (BankInfo Security) AT&T has just re-branded its AlienVault acquisition as AT&T Cybersecurity. Javvad Malik, security advocate for the firm, explains its place in the global market and

Make No Mistake — Microsoft Is A Security Company Now (Security Boulevard) That’s not a bad start of the day, reading such a headline from a Forrester analyst. I am often asked, how far we are going to drive security within Microsoft. Well, I guess here you have an answer from an outsider: Make No Mistake — Microsoft Is A Security Company Now. Even though the author…

Nearly Half of Social Media Users View Facebook Negatively After Cambridge Analytica but Many Still Use the Platform, New Survey Finds (PR Newswire) Forty-four percent (44%) of social media users still have a negative opinion of Facebook because of the Cambridge...

New Security Products Spark Growth At Proofpoint (Forbes) Proofpoint's newer products are becoming meaningful contributors to revenue growth.

Cisco is backing a new early-stage venture firm with Jon Sakoda, formerly of NEA (CNBC) Cisco is unveiling Decibel, an early-stage venture firm, in its latest attempt to stay relevant as the tech world accelerates.

Check Point CEO Downplays Mellanox Acquisition (CTECH) Selling a company can be a sign that management has grown tired and wishes to hand over the reins, Gil Shwed, CEO of the firewall pioneer, said Tuesday

Nixu Corporation launches an all-employee share matching plan and issuance of stock options to key employees (News Powered by Cision) Nixu Corporation Press release on March 27, 2019 at 15:35 EET European cybersecurity company Nixu

Oracle says new job losses are to 'balance resources' as cloud business grows (CRN) Vendor refuses to say whether or not UK employees will be affected

Cynash Expands to Northern Ireland With New Office and Subsidiary (PRWeb) Cynash Inc., a leading developer of cybersecurity solutions for critical energy, water, transportation and industrial control systems, has announced the opening

Industry Innovator, Ramon Peypoch, Joins Vera as Senior Vice President of Product (BusinessWire) Vera, the leader in data-centric security, today announced the appointment of cybersecurity industry veteran Ramon Peypoch as Senior Vice President of

IOActive Appoints Matt Rahman as Chief Operating Officer (IOActive) Security Industry Veteran Joins IOActive to Create Global Partnerships and Expand Global Footprint in Industry Verticals Seattle, Wash., March 26, 2019 –IOActive, Inc., the worldwide leader in research-fueled security services, today announced that Matt Rahman has joined the organization as its Chief Operating Officer (COO). As COO, Rahman will be responsible for guiding IOActive through its next stage of growth, supporting the sales, delivery and marketing teams from an operational perspective and creating efficiencies wherever possible. “Over the past two decades, IOActive has built an expert team of...

Industry Innovator, Ramon Peypoch, Joins Vera as Senior Vice President of Product (The Progress ) Vera, the leader in data-centric security, today announced the appointment of cybersecurity industry veteran Ramon Peypoch as Senior Vice President of Product. Peypoch will concentrate

Products, Services, and Solutions

wolfSSL Announces FIPS 140-2 Certificate #3389 (PRWeb) wolfSSL, a leading provider of TLS, cryptography and the world’s first commercial TLS 1.3 release, announces FIPS 140-2 Certificate #3389 is posted. With thi

Voice Biometrics (Nuance Communications) Voice biometrics and enhanced multi-user interaction accommodate the transition to autonomous driving and car-sharing, offering the functionality needed for shared mobility applications, vehicle interior conversion, and other essentials of future mobility.

IRONSCALES Email Security Platform Now Prevents Fake Login Pages Designed to Steal User Credentials (Erie News Now) IRONSCALES, the world's first automated phishing prevention, detection and response platform, today announced the ability of its anti-phishing technology to prevent phishing attacks masquerading as fake login pages...

DART: the Microsoft cybersecurity team we hope you never meet - Microsoft Security (Microsoft Security) Meet Microsoft’s Detection and Response Team (DART) and read their advice that may help you avoid working with them in future.

Tremolo Security Simplifies Kubernetes Security with Orchestra (PR Newswire) Tremolo Security wants to make it easier to secure your Kubernetes clusters. In a blog post on their site,...

F-Secure Oyj (via Public) / Continuous response needed to fight modern threats (Public) As the threat landscape continues to evolve, so does the need for organizations' approaches to defending against the business impact of cyber attacks. In light of this trend, cyber security provider F-Secure is calling for greater emphasis on both the preparedness for a breach as well as fast and effective containment that covers the correct balance of people, process and technology.

Verizon Set To Offer Free App To Block Robocalls, New Tech To Combat Spam (Forbes) Verizon is getting ready to offer a free robocall blocking app, as it steps up efforts to combat the growing plague of spam calls.

