skip navigation

More signal. Less noise.

MVISION Insights: Move Beyond Intelligence to Insights that Empower You to Change Your Environment.

Harnessing the power of one billion threat sensors worldwide, McAfee designs security fueled by Insights. MVISION Insights enables you to move beyond intelligence and empowers you to change your environment. Identify with Machine Learning. Defend and correct with Deep Learning. Anticipate with Artificial Intelligence. Move your security out of reactive mode to a proactive posture. McAfee, the device-to-cloud cybersecurity company. Go to McAfee.com/insights to learn more.

Daily briefing.

The Democratic Party continues to count the Iowa caucus results. As we write, those results remain incomplete, with 71% of the precincts accounted for. The problems at the caucus are attributed not to hacking, the Washington Post reports, but to a buggy, inadequately tested app produced by Shadow, effectively a for-profit tech arm of the progressive Washington not-for-profit consultancy ACRONYM. Sources at the Democratic National Committee say they warned Iowa not to try to run the caucus through the app; CISA says it offered to test the app but was turned down by the Iowa party. Iowa Democrats "rebuffed" the warning and say they didn't know about CISA's offer, according to the Washington Post.

There aren't many lessons about election security to be drawn from Iowa, because the caucus isn't conducted like an election and doesn't use standard voting machinery. But two at least are worth considering. First, don't deploy election software until it's thoroughly tested (and Shadow's app seems hardly to have been tested at all, judging from the Wall Street Journal's account). Second, a technical problem, even if it's an innocent mistake, erodes trust and spawns unfounded rumors (what the Washington Post calls "a cesspool of toxic...conspiracy theories").

PerimeterX reports finding a major vulnerability in the WhatsApp desktop platform.

Reuters says that emails spoofing the accounts of journalists are being used to prospect targets with bogus approaches for interviews. It appears to be an espionage campaign, and the circumstantial evidence of targets and topics suggests an Iranian operation.

Notes.

Today's issue includes events affecting Canada, China, India, Iran, Israel, Lithuania, Russia, United Kingdom, United States.

Bring your own context.

When a start-up pitches a potential investor and is turned down, is that the end of the story?

"Like most investors, I invest in a relatively small subset of what is originally pitched to me. But I generally don't say, you know, you're not the right guy for me, no need to talk further. That's not generally how it ends. It's me providing them with feedback to say, hey, this isn't right for me or it's not right for me at this time and here's why. And, you know, here's the things that would make me be interested. It is pretty common that I talk to people six months later, and sometimes I do have a different opinion at that point."

—Michael Sutton, founder of StoneMill Ventures, on the CyberWire Daily Podcast, 1.31.20.

"You're dead to me" may be snazzy television when they say it on Shark Tank, but take heart: that's not the way things usually end.

Coming soon: CyberWire Pro.

Our new subscription program, CyberWire Pro, will be available soon. Designed for cyber security professionals and others who want to stay abreast of our rapidly evolving industry, CyberWire Pro is a premium news service that will save you time and keep you informed. Learn more and sign up to get launch updates here.

Aerospace news worthy of attention.

If you're interested in space and communications (technology, policy, business, and operations), take a look at Cosmic AES Signals & Space. Produced in partnership with the CyberWire, Signals & Space offers a monthly overview of news in this sector.

Investigating China’s Disinformation Campaigns

Cyber influence campaigns have plagued countries across the globe in the past few years, with foreign policy objectives, economic goals, and public opinion caught in the crossfire. LookingGlass researchers have tracked over 2000 People’s Republic of China-related influence operators on Twitter to better understand the current landscape. In our next webinar, Tom Creedon will explore these findings to gain an understanding of operator account patterns and targets. Save your seat for February 6 at 1pm ET.

In today's CyberWire Daily Podcast, out later this afternoon, we hear from our partners at Cisco Talos as Craig Williams shares updates on Emotet. Our guest, Kurtis Minder from GroupSense, weighs the pros and cons of notifying breached companies.

Caveat is up. In this edition, "And the heat goes on," Dave shares a piece from the Verge about Amazon trying to have its cake and eat it, too when it comes to product liability. Ben has developments on the ClearView facial recognition story the New York Times recently broke, and later in the show our conversation with Mike Overly from Foley & Lardner on cybersecurity in aviation.

