skip navigation

More signal. Less noise.

Get your copy of the definitive guide to threat intelligence.

We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.

Daily briefing.

Global Cyber Innovation Summit

We continue our notes on the Global Cyber Innovation Summit, held last Wednesday and Thursday in Baltimore. The symposium offered an overview of current and emerging threats, and of the technology trends that both expose enterprises to such threats and offer the prospect of enhanced defenses.

Estonia's Ambassador-at-large for Cyber Security, Heli Tiirmaa-Klaar, shared her country's experience as not only one of the most thoroughly digitized societies in the world, but as the victim of what's come to be generally regarded as the first cyber war, Russia's 2007 attacks against the networks of the Baltic republic. She characterized it as the "first politically motivated cyber campaign in history," and drew the lesson that good public-private partnership and solid expertise can work to build a society resilient enough to withstand even attacks by a highly capable cyber power.

Not all threats are the proximate work of a nation-state. During a panel discussion on the conference's first day, Carbon Black's Mike Viscuso emphasized the sheer size of the criminal underground at work in cyberspace. The underground cyber economy is now larger, he emphasized, than the illicit drug trade. In fact, it's now a better than trillion-dollar industry. He thinks that as defenses get better (and they have been getting better) the criminals will cease playing the long game because the long game will no longer pay off. They'll increasingly turn to smash-and-grab attacks.

The CyberWire will have further coverage of the Summit later this week.

Sophos has released a report on MegaCortex, a new strain of ransomware it found last week. (Researchers pass on the feast of Belshazzar and allude instead to Morpheus from The Matrix.)

The Jerusalem Post says a joint Shin Bet-IDF operation prevented a Hamas cyberattack with an air attack on the Gaza headquarters of Hamas cyber operations. Forbes calls it a significant first: kinetic retaliation for (or preemption of) a cyber attack. But the operational reality is both more complex and more conventional. Israel and the Palestinian Sunni-Islamist militia have been engaged in active combat for the better part of a week, and it would probably be more accurate to regard Hamas cyber headquarters as one target in a larger air campaign, and the combat itself as war with a cyber dimension.

To see the airstrike as exclusively a response to a cyber threat is a stretch. Nor is it a first, as ZDNet hints, at least not internationally: the US killed ISIS hackers with drone strikes in 2015, as Defense Systems observed in contemporary accounts of American action against the Caliphate.

The US Federal Trade Commission's enforcement action against Facebook remains up in the air. It's likely to be severe, but the New York Times reports that the form such severity will take, especially the nature of the penalties (if any) to be directed against CEO Zuckerberg himself, are believed to remain the subject of partisan disagreement within the Commission. There's bipartisan skepticism of Big Tech, but disagreement over details.

Notes.

Today's issue includes events affecting Albania, Australia, Belgium, Bulgaria, Canada, China, Czech Republic, Denmark, Estonia, European Union, Finland, France, Germany, Hungary, Israel, Italy, Japan, Republic of Korea, Latvia, Lithuania, Luxembourg, Malaysia, Malta, Mexico, Myanmar, Netherlands, New Zealand, Norway, Poland, Romania, Russia, Slovakia, Slovenia, Sri Lanka, Sweden, Switzerland, United Kingdom, United States.

Bring your own context.

When researchers talk about threats, and even give them names (we're particularly partial ourselves to animal names), are they talking about an organized set of individuals, or are they talking about an operational style? There's a case to be made that the latter is the way to understand threats.

"You know, it's nice when things fit in buckets in life, and I understand that everyone would like to have one bucket with all the bad things in it, but the reality is that's not how cybercrime works. Right? Attackers watch each other, they copy each other's methodologies, and they improve upon it. And what we see with Sea Turtle is really a distinct set of TTPs that's more advanced and much harder to detect than what we saw with the DNSpionage campaign." Craig Williams, Director of Talos Outreach at Cisco, speaking on the CyberWire's Research Saturday, 5.4.19.

So Sea Turtle might be better understood as a way of hacking than as a box in an org chart or a set of soldiers working under a single capo. ("TTPs," by the way, are "tactics, techniques, and procedures," which is how Fort Leavenworth talks about such ways of being in the world.)

