skip navigation

More signal. Less noise.

Get your copy of the definitive guide to threat intelligence.

We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Are you attending RSA Conference 2020 in San Francisco February 24–28? Don't forget to stop by Booth 743 to meet the Recorded Future team in person and pick up a free copy of their new book, "The Threat Intelligence Handbook."

Daily briefing.

The US claims to have hard evidence that Huawei for more than a decade has secretly built backdoors into its equipment through which it can access communications crossing that equipment. The Wall Street Journal writes that such access is attained through lawful interception interfaces in the systems. Such interfaces are not unique to Huawei equipment. What’s unique to Huawei, the US claims, is secret retention of access to the interfaces, which should be available only to legal authorities acting under authority of national wiretapping laws. Huawei dismissed the allegations, saying that equipment vendors like itself enjoy no such access to network traffic.

Reuters says Germany may decide to follow a risk management approach with respect to Huawei similar to that recently adopted by the UK.

The Nevada Democratic Party intends to use iPads, Google Forms, and other “tools” to process and determine results in its February 22nd caucuses, the Washington Post reports

Facebook has taken down inauthentic accounts FireEye flagged as part of Iran's Distinguished Impersonator influence operation. Facebook also addressed "coordinated inauthenticity" emanating from Russia, Myanmar, and Vietnam.

Microsoft addressed ninety-nine issues in its products yesterday, making this in ZDNet’s estimation Redmond’s biggest Patch Tuesday ever.

Adobe has patched forty-two vulnerabilities in its Framemaker, Flash Player, Reader and Acrobat, Digital Editions, and Experience Manager. BleepingComputer reports that many of the bugs are rated “critical.”

Intel fixed an authentication issue (CVE-2019-14598) in its CSME (converged security and management engine). The flaw could lead to privilege escalation, denial-of-service, and information leaks.

Notes.

Today's issue includes events affecting China, European Union, Germany, Iran, Myanmar, Russia, Switzerland, United Kingdom, United States, and Vietnam.

Bring your own context.

Every US state runs its elections in its own way.

"I would say that election operations are done in a very decentralized way in the United States. It has pros and cons, right? I mean, it creates a fragmented approach, but it also makes it difficult for an external threat actor to attack those jurisdictions with a single campaign because every operation's different. They're using different technologies. They're bringing forward a different approach.

So are there any common best practices election officials might look to?

"But if you step back and consider what an election is doing and what it's there for, you have to appreciate that public trust in the integrity of that election is really fundamental. And when it comes to that, perception can be reality, right? So simple fundamental security basics that should be implemented when you're putting together a system really shouldn't be overlooked because any breach of something fundamental like that could be just as devastating as an external threat actor. And then the third thing I would say is - be aware of the resources that are available through DHS, Cyber and Infrastructure Security Agency that sits as a subcomponent under DHS and some other of the other resources that can be taken advantage of through third parties to help, you know, baseline that program and build out a program that is maturing over time."

—Shannon Brewster from AT&T Cybersecurity, on the CyberWire Daily Podcast, 2.10.20.

Thus the imperative is public trust, and that can only be established, ultimately, with transparent, reliable processes carried out with integrity.

Coming soon: CyberWire Pro.

Our new subscription program, CyberWire Pro, will be available soon. Designed for cyber security professionals and others who want to stay abreast of our rapidly evolving industry, CyberWire Pro is a premium news service that will save you time and keep you informed. Learn more and sign up to get launch updates here.

Georgetown University Part-Time Master's in Cybersecurity Risk Management

Looking to advance your cybersecurity career? Check out Georgetown University's graduate program in Cybersecurity Risk Management. Ideal for working professionals, our program offers flexible options to take classes online, on campus, or through a combination of both—so you don’t have to interrupt your career to earn your degree. You'll leave the program with the expertise you need to effectively manage risks and navigate today’s increasingly complex cyber threats. Learn more.

In today's CyberWire Daily Podcast, out later this afternoon, we speak with our partners at the University of Maryland's Center for Health and Homeland Security, as Ben Yelin discusses the US Senate GOP's blocking of election security bills. Our guest is Christopher Hadnagy from Social-Engineer, LLC on social engineering trends his firm is tracking. The CyberWire is pleased to be a media partner of the Social-Engineer's Human Hacking Conference: How to Hack Thoughts, Actions and the People Around You, meeting next week in Lake Buena Vista, Florida, February 20th through 22nd.

