skip navigation

More signal. Less noise.

Get your copy of the definitive guide to threat intelligence.

We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.

Daily briefing.

Facebook subsidiary WhatsApp has filed suit against NSO Group in the US District Court for the Northern District of California. The suit alleges that NSO Group exploited WhatsApp servers to distribute malware designed to enable surveillance of specific WhatsApp users. WhatsApp says it detected the incident in May, and that it enlisted the aid of the University of Toronto's Citizen Lab in the subsequent investigation.

The defacement attack against websites in Georgia may have affected as many as fifteen-thousand sites, Forbes reports. One of the targets was the ProService web-hosting company, which has now, it says, restored normal operations. The company cooperated with the Ministry of Internal Affairs during the recovery. There's still no firm attribution: suspicion of Russian involvement is based on a priori probability. (And not everything that looks like Fancy Bear is in fact Fancy Bear.)

Johannesburg continues its recovery from the Shadow Kill Hackers incident. The city has held firm in its refusal to pay the hackers; there's no word yet that the extortionists have made good on any of their threats.

In-game purchases are being used to launder money, and the popular online game Counter-Strike is trying to tamp this down by preventing keys bought in-game from leaving the purchasing account.

Norsk Hydro's insurance has paid about 6% of the costs the company incurred as result of the LockerGoga ransomware attack it sustained in March.

Coalfire continues, with some success, to fight criminal charges two pentesters face for work they performed at an Iowa courthouse.


Today's issue includes events affecting Canada, China, European Union, Georgia, India, Israel, Nigeria, Norway, Russia, Rwanda, South Africa, Syria, Turkey, United Kingdom, United States.

Bring your own context.

Why are people calling Metasploit a menace?

"They're talking about a particular technique that Metasploit presents called 'shikata ga nai,' which is Japanese for 'nothing can be done.' And what it does is it makes your exploit polymorphic, so it's very difficult to see it when it's coming in through your network. So detection systems are less likely to find it, and the exploit is more likely to be successful."

—Joe Carrigan, of the Johns Hopkins University's Information Security Institute, on the CyberWire Daily Podcast, 10.28.19.

It's a tool, and so has both benign and malign uses. People worry about the commodification of malware and its proliferation to the skids and script kiddies, to the raconteurs and roustabouts...

Federal cloud market projected for major growth.

According to Coalfire’s latest report on FedRAMP, U.S. agencies spent $6.5B in cloud services in FY2018, an impressive 32 percent year-over-year increase, with the vast majority of Federal cloud migration still to come. SaaS/PaaS/IaaS providers can gain access to this market with significantly less investment in both time and cost by taking advantage of automation and recent FedRAMP program updates. Learn how.

In today's Daily Podcast, out later this afternoon, we speak with our partners at Bristol University, as Awais Rashid discusses securing large-scale infrastructure. Our guest, Tanya Janca from Security Sidekick, talks about web application inventory and vulnerability discovery.

The CyberWire's weekly Caveat podcast is also up. In this edition, "Privacy and biometric data," Ben wonders if NSA's authority to collect metadata will be renewed. Dave describes an expensive case of mobile device snooping. Our listener on the line wonders if the feds can monitor his laptop. Our guest is Elizabeth Wharton from Prevailion on biometric data security.

Recorded Future's podcast, produced in partnership with the CyberWire, is up, too. In this episode, "Never Underestimate Threat Actors’ Persistence," Jöerg Schauff, a principal consultant at Symantec focusing on cyber and threat intelligence shares his insights on the challenges he sees his clients facing in Germany and how their experiences inform proper defenses internationally.

IMAGINE, A MISI salon-style bespoke dinner event (Columbia, Maryland, United States, November 1, 2019) IMAGINE a world where more young women can see themselves in the faces of the legendary women of science & technology – and say, "Yes I can!" The event on November 1 is a fundraiser in support of the region's unique and inclusive STEM program and will be held at the DreamPort Facility in Columbia Maryland. While its focus is on the under-represented young women, young men are also included in MISI's STEM programs.

