skip navigation

More signal. Less noise.

Get your copy of the definitive guide to threat intelligence.

We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.

Daily briefing.

Another set of speculative execution flaws similar to Spectre and Meltdown has been found in Intel chips. As VentureBeat explains, the four vulnerabilities (which Intel calls "Microarchitectural Data Sampling" issues, and others "ZombieLoad") enable sidechannel attacks. Researchers at the Vrije Universiteit Amsterdam identified the three Rogue In-Flight Data Load issues. The remaining MDS problem, "Fallout," was discovered by an international team drawn from the University of Michigan, Worcester Polytechnic Institute, Graz University of Technology, KU Leuven, the University of Adelaide, and Data61.

Siemens, Apple, Adobe, and Microsoft all patched yesterday. Apple's patches addressed, among other things, the ZombieLoad sidechannel vulnerability in its products' Intel chips. Cupertino wasn't alone in working on ZombieLoad. As TechCrunch reports, Amazon, Google, Mozilla, and Microsoft also took on the speculative execution flaw. Intel itself has released a set of mitigations for the vulnerability. Fixes for ZombieLoad are thought likely to degrade CPU performance by twenty to forty percent.

Microsoft released sixteen updates in total, resolving seventy-nine distinct vulnerabilities. One involved a bug that could be exploited by a WannaCry-like worm, and Redmond drew particular attention to this issue. It was judged serious enough that Microsoft patched beyond end-of-life software including Windows XP and Windows 2003. Although no longer supported, both remain in wide use.

Siemens addressed issues in its industrial control systems, and Adobe fixed problems with several products, including Acrobat and Reader.

Endpoint protection shop CrowdStrike has filed for its long-expected initial public offering. The company's S-1 reached the Securities and Exchange Commission yesterday.


Today's issue includes events affecting Australia, Belgium, China, Denmark, Estonia, European Union, Finland, France, Iceland, Iran, Japan, Latvia, Lithuania, Netherlands, Norway, Russia, Sweden, United Kingdom, United States.

Bring your own context.

May we offer a grim story? Why, in the old days when armies executed spies and serious defaulters by shooting, did relatively civilized armies use a firing squad and not an officer with a pistol? An ordnance sergeant would load the squad's rifles, one of them with a blank cartridge. The troops wouldn't know who had the blank, and could thus console an uneasy conscience with the chance their rifle had no bullet. Differential privacy is a little like that: consolation with the small chance of lying to a pollster or census-taker. Consider a typical question.

"For example, have you ever used drugs? And so people might not want to give the true answer, especially if that answer is yes. So what you can do, essentially, is have the person flip a coin or flip a couple of coins privately so even the person asking the question doesn't see what the result is, and then to basically give an incorrect answer, so to lie with some small probability.

"So let's just say that, you know, 10% of the time, you'll be told to lie, and 90% of the time, you'll be told to tell the truth. So the point is that now, when somebody asks me - right? - have you used drugs, even if I answer yes, it's not clear whether the true answer is yes or whether the true answer is no and I'm just lying because I'm in the 10% of the time when I'm supposed to lie.

"And so therefore, it gives you a sort of plausible deniability. You can prove it actually gives you some formal notion of privacy. But nevertheless, it turns out that because you're only lying with a small probability, the researchers can still use the answers to those questions to do statistical analysis over the result."

The University of Maryland's Jonathan Katz, on the CyberWire Daily Podcast, 5.13.19.

Still, on the record, honesty remains the best policy. (You can also just tell a snoopy researcher to take a hike.)

Automation techniques by Coalfire and AWS enable FedRAMP ATO in half the time

Automation is dramatically changing the times and costs to compliance—in many cases by half compared to traditional methods. Furthermore, these techniques can slash the demands on in-house staff and eliminate much of the redundant work across frameworks. Download the white paper explaining the benefits of new automation techniques pioneered by Coalfire and AWS.