And Caveat is up. In this week's episode, "The practical concerns of data encryption," Dave shares a story about the government compelling some tech giants to help find a WhatsApp drug dealer, Ben follows developments on the ClearView facial recognition story that the New York Times recently broke, and later in the show, our conversation with Tommy Ross. He serves as Senior Director of Policy, BSA | The Software Alliance, and we’re going to be discussing encryption and law enforcement's access to data.

CyCon 3.0 (Sterling, Virginia, USA, February 15, 2020) Join us at this upcoming cybersecurity event in Loudoun, VA with a full lineup of industry experts, speakers and federal contractors presenting on cutting-edge topics in the domain of cyber. This event is FREE for everyone! Register today!

Industrial Control Systems are Everywhere Hands-On Demonstration (Online, February 18, 2020) Join Dragos at their Feb. 18 ICS Range demonstration to see real control systems, learn about ICS adversaries and hear how to protect your networks. Tom VanNorman, Dragos Director of Engineering Services and co-founder of the ICS Village, walks you through this realistic range and shares his inspiration for developing it.

The Human Hacking Conference (Orlando, Florida, USA, February 20 - 22, 2020) The Human Hacking Conference is an all-encompassing event that teaches business, security, technology, and psychology professionals the latest expert techniques in human deception, body language analysis, cognitive agility, intelligence research, and security best practices.

RSAC 2020 (San Francisco, California, United States, February 24 - 28, 2020) Connect to the people and ideas that matter. To your growth. To your organization. At RSAC 2020, February 24 – 28, explore current and emerging trends, gain valuable skills and network with peers. Register today!

Cyber Conversation Speaker Series with author Andy Greenberg (Columbia, Maryland, United States, March 11, 2020) On March 11, 2020 at 11:00am at the Maryland Innovation and Security Institute's DreamPort cyber capabilities and mission accelerator facility we will be hosting the first cyber conversation speaker series with author Andy Greenberg.

CyberCon 2020 (Anaheim, California, USA, March 30 - April 1, 2020) The CyberCon Industrial Cybersecurity CISO Summit & Workforce Development Conference is a solutions-based cybersecurity conference promoting networking, collaboration and sharing of solutions between cybersecurity experts and leaders in power and utility companies. Gain unprecedented access to over 40 innovative speakers covering a range of pressing cybersecurity topics and an expo featuring 100+ cybersecurity technology providers showcasing innovative solutions. A “Workforce Development Forum” will provide strategies companies need to recruit, train and retain top cybersecurity talent.

Cyber Attacks, Threats, and Vulnerabilities

Hacks on Louisiana Parishes Hint at Nightmare Election Scenario (Washington Post) James Wroten called the clerk of court in Vernon Parish, Louisiana last November with an urgent message.

"Distinguished Impersonator" Information Operation That Previously Impersonated U.S. Politicians and Journalists on Social Media Leverages Fabricated U.S. Liberal Personas to Promote Iranian Interests (FireEye) Details of an ongoing operation that we believe is being conducted in support of Iranian political interests.

Facebook removes accounts run from Iran targeting Americans (CNN) Facebook announced Wednesday morning that it had removed a small network of fake social media accounts it said were run from Iran and were posting about US politics.

Iranian Digital Influence Efforts: Guerrilla Broadcasting for the Twenty-First Century (Atlantic Council) Iran has invested significant resources and accumulated vast experience in the conduct of digital influence efforts locally and globally.

WSJ News Exclusive | U.S. Officials Say Huawei Can Covertly Access Telecom Networks (Wall Street Journal) Huawei can covertly access mobile networks via back doors meant for law enforcement, the U.S. has told allies in a bid to show the Chinese firm poses a security threat.

White House Official Says Huawei Has Secret Back Door to Extract Data (New York Times) The allegation that Huawei maintains access to the data that flows through its network is the latest step in a campaign to thwart the Chinese telecom giant’s rise.

US says it can prove Huawei has backdoor access to mobile-phone networks (Ars Technica) US hasn't made evidence public but reportedly shared it with UK and Germany.

China denies cybertheft following Equifax accusations (Fifth Domain) The Justice Department accused Beijing on Monday of engineering one of the biggest hacks in history targeting consumer data.

The intel on China’s counterintelligence threat to America (Boston Globe) China’s assault on US technological know-how is so pervasive that in 2018 the attorney general formed the “China Initiative” specifically to combat the problem.

Concern over Coronavirus Leading to Global Spread of Fake Pharmacy Spam (Imperva) High levels of concern around the Coronavirus are currently being used to increase the online popularity of spam campaigns designed to spread fake news and drive unsuspecting users to dubious online drug stores.