Cyber Security Summits: November 6 in Boston and November 21 in Houston (Boston, Massachusetts, United States, November 6, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, Google, IBM, Verizon, Center for Internet Security and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Your full day’s attendance will earn you 6 CEUs. Passes are limited, secure yours today:

NXTWORK 2019 (Las Vegas, Nevada, United States, November 11 - 13, 2019) Join us at NXTWORK 2019 to learn, share, and collaborate with GameChangers from companies across the networking industry. This year’s event features keynotes from Juniper executives, as well as special guest speaker Earvin “Magic” Johnson, along with 40+ breakouts and master classes led by Distinguished Engineers, as well as various opportunities for certification testing and training.

Cyber Attacks, Threats, and Vulnerabilities

Customers report Bank of America outage; cards declined, ATMs unavailable (KTVU FOX 2) Bank of America outages reported

Bank of America Down? Service Status, Map, Problems History - Outage.Report (Bank of America) See if Bank of America is down or it's just you. Check current status and outage map. Post yours and see other's reports and complaints

Georgia ‘I’ll Be Back’ Cyber Attack Terminates TV, Takes Down 15,000 Websites (Forbes) As a massive cyber-attack defaces websites and stops TV stations from broadcasting, the question is: whodunnit?

Voting machines still easy prey for determined hackers (FCW) A security exercise to demonstrate voting machine vulnerabilities has captured the attention of some in Congress, but one Democratic chairman said 'it's all for naught' if Republicans aren't on board.

As Russia makes 2020 play, Democratic campaigns say they are in the dark, and experts fear U.S. elections are vulnerable (Washington Post) Campaigns targeted by Russian interference on Facebook-owned Instagram were not alerted by the tech giant. 

Who benefits from the use of kompromat in American politics? (Military Times) The main weapon of a hybrid warfare is a deception, and one of the main tasks of this deception is to convince the enemy that there is no war, says the author of this commentary.

Microsoft Says Russians Hacked Antidoping Agency Computers (New York Times) The Russians were supposed to turn over their own computer data to avoid further penalties. Then they went on the offensive.

Inside the Discovery of Sandworm, the World’s Most Dangerous Hackers (Vanity Fair) In his new book, Sandworm, Andy Greenberg describes how researchers who discovered the group were alarmed by its reach—and the looming danger it represented.

New 'unremovable' xHelper malware has infected 45,000 Android devices (ZDNet) Factory resets aren't helping. Neither are mobile antivirus solutions. Malware keeps reinstalling itself.

Joker's Stash Lists 1.3 Million Stolen Indian Payment Cards (BankInfo Security) The notorious Joker's Stash cybercrime marketplace, which specializes in selling stolen payment card data, has a new listing for 1.3 million credit and debit cards,

New Adwind Variant Targets Windows, Chromium Credentials (Threatpost) A new version of the typically platform-agnostic Adwind trojan has been spotted targeting Windows applications and systems and Chromium-based browsers.

PHOENIX CONTACT Automation Worx Software Suite (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Phoenix Contact Equipment: Automation Worx Software Suite Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could compromise the availability, integrity, or confidentiality of an application programming workstation.

MikroTik router compromise exploit detailed (SC Magazine) Researcher details the fascinatingly winding path from DNS request to root access on MikroTik routers

Info security body finds no evidence of infection at Swiss banks as a result of “Sharpshooter” campaign (FinanceFeeds) Switzerland’s Reporting and Analysis Centre for Information Assurance is in touch with a number of banks but no evidence of infection has been found.

Mimecast Outage: CEO Says "Very Sorry", Blames Firewall Issues (Computer Business Review) Mimecast blames intermittent service disruptions on network/firewall issues and says it is urgently working on a permanent fix. A Mimecast outage...

Mimecast CEO Blames Service Issues On Firewall Challenge (MediaPost) Mimecast is working to reduce disruption time and mitigate the impact, Peter Bauer says in a video.

