skip navigation

More signal. Less noise.

Get your copy of the definitive guide to threat intelligence.

We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Are you attending RSA Conference 2020 in San Francisco February 24–28? Don't forget to stop by Booth 743 to meet the Recorded Future team in person and pick up a free copy of their new book, "The Threat Intelligence Handbook."

Daily briefing.

The US yesterday revealed the indictment of four members of China’s People’s Liberation Army for “conspiracy to hack and commit economic espionage” in the 2017 data breach at Equifax. Wu Shiyong, Wang Qian, Xu Ke, and Liu Lei are accused of nine charges: computer fraud conspiracy, computer fraud and abuse (intentional damage), computer fraud and abuse (unauthorized access), conspiracy to commit economic espionage, economic espionage, conspiracy to commit wire fraud, and three separate counts of wire fraud. WIRED offers a summary of how the Government says the PLA operators succeeded in hacking Equifax.

Also yesterday the US released its National Counterintelligence Strategy. The document lays out a case, described in the Wall Street Journal,  that the intelligence threats the US faces have grown more diverse, more complex, and more damaging, especially as they merge traditional intelligence disciplines with cyber operations and as they show an increased disposition to engage in economic espionage.

The Jerusalem Post reports that the data leaked from a voter database app used by the Likud Party may have compromised information on Israeli intelligence officials.

According to ZDNet, the US FBI has circulated a private warning to industry cautioning companies that threat actors are working to infect software supply chains with the Kwampirs remote access Trojan.

The US state of New Hampshire conducts its presidential primary today, and CISA distributed an encouraging email praising successful threat information and reminding everyone that “The accuracy of the vote total is much more important than the timeliness of releasing results.”

Notes.

Today's issue includes events affecting China, Denmark, Germany, Iran, Ireland, Israel, Russia, United Kingdom, United States.

Bring your own context.

Ransomware's new normal.

"Well, you know, the challenge here when we talk about a ransomware incident is, first of all, remember; if the data can get ransomed, it can just as easily get stolen or extorted. And we're starting to see instances where when a hospital doesn't pay the ransom, the bad guys may try to extort them for the data. So, you know, you have both the privacy concern as well as the impact of getting locked up." 

—Caleb Barlow, CEO at CynergisTek, on the CyberWire Daily Podcast, 2.6.20.

Consider a ransomware incident as now being, probably, a breach as well.

Coming soon: CyberWire Pro.

Our new subscription program, CyberWire Pro, will be available soon. Designed for cyber security professionals and others who want to stay abreast of our rapidly evolving industry, CyberWire Pro is a premium news service that will save you time and keep you informed. Learn more and sign up to get launch updates here.

Georgetown University Part-Time Master's in Cybersecurity Risk Management

Looking to advance your cybersecurity career? Check out Georgetown University's graduate program in Cybersecurity Risk Management. Ideal for working professionals, our program offers flexible options to take classes online, on campus, or through a combination of both—so you don’t have to interrupt your career to earn your degree. You'll leave the program with the expertise you need to effectively manage risks and navigate today’s increasingly complex cyber threats. Learn more.

In today's CyberWire Daily Podcast, out later this afternoon, we speak with our partners at Dragos, as Robert M. Lee discusses the company's recent study, “Industrial Cyber Attacks: A Humanitarian Crisis in the Making.” Our guest is Andrew Wajs from Scenera, talking about the NICE Alliance and cloud privacy.

And Recorded Future's threat intelligence podcast, produced in partnership with the CyberWire, is also up. In this episode, "Understanding Russia’s Global Online Influence," Their guest is Oscar Jonsson. He’s the director of the Stockholm Free World Forum, a Swedish foreign and security policy think tank, and an associated researcher at the Swedish Defense University. Previously, Oscar was a subject-matter expert at the Policy and Plans Department at the Swedish Armed Forces Headquarters. Their conversation focuses on his recent book, “The Russian Understanding of War: Blurring the Lines Between War and Peace.” In it, he tracks the history of Russian tactics and strategies, and explores how Russia sees itself in the online global community.

