The CyberWire Daily Briefing, 2.26.20

Dateline

RSA 2020: How Cybersecurity Pros Can Boost Morale (BizTech Magazine) It’s time they started boasting about their wins instead of just explaining their failures, says RSA President Rohit Ghai

#RSAC: Realize the Harms and Benefits of Technology and Create Policies to Enable the Public (Infosecurity Magazine) Decisions made by technology companies have angered people

RSA Live: Dell and RSA Leaders on AI Impact (Meritalk) Artificial intelligence (AI) is ripe to revolutionize the workforce and the process of human-machine teaming, but funding, organizational application, and experimentation must accelerate in order for it to become a reality, posited Steve Harris, senior vice president and general manager of Dell Technologies Federal.

Russian interference in 2016 election prompted better information sharing, top DHS cyber official says (CyberScoop) There was a time when the National Security Agency and the Department of Homeland Security primarily kept to themselves when it came to information sharing. That time is in the past.

Ransomware top of mind for DHS cyber chief (FCW) The director of the Cybersecurity and Infrastructure Security Agency said the organization has been “a little bit late to the game” recognizing the potential of ransomware to directly touch the lives of citizens, but that’s changing.

The unexpected lessons from the Windows vulnerability (Fifth Domain) A Windows 10 vulnerability highlighted how the Department of Homeland Security's cybersecurity agency and the NSA's new cybersecurity directorate can work together.

Australian cyber solution firms take centre stage at US conference (Insurance Business) The innovators pitched at AustCyber and Austrade’s one-day event

Equifax paints itself as a cybersecurity leader now (Protocol) Nearly three years after its massive breach, Equifax says it has a lot to teach the industry. Will experts buy it?

Intel Highlights Latest Security Investments at RSA 2020 | Intel Newsroom (Intel Newsroom) At the Intel Security Day event during RSA Conference 2020, Intel underscored its

VMware Cloud Foundation Gets Security Breakthrough At RSA (CRN) VMware Cloud Foundation gets new NSX security capabilities as well as Carbon Black endpoint technology for VMware Cloud on AWS and Dell EMC at RSA.

Maryland's Cybersecurity Sector Heads to RSA™ 2020 (Maryland Department of Commerce) The Maryland Department of Commerce is joining a delegation of Maryland cybersecurity companies, federal agencies, and economic development partners this week at RSA™ 2020.

RSA Roundup: McAfee M&A, BlackBerry, Trustifi, BigID (Channel Futures) With this acquisition, McAfee plans to integrate Light Point Security’s browser isolation technology into McAfee Secure Web Gateway, complementing its existing inbound and outbound protection for all web and cloud traffic.

BlackBerry, Microsoft and other heavy hitters drop product announcements at RSA Conference (IT Business) BlackBerry, Proofpoint, McAfee, Palo Alto Networks and Spirion are among the companies making product announcements in San Francisco at the start of

RSA: Google Cloud security updates, Imperva advanced bot protection solution, Code42 insider threat detection, and Elastic’s integrated security offerings (SD Times) Companies are releasing new cybersecurity tools that speed up security testing, the hiring of security professionals, and end-to-end application security assistance.

Exabeam Launches Cloud Platform at RSAC 2020 to Extend its SIEM Solution with New Applications, Tools and Content (Exabeam) New Exabeam Cloud Archive and Exabeam Cloud Studio advance Exabeam’s mission: to make every security practitioner more efficient[...]

Imperva Unveils Fully Integrated Advanced Bot Protection Solution (BusinessWire) Imperva, Inc., the cybersecurity leader championing the fight to secure data and applications wherever they reside, today announced Advanced Bot Prote

CyberArk Releases First-of-Its-Kind Privilege Deception Capabilities (CXOToday.com) Extend Credential Theft Protection on the Endpoint By Further Reducing Attacker Dwell Time and Blocking Lateral Movement CyberArk (NASDAQ: CYBR), the global