Notice of Potential Payment Card Incident (Krystal) The Krystal Company would like to advise guests that our company is actively investigating a security incident that involves one of the payment processing systems that services some of our restaurants.

State of Stolen Credentials in the Dark Web from Fortune 500 Companies (Immuniweb) Millions of stolen corporate credentials available in the Dark Web are exploited by cybercriminals for spear-phishing and password re-use attacks against the largest global companies.

How games like 'Fortnite' and 'Counter-Strike' are used to launder money (Mic) Despite being released over seven years ago, Counter-Strike: Global Offensive remains one of the most popular games in the world. Counter-Strike boasts more than 500,000 concurrent players at any given time and hit its highest active player account…

Kurdish spy played key role in locating Baghdadi (Times) President Trump said that Abu Bakr al-Baghdadi’s likely replacement as Islamic State’s leader was “terminated by American troops” as further details emerged of the role played by Kurdish...

Is your security opening up a bag of worms? (TechNative) Despite the headlines, cryptocurrency is still very much on the scene, especially as big names like Facebook try to crack the industry However, while there are many companies trying to do good things with bitcoin, there are also people looking to exploit it. Unsurprisingly, over the last few years, there has been an increase in crimes related to cryptocurrency. While some cyber criminals hold people’s digital assets ransom in return for cryptocurrency, others take a somewhat less upfront approach.  In fact, a popular form of crime surrounding the new currency is cryptojacking. Mining for bitcoin takes a serious amount of

Security Patches, Mitigations, and Software Updates

Major vulnerability patched in the EU's eIDAS authentication system (ZDNet) Exclusive: Vulnerability would have allowed attackers to pose as any EU citizen or business.

PHP team fixes nasty site-owning remote execution bug (Naked Security) The PHP development team has fixed a bug that could allow remote code execution in some setups of the programming language.

Cyber Trends

Is the enterprise on the brink of a global web supply chain attack? (Help Net Security) We have seen enough examples of a web supply chain attack to know that there still isn’t enough being done to actually mitigate these attacks.

2019 EnergyTech/Information Security Summit Conference – the gap between IT/OT networking and domain experts (Control Global) There has effectively been an exclusion of domain experts (in industry and manufacturing – the engineers/Operations; and in finance - the economists) in control system cyber security. This exclusion of domain experts has also led to the exclusion of control system devices from adequate cyber security considerations. The disconnect between domain experts and networking is very much alive and needs to be addressed.

Are utilities keeping up with cyber threats? (Smart Energy International) Caught in the Crosshairs: Are Utilities Keeping Up with the Industrial Cyber Threats? – details the industry’s vulnerability to cyber risk and its readiness to address them

Nastiest Malware 2019 (Webroot Community) It’s that time of year again. The leaves have changed, ghouls and goblins are about to take to the streets demanding tricks or treats, and Webroot is shining the light on the nastiest malware threats lurking online in 2019. It’s not names like Jason or Freddy that should curdle your blood this Octob...

NTT Report Finds Digital Natives Don’t Prioritize Cybersecurity (BusinessWire) In today’s multigenerational workforce, professionals over 30 are more likely to adopt cybersecurity best practices than their younger colleagues.

Investigations are an unfortunate fact of life for most corporations (Help Net Security) H5 survey reveals corporate investigations are expected to increase over the next three years, intensifying strain on internal resources.

Companies unprepared to deal with mobile attacks, synthetic identity fraud, CCPA compliance (Help Net Security) Businesses see costly decline of consumer trust as a result of large-scale data breaches according to annual IDology Fraud Report.

Employers view worker training, policies as key to data security (HR Dive) For many companies, the importance of cybersecurity has grown, but a lack of talent to fill necessary roles may be making it difficult for businesses to keep up with demand.

Guests: Hotels are not investing enough in cybersecurity (Hotel Management) Nearly half (46 percent) of respondents said their trust in a hotel’s cyber defenses influences if they book a stay at a particular hotel.


