skip navigation

More signal. Less noise.

Get your copy of the definitive guide to threat intelligence.

We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.

Daily briefing.

The US Navy may have put trackers in emails destined for defense counsel and news media covering a military trial involving leaks, Military Times reports.

Wednesday's US Executive Order on Securing the Information and Communications Technology and Services Supply Chain declared a state of emergency under the International Emergency Economic Powers Act, the National Emergencies Act, and section 301 of title 3, United States Code. The Executive Order directs the Secretary of Commerce to take the lead in minimizing the risk from companies controlled by "foreign adversaries" (read, "China"). Its immediate effect is to clamp down on the use of Huawei technology in the US. 

The US Commerce Department immediately banned Huawei and seventy of the company's partners. The measure will also affect US exports. Broadcom, Qualcomm, Intel and Oracle, among others, will henceforth find it difficult to sell to Huawei, the Wall Street Journal points out.

China's government has called the Executive Order and its attendant enforcement actions a "wrong course," and promises to "resolutely defend" Chinese companies from Washington's depredations, the AP reports. Beijing sees the affair as a move in a trade war.

US allies may be nudged by both prudential policy and the Wassenaar Arrangement to follow suit, the Times says. They're aware that doing business with Huawei is not only unpopular with the US Government but can also be risky in its own right. As Forbes and others report, the Netherlands' intelligence service is investigating what appear to be Huawei-insinuated backdoors in Dutch telecommunications networks.

Notes.

Today's issue includes events affecting Canada, China, France, Iran, Israel, Netherlands, Norway, Russia, Singapore, Sri Lanka, United Kingdom, United States.

Bring your own context.

Like the rest of us, criminals sometimes choose style over substance. The OceanLotus threat group, for example, is clever and well-resourced, but even they sometimes go for cachet instead of cash. In one instance, they used a small image of Kaito Kuroba, popular manga gentleman thief, for their steganographic caper.

"Absolutely, yeah, the Kaito Kid. Definitely give them some style points for that one. I mean, if it had been Naruto or Pokemon, it might have been a bit more easily identifiable. I certainly hadn't heard of that particular series, but we had a few on our APAC team who had. But no, in a way, that wasn't the perfect image for them, because it was too small to hold the entire payload embedded in individual pixels."

—Tom Bonner, director of threat research at Blackberry Cylance, on last weekend's Research Saturday.

So as big an impression the clothes would make on prom night, maybe the white top hat and tails aren't the best look for steganography. (Even if you accessorize with a purple scarf.)

Automation techniques by Coalfire and AWS enable FedRAMP ATO in half the time

Automation is dramatically changing the times and costs to compliance—in many cases by half compared to traditional methods. Furthermore, these techniques can slash the demands on in-house staff and eliminate much of the redundant work across frameworks. Download the white paper explaining the benefits of new automation techniques pioneered by Coalfire and AWS.

In today's podcast, out later this afternoon, we speak with Joe Carrigan from our partners at the Johns Hopkins University Information Security Institute on USB device encryption and best practices. Our guest is Mike Kijewski from MedCrypt, who discusses security for new and legacy medical devices.

And don't forget that Research Saturday will be up tomorrow. In this week's episode, "Elfin APT group targets Middle East energy sector," we hear from researchers at Symantec who've been tracking an espionage group known as Elfin that has targeted dozens of organizations over the past three years, primarily focusing on Saudi Arabia and the United States. Alan Neville is a principal threat intelligence analyst at Symantec, and he joins us to share their findings.

DreamPort Event: Tech Talk Series: How DevOps and Automation Can Accelerate Warfighting Readiness (Columbia, Maryland, United States, June 19, 2019) Come hear NetApp's own DevOps journey and lessons learned and see how NetApp has equipped large enterprises to change fast and manage risk, with its deep integration with DevOps tools. In this interactive demonstration and discussion, NetApp will guide conversation towards a DevSecOps vision that can be realized immediately with capabilities that are available today to Defense Department developers.

