The CyberWire Daily Briefing 6.12.19

Cyber Attacks, Threats, and Vulnerabilities

Cyberattack exposes travelers’ photos, says US border agency (WeLiveSecurity) A security incident at one of the US’ Customs and Border Protection subcontractors has compromised the photos of thousands of people entering and leaving the country.

New Version of ShellTea Backdoor Used by FIN8 Hacking Group (SecurityWeek) Researchers have detected a new campaign against the hotel-entertainment industry employing the first documented use of the ShellTea/PunchBuggy backdoor since 2017.

Shifting Tactics: Breaking Down TA505 Group’s Use of HTML, RATs and Other Techniques in Latest Campaigns (TrendLabs Security Intelligence Blog) In TA505 group's latest campaign, they started using HTML attachments to deliver malicious .XLS files that lead to downloader and backdoor FlawedAmmyy, mostly to target users in South Korea. We also touch on the latest TA505 developments, including an email stealer, their use of legitimate software and MSI Installer, and more.

New Security Warning Issued For Google's 1.5 Billion Gmail And Calendar Users (Forbes) More than one billion users of Google's Gmail and Calendar applications are being warned about a newly discovered security threat. Here's what you need to know.

Hackers Are Targeting 1.5 Billion Gmail and Calendar Users. Here's What You Can Do to Protect Yourself (Inc.com) Google's 1.5 billion Gmail and Calendar users might need some help in safeguarding themselves against malicious hackers.

Near-Ubiquitous Critical Microsoft RCE Bugs Affect All Versions of Windows (Threatpost) The two CVEs allow bypasses to get around NTLM relay attack mitigations.

PHA Family Highlights: Triada (Google Online Security Blog) Posted by Lukasz Siewierski, Android Security & Privacy Team We continue our PHA family highlights series with the Triada family, whi...

Beware of this SMS: Your ATM has been blocked (Gulf News) How fake apps hiding in plain sight on Google Play could steal your credentials and money

Critical Vulnerability Discovered in Evernote's Chrome Extension (Guardio) A logical coding error made it is possible to break domain-isolation mechanisms and execute code on behalf of the user - granting access to sensitive user information not limited to Evernote's domain.

Linux Command-Line Editors Vulnerable to High-Severity Bug (Threatpost) A bug impacting editors Vim and Neovim could allow a trojan code to escape sandbox mitigations.

Never used Zelle? Scammers can still use it to drain your bank account (NBC Nightly News) The digital payment service embedded in banking apps has made it easier for thieves to access funds in personal checking and savings accounts, experts say.

Evite e-invite website admits security breach (ZDNet) Company comes clean after a hacker put its data up for sale on the dark web in April.

Critical flaw in WordPress live chat discovered (TechRadar) Vulnerability allows hackers to inject text and steal chat logs

Siemens SCALANCE X (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 7.1ATTENTION: Low skill level to exploitVendor: SiemensEquipment: SCALANCE X SwitchesVulnerability: Storing Passwords in a Recoverable Format2. RISK EVALUATIONSuccessful exploitation of this vulnerability could allow an attacker to reconstruct passwords for users of the affected devices, if the attacker is able to obtain a backup of the device

DICOM Standard in Medical Devices (ICS-CERT) 1. EXECUTIVE SUMMARYNCCIC is aware of a public report of a vulnerability in the DICOM (Digital Imaging and Communications in Medicine) standard with proof-of-concept (PoC) exploit code. The DICOM standard is the international standard to transmit, store, retrieve, print, process, and display medical imaging information. According to this report, the vulnerability is

Siemens Siveillance VMS (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 8.8ATTENTION: Exploitable remotely/low skill level to exploitVendor: SiemensEquipment: Siveillance VMSVulnerabilities: Improper Authorization, Incorrect User Management, Missing Authorization2.

Siemens LOGO!8 Devices (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 7.5ATTENTION: Exploitable remotely/low skill level to exploit Vendor: SiemensEquipment: LOGO!8 devicesVulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Session Fixation2.