Suits & Spooks (Washington, DC, United States, February 6 - 7, 2020) Suits & Spooks DC is the only international security summit where the attendees and speakers from government agencies and technology companies engage in discussion and debate of security challenges. World-class speakers describe their vision of future threats and leading-edge companies will exhibit novel solutions. Get 15% off with discount code cyberwire15.

Cyber or Cleared Job Fair, February 13, San Antonio. (San Antonio, Texas, United States, February 13, 2020) Cleared and non-cleared cybersecurity pros make your next career move at the Cyber or Cleared Job Fair, February 13 in San Antonio. Meet face-to-face with leading cyber employers. Visit our site for more details.

CyCon 3.0 (Sterling, Virginia, USA, February 15, 2020) Join us at this upcoming cybersecurity event in Loudoun, VA with a full lineup of industry experts, speakers and federal contractors presenting on cutting-edge topics in the domain of cyber. This event is FREE for everyone! Register today!

RSAC 2020 (San Francisco, California, United States, February 24 - 28, 2020) Connect to the people and ideas that matter. To your growth. To your organization. At RSAC 2020, February 24 – 28, explore current and emerging trends, gain valuable skills and network with peers. Register today!

Cyber Attacks, Threats, and Vulnerabilities

Exclusive: Iran-linked hackers pose as journalists in email scam (Reuters) When Iranian-born German academic Erfan Kasraie received an email from The Wall ...

Iowa caucuses descend into chaos as delay leaves outcome uncertain (Washington Post) The long-anticipated Iowa caucuses turned into a debacle Monday night when technical problems delayed the results, prompting presidential candidates to depart before the outcome was clear, spurring one campaign to challenge the integrity of the process and producing a muddled situation instead of what Democratic leaders hoped would be a decisive beginning to their attempt to oust President Trump.

Here’s a List of Everything That Went Wrong at the Iowa Caucuses (New York Times) An app used to record votes was faulty and largely untested, but the glitches weren’t the only reasons for a major delay in results in the first-in-the-nation presidential contest.

Testing Could Have Prevented Iowa Caucus App Failure, Experts Say (Wall Street Journal) A glitch in a mobile app used to transmit results from the Iowa presidential caucuses could have been avoided with basic due diligence, chief information officers, analysts and researchers said.

The Cybersecurity 202: Iowa caucus app is latest example of politicos building faulty technology with disastrous results (Washington Post) The Iowa caucus debacle is just the latest example of politicos building faulty technology -- with serious political consequences.

How tech firm Shadow sought to revolutionize Democratic campaigns — but stumbled in Iowa (Washington Post) A perfect storm of coding mishaps and human errors hamstrung Shadow’s operations at the Iowa caucus.

Iowa’s Tally-by-App Experiment Fails (Wall Street Journal) Confusion and frustration buffeted Democratic Party officials and activists in Iowa after a new mobile app and a backup phone-in plan for reporting results malfunctioned, delaying the outcome from the first-in-the-nation Democratic presidential caucuses.

The 1,600 Volunteers Who Were Supposed to Make the Iowa Caucuses Run Smoothly (New York Times) State Democrats introduced an app to record results in 2020. What followed was an epic collapse of the rickety system they have relied on for decades.

Iowa Democratic Party chairman says he had 'no knowledge' of DHS offer to vet vote app (TheHill) The head of the Iowa Democratic Party said Tuesday he had “no knowledge” of a reported offer by the Department of Homeland Security’s (DHS) cyber agency to vet the vote tabulation app that caused delays during the Iowa caucuses on Monday

Our View: Iowa Caucuses| State party failed its responsibility (Mankato Free Press) Iowa caucus results remained deep in the bowels of glitchy technology 18 hours after the country expected they would be released, and Iowa’s status as the first to report presidential

Social media was a cesspool of toxic Iowa conspiracy theories last night. It’s only going to get worse. (Washington Post) Nature abhors a vacuum. And so does Twitter.

