skip navigation

More signal. Less noise.

MVISION Insights: Move Beyond Intelligence to Insights that Empower You to Change Your Environment.

Harnessing the power of one billion threat sensors worldwide, McAfee designs security fueled by Insights. MVISION Insights enables you to move beyond intelligence and empowers you to change your environment. Identify with Machine Learning. Defend and correct with Deep Learning. Anticipate with Artificial Intelligence. Move your security out of reactive mode to a proactive posture. McAfee, the device-to-cloud cybersecurity company. Go to McAfee.com/insights to learn more.

Daily briefing.

Microsoft has confirmed that APT31, the North Korean threat group Redmond tracks as "Thallium," has indeed been aggressively pursuing Windows users, and that Microsoft has seized fifty domains Thallium used in its espionage campaigns.

The Wall Street Journal on Monday published its investigation into the Cloud Hopper cyberespionage campaign that Reuters broke in December 2018. The US Justice Department at that time indicted two Chinese nationals (both of whom remain at large) and alleged that the duo had been working for the Chinese Ministry of State Security's APT10. It now appears, according to the Journal, that the espionage was far more widespread than originally reported, extending to more companies than the fourteen alluded to in the indictment.

The US General Services Administration has announced that its procurement schedules, to be refreshed on January 15th of this year, will include bans on doing business with companies whose offerings include “substantial or essential” components from specified Chinese companies, notably Huawei and ZTE. FedScoop points out that this will affect companies whose supply chains are too enmeshed with those of the proscribed companies.

India, for its part, will subject equipment proposed for 5G networks to security trials, a development the Economic Times reports has been welcomed by Huawei. The company, which had a good 2019 despite the security controversies it encountered, says it expects 2020 to be "difficult." But the company's CEO has a brave face: "If not for the bone-deep bite of winter, where would we get the heady scent of plums?"

Notes.

Today's issue includes events affecting Brazil, Canada, China, France, Germany, India, Italy, Democratic Peoples Republic of Korea, Republic of Korea, Netherlands, Pakistan, Russia, Saudi Arabia, South Africa, Turkey, United Arab Emirates, United Kingdom, United States.

Bring your own context.

An expert takes a look at recent disclosures of security issues involving smart home products and sees an Internet-of-Things glass that's half full.

"But there might be people out there who would think that, hey, well, that means IoT devices aren't secure. You know, I saw that newspaper article about the Ring doorbell getting hacked. And therefore, I don't want one. You know the whole song and dance. But I think this is actually a positive thing, right? When I look at this and I think about the way that software works, you know, and the fact that all software has bugs - right? - it's the nature of the beast, basically what it means is that, you know, IoT companies are taking software more seriously. They're looking for issues. Of course they're finding issues, right? If you look at any piece of software, you're going to find issues. What we can say here is that we found issues, we worked with the vendors to address them, their maturity model is improving. And I think what we're seeing are definite steps in the right direction. So we were surprised, and we were very pleased with how it turned out."

—Craig Williams, director of Talos Outreach at Cisco, on the CyberWire Daily Podcast, 12.20.19.

Half full, and getting fuller.

Simple, secure identity and access management for your business.

LastPass Identity provides simple control and visibility across every entry point to your business through single sign-on, password management and multi-factor authentication in one unified solution. LastPass Identity provides a holistic view of end user activity to simplify security for IT, all while delivering the passwordless login experience employees want. Start a free LastPass Identity trial today.

In today's Daily Podcast, out later this afternoon, we speak with our partners at the Johns Hopkins University's Information Security Institute, as Joe Carrigan shares the story of a financial advisor who paid the price for falling for a phishing scheme. Our guest is Dave Burg from EY, with a global perspective of cyber security risk.

Hacking Humans is also up. In this episode, Dave has a warning from a galaxy far, far away. Joe has a report of a scam attempt on a listener who fancies fancy pens. The catch of the day features a Tinder dating app bot scam. Our guest is Dennis Dillman from Barracuda Networks, sharing his thoughts on employee training.

And in case you missed it, a CyberWire Special Edition Podcast is up. In this Special, "Avoiding VC pitfalls with Ron Gula and Mike Janke," we hear some advice from a pair of seasoned cybersecurity investors. Ron Gula caught our eye with an article he recently published, "Cyber entrepreneur pitfalls you can avoid." In it, he gathers a group of tech investors to get their takes on the dos and don'ts of pitching to venture capitalists. Ron runs Gula Tech Adventures along with his wife Cyndi, where they support the next generation of cyber technology strategy and policy. DataTribe's Mike Janke joins the conversation with his experiences guiding hopeful young entrepreneurs through the pitch process.

Cyber Attacks, Threats, and Vulnerabilities

Islamabad High Court warns employees of possible cyber attack (The New Indian Express) According to a media report, Ransomware virus can be spread to computers through attachments or links in phishing emails.

Ghosts in the Clouds: Inside China’s Major Corporate Hack (Wall Street Journal) In the breach known as Cloud Hopper, cyberattackers allegedly working for China’s intelligence services broke into cloud companies, including CGI and IBM, to steal volumes of intellectual property and records from scores of companies.

