skip navigation

More signal. Less noise.

Free ICS Webinar: Threat Intelligence Explained, Examined & Exposed

Join Dragos and the CyberWire on October 22 to hear how threat intelligence can help your organization reduce risk by improving detection, response and prevention of critical infrastructure. We’ll share real world insights from hunting some of the most sophisticated threats and cover vulnerable assets that need protection. Register today.

Daily briefing.

Reuters reports that the US retaliated for Iranian kinetic strikes against Saudi oil facilities with cyberattacks against Iranian information operators.

China's Comac C919 airliner was built from industrial espionage, a report from CrowdStrike concludes. The complex operation was the work of Turbine Panda, a unit of the MSS Jiangsu Bureau, the Chinese intelligence service widely believed responsible for the 2015 breach of the US Office of Personnel Management. The campaign on behalf of Comac was long-running, patient, and multi-faceted, encompassing "forced technology transfer, joint ventures, physical theft of intellectual property from insiders, and cyber-enabled espionage."  

The C919 sports subsystems derived from the Franco-American CFM Leap-1 engine, and from suppliers that include Aircelle, Michelin, Honeywell, Liebherr, Parker Aerospace, GE, Rockwell Collins, Eaton, Crane AE, and Kidde. French, German, British, and especially American companies are among the involuntary contributors to the program.

Digital Shadows warns that typosquatting will prove a widespread and probably effective influence tactic in the 2020 US elections.

Flashpoint looks into the criminal-to-criminal market's pricing structure.

Pitney Bowes recovers from its ransomware infestation.

Wichita attorney Brad "the Bull" Pistonik has taken a guilty plea to three counts of being an accessory after the fact to "making an extortionate threat over the Internet," the Wichita Eagle reports. The misdemeanors will earn him no jail time, but he will pay a $375,000 fine and $55,200 in restitution. The incident arose from Mr. Pistonik's retention of reputation management services that allegedly threatened sites that had posted discreditable material about the accident attorney.


Today's issue includes events affecting Australia, China, Estonia, France, Germany, Iran, Israel, Democratic Peoples Republic of Korea, Kuwait, Saudi Arabia, Sweden, United Arab Emirates, United Kingdom, United States.

Bring your own context.

We inevitably deal with a lot of bad news around here. It's worth remembering that there's a good-news/bad-news asymmetry.

"Again, the goal is not to assign a blame, right? It's not a news story if you're preventing a breach for, like, 10 years in a row. But the one day that you slip up - right? - it's a major headline. So it's really asymmetrical. It's a hard problem. But in spite of that, there is a very, very valuable learning opportunity that we're not capitalizing on right now."

—Kumar Saurabh, co-founder and CEO of LogicHub, on the CyberWire Daily Podcast, 10.11.19.

It's tough to take your lumps, but it's important to learn and move on. Have a good after-action review.

Try cloud-native network detection and response for free!

ExtraHop Reveal(x) Cloud is SaaS-based NDR for AWS, giving you complete visibility, real-time detection, and automated threat response in the cloud. Request your free 30-day trial today.

In today's Daily Podcast, out later this afternoon, Justin Harvey from our partners at Accenture describes the way ESports are gaining popularity in cyber security.  Our guest is high-school junior Aashka, who helped plan the Raytheon Girl Scouts National Cyber Challenge.

The 6th Annual Journal of Law and Cyber Warfare Symposium (New York, NY, United States, October 17, 2019) The 6th Annual Cyber Warfare Symposium features discussions around emerging cybersecurity issues, focusing on cyber warfare and how companies can respond to cyber-attacks. Use discount code CyberWire50 for 50% off. Email for a chance to receive a complimentary ticket.

Industrial Control Systems (ICS) Cyber Security Conference (Atlanta, Georgia, United States, October 21 - 24, 2019) SecurityWeek’s ICS Cyber Security Conference is the conference where ICS users, ICS vendors, system security providers and government representatives meet to discuss the latest cyber-incidents, analyze their causes and cooperate on solutions. Since its first edition in 2002, the conference has attracted a continually rising interest as both the stakes of critical infrastructure protection and the distinctiveness of securing ICSs become increasingly apparent.

Georgetown University Programs in Cybersecurity Webinar (Online, October 29, 2019) We invite you to learn more about the Master's and Graduate Certificate in Cybersecurity Risk Management at Georgetown University. Our programs prepare you with hands-on practice developing and executing integrated strategies, policies, and safeguards to manage cybersecurity risks across an enterprise. Register for a free webinar on October 29 at noon ET to learn more.