CyCon 3.0 (Sterling, Virginia, USA, February 15, 2020) Join us at this upcoming cybersecurity event in Loudoun, VA with a full lineup of industry experts, speakers and federal contractors presenting on cutting-edge topics in the domain of cyber. This event is FREE for everyone! Register today!

Industrial Control Systems are Everywhere Hands-On Demonstration (Online, February 18, 2020) Join Dragos at their Feb. 18 ICS Range demonstration to see real control systems, learn about ICS adversaries and hear how to protect your networks. Tom VanNorman, Dragos Director of Engineering Services and co-founder of the ICS Village, walks you through this realistic range and shares his inspiration for developing it.

The Human Hacking Conference (Orlando, Florida, USA, February 20 - 22, 2020) The Human Hacking Conference is an all-encompassing event that teaches business, security, technology, and psychology professionals the latest expert techniques in human deception, body language analysis, cognitive agility, intelligence research, and security best practices.

RSAC 2020 (San Francisco, California, United States, February 24 - 28, 2020) Connect to the people and ideas that matter. To your growth. To your organization. At RSAC 2020, February 24 – 28, explore current and emerging trends, gain valuable skills and network with peers. Register today!

CyberCon 2020 (Anaheim, California, USA, March 30 - April 1, 2020) The CyberCon Industrial Cybersecurity CISO Summit & Workforce Development Conference is a solutions-based cybersecurity conference promoting networking, collaboration and sharing of solutions between cybersecurity experts and leaders in power and utility companies. Gain unprecedented access to over 40 innovative speakers covering a range of pressing cybersecurity topics and an expo featuring 100+ cybersecurity technology providers showcasing innovative solutions. A “Workforce Development Forum” will provide strategies companies need to recruit, train and retain top cybersecurity talent.

Cyber Attacks, Threats, and Vulnerabilities

Hostile Spies Target U.S. With Cyber, Encryption, Big Data, Report Finds (Wall Street Journal) Intelligence threats against the U.S. are becoming more complex, diverse and harmful as adversaries turn to innovative hybrid techniques to steal secrets, according to a government report.

The U.S. Is Vulnerable to an Iranian Cyberattack. Here's How. (Wall Street Journal) U.S. tensions with Iran have escalated after the assassination of Gen. Qassem Soleimani, and experts are worried about retaliatory cyberattacks. Cybersecurity expert John Hultquist and WSJ's Dustin Volz discuss what new tactics hackers have at their disposal and whether the U.S. is prepared to defend itself. Photo illustration: Alexandra Cardinale.

Iran, foreign agencies may have access to data on Israeli intel officials (The Jerusalem Post) The leaked information includes names, identification numbers, phone numbers and addresses.

FBI warns about ongoing attacks against software supply chain companies (ZDNet) Exclusive: FBI alerts US private sectors about attacks aimed at their supply chain software providers.

A US House candidate says she was hacked — now she’s warning others (TechCrunch) "I cannot think of a reason not to share this with the public," said Brianna Wu, a Democratic candidate for the U.S. House.

Software error exposes the ID numbers for 1.26 million Danish citizens (ZDNet) Danish tax portal accidentally shares tax payer identification numbers with Google and Adobe analytics services.

How Big Companies Spy on Your Emails (Vice) Multiple confidential documents obtained by Motherboard show the sort of companies that want to buy data derived from scraping the contents of your email inbox.

Scammers are trying to exploit coronavirus concerns to breach companies (CyberScoop) Hackers are preying upon fears about the new coronavirus from China by sending companies malicious emails cloaked as warnings about the economic repercussions that could occur as the illness spreads.

Frustrated author cybersquats novelist’s website (Naked Security) If you visit the website of renowned Canadian novelist Patrick deWitt today, you’ll see a surprising message. “THIS IS NOT PATRICK DEWITT”, it says.