Report: Cloud Hopper Attacks Affected More MSPs (BankInfo Security) A persistent question over the past several years is which managed service providers were affected by APT10, a tenacious Chinese hacking group. But a Wall Street

Chinese 'Cloud Hopper' campaign targeting cloud providers was more extensive than admitted (Computing) Cloud Hopper hack enabled the attackers to steal large volumes of intellectual property and other sensitive data

Major US companies breached, robbed, and spied on by Chinese hackers (Fox Business) In 2016, and U.S. prosecutors charged two Chinese nationals for the global operation last December. The two men remain at large.

N. Korean hackers mount phishing attack on NKHR groups (Daily NK) On Dec. 18, a North Korean hacking group allegedly conducted a phishing attack on several NKHR-related non-governmental organizations.

Facebook Discovers Fakes That Show Evolution of Disinformation (New York Times) Researchers said the profiles, linked to the Epoch Media Group, used photos generated by artificial intelligence in a preview of an “eerie, tech-enabled future of disinformation.”

Removing Coordinated Inauthentic Behavior From Georgia, Vietnam and the US (About Facebook) We removed two unconnected networks of accounts, Pages and Groups for engaging in foreign and government interference on Facebook and Instagram.

How Close Did Russia Really Come to Hacking the 2016 Election? (POLITICO) Government reports indicate a Florida election technology company was hacked in 2016. There’s plenty the public doesn’t know about the incident—but should—going into 2020.

Doctored Videos, Phony Blogs, Moral Panic: The Top 10 Fake News Stories Of 2019 (For Real) (RadioFreeEurope/RadioLiberty) This year, viewers have had to wade through manipulated videos passed off as real, blogs written by anonymous trolls, and a widely debunked theory with adherents in the White House. That’s not to mention the many routine instances of wrong or misleading info spread by media outlets, politicians, and others. Here are 10 stories from 2019 of disinformation running rampant.

It Seemed Like a Popular Chat App. It’s Secretly a Spy Tool. (New York Times) ToTok, an Emirati messaging app that has been downloaded to millions of phones, is the latest escalation of a digital arms race.

Chinese hacking group APT20 bypassing 2FA in latest wave of attacks (Computing) Hacking activities of APT20 date back to 2011

'A mini-China story': Vietnam-linked hacking group targets Toyota and others (The Japan Times) A Vietnam-based hacking group is learning from China's playbook, using increasingly sophisticated cyberattacks to spy on competitors and help Vietnam catch

India Used Israeli Spyware To Target Top Pakistani Officials, Diplomats (EurAsian Times: Latest Asian, Middle-East, EurAsian, Indian News) According to a report in the British newspaper – The Guardian, mobile phones of at least two dozen Pakistani government officials have been targeted using technology developed by Israeli company NSO. Iran Days Away From Developing Nuclear Weapons – Israeli Intelligence Reports It is unclear who was involved in the attack, but it was feared […]

Kudankulam: One Incident, Many Facets – Analysis (Eurasia Review) A malware infection in the IT network of the Kudankulam Nuclear Power Plant (KKNPP) located in Tamil Nadu was first reported in social media on October 28.1 The…

Disk Structure Wipe - Enterprise (MITRE ATT&CK™) Adversaries may corrupt or wipe the disk data structures on hard drive necessary to boot systems; targeting specific critical systems as well as a large number of systems in a network to interrupt availability to system and network resources.

IoT vendor Wyze confirms server leak (ZDNet) Details for 2.4 million users were exposed online for 22 days.

Wyze camera security breach: personal data from 2.4M users (9to5Mac) A Wyze camera security breach has seen a large amount of personal data leaked for more than 2.4 million users. This includes ...

One Day, Three Credit Card Data Breach Notifications (BleepingComputer) On the same day this week, two restaurants and a convenience store, all with locations across the U.S., disclosed security breach incidents that may have enabled attackers to steal customer payment card data.

Critical Citrix Flaw May Expose Thousands of Firms to Attacks (BleepingComputer) A newly discovered vulnerability impacting the Citrix Application Delivery Controller (NetScaler ADC) and the Citrix Gateway (NetScaler Gateway) could potentially expose the networks of over 80,000 firms to hacking attacks.

Deloitte Warns 4,000,000 Bitcoin Worth $28.6 Billion Vulnerable to Quantum Attack (The Daily Hodl) Researchers at the Big Four accounting firm Deloitte say 4 million Bitcoin worth about $28.6 billion are especially vulnerable to attack from quantum computers.

Twitter Android app bug matched millions of phone numbers to accounts (SlashGear) Twitter may not have been dragged into major privacy and political scandals the way Facebook has been but it has its fair share of headaches. Most of these stem from technical problems, a.k.a. bugs…

Opinion | How to Track President Trump (New York Times) Smartphones leave a trail that anyone — and any foreign government — could follow.

Opinion | How Your Phone Betrays Democracy (New York Times) You protest, they watch.

Sextortionists return for Christmas – price goes down, threats go up (Naked Security) This follow-up sextortion demand, timed to align with Christmas, has a much more aggressive and menacing tone that last week’s version.