The future of cybersecurity VC investing with Lightspeed’s Arif Janmohamed (TechCrunch) There are two types of enterprise startups: those that create value and those that protect value. Cybersecurity is most definitely part of the latter group, and as a vertical, it has sprawled the past few years as the scale of attacks on companies, organizations, and governments has continuously ex…

DISA Is Looking to Buy AI-Powered Cyber Defenses ( The tools would use automation and machine learning to respond to common cyberattacks without any human intervention, freeing personnel to focus on more complex intrusions.

7 Ways Industry is Supporting National Cybersecurity Awareness Month (Bricata) From "champions" to free training – here are some different ways the private sector is supporting National Cybersecurity Awareness Month (NCSAM)

Major Employers Commit to Build a Stronger Cybersecurity Workforce Pipeline (The Aspen Institute) Major Employers Commit to Build a Stronger Cybersecurity Workforce Pipeline Date: 10/30/2019 By: John Carlin Chair, Cyber & Technology Program, The Aspen Institute For the past four years, the Director of National Intelligence has named cyber threats to critical infrastructure as the top national security concern. Attacks on Atlanta, Baltimore, Louisiana, Florida, Texas show how, …

How Microsoft Tapped the Autism Community for Talent (Wall Street Journal) The software giant says it had to alter its hiring process, including eliminating the initial phone screening.

Fortinet Gains on Cisco, Palo Alto Networks with enSilo Acquisition (Channel Futures) Fortinet's acquisition of enSilo quickly helps Fortinet gain ground on Palo Alto Networks specifically, but also Cisco, and Sophos in the midmarket.

New cyber coordination center aims to make Louisiana a cybersecurity leader (Baton Rouge Business Report) When Gov. John Bel Edwards announced in August that a new Louisiana Cyber Coordination Center would be established at the Water Campus, near downtown Baton Rouge, he said it was a step towards establishing the state as a global leader in cybersecurity. But what kind of work will the center—to be shared by the Louisiana …

Cybereason Named a Forbes ‘2019 Next Billion-Dollar Startup’ (PRWeb) Cybereason, creators of the leading Cyber Defense Platform, today announced it was named a Forbes 2019 Next Billion-Dollar Startup. For the past five years, Forbes

Facebook Needs to Shut Up (Wired) Opinion: Since 2017, nearly every time Mark Zuckerberg has tried to sound thoughtful, he sounds unprepared, shallow, and full of hubris. Time to zip it.

Cyber attack on Asia ports could cost $110 billion: Lloyd's (Reuters) A cyber attack on Asian ports could cost as much as $110 billion, or half the to...

Norsk Hydro's cyber insurance has paid just a fraction of its breach-related losses so far (CyberScoop) Norsk Hydro received an insurance payout of $3.6 million following a highly publicized cyberattack earlier this year, the company revealed in its third quarter earnings report. The insurance payout represents about 6% of the $60 million to $71 million in costs created by the incident through the third quarter, the company said.

Microsoft funded firm doing secret Israeli surveillance on West Bank (NBC News) Microsoft committed to protecting democratic freedoms. Then it funded an Israeli facial recognition firm that secretly watched West Bank Palestinians.

FireEye CEO: I’m Thinking About How We Execute, Not How To Exit (CRN) FireEye CEO Kevin Mandia said he’s laser-focused on building the best possible security company despite media reports that all or part of FireEye might be acquired.

Threat intel firm to open new office, add 130 jobs in the Boston area (Boston Business Journal) The threat intelligence company is opening a second office in addition to its current headquarters at 363 Highland Avenue in Somerville, with the goal of building a “campus” in the Davis Square area, according to CEO Christopher Ahlberg.