IMAGINE, A MISI salon-style bespoke dinner event (Columbia, Maryland, United States, November 1, 2019) IMAGINE a world where more young women can see themselves in the faces of the legendary women of science & technology – and say, "Yes I can!" The event on November 1 is a fundraiser in support of the region's unique and inclusive STEM program and will be held at the DreamPort Facility in Columbia Maryland. While its focus is on the under-represented young women, young men are also included in MISI's STEM programs.

NXTWORK 2019 (Las Vegas, Nevada, United States, November 11 - 13, 2019) Join us at NXTWORK 2019 to learn, share, and collaborate with GameChangers from companies across the networking industry. This year’s event features keynotes from Juniper executives, as well as special guest speaker Earvin “Magic” Johnson, along with 40+ breakouts and master classes led by Distinguished Engineers, as well as various opportunities for certification testing and training.

Cyber Attacks, Threats, and Vulnerabilities

TA505 Distributes New SDBbot Remote Access Trojan with Get2 Downloader (Proofpoint US) Proofpoint researchers describe a new RAT being distributed by TA505 using a new downloader written in C++

New botnet nabs victims by sending 30,000 “sextortion” emails per hour (Fast Company) The botnet is capable of taking over email users’ accounts to bombard people with emails that threaten to publish personal sexual content on the web and social media unless they pay extortion money in the form of bitcoin.

“BriansClub” Hack Rescues 26M Stolen Cards (KrebsOnSecurity) “BriansClub,” one of the largest underground stores for buying stolen credit card data, has itself been hacked. The data stolen from BriansClub encompasses more than 26 million credit and debit card records taken from hacked online and brick-and-mortar retailers over the past four years, including almost eight million records uploaded to the shop in 2019 alone.

Apple says Tencent isn’t snooping on your browsing habits (Naked Security) Apple was quick to allay user concerns this weekend after someone spotted that it was working with Chinese company Tencent to check its users’ website requests for malicious URLs.

Cashback Sites Leak Unencrypted Passwords, Bank & Other Sensitive User Data (Safety Detective) The security research team at Safety Detectives has uncovered yet another data leak worth 2 terabytes of data hosted on an Elastic Server. Affecting savvy

The Growing Risk of a Major Satellite Cyber Attack (Via Satellite) The third iteration of CyberSat begins in November, where members of the satellite, end user, and cyber communities will get together to discuss the threat landscape and vectors for a cybersecurity attack on satellites. We talk to some of experts of the CyberSat advisory board about major threats to the sector.

Illicit Cryptomining Threat Actor Rocke Changes Tactics, Now More Difficult to Detect (Anomali) Rocke, a China-based cryptomining threat actor, has changed its Command and Control (C2) infrastructure away from Pastebin to a self-hosted solution during the summer of 2019. The setup scripts were hosted on the domains “lsd.systemten[.]org” and “update.systemten[.]org” as pastes. In September 2019, the actor moved away from hosting the scripts on dedicated servers and instead started to use Domain Name System (DNS) text records. These records are accessed via...

Major Asian software vendor compromised with PortReuse backdoor (SC Media) Researchers found a previously undocumented backdoor used by reputed Chinese APT actor Winnti Group to compromise an Asian mobile hardware/software vendor.

Cyber espionage campaign helped China acquire intellectual property behind C919 airplane (Computing) CrowdStrike claims Chinese authorities largely stole the technology behind China's first passenger airliner, the Comac C919,Security

Building China's Comac C919 airplane involved a lot of hacking, report says (ZDNet) One of China's most brazen hacking sprees involved intelligence officers, hackers, security researchers, and company insiders.

Report: Underground hackers and spies helped China steal jet secrets (Roll Call) Government hackers and China's traditional spies and agencies plotted and stole U.S. and European aircraft engine secrets, according to firm CrowdStrike.

Lengthy cyber espionage operation helped China develop C919 airliner (Digit) An extensive cyber espionage operation helped China steal intellectual property required to design its C919 commercial airliner, according to a new report.

Check Out How Many Companies China Hacked to Build the Comac C919 (Wccftech) A lot of American companies involuntairly contributed to the development of the Comac C919, China's first passenger jet plane.