Siemens Industrial Products with OPC UA (Update B) (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 7.5ATTENTION: Exploitable remotely/low skill level to exploitVendor: SiemensEquipment: SIMATIC, SINEC-NMS, SINEMA, SINEMURIK Industrial Control Products with OPC UAVulnerability: Uncaught Exception2.

Siemens CP, SIMATIC, SIMOCODE, SINAMICS, SITOP, and TIM (Update B) (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 7.5ATTENTION: Exploitable remotely/low skill level to exploitVendor: SiemensEquipment: CP, SIMATIC, SIMOCODE, SINAMICS, SITOP, and TIMVulnerability: Out-of-bounds Read2.

Siemens SIMATIC Ident MV420 and MV440 Families (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 7.1ATTENTION: Exploitable remotely/low skill level to exploitVendor: SiemensEquipment: SIMATIC Ident MV420 and MV440 FamiliesVulnerabilities: Improper Privilege Management, Cleartext Transmission of Sensitive Information2.

Siemens SCALANCE X (Update A) (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 5.4ATTENTION: Exploitable remotelyVendor: SiemensEquipment: SCALANCE XVulnerability: Expected Behavior Violation2. UPDATE INFORMATIONThis updated advisory is a follow-up to the original advisory titled ICSA-19-085-01 Siemens SCALANCE X that was released March 26, 2019, on the NCCIC/ICS-CERT website.

Siemens SCALANCE X Switches, RUGGEDCOM WiMAX, RFID 181-EIP, and SIMATIC RF182C (Update B) (ICS-CERT) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable from the same local network segment (OSI Layer 2) Vendor: Siemens

Researchers use Rowhammer bit flips to steal 2048-bit crypto key (Ars Technica) RAMBleed side-channel attack works even when DRAM is protected by error-correcting code.

New RAMBleed Attack Allows Access to Sensitive Data in Memory (SecurityWeek) Researchers disclose RAMBleed, a new type of side-channel attack on DRAM that can be used to obtain potentially sensitive data, such as a 2048-bit RSA key, from a device’s memory.

Code Signing Issues Leave Gaps for Hackers (Infosecurity Magazine) Venafi research finds just 14% of European firms have security in place

12 top cloud security threats: The dirty dozen (CSO Online) More data and applications are moving to the cloud, which creates unique infosecurity challenges. Here are the "Treacherous 12," the top security threats organizations face when using cloud services.

Credential Stuffing: Cracking Open Accounts with Stolen Data (Infosecurity Magazine) As breached data continues to flood the dark web, what can organizations can do to mitigate the impact of automated attacks

Hackers are stealing personal medical data to impersonate your doctor (The Next Web) When it comes to health, prevention is the best cure. Now it’s becoming apparent it is time to extend this philosohphy to medical data as well. While personally identifiable information — full names, social security numbers, home addresses, dates of birth, credit card numbers — can be exploited by criminals to commit identity fraud, the …

Researchers crack digital safe using HSM flaw (Naked Security) French researchers have found a bug in a hardware security module (HSM) that could enable an attacker to steal highly prized secrets.

Radiohead Defies Hackers, Releases Trove of Stolen Music (SecurityWeek) The band Radiohead released an 18-hour trove of private recordings from their 1997 album "OK Computer" after getting hacked by someone seeking a ransom of $150,000 for the music.

Baltimore home sales fall after malware attack (Maryland Daily Record) The number of closed home sales in Baltimore fell last month by nearly 20% from the previous May after a ransomware attack crippled the city’s ability to process sales.

Luzerne County still recovering from cyber attack | Times Leader (Times Leader) Some Luzerne County government offices marked their second week with limited or no computer access to essential programs Tuesday due to a cyber attack, including the busy assessor’s…

Security Patches, Mitigations, and Software Updates

Microsoft Delivers Hefty June Security Patch Bundle (Redmondmag) Microsoft has released its monthly bunch of security patches for June, addressing 88 common vulnerabilities and disclosures (CVEs).

