skip navigation

More signal. Less noise.

Get your copy of the definitive guide to threat intelligence.

We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.

Daily briefing.

YouTube users suffered what appears to have been an extensive and coordinated account hijacking campaign over the weekend, ZDNet warns. The "car community" was particularly targeted, and the attacks seem to have begun with phishing.

Late Friday, Facebook identified data collection and handling issues with "tens of thousands" of applications associated with some four-hundred app developers. The findings came as the social network continues its self-inspection post-Cambridge Analytica. 

Iran will take proposals for a Gulf regional security organization to the United Nations General Assembly’s annual summit this week, the Guardian reports. The intent is to assemble a “Coalition of Hope” designed for the most part to exclude the US and UK from a continuing role as protector of Iran’s regional rivals. The move occurs as tensions remain high over the September 14 drone attack against Saudi oil facilities.

There were reports over the weekend that Iranian petrochemical operations had been affected by a cyberattack. Iran took the social media chatter seriously enough to issue an official denial that there had been any successful attacks.

Much Gulf-regional conflict has involved cyber operations, CNBC observes, some in retaliation for kinetic actions like Iran’s shootdown of a US surveillance drone. The US is looking to cyber operations as an approach to deterrence. The New York Times says that US Cyber Command has been considering cyberattacks to disrupt Iranian oil production.

According to Reuters, Huawei CFO Meng Wanzhou returns to court in Vancouver today, where her lawyers will press for details concerning her arrest.

Notes.

Today's issue includes events affecting Australia, Canada, China, Ecuador, Egypt, France, Germany, India, Iran, Israel, Kenya, Democratic Peoples Republic of Korea, Republic of Korea, Philippines, Russia, Saudi Arabia, Spain, Taiwan, United Arab Emirates, United Kingdom, United States.

Bring your own context.

We often think of information operations as placing ideas in front of people, but there are other ways in which they can serve as a force multiplier.

"And the flip side to that is the removal of information. I mean, it's not just about the presence of information, but also what information you can take away from a population so they cannot verify certain facts. But there are other mechanisms in terms of that force multiplier. Not just in terms of political influence and driving certain ideologies, but also, you know, this idea that, actually, physical attacks can be backed up by knocking out digital systems to enable much more effective operations. And so this idea of sabotage is coming into play. And this is a concept that a gentleman named Thomas Rid really put forward around sabotage, that cyberattacks are around sabotage, espionage, and this idea - and subversion. And so they all act as force multipliers for political influence but also in digital warfare. So this idea of cybersecurity and cyberattacks acting as a force multiplier is a multifactor thing that we need to really consider in terms of modern conflict."

—Daniel Prince, senior lecturer in cybersecurity at Lancaster University, on the CyberWire Daily Podcast, 9.18.19.

It's not always hackers in hoodies taking out a power grid. (Sometimes, but not always.) 

Is your cybersecurity program aligned with your business goals and objectives?

Cybersecurity is a business risk, not an IT problem, and a critical part of business strategy. Security should not be an afterthought. Taking a proactive approach facilitates board-level cyber initiative buy in, supports traction across business units, establishes management alignment for key priorities, and manages data complexity. Let Edwards Performance Solutions better structure and position your cybersecurity program – making it a business asset for continued success. Learn more

In today's podcast, out later this afternoon, we speak with our partners at the Johns Hopkins University's Information Security Institute, as Joe Carrigan discusses privacy issues surrounding smart TVs.

Second Annual DataTribe Challenge (Online, October 1, 2019) Register now for a chance to be DataTribe's next world-class company. Finalists will split a $20,000 prize, and the winner may receive $2m in funding from DataTribe. Contestants have until October 1st to apply at www.datatribe.com/challenge­.

Zero Day Con (Washington, DC, USA, October 22, 2019) Zero Day Con hosts a day of expert discussion on security approaches to regain control over your systems, data, and information. Join us to examine insights, security technologies, and key priorities to secure your systems. Get a 20% discount: CYBER_WIRE20

Cyber Attacks, Threats, and Vulnerabilities

Returning rogue weather app continues mobile ad fraud (Telemedia Online) A weather app from Chinese company TCL Communications has once again been caught making digital purchases of premium services without the knowledge of the A weather app from Chinese company TCL Communications has once again been caught making digital purchases of premium services without the knowledge of the phone’s owner

From predator to high-risk vaccine: Sophos tracks WannaCry's evolution (Security Brief) An analysis of around 2,000 WannaCry samples from 2018 shows they were adapted to bypass the famous kill switch, but unable to encrypt data.