DreamPort Event: RPE- 006: The Defense at Pemberton Mill (Columbia, Maryland, United States, June 21, 2019) DreamPort, in conjunction with the Maryland Innovation & Security Institute and USCYBERCOM is hosting RPE -006: The Defense at Pemberton Mill. For this event, we'll be looking for solutions that monitor a fictitious network for vulnerabilities and detect attacks in progress. We want participants to bring solutions for monitoring both information technology (IT) and operational technology (OT) networks both in live (with network taps) and offline (PCAP) mode. This event is June 21.

Wicked6 Cyber Games (Las Vegas, Nevada, United States, August 6, 2019) Wicked6 is a fundraiser and cybersecurity exhibition in a thrilling esports arena in Las Vegas on August 8, 2019. It’s a week when cybersecurity leaders from around the world come to Las Vegas, and all are welcome to come by to experience this exciting and unique cyber competition as a player, sponsor, or avid fan. Wicked6 will raise funds for the Women’s Society of Cyberjutsu, a national 501(c)(3) nonprofit that promotes training, mentoring and more to advance women and girls in cybersecurity careers.

Cyber Attacks, Threats, and Vulnerabilities

Tenable Research Discovered a Download Hijack Vulnerability in Slack (Tenable®) Slack issues update but bad actors could have leveraged the flaw for corporate espionage or file manipulation Tenable®, Inc., the Cyber Exposure company, today announced that its research team discovered a vulnerability in the Slack Desktop Application for Windows that could have allowed an attacker to alter where a victim’s files are stored when the documents are downloaded within Slack.

Unsecured Survey Database Exposes Info of 8 Million People (BleepingComputer) An unsecured database has exposed the personal information of 8 million people from the U.S. who participated in online surveys, sweepstakes, and requests for free product samples.

Stack Overflow says hackers breached production systems (ZDNet) Stack Overflow said it detected a security breach over the weekend.

Intel MDS attack mitigation: An overview (Help Net Security) To remove or mitigate the danger MDS attacks present to users, the affected systems should get a microcode (firmware) update and a software update.

Supply Chain Attack Hits Best of the Web Website (Infosecurity Magazine) Best of the Web's seal was injected with keyloggers and more than 100 websites are still linked to it.

Bots Tampering with TLS to Avoid Detection (Akamai) Researchers at Akamai observed attackers using a novel approach for evading detection. This new technique - which we call Cipher Stunting - has become a growing threat, with its roots tracing back to early-2018. By using advanced methods, attackers are...

Hackers abuse ASUS cloud service to install backdoor on users’ PCs (Ars Technica) Computer-maker's WebStorage software tied to malware attack from the BlackTech Group.

Schneider Electric Modicon Controllers (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 5.4ATTENTION: Exploitable remotely/low skill level to exploitVendor: Schneider ElectricEquipment: Modicon M580, Modicon M340, Modicon Premium, and Modicon QuantumVulnerability: Use of Insufficiently Random Values2. RISK EVALUATIONSuccessful exploitation of this vulnerability could allow an attacker to hijack TCP connections or cause information

Fuji Electric Alpha7 PC Loader (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 3.3ATTENTION: Low skill level to exploitVendor: Fuji ElectricEquipment: Alpha7 PC LoaderVulnerability: Out-of-bounds Read2. RISK EVALUATIONSuccessful exploitation of this vulnerability could crash the device.3. TECHNICAL DETAILS3.1 AFFECTED PRODUCTSThe following versions of Alpha7 PC Loader, a motor controller, are affected:

What happens during a cyberattack on critical infrastructure? (PublicTechnology.net) A participant in cyber defence exercise run by NATO’s Allied Command Transformation analyses real-time threat information

SECURITY: Documents reveal DOE struggles in hacking whodunits (E&E News) The Department of Energy, home to the nation's nuclear stockpile and national labs, is fighting a growing number of hackers and cyber scammers, according to documents obtained by E&E News.

Red Cross website hacked in latest Singapore cyber attack (Phys.org) The Singapore Red Cross said Thursday its website had been hacked and the personal data of more than 4,000 potential blood donors compromised in the latest cyber attack on the city-state.

