As always, we're working to improve the quality, relevance and overall value of the CyberWire, and so we’ve put together a short survey that should take five minutes or less to complete. This survey is of course completely voluntary, anonymous and confidential. Click here to take our survey and look for your chance to win some official CyberWire merchandise at the end.
More Signal. Less Noise.
Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
China behind ANU hack? GoldBrute bots scan RDP servers. MuddyWater stays busy. RIG delivers Buran ransomware. Alt-coin heists.
Announcements
Take a short survey. (With a chance for swell prizes.)
Summary
Signs point to Chinese intelligence services as the operators behind the recent hack and attendant data breach at the Australian National University. The Sydney Morning Herald says investigators believe one of the campaign's principal objectives was to groom Australian students headed into civil service careers for recruitment as agents.
The risks of Remote Desktop Protocol vulnerabilities come into sharper focus. Morphus Labs warns that a botnet, "GoldBrute," is scanning and brute-forcing about a million-and-a-half RDP servers.
Iran's hacking group MuddyWater (also known as SeedWorm) might have seen more of its tools leaked online, but that hasn't made it pull in its horns. Clearsky warns that the threat group is actively impersonating government accounts and using at least two new techniques: Microsoft documents carrying malicious macros, and exploitation of CVE-2017-0199 (that is, Microsoft Office/WordPad Remote Code Execution Vulnerability with Windows API). These of course aren't new attack tactics, but they're new for MuddyWater, and represent Iranian intelligence and security services' longstanding determination to learn lessons and improve their game.
The RIG exploit kit is now being used to deliver Buran ransomware, BleepingComputer reports. The best defenses against this Russian strain of ransomware ("буран," "blizzard") are updated security software (since Buran arrives via exploit kits), sound offline backup, and properly suspicious users.
Cryptocurrency firms are under attack, Infosecurity Magazine says. GateHub users lost some $9.7 million, and blockchain startup Komodo (not to be confused with security firm Comodo) hastily patched a vulnerability in its wallet.
The US Nuclear Regulatory Commission is short cyberworkers.
Notes.
Today's issue includes events affecting Australia, Canada, China, India, Iraq, Israel, Republic of Korea, Pakistan, Philippines, Russia, Tajikistan, United Kingdom, United States
Bring your own context.
You wouldn't jump off the Empire State Building because an app told you to, right? Would you shrug and give it whatever data it asked for?
"Well, definitely, apps are taking as much data as they can. And they're getting away with it. Apple does give you controls as a user to limit, you know, oh, you don't necessarily have to show your - share your exact location with an app, or you don't have to share your contacts. And those are all good things that people should spend more time thinking about. But the truth is most people just click yes on whatever the apps ask for, and then they get it. And so that's a big hole that we're all falling into."
—Geoffrey Fowler, tech columnist for the Washington Post, on the CyberWire Daily Podcast, 6.3.19.
Apps serve at least two masters. One of them isn't you.
Get the In-Depth Guide to Operationalizing Threat Intelligence.
Threat intelligence is critical but often difficult to manage, automate, or operationalize. Threat Intelligence Gateways are an exciting, emerging network security technology that take the heavy lifting out of making threat intelligence actionable, operational, and useful. Learn about how this technology is turning threat intelligence into action to block threats at scale in the whitepaper, Operationalizing Threat Intelligence: An In-Depth Guide to Threat Intelligence Gateways.
On the Podcast
In today's podcast, out later this afternoon, we speak with our partners at Dragos, as Robert M. Lee discusses natural gas infrastructure security. Our guest, Frank Downs from ISACA, talks about the challenges educators face preparing the cyber security workforce.
Sponsored Events
Cyber Howard Conference (Columbia, Maryland, United States, June 19, 2019) Join us for our 10th annual cyber conference in Howard County. We will tackle the topic of Cyber Sensemaking which is a fluid and continuous approach for establishing better defenses and best practices as a cyber community.