The CISO's ultimate guide to AppSec: 11 essential best practices you should know

By now, we are all too aware of the consequences of a data breach: brand damage, loss of customer confidence, potentially costly litigation, regulatory fines, and more. But most organizations aren’t as familiar with how to prevent these attacks. This guide highlights 11 data security best practices to minimize risk and protect your data.

In today's podcast, out later this afternoon, we speak with our partners at the Johns Hopkins University Information Security Institute, as Joe Carrigan describes a remote code execution vulnerability affecting Dell systems. Our guest is Blake Sobczak from E & E News on the recent US electrical grid “cyber event."

Cybersecurity Impact Awards (Arlington, Virginia, United States, May 14, 2019) Winners of the Cybersecurity Impact Awards will be announced and recognized at the May 14, 2019 CYBERTACOS event. The event will start at 5:30 p.m. and the award presentation will begin at 6:00 p.m.! Join us afterwards for tacos and networking!

Cyber Investing Summit (New York City, New York, United States, May 16, 2019) The Cyber Investing Summit is a conference focused on financial opportunities and strategies in the cybersecurity sector. Join key decision makers, investors, and innovators to network, learn, and develop new partnerships May 16th in NYC. More information: www.cyberinvestingsummit.com.

Cyber Security Summits: May 16 in Dallas and in Seattle on June 25th (Dallas, Texas, United States, May 16 - June 25, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, U.S. Secret Service, Verizon, Center for Internet Security, and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Passes are limited, secure yours today: www.CyberSummitUSA.com

Uniting Women in Cyber (Arlington, VA, United States, May 17, 2019) Join us as we celebrate the women in today’s cybersecurity ecosystem at the Uniting Women in Cyber Symposium on May 17, 2019! This full-day event features dynamic women speakers discussing the future of tech, cybersecurity and business. Network among 300–400 business and technical professionals and attend our awards reception recognizing women in tech and business.

DreamPort Event: Tech Talk Series: How DevOps and Automation Can Accelerate Warfighting Readiness (Columbia, Maryland, United States, June 19, 2019) Come hear NetApp's own DevOps journey and lessons learned and see how NetApp has equipped large enterprises to change fast and manage risk, with its deep integration with DevOps tools. In this interactive demonstration and discussion, NetApp will guide conversation towards a DevSecOps vision that can be realized immediately with capabilities that are available today to Defense Department developers.

DreamPort Event: RPE- 006: The Defense at Pemberton Mill (Columbia, Maryland, United States, June 21, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM is hosting RPE -006: The Defense at Pemberton Mill. For this event, we'll be looking for solutions that monitor a fictitious network for vulnerabilities and detect attacks in progress. We want participants to bring solutions for monitoring both information technology (IT) and operational technology (OT) networks both in live (with network taps) and offline (PCAP) mode. This event is June 21.

Dateline Global Cyber Innovation Summit

The state of the market and a “perfect cyber storm.” (The CyberWire) Dave DeWalt explains the offense-defense seesaw in cyberspace, and why innovation breeds threats.

Cyberwar: lessons from the Estonian experience. (The CyberWire) Estonia's Ambassador-at-large for Cyber Security shares lessons in resilience and deterrence, and stresses that they require domestically a whole-of-nation approach, internationally an effective coalition of the like-minded, and that they start with cooperative attribution.

Why Baltimore, and why the US East Coast? (The CyberWire) Bringing Davos to Dundalk (or just up the harbor from Dundalk). Why the cybersecurity industry convened a summit in Baltimore.

Crisis stability in the fifth domain. (The CyberWire) What should the goal of cyber defense be? Maybe a big part of it is convincing the opposition that it will be harder to win than they think.

Cyber Attacks, Threats, and Vulnerabilities

Hamas cyber-attack thwarted by Israel security forces (The Jerusalem Post) In a joined operation of Shin Beit and the IDF a planned Hamas cyber-attack was thwarted over the weekend, Israeli media reported.

A Mysterious Hacker Group Is On a Supply Chain Hijacking Spree (WIRED) A group of likely Chinese hackers has poisoned the software of at least six companies in just the last three years.

SECURITY: Experts assess damage after first cyberattack on U.S. grid (E&E News) The U.S. power sector marked a sober milestone last week as an anonymous Western utility became the first to report a malicious "cyber event" disrupting grid operations. As details of the attack emerge, experts are divided about the long-term threat to electricity networks.

