skip navigation

More signal. Less noise.

Get your copy of the definitive guide to threat intelligence.

We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.

Daily briefing.

Twitter yesterday said it's sorry personal information submitted when setting up multi-factor authentication "may have inadvertently been used for advertising purposes." Phone numbers and email addresses were made available to Twitter's Tailored Audiences and Partner Audiences advertising system. The company says it's introduced reforms to keep this from happening again, but security experts have received the disclosure coldly. Twitter's denial that "personal data was ever shared externally with our partners or any other third parties" seems ambiguous, but "externally" seems the operative word. Twitter apparently used the multi-factor authentication data to match users with advertisers' databases, the better to enable Twitter's customers (that is, advertisers) to target their pitches. Twitter's legal exposure is unclear. The Register says the US Federal Trade Commission declined to comment, but, as the Washington Post points out, the FTC fined Facebook over similar practices.

Kaspersky is following Reductor, a remote access Trojan that also manipulates certificates and marks outbound TLS traffic. The campaign affects Chrome and Firefox browsers, may have compromised ISPs, and is tentatively attributed to the Russian threat actor Turla. The victims appear confined to Russia and Belarus.

The US Senate Intelligence Committee has issued the second volume of its report, "Russian Active Measures Campaigns and Interference in the 2016 U.S. Election." It finds that Russian social media operations were overwhelmingly concerned with race, and that activity increased after Election Day.

Patch Tuesday was relatively light. Microsoft issued sixty fixes, nine of which were rated "critical," Help Net Security summarizes. Adobe didn't peep.


Today's issue includes events affecting Australia, Belarus, Canada, China, Estonia, France, Israel, Latvia, Lithuania, Russia, United States, and Venezuela.

Bring your own context.

Heard about those lightning cables that have their own built-in Wi-Fi access point?

"This is a lightning cable. It looks like a lightning cable. It acts like lightning cable. It does everything a lightning cable does. But it also has a Wi-Fi access point built into it. I mean, that's one of the benefits, I guess, of miniaturization, is we can now build a - essentially, a USB cable that is capable of running a Wi-Fi hotspot on it as well."

Joe Carrigan, of the Johns Hopkins University Information Security Institute, on the CyberWire Daily Podcast, 10.7.19.

These aren't being manufactured and sold surreptitiously. But if you don't want your lightning cable reporting back to...wherever such things report...maybe buy the cable from the Apple Store.

Federal cloud market projected for major growth.

According to Coalfire’s latest report on FedRAMP, U.S. agencies spent $6.5B in cloud services in FY2018, an impressive 32 percent year-over-year increase, with the vast majority of Federal cloud migration still to come. SaaS/PaaS/IaaS providers can gain access to this market with significantly less investment in both time and cost by taking advantage of automation and recent FedRAMP program updates. Learn how.

In today's Daily Podcast, out later this afternoon, we speak with our partners at the University of Maryland's Center for Health and Homeland Security, as Ben Yelin discusses a DARPA program exploring the possibility of using predictive technology to identify dangerous individuals. Our guest is Neill Sciarrone from Trinity Cyber, discussing her career and the importance of attracting women to cyber.

Cyber Security Summits: October 3 in NYC and October 17 in Scottsdale (New York City, New York, United States, October 3, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The U.S. Department of Justice, The FBI, Google, IBM, Darktrace, Center for Internet Security and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Your full day’s attendance will earn you 6 CEUs. Passes are limited, secure yours today:

Texas Cyber Summit Job Fair, October 10, San Antonio. (San Antonio, Texas, United States, October 10, 2019) Cleared and non-cleared cybersecurity pros make your next career move at the free Texas Cyber Summit Job Fair, October 10 in San Antonio. Meet face-to-face with leading cyber employers. Visit ClearedJobs.Net or for more details.

The 6th Annual Journal of Law and Cyber Warfare Symposium (New York, NY, United States, October 17, 2019) The 6th Annual Cyber Warfare Symposium features discussions around emerging cybersecurity issues, focusing on cyber warfare and how companies can respond to cyber-attacks. Use discount code CyberWire50 for 50% off. Email for a chance to receive a complimentary ticket.