Christmas malware uses “Support Greta Thunberg” as a lure (Naked Security) You’re invited to a climate demonstration… but to find the time and place, you need to open an attachment. Don’t do it!

Celebrity addresses posted online in New Year’s Honours List leak (Naked Security) Too much information.

Hackers keep dumping Ring credentials online 'for the giggles' (ZDNet) Three cache of Ring user credentials have surfaced this week.

Report: Travel Reservations Platform Leaks US Government Personnel Data (vpnMentor) Led by Noam Rotem and Ran Locar, vpnMentor’s research team discovered a breach in a database belonging to Autoclerk, a reservations management system owned by

Exclusive: Pentagon warns military members DNA kits pose ‘personal and operational risks’ (Yahoo News) The Pentagon is advising members of the military not to use consumer DNA kits, saying the information collected by private companies could pose a security risk, according to a memo co-signed by the Defense Department’s top intelligence official.

Email Domains Vulnerable to Election Infrastructure Cyber Attack (MSSP Alert) Email is being “significantly overlooked” as threat vector in securing election infrastructure, a recent report said. While voting officials such as county auditors, clerks, or boards of elections regularly communicate with the public via email and real-time election results are sent to the media by email, in many states and counties in the U.S. it …

Inside Discord’s Thriving Black Market for Stolen Credit Cards and Gift Cards (Medium) Cracked PayPal accounts and stolen debit card numbers are sold in the open

Cyber attack forces RavnAir to cancel flights in Alaska (MarketBeat) RavnAir says it will operate a normal afternoon schedule on Saturday after the company canceled about a half-dozen morning flights in Alaska following what it described as “a malicious cyber attack” on its computer network

RavnAir revises estimate of damage from cyber attack (San Francisco Chronicle) An Alaska air carrier that suffered a cyber attack has experienced more disruption than initially projected, according to a company announcement.

Travel Continues To Be Impacted After RavnAir Group Experiences Cyber Attack On Dash 8 Aircraft (KUCB) RavnAir Group continues to be impacted by the cyber attack it experienced earlier this month , and the impact now appears to be more extensive than

The Heritage Company announces temporary closure, due to cyber attack, before Christmas (KAIT 8) Officials with a Central Arkansas company, with a location in Region 8, announced this weekend they will be temporarily suspending its services due to a cyber attack

Ransomware attack forces Arkansas CEO to fire 300 employees days... (HOTforSecurity) The chief executive officer of a telemarketing company in Sherwood, Arkansas has let go 300 employees after the company failed to recover from a ransomware infection months back. In a deeply apologetic letter to employees, The Heritage Company CEO Sandra Franecke said two months ago their...

South Daktoa computers targeted by North Korea (KOTA TV) North Korean hackers have targeted South Dakota computers, according to the Department of Homeland Security.

Eastern Band Still Recovering From Cyber Attack (Blue Ridge Public Radio) The Eastern Band of Cherokee Indians(EBCI) are still working to fix their network after a cyber attack says Principal Chief Richard Sneed. This month ,

Local school districts still recovering from ransomware attacks (Republican-American) Local school districts still are recovering from ransomware attacks that forced officials to shut down all school computers in 2019.

US Accounting Firm Moss Adams Discloses Data Breach (Latest Hacking News) US public accounting firm Moss Adams has recently disclosed a data breach that exposed names and Social Security Numbers of the affected individuals.

Wawa establishes ID protection service after breach (The Delaware County Daily Times) Wawa is taking a proactive approach to help customers who may have been affected by a months-long data breach this year that may have compromised credit card information used at

Maastricht University gets almost all of its Windows systems encrypted by ransomware (2Spyware) Netherlands Maastricht University becomes a victim of ransomware just before Christmas. On December 24, Maastricht University, also dubbed as UM, released an official report about

Maze Ransomware Gang Names More Alleged Victims (Data Breach Today) The gang behind Maze ransomware now lists 21 alleged victims on its website that it says have not paid a demanded ransom, including the Florida city of Pensacola.

US Coast Guard discloses Ryuk ransomware infection at maritime facility (ZDNet) Ransomware infection led to a disruption of camera and physical access control systems, and loss of critical process control monitoring systems.

Cyberattack Impacts MTSA Facility Operations (US Coast Guard Marine Safety Information Bulletin) The purpose of this bulletin is to inform the maritime community of a recent incident involving a ransomware intrusion at a Maritime Transportation Security Act (MTSA) regulated facility.

Big MSP Suffers Ransomware Attack: Report (MSSP Alert) A California MSP (managed IT services provider) suffers Sodinokibi ransomware attack. Remote access software extends attack to customers, report says.

FBI Issues Alert For LockerGoga and MegaCortex Ransomware (BleepingComputer) The FBI has issued a warning to private industry recipients to provide information and guidance on the LockerGoga and MegaCortex Ransomware.

Colleges are turning students’ phones into surveillance machines, tracking the locations of hundreds of thousands (Boston Globe) Some professors and education advocates argue that the systems represent a new low in intrusive technology, breaching students’ privacy on a massive scale.