Microsoft Patch Tuesday, June 2019 Edition (KrebsOnSecurity) Microsoft on Tuesday released updates to fix 88 security vulnerabilities in its Windows operating systems and related software.

Security Update Guide (Microsoft) The Microsoft Security Response Center (MSRC) investigates all reports of security vulnerabilities affecting Microsoft products and services, and provides the information here as part of the ongoing effort to help you manage security risks and help keep your systems protected.

Adobe Patches Code Execution Flaws in Flash, ColdFusion, Campaign (SecurityWeek) Adobe patches critical arbitrary code execution vulnerabilities in Flash Player, ColdFusion and Campaign.

Security Bulletins and Advisories (Adobe Security Bulletins and Advisories) This page contains important information regarding security vulnerabilities that could affect specific versions of Adobe products.

Cyber Trends

The HackerOne Top 10 Most Impactful and Rewarded Vulnerability Types (HackerOne) We’ve put together a list of the most impactful vulnerabilities on the HackerOne platform so you can see where to aim your security efforts and how to better align your security team to today’s biggest risks. Learn which vulnerabilities aren’t in the OWASP Top 10 and see the top vulnerabilities submitted by volume, bounty awards, and more.

Top 10 Most Impactful and Rewarded Vulnerability Types (HackerOne) The biggest bounties paid and most critical vulnerabilities reported through the HackerOne Platform through 2018.

More than One in Five Americans Have Cancelled or Considered Cancelling Plans to Attend Large-Scale Sporting Events and Concert Festivals Due to Concerns About Their Physical and Cyber Safety -- New Unisys Security Index™ (PR Newswire) More than one in five (22%) Americans say they have cancelled plans or considered cancelling plans to attend...

What Is the Cybersecurity Tipping Point? (CMSWire.com) Data breaches are our new reality. Cybercrime is a business, its participants are always honing their skills to take advantage of business and consumer data.

Mary Meeker’s most important trends on the internet (Vox) Here are all the slides, plus analysis.

Marketplace

News Publishers Go To War With the Internet — and We All Lose (Medium) Around the world, news industry trade associations are corruptly cashing in their political capital to attack the internet.

Anger at Big Tech unites noodle pullers and code writers (Silicon Valley Business Journal) Oracle and the Handpulled Noodle would seem to have little in common. One is a multibillion-dollar software company in Silicon Valley with tens of thousands of employees all over the world. The other is a small Harlem spot that serves Chinese comfort food and is known for its tasty dumplings.

Google, Facing More Scrutiny, Overhauls Lobbying and Public Affairs Operations (Wall Street Journal) Google has fired several of its largest lobbying firms as part of a major overhaul of its global government affairs and policy operations amid the prospect of greater government scrutiny.

Huawei Cancels Launch of New Laptop as U.S. Restrictions Sting (Wall Street Journal) China’s Huawei Technologies canceled the launch of a new laptop and paused production at its personal-computer business due to restrictions on buying American components.

Foxconn claims it can make all of Apple's iPhones outside China (AppleInsider) Foxconn has told investors that it has the capacity to produce iPhones for the American market without using its Chinese facilities, potentially skirting possible US/China trade tariffs.

Analysis | Raytheon Deal Upends the Aerospace Playing Field (Washington Post) United Technologies’ latest megamerger should put GE, Honeywell and Boeing on notice.

Raytheon’s Tom Kennedy and UTC’s Greg Hayes on why they are uniting the companies (Defense News) The two heads of the future Raytheon Technologies Corporation talk with Defense News about the mega-deal that could reshape the defense industry.

John DeSimone: Raytheon Pursues Investments, Partnerships to Build Cyber Capabilities (GovCon Wire) TYSONS CORNER, VA, June 11, 2019 — John DeSimone, vice president of cybersecurity and special missio

Orca Security Lands $6.5M Seed Round to Deliver IT Security Teams Unprecedented Full Stack Cloud Visibility, Securing High-Velocity Cloud Growth (BusinessWire) Israeli startup Orca Security, founded by former Check Point executives Avi Shua and Gil Geron, today announced $6.5 million in seed funding led by YL

Vade Secure Enters €70M Financing Agreement with General Catalyst (PR Newswire) Vade Secure, the global leader in predictive email defense, announced that it has entered a €70M...