In today's podcast, out later this afternoon, we speak with Malek Ben Salem from our partners at Accenture Labs. She provides an overview of the Accenture Technology Vision report. Our guest is Tom Pedersen from OneLogin, who discusses password use trends.

Uniting Women in Cyber (Arlington, VA, United States, May 17, 2019) Join us as we celebrate the women in today’s cybersecurity ecosystem at the Uniting Women in Cyber Symposium on May 17, 2019! This full-day event features dynamic women speakers discussing the future of tech, cybersecurity and business. Network among 300–400 business and technical professionals and attend our awards reception recognizing women in tech and business.

DreamPort Event: Tech Talk Series: How DevOps and Automation Can Accelerate Warfighting Readiness (Columbia, Maryland, United States, June 19, 2019) Come hear NetApp's own DevOps journey and lessons learned and see how NetApp has equipped large enterprises to change fast and manage risk, with its deep integration with DevOps tools. In this interactive demonstration and discussion, NetApp will guide conversation towards a DevSecOps vision that can be realized immediately with capabilities that are available today to Defense Department developers.

DreamPort Event: RPE- 006: The Defense at Pemberton Mill (Columbia, Maryland, United States, June 21, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM is hosting RPE -006: The Defense at Pemberton Mill. For this event, we'll be looking for solutions that monitor a fictitious network for vulnerabilities and detect attacks in progress. We want participants to bring solutions for monitoring both information technology (IT) and operational technology (OT) networks both in live (with network taps) and offline (PCAP) mode. This event is June 21.

Wicked6 Cyber Games (Las Vegas, Nevada, United States, August 6, 2019) Wicked6 is a fundraiser and cybersecurity exhibition in a thrilling esports arena in Las Vegas on August 8, 2019. It’s a week when cybersecurity leaders from around the world come to Las Vegas, and all are welcome to come by to experience this exciting and unique cyber competition as a player, sponsor, or avid fan. Wicked6 will raise funds for the Women’s Society of Cyberjutsu, a national 501(c)(3) nonprofit that promotes training, mentoring and more to advance women and girls in cybersecurity careers.

Cyber Attacks, Threats, and Vulnerabilities

Single server ties hacked diplomatic cables to Chinese cyberattacks worldwide (ZDNet) Further investigation into a single C2 has revealed some interesting results.

Reaver: Mapping Connections Between Disparate Chinese APT Groups (Threat Vector) New research links an attack featured in a front-page New York Times story about the theft of sensitive European Union diplomatic cables by an alleged Chinese APT to a whole host of additional attacks on internal Chinese political targets thought to have been carried out by different Chinese APT groups.

Speculators Look to ID AVs Hacked by Russia (Infosecurity Magazine) Trend Micro confirms unauthorized access from third party, though McAfee and Symantec say no evidence of breach.

Anti-virus vendors named in Fxmsp's alleged source code breach respond (SC Media) McAfee, Symantec and Trend Micro are reportedly the antivirus companies whose source code the cybercriminal group Fxmsp claims to have stolen.

Over 460,000 E-Retailer User Accounts Hacked (Infosecurity Magazine) Asia's largest retailer suffered a breach exposing account information of nearly half a million users

New Class of Vulnerabilities Leak Data From Intel Chips (SecurityWeek) ZombieLoad, RIDL and Fallout: Intel processors are vulnerable to more speculative execution side-channel attacks that can allow malware to obtain sensitive data.

New speculative execution bug leaks data from Intel chips’ internal buffers (Ars Technica) Intel-specific vulnerability was found by researchers both inside and outside the company.

Meltdown Redux: Intel Flaw Lets Hackers Siphon Secrets from Millions of PCs (WIRED) Two different groups of researchers found another speculative execution attack that can steal all the data a CPU touches.

BitDefender researchers discover terrifying security vulnerability in Intel CPUs (The Next Web) The specter of Spectre looms.

Intel melts down again – new CPU data leaks revealed (CRN Australia) Fixes flow but Microsoft warns Active Directory data could be pinched.

