skip navigation

More signal. Less noise.

Get your copy of the definitive guide to threat intelligence.

We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Are you attending RSA Conference 2020 in San Francisco February 24–28? Don't forget to stop by Booth 743 to meet the Recorded Future team in person and pick up a free copy of their new book, "The Threat Intelligence Handbook."

Daily briefing.

Kaspersky Lab warns that North Korea’s Lazarus Group, APT38, has recently grown subtler and more evasive, showing greater facility at misdirection. Increased sophistication has followed the group’s Operation AppleJeus, the Lazarus Group’s first sustained effort against macOS targets, but it's also evident in operations against Windows systems. The Lazarus Group has recently been active against the cryptocurrency sector. Most of its victims, chosen opportunistically, have been in the UK, Poland, Russia, and China. Recorded Future describes how Pyongyang has adapted the Internet into a tool for rogue regimes.

The NetBlocks Internet Observatory reported Saturday that Iran sustained a large distributed denial-of-service attack. The Financial Tribune quotes authorities as saying that they successfully parried the attack, and that they were unable to attribute the incident to any nation-state actor. Forbes writes that 25% of Iran’s Internet became unavailable after Iran activated its “Digital Fortress” defenses, which impose their own penalty on connectivity.

Nevada Democratic Party officials told the Nevada Independent Thursday that Iowa's unfortunate caucus experience last week led them to decide against using mobile applications for their caucus. But that may not be entirely the case: Saturday the Nevada Independent also reported that precinct leaders were receiving iPads with a preloaded tool they would use to assist them with their “viability calculations.” The Wall Street Journal isn’t particularly optimistic about Nevada Democrats' preparations, describing them as "cobbled together."

Haaretz reports that Israel's Likud Party's unsecured Elector app uploaded and leaked "names, identification numbers and addresses" of more than six-million voters.

Notes.

Today's issue includes events affecting Australia, China, France, Ghana, Iran, Ireland, Israel, Republic of Korea, Democratic Peoples Republic of Korea, Poland, Russia, United Kingdom, United States.

Bring your own context.

More advice on informed skepticism with respect to phishing.

"Well, this falls back to just - don't open untrusted email attachments, right? And if you are on a thread and all of a sudden, an attachment appears, even if the thread appears to be legitimate and even if the reply doesn't seem that unusual, you should probably just pick up the phone and make sure that the person sending it intended to send it, especially if it hasn't come up in the thread before. Now, obviously, if someone says, hey; on Thursday, I'm going to send you that email, then it's probably OK. But alternatively, if you have a thread that's existed for a while, that's been basically abandoned and then all of a sudden, someone replies to it with an attachment and maybe a couple of really generic statements that don't make a lot of sense in the context of the conversation, that's when your guard should shoot up." 

—Craig Williams, director of Talos Outreach at Cisco, on the CyberWire Daily Podcast, 2.5.20.

It might seem disappointing to hear, use good judgment and keep your wits about you, especially if you were hoping for a checklist or an algorithm. But then the practice of good judgment and situational awareness are, after all, the beginning of practical wisdom.

Coming soon: CyberWire Pro.

Our new subscription program, CyberWire Pro, will be available soon. Designed for cyber security professionals and others who want to stay abreast of our rapidly evolving industry, CyberWire Pro is a premium news service that will save you time and keep you informed. Learn more and sign up to get launch updates here.

Georgetown University Part-Time Master's in Cybersecurity Risk Management

Looking to advance your cybersecurity career? Check out Georgetown University's graduate program in Cybersecurity Risk Management. Ideal for working professionals, our program offers flexible options to take classes online, on campus, or through a combination of both—so you don’t have to interrupt your career to earn your degree. You'll leave the program with the expertise you need to effectively manage risks and navigate today’s increasingly complex cyber threats. Learn more.

In today's CyberWire Daily Podcast, out later this afternoon, we speak with our partners at the Johns Hopkins University's Information Security Institute, as Joe Carrigan takes a look back at the Clipper chip. Our guest is Shannon Brewster from AT&T Cybersecurity with thoughts on election security.

CyCon 3.0 (Sterling, Virginia, USA, February 15, 2020) Join us at this upcoming cybersecurity event in Loudoun, VA with a full lineup of industry experts, speakers and federal contractors presenting on cutting-edge topics in the domain of cyber. This event is FREE for everyone! Register today!