Huge Fan of Your Work (CrowdStrike) How TURBINE PANDA and China's Top Spies Enabled Beijing to Cut Corners on the C919 Passenger Jet

Fake company pushes phony cryptocurrency app to spread Mac malware (SC Magazine) North Korean hackers create fake company and corresponding cryptocurrency trading app that actually infects users with malware

Flashpoint - A Look at the Pricing of Cybercrime Goods, Services (Flashpoint) Since 2017, there have been modest price bumps for some long-standing offerings related to fraud and cyberattacks.

Pricing Analysis of Goods in Cybercrime Communities (Flashpoint) This report offers an updated look at pricing trends inside the thriving cybercrime economy of vendors hawking illicit offerings on underground marketplaces.

Hackers Impersonating Other Hacker Types (Security Boulevard) State-sponsored hackers and other threat actors are impersonating each other in an attempt to evade detection, according to a recent report.

Swedish hacker caught selling Blackremote RAT (SC Magazine) A Swedish hacker has been discovered trying to sell a new, undocumented remote access tool.

Eight NY Law Firms Reported Data Breaches as Problems Multiply Nationwide (New York Law Journal) In New York state, the number of unique law firm data breaches doubled to eight in 2018 from four the previous year, affecting nearly 1,500 individuals, according to reports submitted by the firms.

New Corporate Phishing Attacks Mimicking Performance Appraisal Processes to Steal Credentials (Security Intelligence) New corporate phishing attacks are mimicking the performance appraisal processes at targeted companies to steal employees' business account credentials.

Kaspersky honeypots find 105 million attacks on IoT devices in first half of 2019 (TechRepublic) The number of attacks on IoT devices in 2019 is nine times greater than the number found in the first half of 2018.

Vulnerability Summary for the Week of October 7, 2019 (CISA) The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

The latest Pentagon bug bounty revealed a critical vulnerability (Fifth Domain) The eighth iteration of the Department of Defense's program used crowd-sourced talent to make networks more resilient.

Pentagon 'Hack the Proxy' program uncovers 31 vulnerabilities, one critical | SC Media (SC Media) Ethical hackers found 31 vulnerabilities – one rated critical while nine got a high severity rating – during the Pentagon’s Hack the Proxy program on the

A Deepfake Deep Dive into the Murky World of Digital Imitation (Threatpost) Deepfake technology is becoming easier to create – and that’s opening the door for a new wave of malicious threats, from revenge porn to social media misinformation.

Typosquatting and the 2020 U.S. Presidential election (Digital Shadows) Photon Research Team thought it would be interesting to use this pool of candidates as a backdrop for research into typosquatted domains; following the 2016 presidential election, it was a fair bet we would find some interesting tidbits using our SearchLight™ platform.

Andrew Yang and Joe Biden come up short among 2020 candidates when it comes to cybersecurity, analysis shows (Newsweek) The results, online security company SiteLock said, were reminiscent of what it sees when working with small businesses. More than half the candidates are using out-of-date cybersecurity software.

Security pro confessional: The time I almost got hacked (ZDNet) Cybersecurity Awareness Month grants us an opportunity for increased exposure and access to the people that we should help – including ourselves.

Scared Swansea mum scammed out of £1,000 by fake police officer (Wales Online) She was told she might go to prison for five years and have her children taken away if she didn't pay unpaid taxes within the hour

Baltimore to purchase $20M in cyber insurance as it pays off contractors who helped city recover from ransomware (Baltimore Sun) As costs from this spring’s ransomware attack on Baltimore continue to come due, officials are set to buy $20 million in cyber liability insurance to cover any additional disruptions to city networks over the next year.

Security Patches, Mitigations, and Software Updates

Tamper Protection prevents malware from disabling Microsoft Defender AV (Help Net Security) Microsoft Defender has been equipped with a new protective feature called Tamper Protection, which should prevent malware from disabling it.

MacOS 10.15 Catalina Review: More Mobile Features, More Security, and No More iTunes (Wired) Apple's new desktop operating system makes your iPad into a second monitor, puts mobile apps on your Mac, and kills iTunes.

RIP Dashboard, the MacOS Feature I Don't Want to Live Without (Wired) Apple has killed off the Dashboard in macOS Catalina. At least one person will miss it dearly.

