skip navigation

More signal. Less noise.

Get your copy of the definitive guide to threat intelligence.

We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.

Daily briefing.

Launching soon: CyberWire Pro.

Our new subscription program, CyberWire Pro, will be available soon. For cyber security professionals and others who want to stay abreast of our rapidly evolving industry, CyberWire Pro is a premium news service that will save you time and keep you informed. Learn more and sign up to get launch updates here.

Today is Patch Tuesday, and late yesterday KrebsOnSecurity said that sources told him Microsoft would issue an unusually important patch for a core cryptographic component shared by all versions of Windows. The Washington Post this morning reported that the flaw was discovered by the US National Security Agency, which quietly reported it to Microsoft rather than weaponizing the vulnerability. The flaw is said to be similar in severity to that exploited by EternalBlue. NSA is expected to offer comment in a media call early this afternoon.

ZDNet reports that the anonymous security analysts of Intrusion Truth have uncovered some thirteen companies, operating for the most part from Hainan, that serve as fronts for APT40, a threat group associated with the Chinese government and best known for espionage on behalf of the People’s Liberation Army Navy. Intrusion Truth posted its findings this past Thursday and Friday.

Area 1 has released research indicating that Russia’s GRU in November of 2019 began a phishing campaign against the Ukrainian energy company Burisma Holdings. The goal was to obtain email credentials from Burisma, its subsidiaries, and its partners. Burisma is the company whose connections to former US Vice President Biden’s son, Hunter Biden, were at the center of the impeachment inquiry directed at US President Trump, who wanted a Ukrainian investigation of those connections. Phishing is a common method of attack, and as the New York Times and Wall Street Journal point out, it’s how Fancy Bear (the GRU) accessed Democratic Party accounts in 2016.

Notes.

Today's issue includes events affecting China, Iran, Israel, Lebanon, New Zealand, Russia, Taiwan, Ukraine, United Kingdom, United States, and Yemen.

Bring your own context.

What would a board of directors playbook for cybersecurity look like?

"Great question. So one of the things we try to outline in the board of directors playbook and in our presentations to many boards is that it's really important for them to get access to and have the security staff, typically the CISO, provide regular updates to the board about the status of the organization's preparedness, their ability to respond to a breach, what types of tools they're leveraging, where are the gaps, where are investments required in order for them to improve their overall preparedness and their overall ability to respond in the event that an incident happened."

—Tom Etheridge, VP of services at CrowdStrike, describing their Board of Directors Playbook on the CyberWire Daily Podcast, 1.10.20.

Boards have many balls in the air, but two of the cyber balls seem to be made of glass: regulatory risk and the attack surface the board members themselves present. So get involved with the security staff.

Georgetown University Part-Time Master's in Cybersecurity Risk Management

Looking to advance your cybersecurity career? Check out Georgetown University's graduate program in Cybersecurity Risk Management. Ideal for working professionals, our program offers flexible options to take classes online, on campus, or through a combination of both—so you don’t have to interrupt your career to earn your degree. You'll leave the program with the expertise you need to effectively manage risks and navigate today’s increasingly complex cyber threats. Learn more.

In today's Daily Podcast, out later this afternoon, we speak with our partners at the Johns Hopkins University's Information Security Institute, as Joe Carrigan discusses the security implications of Android bloatware. Our guest, Haiyan Song from Splunk, reviews their security predictions for 2020.

And Recorded Future's podcast, produced in partnership with the CyberWire, is up. In this episode, "Threat Intelligence Is the Centerfold," they speak with Steven Atnip, senior advisor for Verizon’s threat research advisory center and the dark web hunting team. Steven shares his early career experience in the U.S. Navy and explains why he believes the military provides unique opportunities for people looking to launch their careers. He offers his views on the importance of company culture, being a lifelong learner, how to step up to challenges of an organization running at scale, as well as his insights on security and threat intelligence.

Free Dragos Webinar: Introducing MITRE ATT&CK™ for ICS and Why it Matters (Online, January 14, 2020) Register today for the Jan. 14 webinar introducing the MITRE ATT&CK for ICS, a new framework that organizes and codifies the malicious threat behaviors affecting industrial control systems. Led by security experts from Dragos and MITRE, who worked together on the framework, you’ll find out how it works, why it was developed and when to apply it.