Industrial Control Systems are Everywhere Hands-On Demonstration (Online, February 18, 2020) Join Dragos at their Feb. 18 ICS Range demonstration to see real control systems, learn about ICS adversaries and hear how to protect your networks. Tom VanNorman, Dragos Director of Engineering Services and co-founder of the ICS Village, walks you through this realistic range and shares his inspiration for developing it.

The Human Hacking Conference (Orlando, Florida, USA, February 20 - 22, 2020) The Human Hacking Conference is an all-encompassing event that teaches business, security, technology, and psychology professionals the latest expert techniques in human deception, body language analysis, cognitive agility, intelligence research, and security best practices.

RSAC 2020 (San Francisco, California, United States, February 24 - 28, 2020) Connect to the people and ideas that matter. To your growth. To your organization. At RSAC 2020, February 24 – 28, explore current and emerging trends, gain valuable skills and network with peers. Register today!

CyberCon 2020 (Anaheim, California, USA, March 30 - April 1, 2020) The CyberCon Industrial Cybersecurity CISO Summit & Workforce Development Conference is a solutions-based cybersecurity conference promoting networking, collaboration and sharing of solutions between cybersecurity experts and leaders in power and utility companies. Gain unprecedented access to over 40 innovative speakers covering a range of pressing cybersecurity topics and an expo featuring 100+ cybersecurity technology providers showcasing innovative solutions. A “Workforce Development Forum” will provide strategies companies need to recruit, train and retain top cybersecurity talent.

Cyber Attacks, Threats, and Vulnerabilities

Coronavirus-themed Attacks Target Global Shipping Concerns (Proofpoint US) Last week attackers exploited Coronavirus fears by sending malicious health information emails aimed at Japanese-language speakers. This week Proofpoint researchers uncovered new Coronavirus-themed email attacks that focus on concerns around disruptions to global shipping.

'Our task was to set Americans against their own government': New details emerge about Russia's trolling operation (Business Insider) The Internet Research Agency has a "Department of Provocations" and a "Facebook desk" dedicated to sowing discord in the US.

App used by Netanyahu's Likud leaks Israel's entire voter registry (Haaretz) Names, identification numbers and addresses of over 6 million voters were leaked through the unsecured Elector app.

App Used by Netanyahu’s Party Leaks Personal Data of Over 6 Million Israelis (The Daily Beast) The Likud party uploaded the personal information of Israel’s entire voter registry to the app, including full names, identity cards, addresses, and phone numbers.

How North Korea Revolutionized the Internet as a Tool for Rogue Regimes (Recorded Future) Insikt Group analyzes the internet activity of the North Korean elite, providing a window into the digital lives of North Korea’s most senior leadership.

North Korea’s Internet Use Surges, Thwarting Sanctions and Fueling Theft (New York Times) The North has evaded America’s “maximum pressure” campaign with a 300 percent increase in internet use that has opened up new opportunities for cybercrime.

Kaspersky: North Korean hackers getting more careful, targeted in financial hacks (CyberScoop) Lazarus Group is tweaking some of its malware, delivery mechanisms, and payloads to evade detection, according to Kaspersky Labs.

$645 Billion Cyber Risk Could Trigger Liquidity Crisis, ECB’s Lagarde Warns (Forbes) The president of the European Central Bank (ECB), Christine Lagarde, has gone on record to warn that a cyber-attack on a major financial institution could trigger a liquidity crisis.

‘Largest cyber attack in Iran’s history’ occurs on eve of failed satellite launch (The National) The breach disrupted much of the country’s telecommunications network

Powerful Cyber Attack Takes Down 25% Of Iranian Internet (Forbes) A cyber-attack against Iranian infrastructure said to be behind Internet downtime lasting several hours

Iran aborts "powerful" cyber attack on telecom network (Xinhua) A senior Iranian telecommunication official said that a "powerful" distributed denial-of-service (DDoS) attack that targeted Iran's telecom services on Saturday morning has been aborted, Press TV reported.

Iran regime ratchets up cyberattacks in wake of Soleimani’s death (Arab News) Iran’s hacking attempts have significantly increased in 2020. In early January, cyberattacks that were traced back to Iranian IP addresses nearly tripled in just two days.

He Combs the Web for Russian Bots. That Makes Him a Target. (New York Times) Ben Nimmo helped pioneer disinformation investigations. His work is now more urgent as misleading internet tactics spread.

New ransomware doesn’t just encrypt data. It also meddles with critical infrastructure (Ars Technica) Ekans represents a "new and deeply concerning" evolution in malware targeting control systems.