Cyber Trends

Cambridge Analytica, Whistle-Blowers, and Tech's Dark Appeal (Wired) Christopher Wylie was the architect of Cambridge Analytica’s big plans and also its whistle-blower. His new book explores how he ended up being both.

A Review of Research Identifying the Top Cyber Threats Facing Financial Services (Bricata) The top cyber threats facing financial institutions range from phishing and privileged misuse – to simply too many cybersecurity tools that are not interoperable according to a review of in-depth research.

Ponemon Study: Only 28 Percent of Enterprises Say CEO and Board Approves Acceptable Level of Cyber Risk, Demonstrating Clear Lack of Accountability (BusinessWire) Ponemon Institute report demonstrates a lack of accountability, especially on the board and among C-suite executives

Targeted Ransomware Attacks Show No Signs of Abating (Dark Reading) Criminals are becoming more sophisticated and targeted in going after enterprise organizations, a new Q2/Q3 report finds.

Cybercriminals trying to exploit the trust of users to hack them: Report (Daily Host News) Nearly 1 in 4 malicious URLs (24%) are hosted on trusted domains, according to the 2019 Webroot Threat Report.

Most expect the risk of privileged user abuse to increase (Help Net Security) Insufficient PAM practices continue to be a critical challenge for many organizations despite significant risks of data breaches and security incidents.

Australian CEOs are too overoptimistic for cybersecurity, out of touch on privacy (ZDNet) Only 6% of surveyed CEOs think their organisation has suffered a data breach in the last year, but 63% of their CISOs say they have, according to Unisys research. Big disconnect.

Parks Associates predicts about 27 percent of U.S. households to have security by 2021 (Security System News) Parks Associates recently published a report, “Home Security: Market Sizing and Forecasts,” that outlines the firm’s expectations in the market between 2017 and 2021.

American Consumers Recognize Their Role in Preventing Cybercrime, are Bothered by Perceived Inconveniences of Advanced Security (Yahoo) According to the 2019 Cybersecurity Awareness Insights Study released today by Fiserv, most Americans consider themselves at least somewhat informed of cybersecurity threats, yet many fall short at proactively protecting their personal data. Despite this lack of action, more than half (55%) of American


Huawei Extends Hot Streak in the Face of U.S. Blacklisting (Wall Street Journal) Huawei’s revenue rose 24% during the first nine months of the year, despite a U.S. export blacklisting against the world’s largest maker of telecommunication equipment.

Mysterious UAE cyber firm luring ex-Israeli intel officers with astronomical salaries ( Probe finds DarkMatter works for UAE’s intelligence agency attacking Western targets, journalists and human rights activists, with graduates of Israel's Defense forces earning up to $1 million annually.

Is Amnesty right to say NSO failing new U.N. human rights test? (The Jerusalem Post) NSO: No violations and we already adopted UN guidelines

BAE Systems Selected to Provide Open Source Intelligence Support to the U.S. Army (Seeking Alpha) The U.S. Army has awarded BAE Systems a new $437 million task order to provide open source support for the Army and Army Intelligence & Security Command (INSCOM) approved partners.

Dragos Reports Record Company Performance and 100% Revenue Growth, Achieves Industrial Cybersecurity Industry Leadership (BusinessWire) Dragos announced today strong annual growth and company performance experiencing a 100% year over year revenue growth and 70% new customer growth.

Acronis defines its enterprise value through multilevel cyber protection (SiliconANGLE) Acronis International GmbH has a fairly simple mission: Protect all data in any environment. Yet, cyber environments are highly complex, and the amount of data to be protected can be massive, which makes for a challenging task.

SAIC Selects 10 Military Vets for Cybersecurity Scholarship Program; Alicia Lynch Quoted (ExecutiveBiz) Science Applications International Corp. has named 10 military veterans as 2019 CyberWarrior Scholarship recipients. The CyberWarrior Scholarship program is a partnership between SAIC and ISC2’s Center for Cyber Safety and Education and seeks to provide career opportunities to veterans to help meet

Around US$ 33,750 awarded to Hackers in DoD Bug Bounty Program (CISO MAG) Around 81 ethical hackers participated in a bug bounty program organized by the U.S. Department of Defense (DoD) with bug bounty platform HackerOne.