IMAGINE, A MISI salon-style bespoke dinner event (Columbia, Maryland, United States, November 1, 2019) IMAGINE a world where more young women can see themselves in the faces of the legendary women of science & technology – and say, "Yes I can!" The event on November 1 is a fundraiser in support of the region's unique and inclusive STEM program and will be held at the DreamPort Facility in Columbia Maryland. While its focus is on the under-represented young women, young men are also included in MISI's STEM programs.

NXTWORK 2019 (Las Vegas, Nevada, United States, November 11 - 13, 2019) Join us at NXTWORK 2019 to learn, share, and collaborate with GameChangers from companies across the networking industry. This year’s event features keynotes from Juniper executives, as well as special guest speaker Earvin “Magic” Johnson, along with 40+ breakouts and master classes led by Distinguished Engineers, as well as various opportunities for certification testing and training.

Cyber Attacks, Threats, and Vulnerabilities

Group said to be behind attempted campaign hack has also gone after cybersecurity researchers (CyberScoop) An Iran-linked hacking group that targeted a U.S. presidential campaign in recent months also has a history of trying to compromise cybersecurity analysts who have exposed the hackers’ operations, the analysts told CyberScoop.

Credit Info Exposed in TransUnion Data Security Incident (BleepingComputer) Using a credential stuffing attack, an unauthorized person was able to gain access to a TransUnion Canada web portal and use it to pull consumer credit files.

Hackers breach Volusion and start collecting card details from thousands of sites (ZDNet) More than 6,500 stores have been compromised, but the number could be around 20,000.

Webroot Finds Windows® 7 is Becoming Even Riskier, Infections up by 71% (PR Newswire) Webroot, a Carbonite (NASDAQ: CARB) company, shared the results of its Webroot® Threat Report: Mid-Year Update,...

Phishing attempts increase 400%, many malicious URLs found on trusted domains (Help Net Security) The Webroot report quantifies cybercriminals’ increased use of trusted domains, the growth and expansion of phishing, and Windows 7 infections.

One Identity Global Survey Reveals “Pass the Hash” Attack Prevalence, Impact and Uncertainty, Highlighting the Need for Privileged Access and Active Directory Management Best Practices (West) One Identity, a proven leader in identity-centered security, today released new global research revealing the significant prevalence and impact of cyberattacks that use stolen hashed administrator credentials, also referred to as Pass the Hash (PtH) attacks, within businesses today.

Hackers found tracking web traffic of Chrome and Firefox browsers (HackRead) Two user favorite browsers are commonly known to be Google Chrome and Mozilla Firefox. Exploiting their demand, a Russian group by the handle of Turla has been attempting to track encrypted traffic of both browsers.

Chrome and Firefox hit by encyption-busting malware – what you need to know (TechRadar) Kaspersky's researchers called it 'impressive'

COMpfun successor Reductor infects files on the fly to compromise TLS traffic (SecureList) In April 2019, we discovered new malware that compromises encrypted web communications in an impressive way. We called these new modules ‘Reductor’ after a .pdb path left in some samples.

Majority of IT departments leave major holes in their USB drive security (Help Net Security) Even though 87% of organizations use USB drives, the majority of IT departments aren’t implementing tools to manage USB device usage risk.

Round Rock ISD included in third-party data breach (FOX 7 Austin) The breach impacted 13,000 school districts and universities in the U.S., including Round Rock ISD. The district says they are checking with Pearson to see how many other districts in Texas were impacted.

Governments, police, hospitals held hostage by hackers (KYMA) The attack starts, innocently enough, with an email. But when someone clicks the link inside, hackers quickly take over.

Hacked Programmer Retaliates By Hacking Hackers Who Hacked Him (Fossbytes) Germany-based programmer Tobias Fromel was affected by Muhstik ransomware released around 3,000 decryption keys as well as the free decryptor software which he acquired by hacking the hacker behind the ransomware.

France says hackers might go after supply chains after Airbus cyber assault (The Next Web) France has issued a new cyber threat advisory about targeted espionage operations directed at service providers and engineering firms.