Cyber Warrior Women Summer Social: Sip and Paint (Columbia, Maryland, United States, August 21, 2019) Join the Cybersecurity Association of Maryland, Inc. (CAMI) for the annual Cyber Warrior Women Summer Social, an all-about-fun-and-networking event! We're adding an artistic element to this year's event with a wine glass painting exercise. No previous art experience required.
Selected Reading
Cyber Attacks, Threats, and Vulnerabilities
New GoldBrute Botnet is Trying to Hack 1.5 Million RDP Servers (BleepingComputer) A botnet is currently scanning the internet in search of poorly protected Windows machines with Remote Desktop Protocol (RDP) connection enabled.
China 'behind' huge ANU hack amid fears government employees could be compromised (The Sydney Morning Herald) China is the key suspect in the theft of huge volumes of highly sensitive personal data from the Australian National University
Researchers uncover new MuddyWater targeting of government, telecommunications entities (CyberScoop) Undeterred by the reported dumping of its data online, an Iran-linked hacking group has been using malicious documents and files to target telecommunications organizations and impersonate government entities in Iraq, Pakistan, and Tajikistan, researchers said Thursday. The so-called MuddyWater group has been carrying out attacks in two stages against the targets, according to research published by Israeli company ClearSky Cyber Security...
The MuddyWater APT Group Adds New Tools to Their Arsenal (BleepingComputer) The Iranian MuddyWater cyber-espionage group added new attack vectors to use as part of hacking campaigns targeting telecommunication and governmental organizations according to an analysis from the Clearsky Security threat intelligence outfit.
Google confirms that advanced backdoor came preinstalled on Android devices (Ars Technica) After Google successfully beat back Triada in 2017, its developers found a new way in.
The RIG Exploit Kit is Now Pushing the Buran Ransomware (BleepingComputer) The RIG exploit kit is now infecting victim's computers with a new ransomware variant called Buran. This ransomware is a variant of the Vega ransomware that was previously being distributed through Russian malvertising campaigns.
Mimikatz and Windows RDP: An Attack Case Study (SentinelOne) How do attackers use mimikatz and Windows Remote Desktop to compromise networks? Find out as we reveal the details behing an "in the wild" attack.
Microsoft dismisses new Windows RDP ‘bug’ as a feature (Naked Security) Researchers have found an unexpected behavior in a Windows feature designed to protect remote sessions.
Threat Spotlight: Modular Malware (Barracuda) Modular malware provides an architecture that is more robust, evasive, and dangerous than typical document-based or web-based malware.
Millions of Exim Mail Servers Exposed to Local, Remote Attacks (BleepingComputer) A critical severity vulnerability present in multiple versions of the Exim mail transfer agent (MTA) software makes it possible for unauthenticated remote attackers to execute arbitrary commands on mail servers for some non-default server configurations.
Another Hacker Selling Access to Charity, Antivirus Firm Networks (BleepingComputer) A threat actor observed on underground hacker forums peddling internal network access to various entities claims to have breached the infrastructure of notable organizations such as UNICEF and cybersecurity companies Symantec and Comodo.
Fortune 500 giant Tech Data exposed customer and billing data (TechCrunch) Security researchers said a security lapse at IT giant Tech Data allowed them to access customer and billing data. The Fortune 500 information technology giant secured an exposed server shortly after researchers Noam Rotem and Ran Locar found and reported the leaking data. The server was running a …
Report: Data Breach at Fortune 500 Tech Company (vpnMentor) The research team at vpnMentor discovered a major data leak at the Tech Data Corporation (NASDAQ: TECD), a Fortune 500 company providing tech products, ...