The WannaCry hangover (Sophos News) More than two years on, modified WannaCry variants still cause headaches for IT admins and security analysts

Massive wave of account hijacks hits YouTube creators (ZDNet) YouTube creators from the auto and car community were hit the hardest in what appears to be a coordinated attack.

YouTube Security Warning For 23 Million Creators As ‘Massive’ Hack Attack Confirmed (Forbes) Investigation confirms a "massive wave" of YouTube account takeovers as cybercriminals hit with a coordinated attack that bypassed 2FA protection. Here's what you need to know.

High-profile YouTube creators targeted in a series of coordinated cyber attacks (Computing) YouTubers within the automotive and car reviewing community were hardest hit.

Pro-MB Fugitive launches cyber attack against state, asks members to cover their face (EgyptToday) A voice message believed to be recorded by fugitive Hani Sabry, allegedly a Muslim Brotherhood "terrorist" group member, has asked others who he called "youth" to send him links of Facebook accounts, as part of a systematic campaign attempting to oust the

Intezer - Russian Cybercrime Group FullofDeep Behind QNAPCrypt Ransomware Campaigns (Intezer) We can assess with high confidence that FullofDeep, a Russian cybercrime group specializing in ransomware operations, is behind both the original QNAPCrypt campaigns and the newly identified ransomware variant.

Dubai company loses $53,000 in targeted cyber attack (ArabianBusiness.com) The Dubai-based exhibitions firm fell victim to a highly sophisticated cyber attack

Report: Iranian Servers, Websites Come under Cyber-Attack (Asharq AL-awsat) A number of Iranian servers and websites - including those of some petrochemical firms - were under a cyber-attack, said reports on social media. There was no immediate official comment, and the websites of the main state oil company NIOC appeared to

Iran denies successful cyber attack on oil sector (Times of Israel) Organization that tracks internet outages says activity detected consistent with a cyber attack, though the cause is unclear and impact limited

Iran denies successful cyber attacks on oil sector (DAWN.COM) "Data are consistent with a cyber attack or unplanned technical incident on affected networks."

Silas Cutler on Twitter (Twitter) “Reported petrochemical companies impacted by unconfirmed Internet outage in Iran: Jam : jpcomplex[.]ir Mobin : mobinpc[.]ir Barzeviye : bpciran[.]com Morvarid : morvaridpc[.]ir Tondgoyan : stpc[.]ir Bandr Imam : bipc[.]org[.]ir”

Disclosing new data to our archive of information operations (Twitter) Transparency and openness are deep-seated values at the heart of Twitter. Today, we are disclosing six additional datasets covering five separate jurisdictions.

Twitter suspends account of former adviser to Saudi Arabia's crown prince (CNN) Twitter suspends the account of a former Saudi royal court adviser, Saud al-Qahtani, who was fired over his role in the murder of Washington Post journalist Jamal Khashoggi.

An Update on Our App Developer Investigation (Facebook Newsroom) We're sharing an update on our ongoing App Developer Investigation, which we began in March of 2018 as part of our response to the episode involving Cambridge Analytica.

Facebook belatedly suspends 'tens of thousands' of apps in privacy probe following Cambridge Analytica affair (Computing) Facebook has filed lawsuits against a number of app developers over data expropriation

Facebook suspends tens of thousands of apps following data investigation (Washington Post) Facebook said they had investigated millions of apps based on "signals associated with an app's potential to abuse our policies."

Facebook Suspended Tens of Thousands of Apps Post-Cambridge Analytica (Threatpost) Facebook said it has suspended and banned tens of thousands of apps on its platform after its investigation, launched after Cambridge Analytica, into how they collect and use data.