Phishing emails lure victims with news of coronavirus' impact on shipping (SC Media) Cybercriminals have launched a phishing campaign that targets global companies with emails that suggest the coronavirus could disrupt shipping operations.

More Phishing Campaigns Tied to Coronavirus Fears (BankInfo Security) As fears about the coronavirus continue to spread, cybercriminals are using the health crisis to send phishing emails using a variety of tactics to a broader range

Unit 42 Discovers Malicious Activity in Kuwaiti Organization’s Webpage (CISO MAG | Cyber Security Magazine) Security experts from Unit 42, a threat intelligence unit of Palo Alto Networks, discovered a Kuwait organization’s webpage used in a security exploit.

We've never met six-year-old Kate — but a total stranger was able to track her every move (ABC News) A software bug in a popular GPS tracking device for kids shows how easy it is to accidentally expose personal information to strangers.

Facebook’s Twitter and Instagram accounts hijacked (Naked Security) In full glare of the world, Facebook admins have found themselves in an unseemly struggle to wrestle back control of the company’s Twitter accounts.

The Ancient Microsoft Security Flaws Driving Cybercrime In 2020 (Forbes) New research reveals that very old Microsoft vulnerabilities are still causing very real problems.

KBOT Malware Is the First 'Living' Virus Spotted in Years (Security Intelligence) Security researchers recently spotted KBOT malware, the first "living" computer virus they've discovered in years.

Synergy Systems & Solutions HUSKY RTU (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Synergy Systems & Solutions (SSS) Equipment: HUSKY RTU Vulnerabilities: Improper Authentication, Improper Input Validation 2.

Siemens SIMATIC CP 1543-1 (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC CP 1543-1 Vulnerabilities: Improper Access Control, Loop with Unreachable Exit Condition 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow for remote code execution and information disclosure without authentication, or unauthenticated denial of service.

Siemens Industrial Products SNMP Vulnerabilities (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Various SCALANCE, SIMATIC, SIPLUS products Vulnerabilities: Data Processing Errors, NULL Pointer Dereference 2.

Siemens PROFINET-IO Stack (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Siemens PROFINET-IO Stack Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to a denial-of-service condition.

Siemens SIMATIC S7 (CISA) 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC S7 Vulnerability: Uncontrolled Resource Consumption (Resource Exhaustion) 2.

Siemens SCALANCE X Switches (CISA) 1. EXECUTIVE SUMMARY CVSS v3 4.2 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SCALANCE X switches Vulnerability: Protection Mechanism Failure 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform administrative actions.

Siemens SIMATIC PCS 7, SIMATIC WinCC, and SIMATIC NET PC (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC PCS 7, SIMATIC WinCC, SIMATIC NET PC Vulnerability: Incorrect Calculation of Buffer Size 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker with network access to cause a denial-of-service condition.

Siemens SCALANCE S-600 (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SCALANCE S-600 Firewall Vulnerabilities: Resource Exhaustion, Cross-site Scripting 2. RISK EVALUATION These vulnerabilities could allow a remote attacker to conduct denial-of-service or cross-site scripting attacks. User interaction is required for a successful exploitation of the cross-site-scripting attack.

Siemens SIPORT MP (CISA) 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIPORT MP Vulnerability: Insufficient logging 2. RISK EVALUATION Successful exploitation of this vulnerability could allow the attacker to create special accounts with administrative privileges.

Siemens SIMATIC S7-1500 (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SIMATIC S7-1500 CPU family Vulnerability: Resource exhaustion 2. RISK EVALUATION This vulnerability could allow a remote attacker to conduct denial-of-service attacks. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of SIMATIC are affected:

Siemens OZW Web Server (CISA) 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: OZW web server Vulnerability: Information disclosure 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthenticated users to access project files.

Siemens SIPROTEC 4 and SIPROTEC Compact (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SIPROTEC 4 and SIPROTEC Compact Vulnerability: Improper Input Validation 2. RISK EVALUATION This vulnerability could allow an attacker to conduct a denial-of-service attack over the network.

Digi ConnectPort LTS 32 MEI (CISA) 1. EXECUTIVE SUMMARY CVSS v3 2.4 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Digi International Equipment: ConnectPort LTS 32 MEI Vulnerabilities: Unrestricted Upload of File with Dangerous Type, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could limit system availability.