Vulnerability Summary for the Week of December 16, 2019 (CISA) The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.  

Special Olympics NY's Email Server Abused to Send Phishing Emails (The State of Security) Digital attackers compromised an email server owned by Special Olympics NY and then abused it to target donors with phishing emails.

Feds: No evidence hackers disrupted NC voting | Richmond County Daily Journal (Richmond County Daily Journal) A federal investigation didn’t turn up any evidence that cyber attacks were responsible for computer errors that disrupted voting in a North Carolina county in 2016, according to a report…

Ontario County sheriff warns of scam (Wayne Post) Sheriff Kevin Henderson warned in a tweet the Special Olympics of New York's email account was hacked

Scammers have stolen $405 million from military families since 2012, report finds (Military Times) If a deal seems too good to be true, then it probably is. Just close your browser and walk away.

New Survey Shows Which Military Members Get Scammed the Most (Military.com) The report found that a little over half of those in the military community that were scammed were affiliated with the Army.

‘I feel cheated’: Thousands of fake online stores are rushing to cash in (Washington Post) “This is organized fraud on a massive scale,” said Gabriel Openshaw, Overland Sheepskin’s vice president of e-commerce.

7 types of virus – a short glossary of contemporary cyberbadness (Naked Security) Here’s a short list of 7 malware categories we hope you never encounter. Sadly, it’s not an exhaustive list… but it’s a helpful start.

Security Patches, Mitigations, and Software Updates

Mozilla re-admits Avast and AVG extensions removed from store for excessive data exfiltration (Computing) AVG owner Avast also just so happens to own a clickstream-data service called Jumpshot but claims that 'privacy is our top priority'...

Windows 7 dies Jan. 14. Here's what you need to do (Tom's Guide) How to move on from -- or keep living with -- Windows 7

Twitter blocks animated PNGs to keep trolls from using them to trigger seizures (updated) (Engadget) You’ll still be able to use GIFs when you feel the need to share your favorite screencaps.

Facebook Messenger now requires a Facebook account to sign up (VentureBeat) New users can no longer sign up for Messenger without creating a Facebook account, a spokesperson confirmed to VentureBeat.

Cyber Trends

These are the 5 most dystopian technologies of 2020 and beyond (Fast Company) From CRISPR to deepfakes, these are the technologies that could cause calamity in the future.

Ad Threats Becoming Massive Data Security Problem (Media Post) The Devcon 2019 Holiday Threat Report provides insights into what advertisers can expect to see in 2020, such as third-party JavaScript risks that connect with Magecart attacks, which target ecommerce checkout pages to steal customer payment data.

Biggest Security Threats in 2020 - Experts Tell You What to Watch Out For (TechNadu) 2020 will bring a lot of security threats, both old and new, and you need to learn to stay safe and what to keep an eye on so you protect yourself.

Attack Vectors of 2019 (TechTalk) A look at how cyber criminals break in There was a report released some time in late 2018 that ransomware attacks were on the decline. That was 2018.

A Round-up of Data Breaches in December 2019 (CipherCloud) Canadian banks targeted in a massive phishing scam A phishing campaign targeting Canadian banks has been detected by Check Point engines. The campaign involves creating hundreds of lookalike domains of multiple banks including Royal Bank of Canada (RBC), Scotiabank, Wells Fargo, CIBC and TD Canada Trust. In the case of RBC, the attacks are carried …

Reviewing the security predictions of 2019 (CISO MAG | Cyber Security Magazine) Chris Roberts reminisces on the security predictions of 2019 to evaluate how accurate they've been.

Cloud, 5G and 'wetware' attacks — the 5 biggest cybersecurity threats of 2020 (Business Insider) The era of artificial intelligence (AI) and machine learning (ML) brings with it the threat of deepfakes and ‘wetware’ attacks. 5G’s promise of turbo speeds

Planning for 2020? Here are 3 cybersecurity trends to look out for (Help Net Security) It’s almost 2020, which means teams are finalizing cyber budgets, strategies and goals. However, as you’re preparing for the new year, it’s important to

Gartner's Avivah Litan on the Rise of 'Fake Everything' (Data Breach Today) Fake news, fake accounts - even fake food. Gartner analyst Avivah Litan is concerned about the onslaught of "fake everything" and how it undermines the

IoT Security: How Far We've Come, How Far We Have to Go (Dark Reading) As organizations fear the proliferations of connected devices on enterprise networks, the private and public sector come together to address IoT vulnerabilities.

Top 10 Countries by Most Mobile Malware Infections in the Q3 2019 (PreciseSecurity.com) According to PreciseSecurity.com, over 50% of mobile users in Iran have fallen victim to mobile malware infections in the third quarter of the current year.

Cloud vulnerabilities to increase in 2020: Palo Alto networks (AME Info) Go-compiled malware was steadily on the rise for in 2019 and as much as 92% of the samples identified were compiled for the Windows operating system, indicating that this is the most heavily targeted system by Go malware developers...