Eversheds Sutherland Adds Cybersecurity & Privacy Counsel Paul McCulloch-Otero (Eversheds Sutherland) Eversheds Sutherland is pleased to announce that Paul D. McCulloch-Otero has joined Eversheds Sutherland’s Cybersecurity & Privacy Practice Group as counsel in the New York office. With his extensive background in cybersecurity, privacy, information technology, risk and compliance, he will counsel clients across industries, particularly bolstering Eversheds Sutherland’s FinTech, RegTech and InsurTech teams.“Cybersecurity and privacy remain top concerns for our clients,...

Protegrity Appoints Rick Farnell as Chief Executive Officer (BusinessWire) Data-first security solution provider Protegrity announced that Rick Farnell will join the company as its new CEO, effective immediately.

Products, Services, and Solutions

HITRUST Compliance with Tripwire (Tripwire) The HITRUST CSF helps healthcare organizations comply with various standards like NIST, CIS, HIPAA by providing a single overarching framework. Now, with Tripwire Enterprise, organizations can automate the HITRUST CSF and reduce the burden of compliance.

Netskope Partners with SailPoint to Deliver Expanded and Detailed Visibility into Enterprise Application Risk (Netskope) Netskope, the leader in cloud security, today announced a new certified integration with SailPoint Technologies, Inc., the leader in enterprise identity governance, to advance the precision and automation of end-to-end security and compliance. This integration enables joint customers to:   Automate access governance tasks and workflows in …

Cynash Enhances Its Analytics Appliance for Industrial Control System (PRWeb) Cynash Inc., a leading developer of industrial control system (ICS) cybersecurity solutions for critical energy, water and transportation, announces a new...

KnowBe4 Launches Initiative to Strengthen Organizational Security Culture (West) Security Awareness Proficiency Assessment and Security Culture Survey Now Available

Baffle Unveils Data Masking and Exfiltration Control to Mitigate Data Breach Risks ( Learn more about data protection in our latest post "Baffle Unveils Data Masking and Exfiltration Control to Mitigate Data Breach Risks". Baffle provides end-to-end access control and AES encryption that protects data in use, in memory, in the search index and at-rest to protect against modern day data breaches.

Talkdesk receives new security and business continuity certifications, leads contact center industry (Talkdesk) Talkdesk sets the bar as first to achieve security certification for Business Continuity Management

Cisco offers all-in-one managed security for MSPs (CRN Australia) Developed alongside US-based Perch Security.

How being hacked inspired a comic book series (Infosec Resources) Gary Berman, creator of "The Cyberhero Adventures: Defenders of the Digital Universe" comic book series, and Cyber Work host Chris Sienko discuss Berman's

The 4 number-one ways to protect your game from hackers (VB Live) (VentureBeat) Learn how to protect your game and users from threats without impacting game performance and effectively thwart cybercriminals in this VB Live event.

Microsoft launches ‘911’ on-demand service for emergency security threats (ZDNet) Top cybersecurity experts are now part of Microsoft's Advanced Threat Protection service.

Thycotic Introduces Customer Community Engagement Platform to Facilitate "Secrets of Success" (PR Newswire) Thycotic, provider of privileged access management (PAM) solutions to 10,000 organizations worldwide, including 25...

Zero Trust platform from Pulse Secure is enhanced (App Developer Magazine) Pulse Secure introduces new secure access management and threat mitigation features within its Zero Trust Platform, enabling enterprise and service provider organization.

HPE Takes On VMware With AI-Powered HCI (SDxCentral) The next phase of software-defined and hyperconverged infrastructure is AI-powered HCI, according to Hewlett Packard Enterprise.

VMware Helps Customers Across EMEA Manage Multi-Cloud Cost, Complexity and Risk to Drive Digital Transformation (West) CloudHealth by VMware and VMware Secure State Simplify and Help Secure Operations Across Public Clouds

Visium Technologies Unveils Cygraph at .Next Conference (West) Copenhagen Conference for European, Middle East, and Africa Region draws over 4,000 attendees across all industries

NSA Certifies General Dynamics Battlefield Encryptor (New Kerala) Business World: FAIRFAX, Va: General Dynamics Mission Systems announced today that the National Security Agency NSA has certified its new TACLANE- Nano KG-175N network encryptor to secure voice, video and data information classified Top Secret/SCI and below traversing public and private IP networks.