Siemens SIMATIC Products (Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3.1  3.7 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SIMATIC CP 1626; HMI Panel (incl. SIPLUS variants); NET PC software; STEP 7 (TIA Portal); WinCC (TIA Portal); WinCC OA; WinCC Runtime (Pro and Advanced); TIM 1531 IRC (incl. SIPLUS variant) Vulnerability: Exposed Dangerous Method or Function 2.

Siemens Industrial Real-Time (IRT) Devices (Update B) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Industrial Real-Time (IRT) Devices Vulnerability: Improper Input Validation 2.

Siemens PROFINET Devices (Update C) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: PROFINET Devices Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled ICSA-19-283-02 Siemens PROFINET Devices (Update B) that was published January 14, 2020, to the ICS webpage on us-cert.gov.

Siemens Industrial Products (Update D) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Industrial Products Vulnerabilities: Integer Overflow or Wraparound, Uncontrolled Resource Consumption 2.

Siemens Industrial Products with OPC UA (Update E) (CISA) 1. EXECUTIVE SUMMARY CVSS v3.1  7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC, SINEC-NMS, SINEMA, SINEMURIK Industrial Control Products with OPC UA Vulnerability: Uncaught Exception 2.

Siemens SIMATIC, SIMOCODE, SINAMICS, SITOP, and TIM (Update F) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC, SIMOCODE, SINAMICS, SITOP, and TIM Vulnerability: Out-of-bounds Read 2.

Meet the Guy Selling Wireless Tech to Steal Luxury Cars in Seconds (Vice) Motherboard obtained a video of a so-called relay attack from EvanConnect, who sells keyless repeaters that can be used to break into and steal luxury cars.

Valentine's & Chocolate Don't Always Equal Love (Check Point Software) With Valentine’s Day approaching, lovers around the world are working on finding the best way to celebrate with their loved ones. Meanwhile – cyber

Deepfakes and deep media: A new security battleground (VentureBeat) As deepfakes become more sophisticated, it'll take equally sophisticated detectors to spot and remove them. Here's the work on the cutting edge.

Disruptionware: The Newest Form of Cyberattack is Targeting the Health Care Industry (JD Supra) Beware, health care providers — there’s a new form of cyberattack coming to an organization near you! Disruptionware is an “emerging category of...

Analog device vulnerability is a major threat to infrastructure, but the culture gap persists which could be an existential problem (Control Global) Cybernetics was originally defined as a transdisciplinary approach for exploring regulatory systems—their structures, constraints, and possibilities. Norbert Wiener defined cybernetics in 1948 as "the scientific study of control and communication in the animal and the machine." In other words, it is the scientific study of how humans, animals and machines control and communicate with each other. It’s worth remembering that Wiener’s illustrative example was an engine governor, an analog device if there ever was one.

Rockdale County government faces second cyber attack (On Common Ground News) Rockdale County officials announced at a news conference today that the county is aggressively responding to a ransomware attack on the government’s computer network. County officials said they have contacted the Georgia Technology...

Russian group behind Oshkosh cyber attack (WHBY) The FBI believes Russian hackers are to blame for a cyber attack that brought down City of Oshkosh computers. ...

Security Patches, Mitigations, and Software Updates

Microsoft Patch Tuesday, February 2020 Edition (KrebsOnSecurity) Microsoft today released updates to plug nearly 100 security holes in various versions of its Windows operating system and related software, including a zero-day vulnerability in Internet Explorer (IE) that is actively being exploited. Also, Adobe has issued a bevy of security updates for its various products, including Flash Player and Adobe Reader/Acrobat.

Microsoft Addresses Active Attacks, Air-Gap Danger with 99 Patches (Threatpost) There are 12 critical and five previously disclosed bugs in the February 2020 Patch Tuesday Update.

Microsoft tries again to plug exploited IE zero-day (iTnews) Third time lucky?

Adobe Releases the February 2020 Security Updates (BleepingComputer) Adobe has released its monthly security updates that fix vulnerabilities in numerous Adobe products. As many of these vulnerabilities are classified as Critical, all users are advised to install the applicable updates as soon as possible.

Firefox 73 Released With Security Fixes, New DoH Provider, More (BleepingComputer) Mozilla has released Firefox 73 today, February 11th, 2020, to the Stable desktop channel for Windows, macOS, and Linux with bug fixes, new features, and security fixes.

Intel Patches High-Severity Flaw in Security Engine (Threatpost) The high-severity vulnerability could enable denial of service, privilege escalation and information disclosure.

Cyber Trends

Cybersecurity Trends 2020 (TÜV Rheinland) New thinking on cybersecurity and privacy in a world where digital transformation beckons.