Some changes to Remcos Rat persistence method | My Online Security (My Online Security) It looks like we are seeing a few changes to the Remcos RAT install & persistence method. Over the last couple of weeks I have noticed a few tweaks to the persistence & auto start of several Remcos…

Magecart Skimming Attack Targets Mobile Users of Hotel Chain Booking Websites (TrendLabs Security Intelligence Blog) We discovered a series of incidents where the credit card skimming attack Magecart was used to hit the booking websites of chain-brand hotels — the second time we’ve seen a Magecart threat actor directly hit ecommerce service providers instead of going for individual stores or third-party supply chains.

Server-squashing zero-day published for phpMyAdmin tool (Naked Security) A researcher has just published a zero-day security bug in one of the web’s most popular database administration software packages.

Sinkholed Magecart domains resurrected for advertising schemes (SearchSecurity) Researchers at RiskIQ found threat actors purchased domains formerly used by Magecart cybercriminals and repurposed the skimmer code on the domains for fraudulent advertising schemes.

Poor security: 15,000 private webcams exposed to creeps (HackRead) Your exposed webcams are backdoor for creeps.

Lee County website shut down due to cyber attack (WFTX) The Lee County Manager announced Friday that the county has sustained a cyber attack, and they have shut down the county website while they investigate.

Before He Spammed You, this Sly Prince Stalked Your Mailbox (KrebsOnSecurity) A reader forwarded what he briefly imagined might be a bold, if potentially costly, innovation on the old Nigerian prince scam that asks for help squirreling away millions in unclaimed fortune: It was sent via the U.S. Postal Service, with a postmarked stamp and everything.

10 signs you're being socially engineered (CSO Online) Scammers will try to trick you and your organization's users into giving up credentials or other sensitive date. Be skeptical if you see any of these signs.

How to spot online dating scam and its never ending fakery (HackRead) Dating can be hard, especially when you’re doing it online. Swiping right can always give you that little niggle in the back of your head, “are they who they say they are?

Phishing email in garb of IT Department lurking in Indian cyberspace: Advisory (Moneycontrol) Indian Computer Emergency Response Team (CERT-In) is the national agency to combat hacking, phishing incidents and to fortify security-related defences of the Indian Internet domain.

Ransomware Strikes 49 School Districts & Colleges in 2019 (Dark Reading) The education sector has seen 10 new victims in the past nine days alone, underscoring a consistent trend throughout 2019.

Very strange Barclays bank Phishing Scam (My Online Security) We see lots of phishing attempts for email credentials. This one is quite strange and weird, It pretends to be a message from Barclays Bank to update card details. I don’t know what is happening but…

Security Patches, Mitigations, and Software Updates

Forcepoint Fixes Privilege Escalation Bug in Windows VPN Client (BleepingComputer) A vulnerability affecting all versions of Forcepoint VPN Client for Windows, save the latest release, can be used to achieve persistence and evade detection.

Extending free Windows 7 security updates to voting systems - Microsoft on the Issues (Microsoft on the Issues) Today, as part of Microsoft’s Defending Democracy Program, we are announcing that we will provide free security updates for federally certified voting systems running Windows 7 through the 2020 elections, even after Microsoft ends Windows 7 support. I would like to share more on why we help customers move away from older operating systems and...

The industry’s magic bullet for robocalls is currently useless on an iPhone (The Verge) STIR/SHAKEN comes to iPhones, but not in a useful way

The iOS 13 Privacy and Security Features You Should Know (Wired) Your iPhone just got a major security upgrade. Here are all the ins and outs.

Cyber Trends

Report: Use of AI surveillance is growing around the world (Naked Security) It’s not just China: at least 75 out of 176 countries globally are actively using AI technologies for surveillance purposes, research shows.

Payouts from insurance policies may fuel ransomware attacks (Baltimore Sun) The call came on a Saturday in July delivering grim news: Many of the computer systems serving the government of LaPorte County, Indiana, had been taken

Cyberattacks More Likely from Criminals Than Foreign Nations (Government Technology) Cyberattacks are more likely to come from criminals funded by U.S. enemies than from the enemies themselves, former National Security Agency Director Mike Rogers said at a recent symposium in Colorado.