Switching from Symantec to Sophos just got even easier (Sophos News) Replacing Symantec Endpoint Protection? Step up to Sophos Intercept X.

BIO-key Advances Passwordless Authentication with Windows Hello and WebAuthn Multi-Factor Authentication Solutions at Microsoft Ignite 2019 (West) Offering Several Compliance Options for September FBI Private Industry Notice

Flying solo with mobile payments: Why choose HCE? (FIME) Mobile payments, HCE, smartphone, banks, issuers, Giant Pays, security, Host Card Emulation, payment apps, Android device, implementation plan, mobile device, cloud server, Google, UX, user experience, development services, security certification, functional certification, SE-based solution, Rich OS, security-centric approach

Technologies, Techniques, and Standards

How to negotiate with hackers (Financial Times) When your files are held to ransom, there are ways to get them back safely and securely

Why New Privacy Regulations Are a Business Enabler, Not an Enemy (Netwrix) Privacy legislation is often seen as a big stumbling block for business. In this blog, find out five ways that privacy regulations can help boost your business.

Cybersecurity summit urges companies to share hacking woes (TMJ4) About 60% of small businesses have been hit by a cyber attack.

MKE Cybersecurity Summit focuses on hacking risk for those who work from home ( Cyber attackers are constantly coming up with new ways to steal your information. Business leaders across the area teamed up on Monday,

Don’t Respond to Suspicious Emails (PhishLabs) It is important to remember that these scammers are in fact criminals and engaging with them is like catching a tiger by the tail.

Design and Innovation

Collaboration Required to Improve Connected Medical Device Security (HealthITSecurity) A report from Booz Allen and eHI dives into common challenges healthcare providers face in addressing the risk connected medical devices pose to patient safety and the overall healthcare ecosystem.

New Facebook AI fools facial recognition (Naked Security) The technology – which Facebook won’t use in its own apps – subtly distorts face images so they’re still recognizable, but not to machines.

Mimecast CEO Unveils Vision for Future of Email Security at Cyber Resilience Summit in Dallas (West) Organizations Need to Expand From Perimeter Email Security to Pervasive Email Security to be Resilient in the New Digital Risk Reality

This man is running for governor of California so he can run false Facebook ads (CNN) A San Francisco man is going to extreme lengths to call out Facebook's controversial policy of allowing politicians to run false ads on its platform. On Monday morning, he registered as a candidate in California's 2022 gubernatorial election -- not with the primary goal of becoming governor, but so he can run false Facebook ads of his own.

Team develops a detector that stops lateral phishing attacks (Techxplore) Lateral phishing attacks—scams targeting users from compromised email accounts within an organization—are becoming an increasing concern in the U.S.

Pentagon preparing first electronic warfare report for Congress (C4ISRNET) The Pentagon’s newly created cross functional team for electronic warfare is gearing up to submit its first report to Congress.

What to do with an electronic warfare problem like Syria? (C4ISRNET) An Army tool is being considered as a potential military-wide solution for commanders to visualize and understand the electromagnetic spectrum.


Best colleges to face-off at international offensive cybersecurity competition finals at RIT (RIT) The winners of the world’s largest collegiate offensive-based cybersecurity competition will be crowned at the Collegiate Penetration Testing Competition finals Nov. 22–24 at RIT.

Okemos High School Cyberchiefs A Wins High School Cyber Challenge (Iosco County News Herald) High School teams from across Michigan came to the 2019 North American International Cyber Summit (NAICS) at TCF Center in Detroit on October 28,

Legislation, Policy, and Regulation

Playing with fire: Global offensive cyber operations (TheHill) Nation-states — including the U.S. — are operating in cyberspace without any serious deliberation regarding potential outcomes.

China Eases Restrictions on Foreign Cryptography Products (Bloomberg Law) China’s National People’s Congress has liberalized the regulation of commercial cryptography and forbidden forced technology transfers for those products.