Forbes Site Up, Then Down Again after Magecart Attack (Infosecurity Magazine) Forbes.com was hit with credit card skimming malware.

Weaponized Documents: It’s Just a Matter of Time Before One is Opened (Security Boulevard) Protecting the enterprise from today’s increasingly sophisticated threats such as fileless documents and PDF ... The post Weaponized Documents: It’s Just a Matter of Time Before One is Opened appeared first on SlashNext.

Facebook Bans Israeli Entity For Creating Fake Accounts (BleepingComputer) Facebook announced that today it removed 265 Facebook and Instagram accounts, Facebook Pages, Groups and events for fake behavior originating from Israeli commercial entity Archimedes Group.

Exclusive: Canadian security agencies alarmed by gaps in parties'... (Reuters) Canadian security services are sounding the alarm about what they see as a poten...

Cyber-enabled election interference occurs in one-fifth of democracies (The Strategist) Cyber-enabled election interference has already changed the course of history. Whether or not the Russian interference campaign during the US 2016 federal election was enough to swing the result, the discovery and investigation of the ...

The Metro Bank hoax shows the immense power of fake news on WhatsApp (WIRED UK) Metro Banks' shares have slumped this year. Rumours being shared on WhatsApp haven't helped as customers attempted to remove from money their accounts

Fake news brought a British bank to its knees. How will we curb 'alternative facts' in the UK? (The Telegraph) It is rapidly becoming India’s next public health crisis.

Social Media Warriors: Leveraging a New Battlespace (Modern War Institute) While there is nothing new about the idea of waging political and …

Information Warfare Is Here To Stay (Foreign Affairs) States have always fought for the means of communication.

Disinfo Wars (Medium) A taxonomy of information warfare

Office 365 user security practices are woeful, yet it's still 'Microsoft's fault' when an org is breached (Register) As soon as defences are sold as a product, hygiene suffers

Baltimore creates cybersecurity review panel following ransomware attack (TheHill) Baltimore City Council President Brandon Scott announced the creation of a Committee on Cybersecurity and Emergency Preparedness on Thursday, as the city works to restore the systems taken down by a debilitating ransomware attack last week.

Security Patches, Mitigations, and Software Updates

Apple says these Macs may not be patched for future vulnerabilities similar to 'ZombieLoad' (AppleInsider) Several pre-2011 Macs could still be vulnerable to "ZombieLoad"-like security exploits, and Apple can't fix that because Intel won't release the necessary microcode updates.

Cyber Trends

Record level of vulnerabilities sparks cybersecurity innovation among global enterprises (PR Newswire) Dimension Data, the USD 8 billion global technology integrator and managed services provider for hybrid IT, has revealed ...

Vulnerabilities disclosed during the first three months of 2019 reach a Q1 all-time high (Risk Based Security) There were 5,501 vulnerabilities aggregated by Risk Based Security’s VulnDB that were disclosed during the first three months of 2019.

UK Fraud Complaints Surge 40% (Infosecurity Magazine) UK Fraud Complaints Surge 40%. APP fraud drives major losses for consumers

Angry Birds and the end of privacy (Vox) (Quartz) Seemingly simple mobile games made us all way too comfortable with giving away our personal information.

Identity theft victims could lead us to accept more security-improving friction (Help Net Security) Dealing with identity theft can be a burden. Those who have never been victims don't understand how devastating it can be for the victims.

The most stressful aspects of being a cybersecurity professional (CSO Online) Keeping up with IT, educating users, and working with the business top the list of the most stressful things of being a cybersecurity professional.

UK consumers want businesses to do more to protect their data (BetaNews) Protecting your digital footprint is growing more important and the results from a survey of 2,000 UK adults by Kaspersky Lab finds that people believe there is not enough business or state protection currently in place to defend it.

Marketplace

Why security needs to be involved early during mergers and acquisitions (CSO Online) M&A security can often be overlooked during deal making, leading to potential incidents down the line. Here's how UK newspaper Racing Post dealt with three acquisitions in three years, each with its own security requirements.