FBI Warns of DDoS Attack on State Voter Registration Site (BleepingComputer) The US Federal Bureau of Investigation (FBI) warned of a potential Distributed Denial of Service (DDoS) attack that targeted a state-level voter registration and information site in a Private Industry Notification (PIN) released today.

A view of how DDOS weapons have evolved (Intelligent CIO) Throughout 2019, DDoS attacks continued to grow in frequency, intensity and sophistication. However, the delivery method of using infected botnets and vulnerable servers to perform crushing attacks on a massive scale has not changed during that time.

This is not Huawei to reassure people about Beijing's spying eyes: Trivial backdoor found in HiSilicon's firmware for net-connected cams, recorders (Register) Crap security? Shocked, shocked, we tell you

Armis Discovers 5 Zero-day Vulnerabilities in Cisco’s Discovery Protocol Impacting Tens of Millions of Enterprise-grade Devices (Armis) Vulnerabilities Could Allow Attackers to Remotely Take Over Devices such as IP Phones Found Almost Everywhere from Conference Rooms to Trading Floors to Government Offices

HorseDeal Riding on The Curveball! (Quick Heal Blog) It’s surprising to see how quickly attackers make use of new vulnerabilities in malware campaigns. Microsoft recently patched a very interesting vulnerability in their monthly Patch Tuesday update for January 2020. It’s a spoofing vulnerability in Windows CryptoAPI (Crypt32.dll) validation mechanism for Elliptic Curve Cryptography (ECC) certificates. An attacker could...

Google bug saw videos sent to archives of the wrong users (ZDNet) The individual is now responsible for deleting copies of a video belonging to someone else that they might be in possession of.

Google admits it sent private videos in its Photos app to strangers  (The Telegraph) Google has admitted to sending private videos uploaded by users to its Photos app to strangers in an embarrassing blunder for the search giant.

PerimeterX Researcher Finds Vulnerability in WhatsApp Desktop Platform (PerimeterX) PerimeterX researcher finds gap in Content Security Policy (CSP) used by WhatsApp, enabling bypasses and cross site scripting (XSS) on desktop application

Critical Security Flaw Found in WhatsApp Desktop Platform Allowing Cybercriminals Read From The File System Access (PerimeterX) Critical Security Flaw Found in WhatsApp Desktop Platform Allowing Cybercriminals Read From The File System Access

Realtek HD Audio Driver Package - DLL Preloading and Potential Abuses (CVE-2019-19705) (SafeBreach) SafeBreach Labs discovered a new vulnerability in the Realtek HD Audio Driver Package, which is deployed on PCs containing Realte…

Sudo Bug Lets Non-Privileged Linux and macOS Users Run Commands as Root (The Hacker News) New Sudo Security Vulnerability (CVE-2019-18634) Could Let Non-Privileged Linux and macOS Users Run Commands as Root

Coronavirus Phishing Attack Infects US, UK Inboxes (Dark Reading) Cybercriminals capitalize on fears of a global health emergency with phishing emails claiming to offer advice for protecting against coronavirus.

Spam Campaign Leveraged RTF Documents to Spread Infostealers (The State of Security) A spam campaign leveraged malicious RTF documents to distribute notorious infostealers including Agent Tesla and Lokibot.

UK Council websites are letting citizens be profiled for ads, study shows (TechCrunch) On the same day that a data ethics advisor to the UK government has urged action to regulate online targeting a study conducted by pro-privacy browser Brave has highlighted how Brits are being profiled by the behavioral ad industry when they visit their local Council’s website — perhaps…

Surveillance on UK council websites (Brave) People visit council websites to seek help and services.

Hackers Stole and Encrypted Data of 5 U.S. Law Firms, Demand 2 Crypto Ransoms (Cointelegraph) Hackers compromised five United States law firms this week, demanding two $933,000 ransoms for restoring and not publishing data.

Golden Entertainment addresses data breach (CasinoBeats) Golden Entertainment has notified customers, employees, and vendors of an incident involving unauthorised access to employee' email accounts. Golden Entertainment has since addressed the issue and released a notice which details the incident, the measures taken,

ITI Technical College latest victim of ransomware attacks (WAFB) A ransomware attack has “hampered but not paralyzed” operations at ITI Technical College in Baton Rouge, college Vice-President Mark Worthy said Monday.