Fidelity Joins $16 Million Investment In Crypto Security Startup (Forbes) With its founders inspired by North Korean hacks that stole more than half a billion dollars worth of cryptocurrencies, Fireblocks is trying to make transactions more intuitive and secure.

CrowdStrike prices IPO at $34, above range (CNBC) CrowdStrike follows several other major tech companies into the public markets this year.

CrowdStrike IPO: 5 things to know about the cybersecurity unicorn (MarketWatch) CrowdStrike Holdings Inc. will make its long-awaited public debut Wednesday, after pricing its IPO at $34 a share, to raise more than $700 million.

Meet The New InfoSec Unicorn: KnowBe4. Thank You For Your Trust! (KnowBe4) Meet The New InfoSec Unicorn: KnowBe4. Thank You For Your Trust!

Growth Continues: BoldCloud Broadens Cybersecurity Product Portfolio as Business Expands (West) Demand for SMB Advisory Services and Products to Combat Enhanced Threats like Phishing, Malware and Ransomware Drives BoldCloud Growth

JPMorgan Years Away From Seeing Quantum-Computing Dividends (Wall Street Journal) The bank sees potential in using quantum computing as a way to significantly speed up financial calculations, but it is still years away from deploying the technology.

Tech skills shortages are increasing every year, and large corporates are worst affected - Harvey Nash (Computing) Every year, the IT skills shortage worsens, warns Harvey Nash CEO Albert Ellis, with the fields of big data, security and AI most acutely affected

Nixu carried out an employee share issue directed to its cybersecurity professionals (News Powered by Cision) Nixu Corporation, the European cybersecurity services company, announced on March 27, 2019, the establishment of the All-Employee Matching Share Plan 2019–2021. The plan consists of a directed share issue against payment (Share Issue 1/2019) whereby a maximum of 100,000 new Nixu shares were offered to employees of Nixu and its subsidiaries for a subscription.

Tips for cybersecurity vets starting a company (Fifth Domain) Cyber professionals transitioning from federal or military service into the commercial industry should keep a few things in mind.

A launch pad for federal cybersecurity solutions (Fifth Domain) MasterPeace is a business accelerator that focuses on cyber missions.

Who’s going to help New York become a cyber capital? Israel, of course (Israel21c) As New York aims to be a global center of excellence in cybersecurity, the city turned to Israeli experts to build and manage key parts of the plan.

Saudi Arabia’s cybersecurity industry to be valued at $5.5bn by 2023 (Saudi Gazette) According to the International Telecommunication Union (ITU), the Kingdom ranked 1st on regional level and 13th on global level out of 175 countries in the Global Cybersecurity Index (GCI) for the year 2018 shooting up 33 places.

C-suite career advice: Adrian Taylor, A10 Networks (IDG) Which would you recommend: A coding bootcamp or a computer science degree? "A Computer Science degree provides a broader foundation."

Security Industry Association to Present Wayne Esser and Dhira Gregory With 2019 SIA Statesman Award (Security Industry Association) Esser and Gregory will be honored for their work with SIA and the National Capital Region Security Forum at SIA GovSummit in Washington, D.C.

Tufin Names Tom Schodorf and Brian Gumbel to Board of Directors (BusinessWire) Network security policy automation company Tufin (NYSE: TUFN) names Tom Schodorf and Brian Gumbel to its Board of Directors.