HP Enterprise Nears Deal to Buy Supercomputer Pioneer Cray (Bloomberg) Cray has market capitalization of about $1.2 billion. Purchase set to be HPE’s biggest since it was formed in 2015

The District plans to slash a popular tax incentive. But a much broader battle could be ahead. (Washington Business Journal) Yelp Inc.'s decision to establish a hub in the District was supported by D.C.'s Qualified-High Tech Company program, which would be cut under D.C. Council's proposed budget for 2020.

Leading API Security Platform, 42Crunch, Launches Partner Network, Signs Up New Resellers (Benzinga) Today at the European Identity & Cloud Conference (EIC) 2019, API security leader and creator of the industry's first API Firewall -...

This Air Force Veteran Built the Kind of Company She'd Want to Work For. It All Started With a Chili Dog (Inc.com) Air Force veteran Angie Lienert built her high-flying business around a great culture--after a chili dog changed her life.

Peter Thiel's stealth start-up Palantir has unlocked a new opportunity to sell to the US military as revenue tops $1 billion (CNBC) Palantir had a huge year, breaking through a government contract barrier that had held it back from lucrative Pentagon deals until now.

Macquarie Bank hiring those with fine arts degrees to help thwart cybercrime (ZDNet) The bank's CEO says it's also important for the industry, regulators, and government to combine powers to successfully counter cyber risks.

Cybersecurity firm awarded $75K grant to expand in Plainfield Township (Michigan Live) Vulnerability Discovery & Analysis Labs has opened its first headquarters at 5234 Plainfield Ave. NE

Products, Services, and Solutions

Akamai Enterprise Defender Simplifies Journey to Zero Trust for Businesses (Yahoo) New offering provides secure app access, malware prevention, application security and acceleration in a single solution CAMBRIDGE, Mass. , May 16, 2019 /PRNewswire/ -- Akamai (NASDAQ: AKAM), the intelligent ...

DataWalk And ShadowDragon Team To Enhance Investigative Capabilities (PR Newswire) DataWalk and ShadowDragon have formed a strategic technical alliance to facilitate more complete and...

New Product Bundle from Ping Identity Accelerates Cloud MFA and SSO Adoption for Enterprises (AP NEWS) Ping Identity, the leader in Identity Defined Security, today announced a cloud-based multi-factor authentication (MFA) and single sign-on (SSO) bundle, delivering security from identity-based attacks. Available today for a free 30-day trial, customers can protect applications, data and employees from pervasive security threats centered around phishing attacks, stolen credentials, and more.

Venafi and GlobalSign Partner to Expand Machine Identity Protection in DevOps Environments (BusinessWire) New integration offers automated PKI certificate management and addresses DevOps challenges

ExtraHop Joins IBM Security App Exchange Community (Yahoo) ExtraHop for IBM QRadar part of collaborative development to stay ahead of evolving threats

QuintessenceLabs to Provide Ongoing Support for RSA Data Protection Manager Software as Well as Migration Options (Yahoo) QuintessenceLabs has announced a partnership to allow customers of RSA® Data Protection Manager software (DPM) to receive extended support beyond the RSA DPM End-Of-Life date of September 30, 2019. As part of this agreement, QuintessenceLabs will provide the same level of enterprise-class support

Google Starts Tracking Zero-Days Exploited in the Wild (SecurityWeek) Google Project Zero has started tracking zero-day vulnerabilities exploited in the wild. A spreadsheet currently lists over 100 flaws seen since 2014.

New infosec products of the week: May 17, 2019 (Help Net Security) News infosec products of the week include releases from the following vendors: Alcide, Hysolate, Keysight Technologies, LogRhythm and Trend Micro.

Technologies, Techniques, and Standards

How machine learning can help prevent cyber attacks (Built In) Cyber threats continue to multiply. Is machine learning the key to preventing and repelling them?