XSS turns 2019's most popular cyber-attack (SC Magazine) Cross-site scripting or XSS is the most popular attack vector globally in 2019, accounting for 40 per cent of all cyber-attacks

Wi-Fi routers and hidden Wi-Fi Spying devices targeting large and medium sized business (Digital Journal) Digitpol’s Wi-Fi experts are certain Wi-Fi and IOT over-the-air attacks will rise in 2020.

Experts warn Canadians to brace for a new era of cyberthreats (The Globe and Mail) Most Canadians – more than 28 million – were affected by 680 breaches between Nov. 1, 2018, and October, 2019, according to the federal privacy commissioner

Marketplace

Huawei’s Revenue Hits Record $122 Billion in 2019 Despite U.S. Campaign (Wall Street Journal) Huawei Technologies said its revenue rose to a record $122 billion this year despite the Trump administration’s campaign to curtail its global business, but predicted more challenges in 2020.

Huawei feels 'bite of winter' after Trump ban (BBC News) The firm admits life will be "difficult" after the Trump administration banned the firm in the US.

Huawei: US Trade Ban Will Make 2020 'Difficult' (BankInfo Security) In a message to employees, Huawei’s rotating Chairman Eric Xu says the company is preparing for a "difficult" 2020 as security concerns over national

WSJ News Exclusive | State Support Helped Fuel Huawei’s Global Rise (Wall Street Journal) Tens of billions of dollars in financial assistance from the Chinese government helped propel Huawei to the top of global telecommunications, a scale of support that dwarfed what its tech rivals got from their governments.

Twitter And Facebook's Race To The Bottom (BuzzFeed News) The two companies had a bad run in the 2010s. It was their own fault.

Why the 2010s were the Facebook Decade (Ars Technica) Facebook grew 600% in 10 years, worming its way into basically everything. How?

Inside the NSA’s plan to lure cyber talent (Federal Times) The defensive and espionage missions undertaken by the National Security Agency require efforts from some of the top tech operators in the world, and these operators must come from somewhere. Enter the NSA's partner institutions — designated Centers of Academic Excellence.

Top 10 cyber insurance companies in the US (Insurance Business) Here are the top insurers both in the standalone and package cyber insurance markets

Mastercard Acquires RiskRecon to Enhance Cybersecurity Capabilities (BusinessWire) Mastercard today agreed to acquire RiskRecon, a leading provider of AI and data analytics solutions to help companies protect their cyber systems.

Vista Equity Takes Majority Interest in Sonatype; Blue Delta's Mark Frantz Quoted (ExecutiveBiz) Vista Equity Partners has completed its acquisition of a majority stake in Fulton, Md.-based software supply chain automation technology provider Sonatype for an undisclosed sum.

Arm looking to sell cyber-security unit (Electronics Weekly) Arm and Gemalto, a subsidiary of Thales, are looking for a buyer for their loss-making cyber-security jv Trustonic. Last year Trustonic lost €8.3 million o

VMware completes $2.7 billion Pivotal acquisition (TechCrunch) VMware is closing the year with a significant new component in its arsenal. Today it announced it has closed the $2.7 billion Pivotal acquisition it originally announced in August. The acquisition gives VMware another component in its march to transform from a pure virtual machine company into a cl…

C5 Capital exits Shape Security in $1bn deal (AltAssets) Venture firm C5 Capital has agreed to sell online fraud prevention company Shape Security to F5 Network in a $1bn deal.

F5 Stock Falls On Acquisition, As Deal Heightens Akamai Rivalry (Investor's Business Daily) F5 Networks (FFIV) made its second large acquisition in 2019, agreeing to purchase security software maker Shape Security for $1 billion in cash. F5 stock fell on the deal, expected to increase competition with Akamai Technologies (AKAM) and others.

Broadcom quietly acquired a small cyber analytics software company (Silicon Valley Business Journal) Broadcom has its U.S. headquarters in north San Jose on Ridder Park Drive. The company acquired Bay Dynamics earlier this month, according to regulatory documents. The acquisition comes as the latest step in Broadcom's buildout of its security business.

WSJ News Exclusive | TikTok Searches for Global Headquarters Outside of China (Wall Street Journal) Bytedance is considering setting up a global headquarters for its hit video-sharing app TikTok outside of China, part of continuing efforts to shake off its Chinese image, people familiar with the company said.

Goodbye, Symantec: Consumer business gets rebrand as NortonLifeLock after Broadcom deal (Phoenix Business Journal) Broadcom Inc.'s $10.7 billion acquisition of Symantec Corp.'s enterprise security business closed this week, and with the deal came the rights to the Symantec name.

NortonLifeLock Layoffs 2020: Cybersecurity Staff Cuts In California, Texas (ChannelE2E) NortonLifeLock, the rebranded Symantec consumer security business, will have layoffs in California & Texas, and shed some office space, reports say.

Cybersecurity Stocks To Watch: Rapid7 Nears Buy With 125% Growth (Investor's Business Daily) As fellow cybersecurity stocks to watch Fortinet (FTNT), CyberArk Software (CYBR) and recent IPO Ping Identity (PING) continue to lead, Rapid7 (RPD) is securing its own new buy zone.