In an unprecedented move, Twitter gave a state university access to a student's parody account after it complained that he was mocking the school (Business Insider) A student at SUNY Geneseo had his parody Twitter account mocking the college given to the school, raising concerns of censorship and improper access.

Break-in leads to Behavioral Health Services data breach; police investigation under way (Lake County News) On Tuesday, officials reported that a county-owned clinic was the target of a burglary nearly two months ago that has since been discovered to have led to a breach of personal information for an estimated 1,200 people.

Global Medical Data Breach:120 Million Indian Patients' Details Available On Internet For Free (The Logical Indian) In the first report which was published in October last year, the massive data leak contained images of CT scans, X-rays, MRIs and even patients’ photographs.

Toll held to ransom as cyber attack stalls deliveries (Australian Financial Review) Logistics giant Toll is attempting to recover from a ransomware cyber attack, which has caused it to shut down online systems and delayed thousands of deliveries.

Deliveries stranded across Australia as Toll confirms ransomware attack (ZDNet) The targeted attack has forced the company to disable its systems and revert to manual processes, causing delays across the country.

Travelex Hack Raises A Red Flag On VPN Security (Global Finance Magazine) Foreign exchange firm gets hacked via its VPN provider.

AutomationDirect C-More Touch Panels (CISA) 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: AutomationDirect Equipment: C-More Touch Panels EA9 Series Vulnerability: Insufficiently Protected Credentials 2.

These electronic devices might not be designed with cyber security in mind (Canadian Underwriter) Ransomware and privacy breaches may be among the top cyber threats on your radar, but are you aware of all of the connected manufacturing and other industrial control systems that may be at risk, a commercial insurer warns. “These production…

Phishing attack exposes data for over 5,000 people at St. Louis Community College (KMOV) A series of email phishing attacks gave cybercriminals access to thousands of St. Louis Community College students’ private data.

No evidence of data breach from cyber attack says Tissue Regenix (Proactiveinvestors UK) Any associated costs of the system restoration are unlikely to be material to short-term cash flow

Security Patches, Mitigations, and Software Updates

Twitter bans 'deepfakes' and 'cheap fakes' (The Telegraph) Twitter has banned "deepfakes", or manipulated videos, as it battens down the hatches for a misinformation offensive expected ahead of this year’s US presidential election.

Office 365 to Block Harmful Content Regardless of Custom Configs (BleepingComputer) Microsoft is currently working on new features designed to block malicious content in Office 365 regardless of the custom configurations set up by administrators or users unless manually overridden.

Intel Releases New Microcode Updates for old CPU Bugs (Tom's Hardware) The update is available for both consumer and server versions of Windows 10 build 1903, but users need to install it manually.

Cyber Trends

The Top 10 Vulnerabilities Used by Cybercriminals in 2019 (Recorded Future) Read our vulnerability report to get recommendations for protecting your organization against the highest-trending vulnerabilities.

Nuspire Report: Cyberattackers Took a Holiday in Preparation for 2020 (Nuspire) Quarterly threat report finds popular attack methods decreased at the end of 2019 as attackers retool their tactics and gear up for the year ahead

Analysis | The Cybersecurity 202: Iowa caucus debacle shakes public confidence in 2020 security (Washington Post) It highlights how an election can be undermined even without hacking.

New EMA Research Examines the Detection and Prevention of Automated Bot Attacks (Yahoo) Enterprise Management Associates (EMA™), a leading IT and data management research and consulting firm, released a new research report titled "The Imitation Game: Detecting and Thwarting Automated Bot Attacks" based on criteria defined by Paula Musich, research director of security and risk

The fight against cyber crime: Why cooperation matters (ComputerWeekly) With the WEF’s Global Risk Report 2019 ranking cyber attack in the top five global risks, we now see rising consensus at institutional level that no individual stakeholder can address the breadth of security challenges we face today.

8 of the 10 Most Exploited Bugs Last Year Involved Microsoft Products (Dark Reading) Six of them were the same as from the previous year, according to new Recorded Future analysis.