RobbinHood – the ransomware that brings its own bug (Naked Security) When you need a vulnerability to exploit, but there isn’t one… why not simply bring your own, along with your malware?

Don't be too confident, Hackers can now use antivirus software to shut down anti-virus software (Gizchina.com) Don't be too confident, Hackers can now use antivirus software to shut down antivirus software. However, users just have to continue to use antivirus

Emotet Hacks Nearby Wi-Fi Networks to Spread to New Victims (BleepingComputer) A recently spotted Emotet Trojan sample features a Wi-Fi worm module that allows the malware to spread to new victims connected to nearby insecure wireless networks according to researchers at Binary Defense.

Delete these 9 malicious Android apps now before they hack your accounts (Gizchina.com) Delete these 9 malicious Android apps now before they hack your accounts. This is what is revealed by Trend Micro, a company specializing in cybersecurity.

Maze ransomware spree continues amid advisories from French, FBI officials - CyberScoop (CyberScoop) Roughly a month after the FBI advised U.S. companies to protect themselves against a pernicious strain of ransomware, hackers have continued to attack victims and threaten to publicize their private information.

Industry Spooked by ‘Cable Haunt’ (Multichannel) Halloween came early for the cable technology world in January, when four Danish internet security researchers identified “Cable Haunt,” a security flaw

Hardware Attack Surface Widening (Semiconductor Engineering) Cable Haunt follows Spectre, Meltdown and Foreshadow as potential threat spreads beyond a single device; AI adds new uncertainty.

Wacom driver caught monitoring third-party software use (Naked Security) Graphics tablet company Wacom can collect data unconnected to its products, such as which applications users open on their computers.

Windows trust in abandoned code lets ransomware burrow deep into targeted machines (Ars Technica) Motherboard driver from Gigabyte was deprecated after being found vulnerable.

Misconfigured Docker Registries Expose Orgs to Critical Risks (BleepingComputer) Some organizations have improperly configured Docker registries exposed to the public web, leaving a door open for attackers to infiltrate and compromise operations.

IaC Templates Are The Source Of Many Cloud Infrastructure Weaknesses - Expert Comments (Information Security Buzz) In response to reports that show a high percentage of IaC template misconfigurations in cloud deployments that leave them vulnerable to attack, an expert from Cerberus Sentinel offers perspective. A new report shows a high percentage of IaC template misconfigurations in cloud deployments that leave them vulnerable to attack: https://t.co/EWf5e0TJdC pic.twitter.com/DP3xChwuSc — CompTIA (@CompTIA) February 5, 2020

The NFL account hijackers just compromised Facebook’s Twitter and Instagram accounts (The Verge) OurMine is taking credit for the hacks

Avast Probably Isn't The Only Antivirus Company Selling User Data (The Mac Observer) Kelly and Andrew talked about antivirus programs on today's podcast. Andrew mentioned Avast selling user data, and it's not the only one.

Experts Analysis Of Backdoor Campaign Targetting US Financial Sector (Information Security Buzz) In response to reports indicating the financial services sector in the U.S was hit by cyber attacks last month through a Minebridge backdoor, experts provide an analysis below.

Magecart Group 12's Latest: Deftly Swapping Domains to Continue Attacks (RiskIQ) RiskIQ researchers built on the previous reporting to identify more skimming domains used by Magecart Group 12, as well as additional compromised sites.

Toll deliveries have been missing all weekend, after a cyber attack shut down the company's systems and left customers unable to track their items (Business Insider Australia) If you’re expecting a delivery from Toll, you might be waiting a while yet.

First Horizon Bank warns customers about phishing text messages (Times Free Press) First Horizon Bank is warning customers about phishing text messages that attempt to obtain personal information.

TA505 Hackers Behind Maastricht University Ransomware Attack (BleepingComputer) Maastricht University (UM) disclosed that it paid the 30 bitcoin ransom requested by the attackers who encrypted some of its critical systems following a cyberattack that took place on December 23, 2019.

Evansville law firm Woods and Woods says it is victim of cyber attack (Evansville Courier & Press) Evansville law firm was the victim of a ransomware cyber attack.

Belfast company flags data breach hitting thousands (BBC News) A Belfast business owner says it is an issue which could potentially affect all of the UK.

Benton County loses over $740,000 in funds after falling victim to phishing scam (NBC Right Now ) Benton County is currently trying to recover $717,201.44 of County funds after falling victim to a social engineering phishing scam.