A backdoor in Optergy tech could remotely shut down a smart building ‘with one click’ (TechCrunch) Homeland Security has given the maximum severity score for a vulnerability in a popular smart building automation system. Optergy’s Proton allows building owners and managers to remotely monitor energy consumption and manage who can access the premises. The box is web-connected, and connects …
Optergy Proton Enterprise Building Management System (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 10.0ATTENTION: Exploitable remotely/low skill level to exploitVendor: OptergyEquipment: Proton/Enterprise Building Management SystemVulnerabilities: Information Exposure, Cross-site Request Forgery, Unrestricted Upload of File with Dangerous Type, Open Redirect, Hidden Functionality, Exposed Dangerous Method or Function, Use of Hard-coded
Panasonic Control FPWIN Pro (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 7.3ATTENTION: Low skill level to exploitVendor: PanasonicEquipment: Control FPWIN ProVulnerabilities: Heap-based Buffer Overflow, Type Confusion2. RISK EVALUATIONSuccessful exploitation of these vulnerabilities could crash the device and allow remote code execution.
Company Advertised American, Canadian, Indian Phone Location Data for Sale (Vice) TeleSign’s advertisement highlights how the sale of phone location data is not restricted just to the United States.
4 in 10 dark net cybercriminals selling targeted FTSE 100 or Fortune 500 hacking services (West) New academic research exposes abundant availability and increased demand for tailored malware, network access and targeted hacking services; requests for customized malware outnumber off-the-shelf by 2:1
Into the Web of Profit: Behind the Dark Net Black Mirror (Bromium) ‘Behind the Dark Net Black Mirror’ is the next chapter of ‘Into the Web of Profit’ study, offering unique insights into the volume and variety of malware and hacking services available on the dark net. The author, Dr. Mike McGuire, tells a compelling story about how this underground trade is threatening enterprises, their employees, customers, …
Second reported data breach in as many days prompts cybersecurity warnings, tips (Healio) The health care diagnostics company LabCorp announced that “unauthorized activity” occurred on the webpage of American Medical Collection Agency, LabCorp’s external collection agency, impacting up to 7.7 million patients. The breach occurred between Aug. 1, 2018, and March 30, 2019 and involved customers’ personal, medical and payment information, but not ordered tests,
A new cyber attack which can mimic a user's personalised keystroke characteristics (SciTech Europa) Cybersecurity researchers have developed a new cyber attack which can mimic a user's personalised keystroke characteristics.
Listen for the log-in: Hackers may glean your password by listening to how you type on your phone (Washington Post) PIN codes, individual letters and whole words can be recovered with the right app, researchers say.
Image-Recognition Technology May Not Be as Secure as We Think (Wall Street Journal) As social networks expand the use of AI-powered image-recognition filters, experts warn that attackers are finding ways to fool them.
How a phone scam tied up a Maryland police call center (Axios) It started receiving 2,500 direct calls a day.
Computer system partially restored after cyber attack (Citizens' Voice) Luzerne County’s computer system, effectively shut down since last week by a cyber attack, continues to recover but will not be fully restored until at least this weekend, according to David Parsnik, county director of administrative services. Servers for
Security Patches, Mitigations, and Software Updates
VMware Patches Vulnerabilities in Tools, Workstation (SecurityWeek) VMware patches high-severity vulnerabilities in Tools and Workstation. Exploitation of the flaws can lead to kernel information leakage, DoS, and arbitrary code execution.
macOS Catalina Brings Several Security Improvements (SecurityWeek) macOS 10.15 Catalina brings several security-related improvements, including an enhanced Gatekeeper, a dedicated read-only volume for the OS, data protections, and support for Activation Lock.
Firefox aims at Google with Enhanced Tracking Prevention (Naked Security) The latest version of Firefox, 67.0.1, features a fully-fledged version of Mozilla’s Enhanced Tracking Protection (ETP) privacy system.
YouTube bans kids’ live-streaming without an adult present (Naked Security) In another step to scrape pedophiles off the bottom of its shoe YouTube is banning youngsters from live-streaming without adult supervision.
Cyber Trends
Exabeam’s Annual Look at Security Operations Centers Reveals a Critical Shift in Responsibilities (Exabeam) As C-level executives engage more frequently in incident response and threat hunting, more IT professionals are missing security[...]
The Exabeam 2019 State of the SOC Report (Exabeam) The Exabeam 2019 State of the SOC Report is based on the results of an April 2019 survey of US and UK security professionals who are involved in the management of security operations centers (SOC) across CISO, CIO, management, and analyst roles.