Analysis | The Cybersecurity 202: A cyberattack just disrupted grid operations in the U.S. But it could have been far worse. (Washington Post) It raised concerns about the potential for a far more powerful attack.

'Cyber Disruption' Affected Parts Of U.S. Energy Grid (NPR) NPR's Scott Simon asks journalist Blake Sobczak of E&E News about his reporting on a "cyber event" that impacted grid networks in California, Utah and Wyoming.

Warnings that 5G mobile tech could threaten 'entire societies' (ABC Radio) A major international cyber security conference, which drew together spies, diplomats and global cyber officials — but notably excluded China and Russia — has concluded that the functioning of entire societies could be put at risk from penetrations of the world's future 5G mobile phone network.

MegaCortex ransomware rears its head on May Day (Enterprise Innovation) Over the Labor Day (1 May) holiday last week, Sophos reported a sudden spike in volume on a new ransomware known as MegaCortex across several Asian countries.

New MegaCortex Ransomware Found Targeting Business Networks (BleepingComputer) A new ransomware has been discovered called MegaCortex that is targeting corporate networks and the workstations on them. Once a network is penetrated, the attackers infect the entire network by distributing the ransomware using Windows domain controllers.

“MegaCortex” ransomware wants to be The One (Sophos News) The sudden appearance of a new ransomware on a large number of enterprise networks was not the May Day gift anyone wanted

Developers at Microsoft's GitHub are being held to ransom (MSPoweruser) Microsoft’s opens source development platform was last night targeted by hackers, who are demanding payment before they’ll return the hundreds of code sources they stole. The hackers wiped 392 code repositories, downloading and storing the source codes on their own server. “What is known is that the hacker removes all source code and recent commits …

Attackers Wiping GitHub and GitLab Repos, Leave Ransom Notes (BleepingComputer) Attackers are targeting GitHub, GitLab, and Bitbucket users, wiping code and commits from multiple repositories according to reports and leaving behind only a ransom note and a lot of questions.

Scranos Rootkit Operation Turns Global; Enterprises to Improve Security Posture (Security Boulevard) Sophisticated threats remain one of the main concerns in enterprises today. As environments grow in complexity, malware actors find innovative ways to infiltrate overlooked entry points in the network, hiding behind the scenes to wreak havoc without ever making a full-blown appearance.

This password-stealing malware just evolved a new tactic to remain hidden (ZDNet) Windows malware campaign re-emerges with new techniques for attempting to stay under the radar.

Charles River Labs says its biotech, pharma clients' data was hacked (Boston Business Journal) An unidentified group of hackers recently broke into Charles River Laboratories’ information system and copied some drug developers’ data, the company disclosed Tuesday.

Over 200 College Campus Stores Infected with Card Stealing Scripts (BleepingComputer) The checkout pages of hundreds of U.S. and Canadian online campus stores powered by the PrismWeb e-commerce platform were injected by a hacking group with a JavaScript-based payment card skimming script.

What is Phishing? Find Out with Gary Davis on the Latest Episode of Tech Nation (McAfee Blogs) Gary Davis is now a regular contributor on the Tech Nation podcast!  In this episode, Gary Davis educates that phishing is more than just an

Kaspersky expert on the enemy in your pocket: large-scale SIM swap fraud (Intelligent CIO) With mobile phone payments now hugely popular, cybercriminals have been targeting the market in a wave of attacks. With SIM swap fraud nowadays conducted on a large scale, Fabio Assolini, Senior Security Researcher, Global Research and Analysis Team, Kaspersky Lab, tells Intelligent CIO how cybercriminals complete the fraud and the best ways to avoid being the next victim.

How ‘deepfake’ videos are manipulating people online (TODAY.com) The so-called “deepfakes,” or fake videos altered to look incredibly real, are surfacing online by people determined to spread fake news, influence elections and create tensions. NBC’s Tom Costello investigates the terrifying technology for the 3rd hour of TODAY.

Cybercrime organizations work just like any other business: Here's what they do each day (CNBC) Researchers from IBM and Google described how cybercriminal groups operate, and often mimic the behavior of companies, including the one you might work for.