Cyber attack weasels through county servers (CBS46 News Atlanta) CONYERS, Ga. (CBS46) -- Rockdale County’s internal servers were slammed by a cyber attack Thursday evening.

Cyber attack affecting Rockdale County online systems (Rockdale Citizen & Newton Citizen) CONYERS — A cyber attack on nine county server systems on Feb. 6 is affecting online services, according to a Facebook post from Rockdale County. The post states:

Duplin County IT taken offline after malware attack (WCTI) Duplin County officials say they have taken their IT offline because of a malware problem. While they are terming it a safety concern, the county says some services to the public may be limited but emergency and essential operations will continue as usual. Public Information Officer Elizabeth Stalls says she has never seen this in Duplin County, and the county has not received a ransom since officials caught it quickly. "It’s frustrating because we are trying to serve the public," she says.

When Is the Voter Registration Deadline in Oklahoma? Facebook Almost Flubbed It (Wall Street Journal) Facebook, under scrutiny to root out misinformation on its platform, almost inadvertently published incorrect information about a voter registration deadline this year.

Security Patches, Mitigations, and Software Updates

Google fixes critical vulnerability affecting Android Bluetooth subsystem (Computing) Bluetooth Android security flaw has been labelled ‘critical’ on both Android 8 and 9

Cyber Trends

Love Knows No Bounds, Nor do Cyber-Security Fraudsters (Globe Newswire) Arkose Labs Report Shows Sharp Increase in Fraud on Social Media and Dating Sites

The frequency of DDoS attacks depends on the day and time (Help Net Security) Multivector and cloud computing attacks have been rising over the last twelve months, growing from 46% in the first quarter to 65% in the fourth quarter.

ESET: MSPs Not Proactive Enough with Cybersecurity (Channel Futures) ESET, a provider of antivirus, anti-malware and internet security, surveyed 400 MSPs to uncover their attitudes and future plans around cybersecurity. The findings suggest that many MSPs still have their heads in the sand over the gravity of the threat, it said.

Iowa caucus shambles highlights United States election security concerns (Stuff) OPINION: The debacle in Iowa has cast a shadow over the upcoming presidential campaign.

90% of UK Data Breaches Due to Human Error in 2019 (Infosecurity Magazine) Phishing was the primary cause of breaches reported to the ICO last year

Increase in cyber attack incidents in the country: Govt (Deccan Herald) The increase in cyber attack incidents in the country have increased exponentially over the years, with the 3.13 lakh incidents reported in 2019 (up to October) alone, while it was just 49,455 in 2015

Facebook is Most Imitated Brand for Phishing Attempts: Check Point Research’s Q4 2019 Brand Phishing Report (Check Point Software) Check Point Research, the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber security

Phishing scammers use Trump's name more than all other candidates combined in phony emails (Fox Business) "Phishing" is a type of scamming tactic that tricks vulnerable users into giving out sensitive information like credit card numbers.

Marketplace

Tech Giants Seek Hong Kong Alternative After U.S. Blocks Data Cable (Wall Street Journal) U.S. tech giants are considering alternatives to Hong Kong as a global data hub after national security officials upended plans for a trans-Pacific internet link to the territory, according to people familiar with the matter.

Norsk Hydro gets more cyber insurance compensation (Insurance Business) Close to 12 months have passed since the major breach

Youngstown will pay $22,700 annually for $1M in cybersecurity protection (MahoningMatters.com) In a ransomware attack, hackers will infiltrate a computer system and hold a user's computer hostage until a "ransom" is paid. The Baltimore budget office estimated that the 2019 ransomware attack on city computers cost the city about $18.2 million.

The Winners From Washington’s War on Huawei (Wall Street Journal) Attorney General William Barr’s pitch for a U.S. takeover of Europe’s 5G equipment makers seems like a long shot, but investors might benefit from Washington’s hawkish stance on Huawei anyway.

Dangerous Domain Corp.com Goes Up for Sale (KrebsOnSecurity) As an early domain name investor, Mike O’Connor had by 1994 snatched up several choice online destinations, including bar.com, cafes.com, grill.com, place.com, pub.com and television.com. Some he sold over the years, but for the past 26 years O’Connor refused to auction perhaps the most sensitive domain in his stable — corp.com. It is sensitive because years of testing shows whoever wields it would have access to an unending stream of passwords, email and other proprietary data belonging to hundreds of thousands of systems at major companies around the globe.