Healthcare Orgs Hit with Destructive Attacks (Infosecurity Magazine) Attacks on healthcare industry are increasingly more targeted, report says.
A Troubled City Reminds Us That Ransomware Is Here to Stay (CyberArk) The massive Robbinhood malware attack on Baltimore is part of a growing trend of ransomware attacks on state and local governments.
Five themes that dominated Infosec 2019 (CRN) Infosecurity Europe is a thermometer for what's hot and what's not in cybersecurity. Here we round up the five recurring themes from around the stands.
High-profile data breaches underline cyber threats to health care industry (TheHill) The recent breach of a billing collection provider for blood testing groups Quest Diagnostics and LabCorp are underlining the serious threats posed to the health care sector from cyberattacks.
Raphael Satter on brilliant spies, terrible spies, and “medium” spies (Columbia Journalism Review) Raphael Satter’s beat at the Associated Press covers straightforward crime reporting and high-tech espionage, with a special fondness for people who are bad at their jobs. His most recent scoop, shared with colleague Isabel Debre, chronicled Facebook’s purge of “coordinated inauthentic activity” on accounts run by an Israeli company called the Archimedes Group, “
Marketplace
'Shoddy' Huawei needs to raise its game, UK cyber official says (Reuters) China's Huawei Technologies needs to raise its "shoddy" security ...
U.K. Cybersecurity Official Says 5G Market Is ‘Fundamentally Broken’ (Wall Street Journal) Ian Levy, technical director of the U.K.’s National Cyber Security Centre, said the concentration of the 5G market in a handful of companies is “insane” and will increase security risks as the superfast networks are installed.
Huawei Strikes a 5G Deal in Russia as the Chinese Tech Giant Remains on U.S. Blacklist (Fortune) "The last thing the U.S. industry wants right now is to have 5G focused in China and Russia," says one analyst.
‘EU strongly backed us amid US spy claims’: Kaspersky Lab boss on friends, hackers & cyber-awareness (RT International) The US crusade against Kaspersky Lab has revealed that the Russian anti-virus company has many friends in the EU, including Germany, France, and Belgium, who value its high-quality cybersecurity products, Eugene Kaspersky told RT.
Bezos Says Amazon Will Bet Even Bigger Despite Antitrust Probes (WIRED) In a speech at an Amazon conference, CEO Jeff Bezos sounded unconcerned by reports that regulators are eyeing the company, potentially for a break-up.
Cyber Insurance and Systemic Market Risk (EastWest Institute) The EastWest Institute (EWI) today released a new report: Cyber Insurance and Systemic Market Risk—developed to provide a framework to better understand and address the systemic nature of cyber risk and the challenges it presents to the burgeoning cyber insurance industry.
GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland (The Last Watchdog) There’s oil in the state of Maryland – “cyber oil.” With the largest concentration of cybersecurity expertise –– the “oil” — in the world, Maryland is fast changing from the Old Line State into “Cybersecurity Valley.” Related: Port Covington cyber hub project gets underway That’s because Maryland is home to more than 40 government agencies […]
CrowdStrike boosts IPO targets 30%, now hopes to raise up to $621M (Silicon Valley Business Journal) The Sunnyvale unicorn's valuation could be as much as $5.9 billion, nearly twice what Palo Alto Networks was valued at when it went public in 2012. It would be the highest valuation ever for a U.S. cybersecurity company on IPO day.
Form S-1/A: CrowdStrike Holdings, (StreetInsider.com) Approximate date of commencement of proposed sale to the public: As soon as practicable after this Registration Statement becomes effective.
Cisco to acquire industrial IoT security firm (CRN Australia) France-based Sentryo specialises in device visibility and security.
This Arlington cyber company recently denied it was for sale. Now, it's being sold for $234M. (Washington Business Journal) Endgame CEO Nate Fick has inked a deal to be acquired by a larger Dutch firm.
Rail System Cybersecurity Firm Cylus Raises $12 Million (SecurityWeek) Rail and metro cybersecurity company Cylus has raised $12 million in a Series A funding round, bringing the total amount raised by the company to date to $17 million.