You Can’t Defeat Tomorrow’s Terrorists by Fighting Yesterday’s Enemy (Foreign Policy) Countries from Sri Lanka and Israel to the United States and Norway have failed to prevent attacks because their intelligence agencies were fixated on the…

3 lessons the healthcare industry could learn from the intelligence community (FierceHealthcare) The intelligence community may offer healthcare leaders a better model for handling big data than the titans of tech.

Cyber Workforce Needs Continuous Education (SIGNAL Magazine) A cyber career requires curiosity and an ability to adapt.

Dashboards Don't Manage Risk – Difficult, Data-Driven Conversations Do (Infosecurity Magazine) Achieving risk management goals will not improve your risk posture

Cyber Command is decoding how to best (re)organize teams (Fifth Domain) The command is applying lessons learned to be more effective and sustain readiness.

Design and Innovation

JASK Applies Science Fiction, Gaming and Latest Design Principles to First-of-its-kind Heads Up Display for the SOC (BusinessWire) JASK unveiled a first-of-its-kind Heads Up Display (HUD) for security operations centers (SOCs) based on cutting-edge scientific design principles.

Legislation, Policy, and Regulation

Trump tries to tamp down talk of war with Iran (Military Times) President Donald Trump said Thursday that he hopes the U.S. is not on a path to war with Iran amid fears that his two most hawkish advisers could be angling for such a conflict with the Islamic Republic.

Trump curbs hawks rushing towards conflict with Iran (Times) President Trump summoned the Swiss president to the White House yesterday to ask him to open a communications channel with Iran amid fears that hawkish senior advisers were leading the United...

Hunt backs Washington over Iran threat (Times) Jeremy Hunt declared yesterday that Britain and the US share “the same assessment of the heightened threat posed by Iran” following a public rift over the issue. The foreign secretary said London...

Hardliners target Iran's president as U.S. pressure grows (Reuters) Growing U.S. pressure on Iran has weakened pragmatic President Hassan Rouhani an...

Top Trump administration officials update Congress on Iran as lawmakers’ frustration grows (Washington Post) Democrats and many Republicans want clarity on the intelligence that has informed what some see as dramatic escalations by administration.

More Democrats Accuse Trump of Inflating Iran Intelligence (Foreign Policy) A new congressional letter raises fears of stumbling into war.

On Iran, Justified US Fury Without an Endgame (Atlantic Council) We’ve been here before. The Trump administration, like every US administration since Jimmy Carter was president, is dealing with a hostile Iran bent on undermining US and regional security interests across the Middle East and beyond. We had a brief...

Trump administration cracks down on giant Chinese tech firm, escalating clash with Beijing (Washington Post) The president also signed an executive order to protect U.S. networks from foreign espionage, a move that appears to target China.

Donald Trump declares national emergency over cyber threats against U.S. (CISO MAG) The executive order does not name any company, but it’s believed that the move is expected to precede a ban on U.S. firms doing business with Huawei.

Dial 911: Trump’s Telecommunications National Emergency (Atlantic Council) US President Donald J. Trump on May 15 declared a “national emergency” that gives his administration the power to prevent US companies from doing business with foreign suppliers, including, potentially, Chinese telecommunications giant Huawei. The...

How other countries are responding to Trump's Huawei threat (the Guardian) The US threatens allies with a ban on intelligence sharing for using Chinese 5G equipment

Huawei poses security threat to UK, says former MI6 chief (the Guardian) Report calling for 5G ban in UK comes as Netherlands said to be investigating Huawei espionage

Britain may have to follow US with restrictions against Huawei (Times) The US administration’s plan to restrict American companies from selling products to Huawei could compel Britain to levy the same restrictions on UK businesses, the government was told yesterday.

Huawei Threat Poses Grave Risk To Trade Deal (Podcast) (Bloomberg) Meredith Sumpter, Research Strategy & Operations Head at Eurasia Group, on how U.S threats against Huawei pose a grave risk to the company and to a trade truce.

Macron says it is not France's aim to block Huawei (Reuters) French President Emmanuel Macron said it was not the aim of France to block Huaw...