Organizations continue to struggle with privacy regulations (Help Net Security) Many organizations' privacy statements fail to meet common privacy principles outlined in GDPR, CCPA, PIPEDA, according to OTA.

Employee Education Key for Small Business to Prevent Cyber Attacks (Small Business Trends) The latest Chubb survey aimed determine the understanding individuals had about their cyber risks. Here are the 2019 cybersecurity risk statistics.

Marketplace

The Air Force has 15 areas in cyber where it wants help (Fifth Domain) The Air Force is looking for broad contractor support across a wide range of cyber capabilities and services.

Huawei Confirms Another Nasty Surprise For Mate 30 Buyers (Forbes) Huawei has now corrected Mate 30 statements made by its consumer boss to the media. And this will be more unexpected bad news for customers.

We're on same page with government on 5G security: Huawei (The Economic Times) Huawei, which holds more than 2,500 standard essential patents for 5G, is widely recognised as a leader in the fifth-generation cellular technology.

Once Ripe for Taking, Computer Security Market Reveals Winners—and Losers—Cyber Saturday (Fortune) The "endpoint" cybersecurity era is ending—HP bought Bromium, VMware took Carbon Black, Symantec sale rumored—as winners like CrowdStrike arise.

Skout’s cybersecurity solution with Portlaoise HQ raises $25m (Silicon Republic) Founded by Irish entrepreneur Aidan Kehoe, Skout Cybersecurity has raised $25m in a Series B round led by ClearSky.

HP Acquires Endpoint Security Firm Bromium (CRN) HP's Bromium acquisition will bring the company virtualization-based endpoint security technology.

Palantir to seek at least $26 billion valuation in fundraising push (CNBC) Palantir Technologies is targeting a valuation of at least $26 billion in a private fundraising round, the first for the Peter Thiel-backed data analytics startup in four years, Reuters reported.

Palo Alto Networks Completes Acquisition of Zingbox (PR Newswire) Palo Alto Networks (NYSE: PANW), the global cybersecurity leader, today announced it has completed its...

Zscaler CEO shrugs off Palo Alto Networks comments: 'They feel the pain and they try to attack everyone' (CNBC) Zscaler CEO Jay Chaudhry tells Jim Cramer the company is "very bullish" about its prospects, despite competition for clients from Palo Alto Networks.

Commonwealth Bank: Australia is well-positioned to be a leader in cyber (ZDNet) The GM of the yellow bank's cybersecurity centre wants the nation to take advantage of its current position, and export cyber talent and innovation to the rest of the world.

CACI opening cyber R&D facility in Texas (Jane's 360) CACI International, which is based in Arlington, Virginia, plans to open an office in Port San Antonio, Texas, on 20 September to conduct research and development (R&D) on cyber security and cyber space.

US tech firm which pledged 88 jobs shuts Belfast offices (Irish News) A US cyber security firm which announced plans to create dozens of high paid jobs in an Invest NI backed move three years ago, has shut its offices in Belfast.

EY expands cybersecurity operations in Manila - The Manila Times (The Manila Times) EY, a global leader in assurance, tax, transaction and advisory services, recently announced the launch of its frontline cybersecurity center in Manila.

PAM Leader Remediant Appoints New Global Head of Channels (West) Channel Expert Bryan Copeland Launches Company’s First Channel Program to Meet Growing Demand for its Innovative SecureONE Offering

Products, Services, and Solutions

Denim Group's .threadfix now integrated with UBsecure's Vex web application scanner (Help Net Security) Denim Group, the leading independent application security firm, announced an integration with Japanese-based web application security company, UBsecure.

Avaya adopts hybrid cloud solutions from IBM to expand Avaya ReadyNow private cloud (Help Net Security) Avaya will adopt hybrid cloud solutions from IBM to help expand its Avaya ReadyNow private cloud unified communications and contact center offerings.

Indeni 7.0 reduces risk and improves agility of security infrastructure operations (Help Net Security) Indeni, the leader in Security Infrastructure Automation, announced the next generation of its Enterprise platform, Indeni 7.0.

Kaspersky launches new threat intelligence service (Telecompaper) Kaspersky released a new threat intelligence service to protect customers against ICS vulnerabilities.