Malwarebytes Finds Mac Threats Outpace Windows for the First Time in Latest State of Malware Report (Malwarebytes Press Center) Malwarebytes today announced the findings of its annual “State of Malware” report.

IBM X-Force: Stolen Credentials and Vulnerabilities Weaponized Against Businesses in 2019 (IBM News Room) Consumer Tech Brands Caught in Crossfire of Phishing Attacks; Misconfigurations Accounted for Over 85% of Exposed Records; Banking Trojans and Ransomware Form Strong Bond.

Understand the threat landscape with fresh intelligence (IBM) The annual X-Force Threat Intelligence Index sheds light on the biggest cyber risks that organizations face today, with data and insights collected over the past year.

New Research from Arkose Labs Shows Human-Driven Fraud Attacks are on the Rise (Arkose Labs) Data Reveals a Surge in Sweatshop-Powered Fraud Alongside Attack Spikes on Online Gaming and Social Media Platforms

MediaPRO Research Reveals Almost Two-Thirds of U.S. Employees Unaware if the CCPA Applies to Their Organization (BusinessWire) MediaPRO’s just-released 2020 State of Privacy and Security Awareness Report highlights employee knowledge gaps across both the cybersecurity and priv

Utility Cybersecurity (Bricata) As the industrial industry becomes more digitized, it also becomes more vulnerable to utility cybersecurity threats. Read more and see how Bricata can help.

Cryptocurrency crime losses more than double to $4.5 billion in 2019, report finds (Reuters) Losses from cryptocurrency crime surged to $4.52 billion last year, as insider t...

FBI: Cybercrime Victims Lost $3.5 Billion in 2019 (BleepingComputer) FBI's Internet Crime Complaint Center (IC3) published the 2019 Internet Crime Report which reveals that cybercrime was behind individual and business losses of $3.5 billion as shown by the 467,361 complaints received during the last year.

Marketplace

Trend Micro Spin-Out Cysiv Gets $26M to Scale Its Cloud-based Cybersecurity Platform (Dallas Innovates) The Series A funding will help the Security Operations Center-as-a-Service provider address the challenges enterprises currently face in protecting their data.

Nightfall Announces Group of All-Star Investors and Extends Slack DLP Integration to Enterprise Grid (Nightfall AI) Nightfall announces an all-star group of new Series A investors, which includes legends from the worlds of business, technology, and sports.

Infrascale Announces Key Leadership Hires and Additional Funding to Support Accelerated Growth (PRWeb) Infrascale, a cloud-based data protection company providing industry leading backup and disaster recovery solutions, today announced the appointment of Russe

Top fraud detection startups in Europe you should know about in 2020 (Silicon Canals ) European technology news from the startup ecosystem. Founder and publisher: Remco Janssen. Follow us on Twitter: @siliconcanals.

Nok Nok, Inventor of FIDO Standards, Welcomes Apple to the FIDO Alliance; Reports Record Growth (PR Newswire) Nok Nok Labs, the leader in passwordless authentication, today announced a record year following broad industry acceptance of FIDO standards –...

Apple joins Microsoft, Samsung, Intel in FIDO security alliance (AppleInsider) Apple is now a member of the FIDO alliance, a body that aims to increase user security while reducing reliance on passwords. It's one of the last major technology firms to join.

Former NSA Deputy Director Bill Crowell Joins Advisory Board of AI-Pow (PRWeb) The artificial intelligence powered cybersecurity startup Cyber Reconnaissance, Inc. (d.b.a. CYR3CON®) has announced today that entrepreneur and former NSA ...

Jacobs Strengthens Cyber Team with Strategic Hire of SVP (Yahoo) Jacobs (NYSE:J) has hired Caesar Nieves as the senior vice president of its cyber business within the company's Critical Mission Solutions (CMS) line of business. In this role, Nieves will provide senior leadership, strategic vision and focus for Jacobs' cyber business as the company expands

Sauce Labs Appoints Justin Dolly as Chief Security Officer (Yahoo) Sauce Labs Inc., provider of the world’s most comprehensive and trusted continuous testing cloud, today announced the appointment of Justin Dolly as chief security officer. A security industry veteran with more than 20 years of experience, Dolly will develop, implement, and enforce the company’s long-term

Products, Services, and Solutions

Why Randori Is Automating the Red Team Experience (Randori) After two years of development, we’re thrilled to share with you big news: today, we’re unveiling the Randori Attack Platform, the industry’s first automated attack platform.