China criticizes US action against Huawei (AP NEWS) China vowed Thursday to "resolutely safeguard" Chinese companies after Washington labeled telecom equipment giant Huawei a security risk and imposed export curbs on U.S. technology...

Huawei blasts report questioning its security as Dutch authorities open investigation into espionage claims (Computing) Huawei supplies surveillance technology to China's government in Xinjiang, where one million people are interned for 're-education'

This is why there's been a decade-long disconnect between Huawei and the US, and it's unlikely to be fixed soon (CNBC) The U.S. has insisted Huawei and its equipment are pervasively unsafe. Huawei has long requested the chance to prove its equipment is safe.

Trump’s Huawei sanctions underscore U.S. dependency on China tech (Washington Post) We are about to find out just how heavily U.S. tech firms depend on this banned Chinese manufacturer.

Commerce Dept. bans Huawei, 70 affiliates from sourcing U.S. components (FierceWireless) The move comes one day after U.S. President Donald Trump declared a national emergency in relation to telecom equipment.

Silicon Valley Will Feel Sting of Export Restrictions Against Huawei (Wall Street Journal) The Commerce Department’s move to scrutinize U.S. exports to Huawei threatens to limit the Chinese company’s access to U.S.-made chips and other parts for its smartphones and 5G.

Trump Order Restricting Huawei Sharpens U.S. Lawmakers’ Focus on China (Bloomberg) Committee announces new ‘deep dive’ on Chinese tech maneuvers. Dems too absorbed by Russia-collusion claims, says Republican.

Rep. Harley Rouda introduces Bipartisan House Bill to Protect Rail and Bus Manufacturing from Chinese Threats (Representative Harley Rouda) Today Rep. Harley Rouda (D-CA), along with a bipartisan group of lawmakers, Reps. Rick Crawford (R-AR), Scott Perry (R-PA), Kay Granger (R-TX), Tim Ryan (D-OH), Eleanor Holmes Norton (D-DC), Randy Weber (R-TX), and John Garamendi (D-CA) introduced the Transportation Infrastructure Vehicle Security Act, a bill combatting Chinese efforts to undermine the U.S. economy and national security.

How Congress should tackle the Russian national security threat (TheHill) It is time for lawmakers to set aside politics and take aim at foreign meddling in our elections.

European telcos want the right to perform "deep packet inspection" on our data (Boing Boing) European telcos want the right to perform "deep packet inspection" on our data

The False Promise of “Lawful Access” to Private Data (WIRED) Opinion: As online extremism migrates to real-world violence, some suggest letting law enforcement intercept encrypted messages. But that’s a dangerous proposition.

Senate Dems introduce election security bill requiring paper ballots (TheHill) Sen. Ron Wyden (D-Ore.) and a group of 12 other senators introduced a bill Wednesday to mandate the use of paper ballots in U.S.

Senate panel approves bill enhancing DHS' ability to share threat intelligence with private sector (Inside Cybersecurity) The Senate Homeland Security Committee approved two bipartisan bills that would establish a structure for intelligence officials at the Department of Homeland Security to share information about cybersecurity threats with the private sector, and provide counterintelligence training for federal procurement officials to mitigate such threats.

The FCC's Plan to Stop Robocalls Sounds Awfully Familiar (WIRED) FCC chair Ajit Pai has proposed a set of rules to combat robocalls. Don't get your hopes up quite yet.

Cyber Workforce Exec Order: Right Question, Wrong Answer (Dark Reading) Shuffling resources, adding administrative process, and creating a competition and incentive system will do little to grow and mature the talent we need to meet the cybersecurity challenges we face.

Cyber Experts Call for More Collaboration, Training (Air Force Magazine) A new provision of the 2019 NDAA clears the way for fully fledged joint operations in cyberspace involving both military personnel and those from civilian agencies like the Department of Homeland Security, officials said Thursday.