These are the top ten software flaws used by crooks: Make sure you've applied the patches (ZDNet) Hackers are exploiting many of the same security vulnerabilities as last year and they all impact Microsoft Windows products - but a bug in Adobe Flash was the most exploited in 2019.

Where cybersecurity misses the mark, yet again (Computing) Esoteric cyber threats posed by countries like Iran and North Korea may grab the headlines, but distract from real security issues, argues Tanium's Orion Hindawi

Prevailion's Apex Global Cyber Report: Q4 2019 (Prevailion) Prevailion’s Apex Report: Q4 2019 See Global Cyber Infection Prevailion’s first Apex Report demonstrates its unique visibility into the top compromised industries. The first in our series of quarterly reports shows evidence of compromise by threat actor campaigns that have infested organizations and industries all around the world. Download this report to see: The top …

Hackers Pose Increasing Risk to Medical Research Data (Data Breach Today) The intellectual property, including research results, of biotechnology companies and other medical organizations is increasingly a target for hackers, who

Marketplace

'We've created a privacy industry': California law fuels wave of startups (NBC News) Privacy-focused technology companies are offering a variety of services, from personal data scrubbing to business-focused software meant to help companies comply with the law.

Tech company behind Iowa caucus app has ties to D.C. (Washington Business Journal) Shadow Inc. was launched by D.C.-based Acronym in 2019.

Investors Rush to Scrub Ties to Firm Behind Iowa Clusterf*ck (The Daily Beast) The frantic cleanup put a microscope on one of Democratic Party’s fastest-rising digital stars.

Inside Acronym’s disastrous foray into the Iowa caucuses: “Far and away the most disorganized place I’ve ever been a part of.” (The Outline) Shadow, a branch of the glossy digital strategy startup, was a mess from the start.

Iowa caucus: Former Hillary Clinton staff revealed to be behind ‘Shadow’ app that caused chaos (Yahoo News) The team behind the disastrous app used in the Iowa election app has been revealed.The app, created by a startup named Shadow, was supposed to be used to co-ordinate information from the caucuses and allow organisers to send results back to the party. But it crashed repeatedly through the night, and

Automox Fuels Up to Solve One of the Most Pervasive Threats in Cybersecurity: Unpatched, Misconfigured and Out-of-Date Systems (Yahoo) Automox fuels up to solve one of the most pervasive threats in cybersecurity: unpatched, misconfigured and out-of-date systems.

As threats grow, NYC launches $100 million Israeli-run cybersecurity hub (Times of Israel) City picks Jerusalem Venture Partners to manage new tech hub in downtown Manhattan, with hopes to create thousands of jobs to boost online security for companies and individuals

Fearing a Stagnating Cyber Ecosystem, Elron’s VP of Cyber Evaluate Israel’s Next Steps (Global Security Mag Online) As Israel’s cyber ecosystem continues into a new decade, it is facing a 33% decline in new startups alongside the increased global competition. “Nothing runs on its own without energy. We must fuel innovation, boldness, and ingenuity,” said Zohar Rozenberg, VP of Cyber Investments at Elron.

Aon acquires Cytelligence, a leading international cyber security firm with deep expertise in cyber incident response and digital forensic investigations (PR Newswire) Aon plc (NYSE: AON), a leading global professional services firm providing a broad range of risk, retirement and health solutions, announced...

Aon Acquires Canadian Cyber Security Firm Cytelligence (Insurance Journal) Insurance broker Aon reported it has acquired Cytelligence Inc., a Canadian-based cyber security firm that provides incident response advisory, digital

HPE ups its security game with Scytale acquisition (ARN) HPE has hedged its bets on a fledgling cyber security start-up in an effort to ramp up its service authentication offering.

There’s business sense in avoiding takeovers, CyberArk CEO tells SC (SC Magazine) The Israeli company CyberArk belongs to the growing pack of private cyber-security companies that has chosen to avoid takeover offers and build its own business

Investing in Cyber Security: A Beginner’s Guide (The Motley Fool Canada) Beginners may want access to the exciting cyber security market, which they can achieve by investing in stocks like BlackBerry Ltd. (TSX:BB)(NYSE:BB) and others.

Thycotic reports 67% rise in revenue (Channel Life) The company's sales were also up by 35% year on year, with staff numbers also rising by 50%.