Randori Launches Automated ‘Attack Platform,’ Industry's First SaaS Solution to Bring Elite Red Team Experience to the Mass Market (Randori) Enables Organizations to Continuously Hack Themselves to Prove Their Most Valuable Assets Are Secure

Source Defense Unveils First Ever Report and Threat Research Lab Dedicated to Client-side Security (PR Newswire) Source Defense, the market leader in client-side web security, today released a new threat research report titled, "Client-Side Web Security...

Open Raven Launches Modern Data Security Platform to Bring Visibility and Control to Enterprise Data Protection (BusinessWire) Open Raven today emerged from stealth with the launch of its modern data security platform that brings visibility and control to enterprise data prote

Netskope Announces General Availability of Zero Trust Secure Access for Hybrid IT Environments (Netskope) Netskope Private Access expands the Netskope platform to provide the world’s definitive cloud-native security infrastructure for all enterprise applications and internet traffic SANTA CLARA, Calif. – Feb. 11, 2020 – Netskope, the leading security cloud, today announced the general availability of Netskope Private Access, a cloud-based Zero Trust Network Access (ZTNA) solution that provides fast and secure …

Kustomer Achieves SOC 2 Type II Certification (MarTechSeries) Independent report confirms company's ongoing commitment to create and maintain a secure operating environment for its client's confidential data Kustomer, the SaaS platform reimagining enterprise customer service, announced the successful completion of its Service Organization Control (SOC) 2 Type II examination with zero exceptions.

DLT Solutions Expands Its Technology Vendor Portfolio in Support of U.S. Public Sector Missions (Yahoo) DLT Solutions, LLC., a wholly owned subsidiary of Tech Data (Nasdaq: TECD) and a premier government technology solutions aggregator, has added new offerings from Glasswall, Illumio, NetBrain, Parasoft, Perfect Sense, TYCHON and ZorroSign to its rapidly expanding technology vendor portfolio.

Pulse Secure Offers Free Remote Access Software to Thousands of Employees Working from Home In Asia During The Coronavirus Health Crisis (Pulse Secure) Pulse Secure, the leading provider of software-defined Secure Access solutions, today announced it is offering free subscriptions of its market-leading secure remote access solution, Pulse Connect Secure (PCS), to companies for their use by employees based in Asia impacted by the Coronavirus health crisis.

Entrust Datacard Simplifies High-Assurance Authentication With Next Generation Passwordless Workforce Login and Fully Digital Customer Identity Proofing () Latest high assurance authentication offerings from Entrust Datacard eliminate employee passwords and accelerate secure customer onboarding.

Forescout Updates Platform to Empower Enterprises to Identify and Act on High-Risk Devices – Faster (Benzinga) New persona-based user interface for Forescout eyeSight provides actionable device context to pinpoint, prioritize and proactively mitigate risks across the extended enterprise...

Farsight Security to Debut Real-Time Security Data Innovations at RSA® Conference 2020 (Globe Newswire) Farsight Security to introduce the industry’s first Newly Active Domains data feed together with SIE Batch, an easier way to consume real-time data via its Security Information Exchange platform

iProov Expands Its Presence in U.S. Biometric Security Market (BusinessWire) iProov™, the leading provider of biometric authentication technology and Genuine Presence Assurance, today announced that it has expanded its footprin

Perception Point Launches Advanced Protection for Salesforce, Defending Against Growing Attack Surface (PR Newswire) Perception Point, a leading cybersecurity firm preventing file, URL, and social-engineering based attacks in any content-exchange channel,...

Technologies, Techniques, and Standards

The Cybersecurity 202: Nevada officials intend to use Google forms in upcoming caucuses (Washington Post) Election experts are warning about more tech and security red flags as Nevada Democrats race to develop a new game plan for their second-in-the-nation caucuses on Feb. 22.

Nevada Democrats lay out new plan for caucuses, trying to alleviate growing concerns about the process (Washington Post) Campaigns have complained about a lack of transparency and worry about a repeat of Iowa.

How the Iowa Caucuses Became an Epic Fiasco for Democrats (New York Times) The problems that beset the Democratic Party’s first state caucus of the presidential race ran far deeper and wider than one bad app.

City of Pensacola reviewing recommendations from cyberattack assessment (WEAR) The City of Pensacola is reviewing recommendations it's received from a cyberattack assessment. The city’s network was hit by a cyberattack on Dec. 7, 2019. The city says it had Deloitte & Touche LLP to assess the incident and provide observations and recommendations to mitigate the risk of future cyberattacks.

5 tips for you and your family on Safer Internet Day (Naked Security) Why not make Safer Internet Day the excuse you need to do all those cybersecurity tweaks you’ve been putting off?