How Unisys Federal will change SAIC (Washington Technology) Unisys Federal uses a commercial model for delivering services and solutions to federal customers. That model will likely change how Science Applications International Corp. goes to market.

Okta hires Craig Weissman as Chief Architect (Help Net Security) Okta, the leading independent provider of identity for the enterprise, announced the hiring of Craig Weissman as Chief Architect, effective immediately.

Elevate Security appoints Nicholas Telford as chief financial officer (Help Net Security) Elevate Security, a platform that measures, influences, and reduces human cybersecurity risk, appoints Nicholas Telford as chief financial officer.

Jason Berland to Lead Growing Identity and Access Management (IAM) service within MorganFranklin’s Cybersecurity Practice (Street Insider) Experienced cybersecurity leader to drive growth of IAM service offering

Technologies, Techniques, and Standards

The CIA triad: Definition, components and examples (CSO Online) The CIA (Confidentiality, Integrity, Availability) triad is a widely used information security model that can guide an organization's efforts and policies aimed at keeping its data secure.

The war against space hackers: how the JPL works to secure its missions from nation-state adversaries (TechCrunch) NASA’s Jet Propulsion Laboratory designs, builds, and operates billion-dollar spacecraft. That makes it a target. What the infosec world calls Advanced Persistent Threats — meaning, generally, nation-state adversaries — hover outside its online borders, constantly seeking access t…

Sanders to seek partial recanvass of Iowa caucus results (AP NEWS) WASHINGTON (AP) — Sen. Bernie Sanders' campaign plans to ask for a “partial recanvass” of the results of last week's Iowa caucuses. A campaign aide confirmed the plans Sunday night, ahead of...

The Cybersecurity 202: Democrats fret about another tech disaster in Nevada caucuses following the mess in Iowa (Washington Post) Democrats who are still reeling from last week’s Iowa debacle are increasingly worried about another technology disaster in the next caucus state: Nevada.

Nevada Democrats debut to volunteers new iPad-based ‘tool’ to calculate math on Caucus Day in the wake of Iowa fiasco (Nevada Independent) Nevada Democrats are planning to use a new caucus tool that will be preloaded onto iPads and distributed to precinct chairs to help facilitate the Caucus Day process, according to multiple volunteers and a video recording of a volunteer training session on Saturday.

Nevada Democrats will not use any apps in its first in the West caucus, still evaluating path forward (Nevada Independent) The Nevada State Democratic Party will not use any apps to carry out its caucus later this month after technology troubles delayed the full release of results from Iowa’s contest this week.

After Iowa Debacle, Nevada Democrats Will Not Use An App For Their Caucuses (NPR.org) The Nevada Democratic Party chair has already said that what happened in Iowa would not happen in Nevada on Feb. 22, the date of its party caucuses.

Shadow's Cancelled Nevada Caucus App Had Errors, Too (Vice) An error wouldn’t let users report results in a test version of the app. Shadow confirmed it was fixing some errors at the time.

Capital Beat: New Hampshire is not Iowa, but some voting concerns remain (Concord Monitor) It’s not clear exactly where the trouble started in Iowa.Perhaps it was user error that caused many of the precincts to report irregular vote totals in last Monday’s caucus, prompting Democratic National Committee Chairman Tom Perez to call for a...

State officials partner with Georgia Tech for voting security (Albany Herald) Secretary of State Brad Raffensperger is launching a partnership with Georgia Tech, the Georgia Institute of Technology, to combat cyber threats to Georgia’s election system. This new effort

Iowa vote tally app debacle should inform security, tech in future elections (SC Media) Iowa Democrats have struggled to declare a clear winner in this week’s caucuses – the DNC chairman just called for a recanvassing – but a clearer picture

Voting Process Under Spotlight After Iowa Confusion (Wall Street Journal) States conducting presidential nominating contests in the weeks ahead are facing new scrutiny of their voting processes after glitches caused confusion over which candidate won in Iowa’s caucuses.

After the meltdown at the Iowa caucuses, Democrats fear a repeat in Nevada (Washington Post) The week of chaos that followed the Iowa caucuses has prompted growing concern about problems in the next state to use that presidential nominating process, Nevada.

What Will We Learn From The Iowa Caucus App? (Government Technology) The events that unfolded this past week with the Iowa Democratic caucus app are unprecedented. But putting politics aside, what can we learn about launching important apps?