Exclusive: Former Arrow exec takes the helms of cybersecurity VAD (CRN) John Dams reveals to CRN what attracted him to his new role at One Distribution and what the channel can expect from his leadership.

iboss Appoints Cybersecurity Industry Veteran David DeWalt to Board of Directors (Yahoo) iboss, the leader in cloud security, announced today that David DeWalt, founder of NightDragon Security and former CEO and Chairman of McAfee and FireEye, is joining iboss's Board of Directors. Recognized as one of the most successful cybersecurity leaders

Cowbell Cyber Appoints Insurance Industry Veteran David Miles and Cybersecurity Luminary Varun Badhwar to Board of Directors (PR Newswire) Cowbell Cyber, a startup focused on Artificial Intelligence (AI)-powered cyber insurance for small to...

Alastair MacGibbon pops up as strategy chief at Cyber CX, a new firm built via 12-way merger (The Mandarin) Former federal cybersecurity chief Alastair MacGibbon has emerged as chief strategy officer of a new Australian firm, Cyber CX, which was created from a merger of 12 existing IT security firms.

Newly formed CyberCX scoops up two of Australia's cyber heavyweights (ZDNet) Former Optus Business MD John Paitaridis and government cyber veteran Alastair MacGibbon join the new company backed by private equity firm BGH Capital.

IronNet Cybersecurity Appoints Donald Closser as Chief Product Officer (Yahoo) IronNet Cybersecurity announced today that it has appointed Donald "Don" Closser as Chief Product Officer (CPO) reporting to Co-CEOs Bill Welch and GEN (Ret.) Keith B. Alexander, the former Director of the U.S. National Security Agency and Founding

Products, Services, and Solutions

Terbium Labs Enters the Digital Risk Protection Market with Robust Platform to Combat Data Loss, Fraud, and Misuse on the Open, Deep, and Dark Web (Yahoo) Dark web data intelligence innovator, Terbium Labs today announced its entry into the Digital Risk Protection (DRP) market with significant enhancements to its Matchlight platform, the world's most comprehensive, continuous and fully private dark-web data

With Driven2Pwn, Crowdfense Introduces Innovative Best Practices in the Zero-day Market (PR Newswire) Crowdfense has worked closely with Hack in the Box (HITB) to design and launch the first edition of Driven2Pwn, a bug...

Rewind Offers Free Holiday Data Backups for E-Commerce Platforms (PR Newswire) Leading Data Backup Provider Offers Complimentary Protection During Peak Shopping Season When Store Uptime Is Critical OTTAWA, Oct. 16, 2019 /CNW/ - Rewind, a...

StackRox Enables Multi-Cloud Kubernetes Security and Compliance for YayPay · StackRox: Cloud-Native, Container, and Kubernetes Security (StackRox) FinTech leader deploys StackRox Kubernetes Security Platform to enable SOC 2 compliance and secure its containerized SaaS application running in AWS and Azure

Gigamon Announces ThreatINSIGHT, the Industry’s Fastest Cloud-Native NDR Solution (Gigamon) New ML algorithms and Gigamon Advanced Threat Research dramatically reduce threat investigation and response time.

Elastic Introduces Elastic Endpoint Security (BusinessWire) Elastic N.V. (NYSE: ESTC), the company behind Elasticsearch and the Elastic Stack, today announced the introduction of Elastic Endpoint Security, base

Forcepoint Delivers Industry’s Most Expansive Global Security Cloud Footprint (Forcepoint) Addressing enterprise needs for modern cybersecurity in a cloud-first world, Forcepoint uniquely delivers global cloud infrastructure with 160 points of presence, industry’s most comprehensive cloud certifications and patent-pending proxy-less endpoint

Toshiba Taps Cybera’s SD-WAN for Retail Terminals (Cybera) Toshiba tapped Franklin, Tennessee-based SD-WAN vendor Cybera to power its TCx point of sale (POS) terminals in the Asia Pacific market.

SyncDog Partners with KoolSpan (Financial News) SyncDog Inc., the Independent Software Vendor (ISV) for next generation mobile security and data loss prevention, has announced their partnership with KoolSpan, the provider of encrypted secure voice and messaging solutions for smartphones, the company said.

Webroot and Carbonite to re-launch channel programme in 2020 (MicroscopeUK) Webroot talks merging channel organisations following its acquisition by Carbonite in March

Kuwait Credit Bank enables cloud-based Disaster Recovery backup system (Intelligent CIO Kuwait) Kuwait Credit Bank has enabled a cloud-based Disaster Recovery backup system allowing it to respond robustly to unexpected emergencies.