Thales buys AI specialist (Jane's 360) Thales has announced the acquisition of US-based artificial intelligence company Psibernetic. The French headquartered group said the purchase will allow it to create “certifiable AI” with “explainable AI processes for applications in safety-critical environments”.
Insight leads $120m Series D for software security business SentinelOne (AltAssets) Insight Partners has led a $120m Series D financing round for endpoint security software business SentinelOne.
SentinelOne CEO: Partners unsure of BlackBerry's plans for Cylance (CRN) Tomer Weingarten talks to CRN about taking staff from its competitor and bolstering its UK operations.
Why Splunk Stock Dropped 17.4% in May (The Motley Fool) A shift to more recurring revenue means lower cash flows for now.
Glasswall Solutions Appoints Danny Lopez as Chief Executive Officer (BusinessWire) Glasswall Solutions today announced that Danny Lopez has joined the company as Chief Executive Officer, based in London.
Swimlane Adds Key Hires to Leadership Team (Yahoo) Swimlane, a leader in security orchestration, automation and response (SOAR), today announced several leadership appointments to help drive global expansion in marketing and sales. President and Chief Operating Officer (COO) Jim Hansen, Senior Vice President of Global Sales Tom Smith, and Vice President
Products, Services, and Solutions
Crowdsourced Security Testing that Puts Privacy First (BusinessWire) Synack introduces new workspaces with endpoint control through LaunchPoint+ for enhanced privacy and control during crowdsourced security testing.
Kfivefour Emerges From Stealth And Launches Full Spectrum Red Team Assessments, Training And Penetration Testing Services. (PR Newswire) Kfivefour today emerged from stealth and announced the immediate availability of its full spectrum Red Team...
Siemplify Enhances Security Operations Platform with Advanced Crisis Management and Real-Time Collaboration (Yahoo) Siemplify, the leading independent provider of security orchestration, automation and response (SOAR), today released a new version of its security operations platform. Version 5.0 continues to raise the bar for end-to-end security operations management, adding new capabilities that make security analysts
ADT Selects SonicWall as Exclusive Provider of Managed Cybersecurity Service Offering for SMBs (SonicWall) SonicWall, the trusted security partner protecting more than one million networks worldwide, announces a strategic partnership with ADT Cybersecurity, a leading managed security service provider (MSSP), to provide an exclusive cybersecurity offering to better protect small- and medium-sized businesses (SMB) from the growing volume of cyberattacks.
Milestone Partners Prove Their Skills: 200,000 Course Registrations and Tutorial Views; 10,000 Certifications (Milestone) Within the span of one week in mid-May, the Milestone Learning & Performance group celebrated three important benchmarks
Aporeto Expands Comprehensive Zero Trust Security Solution with Privileged Access Management and Identity-Aware Proxy (BusinessWire) Aporeto announces the availability of Cloud Privileged Access Management (PAM) for infrastructure and Identity-Aware Proxy for modern applications.
How HackerOne's White Hat Army Makes the World a Safer Place (PCMAG) HackerOne CEO Marten Mickos explains how the site offers hacking as a service and lets talented hackers turn a hobby into a potentially lucrative side project.
Honeywell launches industrial IoT platform called Honeywell Forge (ZDNet) The plan is to roll out versions for airlines, industrials and buildings.
Technologies, Techniques, and Standards
Watchdog: Current pipeline security plans weak on cybersecurity, coordination (FCW) The Transportation Security Administration's plans for coordinating pipeline security incidents aren't keeping up with rising threats in cyberspace, according to the Government Accountability Office.
For HHS, blockchain means faster ID management and safer mangoes (Federal News Network) The Department of Health and Human Services already uses blockchain in its acquisition shop to buy bulk items more cheaply, but now the Food and Drug Administration sees it as a tool to manage threats to the global food supply chain.