New Extortion Email Scam Threatens to Release Your Sex Tape (BleepingComputer) Scammers are now sending extortion emails stating that they have a tape of you and them having intercourse and are threatening to release it if you do not send them a $1,500 in bitcoins.

Teenager hacks drone to prove cyber attack risk (Reuters) A 13-year-old boy successfully hacked a drone in a stunt aimed at showing how vulnerable web-connected devices are to attacks. Lauren Anthony reports.

ConnectWise outage takes down partners across Europe (CRN Australia) And there’s a hint of data loss too.

Middletown schools thwart malware attack (GreenwichTime) An end-of-year ransomware attack, which disabled access to critical business systems and applications for Middletown Public Schools , underscored the need to upgrade both perimeter and endpoint security recently.

Anwar's office hit by 'cyber attack' (Malaysiakini) He says relevant parties are being engaged to resolve the cyber intrusion.

Security Patches, Mitigations, and Software Updates

Fix for Tor Browser NoScript Addon Being Disabled (BleepingComputer) When Mozilla let their intermediate signing certificate expire, it not only affected addons in the normal Firefox browser, but also for ones bundled with Tor. This caused the NoScript and HTTPS-Everywhere addons to no longer work in the Tor browser.

Cyber Trends

What differentiates the strongest cybersecurity programs from the rest (Help Net Security) Just how much are financial institutions spending on cybersecurity? An average of about $2,300 per employee, Deloitte survey finds.

Marketplace

Facebook Bans Alex Jones, Other Extremists—but Not as Planned (WIRED) Alex Jones, Infowars, Laura Loomer and Milo Yiannopoulos are expelled from Facebook and Instagram, but the ban's rollout went awry.

Trump tweets support for far-right figures banned by Facebook (CNN) Facebook barred seven users from its services earlier this week, citing its policies against "dangerous individuals and organizations." Now President Donald Trump is siding with the people who were banned and railing against social media "censorship" -- all while using one of his favorite social sites.

Here’s How Facebook Should Really Handle Alex Jones (POLITICO Magazine) There are ways to limit extreme ideas on the platform while still protecting free speech.

Norsk Hydro urges caution as it counts cost of cyber attack (ComputerWeekly.com) Norwegian aluminium giant is urging partners to be cautious in the wake of a damaging ransomware attack in March as financial impact estimates come in above initial estimates

BlackBerry: Why Bears Avoid Cylance With 'Thin Air' Arguments (Seeking Alpha) BB’s 2019 fourth-quarter beat reignited false speculations of its loyal short sellers. The IP & Licensing division was under deep scrutiny as it grew by 71% YoY

CGI joins with Thales on Galileo security software (GPS World) CGI has signed an agreement with Thales Alenia Space France to enhance and maintain security software for the Galileo satellite navigation system.

Growing demand for cyberdefenders in Iowa, Nebraska (San Francisco Chronicle) The demand for cybersecurity experts has grown as crooks with computers hack their way into business, government and other networks. CyberSeek, a project funded by the U.S. Commerce Department, says nearly 4,600 people are working on cybersecurity in Nebraska and that there are openings for more than 2,000 workers.

U.S. Tech Needs Hard Lines on China (Foreign Policy) Researchers must stay aware of how easily AI work can be turned to repressive ends.

Facebook is trying to make the word “private” meaningless (The Outline) The company doesn't need to read your messages to keep collecting data about you.

Palantir and Doosan form partnership for data analysis (Equipment Journal) Doosan has partnered with Palantir, a Silicon Valley-based company that provides big data analysis platform to organizations in various fields

Exclusive: Zscaler snaps up 172K square feet in North San Jose (Silicon Valley Business Journal) The lease in a prime North San Jose office campus will more than double's Zscaler's San Jose footprint.

Products, Services, and Solutions

New infosec products of the week: May 3, 2019 (Help Net Security) New infosec products for the first week of May 2019 include releases from the following vendors: Anonos, BigID, Immuta, NS1 and Trustwave.

GrammaTech releases Binary Analysis and Rewriting Interface into Open Source (New Electronics) GrammaTech is making its Intermediate Representation for Binaries (GTIRB), a data structure representing binaries for analysis and rewriting, available as free and open source software.

Mimecast Aims To Thwart Cyber Attacks With Hearty E-Mail Monitoring (Investors Business Daily) Mimecast was founded on the belief...