CyberTech Tel Aviv (Tel Aviv, Israel, January 28 - 30, 2020) Cybertech Tel Aviv is a 3-day event with 200+ organizations, 180+ speakers and 18,000+ attendees with a goal to create business and networking opportunities across borders. For 15% off, use code tcwtlv20dis on the registration page and enter the “Full-Pass" option. https://www.cybertechisrael.com/

RSAC 2020 (San Francisco, California, United States, February 24 - 28, 2020) Connect to the people and ideas that matter. To your growth. To your organization. At RSAC 2020, February 24 – 28, explore current and emerging trends, gain valuable skills and network with peers. Register today!

Cyber Attacks, Threats, and Vulnerabilities

Cut Undersea Cable Plunges Yemen Into Days-Long Internet Outage (Wired) The fragility of global internet infrastructure has left the entire Red Sea region struggling to connect.

Report: Chinese hacking group APT40 hides behind network of front companies (ZDNet) A group of anonymous security analysts have tracked down 13 front companies operating in the island of Hainan through which they say the Chinese state has been recruiting hackers.

Russians Hacked Ukrainian Gas Company at Center of Impeachment (New York Times) The timing and scale of the attacks suggest the Russians may be looking for the same kind of damaging information on Joe Biden that President Trump wanted from Ukraine, security experts say.

Russians Breached Burisma During Trump Impeachment Probe, Report Says (Wall Street Journal) Hackers believed to be affiliated with Russia’s military breached the Ukrainian company where former Vice President Joe Biden’s son had served on the board as it became a focus of the impeachment inquiry, according to a U.S. cybersecurity firm.

Iranian State-Sponsored and Aligned Attacks: What You Need to Know and Steps to Protect Yourself (Proofpoint US) Recent events have led to a surge in concern about possible cyberattacks coming out of Iran. Below are the Proofpoint Threat Research team’s latest findings on state-sponsored and aligned Iranian attacks, details on 11 Iranian attack groups and their preferred tactics, and most importantly, security recommendations. Iranian Threat Actors: Operation Trends and Our Recent Findings

Report: 1,000s of UK Consultants and Firms Exposed in Huge Data Leak (vpnMentor) Led by Noam Rotem and Ran Locar, vpnMentor’s research team recently discovered; a breach in a database containing highly sensitive files from several

Snake alert! This ransomware is not a game… (Naked Security) Looks like the Snake ransomware was created especially for network-wide attacks.

Exploits Released for As-Yet Unpatched Critical Citrix Flaw (Dark Reading) Organizations need to apply mitigations for vulnerability in Citrix Application Delivery Controller and Citrix Gateway ASAP, security researchers say.

Severe Citrix Flaw: Proof-of-Concept Exploit Code Released (Data Breach Today) Proof-of-concept code has been released to exploit a severe Citrix vulnerability present in tens of thousands of enterprises. Citrix says it's developing permanent

Powerful GPG collision attack spells the end for SHA-1 (Naked Security) New research has heightened an already urgent call to abandon SHA-1, a cryptographic algorithm still used in many popular online services.

NZTA warns of sophisticated phishing scam involving fake vehicle licence renewal email (1 NEWS) The email appears to be a standard registration renewal reminder, and includes the transport agency logo.

Kaspersky security researchers accuse Russian cyber criminals of attacking banks in Sub-Saharan Africa (TODAY NEWS AFRICA) Kaspersky security researchers, who claim to have reported on thousands of notifications of attacks on major banks located in the sub-Saharan Africa (SSA) region, are now accusing some unknown Russian hackers for using a malware to attack banks in Sub-Saharan Africa. The company claimed the malware used in the attacks indicates that 'the threat actors' are 'most likely' to be an infamous Silence hacking group, previously known to be responsible for the theft of millions of dollars from banks across the world. The firm said in a statement it syndicated to media houses across Africa on Monday morning that the

Travelex services begin again after ransomware cyber-attack (the Guardian) Foreign currency firm restores some systems after £4.6m demand from hackers

Travelex claims it is 'making good progress' in recovery from Sodinokibi ransomware attack (Computing) Travelex continues to insist that no personal data was compromised

Travelex refuses to comment on whether it paid ransom to get its data back (Computing) Last week, a group claiming to be behind the Sodinokibi ransomware attack on Travelex threatened to release data. This week, Travelex refuses to comment on whether it paid up…

U.S. Government Issues Powerful Security Alert: Upgrade VPN Or Expect Cyber-Attacks (Forbes) Critical VPN vulnerability prompts U.S. Cybersecurity and Infrastructure Security Agency (CISA) to "strongly urge" updating now or face being compromised in a cyber-attack.