Campagne de récupération d’identifiants de connexion : infrastructure malveillante ciblant des institutions gouvernementales et des entités stratégiques (CERT-FR) Au cours d’investigations et avec la coopération de plusieurs partenaires, l’ANSSI a découvert plusieurs infrastructures malveillantes, incluant des noms de domaine, des sous domaines et des adresses courriel, utilisées dans une large campagne d’attaque dont les premières activités observées remontent à 2017.

Siemens CP, SIMATIC, SIMOCODE, SINAMICS, SITOP, and TIM (Update D) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: CP, SIMATIC, SIMOCODE, SINAMICS, SITOP, and TIM Vulnerability: Out-of-bounds Read 2.

Siemens devices using the PROFINET Discovery and Configuration Protocol (Update P) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit. Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol (DCP) Vulnerabilities: Improper Input Validation 2.

Siemens Industrial Products (Update N) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: Siemens Equipment: Industrial Products Vulnerability: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-17-339-01 Siemens Industrial Products (Update M) published March 12, 2019, on the ICS webpage on

Siemens SIMATIC, SINUMERIK, and PROFINET IO (Update D) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable from an adjacent network Vendor: Siemens Equipment: SIMATIC, SINUMERIK, and PROFINET IO Vulnerability: Improper Input Validation 2.

Siemens Industrial Products (Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Industrial Products Vulnerabilities: Integer Overflow or Wraparound, Uncontrolled Resource Consumption 2.

BD Pyxis (Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Becton, Dickinson and Company (BD) Equipment: Pyxis Vulnerability: Session Fixation 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-19-248-01 BD Pyxis that was published September 5, 2019, on the ICS webpage on

Siemens SIMATIC IT UADM (CISA) 1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC IT Unified Architecture Discrete Manufacturing (UADM) Vulnerability: Inadequate Encryption Strength 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker to gain access to the TeamCenter station.

Siemens SIMATIC WinAC RTX (F) 2010 (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC WinAC RTX (F) 2010 Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform a denial-of-service attack that could compromise the availability of the service provided by the software.

GE Mark VIe Controller (CISA) 1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Low skill level to exploit Vendor: GE Equipment: Mark VIe Controller Vulnerabilities: Improper Authorization, Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to create read/write/execute commands within the Mark VIe control system.

SMA Solar Technology AG Sunny WebBox (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: SMA Solar Technology AG Equipment: Sunny WebBox Vulnerability: Cross-Site Request Forgery 2.

Security Patches, Mitigations, and Software Updates

Patch Tuesday Lowdown, October 2019 Edition (KrebsOnSecurity) On Tuesday Microsoft issued software updates to fix almost five dozen security problems in Windows and software designed to run on top of it.

October 2019 Patch Tuesday: A small batch of updates from Microsoft, none from Adobe (Help Net Security) October 2019 Patch Tuesday came with a relatively small number of Microsoft updates and, curiously enough, with no security updates from Adobe.

Google October Android Security Update Fixes Critical RCE Flaws (Threatpost) Google's October security update fixed several critical and high-severity vulnerabilities.

Google Patches Remote Code Execution Bugs in Android 10 (SecurityWeek) Google’s October 2019 security patches for Android address a total of 26 vulnerabilities, including a couple of remote code execution bugs impacting Android 10.

Signal immediately fixed FaceTime-style eavesdropping bug (Naked Security) Remember the FaceTime bug that allowed a caller to eavesdrop on your phone? Researchers just discovered another – this time in Signal.

Opera's stricter privacy controls could also speed up your web browsing (Engadget) Oh, and they'll limit site tracking, too.

[Official announcement] Realme X September security update hits units in India (Download link inside) - PiunikaWeb (PiunikaWeb) Realme X September security patch has started circulating in India. The new features include Digital Wellbeing and revamped notification icons.

Cyber Trends

2019 Threat Report Mid-Year Update (Webroot) Each year, we publish our annual report on the previous year’s cybersecurity trends. As an extension of that, the Mid-year Update offers a recap of the shifts and evolutions we’ve seen through the first half of the year, as well as in-depth analysis.