.CLUB Launches Innovative Trademark Sentry Unlimited Name Blocking Brand Protection Service (Morningstar) .CLUB Launches Innovative Trademark Sentry Unlimited Name Blocking Brand Protection Service, Read most current stock market news, Get stock, fund, etf analyst reports from an independent source you can trust – Morningstar

Technologies, Techniques, and Standards

Taking further steps to support electoral integrity in Europe (EU Policy Blog) As the European Parliament elections approach, protecting democratic processes from nation state-led cyberattacks and disinformation is on everyone’s mind.

Do We Need RFID-blocking Products? We Asked An Expert (Digital Trends) From smart wallets to smart clothing, RFID-blocking products are big business, but are you really at risk from identity theft or fraud via RFID skimming? And if you are, do these products really keep you safe? We investigated RFID-related crime and spoke to an expert to find out.

Design and Innovation

Japan is developing a "good" computer virus for the sake of security (2spyware) Japan has decided to create a computer virus which should improve the cybers space . The news that Japan is seeking to develop a 'good' computer

Facebook Is Finding Problems With Artificial Intelligence Too (WIRED) Facebook is using artificial intelligence to police offensive speech and other tasks. But the technology brings its own unintended consequences.

Xbox Community Standards | Xbox (Xbox.com) The gamertags, gamerpics, screenshots, game clips, and other posts you make on Xbox can be a great way to show off what’s meaningful to you. We encourage all players to be themselves and show off what they like, what makes them laugh, or what makes them amazing. But this sharing can’t come at the expense of other players’ positive experiences.

IBM’s Hyperledger isn’t a real blockchain — here’s why (Podium | The Next Web) It really isn't

Research and Development

How to hide from the AI surveillance state with a color printout (MIT Technology Review) AI-powered video technology is becoming ubiquitous, tracking our faces and bodies through stores, offices, and public spaces.

Legislation, Policy, and Regulation

New report explains how China thinks about information warfare (C4ISRNET) The Chinese military has established a Network Systems Department, which is responsible for information warfare.

It's too late for authoritarian regimes to construct Beijing-style firewalls, but that doesn't mean they're giving up control (The Telegraph) Vladimir Putin signed a law to create a “sovereign Internet” last week which the Kremlin hopes to use to isolate Russia from the rest of the web.

Israel Retaliates To A Cyber-Attack With Immediate Physical Action In A World First (Forbes) It could mark a change in modern cyber warfare tactics, given that it is the first time a cyber-attack has been met with immediate physical retaliation

In a first, Israel responds to Hamas hackers with an air-strike (ZDNet) Israel military said it bombed building housing Hamas cyber forces.

Baghdadi’s defiant message could cut both ways (Rudaw) The release of a video by the propaganda arm of the Islamic State (ISIS) group purportedly featuring its self-declared caliph has understandably fueled speculation over possible motives. A tacit acknowledgment of the group’s defeat in Syria in March by the man said to be Abu Bakr al-Baghdadi was offset, so to say, by his claim that the April 21 Easter bloodbath in Sri Lanka was “vengeance for their brothers in Baghouz”.

Cyber officials call for coordinated 5G security approach (Fifth Domain) The meeting comes amid a simmering global battle between the U.S. and China's Huawei, the world's biggest maker of network infrastructure equipment.

Prague Summit Calls For Tighter 5G Security Rules (Silicon UK) The summit does not single out Huawei, but calls for restrictions that take state influence into account

32 countries work to harmonize 5G security plans at Prague conference (VentureBeat) As 5G technology rolls out across the globe, Western and Asian governments are developing network security plans; China and Russia were not invited.

Prague 5G Security Conference (Government of the Czech Republic) An international expert conference on the security of 5G networks is going be held at the Ministry of Foreign Affairs in Prague on May 2 and 3, 2019 under the auspices of Prime Minister Andrej Babiš. Dozens of experts on 5G networks and cyber security from the EU, NATO states and other countries will attend the conference.