Vulnerability Summary for the Week of January 6, 2020 (CISA) The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

Siemens CP, SIMATIC, SIMOCODE, SINAMICS, SITOP, and TIM (Update E) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: CP, SIMATIC, SIMOCODE, SINAMICS, SITOP, and TIM Vulnerability: Out-of-bounds Read 2.

Siemens SCALANCE X Switches, RUGGEDCOM WiMAX, RFID 181-EIP, and SIMATIC RF182C (Update C) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable from the same local network segment (OSI Layer 2) Vendor: Siemens Equipment: SCALANCE X switches, RUGGEDCOM Win, RFID 181-EIP, and SIMATIC RF182C Vulnerability: Heap-based Buffer Overflow  2.

Siemens SCALANCE X Switches Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 5.8 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SCALANCE X switches Vulnerabilities: Cross-site Scripting 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-18-163-02 Siemens SCALANCE X Switches that was published June 12, 2018, on the ICS webpage on us-cert.

Siemens Industrial Products with OPC UA (Update D) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC, SINEC-NMS, SINEMA, SINEMURIK Industrial Control Products with OPC UA Vulnerability: Uncaught Exception 2.

Siemens SIMATIC WinAC RTX (F) 2010 (Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC WinAC RTX (F) 2010 --------- Begin Update A Part 1 of 4 --------- Vulnerability: Insufficient Resource Pool --------- End Update A Part 1 of 4 ---------

Siemens SCALANCE X (Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: SCALANCE X Switches Vulnerability: Storing Passwords in a Recoverable Format 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-19-162-04 Siemens SCALANCE X that was published June 11, 2019, to the ICS webpage on us-cert.gov.

Siemens PROFINET Devices (Update B) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: PROFINET Devices Vulnerability: Uncontrolled Resource Consumption 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-19-283-02 Siemens PROFINET Devices that was published October 10, 2019, on the ICS webpage on us-cert.gov.

Siemens Industrial Real-Time (IRT) Devices (Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Industrial Real-Time (IRT) Devices Vulnerability: Improper Input Validation 2.

Siemens EN100 Ethernet Module (Update A) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: EN100 Ethernet Module Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Cross-site Scripting, Relative Path Traversal 2.

Siemens SCALANCE X (Update B) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SCALANCE X Vulnerability: Expected Behavior Violation

No update yet on Enloe cyber attack; no patient data compromised, hospital says (Chico Enterprise-Record) Enloe Medical Center in Chico was attacked in a ransomware incident the evening of Jan. 2, according to a press release from the hospital. Unfortunately, the incident is still being investi…

Las Vegas Fought Off Potentially Massive Cyber Attack And Won (ScreenRant) Las Vegas stops a cyber-attack in its tracks, becoming the latest in the line of ransomware cyber-attacks targeting major US cities.

Security Patches, Mitigations, and Software Updates

NSA found a dangerous Microsoft software flaw and alerted the firm — rather than weaponize it (Washington Post) The National Security Agency recently discovered a major flaw in Microsoft’s Windows operating system — one that could potentially expose computer users to significant breaches or surveillance — and alerted the firm of the problem rather than turn it into a hacking weapon, according to people familiar with the matter.

Cryptic Rumblings Ahead of First 2020 Patch Tuesday (KrebsOnSecurity) Sources tell KrebsOnSecurity that Microsoft Corp. is slated to release a software update on Tuesday to fix an extraordinarily serious security vulnerability in a core cryptographic component present in all versions of Windows.

Microsoft to patch serious Windows security flaw in today's Patch Tuesday update (Computing) Flaw in crypt32.dll file that handles core cryptographic functions in Windows' CryptoAPI so serious users have been urged to patch straightaway

Microsoft ends free Windows 7 security updates on Tuesday (Washington Post) Microsoft will stop providing free security updates for the Windows 7 operating system on Tuesday, meaning computers using it will be more vulnerable to malware and hacking

Windows 7 Extended Support ends today (Computing) From now on, you're on your own (unless you pay Microsoft $25-$50 per PC per year for the next three years for essential patches)

()

Citrix to release 'thoroughly tested' fixes for CVE-2019-19781 security flaw by the end of January (Computing) More than 2,000 servers in the UK vulnerable to Citrix remote access security flaw

Cyber Trends

New CrowdStrike Report Finds an Increase in Cyber Adversaries Turning to Business Disruption as Main Attack Objective (CrowdStrike) 2019 CrowdStrike Services Report offers observations gained from the front lines of incident response and proactive services and insights for 2020

CrowdStrike Services: Observations from the Front Lines | Report (CrowdStrike) Observations gained from the front lines of Incident Response and Proactive Services in 2019 and insights that matter for 2020

We are all becoming digital slaves for the sake of convenience (The Telegraph) It seems that everywhere we turn, there is a website, device or camera ready to harvest our data.