Thales Study: Organizations Worldwide Failing to Adequately Protect Sensitive Data in the Cloud (BusinessWire) A new global study from Thales, with research from the Ponemon Institute, has exposed an increasing disparity between the rapid growth of data stored

New LastPass Research Finds Password Habits Remain Key Obstacle to Business’ Security (LogMeIn Investor Relations) 3rd Annual Global Password Security Report shows widespread password reuse, despite increased investment in security tools like multifactor authentication

2019 Global Password Security Report (LastPass) Key Takeaways from the 3rd Annual ReportOther key insights include...

Despite Accelerating Adoption of DMARC, Less Than 10% of Enterprise Domains are Protected from Email Impersonation, Valimail Research Finds (BusinessWire) Valimail, the leading provider of identity-based anti-phishing solutions, today released its Summer 2019 Email Fraud Landscape Report, shedding light

Digital Transformation Puts Software Security Strategies in Limbo, Finds ZeroNorth Research (BusinessWire) Organizations agree, building security into digital transformation initiatives is a priority—yet the recommended path to progress is unclear.

EfficientIP and IDC Report Reveals: Financial services organizations suffer $1.3M cyber attacks (Benzinga) 88% of financial services organizations surveyed experienced DNS attacks in the past 12 months

NetDiligence Publishes Ninth Annual Cyber Claim Study (PR Newswire) NetDiligence®, a leading provider of cyber risk readiness and response services, announced today it has published...

The biggest lie tech people tell themselves — and the rest of us (Vox) They see facial recognition, smart diapers, and surveillance devices as inevitable evolutions. They’re not.

Research reveals negligent users as top cyber security threat to German organizations (Continuity Central) The international business continuity management news, jobs and information portal

US job seekers scrub their social media accounts to get success (ZDNet) Are you worried that your social media footprint will jeopardize your career? If so, you are not alone.


Blizzard Bans Gamer, Rescinds Money, on Hong Kong Protest Support (Bloomberg) Expressing sympathy for Hong Kong democracy push proves costly. Hearthstone player won’t be allowed to compete for a year.

The China Cultural Clash (Stratechery) The NBA controversy in China highlights a culture clash that both tech companies and the U.S. government need to take to heart. Plus, why Tiktok being Chinese is increasingly a problem.

Adobe to deactivate accounts for all Venezuelan users due to US sanctions (ZDNet) Because of the White House's sanctions, users aren't eligible for refunds either.

Microsoft, Intel Back Ethereum-Based Token to Reward Consortium Efforts (CoinDesk) The Enterprise Ethereum Alliance has created a token to incentivize firms to participate in consortiums. The system is backed by Microsoft and Intel.

VMware Completes Acquisition of Carbon Black (Yahoo) VMware, Inc. (VMW), a leading innovator in enterprise software, today announced it has completed its acquisition of Carbon Black, a leader in cloud-native endpoint protection, in an all-cash transaction for $26 per share, representing an enterprise value of $2.1 billion. “Carbon Black brings us an industry-leading

Facebook's digital currency faces further questions as Libra Association loses product chief (The Telegraph) A key figure at the organisation behind Facebook’s Libra cryptocurrency has left the group amid growing concerns over the project.

Facebook’s Libra cryptocurrency dealt blow by PayPal’s departure (Naked Security) PayPal abruptly announced that it was leaving the Libra Association.

Facebook underestimated Libra pushback - Loop (Seeking Alpha) Facebook (FB -0.8%) seems to have underestimated pressures in its attempt to launch its Libra digital currency initiative, Loop Capital says

Forcepoint Strengthens Global Partner Program to Dynamically Accelerate Adoption of Behavior-Centric Cybersecurity (Forcepoint) New Global System Integrators (GSI) Platinum and Accredited Services Partners (ASP) Programs ensure frictionless channel engagement for customers worldwide

Cyber Defense Magazine Announces Cyber Defense Global Awards Winners for 2019 (PRWeb) Today, Cyber Defense Magazine (CDM), the industry’s leading electronic information security magazine with its sister platform is ...

Speakers Censored at AISA Conference in Melbourne (Schneier on Security) Two speakers were censored at the Australian Information Security Association's annual conference this week in Melbourne.