Huawei says 5G security is a technical, not a country issue (South China Morning Post) Representatives from around 30 western nations agreed to broad, non-binding Prague Proposals, which outline a coordinated approach to 5G security and policy measures

Who dares to use Huawei? (South China Morning Post) The US has threatened to rethink connectivity and information sharing with any nation using Huawei equipment in any part of their 5G infrastructure. Washington first declared the company a…

The Huawei incident points to a deeper lesson for Great Britain | Larry Elliott (the Guardian) Beyond the leaks and even the data security lies a message about our attitude toward manufacturing

Could Penny Mordaunt become Theresa May’s emotionally intelligent successor? (the Guardian) If she can make a splash as defence secretary, this ardent Brexiteer could become prime minister, says the Spectator’s deputy political editor

The Strategist Six: Mike Rogers (The Strategist) Welcome to ‘The Strategist Six’, a feature that provides a glimpse into the thinking of prominent academics, government officials, military officers, reporters and interesting individuals from around the world. 1. It appears that the United ...

Australia's cybersecurity chief Alastair MacGibbon resigns (ZDNet) MacGibbon's decision to resign at the "end of the electoral cycle" makes sense both organisationally and personally, especially given the potential for uncertainty ahead.

Trump says he talked to Putin about ‘Russian Hoax’ but not about ongoing election interference (Washington Post) After the one-hour call Friday covering North Korea, nuclear weapons and more, Trump contradicted his aides by saying Russia is “not looking at all to get involved in Venezuela.

Mike Pompeo vs. Chris Wallace: Why Doesn't Trump Bring Up Election Meddling With Vladimir Putin? (FOX News Sunday) "Fox News Sunday" host Chris Wallace grills Secretary of State Mike Pompeo about the president's statement that during an hour-long phone call Friday morning with Russian President Vladimir Putin, President Trump did not tell his Russian counterpart not to meddle in future U.S. elections...

New documents provide details on NSA relationship with Cyber Command (Fifth Domain) Documents obtained via FOIA provide some details on the degree to which NSA was involved with the expansion of Cyber Command's cyber force.

Heritage Argues to Retain Dual-Hat NSA/CyberCom Leadership (Meritalk) A new research piece from the Heritage Foundation argues in favor of retaining the current dual-hat command structure for the National Security Agency and U.S. Cyber Command, currently headed by Gen. Paul Nakasone.

Senators introduce bill to prevent border agency from selling personal data (TheHill) A group of senators on Friday will introduce a bipartisan bill aimed at preventing Customs and Border Protection (CBP) from selling citizens' personal data, in an effort to reduce identity theft and credit card fraud.

Is the DHS budget too stagnant for cyber growth? (Fifth Domain) The White House proposed cutting budgets for the Department of Homeland Security's Science and Technology Directorate and the Cybersecurity and Infrastructure Security Agency.

Public Private Partnerships And The Cybersecurity Challenge Of Protecting Critical Infrastructure (Forbes) Strong public/private partnerships are required in operating/protecting the U.S. critical infrastructure. Most defense, oil/gas, electric power grids, health care, utilities, communications, transportation, education, banking/finance is owned by the private sector yet regulated by the public sector.

Litigation, Investigation, and Law Enforcement

Sri Lanka expels 600 foreigners after Easter bombings (Deutsche Welle) Around 200 Islamic clerics were among the 600 foreigners expelled from Sri Lanka after deadly bombings on Easter Sunday. Extensive security measures have been taken as schools reopen. Tourism has effectively collapsed.

Israel's Iron Dome Headache (As In China Might Have Stolen the Specs On It) (The National Interest) Really? 

Huawei leak not criminal offence, police say (BBC News) The Met says the Official Secrets Act was not breached, after Gavin Williamson was sacked over the leak.

Huawei leak scandal: Theresa May sacking of ex defense secretary backfires (MercoPress) British Prime Minister Theresa May hoped firing her defense secretary over a leak would put her latest government scandal to rest. But it seems only to have unleashed yet another political storm for the PM, with members of her own party questioning her judgment and opponents demanding the police be called in.

Why May put Huawei before security (The Conservative Woman) Why May put Huawei before security

Opinion: Governments are deploying spyware on killers, drug lords – and journalists (The Globe and Mail) Sophisticated digital spyware such as Pegasus can turn cellphones into secret agents to take aim at advocates, lawyers, scientists, and the media – and these programs know no borders

Israeli tech used to imprison journalists in Myanmar — report (Times of Israel) Company that breaches cellphones says it stopped service to country's military rulers, but not before two Reuters reporters jailed

International cops shutter two dark web sites, arrest three accused of running Wall Street Market - CyberScoop (CyberScoop) International law enforcement agencies have announced the shutdown of the Wall Street Market and the Valhalla Marketplace, two dark web marketplaces known for the sale of drugs, stolen data and other illicit materials.