Free Kaspersky Anti-Ransomware Tool now protects businesses from pornware and other cyberthreats | Networks Asia (Networks Asia) The protection now covers not only desktops but also servers running various Windows Server versions.

KnowBe4 Introduces New Training Series Called Standups 4 Security Produced by Popcorn Training (West) Groundbreaking security awareness training comedy series helps protect users from falling victim to social engineering attack.

Guardicore Threat Intelligence Helps Cybersecurity Community Research (AiThority) Guardicore, a leader in internal data center and cloud security, announced the launch of its Guardicore Threat Intelligence community resource.

Red Canary Announces Support for CB ThreatHunter in Expanded Partnership with Carbon Black (BusinessWire) Red Canary, a leading provider of security operations solutions, today announced an expanded partnership with Carbon Black (NASDAQ: CBLK), a leader in

Unified Technologies, Global Leaders in Customized Architecture and Secure Technology Services, Secures SOC 2 Examination for Its Secure Systems and Protection Controls (PR Newswire) Solidifying its position as a leader in secure and unified networks, systems and storage, Unified Technologies announced...

The SPECTRUM Group, A Premier Strategic Risk Management and Cyber Security Service Provider, Adds CyGlass' Network Defense as A Service (NDaaS) to Its Portfolio of Services (PR Newswire) CyGlass, a SaaS AI-driven network-centric threat detection solution, and The SPECTRUM...

Technologies, Techniques, and Standards

NICE Alliance Announces Key Specifications to Bring the Next Generation of Smart Cameras to Market (BusinessWire) NICE Alliance Announces Key Specifications

Misaligned Cybersecurity Policies and Products Accentuate the Talent Shortage (Bricata) As the shortage of security talent widens, the associated policies and products must be reconsidered from the perspective of the overall security posture.

DDoS Protection Requires Looking Both Ways (Security Boulevard) Service availability is a key component of the user experience. Customers expect services to be constantly available and fast-responding, and any downtime can result in disappointed users, abandoned shopping carts, and lost customers. Consequently, DDoS attacks are increasing in complexity, size and duration. Radware’s 2018 Global Application and Network Security Report found that over the The post DDoS Protection Requires Looking Both Ways appeared first on Radware Blog.

Facial recognition technology in airports: LAX is glimpsing the new face of security (Airport Technology) Facial recognition technology in airports has found increasing popularity over the past few years and has now been successfully trialled at LAX.

Design and Innovation

Google appoints top Oxford University philosopher amid AI ethics concerns (The Telegraph) Google has enlisted an eminent Oxford University professor to sit on a brand new ethics council amid concerns surrounding the company’s use of artificial intelligence (AI).

Securing the future of the cloud through threat intelligence (Innovation Enterprise) Individual users, groups of professionals and entire businesses are all connected to and run on the internet today, presenting an opportunity for criminals to exploit endless network connectivity, disrupt operations and steal crucial information

Want Apple Card’s Security Benefits? Just Use Apple Pay (WIRED) Apple says Apple Card offers "a new level" of security, but nearly all those protections are already available if you use Apple Pay.

Research and Development

A superposition of possible facts causes quantum conflict (Ars Technica) Measurement of a measurement result leads to a disagreeable answer.


Booz Allen, Purdue to Explore Joint Cyber & Other National Security Projects (GovCon Wire) TYSONS CORNER, VA, March 26, 2019 — Booz Allen Hamilton (NYSE: BAH) will collaborate with Purdue Uni

Cybersecurity program launches for high school girls (Washington Times Herald) A national cybersecurity program designed specifically for high school girls has launched, to encourage more females into the industry and reduce the digital skills gap. Girls need to be at

Legislation, Policy, and Regulation

The U.S. Pledges A Harder Line In Cyberspace — And Drops Some Hints ( Army Gen. Paul Nakasone, head of the secretive National Security Agency and Cyber Command, is promising more aggressive cybermeasures against rivals. And he's talking about it — at least a little.

Failed Efforts to Warn Allies Away from Huawei 5G Technology Could Backfire on US (VOA) Future of US mobile technology and intelligence sharing relationships could be at risk

Analysis | The Cybersecurity 202: U.S. and Europe's divergent attitudes on Huawei could damage alliance, officials warn (Washington Post) Allies do not appear to be taking the threat to 5G as seriously as the U.S.

Tech giants to be held responsible for content after EU copyright rules passed (The Telegraph) Artists and publishers were today celebrating a major victory over Silicon Valley, after the European Parliament approved new copyright rules designed to help them secure a greater share of digital riches.

Death threats, Blondie and a $1tn a year battle: how the EU brought down the Internet's wild west on copyright (The Telegraph) It was a bitter battle that pitted the likes of Paul McCartney, Annie Lennox and Lady Gaga against some of Silicon Valley’s mightiest companies, including Google and Facebook.