Akamai Elects Madhu Ranganathan to Board of Directors (Yahoo) Akamai Technologies Inc., (AKAM), the intelligent edge platform for securing and delivering digital experiences, today announced the election of Madhu Ranganathan to fill a vacancy on the Akamai Board of Directors effective June 7, 2019. For the past 25

Products, Services, and Solutions

LogMeIn Takes Aim at Cloud Identity with New LastPass Business Lineup (LogMeIn) Adds single-sign-on and adaptive multifactor authentication capabilities to renowned enterprise password management

Cynet Brings Unmatched Insights of IT Assets and Activities to the Enterprise with its Free Proactive Visibility Offering (PRWeb) Cynet, pioneers of award-winning automated threat discovery and mitigation solutions (http://www.cynet.com), today announced the powerful new Cynet Proactive Visibi

Corelight Enhances Detection Capability with Support for MITRE ATT&CK Package (Yahoo) Corelight, providers of the most powerful network visibility solution for cybersecurity, today launched version 17 of its software, with.

Optiv Security and SailPoint Launch First-to-Market Identity Governance-as-a-Service Powered by IdentityNow (BusinessWire) Pervasive enterprise digital transformation actions continue to dramatically expand business complexity and the attack surface, leading organizations

Clovity Partners with Dispersive Networks on Securing Large Scale IoT Device Deployments for Enterprise and Smart City Initiatives (Dispersive) Clovity will use Dispersive Networks’ ultra-secure networking technology to deliver mission-critical IoT solutions for Clovity’s Fortune 500 clients

PSA Insurance & Financial Services Launches Turnkey Cyber Risk Management Solution for SMBs (PSA Insurance and Financial Services) PSA announces the launch of a new cybersecurity solution, CyberON, specifically designed to provide cyber risk detection, protection, and incident management to small and medium-sized businesses.

Untangle Expands its Network Security Framework with New zSeries Appliances, NG Firewall Version 14.2 (PR Newswire) Untangle® Inc., a leader in comprehensive network security for small-to-medium businesses and distributed...

Ping Identity Simplifies and Strengthens Customer Data Protection (SYS-CON Media) Ping Identity, the leader in Identity Defined Security, today announced updates to its data governance solution, PingDataGovernance, to better manage data security and privacy requirements for APIs and user profiles.

Check Point Software Exposes Unseen Cloud Threats with New Security Analytics Solution (Check Point Software) CloudGuard Log.ic provides threat protection and context-rich security intelligence in the public cloud, enabling operations teams to see every IaaS and PaaS asset, understand cloud activities, and easily launch forensics

NaviSec Launches a Customizable Portfolio of Cybersecurity Solutions to Address Vulnerability Gaps in Healthcare (Yahoo) NaviSec, a company that addresses full-service cybersecurity needs for small-to-medium sized businesses, today announced the launch of its scalable portfolio of offensive and defensive cybersecurity services for the healthcare industry. NaviSec offers a holistic approach, allowing its customers—from

Help NINJO celebrate our four-year anniversary, give the gift of security awareness (NINJIO) IBM reports that anywhere from 70 to 90 percent of breaches are caused by human error, not merely technological glitches. According to Accenture, there has been a 67 percent increase in security breaches over the past five years. A recent Global Information Security Survey says that more than one-third of organizations say careless employees are their biggest security risk.

Avast Patch Management service helps small businesses manage security updates - Help Net Security (Help Net Security) Avast launches a new Patch Management service to help small and mid-sized businesses manage necessary security updates more easily and efficiently.

Facebook launching app that pays users for data on app usage (ABC News) Facebook is launching an app that will pay users to share information about which apps they're using with the social media giant

Technologies, Techniques, and Standards

5 Fundamentals for Mitigating the Risk of Laterally Spreading Malware (Bricata) The persistent risk of laterally spreading malware requires good execution of network security fundamentals including segmentation and internal instrumentation.

Study: How Well Are You Protecting Code Signing Certificates? (Venafi) Venafi study reveals organizations are not protecting code signing assets. Read more.

DoD should use third-party cybersecurity assessments for its vendors | Federal News Network (Federal News Network) Leslie Weinstein explains why the Pentagon should follow other sectors and use experts to ensure vendors are meeting cyber requirements.

Hackproofing smart meters and boosting smart grid security (Help Net Security) Cybersecurity researchers developed an automated program aimed at hackproofing smart meters and boosting security in the smart grid.