Feds Bust Up Dark Web Hub Wall Street Market (KrebsOnSecurity) Federal investigators in the United States, Germany and the Netherlands announced today the arrest and charging of three German nationals and a Brazilian man as the alleged masterminds behind the Wall Street Market (WSM), one of the world’s largest dark web bazaars that allowed vendors to sell illegal drugs, counterfeit goods and malware.

Facebook Faces a Big Penalty, but Regulators Are Split Over How Big (New York Times) The F.T.C. chairman seems to have the votes to approve a settlement. One of the biggest issues has been whether to hold Mark Zuckerberg liable for future violations.

Brussels poised to probe Apple over Spotify’s fees complaint (Financial Times) EU to launch formal competition inquiry as music streaming battle escalates

The Hezbollah Sleeper Agent Busted for Black Ops in America (The Daily Beast) Ali Kourani allegedly helped a global terrorist network plot revenge against the U.S. from a home in the Bronx. He was undone after running a stop sign with 190 pairs of Uggs.

Alleged Ukrainian Malvertiser Extradited, Faces Hacking Charges (BleepingComputer) A 31-year old Ukrainian national named Oleksii Petrovich Ivanov who allegedly ran multiple malvertising campaigns between October 2013 through May 2018 was extradited to the U.S. from the Netherlands and is facing hacking charges.

Navy officer charged with secretly recording his shipmates (Navy Times) The junior officer is accused of recording several sailors from 2013 to 2017.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Houston CyberSecurity Conference (Houston, Texas, USA, May 15, 2019) Join us to interact with CISOs & Senior Level Executives who have effectively mitigated the risk of Cyber Attacks. The keynote at Houston will be delivered by Damian Taylor, CISO Landry’s Inc, on "Hiding...

Kansas City CyberSecurity Conference (Kansas City, Missouri, USA, May 22, 2019) Join us to interact with CISOs & Senior Level Executives who have effectively mitigated the risk of Cyber Attacks. The keynote at Kansas City will be delivered by John Dickson, Principal, Denim Group Ltd,,...

San Diego Cyber Security Conference (San Diego, California, USA, June 5, 2019) Join us to interact with CISOs & Senior Level Executives who have effectively mitigated the risk of Cyber Attacks. In San Diego the keynote will be delivered by Darin Andersen, CEO/ Founder NXT Robotics,...

CyberNext Summit (Washington, DC, USA, October 8 - 10, 2019) Cybersecurity is shifting toward more distributed and dynamic models. Decentralized security infrastructure brings its challenges and opportunities. CyberNext Summit (#CNS19) 8-10 October, 2019 in Washington...

Borderless Cyber (Washington, DC, USA, October 8 - 10, 2019) OASIS Borderless Cyber and The Integrated Adaptive Cyber Defense (IACD)'s Integrated Cyber merge conferences this year to bring you a three-day program addressing advances in automation and autonomous...

Upcoming Events

Cybertech Midwest 2019 (Indianapolis, Indiana, USA, April 24 - July 25, 2019) Cybertech is the cyber industry’s foremost B2B networking platform featuring cutting-edge content by top executives, government officials, and leading decision-makers from the world of cyber. Our Cybertech...

SecureWorld Kansas City (Kansas City, Missouri, USA, May 8, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...

RiskSec 2019 (Philadelphia, Pennsylvania, USA, May 8, 2019) RiskSec 2019 will provide insights from thought leaders across various industries, focusing on the most significant issues that CISOs and other security professionals face every day. Learn about new approaches...

Digital Utilities Europe 2019 (London, England, UK, May 8 - 9, 2019) Following three successful editions of ACI’s Digital Utilities Europe Summit, the 4th edition will be taking place in London, United Kingdom on 8th-9th May 2019. The conference will bring together key...

Secutech 2019 (Taipei, Taiwan, May 8 - 10, 2019) As the largest regional business platform for professionals in the security, mobility, building automation and fire safety solution sectors, Secutech is the annual gathering place for key players from...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.