DarkOwl LLC and CyberQ Group Announce Strategic Partnership (WebWire) DarkOwl LLC, a Denver-based cybersecurity company specializing in darknet data, is proud to announce a new partnership with CyberQ Group.

Vodafone will remove Huawei from its core networks (Reuters) Vodafone, the world's second largest mobile operator, will remove equipment...

Malwarebytes Attracts Former Dropbox CMO to Board of Directors (PR Newswire) MalwarebytesTM, a leading advanced endpoint protection and remediation solution provider, today announced that it has added Carolyn Feinstein...

Ex-Obama official exits Israeli spyware firm amid press freedom row (the Guardian) Juliette Kayyem has left NSO, which denies its technology has been used to target activists

INSA Taps Sue Gordon to Serve as Senior Intelligence Advisor (Homeland Security Today) The Intelligence and National Security Alliance (INSA) has announced that The Honorable Susan M. Gordon, former Principal Deputy Director of National Intelligence, will serve as a senior intelligence advisor to the organization.

Products, Services, and Solutions

STEALTHbits Offers Free Solution in Response to Microsoft’s 2020 LDAP Channel Binding and LDAP Signing Requirement for Windows (BusinessWire) STEALTHbits is offering a free solution in response to Microsoft’s 2020 LDAP channel binding and LDAP signing requirement for Windows.

CRITICALSTART Introduces TEAMARES Red and Blue Security Teams (PR Newswire) CRITICALSTART, a leading provider of Managed Detection and Response (MDR) services, today introduced TEAMARES, a new organization that will...

F-Secure Releases New Version of Flash Drive-Sized Computer (Financial IT) Cyber security provider F-Secure’s hardware security professionals at F-Secure Foundry have created a new version of the USB armory – a computer on a USB stick built from the ground up to be secure. The USB armory Mk II entrenches security in its lowest levels and is suitable for a wide range of applications – such as custom hardware security modules, cryptocurrency wallets, secure authentication and licensing tokens, and more – that need the efficiency and flexibility of an embedded computer without sacrificing security.

The NSA says... (Bitglass) The NSA has released its latest recommendations on how organizations should secure their cloud assets. Check out our latest blog for more information!

Technologies, Techniques, and Standards

New EmoCheck Tool Checks if You're Infected With Emotet (BleepingComputer) A new utility has been released by Japan CERT (computer emergency response team) that allows Windows users to easily check if they are infected with the Emotet Trojan.

How companies legally harvest your data — and how to stop them (Reincubate) Online data collection is increasingly insidious and continuous. This article aims to help you protect your data by making you aware of how your data is vulnerable, and we share some tips on what you can do to help keep your data secure.

Want to See What Port Is Most Commonly Used in a Packet Capture File? (Active Countermeasures) Video – See What Port Is Most Commonly Used in a Packet Capture File

US could learn how to improve election protection from other nations (The Conversation) Around the world, elections are under attack. U.S. officials could learn from other countries about how to ensure everyone's vote is recorded and counted accurately.

Lessons Learned From The Iowa Caucuses, And Danger Signs Ahead (NPR.org) As Democrat Party officials and election security experts dissect what happened Tuesday in Iowa, concerns are growing that similar failures could occur elsewhere.

The Iowa caucus debacle shows why tech and voting don’t mix (The Verge) In a digital world, elections are one place where there’s good reason to stay analog

Why many security pros lack confidence in their implementation of Zero Trust (TechRepublic) Almost half of security professionals don't know where or how to use Zero Trust policies in a hybrid IT environment, says a survey commissioned by security provider Pulse Secure.

Companies Pursue Zero Trust, but Implementers Are Hesitant (Dark Reading) Almost three-quarters of enterprises plan to have a zero-trust access model by the end of the year, but nearly half of cybersecurity professionals lack the knowledge to implement the right technologies, experts say.

Why we need Layer 8 for Application Security (CISO MAG | Cyber Security Magazine) While not official, Layer 8 (and sometimes 9 and 10) is often referred to as the Human Layer. This is the layer where people become part of the communication structure.