Prey’s Scheduled Automations Streamline Mobile Device Management with Action-Triggered Responses (West) Lock and alarm laptops, phones and tablets during non-use hours

Technologies, Techniques, and Standards

How data breaches forced Amazon to update S3 bucket security (Help Net Security) The issue of S3 bucket security has come to a head with prominent data breaches affecting companies like Uber, Accenture and even the US DoD.

Dear network operators, please use the existing tools to fix security (ZDNet) The internet's security and stability would be significantly improved if network operators implemented protocols that were already written into technical standards and if vendors provided better tools for fixing security.

How Louisiana Responded to Its Recent Ransomware Attacks (Government Technology) Through quick response and an existing cyberthreat response system, the state managed to stave off what could have been a much more disastrous attack that would have affected twice as many communities.

Russian authorities bet on new equipment to enforce ban on Telegram (Intellibews) In the Siberian region of Tyumen, mobile operators are about to test special equipment to enforce the authorities’ ban on Telegram. As reported by ...

Why is Today’s SOC Ineffective? (Devo.com) Security Operations Centers are the nerve centers of cybersecurity programs. They serve a critical function by helping businesses improve their security posture by monitoring, detecting, and analyzing potential threats. But for a number of reasons, today’s SOCs are not doing this effectively. 

DISA teaming up with US Cyber Command on a zero trust lab (Federal News Network) Jason Martin at DISA said the agency is doing a better job in merging data to oversee and manage employee access to systems.

How the Air Force has reorganized its cyber staff (Fifth Domain) The Air Force released its cyber flight plan, aimed at guiding the service in the cyber realm for the next decade.

How to protect your company’s backups from ransomware (Security Boulevard) Backups are an important part of any ransomware disaster recovery plan - but how do you keep your backups safe? The post How to protect your company’s backups from ransomware appeared first on Emsisoft | Security Blog.

'We stopped WannaCry outbreak within two seconds,' says Darktrace's John Dyer (Computing) Intelligent network monitoring can't do much to prevent fast-propagating security threats unless the tool can also block them, says Dyer

Cameroon: ICT actors upgrade skills on management of cyberspace (Journal du Cameroun) ICT actors drawn from institutions in diverse sectors in Cameroon as well as those from the National Agency for Information and Communication Technologies, ANTIC have received training that would enable them upgrade their skills in the management of the cyberspace in Cameroon. This was at the third edition of a workshop on cyber risks assessment …

How To Keep Your Data Safe When Traveling With A Laptop (HackRead) When we travel, it’s rare we go without some form of electronic device, whether that be our smartphones, tablets or even laptops.

Design and Innovation

YouTube Rolls Back Verification Changes, Says Verified Creators Can Keep Their Badge (Variety) A day after announcing significant changes to its verification program, YouTube announced Friday afternoon that it won’t be de-verifying existing creators after all. “We heard loud and …

Google Tightens Its Voice Assistant Rules Amid Privacy Backlash (Wired) Following Apple, Amazon, and others, Google will put in new safeguards against accidental voice assistant collection and transcription.

‘I want to see this problem crushed’ – Mike Schroepfer, Facebook’s tech chief, on taming the monster he helped create (The Telegraph) Mike Schroepfer’s role at Facebook has changed a lot from its original job description.

Meet Facebook’s latest fake (TechCrunch) Facebook CEO Mark Zuckerberg, a 35-year-old billionaire who keeps refusing to sit in front of international parliamentarians to answer questions about his ad business’ impact on democracy and human rights around the world, has a new piece of accountability theatre to sell you: An “Overs…

Bitcoin Lightning Network Specs Pass First ‘Formal’ Security Test (Yahoo) A pair of researchers have released the results of a formal verification of the lightning network, saying it's "as secure as bitcoin."

Research and Development

Google Says It's Achieved Quantum Supremacy, a World-First: Report (Gizmodo) A Google researcher’s paper claiming to have achieved quantum supremacy, a major early milestone in the field of quantum computing, appeared on a NASA website this week before being removed, the Financial Times reports.