Passport office had 100 data breaches (Irish Examiner) 32 passports were also sent to the wrong addresses last year

Active PayPal Phishing Scam Targets SSNs, Passport Photos (Threatpost) Phishing emails have been uncovered that request a full rundown of personal data – even asking for photos of passports.

Report: Inmates’ Prescriptions & PII Leaked in Breach Spanning Multiple Jailhouses (vpnMentor) The vpnMentor cybersecurity research team, led by Noam Rotem and Ran Locar, have uncovered a leaking S3 Bucket with 36,077 files of visible data on an Amazon

WI Department of Health Services warns people about coronavirus phishing scam (WKBT) There is new information about coronavirus in Wisconsin, but it's not related to new cases.

Fifth Third warns customers of data breach by former employees (Cincinnati.com) In a letter to customers, Fifth Third said it believes "a small number of former employees" misused the info dating back to the summer of 2018.

13 tips to avoid Valentine's Day online romance scams (TechRepublic) Scammers use dating sites to try to build relationships with people to get money or personal information. Here are 13 tips to protect yourself.

Shadow IT accounts with weak passwords endanger organization (Help Net Security) 63% of enterprise pros have created at least one shadow IT account, and two-thirds of those have created two or more. Some of those have poor passwords.

North Miami Beach Police Department Hit With Ransomware Attack (NBC 6 South Florida) The North Miami Beach Police Department was hit with a ransomware attack and is now being told to pay millions to regain access to information it stored online. The department said in a statement Friday that it was impacted by ransomware earlier that week and contacted the FBI, Secret Service and the Miami-Dade Police Department to investigate. “The most important…

Ransomware Attacks Grow, Crippling Cities and Businesses (New York Times) Hackers are locking people out of their networks and demanding big payments to get back in. New data shows just how common and damaging the attacks have become.

Cyber criminals in the frame after National Portrait Gallery is hit with 350,000 email attacks (Commentator) London's leading art gallery hit with over 100,000 cyber attacks every month, including phising scams, spam emails, malware and viruses. Andy Heather VP at Centrify warns that attacks could be used to steal confidential membership data

LPSO Fends Off Cyber Attack (News15 | Lafayette, LA) The Lafayette Parish Sheriff’s Office has confirmed that its IT department successfully defended the agency against a recent attempted cyber attack. Lt. John Mowell, the LPSO’s public information officer, tells News15 the attempted attack triggered security measures already in place following a successful cyber attack against the department in 2017. “It’s not a big deal …

Bulletin (SB20-041) Vulnerability Summary for the Week of February 3, 2020 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week.

How Cybercriminals Recruit and Look for Skilled Developers (Dice Insights) Certain programming skills are always in demand—even among cybercriminals. Recently, an underground Russian forum known as XXS held a

How Chinese Cybercriminals Use Business Playbook to Revamp Underground (McAfee Blogs) Preface Because of its longevity and technical sophistication, the Russian cybercriminal underground has long been the benchmark for threat researchers

Security Patches, Mitigations, and Software Updates

Windows Server 2008 Servers Don’t Boot After KB4539602 Update (BleepingComputer) Windows Server 2008 servers will no longer boot if prerequisites aren't installed before applying the out-of-band KB4539602 update released by Microsoft on February 7 to patch a wallpaper bug.

Cyber Trends

2019 Year End Data Breach QuickView Report (Risk Based Security) Our QuickView Report is sourced from our product Cyber Risk Analytics® and has garnered media attention from publications such as Forbes and USA Today.

SolarWinds Report Shows Managed Services Remain Healthy and Profitable—Findings Reveal Key Opportunities for Growth, Including Advanced Security, Automation, and Business Operations (Yahoo) SolarWinds (NYSE:SWI), a leading provider of powerful and affordable IT management software, today released the findings of its "2019 Trends in Managed Services" report, showing the health of managed services and the forces shaping the market across North America and Europe.