The second Meltdown: New Intel CPU attacks leak secrets (CSO Online) Intel has done some mitigations for these vulnerabilities that can leak secrets from virtual machines, secure enclaves and kernel memory. Here's how the attacks work.

Microsoft warns of major WannaCry-like Windows security exploit, releases XP patches (The Verge) Windows 10 and Windows 8 are safe

Critical Update: Windows Remote Desktop Services Vulnerability (Zscaler) Zscaler security research team found a critical vulnerability in Microsoft Windows Remote Desktop Services. Zscaler Cloud Sandbox provides proactive coverage against worm payloads and advanced threats like ransomware and our team is actively monitoring for in-the-wild exploit attempts to ensure coverage.

Boost Notification (Boost Mobile) Dear Valued Customer: Boost Mobile is writing to inform you of a recent security incident. We take this matter, and all matters involving customer privacy, very seriously.

Burned After Reading: Endless Mayfly’s Ephemeral Disinformation Campaign (The Citizen Lab) Using Endless Mayfly as an illustration, this highlights the challenges of investigating & addressing disinformation from research & policy perspectives.

WhatsApp Exploit Reveals 'Legalized Hacking' at Work (Info Risk Today) Attackers exploiting a buffer overflow in WhatsApp's signaling software to automatically infect devices with malware - without users even having to answer their

WhatsApp Flaw Used in Targeted, Not Widespread, Attacks (Decipher) A WhatsApp vulnerability has reportedly been used in highly targeted attacks to install spyware on victims’ phones.

WhatsApp hack: Don't believe politicians, it's never been 'impossible to crack' (The Telegraph) The WhatsApp hack is not the first, and will not be the last time that supposedly “invulnerable” encrypted systems prove to be anything but.

Plead malware distributed via MitM attacks at router level, misusing ASUS WebStorage (WeLiveSecurity) ESET research shows how cybercriminals behind the Plead malware have been using compromised routers and MitM attacks against ASUS WebStorage to spread the backdoor.

Uniqlo Says 460,000 Online Accounts Accessed in Japan Hack (Bloomberg) Fast Retailing urges customers to change their passwords. Personal information, purchase history may have been accessed.

Hackers Add Security Software Removal to Banload Banking Malware (SecurityWeek) SentinelOne has analyzed a new development within perhaps the most prolific Brazilian banking malware, Banload, that highlights the hackers' adaptability.

Remote Code Execution Vulnerability Impacts SQLite (SecurityWeek) A use-after-free vulnerability (CVE-2019-5018) in SQLite could allow an attacker to send a specially crafted SQL command to execute code remotely.

Siemens SIMATIC, SINUMERIK, and PROFINET IO (Update C) (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 5.3ATTENTION: Exploitable from an adjacent networkVendor: SiemensEquipment: SIMATIC, SINUMERIK, and PROFINET IOVulnerability: Improper Input Validation2.

Siemens S7-400 CPUs (Update A) (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 8.2ATTENTION: Exploitable remotely/low skill level to exploitVendor: SiemensEquipment: S7-400 CPUsVulnerabilities: Improper Input Validation2. UPDATE INFORMATIONThis updated advisory is a follow-up to the original advisory titled ICSA-18-317-02 Siemens S7-400 CPUs that was published November 13, 2018, on the NCCIC/ICS-CERT website.

WIBU SYSTEMS AG WibuKey Digital Rights Management (Update D) (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 10.0ATTENTION: Exploitable remotely/low skill level to exploit/public exploits availableVendor: WIBU-SYSTEMS AGEquipment: WibuKey Digital Rights Management (DRM)Vulnerabilities: Information Exposure, Out-of-bounds Write, Heap-based Buffer Overflow2.