Litigation, Investigation, and Law Enforcement

Dutch Spies Investigate Huawei 'Links To Chinese Espionage' From 'Hidden Backdoor' (Forbes) AIVD, the Dutch spy agency is investigating an alleged hidden back door in Huawei telecoms equipment, sources say they are also looking at links to Chinese espionage. Coming a day after President Trump signed his executive order, a bad week for Huawei just got a lot worse.

Secret tracking device found in Navy email to Navy Times amid leak investigation raises legal, ethical questions (Military Times) It appears that the Navy sought to secretly extract data from the Navy Times computer network.

What ‘arrest’ means for the Canadians detained in China — and the epic battle over Huawei  (Washington Post) The move signals the start of a lengthy legal process that could deepen the U.S.-China dispute.

Rights Group Win Allows Courts to Scrutinize Spy Agencies (Infosecurity Magazine) Rights Group Win Allows Courts to Scrutinize Spy Agencies. Supreme Court ruling means decisions made by secret tribunal aren’t final

Global Takedown Shows the Anatomy of a Modern Cybercriminal Supply Chain (WIRED) Charges against 10 men across Eastern Europe associated with the Goznym malware crew reveal global law enforcement's reach—and its limits.

Feds Target $100M ‘GozNym’ Cybercrime Network (KrebsOnSecurity) Law enforcement agencies in the United States and Europe today unsealed charges against 11 alleged members of the GozNym malware network, an international cybercriminal syndicate suspected of stealing $100 million from more than 41,000 victims with the help of a stealthy banking trojan by the same name.

GozNym Cybercrime Group Behind $100 Million Damages Dismantled (BleepingComputer) Ten members of the GozNym cybercriminal group which used the Avalanche malware distribution network to launch malware attacks against businesses and financial institutions were indicted today for computer fraud conspiracy, wire and bank fraud conspiracy, and money laundering.

Hacking forums survive cybercrime dragnet as feds prioritize drug-market busts (CyberScoop) It might be more difficult these days to conduct an anonymous drug deal on the dark web, but not every online criminal enterprise is feeling the pinch of international law enforcement.

GDPR: Europe Counts 65,000 Data Breach Notifications So Far (BankInfoSecurity) European privacy authorities have received nearly 65,000 data breach notifications since the EU's General Data Protection Regulation went into full effect in May

Opinion | Bull Durham at Justice (Wall Street Journal) Bill Barr’s latest appointment reminds us how the department should operate.

Nellie Ohr deleted emails sent from husband's DOJ account (Washington Examiner) Nellie Ohr, the wife of Justice Department official Bruce Ohr, told her husband she was deleting emails sent from his government account.

Chelsea Manning sent back to jail for refusing to testify in Wikileaks investigation (Army Times) Former Army intelligence analyst Chelsea Manning was ordered back to jail Thursday for refusing to testify to a grand jury, even after telling a judge she’d rather “starve to death” than cooperate with prosecutors.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Cybertech Midwest 2019 (Indianapolis, Indiana, USA, April 24 - July 25, 2019) Cybertech is the cyber industry’s foremost B2B networking platform featuring cutting-edge content by top executives, government officials, and leading decision-makers from the world of cyber. Our Cybertech...

NAWC Cybersecurity Symposium (Washington, DC, USA, May 21, 2019) The National Association of Water Companies (NAWC) will hold its inaugural 2019 NAWC Cybersecurity Symposium on Tuesday, May 21, 2019 at the Army-Navy Club in Washington, D.C. The day-long event will bring...

Kansas City CyberSecurity Conference (Kansas City, Missouri, USA, May 22, 2019) Join us to interact with CISOs & Senior Level Executives who have effectively mitigated the risk of Cyber Attacks. The keynote at Kansas City will be delivered by John Dickson, Principal, Denim Group Ltd,,...

2019 Georgetown Cybersecurity Law Institute (Washington, DC, USA, May 22 - 23, 2019) It is more important than ever that in-house and outside counsel stay abreast of the most current developments and best practices in cybersecurity.Those lawyers who ignore cyber threats are risking millions...

SecureWorld Atlanta (Atlanta, Georgia, USA, May 29 - 30, 2019) Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.