60% of Enterprise Ill-equipped to Detect and Respond to Public Key Inf (PRWeb) Keyfactor, the leader in securing digital identities, and Ponemon Institute today released the 2020 edition of “The Impact of Unsecured Digital Identities,” a

Overwhelming Number of Internet Users now Fear Becoming a Victim Of Identity Theft and Account Takeover -- and Most are Right (PR Newswire) As massive data breaches continue to make international headlines and the Internet is an integral part of our daily lives, consumers are now...

10 Hot Cybersecurity Topics at RSA Conference 2020 (BankInfo Security) Which cybersecurity topics are hot? One topical answer to that question comes via the upcoming RSA Conference 2020. Organizers say they received 2,400 responses to their call for speakers, and they've have highlighted 10 predominant themes, including secure design, frameworks, privacy and the human element.

These 20 ‘Hackers’ Helped Shape The Cybersecurity Landscape Forever (Forbes) I asked cybersecurity experts to name the hackers who have made an impact, good or bad, that has helped shape the security landscape today.

Cyber attacks worsening among Australian businesses, costing economy $1 billion a year (IT Brief) Cybercrime is becoming increasingly sophisticated and is harming more and more Australians each day.

Marketplace

Cybersecurity is a board level issue: 3 CISOs tell why (Help Net Security) Has cybersecurity reached the board level? Organizations should treat security as a top business risk as well as a top business opportunity.

Develop a serious cybersecurity strategic plan that incorporates CCM (TechCrunch) It’s time for enterprises to strategize seriously and realize they must move from firefighting to fireproofing.

Israel Spyware Firm NSO Group Maintains Its Products 'Battle Terrorism' Alone (The Wire) The creators of Pegasus, a spyware used to snoop on several journalists and lawyers associated with the Bhima Koregaon case, have said they have 'shut down' those who have abused their well-intentioned systems.

No Relief for Cybersecurity Teams Yet, Says Tripwire’s Skills Gap Report (The State of Security) We surveyed 342 security professionals on how they are experiencing the skills gap and how they intend to address the issue going forward.

CIT GAP Funds Invests in HyperQube to Accelerate the Creation of Virtualized Test Environments (CIT) HyperQube is the answer to the question, “What if the enterprise could instantly create a carbon copy of their network to test the impact of a cyber-attack?”

2020 MD Cybersecurity Buyer's Guide (CAMI) Below are details for the 5th Annual Maryland Cybersecurity Buyer's Guide on which the Cybersecurity Association of Maryland, Inc. (CAMI) is once again partnering with the Baltimore Business Journal (BBJ) to produce, print and distribute.

U.S. judge expected to rule in favor of Sprint, T-Mobile merger: sources (Reuters) A U.S. district judge is expected to rule in favor of allowing Sprint and T-Mobi...

Xerox ups its offer for HP — how much is it worth to Xerox now? (Silicon Valley Business Journal) Whether by hook or by crook, carrot or stick, Xerox seems determined to bring HP into its fold — this time by offering even more money to buy the company.

Israel strengthens as cyber superpower (Globes) The $1.9 billion acquisition of Forescout underlines Israel's preeminence in the sector.

Axonius appoints Mark Daggett as Vice President of Channels and Allian (PRWeb) Axonius, the cybersecurity asset management company, today announced the appointment of Mark Daggett as Vice President of Channels and Alliances in addition to the expansion of its partner program.

Post-Thales sale, nCipher looks to channel to stamp A/NZ foothold (ARN) One year after its divestment from Thales, encryption specialist nCipher has made a major push into the regional channel by signing DNA Connect as its second distributor.

Industry Veteran Chris Peterson Joins Centrify To Accelerate Global Channel Growth (Al Bawaba) Centrify, a leading provider of cloud-ready Zero Trust Privilege to secure modern enterprises, today announced the appointment of Chris Peterson as Vice

Gianluca Busco Arre, Panda Security's VP of Sales and Operations, North America Recognized as 2020 CRN® Channel Chief (PR Newswire) Panda Security, a world leader in advanced cybersecurity solutions and services, announced today that CRN®, a brand of The Channel Company, has...