Siemens CP, SIMATIC, SIMOCODE, SINAMICS, SITOP, and TIM (Update A) (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 7.5ATTENTION: Exploitable remotely/low skill level to exploitVendor: SiemensEquipment: CP, SIMATIC, SIMOCODE, SINAMICS, SITOP, and TIMVulnerability: Out-of-bounds Read2.

Siemens SIMATIC Panels and WinCC (TIA Portal) (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 6.5ATTENTION: Exploitable remotely/low skill level to exploitVendor: SiemensEquipment: SIMATIC WinCC Runtime Advanced, WinCC Runtime Professional, WinCC (TIA Portal); HMI PanelsVulnerabilities: Use of Hard-coded Credentials, Insufficient Protection of Credentials, Cross-site Scripting2.

Siemens Industrial Products with OPC UA (Update A) (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 7.5ATTENTION: Exploitable remotely/low skill level to exploitVendor: SiemensEquipment: SIMATIC, SINEC-NMS, SINEMA, SINEMURIK Industrial Control Products with OPC UAVulnerability: Uncaught Exception2.

Siemens SIMATIC PCS 7, WinCC, TIA Portal (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 9.1ATTENTION: Exploitable remotely/low skill level to exploitVendor: SiemensEquipment: SIMATIC PCS 7, WinCC Runtime Professional, WinCC (TIA Portal)Vulnerabilities: SQL Injection, Uncaught Exception, Exposed Dangerous Method2. RISK EVALUATIONSuccessful exploitation of these vulnerabilities could allow an attacker to execute arbitrary commands on the

Siemens SINAMICS PERFECT HARMONY GH180 Fieldbus Network (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 7.5ATTENTION: Exploitable remotely/low skill level to exploitVendor: SiemensEquipment: SINAMICS PERFECT HARMONY GH180 Fieldbus NetworkVulnerability: Improper Input Validation2. RISK EVALUATIONSuccessful exploitation of this vulnerability could cause a denial-of-service condition.

Siemens SINAMICS PERFECT HARMONY GH180 Drives NXG I and NXG II (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 7.5ATTENTION: Exploitable remotely/low skill level to exploitVendor: SiemensEquipment: SINAMICS PERFECT HARMONY GH180 Drives NXG I and NXG IIVulnerability: Uncontrolled Resource Consumption2.

Siemens LOGO!8 BM (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 9.4ATTENTION: Exploitable remotely/low skill level to exploitVendor: SiemensEquipment: LOGO!8 BMVulnerabilities: Missing Authentication for Critical Function, Improper Handling of Extra Values, Plaintext Storage of a Password2.

Siemens SIMATIC WinCC and SIMATIC PCS 7 (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 9.8ATTENTION: Exploitable remotely/low skill level to exploitVendor: SiemensEquipment: SIMATIC WinCC and SIMATIC PCS 7Vulnerability: Missing Authentication for Critical Function2. RISK EVALUATIONSuccessful exploitation of this vulnerability could allow an unauthenticated attacker with access to the affected devices to execute arbitrary code.

Siemens SCALANCE W1750D (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 9.8ATTENTION: Exploitable remotely/low skill level to exploitVendor: SiemensEquipment: SCALANCE W1750DVulnerabilities: Command Injection, Information Exposure, Cross-site Scripting2.

Omron Network Configurator for DeviceNet (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 7.3ATTENTION: Low skill level to exploitVendor: OmronEquipment: Network Configurator for DeviceNet Vulnerability: Untrusted Search Path2. RISK EVALUATIONSuccessful exploitation of this vulnerability could allow an attacker to achieve arbitrary code execution under the privileges of the application.

Siemens LOGO! Soft Comfort (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 7.8ATTENTION: Low skill level to exploitVendor: SiemensEquipment: LOGO! Soft ComfortVulnerability: Deserialization of Untrusted Data2. RISK EVALUATIONSuccessful exploitation of this vulnerability could allow an attacker to execute arbitrary code if the attacker tricks a legitimate user into opening a manipulated project.