CrowdStrike Delivers Its Ever-Growing Partner Ecosystem Powerful Tools to Increase Development of Innovative Solutions In the Battle Against Advanced Threats (Yahoo) RSA Conference 2020 – CrowdStrike® Inc. (Nasdaq: CRWD), a leader in cloud-delivered endpoint protection, today announced that it has made available to partners new features built on the rich and expansive data of the CrowdStrike Falcon® platform to enable them to more quickly and easily develop and deliver

RSA Conference 2020: BlackBerry Unveils Zero Trust Security for IoT Platform (MSSP Alert) BlackBerry unveils zero trust security capabilities for its Spark Internet of Things (IoT) platform at the RSA Conference in San Francisco. Cylance endpoint protection involved.

Mimecast’s Email Security 3.0 Strategy Advances the Way Organizations Combat Email Based Cyber Attacks (Yahoo) RSA Conference -- Mimecast Limited (MIME), a leading email and data security company, today announced it has added new capabilities to its cloud-based platform comprised of integrated service components that organizations’ need to combat the latest cybersecurity challenges. Mimecast has incorporated

New Mimecast Threat Intelligence Report Analyzes 92 Billion Rejected Emails (Yahoo) RSA Conference -- Mimecast Limited (MIME), a leading email and data security company, today announced the availability of the Mimecast® Threat Intelligence Report: RSA® Conference Edition. The report is designed to provide technical analysis from Mimecast threat researchers on major campaigns carried

Google Cloud bolsters security offerings at RSA – as Thales report warns of more breaches (Cloud Tech News) Google Cloud has beefed up its security offerings to include greater threat detection, response integration, and online fraud prevention.

Introducing the FireEye Mandiant Threat Intelligence Suite (BusinessWire) Available via incremental tiers, the FireEye Mandiant Threat Intelligence Suite enables organizations to take an intel-led security approach.

Cisco unleashes ‘Thanos’ in hopes for a ‘radical simplification’ of security software (MarketWatch) Cisco Systems Inc. is hoping to restore order into a universe of frazzled security professionals with a “radical simplification” that could reduce the number...

RSA Conference 2020 Announces Excellence in the Field of Mathematics Award (Yahoo) RSA® Conference, the world’s leading information security conferences and expositions, today announced that two world-renowned cryptographers, Professor Joan Daemen and Professor Vincent Rijmen, are the recipients of its annual award for Excellence in the Field of Mathematics.

ReversingLabs Named Winner of the Coveted InfoSec Awards during RSA Conference 2020 (Yahoo) ReversingLabs, a leading provider of explainable threat intelligence solutions, is proud to announce that it has won the following awards from.

SparkCognition Recognized on CRN® 2020 Security 100 List at RSA Conference 2020 (Yahoo) SparkCognition, a leading AI company, announced today that CRN®, a brand of The Channel Company, has named SparkCognition to its annual Security 100 list. This list identifies the top security vendors in the IT channel. Honorees are chosen based on their impact in each of these categories: Identity Management

KnowBe4 Named a Winner for the Cyber Defense InfoSec Awards 2020 (Yahoo) KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced it has been named a winner for the Cyber Defense InfoSec Awards 2020 as a market leader for Security Awareness Computer Based Training

Hillstone Networks Named Winner of Security Company of the Year During RSA Conference 2020 (BusinessWire) Hillstone Networks, a leading provider of Enterprise Network Security and Risk Management solutions, is proud to announce won the following awards fro

Netskope Named Winner of Two InfoSec Awards at RSA Conference 2020 (Yahoo) Netskope, the leading security cloud, today announced it received two 2020 InfoSec Awards from Cyber Defense Magazine (CDM), the industry's leading electronic information security magazine, in the categories of Editor's Choice – Cloud Security and Hot Company – Data Loss Prevention (DLP).

Keeper Security Honored with Four InfoSec Awards at the RSA Conference 2020 (Yahoo) Keeper Security, provider of the leading cybersecurity platform for preventing password-related data breaches and cyberthreats, has been named a winner in four different categories at the 8th Annual InfoSec Awards, presented by Cyber Defense Magazine (CDM), the industry's leading electronic information security magazine. The awards were announced at RSA Conference 2020 (RSAC).