What Google’s Quantum Breakthrough Means for Blockchain Cryptography (Bitcoin News) We’ve been warned for years that a quantum computing breakthrough is just around the corner. When that day comes, we’re told, it could render existing

The NSA Is Running a Satellite Hacking Experiment (Defense One) Low Earth orbit will soon be awash in small satellites, and the national security community is increasingly concerned about their security.

Information gerrymandering and undemocratic decisions (Nature) In a voter game, information gerrymandering can sway the outcome of the vote towards one party, even when both parties have equal sizes and each player has the same influence; and this effect can be exaggerated by strategically placed zealots or automated bots.

Academia

Southeast Creates Institute for Cybersecurity (Southeast Missouri State University) A new Institute for Cybersecurity is being created at Southeast Missouri State University to further research, education and service activities in this growing high-need field of study.

Butler Community College Receives Federal Designation of Excellence for Cybersecurity (KFDI 101.3) The National Security Agency and Department of Homeland Security have designated Butler Community College as a National Center of Academic Excellence in cybersecurity defense. The designation is through the 2024 academic year. Butler students can earn a certificate

Penn College faculty address shortage in cybersecurity professionals (NorthcentralPA.com) Williamsport – There is a critical shortage of cybersecurity professionals, according to Pennsylvania College of Technology faculty, and Penn College has developed a program to introduce the field to students--as

Australia cyber news: schools program in South Australia to bolster cyber workforce (The Lead SA) Schools Cyber Security Challenges in high schools to further cement South Australia’s growing expertise in the cyber security industry.

Inside Oxford University’s spin-out factory as it grapples with the Woodford fallout (The Telegraph) The dreaming spires of Oxford have lured academics for centuries.

Goa cops sensitise students on cybercrime (Times of India) Education News: The Cyber Crime Cell (CCC) of Goa police on Saturday held an awareness programme for around 500 students in Panaji.

Legislation, Policy, and Regulation

U.S. Sanctions Iran’s Central Bank, Says It Will Send Military Forces to Saudi Arabia (Wall Street Journal) The U.S. said it would send military forces and hardware to Gulf allies and moved to sever some of Iran’s last ties to world markets on Friday, while preparing to outline a case for international action next week when world leaders gather at the United Nations.

U.S. Secretary of Defense urges NATO allies to block Chinese-built 5G tech - CyberScoop (CyberScoop) U.S. Secretary of Defense Mark Esper is calling on allies in the North Atlantic Treaty Organization to bar Chinese companies from developing 5G networks there, reiterating an American argument that largely has failed to convince European countries to blacklist telecommunication firms with ties to Beijing. Esper, in a speech Thursday at the Cybersecurity and Infrastructure Security Agency summit in Maryland, said “every Chinese company has the potential to be an accomplice in Beijing’s state-sponsored campaign to steal technology.”

Analysis | The Cybersecurity 202: How Huawei aims to convince U.S. companies it's not a Chinese spying tool (Washington Post) The telecom is taking its fight from the courtroom to the private sector.

Huawei Seeks To Minimize Links To China At FCC (Law360) Chinese technology giant Huawei is stepping up efforts to convince U.S. officials it has no direct ties to the Chinese government, telling the Federal Communications Commission this week that many telecom companies have dealings with the superpower without being viewed as national security concerns to the U.S.

Seoul's defense chief vows beefed-up efforts against growing cyberthreats from N. Korea (Korea Herald) Defense Minister Jeong Kyeong-doo said Friday that threats in cyberspace posed by North Korea and other entities have been growing and vowed efforts to bolster the country's cyber operations capabilities.Jeong made the remark during a conference on defense cybersecurity held in Seoul earlier in the day."Even at this moment, cybersecurity threats are increasing from all directions, as North Korea and other uniden...

Taiwan to test cyber defense in first joint exercise with US (Focuse Taiwan) Taipei, Sept. 22 (CNA) Taiwan will soon test its cyberwar defense capabilities in the first-ever Cyber Offensive and Defensive Exercises to be held with the United States in November, Vice Premier Chen Chi-mai (陳其邁) told CNA Sunday.