Real estate deals are impacted by ransomware attack in Baltimore (WBAL) New impacts revealed about the computer virus attack that's shut down much of Baltimore City government's ability to do business as usual.

Baltimore warnings about deadly street drugs aren't working because of ransomware attack (Baltimore Sun) The text alert system that warns drug treatment providers and users in Baltimore about potentially deadly street drugs is offline.

UPDATE: ACHD computers back up following cyber attack (Idaho Press) The Ada County Highway District is back online after experiencing a cyber attack.

Security Patches, Mitigations, and Software Updates

Intel Side Channel Vulnerability MDS (Intel) MDS is similar to previously disclosed speculative execution side channel vulnerabilities.

New Intel security flaws could slow some chips by nearly 20% (Reuters) Intel Corp and a group of security researchers on Tuesday said they had found a ...

Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003 (KrebsOnSecurity) Microsoft today is taking the unusual step of releasing security updates for unsupported but still widely-used Windows operating systems like XP and Windows 2003, citing the discovery of a “wormable” flaw that the company says could be used to fuel a fast-moving malware threat like the WannaCry ransomware attacks of 2017.

Microsoft May 2019 Patch Tuesday arrives with fix for Windows zero-day, MDS attacks (ZDNet) Microsoft patches 79 security flaws in the May 2019 Patch Tuesday update train.

CVE-2019-0708 | Remote Desktop Services Remote Code Execution Vulnerability (MSRC) A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests.

Prevent a worm by updating Remote Desktop Services (CVE-2019-0708) (MSRC) Today Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. The Remote Desktop Protocol (RDP) itself is not vulnerable. This vulnerability is pre-authentication and requires no user interaction. In other words, the vulnerability is ‘wormable’, meaning that any future malware that exploits this vulnerability could propagate from...

Apple Patches Intel Side-Channel Bugs; Updates iOS, macOS and More (Threatpost) A massive update addresses the breadth of the computing giant's product portfolio.

Apple Patches 21 Vulnerabilities in WebKit (SecurityWeek) Security updates Apple released for iOS, macOS, Safari, tvOS and watchOS include patches for 21 vulnerabilities that affect open source web browser engine WebKit.

Adobe Patches Over 80 Vulnerabilities in Acrobat Products (SecurityWeek) Adobe patches a critical vulnerability in Flash Player and over 80 flaws in its Acrobat products.

Worried about the WhatsApp hack? Here’s how to update your app. (Washington Post) Update your WhatsApp if you haven't already.

Siemens Addresses Vulnerabilities in LOGO, SINAMICS Products (SecurityWeek) Siemens’ May 2019 Patch Tuesday advisories address over a dozen vulnerabilities, including serious flaws affecting LOGO and SINAMICS Perfect Harmony products.

Cyber Trends

Apricorn Report Reveals Majority of Employees Use Non-Encrypted USB Drives – Even Though 91% Say Encrypted USB Drives Should Be Mandatory (BusinessWire) Apricorn, the leading manufacturer of software-free, 256-bit AES XTS hardware-encrypted USB data storage devices, today announced results of its lates

Phishtales From The World’s Largest Security Awareness User Conference (Cybercrime Magazine) Patching employees and other cutting edge strategies from KnowBe4’s 2019 KB4-CON event

6 Biggest Cybersecurity Risks to Utilities (ABI Research) This evolution to “smart infrastructure” represents a positive, paradigm shift for the utilities industry. However, the security policies of many utilities have not evolved along with it, leaving them incredibly vulnerable.

Prioritizing risks in a climate of geopolitical threats (Help Net Security) The cybersecurity landscape has become increasingly hostile in recent years, with a growing threat from common cybercriminals as well as the looming

UK stung by 140% increase in cyber-attacks (Consultancy) Cyber-attacks in the UK spiralled upwards by 140% in 2018, according to a shocking cyber-threat landscape report.