Work hard... at not getting your phone compromised (ZDNet) Amazon CEO Jeff Bezos' phone was reportedly hacked. Find out some details to help organizations defend against intelligence services targeting corporate executives.

How Law Firms Can Prevent Phishing and Malware (The National Law Review) Law firms harbor information directly linked to politics, public figures, intellectual property, and sensitive personal information. Because lawyers rely on email to manage cases and interact with cli

The benefits and challenges of data democratisation (Computing) Organisations of every size and type are grappling with the impacts of digitisation and the rise of the data economy. In this environment, IT leaders need to...

Why should you use correlation rules on top of traditional signatures? (AT&T Cybersecurity) The AT&T Cybersecurity Alien Labs team is in charge of writing correlation rules and releasing threat intelligence updates on a day-to-day basis. When researchers in the team find new malware families or threats, we always try to find the best approach to keep our customers protected. In this blog, we will look into some of the differences between signatures and correlation rules.

Design and Innovation

NIST tests methods of recovering data from smashed smartphones (Naked Security) Criminals have found to their cost that reducing a device to a pile of rubble means nothing if the internal chips are still in working order.

Legislation, Policy, and Regulation

Lithuania: Biggest Threats Come From Russia, China (New York Times) Russia and China pose the greatest threats to national security of Lithuania, according to an intelligence report published by the Baltic nation on Tuesday.

Canadian governments give Huawei millions in funding while debate rages over its 5G role (National Post) Critics warn there is a serious risk that Huawei will build ‘back doors’ into the 5G technology allowing China access to Canadian private information

Online targeting needs tighter controls, UK data ethics body suggests (TechCrunch) A UK government advisory body on AI and data ethics has recommended tighter controls on how platform giants can use ad targeting and content personalization. Concerns about the largely unregulated eyeball-grabbing targeting tactics of online platforms — be it via serving “personalized c…

Review of online targeting: Final report and recommendations (Centre for Data Ethics and Innovation) Online targeting is a remarkable technological development. The ability to monitor our behaviour, see how we respond to different information and use that insight to influence what we see has transformed the internet, and impacted our society and the economy.

WSJ News Exclusive | U.S. Pushing Effort to Develop 5G Alternative to Huawei (Wall Street Journal) Seeking to blunt the dominance by China’s Huawei, the White House is working with companies including Microsoft and Dell to make software for next-generation 5G telecommunications networks.

Draft bill could penalize companies for using end-to-end encryption (Engadget) Politicians would limit privacy in the name of protecting children.

ODNI Plans to Share More About Cyber Threats Under New Counterintelligence Strategy (Nextgov.com) The strategy requires the intelligence community to think of the private sector as consumers of its threat information.

Pentagon weapons tester hones in on cyber tools (Fifth Domain) The annual report released by DoD's weapon tester provides details about specific cyber tools and programs.

Do not stop progress on 5G (C4ISRNET) The FCC’s plan to provide 45 MHz for unlicensed use while preserving the upper 30 MHz for new automotive safety applications is a win for both the automotive industry and the American people. Here's why ...

Information Technology: DHS Directives Have Strengthened Federal Cybersecurity, but Improvements Are Needed (GAO) The Department of Homeland Security issues mandatory cybersecurity directives for most federal agencies. For example, one directive requires agencies to better secure their websites and email systems. If the actions specified in these directives are not addressed, agency systems can remain at risk.We found that these directives have often been effective in strengthening federal cybersecurity. However, agencies and DHS didn’t always complete the directives’ actions on time.

Ohio to ramp up election security with new federal funds (TheHill) Ohio is moving to implement a string of election security measures with new funding from Washington as the state races against the clock to guard against foreign hacking and disinformation campaigns.

Litigation, Investigation, and Law Enforcement

Director of U.S. Counterintelligence: ‘We had a horrible year’ (The Washington Times) The head of U.S. counterintelligence said Tuesday that the intelligence community had a terrible 2019 hampered by turncoats from within and outside of government.

Recent False Claims Act cases a caution to gov’t contractors that skimp on security (CSO Online) Two FCA cases unsealed in 2019 show that contractors can face multi-million-dollar penalties if they don't comply with federal government cybersecurity requirements.