The Economic Value of DNS Security (Global Cyber Alliance) The Domain Name System (DNS) is a critical component of the Internet. It serves as a translator between the human-recognizable domain names and machine-recognizable locations on the Internet. When DNS is used as a security measure, aka DNS firewall, the benefits can be significant.

Eliminating Excessive Permissions (Radware Blog) Excessive permissions are the #1 threat to workloads hosted on the public cloud. Eliminating them is critical to an organization's security.

How to disable basic authentication in Microsoft Office 365 (CSO Online) If you've implemented multi-factor authentication, you should disable the default basic authentication to make sure attackers can't exploit it.

Design and Innovation

IBM expert wants security placed at heart of 5G - Mobile World Live (Mobile World Live) INTERVIEW: An IBM security chief warned against complacency when it comes to 5G protection, arguing ...

Inside Huawei’s secretive plans to build an operating system to rival Android (South China Morning Post) Google and Microsoft, whose Android and Windows software Huawei largely relies upon in its laptops and tablets, have both suspended access for new Huawei devices.

Microsoft Pushing for a Passwordless Windows 10 (SecurityWeek) Windows 10, version 1903, allows users to add a passwordless phone number Microsoft account to Windows and to sign-in with the Microsoft Authenticator app.

The Next Big Privacy Hurdle? Teaching AI to Forget (WIRED) Opinion: The inability to forget doesn’t only impact personal privacy—it could also lead to real problems for our global security.

The One Rule of Content Moderation That Every Platform Follows (OneZero) For YouTube, Facebook and the rest, if a decision becomes too controversial, change it

This Deepfake of Mark Zuckerberg Tests Facebook’s Fake Video Policies (Vice) A fake video of Mark Zuckerberg giving a sinister speech about the power of Facebook has been posted to Instagram. The company previously said it would not remove this type of video.

Facebook has had a CBD problem for years (The Verge) The social media giant doesn’t let you promote posts featuring CBD — and now there’s a lawsuit

Cloudflare’s Five-Year Project to Protect Nonprofits Online (WIRED) Cloudflare's Project Galileo has helped vulnerable organizations fend off DDoS and other attacks for the last five years.

Research and Development

To detect fake news, this AI first learned to write it (TechCrunch) One of the biggest problems in media today is so-called "fake news," which is so highly pernicious in part because it superficially resembles the real thing. AI tools promise to help identify it, but in order for it to do so, researchers have found that the best way is for that AI to learn to creat…

Solving the ‘nothing significant to report’ problem (C4ISRNET) Cindy Daniell, the director of research at National Geospatial-Intelligence Agency, talks about how artificial intelligence can help analysts find the time to find solutions.

Academia

Amazon Web Services partners with George Mason on 4-year cloud degree program (Washington Business Journal) Teresa Carlson, vice president, worldwide public sector at Amazon Web Services, announced a new partnership with George Mason University to create a four-year cloud computing-focused degree.

Tech takes stage in Cyber FastTrack program (Overton County News) Tennessee Tech students play the serious game of cybersecurity at a national level, ranking in the top 25 in the nation out of more than 1,200 in a recent competition.

IBM brings its Quantum computer program to 16 African universities (TechCrunch) IBM launched its Quantum computer program in Africa today, announcing a partnership with South Africa’s Wits University that will extend to 15 additional universities across 9 countries. Quantum—or IBM Q, as the U.S. based company calls it—is a computer that uses quantum bits (or qubits) to top the…

Legislation, Policy and Regulation

United Arab Emirates Says It Doesn't Hack Dissidents or Journalists (Vice) But news reports continue to suggest that ex-NSA hackers are helping the country hack and surveil its citizens.

Huawei executive grilled over 5G security by British lawmakers (CNBC) Huawei's global cyber security and privacy officer defended the company's security practices in a hearing on Monday.

Huawei Denies Being Bound by Chinese Spy Laws (SecurityWeek) Huawei's cyber security chief told the UK parliament Monday that the Chinese telecoms giant has been advised it was under no obligation to spy for Beijing if so asked by the Communist state.