10 Hot Cybersecurity Companies To Watch In 2020 (CRN) Many of the industry's fastest-growing vendors will have their hands full in 2020 integrating major acquisitions, completing their first year as a publicly-traded company, or rolling out new partner programs and technical capabilities.

Proofpoint CEO talks record revenues, cybersecurity landscape and his controversial pay package (Silicon Valley Business Journal) In a wide-ranging interview with the Silicon Valley Business Journal, Proofpoint's Gary Steele spoke about a controversial decision the company's board made to give him a $64.7 compensation package.

Vislink Technologies Appoints Ralph Faison to Board of Directors (IoT Evolution) Vislink Technologies has announced that Ralph Faison has been appointed to its board as a non-executive independent director.

Products, Services, and Solutions

ProtonMail takes aim at Google with an encrypted calendar (VentureBeat) ProtonMail has launched ProtonCalendar, part of a broader plan to introduce privacy-focused alternatives to Google's products.

European Cloud Security Project Provides Tools for the Development of Cybersecurity in the EU (Cision) European cybersecurity company Nixu has been proud to be part of the European Security Certification Framework (EU-SEC) project for the last three years. The project will come to an end on 31 December 2019.

Technologies, Techniques, and Standards

What the Army wants in a multidomain system (C4ISRNET) The Army wants to know if industry can provide a series of sensors for the service’s largest unmanned platform as a way to help see past enemy defenses.

DHS wants more input on how to share vulnerabilities (Fifth Domain) The Department of Homeland Security's cyber agency wants more thoughts on its vulnerability disclosure program. Here's what's been suggested so far.

Perspective | How we survive the surveillance apocalypse (Washington Post) There is no such thing as “incognito,” and other lessons from our tech columnist’s year of wrestling data back from corporate America.

Central Rush Mac Removal Guide (Illustrated How-to Steps) (SensorsTechForum.com) Central Rush Mac is an app that can display unwanted ads, like pop-ups and redirects, collect data or even indirectly infect your Mac with a virus.

Automate, reskill and optimize are the three steps to a better SOC (Federal News Network) Shane Barney at USCIS, and Togi Andrews at FEMA say automation and reskilling are part of how they are evolving their security operations centers.

Get yourself cybersecure for 2020 (the Guardian) With ever more tech in our lives, our data is vulnerable. Here are our six top tips to keep it safe in the new year

Webcast: Passwords: You Are the Weakest Link (Black Hills Information Security) Why are companies still recommending an 8-character password minimum?  Passwords are some of the easiest targets for attackers, yet companies still allow weak passwords in their environment. Multiple service providers recommend 8-character minimum passwords based on outdated data.

Sergeant Silicon: Lessons From An Army Cyber NCO (Breaking Defense) As old-school Sergeant Rock types give way to NCOs with advanced degrees, ARSOUTH Command Sgt. Maj. William Rinehart is helping build up both US and allied cyber forces.

What happens if the Air Force’s command center for all its tankers and cargo planes gets hacked? (C4ISRNET) Here's what happened after the network shut down.

Design and Innovation

Facebook disables some misleading ads on HIV prevention drugs, responding to growing outcry (Washington Post) Facebook has quietly started removing some misleading ads about HIV prevention medication, responding to a deluge of activists, health experts and government regulators who said the tech giant had created the conditions for a public-health crisis.

Spotify to suspend political ads in 2020 (Ad Age) Presidential hopeful Bernie Sanders and the RNC are among Spotify advertisers.

Algorithmic Radicalization — The Making of a New York Times Myth (Medium) The New York Times and other “Authoritative” sources tell us about algorithmic radicalisation of YouTube. They are wrong and untrustworthy.

Google’s Monopoly is Stifling Free Software (Medium) Google has an undeniable monopoly on search, and a near-monopoly on web browsing software via Chrome and its forks. And even alternative…

Is synthetic data the key to unlocking automated war? (C4ISRNET) From self-driving cars to space harpoons, synthetic data can iterate learning in novel scenarios.

MAX Crashes Strengthen Resolve of Boeing to Automate Flight (Wall Street Journal) Boeing is increasingly committed to transferring more flight control from pilots to computers after the two fatal crashes of its 737 MAX aircraft.

Research and Development

A new $5M competition to help the Pentagon detect deepfakes (C4ISRNET) Congress established a $5 million prize competition in the annual national defense policy legislation that could unlock the secret to automatically detecting deepfakes.

Using light to encrypt communications (Phys.org) Researchers of the UT found a new way to protect data from attacks with quantum computers. As they published today in New Journal of Physics. With quantum computers on the rise, we can no longer exclude the possibility that a quantum computer will become so powerful it can break existing cryptography. Single particles of light are already being used to protect data but the transmission of one bit per photon is slow. Pepijn Pinkse led the experiment to increase the transmission speed up to seven bits per photon.

Scientists Develop ‘Absolutely Unbreakable’ Encryption Chip Using Chaos Theory (Forbes) Could a cryptographic system rooted in chaos theory herald an age of "absolutely unbreakable" encryption?

Israel joins the race to become a quantum superpower (The Jerusalem Post) China and the US have made substantial investments and advancements in some area of quantum research.