AttackIQ Opening New Offices in Australia to Better Serve Partners in APAC (BusinessWire) AttackIQⓇ, the largest independent leader of the continuous security validation market, today announced its expansion into a new market with the openi

Marianne Brown, Financial Services Executive, Joins VMware Board of Directors (West) VMware, Inc. (NYSE: VMW), a leading innovator in enterprise software, today announced that Marianne Brown has been elected to the VMware board of directors.

Products, Services, and Solutions

Fugue Adopts Open Policy Agent (OPA) for its Policy-as-Code Framework for Cloud Security (Fugue) Fugue announced its support for Open Policy Agent (OPA), an open source general-purpose policy engine and language for cloud infrastructure. Fugue is leveraging OPA to provide customers with maximum flexibility when implementing their custom enterprise policies for cloud infrastructure.

New software release: Milestone Systems introduces centralized Search (Mynewsdesk) With the introduction of centralized Search in Milestone XProtect Smart Client, users will be able to perform investigations faster and more intelligently...

Versa Networks Achieves NSS Labs “Recommended” Rating for NGIPS - (Versa Network) Versa Networks Achieves NSS Labs “Recommended” Rating for NGIPS Versa Networks has achieved a highly coveted Recommended rating in the NSS Labs Next Generation Intrusion Prevention Systems (NGIPS) Group Test. NSS Labs, Inc. is a global leader and trusted source for independent, fact-based cybersecurity guidance. This NSS Labs report focuses on the main differentiators for … Continue reading "Versa Networks Achieves NSS Labs “Recommended” Rating for NGIPS"

KnowBe4 Launches New Multi-Factor Authentication Security Assessment Tool (Benzinga) Complimentary tool aimed to inform security professionals of vulnerabilities in MFA, authored by KnowBe4's Roger Grimes TAMPA BAY, Fla. (PRWEB) October 08, 2019 KnowBe4, the...

vArmour Announces Version 5 of its Application Controller with SDK and Security Graph Technology (West) Application Relationships Put On Center Spotlight to Help Organizations Intelligently Reduce Risk

Trend Micro and Snyk partner to deliver complete remediation to secure containers | Snyk (Snyk) We’re excited to announce a new strategic partnership with Trend Micro to help businesses quickly deliver secure applications. Trend Micro is well known

DeepCode boosts its intelligence and can now explain the reasons behind coding errors (Medium) At DeepCode, we’re always focused on discovering important software bugs and being a tool that can improve and even replace testing. To…

New Appdome Security Service Protects Mobile APIs Inside Android and iOS Apps (PR Newswire) Appdome, the mobile industry's first no-code mobile solutions platform, announced the immediate...

Privacy-first ClearPHONE with ClearOS Mobile Hits 50 Percent of Kickstarter Goal Within 12 Hours (PR Newswire) A nonprofit Clear company, ClearUnited, today surpassed the funding halfway point within just a few...

Technologies, Techniques, and Standards

ZeekWeek 2019: 5 Things Network Security Pros Should Know about Zeek (Bricata) As the annual ZeekWeek conference kicks off – here are 5 things network security professionals should know about Zeek.

Winning the security fight: Tips for organizations and CISOs (Help Net Security) Matthew Rosenquist, a former Cybersecurity Strategist for Intel (now independent), talks about overcoming denial of risk and defining clear goals.

Ethical hackers, a digital vaccine against cyber threats (EBU) Vaccinations are controlled, low impact measures that trigger significant improvements in an organism's defenses – and working with so-called 'ethical hackers' may be the digital equivalent for an organization. That's what Inti De Ceukelaire, a well-known ethical, or as white hat, hacker thinks. De Ceukelaire previousl...

DIA looks to data interoperability to combat misinformation (Federal News Network) DIA’s problem is not operating at speed, it’s operating at scale.

Legislation, Policy, and Regulation

U.S. agrees to help Baltic states bolster grid cybersecurity (CyberScoop) The United States on Sunday agreed to work more closely with three Baltic countries to protect their electric sectors from cyberattacks.