German Spy Chief Says Huawei Can’t Be ‘Fully Trusted’ in 5G (Bloomberg Law) Germany’s spy chief said Huawei Technologies Co. “can’t fully be trusted,” signaling security hardliners in Chancellor Angela Merkel’s government want to keep the Chinese technology giant out of the country’s fifth-generation networks.

Trump says U.S. will cooperate with 'like-minded' nations on 5G networks (Reuters) U.S. President Donald Trump said in a letter Monday the United States plans to c...

Congress Still Doesn't Have an Answer for Ransomware (Wired) As data hijackers continue to target local governments and hospitals, legislators remain stymied over how best to address the problem.

Warren Would Shut the Government-to-Tech ‘Revolving Door’ (Wired) Warren's latest plan would prohibit large companies from hiring senior government employees right out of office—and she comes out swinging against Facebook.

FCC plans Huawei/ZTE ban, may require ripping out existing network gear (Ars Technica) Ban on Chinese vendors would affect recipients of Universal Service funding.

FCC proposal targeting Huawei garners early praise (TheHill) The Federal Communications Commission (FCC) is moving aggressively to ban companies from using federal subsidies for equipment from Chinese telecommunications groups Huawei and ZTE, and earning initial praise from lawmakers and industry groups.

UNITED STATES : NGA takes steps to avoid more Snowden style leaks (Intelligence Online) The National Geospatial Intelligence Agency (NGA) launched a consultation in October for a full-scale audit of its computer security and

16th Air Force to streamline cyber weapon systems (U.S. Air Force) Launched on July 1, 12N12 aims to replace, reduce and consolidate the tools, systems and applications operators and analysts employ within the cyberspace security and defense mission area by July 1,

Blue Dog Democrats push Congress to fund state election security (TheHill) Leaders of the Blue Dog Coalition on Tuesday urged House and Senate leaders to provide states with election security funds as part of the ongoing appropriations process.

Significant Pennsylvania election law changes headed to governor’s desk ( Election reform legislation headed toward the governor's desk in Pennsylvania on Tuesday would deliver the biggest changes to state election laws in decades and provide aid to counties for much of the cost of new voting machines as a bulwark against hacking in next year's presidential election.

Florida elections chief: State systems prepared for hackers (Washington Post) Florida’s secretary of state is reassuring voters that elections officers across the state are prepared for attacks from hackers despite continuing concerns about the integrity of the state’s voting systems

Australia Proposes Face Scans for Watching Online Pornography (New York Times) As a government agency seeks approval of a facial recognition system, it says one use for it could be verifying the age of people who want to view pornography online.

Litigation, Investigation, and Law Enforcement

Security | Questions the alleged cyber-incident at Kudankulam Nuclear Plant raises (Moneycontrol) If indeed a breach has occurred at the Kudankulam Nuclear Power Project, evidence shows that it could be a human problem, and not a network one, and KNPP's diagnostic and denial does little to restore confidence.

Facebook Sues Israel’s NSO Group Over Alleged WhatsApp Attack (Wall Street Journal) Facebook filed a lawsuit against Israel’s NSO Group, alleging the cybersecurity company infected the phones of some users with spyware it delivered through the WhatsApp messaging platform.

WhatsApp accuses Israeli firm of helping governments hack phones of journalists, human rights workers (Washington Post) WhatsApp on Tuesday accused the Israeli surveillance company NSO of helping governments hack into the mobile devices of more than 100 people worldwide, including journalists and human rights workers.

Facebook sues Israeli surveillance vendor over WhatsApp zero-day (ZDNet) Facebook says NSO Group developed WhatsApp zero-day used in May 2019 attacks against attorneys, journalists, human rights activists, political dissidents, diplomats, and government officials.

WhatsApp files complaint against NSO over alleged cyber attack using service (Times of Israel) The WhatsApp messaging app says it thwarted “a highly sophisticated cyber attack” by Israel-based NSO Group which exploited its video calling feature in May.