Legislation, Policy, and Regulation

New Caliph, Same Old Problems (Foreign Affairs) The man upon whom ISIS’s continued resurgence now depends is Abu Ibrahim al-Hashimi al-Qurashi.

U.S. Cybercom contemplates information warfare to counter Russian interference in 2020 election (Washington Post) Potential tactics would target senior officials and oligarchs.

White House Expands Use of Cyber Weapons but Stays Secretive on Policies (Wall Street Journal) Lawmakers are demanding more information about the guidelines the military uses to launch offensive operations in cyberspace. The White House has kept the cyber directive largely under wraps.

'Shattered': Inside the secret battle to save America's undercover spies in the digital age (Yahoo News) When hackers began slipping into computer systems at the Office of Personnel Management in the spring of 2014, no one inside that federal agency could have predicted the potential scale and magnitude of the damage. Over the next six months, those hackers — later identified as working for the Chinese

Russia prepares to carry out 'domestic internet' test (Mail Online) Russia will carry out tests on Monday on the reliability of its domestic internet infrastructure in the event that the country is disconnected, according to the communications ministry.

Lack of guidance leaves public services in limbo on AI, says watchdog (the Guardian) CCTV commissioner says he gets many queries about facial recognition and other tools

Huawei should be allowed 5G role in Italy: Industry minister (Reuters) Chinese telecoms firm Huawei should be allowed a role in Italy's future 5G ...

DoT to use 5G trials to evaluate security vulnerabilities, then decide on Chinese vendors for roll outs (The Economic Times) This is the first time that India, caught in a diplomatic and economic tussle between the US and China, has taken an official stance permittng the Chiniese firms. It boosts the Chinese companys hopes of playing a part in the deployment of the next generation technology in India despite US objections. Huawei is said to be at least a year ahead of its rivals in 5G technology development.

Germany and India are shrugging off US warnings on Huawei (Quartz) India and Germany's 5G trials with Huawei signal a potential snub to the US, which has been warning countries about security risks from the Chinese telecom firm.

Political parties at odds as Ottawa nears 5G decision on Huawei (National Post) The opposition Conservatives are pressing the Liberals to deny Huawei a role in assembling the country’s 5G infrastructure, alleging it will allow Beijing to spy on Canadians more easily

GSA pushes forward with ban on Huawei, ZTE in 2020 (FedScoop) The Federal Acquisition Service’s first refresh of its consolidated schedule will include the ban on contracting with vendors tied to Chinese tech companies Huawei and ZTE via the supply chain. While the refresh is slated for Jan. 15, agencies have until Aug. 13, to comply with the ban laid out in Section 889(a)(1)(B) of the National Defense Authorization Act of …

How the Justice Department Incentivizes Companies to Invest in Compliance (Wall Street Journal) Matt Miner, a deputy assistant attorney general in the Justice Department’s criminal division, explains why prosecutors are getting more sophisticated about corporate compliance, and why it should be considered a ‘super mitigator.’

Lawmakers close to finalizing federal strategy to defend against cyberattacks (TheHill) A federal strategy for defending the U.S. government against cyberattacks is one step closer to completion, with lawmakers saying they have a draft form that could be finalized as early as March.

Private and Public CCPA Enforcement Will Launch on January 1, 2020 Despite California AG Delay (Cooley) As we approach the January 1, 2020 effective date of the California Consumer Privacy Act (CCPA), many companies are feeling in the dark about how and when the CCPA will be enforced. Will the Califo…

California is rewriting the rules of the internet. Businesses are scrambling to keep up (Los Angeles Times) A new law that will let you opt out of the online data economy goes into effect on Jan. 1 — assuming businesses can figure out how to make that happen in time.

U.S. Navy bans TikTok from government-issued mobile devices (Reuters) Earlier this week the United States Navy banned the social media app TikTok from...

There’s a new role for this Air Force cybersecurity outfit (Fifth Domain) Initially created to look at legacy weapon systems, the Air Force CROWS office will be taking aim at ensuring cybersecurity concerns are taken into account from the start of new programs.

Maryland National Guard reveals new brand; demonstrates capabilities (DVIDS) As a new decade begins, so comes a new symbol depicting the Maryland National Guard’s future focus in a competitive global environment.

Can this group become 1-800-AI for the Pentagon? (C4ISRNET) “The JAIC is not just about delivering the products. We’re really trying to work toward becoming the DoD’s AI Center of Excellence,” said Nathaniel D. Bastian, a senior data scientist and AI engineer with the Pentagon's Joint Artificial Intelligence Center. “We want to be 1-800-AI.”

UK's cyber security chief Ciaran Martin to step down next year (Sky News) Ciaran Martin will leave his job at the head of the UK's National Cyber Security Centre next year.

Every Pa. county will have new voting machines — with paper trails — in 2020 (Philadelphia Inquirer) In the presidential election year, every vote cast by Pennsylvania voters will leave a paper trail that can be audited or recounted.

Litigation, Investigation, and Law Enforcement

Microsoft takes court action against fourth nation-state cybercrime group (Microsoft on the Issues) Microsoft recently seized control of 50 domains being used to conduct cyberattacks by a threat group we call Thallium.