Cyware Labs Names Accomplished Sales Executive, Amit Patel, as Vice President of North America Sales (Yahoo) Cyware Labs, provider of advanced threat intelligence sharing and cyber fusion products, today announced the appointment of Amit Patel as their Vice President of North America Sales.

Products, Services, and Solutions

Kount Unveils Identity Trust Global Network With New Adaptive AI Technology, Largest Data Network of Trust and Fraud Signals, and User Experience Engine (Yahoo) Kount, the leading AI-driven fraud prevention solution, today unveiled its Identity Trust Global Network, flipping the script on fraud management from just blocking bad transactions to empowering organizations to unlock previously untapped revenue streams through delivering personalized user experiences

Nok Nok Labs Introduces Strong Authentication for IoT Devices - Standalone and Connected to Cloud Services (PR Newswire) Nok Nok Labs (Nok Nok), the trusted leader in passwordless consumer authentication, today announced the "Nok Nok™ IoT SDK," as the industry's...

IRONSCALES Delivers the ‘Power of the Pack’ to Email Security; Surpass (PRWeb) IRONSCALES, the pioneer of self-learning email security, today announced that its email security platform has surpassed more than 1,000 acti

Underwriters Labs wants to certify IoT security (TheNewsTrace) In a bid to beef up security across the burgeoning realm of the Web of Issues (IoT), product security testers Underwriters Laboratories (UL) launched new requirements to take a look at web-connected units for vulnerabilities. In accordance to the Christian Science Monitor, UL’s transfer to start scrutiny of IoT programs follows the Cybersecurity Nationwide Motion …

ZeroFOX Announces Advanced Business Email Compromise Protection for Google and Microsoft Platforms (Yahoo) ZeroFOX launches AI-powered Advanced Email Protection, extending its impersonation detection capabilities to provide BEC, abuse, & phishing protection

Cybereason lance l’outil Emotet-Locker pour aider les entreprises et les institutions publiques à combattre le malware Emotet (Global Security Mag Online) Cybereason annonce la publication par son équipe de recherches, Nocturnus, d’un outil gratuit baptisé « Emotet-Locker » visant à aider les organisations publiques et privées à lutter contre la vague d’attaques par le malware Emotet. Emotet-Locker évitera à la plupart des variantes d’Emotet d’infecter les machines Windows. Il est disponible ici : Cybr.ly/emotet.

Fortinet Further Expands Integration with Amdocs to Enable Service Providers to Deliver Advanced Secure SD-WAN Services (Wallstreet-online.de) John Maddison, EVP of products and CMO, Fortinet “Secure SD-WAN is becoming the most significant WAN service for enterprise organizations for its ability to facilitate digital innovation via ...

Technologies, Techniques, and Standards

Teaming up with Defending Digital Campaigns on election security (Google) We’re announcing a new partnership with Defending Digital Campaigns to provide federal campaigns access to free Titan Security Keys.

The Cybersecurity 202: Iowa's app fiasco worries mobile voting advocates (Washington Post) The fiasco caused by an app that failed to properly transmit votes in the Iowa caucuses is worrying the mobile voting industry, which hoped 2020 would be a banner year.

Voting by smartphone in Seattle pushes the limits of electronic balloting (Washington Post) Election officials are letting voters in a little-known race cast ballots with their mobile phones, even as critics raise concerns over the vulnerability of digital ballots.

Presidential campaigns reach email security milestone (Valimail) For the first time, more than half of the candidates for U.S. president have domains that are protected from spoofing via DMARC at enforcement.

Why New Hampshire says it won’t be the next Iowa (POLITICO) The meltdown of last week’s Democratic caucus is upping the pressure on the nation’s first primary to go off without a hitch.

The New Hampshire Primary Might Be the Most Technophobic Election in the Country (Slate Magazine) No app problems here!