Hackers tried to turn an election simulation into a shitshow (Quartz) In the drill, the bad guys hacked phones, electrical power, and a sewage system.

Why you can’t bank on backups to fight ransomware anymore (Ars Technica) Ransomware operators stealing data before they encrypt means backups are not enough.

Open source takes on managing and securing the electrical grid (ZDNet) LF Energy and Alliander Announce a program -- GXF -- to securely manage the modern electrical grid's Industrial Internet of Things.

How To Stop Wi-Fi Hackers Abusing Ubiquiti’s UniFi Access Points (Secplicity - Security Simplified) Ubiquiti, a global networking technology company came onto the mainstream marketplace beginning in 2005 with a clever idea of offering products at low prices to mass markets guiding channel players to monetize their services instead of the hardware.  Every strategy has its pluses and minuses and some would say Ubiquiti’s low-price leader concept swung the …

Why apps don’t belong anywhere near elections (Quartz) The world has gone mobile, but that doesn't mean elections should.

Training to Thrive in a Toxic National Security Profession (War on the Rocks) Elizabeth A. Stanley, Widen the Window: Training Your Brain and Body to Thrive During Stress and Recover from Trauma (Avery/Penguin Random House,

What Parents need to know before letting their kids use a Smartphone? (News Patrolling) There comes a moment in any parents’ life when, after intensive begging and pleas, they take the plunge and buy their child his /her first smartphone.

Identity Theft Protection You May Not Know You Already Have (NerdWallet) Data breaches are common and identity theft is likely in your lifetime. You may already have access to free or low-cost services to protect yourself.

Design and Innovation

New cybersecurity system protects networks with LIDAR, no not that LiDAR (C4ISRNET) By combining multiple machine learning tools and mediating them, a new approach to cybersecurity hopes to adapt and learn into the future.

Legislation, Policy, and Regulation

Once wary of feds, state election leaders now welcome help (Fifth Domain) After strained relations in 2016, state secretaries of state described to Fifth Domain how their relationship with the federal government has improved since the last presidential election.

‘It’s an arms race against the worst of the worst’ (The Australian) A torrent of online child sexual abuse and exploitation material could turn into a tsunami. Julie Inman Grant is on a mission to civilise cyberspace.

Labor to introduce Bill to fix Australian encryption laws it voted for (ZDNet) Opposition cites the same reasons it shouldn't have voted for the laws in the first place as the reason to fix them.

Human Rights Commission wants data retention period limited to six months (ZDNet) The commission also wants a warrant system introduced to the country's data retention regime, saying it would 'help to focus the mind of the agency that is seeking the data'.

Anti-corruption and police integrity bodies reject call to reduce data retention period (ZDNet) The NSW Law Enforcement Conduct Commission was joined by the Australian Commission for Law Enforcement in asking for the minimum two-year period for retaining telco data be kept under the country's data retention regime.

Israeli spyware firm threatens to 'shut down' abusers (Deutsche Welle) An embattled Israeli firm known for its controversial spyware has been accused of turning a blind eye to the misuse of its technology. The company told DW that it has "shut down" systems in the past for violating rights.

UK Government Under Fire Over NSO Group Links (Infosecurity Magazine) Controversial Israeli spyware maker will be hosted at security fair next month

UK to host spyware firm accused of aiding human rights abuses (the Guardian) Exclusive: NSO Group technology is allegedly used by autocratic regimes to spy on journalists and activists

Post-Brexit U.K.'s surveillance practices could spell big problems for business (Fortune) The U.K. will need a data-protection "adequacy" decision from the EU if data flows are to continue freely after Brexit. But big hurdles stand in the way.

China to France: Don't Discriminate Against Huawei on 5G Networks (New York Times) The Chinese embassy in Paris on Sunday urged the French government not to discriminate against Huawei as it selects suppliers for its 5G mobile network, saying it feared the company would face more constraints than rivals.

Huawei's assault on router market opens up fresh espionage fears (The Telegraph) Long before Huawei was a diplomatic headache for the British government, it was a commercial problem for Cisco Systems.

Huawei warning: Expert reveals how spy could EASILY hack into UK's 5G network (Express) Boris Johnson's decision to allow Huawei continued access to the UK's 5G network could lead to a serious threat to the country, a leading expert has warned.