Meet the shadowy security firm from Israel whose technology is believed to be at the heart of the massive WhatsApp hack (Business Insider) The NSO Group's Pegasus software is believed to be at the heart of a major new spyware attack that affects billions of people.

Who is NSO, the company tied to the WhatsApp security breach? (CNN) WhatsApp has just pushed a significant update to its 1.5 billion users. That's because the messaging service has discovered a security flaw that enabled attackers to remotely install spyware, possibly without the target of the surveillance even being aware of it.

Huawei in bid to grow enterprise business amid scrutiny on key... (Reuters) Huawei Technologies unveiled on Wednesday a new database management system, in a...

Huawei willing to sign 'no-spy' agreements (BBC News) The Chinese telecoms firm has drawn international scrutiny amid concerns it poses a security risk.

CrowdStrike, a cybersecurity unicorn, files to go public (TechCrunch) The SaaS endpoint protection firm submitted documents to the SEC on Tuesday afternoon.

CrowdStrike IPO: 5 things to know about the cybersecurity unicorn (MarketWatch) CrowdStrike Holdings Inc. filed for its long-awaited initial public offering Tuesday, joining a surge of 2019 tech IPOs by companies that have commanded huge...

Crowdstrike files to go public — lost $140 million on $250 million in revenue last year (CNBC) Crowdstrike, a cybersecurity vendor, is the latest tech company seeking to go public in 2019.

Corsica Technologies Announce Acquisition, Expands Services by Adding a Security Operations Center (Yahoo) Corsica Technologies, a globally recognized leader in IT Services has recently acquired EDTS Cyber, a provider of security services, and their sister company EDTS, a leading IT Service Provider. This partnership brings together three world-class technology

This techie aims to put India at the forefront of hack-proof communication (Business Standard) Quantum Cryptography, the technology he is using, comes at a time when enterprises in the country are witnessing increasing cases of sensitive data exposure risks and breaches

Products, Services, and Solutions

SecureAge Integrates Artificial Intelligence Powered APEX Anti-Malware Engine in VirusTotal (Security Boulevard) SecureAge’s APEX engine uses machine learning to recognize zero-day and mutated threats that are traditionally undetectable (NEW YORK) (May 14, 2019) --

Envistacom to Support the Assessment of the Cyber Posture and Interoperability of the NC3 Network (West) Company leveraging their experience with DOT&E cyber assessment program to support Cyber Analytics Systems Threat Lab Environments 2 (CASTLE2) Task Order 20

Nucleus Cyber Expands Data Protection Capabilities to Microsoft Teams and Yammer (Nucleus Cyber) NC Protect now identifies, secures sensitive data for enterprise social communications with intelligent, conditional access and security controls

Ixia and Symantec collaborate to better secure hybrid networks (Help Net Security) Keysight Technologies announced that Ixia, a Keysight Business, and Symantec have extended their collaboration to better secure hybrid networks.

Thales Wins Cybersecurity Excellence Awards for Encryption and Identity and Access Management Solutions (Security Boulevard) Thales’ SafeNet Data Protection on Demand and SafeNet Trusted Access solutions have won the gold award in the Encryption and Identity and Access Management categories of the 2019 Cybersecurity Excellence Awards.

Microsoft, Galois Partner On Election Security (CivSource) Microsoft and Galois have partnered on a new election security solution called ElectionGuard.

RMS launches new risk modelling & data platform, as it sunsets RMS(one) ( Catastrophe risk modelling and analytics firm RMS has announced the launch of a new strategic risk modelling and data platform for the re/insurance

GoTrust ID app users can now simulate USB FIDO Key with smartphone biometrics (Biometric Update) GoTrust ID has developed software to enable smartphones to be used instead of a USB FIDO Key for FIDO 2-step login with popular cloud applications, the first such offering, according to the announcement.