Cybereason Preps For The ‘Unthinkable’ With Election Hacking Exercise (CRN) Cybereason, a cybersecurity vendor, held its fifth election hacking exercise to help restore public trust in the election process.

Defending Local Government Agencies From Rising Threat Of Ransomware (Forbes) Local government agencies are increasingly targeted by ransomware attacks, but most have one thing in common: email. Better email security can help agencies avoid these attacks.

How cyber defenders can proactively prep networks (C4ISRNET) A National Security Agency veteran explains how to augment infrastructure to help trap attackers.

The future of DNS security: From extremes to a new equilibrium (Help Net Security) In anticipation of his keynote at HITB Security Conference 2020 in Amsterdam, we talked to internet pioneer Dr. Paul Vixie, Farsight Security Chairman and

EMV® 3DS: paving the way for seamless authentication (FIME) The growth of e-commerce, m-commerce and remote commerce transactions is showing no signs of slowing down.

Intelligence in the Enterprise (McAfee Blogs) Intelligence became an integral military discipline centuries ago. More recently, this practice evolved into what is called Intelligence Preparation of

Netskope CEO: Don’t Fall for SASE Washing (SDXCentral) Riding high on his company’s new $340 million investment, which puts Netskope at a nearly $3 billion valuation, CEO Sanjay Beri says the rest of the industry is finally coming around to his vision of cloud-delivered security. Eight years later, this vision that Beri drew on a napkin in 2012 has a name, and its name is SASE.

How to Rein In Your Unmanaged Cloud in 4 Steps (Orca Security) 'Cloud explosion' has led to uncertainty inside organizations' cloud environments. Here’s how you can conquer the side effects of the unmanaged cloud explosion.

Day in the Life of a Bot (Dark Reading) A typical workday for a bot, from its own point of view.

Academia

University to Unveil New Cybersecurity Center (University of New Haven) The Samuel S. Bergami Jr. Cybersecurity Center will be dedicated in honor of a longtime University supporter during a special event on February 11 that will bring together national and local cybersecurity experts. The state-of-art space will be the home of the only NSA-designated Center of Academic Excellence in Cyber Operations in the state of Connecticut.

Wisconsin university launches online cybersecurity course (The Daily Swig | Cybersecurity news and views) Higher education aims to fill the workforce gap

Legislation, Policy, and Regulation

New federal strategy prioritizes defending US against foreign threats to elections, critical systems (TheHill) The National Counterintelligence and Security Center (NCSC) on Monday unveiled the new National Counterintelligence Strategy, which emphasizes the need to defend against foreign operations aimed at democratic system

National Counterintelligence Strategy of the United States of America 2020-2022 (Office of the Director of National Intelligence) Protecting our Nation’s security and continuing to enhance the prosperity of our citizens are my top priorities. Ensuring that the United States is protected against espionage and other damaging intelligence activities conducted by our foreign adversaries is essential to meeting those goals.

Protected: Heightened vigilance amid Iranian cyber threat ‘a new normal’ for agencies (Federal News Network) Heightened tensions between the U.S. and Iran last month kept agencies on high alert over the threat of an Iranian cyber-attack.

()

Chinese Indictments in Equifax Breach Show Need for Secure Digital Infrastructure, not Onerous Privacy Regulations, Says ITIF (ITIF) "Today’s indictment shows that the ongoing debate about consumer data privacy has been muddled and misguided from the outset—focusing the blame on corporate victims rather than on the perpetrators of state-directed cyber espionage."

Opinion | Chinese Hacking Is Alarming. So Are Data Brokers. (New York Times) Companies like Equifax threaten our personal privacy and our national security.

Why the UK Didn't Ban Huawei (The National Interest) A breakdown of the decision. 

Is there a halfway for Huawei? Western allies can’t agree on role for Chinese giant in 5G networks (The Globe and Mail) Ward Elcock, a former director of the Canadian Security Intelligence Service, said allowing Huawei into 5G is not worth the risk

U.S. chip firms fear Trump's screws on Huawei is bad for business (POLITICO) The administration may have to pull back on how far it will restrict such business out of fear that U.S. industry will be harmed.