Protecting Service Revenue from Hackers: Cybersecurity for Connected Maintenance Apps (Infosecurity Magazine) Modern maintenance apps provide on-site history, diagnostics, performance measurement and tunability of systems
Eyeing Russia, Army fields jam-resistant GPS in Europe (C4ISRNET) The decision comes amid a pattern of Russia jamming or disrupting all sorts of communications vital to Western forces in recent years.
Design and Innovation
To win the cyber arms race, give hackers fewer incentives (Washington Technology) Where the rubber meets the road in the battle with hackers is in raising the aggravation levels for the enemy while also lowering incentives.
Research and Development
The Day When Computers Can Break All Encryption Is Coming (Wall Street Journal) Quantum computers will be able to overpower current encryption within a decade. That has security experts scrambling to come up with new ways to protect our data before it is too late.
Legislation, Policy and Regulation
States Must Explain When a Cyber Attack Might Draw a Violent Reprisal (Defense One) Without clear explanations that affirm rules of the road, countries make it easier for conflicts to spiral out of control.
China says its Russia partnership is designed to blunt US ‘strategic edge’ (Washington Examiner) China and Russia are being pushed into a closer geopolitical partnership by President Trump's foreign policy decisions, a diplomat in Beijing argued Thursday.
US Ambassador to S. Korea urges companies to avoid using Huawei equipment (Hankyoreh) Harry Harris cites long-term security issues and importance of “reliable” suppliers
Cyber security must become an essential part of technology culture: Vice President (The Hans India) Vice President of India M. Venkaiah Naidu has called for out-of-box ideas and innovations to protect data as new advancements in science and technology would pose a big challenge to cyber security.
Canada elections chief says hackers aim to keep people from voting (Reuters) Hackers seeking to interfere in Canada's federal election this October want...
Election Rules Are an Obstacle to Cybersecurity of Presidential Campaigns (New York Times) Security experts warn that time is running out for campaigns to create protections against the cyberattacks and disinformation seen in recent elections.
NGA selects six states for election cybersecurity policy academy (StateScoop) Arizona, Hawaii, Idaho, Minnesota, Nevada and Virginia will spend the next six months studying election security to come up with plans ahead of the 2020 election.
Analysis | The Cybersecurity 202: Stanford group calls for major overhaul on election security. Here are their recommendations (Washington Post) They call it a 9/11 Commission-style report.
The Missing Mandate In Australia’s Efforts To Protect The Finance Sector From Cyber Threats (Information Security Buzz) Australia’s financial services industry regulator has a new information security standard that is set to kick in from July, opening up a potential pathway to a much-needed national intelligence-led attack simulation scheme for the industry. The Australian Prudential Regulation Authority’s (APRA) incoming CPS 234 standard on information security, which late last year was fast-tracked “due …
NDAA draft focuses on AI, cyber oversight (FedScoop) A key defense subcommittee aims to increase its oversight of the Department of Defense’s cyber-activity, artificial intelligence development and technology acquisition in a draft of the 2020 National Defense Authorization Act it approved Tuesday. The House Armed Services Subcommittee on Intelligence and Emerging Threats and Capabilities wants to require the Pentagon to file more reports on several …
The Snowden Effect, Six Years On (Just Security) Reforms inspired by Edward Snowden's disclosures six years ago about the NSA's warrantless electronic surveillance still fall woefully short.
DoD cyber ops are changing, and so is oversight (Fifth Domain) The first draft of the annual House defense authorization bill has several provisions aimed at understanding DoD's new cyber posture.
Blocking Robocalls to Get Easier Under New FCC Policy (Wall Street Journal) Phone companies have more freedom to block robocalls after U.S. regulators moved to protect them from the legal consequences of doing so.
Going All In to Stop Scam Robocalls- Senate Approves TRACED Act (Neustar Blog) Sooner than expected, but not soon enough for most consumers, the United States Senate has approved amendments to the TRACED Act to take on robocalls.
Nuclear Energy Regulators Need to Bring on More Cyber Experts, Watchdog Says (Nextgov.com) Cyberattacks on nuclear power stations on the rise, and an aging workforce may soon leave the government struggling to defend plants against the latest threats.