China plans to restrict visas for U.S. visitors with 'anti-China' links (WKZO) China is planning tighter visa restrictions for U.S. nationals with ties to anti-China groups, people with knowledge of the proposed curbs said, following similar U.S. restrictions on Chinese nationals, as relations between the countries sour. China's Ministry of Public Security has for months been working on ...

China's New Cybersecurity Program: NO Place to Hide (China Law Blog) The Chinese government has been working for several years on a comprehensive Internet security/surveillance program.  This program is based on the

Nationwide facial recognition ID program underway in France (Naked Security) It’s coming next month, in spite of a lawsuit and the data regulator’s protests about lack of consent, data security and privacy.

Telcos decry lack of consultation on new snoop powers (CRN Australia) Talks with US on access to locally-held data come as a surprise.

Bipartisan Senate report calls for sweeping effort to prevent Russian interference in 2020 election (Washington Post) The Senate Intelligence Committee said in blunt language that Russians worked to damage Democrat Hillary Clinton while bolstering Republican Donald Trump — and made clear that fresh rounds of interference are likely ahead of the 2020 vote.

Briefing: Senate Committee Wants Social Media Firms to Help Block Russian Hackers (The Information) The U.S. Senate Intelligence Committee is calling on social media platforms to work with each other, government agencies and law enforcement in a coordinated effort to block Russia and other foreign states from interfering in U.S. elections.The recommendation was one of several included in the committee’s second report on Russian interference in the U.S. election. The report warned that social media companies fail to consistently notify users exposed to fake accounts such as those used by Russian operatives during the 2016 election.It noted that activity in accounts associated with Russia’s election hacking effort have increased since 2016 by 238% on Instagram, 84% on YouTube, 59% on Facebook, 52% on Twitter. The report also recommended that Congress consider enacting legislation that would require social media companies to ensure Americans have information about the source of online political advertising, similar to the disclosures required for television and radio. 

House Democrats introduce new legislation to combat foreign election interference (TheHill) A group of House Democrats led by Administration Committee Chairwoman Zoe Lofgren (Calif.) on Tuesday introduced new legislation aimed at combating foreign efforts to interfere in U.S. elections.

Small businesses main focus of new cybersecurity rules (Fifth Domain) Forthcoming cybersecurity controls are designed to help the Department of Defense and small business work together to protect sensitive data based on tiers of systems.

California Privacy Law May Spur Data Breach Lawsuit Wave (Bloomberg Law) Companies doing business in California may face a heightened risk of litigation when the state’s new privacy law takes effect in January, litigation and privacy attorneys say.

INSIGHT: Cyber Wolves in CEOs’ Clothing—Business Leaders Thwart Privacy Efforts (Bloomberg Law) National data breach plaintiffs’ attorneys with DiCello Levitt take issue with a recent letter from 51 Business Roundtable CEOs about protecting data privacy. They say the CEOs are paying lip service to consumer privacy in the hopes Congress will quickly pass watered-down privacy legislation that shields them from any real accountability to consumers.

OPM to launch job rotation program for cyber reskilling academy graduates (Federal News Network) OPM is working with the Federal CIO Council to create a job rotation program for federal employees who went through the Federal Cybersecurity Reskilling Academy.

UK Ex-Spy Chief Reveals Big Tech Like Google, Facebook ‘Know More About Us’ Than MI5 (Sputnik News) The Cambridge Analytica scandal of early 2018, when it was revealed the personal data of millions of Facebook users had been harvested without their consent and used to target them with political advertising, sparked the outrage of users, lawmakers, privacy advocates, and media pundits.

Civil rights groups urge lawmakers to dissolve police partnerships with Ring (ZDNet) It has been reported that roughly 400 US police departments are collaborating with the smart doorbell firm.

Litigation, Investigation, and Law Enforcement

Top Secret Russian Unit Seeks to Destabilize Europe, Security Officials Say (New York Times) Known as Unit 29155, the group is skilled in subversion, sabotage and assassination and has only recently become known to Western intelligence agencies.