Pentagon cyber budget is flat in new request (Fifth Domain) The administration requested $9.8 billion for cyber activities in next year's budget for the Department of Defense.

DOD Budget Invests in Cyber, Interoperability (SIGNAL Magazine) Department officials request $705 billion for fiscal year 2021.

Richmond, Katko, Kilmer, McCaul, Ruppersberger, Thompson, Rogers Introduce Bipartisan Legislation to Help State and Local Governments Secure Their Networks (House Committee on Homeland Security) The Official Website of the House Committee on Homeland Security

State and Local Cyber5 security Improvement Act (US House of Representatives) To establish a program to make grants to States to address cybersecurity risks and cybersecurity threats to information systems of State, local, Tribal, or territorial governments, and for other purposes.

DoD has enduring role in election defense (Edwards Air Force Base) The Defense Department plays an important role in that whole-of-government partnership, spearheaded by the NSA and Cybercom's Election Security Group, formed in the wake of the successes of the Russia

‘The intelligence coup of the century’ (Washington Post) For decades, the CIA read the encrypted communications of allies and adversaries.

Litigation, Investigation, and Law Enforcement

Four Members of China’s Military Indicted Over Massive Equifax Breach (Wall Street Journal) Four members of China’s military have been indicted by the U.S. government on charges of hacking into credit-reporting agency Equifax and plundering sensitive data on nearly 150 million Americans, the DOJ said.

U.S. charges four members of Chinese military in connection with 2017 Equifax hack (Washington Post) The Justice Department has charged four members of the Chinese military with a 2017 hack at the credit reporting agency Equifax, a massive data breach that compromised the personal information of nearly half of all Americans.

How 4 Chinese Hackers Allegedly Took Down Equifax (Wired) The Department of Justice has pinned the hack on China. Here's how it was done, according to the indictment.

Equifax breach is the latest of many hacks linked to China (Star Tribune) In 2014, the Obama administration accused five Chinese military agents of targeting Pittsburgh-area industrial companies including Westinghouse Electric, Alcoa and U.S. Steel. Since then, the number of companies allegedly targeted by Chinese hackers has only grown.

Owner of dark web Freedom hosting pleads guilty to host child abuse content (HackRead) The hosting service contained well over 8.5 million child abuse images.

Microsoft tip led to discovery of more than 190 child porn images on Michigan man’s computer, police say (mlive) He recently pleaded no contest to one of his two child pornography possession charges.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

Meeting To Discuss Insider Threat Detection On Computer Systems & Networks (Laurel, Maryland, USA, February 11, 2020) The National Insider Threat Special Interest Group will hold a meeting to discuss the findings of a workshop that was held in 2019. The workshop was done in partnership with the University of Maryland’s...

2020 OurCrowd Global Investor Summit (Jerusalem, Israel, February 11 - 13, 2020) We’re expanding the Summit to three days! Invite-only events will take place February 11-12, with Summit Day on February 13. Summit Week will be packed as ever, with corporate meet ups, VC forums, insider...

CyCon 3.0 (Sterling, Virginia, USA, February 15, 2020) Our 3rd Annual NOVA CyCon event in Loudoun has a full lineup of cybersecurity experts, speakers and federal contractors presenting on cutting-edge topics! Networking, free lunch and refreshments, door...

Insider Threat Program Management With Legal Guidance Training Course (College Park, Maryland, USA, February 19 - 20, 2020) This 2 day training course will ensure the Insider Threat Program (ITP) Manager, Insider Threat Analyst, FSO, and others who support the ITP (CSO, CIO, CISO, IT, Network Security, Human Resources, Etc.),...

The Human Hacking Conference 2020 (Lake Buena VIsta, Florida, USA, February 20 - 22, 2020) Once flagged by the FBI and the US banking industry as a potential national security threat, the Social Engineering Village (SEVillage) presents this unprecedented experience, The Human Hacking Conference,...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.