Telxius enhances its Security service with Radware (Yahoo) Telxius, Telefónica Group’s infrastructure company, announced today that it relies on Radware to ensure the protection of its international network from increasingly complex cyberattacks and provide DDoS mitigation services to its customers, helping them mitigate attacks in seconds, compared to hours

Attila Security on NIAP In-Evaluation Product List (PRWeb) Attila Security, a trusted leader of cyber security solutions for government agencies and commercial enterprises, today announced its award-winning GoSilent platform...

Technologies, Techniques, and Standards

G-7 Authorities to War Game Cyber Attack on Bank for First Time (Bloomberg) Simulation will study impact of a disruption of major bank. Test will examine a multi-day outage of an international firm.

A classified DoD network has problems. Now what? (C4ISRNET) The Defense Information Systems Agency identified five areas for improving the Joint Regional Security Stacks.

The Missing Piece of the Cyber Response Plan Puzzle – The Insurance Component (JD Supra) Experts are full of advice about the importance of designing and implementing a robust cyber breach response plan. They opine frequently on its key...

Training, cyber hygiene critical steps for U.S. IoT security (Federal News Network) Zach Butler, director of IoT World, explains why agencies have to do more to mitigate the risks of connected devices.

Design and Innovation

Facebook introduces ‘one strike’ policy to combat abuse of its live-streaming service (TechCrunch) Facebook is cracking down on its live streaming service after it was used to broadcast the shocking mass shootings that left 50 dead at two Christchurch mosques in New Zealand in March. The social network said today that it is implementing a ‘one strike’ rule that will prevent users who…

Twitter launches new search features to stop the spread of misinformation about vaccines (TechCrunch) As measles outbreaks in the United States and other countries continue to get worse, Twitter is introducing new search tools meant to help users find credible resources about vaccines. It will also stop auto-suggesting search terms that would lead users to misinformation about vaccines. In a blog p…

Microsoft Looking To Build Decentralized Identity Network On Top Of Bitcoin Blockchain (Forbes) Microsoft is increasing its work with the mythical decentralised identity, this time by building what it calls a Overlay Network (ION) on top of the Bitcoin blockchain.


Clearwater cybersecurity firm donates training, money to USF College of Business (Tampa Bay Business Journal) The in-kind training and donation equal $1.75 million, the company [KnowBe4] said.

Legislation, Policy, and Regulation

Jacinda Ardern's ambitious plan to end online extremism after the Christchurch massacre (ABC News) New Zealand's Prime Minister is taking her fight to end online extremism to Europe today, teaming up with Emmanuel Macron to try and curtail the power of tech companies to self moderate.

Russia Ready To Cooperate With United States In Cyberspace - Lavrov (UrduPoint) Russia is ready to cooperate with the United States on a professional level on cyber-related issues, Foreign Minister Sergey Lavrov said on Tuesday

Russian military gains in Ukraine could spell trouble for the US Army, even in a conventional fight (Army Times) Cyber warfare is important, but missiles, artillery, tanks and infantry are still dominating the actual battlefield.

Leaks, Drones, Mystery Attacks: US-Iran Tensions Boil Hot, But… (Breaking Defense) As troops and hardware are on the move in the Gulf, diplomats signal that no one is eager for war.

Military plans to counter Iran include possible 120,000 troop deployment, cyber attack ‘Nitro Zeus’ (Military Times) Experts look to potential flare up from an accident or attack. Plans also call for response to Iran ramping up nuclear program.

Trump is reportedly preparing to sign an executive order that would enable a ban on Huawei in the US (TechCrunch) As the trade war with China intensifies again, President Donald Trump is expected to sign an executive order that would make possible a ban on American companies from using telecommunications equipment from Huawei and other companies that the government believes pose a national security risk, Reute…

The worry about 5G: ‘They control whether or not we communicate’ (Fifth Domain) Chinese company Huawei’s efforts to sell its 5G network equipment to U.S. allies worried members of the Senate Judiciary Committee May 14 about disruptions in global communications, intelligence sharing and military operations

China’s Influence Operations in Asia: Minding the Open Door Challenge (The Diplomat) While attention to Beijing’s conduct is important, addressing the permissive conditions that create an enabling environment for its activities should remain front and center.