Now Big Brother is watching how you type or hold your phone (The Telegraph) Every time you grab your smartphone, you may be handing over crucial data on your identity.

Marketplace

Cybersecurity startup exits total $11.3 billion in 2013-2019 — report (Times of Israel) There are 436 cybersecurity firms operating in Israel in various stages of development, IVC report says; figures released ahead of Cybertech conference at end of month

Cybersecurity and Penetration Testing Specialists Raxis Secures Growth Investment from RCP Equity (PR Newswire) Raxis, an Atlanta-based cybersecurity and pen testing firm, announced today its first major outside investment from RCP Equity (rcpequity.com)....

Trusona Secures $20 Million in Series C Funding Led by Georgian Partners (PR Newswire) Trusona, the leader in passwordless multi-factor authentication technology, today announced that it has secured $20 million in additional...

NortonLifeLock Announces Sale of ID Analytics Business to LexisNexis Risk Solutions (Seeking Alpha) Divestiture Will Allow NortonLifeLock to Further Sharpen its Focus on Consumers

Entisys360 Doubles Down on Cybersecurity; Invests in New Services Offerings (Yahoo) Entisys360 has purchased the cybersecurity technology solutions and services assets from Sacramento-based Performance Technology Partners (PTP).

ICF Announces Definitive Agreement to Acquire ITG (PR Newswire) ICF (NASDAQ:ICFI), a global consulting and technology services provider, announced that it has entered into a definitive agreement to acquire...

Is Microsoft going to eliminate Israel's cybersecurity companies? (Haaretz) The U.S. company’s drive is being led by an Israeli R&D unit it created through a series of local startup acquisitions

What goes wrong when accounting firms become consultants (Quartz) Accounting firms are spending more time consulting because It’s lucrative, virtually unregulated, and offers greater potential for growth. But that trend comes at a cost.

Exploring CrowdStrike's Competitive Advantage (Seeking Alpha) CrowdStrike has some peculiar competitive moat worth exploring. Its early start, economies of scale, strategic partners, and ability to upsell will make it tough for competitors to catch up.

Q Cyber Hires Mercury for Hacking Lawsuit (O'Dwyers PR) Mercury scores $1.2M contract from Israel's Q Cyber Technologies, which has been sued for its alleged hacking of Facebook's WhatsApp messaging service.

ImageWare Systems Kicks off 2020 with over $1.2 Million in Multiple Deals (Globe Newswire) ImageWare expands its presence in financial services and government sectors.

Former Hortonworks, Docker CEO comes back to head up Cloudera (Silicon Valley Business Journal) Rob Bearden moved to the Palo Alto company's board after Hortonworks was merged into it a year ago and was CEO of open-source software startup Docker for about six months in 2019. Now he will be Cloudera's CEO.

Imperva Appoints Chief Customer Officer and Chief Revenue Officer (Yahoo) Imperva, Inc., the cybersecurity leader championing the fight to secure data and applications wherever they reside, today announced the appointment of Nanhi Singh as chief customer officer and Paul J. Loftus as chief revenue officer to lead the company through its next chapter of growth.

Cybersecurity Expert, Dan Barahona, Joins Qualys as Chief Marketing Officer (Yahoo) Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of cloud-based security and compliance solutions, today announced that Dan Barahona has joined as Chief Marketing Officer (CMO) to lead the organization through its next phase of growth. Dan will direct the company's worldwide marketing

Products, Services, and Solutions

GroupSense and Cybraics Form Strategic Technology Alliance (PR Newswire) GroupSense, a digital risk management company, and Cybraics, a security analytics and artificial intelligence (AI) company, today announced a...