We Do Not Target NSO, but Most Evidence Leads to Them, Says Digital Human Rights Researcher (CTECH) Bill Marczak, a senior research fellow at Citizen Lab and at University of California, Berkeley, is behind much of the research that exposed NSO’s operations

WSJ News Exclusive | Justice Department Ramps Up Google Probe, With Heavy Focus on Ad Tools (Wall Street Journal) In recent months, the department has been posing increasingly detailed questions—to Google’s rivals and executives inside the company itself—about how Google’s third-party advertising business interacts with publishers and advertisers.

SEC, Telegram Startup Gird for Cryptocurrency Court Clash (Wall Street Journal) The encrypted-messaging startup is testing the limits of the U.S. government’s crackdown on digital assets.

Salesforce Data Breach Suit Cites California Privacy Law (Bloomberg Law) Salesforce.com Inc. and a children’s clothing company face data-breach allegations in a federal court lawsuit that is among the first to cite California’s landmark privacy law since it took effect Jan. 1.

Read the FBI’s Damning Case Against the Recently Arrested Nintendo Hacker (Vice) The hacker who stole from Nintendo for years bragged about it online, and didn’t even try to hide his real name or activities.

Data Breach Litigation Preparation: What types of services should the organization offer to consumers affected by a breach? (JD Supra) As of January 1, 2020, California will become the first state to permit residents whose personal information is exposed in a data breach to seek...

Ancestry.com said it rejected a police warrant on a technicality (TechCrunch) DNA profiling company Ancestry.com has narrowly avoided complying with a search warrant in Pennsylvania after a search warrant was rejected on technical grounds, a move that is likely to help law enforcement refine their efforts to obtain user information despite the company’s efforts to keep…

Attorney general warns of data breaches (Carolina Coast Online) Attorney General Josh Stein announced Jan. 28 that a record number of data breaches had been reported to the N.C. Department of Justice last year as he released the department’s

Jeff Bezos Pushes for Immediate Dismissal of Michael Sanchez’s Defamation Suit (Wall Street Journal) Amazon founder Jeff Bezos asked a judge to throw out a defamation lawsuit against him, saying he didn’t accuse his girlfriend’s brother of leaking nude photos.

Woman charged with trespassing at CIA, asking for ‘Agent Penis’ arrested once again (Military Times) One does not simply get a meeting with Agent Penis.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Insider Threat Program Management With Legal Guidance Training Course (Austin, Texas, USA, April 1 - 2, 2020) This two- day intense training course will ensure the Insider Threat Program (ITP) Manager / Senior Official, Insider Threat Analyst, FSO, and others who support the ITP (CSO, CIO, CISO, IT, Network Security,...

Upcoming Events

CPX 360 Vienna (Vienna, Austria, February 4 - 6, 2020) At CPX 360, you’ll gain an in-depth understanding of today’s dynamic threat landscape and the emerging challenges within cyber security. Get a look at the next wave of Check Point innovation and discover...

5t​h​ Annual Atlanta Cyber Security Summit (Atlanta, Georgia, USA, February 5, 2020) C-Suite & Senior Level Executives: Register with Promo Code CYBERWIRE95 to receive $95 Admission (Standard Price is $350). Learn from renowned experts from The FBI, U.S. Secret Service, U.S. Dept. of Homeland...

Suits & Spooks, 10th Anniversary: Taking Ownership of the Future of our Security (Washington, DC, USA, February 6 - 7, 2020) Suits & Spooks DC is the only international security summit where the attendees and speakers engage in discussion and debate of cyber/physical security challenges over the course of two days. World-class...

Meeting To Discuss Insider Threat Detection On Computer Systems & Networks (Laurel, Maryland, USA, February 11, 2020) The National Insider Threat Special Interest Group will hold a meeting to discuss the findings of a workshop that was held in 2019. The workshop was done in partnership with the University of Maryland’s...

2020 OurCrowd Global Investor Summit (Jerusalem, Israel, February 11 - 13, 2020) We’re expanding the Summit to three days! Invite-only events will take place February 11-12, with Summit Day on February 13. Summit Week will be packed as ever, with corporate meet ups, VC forums, insider...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.