Nordic, Baltic Regulators Agree to Share Info on Money-Laundering Threats (Wall Street Journal) Regulators said they plan to develop a coordinated process for sharing information across Denmark, Estonia, Finland, Iceland, Latvia, Lithuania, Norway and Sweden.

The NSA knows its weapons may one day be used by its targets (CyberScoop) The idea that enemies will reverse engineer NSA exploits is one that military brass deals with every day. What's being done to prevent it from happening?

Cyber Solarium sets ambitious goals for U.S. digital strength (Fifth Domain) A group of 14 congressmen, government officials and private sector experts are tasked with developing policies for three far-ranging cybersecurity areas.

New Cyberspace Solarium Commission pledges action on 5G safety (Smart Cities Dive) U.S. Sen. Angus King, I-ME, told reporters that the group will review all cyber threats facing the U.S. and make recommendations by year's end.

Bipartisan group of senators introduce legislation designed to strengthen cybersecurity of voting systems (TheHill) A bipartisan group of senators introduced legislation Tuesday that would require a cybersecurity expert from the Department of Homeland Security (DHS) be included on the committee tasked with developing voluntary voting s

Litigation, Investigation, and Law Enforcement

CIA Joins Barr in Investigating Origins of Trump Campaign Surveillance (National Review) Barr has enlisted the help of the CIA to investigate FBI surveillance of the Trump campaign was motivated by partisan bias.

Cybersecurity experts fear fallout from Apple case (TheHill) Cybersecurity experts are worried about the fallout from a Supreme Court ruling allowing customers to sue Apple over the prices in its App Store, claiming it could eventually lead to more unsecured apps being sold to consumers.

San Francisco Bans Agency Use of Facial Recognition Tech (WIRED) Other cities, including Oakland, and Somerville, Massachusetts, are also considering bans on the technology as a threat to civil liberties.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Gartner Security & Risk Management Summit 2019 (National Harbor, Maryland, USA, June 17 - 20, 2019) Make sure you have the latest insights on fast-moving IT trends such as IoT and AI, evolving security technologies and the ever-changing threat landscape. At Gartner Security & Risk Management Summit 2019,...

2020 OurCrowd Global Investor Summit (Jerusalem, Israel, February 11 - 13, 2020) We’re expanding the Summit to three days! Invite-only events will take place February 11-12, with Summit Day on February 13. Summit Week will be packed as ever, with corporate meet ups, VC forums, insider...

Upcoming Events

Cybertech Midwest 2019 (Indianapolis, Indiana, USA, April 24 - July 25, 2019) Cybertech is the cyber industry’s foremost B2B networking platform featuring cutting-edge content by top executives, government officials, and leading decision-makers from the world of cyber. Our Cybertech...

Transport Security Congress (Washington, DC, USA, May 14 - 15, 2019) The Transport Security Congress brings together business and security leaders from all sectors of passenger and goods transportation to discuss solutions to the evolving security and safety risk landscape.

TechNet Cyber (Baltimore, Maryland, USA, May 14 - 16, 2019) TechNet Cyber 2019, formerly the Defensive Cyber Operations Symposium, will be the staging area for military, industry and academia to discuss and plan how to achieve persistent engagement, persistent...

Houston CyberSecurity Conference (Houston, Texas, USA, May 15, 2019) Join us to interact with CISOs & Senior Level Executives who have effectively mitigated the risk of Cyber Attacks. The keynote at Houston will be delivered by Damian Taylor, CISO Landry’s Inc, on "Hiding...

CYBERSEC Brussels Leaders' Foresight 2019 (Brussels, Belgium, May 15 - 16, 2019) The aim of the CYBERSEC Brussels Leaders' Foresight 2019 is to give proactive guidance on how to lead, encourage evidence-based desision-making, and develop cybersecurity policy statecraft in the EU and...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.