WatchGuard Delivers Industry’s First Pay-as-You-Go Option for Network Security Hardware and Services (Yahoo) WatchGuard® Technologies, a global leader in network security and intelligence, secure Wi-Fi and multi-factor authentication, today announced the expansion of the WatchGuard FlexPay program to include fully automated, monthly billing for its network security hardware and services. Available for both

Nok Nok Labs Joins Forces with BBVA to Boost the Use of Authentication on Mobile Banking Services (PR Newswire) Nok Nok Labs — one of the driving forces behind the new FIDO (Fast Identity Online) standard aimed at strengthening the security of biometric...

ControlScan Becomes a Payment Application Qualified Security Assessor (Globe Newswire) As a PA-QSA Company, ControlScan will expertly guide software and application developers through PA Data Security Standard validation

A10 Networks Extends Carrier-class Firewall Product line - Security Middle East (Security Middle East) A10 Networks have announced it is extending the capabilities of the Thunder Convergent Firewall (CFW), part of the A10 Orion 5G Security Suite

Neustar Delivers UltraThreat Feeds for More Effective Data Security (Yahoo) Neustar announces UltraThreat Feeds, a new service providing proprietary near real-time threat data to identify and stop bad traffic.

Escape from Google: 12 privacy-promoting search engines reviewed (Computing) If you can live without personalisation there are plenty of alternatives

Technologies, Techniques, and Standards

Veterans of the Financial Fraud, Digital Tech Industries Guide Launch of 'Breach Clarity Score' for Consumers, Financial Institutions | Markets Insider (Business Insider) Each time data security expert Jim Van Dyke concluded his work on a data breach lawsuit, he cou...

Design and Innovation

Google urged to tame privacy-killing Android bloatware (Naked Security) A letter sent to the Google CEO by Privacy International claims bloatware has allowed a privacy and security hole to open almost unnoticed.

Reddit bans ‘impersonation,’ but satire and parody are still OK (Naked Security) Relax: Nic Cage deepfakes aren’t going anywhere. It’s only “maliciously misleading” impersonations that are now verboten.

Research and Development

Raytheon tapped for self-evaluating machine learning system (UPI) Raytheon Co. announced on Monday it has begun work on a machine-learning technology allowing machines to teach machines through use of artificial intelligence.

Shift5, Inc., Awarded US Air Force Small Business Innovation Research (SBIR) Funding (PR Newswire) Cybersecurity company Shift5, Inc., announces that it has been awarded a Phase I Small Business Innovative Research (SBIR) contract from the US...

Academia

UNG wins NSA Codebreaker Challenge 'in commanding fashion' (University of North Georgia) The University of North Georgia (UNG) scored a decisive victory in the 2019 National Security Agency (NSA) Codebreaker Challenge, which ran for 110 days and finished Jan. 10. UNG students, faculty and staff tallied 230,450 points, more than tripling second-place Georgia Tech's 56,050. Third-place Oregon State University was the only other school to top 40,000 points. A total of 531 universities and colleges competed.

DSU helping to lead charge in cyber security (KSFY) More online interactions and expanding internet connection calls for added security. Dakota State University is helping to combat the cyber threats that are becoming more prevalent.

School children challenged to create the cyber X-Factor in online safety competition (West Yorkshire Police) As schools return for the beginning of a new year, pupils in Years 7, 8 and 9 are being challenged to develop an innovative crime prevention resource to help keep each other safe online.

Legislation, Policy, and Regulation

Cybersecurity Threats Call for a Global Response (IMF Blog) Last March, Operation Taiex led to the arrest of the gang leader behind the Carbanak and Cobalt malware attacks on over 100 financial institutions worldwide. This law enforcement operation included the Spanish national police, Europol, FBI, the Romanian, Moldovan, Belarusian, and Taiwanese authorities, as well as private cybersecurity companies. Investigators found out that hackers were operating in at least 15 countries.

China is blaming everyone but itself for Taiwan’s presidential election result (Quartz) Rather than accepting that its strategy is pushing Taiwan further away, China is blaming cheating, foreign forces, and fake news for president Tsai Ing-wen's win.

Britain secretly funded Reuters in 1960s and 1970s: documents (Reuters) The British government secretly funded Reuters in the 1960s and 1970s at the beh...

Britain’s Huawei decision will be its first major trade test in a post-Brexit world (Quartz) Washington and Beijing are exerting ever greater pressure on London over Huawei.

United States presents Britain with fresh intelligence on Huawei risks in last-ditch attempt to block deal (The Telegraph) The United States has presented the British government with fresh intelligence warning about the risk of giving Huawei access to its 5G network in a last-ditch attempt to stop it.