Tories express concern over Huawei role in UK 5G network (the Guardian) Letter from Iain Duncan Smith and other MPs requests that ‘high-risk’ vendors are ruled out

Tory MPs turn on Boris Johnson over Huawei involvement in 5G network (The Independent) US president reportedly ‘apoplectic’ over UK decision to go against Washington’s advice on security risk from Chinese firm

Angry over U.K. refusal to ban Huawei from its 5G networks, Trump berated PM Johnson in heated phone chat (Fortune) Donald Trump berated Boris Johnson during a heated phone call, after the British prime minister rejected the U.S. president’s request to ban Huawei Technologies Co. from its next-generation broadband networks. Trump had spent months trying to persuade the British government not to allow the Chinese company to take a role in the U.K.’s 5G networks […]

Trump Is Right: We're Making Up For Lost Time On Huawei (The National Interest) Finally.

Risk Mitigation and Huawei: The UK Makes a Choice (Diplomat) Huawei gets its day in the UK.

Huawei's Chief U.S. Security Officer Downplays The Company's National Security Threat (NPR) NPR's Mary Louise Kelly speaks with Andy Purdy, the chief security officer for Huawei in the United States. The telecom company has been accused of being a Chinese spy operation.

Industry Leaders Rebuke Barr’s Dismissal of White House-Backed Plan to Avoid Huawei  (Nextgov) Attorney General breaks with government partners in proposing a more immediate, and controversial solution.

Cyber Security Law to be passed by June - Communications Minister (Ghana Web) Mrs Ursula Owusu-Ekuful, the Minister of Communications, has said that measures...

Bringing Cyber into Space (SIGNAL Magazine) U.S. Space Command lays out its approach to defensive and offensive cyber capabilities.

Secret Service may leave Homeland Security, rejoin Treasury (Washington Post) The White House is throwing its support behind a plan to transfer the U.S. Secret Service back to the Treasury Department to better focus on the growing threat of online financial crimes.

A Primer on Congressional Staff Clearances (Project On Government Oversight) A primer from the Project On Government Oversight and Demand Progress offers a comprehensive resource on the limitations to congressional staff overseeing classified programs.

Opinion: Addressing the gap in our cyber defense (NewsTimes) U.S. utilities and other vital structures are not prepared to deal with cyber attacks because the federal government won't share information.

Litigation, Investigation, and Law Enforcement

US Charges 4 Chinese Military Hackers in Equifax Breach (US News and World Report) The Justice Department says four Chinese military hackers have been charged with breaking into the computer networks of the Equifax credit reporting agency and stealing the personal information of tens of millions of Americans.

Facebook and IRS Prepare for $9 Billion U.S. Tax Court Fight (Wall Street Journal) The government is challenging the company’s transactions with its Irish subsidiary in a case that could shape enforcement of tax rules.

Facebook's Privacy Practices Targeted by Canadian Regulator (BankInfo Security) Canada's privacy commissioner is taking Facebook to court to try and force the social network to make specific changes to its privacy practices. The regulator has

Singapore accounts for half of Netflix government takedown demands (ZDNet) Media streaming company says it has removed nine pieces of content due to government requests worldwide since it began operations 23 years ago, with five of such requests issued by the Singapore government.

Labour accuses Keir Starmer team of data breach (BBC News) Sir Keir and his leadership campaign team deny allegedly hacking Labour's membership database.

FBI is investigating more than 1,000 cases of Chinese theft of US technology (ZDNet) US officials talk about all the methods the Chinese government and its agents have been using to target US companies and universities to steal intellectual property.

Facebook was repeatedly warned of security flaw that led to biggest data breach in its history (The Telegraph) Facebook knew about a huge security flaw that let hackers to steal personal data from millions of its users almost one year before the crime, yet failed to fix it in time, the Telegraph can reveal.

A dark web tycoon pleads guilty. But how was he caught? (MIT Technology Review) The FBI found Eric Marques by breaking the famed anonymity service Tor, and officials won’t reveal if a vulnerability was used. That has activists and lawyers concerned.

Former spy chief draws 7-year prison sentence for interference in politics (Yonhap News Agency) Won Sei-hoon, a former National Intelligence Service (NIS) director...

NCA Case: Pegasus System Was Handed Over To National Security – Accused (Modern Ghana) Mr William Mattew Tetteh-Tevie, the immediate past Director General of the National Communications A...

Facebook, Google, YouTube order Clearview to stop scraping faceprints (Naked Security) It’s my First Amendment right to scrape publicly available face images, its CEO says. Besides, we’re just doing what Google Search does.