BIO-key and European IT Services Provider Applied Technologies Team to Deliver Company-Wide Biometric Authentication Solution to a European Consumer Services Provider (AP NEWS) BIO-key International, Inc. (NASDAQ: BKYI ), an innovative provider of biometric authentication and security solutions, today announced that its newly established reseller partnership with Applied Technologies has secured an order to provide a biometric authentication solution to a consumer facing service provider that was seeking to enhance its network security by reducing its reliance on passwords.

Technologies, Techniques, and Standards

Viewing cybersecurity incidents as normal accidents - Help Net Security (Help Net Security) As we continue on through National Cybersecurity Awareness Month (NCSAM), a time to focus on how cybersecurity is a shared responsibility that affects all

Big Game Phishing (Cooley) On October 2, 2019, the FBI issued a Public Service Announcement to alert US businesses and organizations to plan and prepare for what are being described as high-impact ransomware events. Certain …

First Industry-Wide Continuous Monitoring Standardized Taxonomy for Cybersecurity Alerting and Reporting (Sys-Con Media) The Shared Assessments Program, the member-driven leader in third party risk assurance, today announced that the organization’s Continuous Monitoring Taxonomy subgroup has released “Creating a Unified Continuous Monitoring Cybersecurity Taxonomy: Gaining Ground by Saying What’s What.”

Creating a Unified Continuous Monitoring Cybersecurity Taxonomy: Gaining Ground by Saying What’s What (Shared Assessments) Continuous monitoring is a rapidly expanding field where a common taxonomy is key to setting expectations in the field and a consistent understanding around continuous monitoring practices. To resolve this problem, the Shared Assessments Program Continuous Monitoring Taxonomy subgroup is proposing a common taxonomy that categorizes the types of alert information that can be selected to be monitored.

Preparing for the ACSC Collaborative Defense Simulation: A Conversation with ACSC Board Member John McKenna (Advanced Cyber Security Center) We sat down with ACSC Board Member and former Liberty Mutual SVP and CISO John McKenna to hear what he believes is the value in engaging with the ACSC and participating in the simulation exercise.

Preparing for the ACSC Collaborative Defense Simulation: A Public Sector Perspective with ACSC Board Member Michael Brown (Advanced Cyber Security Center) Former Rear Admiral and ACSC Board Member Mike Brown shares his perspective on building strong public/private partnerships for cyber preparedness.

"Smart city" governments should also be smart about security (Help Net Security) The technologies used to make cities "smart" are currently acquired and deployed after very little (or even no) security testing.

Synopsys study highlights impact of DevOps on software security (Intelligent CIO Europe) Synopsys has released BSIMM10, the latest version of the Building Security In Maturity Model (BSIMM), designed to help organisations plan, execute, mature and

How the Army must (re)envision integrating cyber tools (Fifth Domain) Commanders will need to understand the cyber environment in order to command forces in it.

Here’s what the Army’s cyber protection teams need (Fifth Domain) Col. Chad Harris, project manager for Defensive Cyber Operations at the Army Program Executive Office Enterprise Information Systems, shared what his teams are looking for in the new tools that it adds.

Appeasing the Oasis of Unknown: Shadow IT Discovery (Security Boulevard) In a sea of millions of apps, which one is the biggest fish to fry? Firewall and proxy logs catch the traffic of users, but identifying what needs attention in such comprehensive logs can be overwhelming. Shadow IT discovery offers the ability to narrow down the search to apps that should be more closely monitored and controlled.  

Design and Innovation

AI marketing is 'bullshit' says Eugene Kaspersky; potential biases need to be addressed now (SC Magazine) Anyone who is promoting their product as true AI its just talking bullshit, Eugene Kaspersky told delegates, via video, at Kaspersky's Next Conference in Lisbon on Monday.

Teens find circumventing Apple’s parental controls is child’s play (Washington Post) Apple’s Screen Time is meant to give customers a way to control their kids’ devices, but intrepid youngsters have exploited bugs and workarounds.

Where it all went wrong for Facebook’s Libra (Silicon Valley Business Journal) Facebook was blindsided this month when seven of the high-profile companies involved in its digital currency project, including eBay, PayPal, Visa and Mastercard, stepped back, leaving its future hanging in the balance.

Google employees are fighting over their company’s decision to ban a Hong Kong protest video game app (Vox) The move has helped spark a fiery debate playing out on the search giant’s internal mailing lists.