FBI’s Use of Surveillance Database Violated Americans’ Privacy Rights, Court Found (Wall Street Journal) Some of the FBI’s electronic surveillance activities violated the constitutional privacy rights of Americans swept up in a controversial foreign intelligence program, a surveillance court has ruled.

FBI’s Foreign Surveillance Program Violated Americans’ Civil Liberties, FISA Court Finds (National Review) The Foreign Intelligence Surveillance Court has ruled that an FBI program intended to target foreign suspects violated Americans’ privacy.

Senate Report: Russians Used Social Media Mostly To Target Race In 2016 ( The Russian government's efforts to interfere in the 2016 elections focused on African American audiences, according to a new bipartisan report.

Russian Active Measures Campaigns and Interference in the 2016 U.S. Election, Volume 2: Russia's Use of Social Media (Select Committee on Intelligence, United States Senate) In 2016, Russian operatives associated with the St. Petersburg-based Internet Research Agency (IRA) used social media to conduct an information warfare campaign designed to spread disinformation and societal division in the United States.

Twitter says it unintentionally misused user data for advertising (Axios) Users saw adds targeted based on email and phone numbers provided for security.

Twitter transgression proves why its flawed 2FA system is such a privacy trap (Ars Technica) Twitter 2FA is every bit as bad as critics said it was. Site signals a change is coming.

Twitter: No, really, we're very sorry we sold your security info for a boatload of cash (Register) That was just an unfortunate accident that ended up padding Jack's bank account

Twitter says phone numbers users provided for security were ‘inadvertently’ used for ad purposes (Washington Post) Twitter revealed Tuesday that it mishandled an unspecified number of users' email addresses and phone numbers, allowing that data to be used "inadvertently" for advertising purposes.

The Weather Channel mobile app is being sued for 'unfair and fraudulent' mining of user data (Business Insider) The city of Los Angeles has sued the Weather Channel mobile app claiming it misled users who agreed to share their location information.

Facebook denies Biden campaign's request to remove false Ukraine ad by Trump campaign (CNN) Facebook denied a request from Joe Biden's campaign to take down a video ad by President Donald Trump's reelection campaign that falsely accuses the former vice president of corruption for his role in Ukraine policy during the Obama administration.

Paris police attacker had top secret security clearance (The Irish Times) Islamist cleared for access to all computers in police prefecture’s directorate of intelligence

Yahoo To Compensate Users In US, Israel For Data Breach: Report ( If you live in the US or in Israel, had a Yahoo account between 2012 and 2016 and have got an email from Yahoo on the settlement claim over data breach, you could be eligible for $358 or more.

GPS tracker from stalked woman’s car led to indictment of 20 mobsters (Naked Security) Girlfriend found it, girlfriend popped it onto a city bus, gadget got found, multiyear investigation got launched, 20 got indicted.

Case 1:19-cr-00442-ILG Document 21 (United States Attorney Eastern District of New York (via the Register)) Dear Judge Scanlon: The government respectfully submits this letter in support of its motion for permanent orders of detention as to the defendants Joseph Amato, Daniel Capaldo, Thomas Scorcia, Joseph Amato Jr. and Anthony Silvestro. As set forth below, the defendants pose a danger to the community and should be detained pending trial.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Australian Cyber Conference 2019 (Melbourne, Victoria, Australia, October 7 - 9, 2019) The Australian Information Security Association (AISA) is the premier industry body for information security professionals in Australia. As a nationally recognised not-for-profit organisation, AISA champions...

CyberNext Summit (Washington, DC, USA, October 8 - 10, 2019) Cybersecurity is shifting toward more distributed and dynamic models. Decentralized security infrastructure brings its challenges and opportunities. CyberNext Summit (#CNS19) 8-10 October, 2019 in Washington...

Borderless Cyber (Washington, DC, USA, October 8 - 10, 2019) OASIS Borderless Cyber and The Integrated Adaptive Cyber Defense (IACD)'s Integrated Cyber merge conferences this year to bring you a three-day program addressing advances in automation and autonomous...

SecureWorld Dallas (Dallas, Texas, USA, October 9 - 10, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...

Jacksonville Cybersecurity Conference (Jacksonville, Florida, USA, October 10, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.