Cybercrooks busted for multimillion-dollar identity fraud (Naked Security) Organizations were attacked for employees’ data, including names, addresses and birthdates used to set up hundreds of bank accounts.

Manor ISD anticipates recovering $800,000 of the $2.3M lost in email phishing scam (KVUE) Manor police said the scam started in the first part of November and continued through December before the district found out and reported it.

Ex-Autonomy CFO Sushovan Hussain was accused of sexual misconduct against Darktrace staff – report (Register) Security biz says it was a long time ago and he didn't technically work for them anyway

Angry mum demands Xbox refund after 'hackers bought 36,000 Fifa gaming points' (Mirror) Lesley Urwin, from Moray, claims she was forced to chase Microsoft for almost a year for a refund when a fraudster linked their own Xbox to the her credit card account

Dublin business closed by cyber attack sued by Ohio Attorney General (Columbus Business First) Ohio Attorney General Dave Yost is suing a Dublin product-launch company that abruptly closed in December, saying it failed to deliver promised services in violation of state consumer protection laws.

Explained: Why The Feds Are Raiding Tech Companies For Medical Records (Forbes) The U.S. government is raiding little known tech companies for citizens’ medical data. And it appears innocent people are having their most private information put at risk.

Trump shared an edited Pelosi video on social media, highlighting a gray area in the debate over disinformation (Washington Post) The video is not a sophisticated fake. It shows events that actually happened, just not in the order in which they happened. Is that misleading?

If Nancy Pelosi succeeds in censoring our speech-ripping video, say goodbye to media coverage as we know it | Opinion (Newsweek) If social networks were to comply with Pelosi's authoritarianism, they would be ushering in the death of media as we know it.

Army reservists accused of $3 million-worth of romance and business scams (Army Times) FBI agents said the two men defrauded victims and laundered their proceeds through bank accounts opened in the names of fake businesses.

Navy SEAL convicted in attempted catfishing case (Navy Times) He'll spend 30 days in the brig.

Panama Papers Case to Net First U.S. Conviction (Wall Street Journal) A German businessman charged with evading U.S. taxes as part of an investigation sparked by leaked documents from now-defunct Panamanian law firm Mossack Fonseca & Co. will plead guilty, federal prosecutors said.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Techno Security & Digital Forensics Conference (San Diego, California, USA, March 9 - 11, 2020) Techno Security & Digital Forensics Conference provides a unique education experience that blends together the digital forensics and cybersecurity industries for collaboration between government and private...

Techno Security & Digital Forensics Conference (Myrtle Beach, South Carolina, USA, May 31 - June 3, 2020) Techno Security & Digital Forensics Conference provides a unique education experience that blends together the digital forensics and cybersecurity industries for collaboration between government and private...

Securing Federal Identity 2020 (Arlington, Virginia, USA, June 22 - 23, 2020) This highly focused, high-energy event will feature federal government identity and security policy issues and technology developments for today’s federal agencies and federal market security leaders.

Upcoming Events

Meeting To Discuss Insider Threat Detection On Computer Systems & Networks (Laurel, Maryland, USA, February 11, 2020) The National Insider Threat Special Interest Group will hold a meeting to discuss the findings of a workshop that was held in 2019. The workshop was done in partnership with the University of Maryland’s...

2020 OurCrowd Global Investor Summit (Jerusalem, Israel, February 11 - 13, 2020) We’re expanding the Summit to three days! Invite-only events will take place February 11-12, with Summit Day on February 13. Summit Week will be packed as ever, with corporate meet ups, VC forums, insider...

CyCon 3.0 (Sterling, Virginia, USA, February 15, 2020) Our 3rd Annual NOVA CyCon event in Loudoun has a full lineup of cybersecurity experts, speakers and federal contractors presenting on cutting-edge topics! Networking, free lunch and refreshments, door...

Insider Threat Program Management With Legal Guidance Training Course (College Park, Maryland, USA, February 19 - 20, 2020) This 2 day training course will ensure the Insider Threat Program (ITP) Manager, Insider Threat Analyst, FSO, and others who support the ITP (CSO, CIO, CISO, IT, Network Security, Human Resources, Etc.),...

The Human Hacking Conference 2020 (Lake Buena VIsta, Florida, USA, February 20 - 22, 2020) Once flagged by the FBI and the US banking industry as a potential national security threat, the Social Engineering Village (SEVillage) presents this unprecedented experience, The Human Hacking Conference,...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.