Facebook Said Politicians Can Lie In Ads. It's Taking Down Ads From Warren, Biden, And Trump For Other Reasons. (BuzzFeed News) A BuzzFeed News examination found that in the first half of October, the social network has canned more than 160 ads from Biden, Warren, Sanders, Steyer, and Trump for breaking rules around profanity and fake buttons.

Under pressure to suspend Trump, Twitter restates that world leaders don’t always have to follow its rules (Washington Post) The new guidelines from Twitter came two weeks after Sen. Kamala Harris of California, a Democratic presidential contender, asked the company to suspend Trump’s account, claiming his online communications “put people at risk and our democracy in danger.” At Tuesday night's debate, she assailed Twitter's policies.

Facebook should ban campaign ads. End the lies. (TechCrunch) Permitting falsehood in political advertising would work if we had a model democracy, but we don’t. Not only are candidates dishonest, but voters aren’t educated, and the media isn’t objective. And now, hyperlinks turn lies into donations and donations into louder lies. The checks don’t balance. Wh…

Revealed: The Tories' 24-hour meme machine plotting to win the next election (The Telegraph) As another General Election looms, the battle for No10 will fundamentally be fought and won online.

Binaries and Brews: Jailbreak Security Summit convenes hackers on NSA's doorstep (CyberScoop) Of the countless security conferences held across the globe, only one combines craft beer and malware analysis in the National Security Agency’s backyard.

Research and Development

Machine learning can't flag false news, new studies show (Axios) AI can detect when machines have generated a news story, but not whether it is true or false.


Telstra partners with five universities for cyber, data, networking skills development (ZDNet) The partnerships come soon after a Malwarebytes Labs report stating that the education sector is increasingly becoming the victim of trojan, adware, and backdoor attacks.

Northrop Grumman Pilots New Student Talent Pipeline Program in San Diego (Northrop Grumman Newsroom) Northrop Grumman Corporation (NYSE: NOC) announces the launch of a new talent pipeline program in San Diego that provides community college students enrolled in science, technology, engineering and mathematics (STEM) ...

Legislation, Policy, and Regulation

Huawei lashes out at Estonia for ‘unfounded’ security claims (Washington Post) Chinese telecom company Huawei has criticized the Estonian government and media for spreading what it says are “arbitrary and unfounded” allegations about cybersecurity risks related to its mobile phones

Angela Merkel Intervenes to Allow Huawei Access to German Networks (National Review) Germany will allow Huawei access to its 5G networks despite a U.S. pressure campaign, spearheaded by FCC chairman Ajit Pai.

The American crackdown on Chinese intelligence (Asia Times) Trump is testing China to see if their economic miracle can continue without infusions of American know-how

Exclusive: U.S. carried out secret cyber strike on Iran in wake of Saudi oil attack: officials (Reuters) The United States carried out a secret cyber operation against Iran in the wake ...

UK 'solidifies' plans for offensive cyber capabilities (SC Magazine) Latest announcement indicates that UK's cyber offensive strategy still at the planning stage

Behind the Foggy Curtain: A Peek Into Secret U.S. Cybersecurity Operation (Insurance Journal) The National Security Agency is normally so secretive that its creation was classified, leading to the nickname "No Such Agency." But in a move that

16th Air Force Sets Sights on Election Security, Integrated Air Defenses (Air Force Magazine) The Air Force on Oct. 11 formally stood up 16th Air Force, the new “information dominance” organization that will bring cyber, intelligence, and other operations together under one roof here after more than two years in the works.

Analysis | The Cybersecurity 202: Democrats came out swinging against Russian hacking in Ohio debate (Washington Post) Impeachment has prompted a renewed focus on Russia’s 2016 interference.

Letter to EAC Technical Guidelines Development Committee (TGDC) (Washington Post) Dear Members of the Technical Guidelines Committee, Thank you for your service on the Technical Guidelines Development Committee (TGDC).

California AG Releases Draft CCPA Regulations and Governor Signs CCPA Amendments Into Law (Cooley) Just under three months before the January 1, 2020 deadline to comply with the California Consumer Privacy Act (“CCPA”), the California Attorney General (“AG”) released a no…

Illinois state lawmakers vow to keep close eye on cyber security (Morris Herald) Gov. JB Pritzker proclaimed the month of October as Cybersecurity Awareness Month in Illinois to recognize the importance of raising cyber awareness and to help Illinoisans stay safe and secure online.