Microsoft president Brad Smith calls for international convention to tackle 'unstoppable' rise of killer robots (Computing) US, Russia, China, Israel, and South Korea are all working on autonomous weapons systems

Esper Describes DOD's Increased Cyber Offensive Strategy (U.S. DEPARTMENT OF DEFENSE) Cyberspace is a warfighting domain, and the U.S. military must take an active role in defending the country and its allies from threats in that realm, Defense Secretary Mark T. Esper said.

The Urgent Search for a Cyber Silver Bullet Against Iran (New York Times) As the United States weighs possible cyberattacks against Iran, it is looking for options that would deter Tehran from further strikes but avoid creating more conflict in the region.

Air Force unveils 10-year cyber warfare plan (FCW) In tandem with creating a new information warfare command, the Air Force released a new strategy to address digital warfare over the next decade.

'No more away games': Former Cyber Command official says Russia and China have leveled the playing field (CyberScoop) A former cyber command official said Thursday that China and Russia’s use of cyberattacks has upended the way the U.S. military thinks about warfare.

Facebook Libra rejected by France as “dangerous” (Naked Security) France finance minister: Libra won’t be allowed onto European soil.

Microsoft poses threat to Germany's digital sovereignty, warns study (ZDNet) German government is too dependent on "single software providers", but changing that will be difficult and costly.

Sen. Warner Calls Huawei 5G Threat “Unprecedented” (MeriTalk) Sen. Mark Warner, D-Va., ranking member of the Senate Intelligence Committee, said today that the threat posed by Chinese government-supported network equipment makers including Huawei to the global 5G communications ecosystem is unprecedented. One solution to displace Huawei equipment from communications networks, the senator said, may be government-industry cooperation to make cheaper communications gear available to carriers.

US unlikely to soften stance on China under new security adviser (South China Morning Post) Robert O’Brien is less experienced that his predecessor so Donald Trump is expected to continue to drive foreign policy.

The key to success for the Cybersecurity and Infrastructure Security Agency’s vision? Action (Fifth Domain) We can no longer think about cyber vulnerabilities after they’re breached by malicious actors.

CISA stepping into cybersecurity coordinator role as agencies improve cyber hygiene (Federal News Network) Federal Chief Information Security Officer Grant Schneider, speaking Thursday at the Cybersecurity and Infrastructure Security Agency’s summit, said agencies have “come a long way” on cybersecurity, and pointed to overall higher FISMA and FITARA scores as evidence that government has turned a corner on cyber.

Will Bolton's ouster mean a comeback for the top White House cyber job? (FCW) The top cyber official at DHS said his agency is already taking on many of the defunct White House cybersecurity coordinator's old responsibilities.

A Peek Inside the ‘Puzzle Palace’ (Foreign Policy Research Institute) Created by a secret directive of President Harry Truman in 1952, the National Security Agency (NSA) is America’s largest, most expensive, and most secretive intelligence organization. For years, it was an accepted shibboleth within its Fort Meade, MD, headquarters that the acronym “NSA” stood for “No Such Agency”—which happened to…

How the Air Force has reorganized its cyber staff (Fifth Domain) The Air Force released its cyber flight plan, aimed at guiding the service in the cyber realm for the next decade.

New Mexico plans cyber unit to fight domestic terrorism (Farmington Daily Times) The unit would train law enforcement to identify potential threats to schools and other public gathering places, as well as investigate threats.

Poll: Two-thirds of Americans want to break up companies like Amazon and Google (Vox) Turns out breaking up Big Tech is super popular.

“Grassroots” anti-Amazon nonprofit turns out to be retailer astroturfing (Ars Technica) Competitors are throwing everything at the wall to slow the Amazon juggernaut.

Air Force Creates 16th Air Force (SIGNAL Magazine) In the next month or so, the U.S. Air Force will be standing up its latest Numbered Air Force, the 16th Air Force, leaders report.

States Try to Stop Political Deepfake Videos (Nextgov.com) State lawmakers are increasingly focused on deceptively edited videos, a pervasive technology that advocates say has the potential to disrupt elections. But are bans constitutional?

Litigation, Investigation, and Law Enforcement

Huawei CFO Awakens Canadians to the Long, Strong Arm of China (Bloomberg) Trudeau pushes engagement despite blowback in extradition case,. Hearing comes amid growing unease over Beijing’s influence.