A WhatsApp hack used Israeli spyware to target Rwandan dissidents (Quartz Africa) Facebook lawsuit alleges the Israeli spyware firm NSO was hacking journalists, human rights activists and political activists.

WhatsApp: Scores of activists targeted with NSO spyware (Amnesty) Responding to a statement by WhatsApp on Tuesday that spyware produced by the Israeli firm NSO Group was used to target more than 100 human rights activists, Danna Ingleton, Deputy Director of Amnesty Tech, said:

The Mueller Report and ‘National Security Investigations and Prosecutions’ (Lawfare) A new edition of a treatise on national security law has much to say about the Mueller investigation and L’Affaire Russe.

GDPR fines were meant to rock the data privacy world. They haven't (WIRED UK) GDPR hasn't heralded the swarm of huge fines that was predicted. But that doesn't mean the fines so far haven't been influential

Nigerian military using surveillance technology to spy on Nigerians - CPJ (Premium Times Nigeria) The Committee to Protect Journalists (CPJ) has accused the Nigerian military of using surveillance technology to spy on ordinary Nigerians and the press.

Coalfire Objects to All Charges Pending in Cybersecurity Trespass Case (PR Newswire) Coalfire, a provider of cybersecurity advisory and assessment services, today announced that charges were...

Kamala Harris Defended Representative Katie Hill and Called Out "Cyber Exploitation" (Yahoo Lifestyle) Senator Kamala Harris defended Representative Katie Hill after the U.S. Rep. resigned. Intimate photos of Hill with a staffer had been published without her consent.

LARA: Editor's Comment: New competition, cyber war and Comac (HMG Aerospace) On 24 October, the fifth prototype of China’s home-built narrowbody passenger jet, a C919 (coded 105), completed its first flight from Shanghai Pudon International Airport....

Australia Accuses Google Of Misleading Consumers Over Location Data ( The Australian Competition and Consumer Commission said that Google purposefully misled Android users into thinking their personal data were not being collected.

Uber threatens to sue Los Angeles, as the fight over scooter data escalates (The Verge) LA wants Uber’s location data, but the ride-hailing company says it’s worried about privacy.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

WSJ Pro Cybersecurity Executive Forum (New York, New York, USA, December 3, 2019) Cybersecurity risks are rapidly changing, so this year’s forum and masterclasses have been redesigned to focus on timely topics including: lessons from the most recent major hacks, what and how to report...

Cyber Security for Critical Assets, MENA 2020 (Dubai, United Arab Emirates, January 20 - 21, 2020) The 17th in a global series of Cyber Security for Critical Assets summits, #CS4CA MENA 2020 focuses on safeguarding the critical industries of the Middle East and Northern Africa from cyber threats. CS4CA...

Upcoming Events

IS2C Security Conference (Orlando, Florida, USA, October 28 - 30, 2019) (ISC)² Security Congress brings together a global community of cybersecurity professionals. The event offers 175+ educational and thought-leadership sessions, and fosters collaboration with other forward-thinking...

SecureWorld Denver (Denver, Colorado, USA, October 29 - 30, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...

CYBERSEC EXPO 2019 (Katowice, Poland, October 29 - 30, 2019) CYBERSEC EXPO 2019 is a first of its kind two-day trade fair focused exclusively on the cybersecurity technology. It brings global expertise on the emerging cybersecurity threats and gives access to the...

2019 Securing New Ground (New York, New York, USA, October 29 - 30, 2019) The Security Industry Association (SIA) carefully curates topics and speakers for this two-day conference with the goal of inspiring our fellow leaders in the security about the potential of the global...

5th European Cybersecurity Forum – CYBERSEC 2019 (Krakow, Poland, October 29 - 30, 2019) CYBERSEC Forum is an unique opportunity to meet and discuss the current issues of cyber disruption and ever-changing landscape of cybersecurity related threats. Our mission is to foster the building of...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.