5 tips for businesses on Safer Internet Day (Naked Security) Safer Internet Day – here’s how to make your business better at cybersecurity, no matter how safe you are already!

‘Safer Internet Day’ Brings the World the 'Rosetta Stone' for Encouraging Good Digital Hygeine - Grit Daily News (Grit Daily News) On Safer Internet Day 2020, The Cybersmile Foundation launched the 'Rosetta Stone' for digital hygiene, which includes twelve modules on different subjects.

Research and Development

Keeping classified information secret in a world of quantum computing - Bulletin of the Atomic Scientists (Bulletin of the Atomic Scientists) The “race” for quantum supremacy against China is significantly overstated. Analysts should redirect attention to protecting classified information against future attacks by quantum computers, a more pressing and manageable problem.

Academia

SOL4CE Cyber/Cyber-Physical Laboratory opens at Purdue University (Purdue University) Purdue University’s CERIAS (Center for Education and Research in Information Assurance and Security) has announced the addition of a new laboratory facility that dramatically increases Purdue’s cyber-physical research, emulation, and analysis capabilities.

Cybersecurity: 4 top Master's programmes in the US (Study International) Our top picks for the best cybersecurity degrees include high-value and interdisciplinary programmes at some of the US's top schools.

Former National Security Agency Director to Lead Cyber Florida at USF (Globe Newswire) The University of South Florida today announced the appointment of J. Michael (Mike) McConnell, retired U.S. Navy vice admiral and former director of the National Security Agency (NSA), as executive director of Cyber Florida.

Deloitte cyber risk expert appointed professor at DMU (De Montfort University Leicester) A top cyber security expert from the world...

Legislation, Policy, and Regulation

BRICS countries to build digital sovereignty (MediaNama) The push towards digital sovereignty is frequently criticized as a Trojan horse for authoritarian measures. It’s tremendously naïve to think it the only explanation. Brazil, Russia, India, China and South Africa are home to 3.2 billion people, 42% of the world’s population. In effect, these countries hold 42% of one of the most valuable resources …

EU backs away from call for blanket ban on facial recognition tech (Financial Times) New draft of AI paper drops suggestion of 5-year moratorium on surveillance technology

Germany set to follow UK on Huawei conundrum – report (Telecoms.com) Huawei looks to have survived another European scare as Germany closes in on a deal which would offer the company restricted freedoms, similar to the position of the UK.

Merkel's conservatives stop short of Huawei 5G ban in Germany (Reuters) Lawmakers from German Chancellor Angela Merkel's ruling conservatives have ...

US pressures allies against using Huawei with new evidence of security risk (Washington Examiner) U.S. officials seeking to convince allies not to use Huawei in their 5G networks are alerting a security flaw that allows the Chinese government-backed telecommunications giant to purloin sensitive information secretly.

State officials press Congress for more resources to fight cyberattacks (TheHill) Top federal and state officials pressed a Senate committee on Tuesday to provide more resources and authorities to fight cyberattacks, an issue of increasing concern in the wake of debilitating attacks on governments entities t

Election Security: DHS Plans Are Urgently Needed to Address Identified Challenges Before the 2020 Elections (GAO) The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has helped state and local election officials secure online voter registration systems, voting machines, and other election infrastructure since 2017. Elections officials we interviewed in 7 of 8 states said they were very satisfied with CISA’s support.Election primaries begin in February.

More powers for Ofcom to police social media firms (BBC News) Tech firms will need to ensure that illegal content is quickly removed from their platforms.

Ofcom to be handed role of policing UK social media platforms (Computing) Under new legislation, online platforms will be required to remove illegal and harmful content quickly

What to Expect for the PATRIOT Act Reauthorization (Project On Government Oversight) With several controversial provisions of the PATRIOT Act about to expire and recent revelations about misconduct at the FISA Court, now is an important time to learn about what changes Congress can make to our surveillance laws.

What’s in the DHS cyber agency’s budget request (Fifth Domain) While funding requests fluctuated on two federal cybersecurity programs, the Cybersecurity and Infrastructure Security Agency also previewed some new investments it wants to make.

Which cyber programs asked for more money ... and which didn’t? (Fifth Domain) One of the early winners in the Department of Defense’s cyber budget request for fiscal year 2021 is the Joint Cyber Command and Control (JCC2) program, which aims to provide commanders with enhanced situational awareness and assist in battle management as it relates to cyber.