Secret Service Investigates Breach at U.S. Govt IT Contractor (KrebsOnSecurity) The U.S. Secret Service is investigating a breach at a Virginia-based government technology contractor that saw access to several of its systems put up for sale in the cybercrime underground, KrebsOnSecurity has learned.

Adam Schiff threatens to defund intel community unless Trump whistleblower details disclosed (Fox News) As President Trump faces media scrutiny over a phone call he held with an unspecified foreign leader, Rep. Adam Schiff, D-Calif., said he may seek to withhold funds from the intelligence community unless they disclose the full contents of the conversation. 

Iowa Senate committee to meet over courthouse break-ins (1040 WHO) The Iowa Senate Oversight Committee will hold a meeting to review the handling of recent break-ins at Polk and Dallas County courthouses.

Iowa officials claim confusion over scope led to arrest of pen-testers (Ars Technica) Rules of engagement covered courthouse and authorized lock picking.

Law firm to investigate Iowa courthouse break-ins by individuals hired to test security (Des Moines Register) Faegre Baker Daniels was hired to investigate the Sept. 9 and Sept. 11 break-ins which "appear to have happened during security testing exercises."

Iowa officials claim confusion over scope led to arrest of pen-testers (Ars Technica) Rules of engagement covered courthouse and authorized lock picking.

The Mounties get their man, and he's one of their own (The Hill Times) We must remind ourselves that all of this is alleged and not proven. Cameron Ortis is, of course, innocent until any of this is demonstrated beyond a reasonable doubt. It does not look good, but we must wait and see. Even if the details are salacious.

Defence lawyer awaiting information from Crown in RCMP secrets case (LethbridgeNewsNOW) A lawyer for an RCMP employee charged with breaching the official-secrets law says he is awaiting...

Cyber Stalking: What You Need to Know Before Hitting Send (Daily Business Review) While our iPhone and android devices give us virtually unlimited freedom to communicate with anyone at any time, the downside inevitably has been that electronic communications are often sent hastily, emotionally, and, are not always welcome by the recipient.

FBI Served Secret Subpoenas to a Video Game Developer, Antivirus Maker, and More (Gizmodo) The names of more than 120 companies secretly served FBI subpoenas for their customers’ personal data were revealed on Friday, including a slew of U.S. banks, cellphone providers, and a leading antivirus software maker.

After 6 Years in Exile, Edward Snowden Explains Himself (Wired) In a new memoir and interview, the world’s most famous whistle-blower elucidates as never before why he stood up to mass surveillance—and his love for an internet that no longer exists.

“Never Be Ashamed:” Why I Decided Not To Delete My Old Internet Posts (The Intercept) In this excerpt from his memoir, the NSA whistleblower describes his realization that no one should have to “pretend to be perfect.”

The Mysterious Death Of The Hacker Who Turned In Chelsea Manning (NPR) Adrian Lamo was a hero in the hacker community for years. Everything changed when he began exchanging messages with U.S. Army intelligence analyst Chelsea Manning.

FBI cracks $3m Kenyan cyber scam (The East African) Modern criminals have ditched the ski mask and getaway vehicle for computers. 

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Industry 4.0 - Industrial Cyber Security and Industrial IoT (Chicago, Illinois, USA, September 23 - 24, 2019) The emergence of new digital industrial technology is a transformation to gather and analyze data across machines enabling faster, more flexible, and more efficient processes to produce higher-quality...

GlobalPlatform Technical Workshop (Shenzhen, China, September 24 - 25, 2019) GlobalPlatform is hosting two free-to-attend workshops in Shenzhen, China on 24th and 25th September. Both workshops will focus on device security and the deployment and use of secure devices. The agendas...

2019 FAIR Conference (National Harbor, Maryland, USA, September 24 - 25, 2019) Hosted by the FAIR Institute and our sponsoring partners, the 2019 FAIR Conference brings leaders in information and operational risk management together to explore best FAIR practices that produce greater...

SecureWorld New York (New York, New York, USA, September 25, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event...

Little Rock Cybersecurity Conference (Little Rock, Arkansas, USA, September 26, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.