What if it was the Marvel Cybersecurity Universe? (MarketWatch) The cybersecurity industry has long been known as a battleground pitting black hats against white hats, but what happens when the biggest combatant picks up...

Cyber Attacks, Threats, and Vulnerabilities

Ransomware Attack at US Power Station (Infosecurity Magazine) A municipal light and power station in Massachusetts has been struck with ransomware

Ransomware posing rising threat to operational tech in industrial businesses (SC Magazine) A gradual increase in adversaries’ internal reconnaissance skills and abilities has enabled them to target systems that are vital to support the chain of production.

DISA breach could provide leverage to nation state attackers, says ex-CIA officer (New Statesman) A hack on the Defence Information Systems Agency (DISA), responsible for US military comms including calls made by President Trump, exposed the personal data of about 200,000 people, it was announc

DoppelPaymer Ransomware Launches Site to Post Victim's Data (BleepingComputer) The operators of the DoppelPaymer Ransomware have launched a site that they will use to shame victims who do not pay a ransom and to publish any files that were stolen before computers were encrypted.

Mozart Malware Hides Traffic (Binary Defense) Discovered by MalwareHunterTeam, a new backdoor malware, called Mozart, has been found using DNS protocol to communicate with remote attackers to evade detection by security software. Normally when a malware communicates for commands, it does over HTTP/S protocols for ease of communication. Most security software monitors HTTP/S traffic and will block traffic that it determines …

Smart speakers mistakenly eavesdrop up to 19 times a day (Naked Security) That smart home speaker isn’t listening to everything you say, according to new research – but it is listening a lot more than it should.

Australian banks targeted by DDoS extortionists (ZDNet) Hackers are sending emails to banks asking for large payments in Monero, and threatening DDoS attacks if their demands aren't met.

Report: Global Sporting Goods Giant Leaks Spanish Employees’ Data & More (vpnMentor) The vpnMentor cybersecurity research team, led by Noam Rotem and Ran Locar, have uncovered a leaking, active database with over 123 million records and greater

Google stops indexing WhatsApp chats; other search engines still at it (Naked Security) Private chat invites aren’t meant to be unfindable, Facebook says, though a snippet of code eventually shielded them from Google indexing.

Google denies illegally slurping data off free student Chromebooks (Naked Security) Nonsense! says Google in response to a lawsuit filed by New Mexico’s AG, which accuses Google of violating COPPA’s child privacy laws.

A security mishap left Remine wide open to hackers (TechCrunch) Security is all too often focused on keeping hackers out and breaches at bay. But in the case of Remine, a real estate intelligence startup, it left its doors wide open for anyone to run rampant. Remine is a little-known but major player in the real estate analytics and intelligence market. It work…

Magecart skimmers ran keyloggers on commerce provider's we for two-and-a-half years (Computing) Ecommerce platform compromised by eight different skimmers hosted accounts for a number of high-profile organisations

Sports retailer Decathlon spills 123 million records, including unencrypted employee passwords (Computing) Improperly secured AWS ElasticSearch database contained ‘treasure trove’ of employee data, which may include UK staff

Decathlon patches database after 123 million records exposed (SC Magazine) Sporting goods retailer Decathlon put over 123 million records in the open, in a misconfigured ElasticSearch server, found security researchers at vpnMentor

FCA admits revealing confidential details of 1,600 consumers (the Guardian) Data breach involved names, addresses and phone numbers of some complainants

Unsupported, Unpatched: New Windows Security Holes (EE Times) Many generations of older Windows systems are still widely used in industrial Internet of things (IIoT) and industrial control system (ICS) installations. The fact that Windows 7 reached end-of-life last month only broadens the already-vulnerable attack surfaces of IIoT and ICS networks and gives hackers even greater opportunity to infect them with malware and disrupt operations.

Honeywell WIN-PAK (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Honeywell Equipment: WIN-PAK Vulnerabilities: Cross-site Request Forgery, Improper Neutralization of HTTP Headers for Scripting Syntax, Use of Obsolete Function 2. RISK EVALUATION Successful exploitation of these vulnerabilities allows an attacker to perform remote code execution.