Susan Collins saw US intel saying Iranian general planned ‘imminent attack’ as Trump expands on claim (Bangor Daily News) That “imminent attack” justification has been cited by the Trump administration, but the definition of imminent largely hasn’t been fleshed out.

US points to dissent in Iran in wake of deadly drone strike (Military Times) Defense Secretary Mark Esper and other administration officials joined President Donald Trump in trying to draw attention to dissent in Iran instead of lingering questions about the scale of the threat used to justify a drone strike on Iran’s top military leader.

Esper: U.S. Could Strike Iran Or Proxies 'Where Legally Available And Appropriate' (NPR) In an interview with NPR on Monday, Defense Secretary Mark Esper said if U.S. troops or interests are threatened, the U.S. will have the right to retaliate.

Hezbollah Has Prepared for This Moment for Decades (Foreign Affairs) The Lebanese militant group could star in Iran’s response to the Soleimani strike.

Trump says US 'better at cyber than anyone in the world’ (Fifth Domain) President Donald Trump said the United States “is better at cyber than anyone else in the world” in a Jan. 9 interview with a Toledo television station,

'We Can't Be Complacent' About the Crypto Debate (Decipher) The encryption debate is as old as the Internet, and Jennifer Granick warns that giving ground now could have serious long-term effects.

Lawmakers look to spread COPPA out to cover kids up to 16 (Naked Security) If that bill passes, you can say bye-bye to YouTube, says one content creator.

The Cybersecurity 202: Sanders and Warren still mum on campaign protections against hackers (Washington Post) With just three weeks to go before the Iowa caucuses, two top-polling Democratic candidates are still declining to say how they’re protecting their campaigns against hacking.

Litigation, Investigation, and Law Enforcement

Iran announces arrests over downing of plane that killed 176 (AP NEWS) Iran's judiciary said Tuesday arrests have been made for the accidental shootdown of a Ukrainian passenger plane that killed all 176 people on board just after takeoff from...

Ex-Treasury staffer Natalie Edwards pleads guilty to leaking secrets (New York Post) The former US Treasury Department staffer accused of leaking confidential information to a reporter pleaded guilty Monday to a single count of conspiracy. Natalie Mayflower Sours Edwards admitted b…

Astros’ GM Jeff Luhnow and Manager A.J. Hinch Suspended, Then Fired After Sign-Stealing Probe (Wall Street Journal) Houston Astros general manager Jeff Luhnow and field manager A.J. Hinch were suspended by MLB for the entire 2020 season—and then immediately fired by the team—after an investigation found that the team used technology to steal signs during its run to the World Series championship in 2017.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Kernelcon (Omaha, Nebraska, USA, March 27 - 28, 2020) Kernelcon is the result of many motivated information security professionals who recognized the opportunity to create an awesome security conference in Omaha. The idea for Kernelcon started within the...

CSA SECtember 2020 (Seattle, Washington, USA, September 16 - 17, 2020) Cloud Security Alliance is the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment. CSA is proud to launch...

Upcoming Events

CPX 360 Bangkok (Bangkok, Thailand, January 14 - 16, 2020) Mark your calendar now for CPX 360 2020, the world’s premiere cyber security summit of the year. Globally renowned industry experts will take to the stage to share analysis, core insights, and actionable...

Cyber Security for Critical Assets, MENA 2020 (Dubai, United Arab Emirates, January 20 - 21, 2020) The 17th in a global series of Cyber Security for Critical Assets summits, #CS4CA MENA 2020 focuses on safeguarding the critical industries of the Middle East and Northern Africa from cyber threats. CS4CA...

SANS Cyber Threat Intelligence Summit (Arlington, Virginia, USA, January 20 - 21, 2020) The collection, classification, and exploitation of knowledge about adversaries - collectively known as cyber threat intelligence (CTI) - gives security practitioners information superiority that is used...

CPX 360 New Orleans (New Orleans, Lousiana, USA, January 27 - 29, 2020) Mark your calendar now for CPX 360 2020, the world’s premiere cyber security summit of the year. Globally renowned industry experts will take to the stage to share analysis, core insights, and actionable...

SINET: Global Cybersecurity Innovation Summit (London, England, UK, January 30, 2020) Advancing global collaboration and innovation, SINET convenes a summit of international cybersecurity leaders at the British Museum. The conference will bring together innovators, investors, researchers,...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.