Litigation, Investigation, and Law Enforcement

Switzerland investigating alleged CIA, German front company (Washington Post) Swiss authorities said Tuesday they have opened an investigation into allegations a Zug, Switzerland-based maker of encryption devices was a front operated by the CIA and West German intelligence that enabled them to break the codes of the countries that used their products.

Trump’s Antitrust Officials Get Win With T-Mobile Verdict (Wall Street Journal) The failed legal challenge by state attorneys general to the company’s takeover of Sprint Corp. reaffirmed the federal government’s authority in policing mergers.

Google takes on EU in court over record antitrust fines (Reuters) Google will on Wednesday seek to overturn the first of three hefty European Unio...

FTC Expands Antitrust Investigation Into Big Tech (Wall Street Journal) Federal regulators opened a new front in their investigation of big tech firms, seeking to determine whether the industry’s giants acquired smaller rivals in ways that harmed competition.

How Apple ‘Intercepts’ And Reads Emails When It Finds Child Abuse (Forbes) For the first time, Apple’s methods of reading emails containing potentially illegal material are revealed. The company is proving a lot more helpful to the U.S. government than previously thought.

Russian Citizen Pleads Guilty to Cyber Tax Fraud Scheme That Resulted in More Than $1.5 Million in Losses to Department of the Treasury (US Department of Justice) Earlier today, in federal court in Brooklyn, Anton Bogdanov, a citizen of Russia, pleaded guilty before United States Magistrate Judge Vera M. Scanlon to wire fraud conspiracy and computer intrusion in connection with a scheme in which he and others used stolen personal information to file federal tax returns and fraudulently obtain more than $1.5 million in tax refunds from the Department of the Treasury.

Court docs: Suspect in ‘Brian Kil’ cyber threats case agrees to plead guilty to 41 counts (FOX59) The man behind the “Brian Kil” threats that terrorized Plainfield residents several years ago filed a petition Thursday to plead guilty. Buster Hernandez, 28, is accused of threatening underage girls and forcing them to send sexually explicit material. He targeted hundreds of minors in the United States and one foreign county, including six teen girls from Indiana.

Labour Party could be fined up to £15m by the ICO after leadership contender is reported over alleged data breach (Computing) Computing is the leading information resource for UK technology decision makers, providing the latest market news and hard-hitting opinion.

‘We are not a banana republic’: National security adviser defends Vindman dismissals (POLITICO) Robert O’Brien said the brothers’ removal from the NSC was because they were trying to undermine Trump.

DOJ Nears Decision on Whether to Charge Blackwater Founder Erik Prince (Wall Street Journal) The Justice Department is close to deciding whether to charge Erik Prince in connection with his 2017 testimony about a meeting in the Seychelles with a Russian sovereign-wealth adviser and potential violations of U.S. arms-trafficking regulations, people familiar with the matter said.

Prosecutors quit amid escalating Justice Dept. fight over Roger Stone’s prison term (Washington Post) All four career prosecutors handling the case against Roger Stone withdrew from the legal proceedings Tuesday — and one quit his job entirely — after the Justice Department signaled it planned to undercut their sentencing recommendation for President Trump’s longtime friend and confidant.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

2020 OurCrowd Global Investor Summit (Jerusalem, Israel, February 11 - 13, 2020) We’re expanding the Summit to three days! Invite-only events will take place February 11-12, with Summit Day on February 13. Summit Week will be packed as ever, with corporate meet ups, VC forums, insider...

CyCon 3.0 (Sterling, Virginia, USA, February 15, 2020) Our 3rd Annual NOVA CyCon event in Loudoun has a full lineup of cybersecurity experts, speakers and federal contractors presenting on cutting-edge topics! Networking, free lunch and refreshments, door...

Insider Threat Program Management With Legal Guidance Training Course (College Park, Maryland, USA, February 19 - 20, 2020) This 2 day training course will ensure the Insider Threat Program (ITP) Manager, Insider Threat Analyst, FSO, and others who support the ITP (CSO, CIO, CISO, IT, Network Security, Human Resources, Etc.),...

The Human Hacking Conference 2020 (Lake Buena VIsta, Florida, USA, February 20 - 22, 2020) Once flagged by the FBI and the US banking industry as a potential national security threat, the Social Engineering Village (SEVillage) presents this unprecedented experience, The Human Hacking Conference,...

RSA Conference 2020 (San Francisco, California, USA, February 24 - 28, 2020) Be part of a conversation that has the power to change the world. Join top cybersecurity leaders and a dedicated community of peers as we exchange the biggest, boldest ideas that will help propel the industry...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.