DHS cyber deficiencies are improving, says watchdog (Fifth Domain) While deficiencies in the department’s overall patch management process and shortfalls with weakness remediation and security awareness training activities were reported, these are being addressed alongside a FEMA data breach.
Lawmakers Question FBI’s Facial Recognition Program (Defense One) The bureau for years ignored concerns about the accuracy and transparency of its facial recognition efforts, and the House Oversight Committee isn’t happy about it.
Health care data hacks drawing attention of Congress (BenefitsPRO) Senators wrote to Quest Diagnostics asking about its recent breach, one of a growing number of such incidents in the health care sector.
Fort Gordon and U.S. Cyber Center of Excellence have new commander (WFXG) The change of command ceremony took place on post Thursday, June 6. Major General John B. Morrison relinquished his command over to incoming commander Major General Neil S. Hersey.
Litigation, Investigation, and Enforcement
Facebook Revamps Defense Team as Antitrust Scrutiny Increases (Wall Street Journal) Facebook has been revamping the leadership of its defense teams in the face of what is potentially the most serious antitrust threat to the company in its 15-year history.
Extradition hearing for Huawei CFO set for early 2020 (CTV News Vancouver) British Columbia's Supreme Court has accepted a proposal by the defence team for Huawei executive Meng Wanzhou that would see her extradition hearing begin Jan. 20, more than a year after she was taken into custody.
Australian Police Collect 9K+ Docs in ABC Raid (Infosecurity Magazine) A raid on the Australian Broadcasting Corp. is a sign that journalists may need to do more to protect their data and sources.
Gang charged with $19 million iPhone scam (Naked Security) It was a well-oiled business, with Top Dogs fencing devices, forgers cooking up fake IDs with stolen PII, and runners ripping off phones.
Privacy watchdog criticizes Cathay Pacific over 2018 data breach (Reuters) Airline Cathay Pacific has been found to have not followed data protection princ...
Industry Events
upcoming Events
Cybertech Midwest 2019 (Indianapolis, Indiana, USA, April 24 - July 25, 2019) Cybertech is the cyber industry’s foremost B2B networking platform featuring cutting-edge content by top executives, government officials, and leading decision-makers from the world of cyber. Our Cybertech Midwest 2018 kickoff event was a conference and exhibition on global cyber threats, solutions, innovations, and technologies. It featured discussions by the industry's most renowned technology company executives, startups, government officials and contractors, investors, academics, media experts and other professionals changing the global cyber landscape—covering the most trending topics in the area of cyber and innovation.
Layer 8 Conference (Providence, Rhode Island, USA, June 8, 2019) Come learn about social engineering and intelligence gathering. The Layer 8 Conference is the first conference in New England to be solely focused on social engineering and intelligence gathering. This conference was formerly known as “Social Engineering – Rhode Island” or se-ri.org. The change was made during the 2018 conference to better reflect the goals of “Hacking the Human” and its reference to the 7 layer OSI Model, where the human is Layer 8!
NetDiligence® Cyber Risk Summit (Philadelphia, Pennsylvania, USA, June 12 - 14, 2019) The NetDiligence® Cyber Risk Summit in Philadelphia is attended by more than 600 cyber insurance, legal/regulatory, and technology leaders from all over the globe. A premier education and networking event, this conference features two full days of panel discussions by leading cyber experts who share their insights on hot topics, trends, and cybersecurity concerns. Connect with leaders in cyber risk and privacy liability and learn from their experiences on current and emerging concerns in the ever-changing cyber landscape.
SecureWorld Chicago (Chicago, Illinois, USA, June 13, 2019) Connecting, informing, and developing leaders in cybersecurity. For the past 17 years, SecureWorld conferences have provided more content and facilitated more professional connections than any other event in the InfoSec industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays—all while networking with local peers.
Baltimore Cybersecurity Conference (Baltimore, Maryland, USA, June 13, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel with three-to-five local CISOs discuss real-world problems and solutions.
Sponsor & Support
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.