Europe's New Copyright Law Could Be Bad for Memes (WIRED) The European Parliament approves a sweeping new copyright directive aimed at tech platforms like Google and Facebook.

Trump orders historic plan to thwart EMP, warns attack would be ‘debilitating’ (Washington Examiner) In the first step of its kind, President Trump has signed an executive order calling for a government wide war on EMP, the types of electromagnetic pulses that can wipe out every computer, electric grid, and jet.

Tech giants back bill that privacy advocates claim is toothless (Naked Security) The main disagreement: if consumers will be able to delete their data or whether the law would give companies ways to wiggle out.

DHS Wants to Hire Cyber Talent Outside of Normal Government Restrictions (Meritalk) The Department of Homeland Security’s plan for filling the cyber talent gap is intended to focus on talent, more so than established credentials, which means leaving behind some of the traditional methods of hiring, paying, and retaining skilled employees. At the bottom line, DHS wants to take off the General Schedule handcuffs.

House Majority Whip Clyburn: Mueller Report Is A "Closed Chapter," Health Care Is "New Chapter" (Real Clear Politics) House Majority Whip James Clyburn said Tuesday special counsel Robert Mueller's investigation into Russian collusion represents a "closed chapter," while health care is a "new chapter."

Empowering Regulators Could Stop the Next Equifax Breach, Watchdog Says (Nextgov) Giving the regulatory agencies more power to punish companies after breaches could make industry invest more in cybersecurity, according to the Government Accountability Office.

Pence talked Dan Coats out of quitting Trump admin in December (NBC News) Whenever Trump is souring on Director of National Intelligence Dan Coats, whom he calls "Mister Rogers," Pence encourages him to stick with Coats.

Litigation, Investigation, and Law Enforcement

Polish Regulator Issues First GDPR Fine (Infosecurity Magazine) Polish Regulator Issues First GDPR Fine. UODO slaps unnamed firm with £187K fine for failing to notify

Mueller report details to be issued in 'weeks, not months': Justice... (Reuters) U.S. Attorney General William Barr plans to issue a public version of Special Co...

Management Alert – FEMA Did Not Safeguard Disaster Survivors’ Sensitive Personally Identifiable Information (REDACTED) (Office of the Inspector General, US Department of Homeland Security) For your action is our Management Alert – FEMA Did Not Safeguard Disaster Survivors’ Sensitive Personally Identifiable Information...

Defense Ministry rebukes Israeli spy tech company for unlawful exports (Times of Israel) Ability Computer and Software Industries, Ability Security Systems have licenses suspended after hearing; most details in case under gag order

Edward Snowden, National Security Whistleblowing and Civil Disobedience (Lawfare) If Snowden is the emblematic national security whistleblower of our age, what does civil disobedience theory have to tell us about Snowden’s case? And what does Snowden’s case have to tell us about civil disobedience theory?

Casino Screwup Royale: A tale of “ethical hacking” gone awry (Ars Technica) "Ethical hackers" tried to disclose problems to a casino software company—it got messy.

Top dark web marketplace will shut down next month (ZDNet) Dream Market admins say the site will shut down on April 30, 2019.

Telangana: Two held for cyber fraud in Hyderabad (The Times of India) Two persons were detained by the Rachakonda cyber crime police for allegedly siphoning off Rs 3.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Cybersecurity: 5th Generation Threats- What we know, should know, and don't know. (Santa Barbara, California, USA, April 17, 2019) Cyber threats capable of massive economic and social disruption are poorly understood and vastly underestimated. Cybersecurity is a continuing arms race. This panel/presentation will review the state...

Upcoming Events

KNOW 2019 (Las Vegas, Nevada, USA, March 24 - 27, 2019) The Future of Trust starts at KNOW 2019, the definitive event focused on the data economy. From Facebook and Equifax to GDPR, identity data is at the forefront of cybersecurity and regulation. KNOW is...

Cyber Security for Critical Assets Summit (Houston, Texas, USA, March 26 - 28, 2019) The Cyber Security for Critical Assets Summit unites 250+ senior IT & OT security professionals to elucidate the most advanced cybersecurity information, debate policies and guidelines, and collaborate...

SecureWorld Boston (Boston, Massachussetts, USA, March 27 - 28, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...

Symposium on Securing the IoT (San Francisco, California, USA, March 27 - 29, 2019) Want to share your passion and knowledge for Securing the 25 Billion devices connected to the Internet? Topics currently being selected for tracks include: Authenticating Blockchain, Secure Medical & Healthcare,...

Women in CyberSecurity (WiCyS) Conference (Pittsburgh, Pennsylvania, USA, March 28 - 30, 2019) The WiCyS Conference brings together women in cybersecurity from academia, research, government, and industry to share knowledge, experience, networking, and mentoring. The event's goal is to broaden participation...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.