Windows Hack Attackers Confirmed As Microsoft Responds With Powerful Counterpunch (Forbes) Microsoft has confirmed a powerful counterpunch against state-sponsored hackers targeting Windows users as 2019 comes to an end.

Microsoft Files Suit, Takes Over Attack Domains (ISSSource) Microsoft took over domains they say were used by the North Korean hacker group, Thallium, to execute targeted attacks against people and major organizations.

Microsoft pwns domains used by hackers for large-scale cyber attacks (HackRead) Recently, Microsoft was successful in gaining control of 50 domains which were allegedly being used by a North Korean Black Hat group of hackers known as Thallium and APT37 to conduct large-scale cyberattacks.

French court clears social media tracking plan in tax crackdown (Reuters) France's government can pursue plans to trawl social media to detect tax av...

'This is not rule of law': detention of Huawei workers sparks backlash (the Guardian) Arrests have raised questions in China about the company’s ties to the state and the wider tech industry

Treasury’s Financial Crimes Unit Ramps Up Foreign Targeting, Investigations (Wall Street Journal) That FinCEN carved out the investigations unit as a stand-alone office highlights one of the agency’s key priorities in the year ahead, former officials said.

Court rules Turkey violated freedoms by banning Wikipedia (AP NEWS) Turkey’s highest court on Thursday ruled in favor of Wikipedia, saying the Turkish government's two-year ban on the online encyclopedia constitutes a violation of freedom of...

Former NSA Director Is Cooperating With Probe of Trump-Russia Investigation (The Intercept) Retired Adm. Michael Rogers has met the prosecutor leading the probe, Connecticut U.S. Attorney John Durham, on multiple occasions.

Former NSA Director is cooperating with the Durham investigation (HotAir) "He’s been very cooperative."

Brazil fines Facebook $1.6 million for improper sharing of user data (Reuters) Brazil's Ministry of Justice said on Monday it has fined U.S. tech giant Fa...

Orange Denies Responsibility for Cyber Attack on African Rival (Bloomberg Law) Orange SA finds itself party to a London lawsuit that alleges the management of a small phone carrier it purchased in 2016 was behind a cyberattack on rival Lonestar Cell MTN, a unit of Africa’s largest wireless carrier MTN Group Ltd.

The “Robin Hood of science” says she’s not a Russian asset (Quartz) At least that she's aware.

Five Sentenced to Death in Khashoggi Murder, Royal Aides Cleared (Bloomberg) A Saudi court sentenced five people to death for the murder of government critic Jamal Khashoggi, a killing that strained relations with key allies, but didn’t have enough evidence to incriminate two top officials close to Crown Prince Mohammed bin Salman.

Transnational White Terror: Exposing Atomwaffen And The Iron March Networks (Bellingcat) In collaboration with the Autonomous Disinformation Research Network – @DisinfoResearch On Wednesday, November 6, 2019, leaked data from the defunct neo-Nazi forum, Iron March, emerged online, exposing the personal information of more than 1,200 members, including the locations of their IP addresses and, in some cases, their real names. Already, activists sifting through the database...

Exclusive: Malware broker behind U.S. hacks is now teaching computer skills in China (Reuters) A Chinese malware broker who was sentenced in the United States this year for de...

Apple iCloud “data dump” extortionist avoids prison (Naked Security) He claimed to have logins for millions of iCloud accounts, and told Apple he’d shut them all down unless he received a payoff.

Wawa faces wave of lawsuits in aftermath of massive data breach (Inquirer) At least six lawsuits have been filed in federal court in Philadelphia, alleging Wawa failed to adequately secure its computer systems from hackers who installed malware affecting potentially all of its stores.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

CPX 360 Bangkok (Bangkok, Thailand, January 14 - 16, 2020) Mark your calendar now for CPX 360 2020, the world’s premiere cyber security summit of the year. Globally renowned industry experts will take to the stage to share analysis, core insights, and actionable...

Cyber Security for Critical Assets, MENA 2020 (Dubai, United Arab Emirates, January 20 - 21, 2020) The 17th in a global series of Cyber Security for Critical Assets summits, #CS4CA MENA 2020 focuses on safeguarding the critical industries of the Middle East and Northern Africa from cyber threats. CS4CA...

SANS Cyber Threat Intelligence Summit (Arlington, Virginia, USA, January 20 - 21, 2020) The collection, classification, and exploitation of knowledge about adversaries - collectively known as cyber threat intelligence (CTI) - gives security practitioners information superiority that is used...

CPX 360 New Orleans (New Orleans, Lousiana, USA, January 27 - 29, 2020) Mark your calendar now for CPX 360 2020, the world’s premiere cyber security summit of the year. Globally renowned industry experts will take to the stage to share analysis, core insights, and actionable...

SINET: Global Cybersecurity Innovation Summit (London, England, UK, January 30, 2020) Advancing global collaboration and innovation, SINET convenes a summit of international cybersecurity leaders at the British Museum. The conference will bring together innovators, investors, researchers,...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.