U.S.-China Trade Impasse: For Washington, Now is Not the Time to Blink (War on the Rocks) What a difference a few weeks makes. In late April, optimism about a looming U.S-China trade deal permeated the spring air. Stock markets were upbeat, and

Wilbur Ross says Chinese tech giants Huawei and ZTE both present national security risks (CNBC) "Both are doing practices that we think are potentially injurious to our national security," says the Commerce secretary.

Bolton Says U.S. Is Expanding Offensive Cyber Operations (Wall Street Journal) The U.S. intends to expand offensive cyberoperations to counter digital economic espionage and other commercial hacks, White House national security adviser John Bolton said at The Wall Street Journal’s CFO Network annual meeting.

Analysis | The Cybersecurity 202: Cyber pros offer cautious praise as Bolton pledges more offensive hacking (Washington Post) Other responses haven’t worked, they say

House panel approves $408 million boost for CISA (FCW) Election security, critical infrastructure protection and CDM all received funding boosts, but disagreements on immigration loom over the bill's passage into law.

House's defense bill looks to protect Pentagon's tech supply chain (CyberScoop) The cybersecurity proposals in the House Armed Services Committee’s draft of the national defense bill for fiscal 2020 include provisions that would create new directives on the Department of Defense’s tech acquisitions and supply chain.

McConnell: Senate will hold election security briefing (TheHill) Majority Leader Mitch McConnell (R-Ky.) on Tuesday said that the Senate will have an election security briefing in the wake of special counsel Robert Mueller's report on Russian meddling in the 2016 election.

Facebook chief Mark Zuckerberg reached out to Speaker Pelosi. She hasn’t called him back. (Washington Post) House Speaker Nancy Pelosi (D-Calif.) remains frustrated with Facebook over its handling of a distorted video of her remarks.

Electric Grid Security Unites Public and Private Sectors (Government Technology) These agencies must converge to develop solutions for an electric grid that is vulnerable to cyber- and physical attacks that continue to evolve, and present moving targets created by sophisticated, motivated actors.

Opinion | The U.S. still hasn’t done nearly enough to stop election interference (Washington Post) It is a dereliction of duty for Congress and the administration to delay action on preventing hacking.

Ohio elections chief orders counties to upgrade security (Washington Post) Ohio’s elections chief has ordered county boards of elections to undergo a host of security upgrades that he says will guard against cyberattacks and other threats ahead of the 2020 election

Litigation, Investigation, and Enforcement

Ed Markey: Customs data breach ‘raises serious concerns’ (Boston Herald) U.S. Sen. Edward Markey on Tuesday called on the Department of Homeland Security to halt its use of facial recognition technology after the U.S. Customs and Border Protection confirmed that a recen…

Russian investigative journalist freed after days of protests (Washington Post) Ivan Golunov was detained last week on suspicion of dealing drugs. Golunov’s supporters claimed he was framed.

Wyden-Klobuchar letter to Wray re. NC election systems (Washington Post) We write to better understand the steps that the FBI has taken...

Federal investigators to examine equipment from 2016 N.C. election amid renewed fears of Russian hacking (Washington Post) A single phrase in special counsel Robert S. Mueller III’s report has touched off a new scramble for answers about what hackers might have achieved during the last presidential election.

Florida election vendor says it has proof it wasn't breached by Russians (POLITICO) VR Systems sells software and electronic poll books that are used throughout Florida and in seven other states.

State Attorneys General Seek to Block T-Mobile-Sprint Merger (Wall Street Journal) Ten state attorneys general are seeking to block T-Mobile’s merger with Sprint, according to people familiar with the matter. They will unveil a lawsuit at a news conference Tuesday afternoon.

Israeli Tech Companies Target Rights Activists With Tailor-Made Cyber Threats (The Wire) The dirty cyber campaigns mounted by Israeli companies like Archimedes, NSO and Black Cube endanger lives and pollute democratic processes around the world.

Phishing with Calendar invitations. Recent TA505 & Fin8 activity. Keeping options open during a trade war. Patch Tuesday notes.

Bring your own context.