Cybersecurity officials like Tennessee's chief information officer play a low-key but important role | Opinion (The Tennessean) Tennessee CIO Stephanie Dedmonis critical to protecting security and privacy for internet users.

Litigation, Investigation, and Law Enforcement

Russian indicted by Mueller held in Belarus, then released (Washington Post) The suspect, Anna Bogcheva, worked for Russia’s “troll factory” suspected of 2016 election interference.

Russian indicted by Mueller for alleged troll-farm activities is released by Belarus (CyberScoop) Authorities in Belarus have released a Russian national whom former Special Counsel Robert Mueller indicted for interfering in the 2016 U.S. election. Anna Bogacheva allegedly worked for the notorious Internet Research Agency, a propaganda-spouting company with ties to Russian President Vladimir Putin.

Iranian-American Businessman Coordinated With UAE Monarch to Target Iran Critics, Lawsuit Alleges (Washington Free Beacon) An Iranian-American businessman tied to a network of pro-Tehran advocates coordinated with a Middle Eastern monarch to target prominent Americans.

Hunter Biden says role with Ukraine firm was ‘poor judgment’ but not ‘improper’ (Washington Post) In a televised interview, the son of Joe Biden said he regretted giving “unethical people” a pretext to accuse his father of corruption.

Broadcom Ordered by EU to Halt Allegedly Anticompetitive Contract Practices (Wall Street Journal) The European Union ordered semiconductor maker Broadcom to stop requiring contract terms with customers that the bloc alleges are anticompetitive, even as a probe into the practices continues—the first time regulators have used such an injunction in 18 years.

Second Circuit Revives Claims Against Saudi Bank Accused of Aiding 9/11 Attacks (New York Law Journal) Previous lawsuits against Saudi officials had failed to establish personal jurisdiction because the Second Circuit found that allegations of indirect funding were not enough to establish intentional conduct aimed at U.S. residents.

Using IP to Control Gray Goods (AGMA Global) Gray goods, also known as parallel imports, are the bane of many manufacturers.

Wichita attorney Brad Pistotnik pleads guilty in cyberattack case (KAKE) Well-known Wichita attorney Brad Pistotnik has pleaded guilty in connection with a case prosecutors called a cyberattack. 

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

AdvaMed Cybersecurity Summit (Arlington, Virginia, USA, November 6, 2019) The AdvaMed Cybersecurity Summit brings together experts across the device security spectrum. Experts will provide in-depth and timely updates on the state of medical device cybersecurity, including issues...

Health Data Stewardship & Privacy Summit (Arlington, Virginia, USA, November 7, 2019) AdvaMed’s inaugural Health Data Stewardship & Privacy Summit will bring together leading experts and health care industry stakeholders to explore the current data privacy landscape and forecast what may...

CISO Leadership Forum (Austin, Texas, USA, December 4 - 5, 2019) Forget the typical conference, which may or may not focus on the latest industry buzz, vendor specific pitches or trendy new development. Our learning sessions are vendor agnostic only as we focus on peer-to-peer...

Upcoming Events

SecureWorld Twin Cities (Minneapolis, Minnesota, USA, October 16, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...

7th Annual Cyber Resilience Summit (Arlington, Virginia, USA, October 16, 2019) As the journey to secure our nation’s IT cyber infrastructure gains momentum, it is important to apply proven standards and methodologies that reduce risk and help us meet objectives for acquiring, developing...

Cyber Hygiene: Why the Fundamentals Matter (Online, Software Engineering Institute at Carnegie Mellon University, October 16, 2019) In this webcast, as a part of National Cybersecurity Awareness Month, our experts will provide an overview of the concept of cyber hygiene, which bears an analogy to the concept of hygiene in the medical...

EXCHANGE 2-19 (New York, New York, USA, October 16 - 17, 2019) BitSight presents EXCHANGE 2019, The Intersection of Business and Cyber Risk, an event for security and risk professionals to navigate the demands of today's dynamic cyber risk landscape. During this two-day...

6th Annual Cyber Warfare Symposium (New York, New York, USA, October 17, 2019) This unique, one-day event will bring together distinguished thought leaders and cybersecurity and cyber warefare experts from across the industry for a day of collaboration and education. The Symposium...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.