Moxa PT-7528 and PT-7828 Series Ethernet Switches (CISA) 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: PT-7528 Series and PT-7828 Series Vulnerabilities: Stack-based Buffer Overflow, Use of a Broken or Risky Cryptographic Algorithm, Use of Hard-coded Cryptographic Key, Use of Hard-coded Credentials, Weak Password Requirements, Information Exposure 2.

Moxa ioLogik 2542-HSPA Series Controllers and IOs, and IOxpress Configuration Utility (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: ioLogik 2542-HSPA Series Controllers and IOs, and IOxpress Configuration Utility Vulnerabilities: Cleartext Storage of Sensitive Information, Cleartext Transmission of Sensitive Information, Incorrectly Specified Destination in a Communication Channel

Moxa EDS-G516E and EDS-510E Series Ethernet Switches (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: EDS-G516E series, and EDS-510E series Vulnerabilities: Stack-based Buffer Overflow, Use of a Broken or Risky Cryptographic Algorithm, Use of Hard-coded Cryptographic Key, Use of Hard-coded Credentials, Classic Buffer Overflow, Cleartext Transmission of Sensitive Information, Weak Password Requirements 2.

Moxa MB3xxx Series Protocol Gateways (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: MB3170 series, MB3180 series, MB3270 series, MB3280 series, MB3480 series, and MB3660 series Vulnerabilities: Stack-based Buffer Overflow, Integer Overflow to Buffer Overflow, Cross-site Request Forgery, Use of a Broken or Risky Cryptographic Algorithm, Information Exposure, Cleartext Transmission of Sensitive Information, Weak Password Requirements, Cleartext Storage of Sensitive Information, Incorrectly Specified Destination in a Communication Channel

PSA: Google Nest Cam outage takes down live video, history (9to5Google) Google Nest is facing an outage this afternoon that sees "camera connectivity impacted." This sees "Nest Cam Live Video" go down...

Grayson Co. systems offline due to ransomware attack (KXII) The state is investigating after Grayson County government systems were hit with a ransomware attack early Monday morning.

Young Couple Loses $775K in Home Buying Cyber Scam (NBC 7 San Diego) Kevin and Nicole Noar have a tough time sleeping at night after losing their life savings while trying to buy their dream home in Carlsbad. “You go to bed and you’re in slight relief because you may get an hour or two of sleep, you stop thinking about it,” said Kevin Noar, who works as a chef. “As soon as…

Electric scooters could be vulnerable to remote hacks (ITP.net) Turns out, a helmet may not be enough to keep you protected when riding an e-scooter

Did President Trump jinx this bull market? Twitter just suspended a popular financial blogger calling him out on it (MarketWatch) “The Fly,” who has been known to engage in cyber-scuffles from time to time, called out the president by responding in a tweet that “you deserve a crash.”...

Security Patches, Mitigations, and Software Updates

Google patches Chrome zero-day under active attacks (ZDNet) This is the third Chrome zero-day discovered being exploited in the wild in the past year.

Mystery zero-day in Chrome – update now! (Naked Security) When a bug’s a zero-day that means it’s being actively exploited. So don’t delay, just patch today!

Google Patches Chrome Browser Zero-Day Bug, Under Attack (Threatpost) Google patches zero-day bug tied to memory corruptions found inside the Chrome browser's open-source JavaScript and Web Assembly engine, called V8.

A new RCE in OpenSMTPD's default install, patch available (Help Net Security) Less than a month after the patching of a critical RCE flaw in OpenSMTPD, a new, similar one has been revealed: CVE-2020-8794.

Android 11 to clamp down on background location access (Naked Security) Is Android finally about to get on top of the issue of apps that quietly suck up location data?

Firefox turns controversial new encryption on by default in the US (The Verge) The technology has faced criticism from lawmakers.

Cyber Trends

Almost Half of Orgs Have Dedicated Cyber-Threat Intelligence Team (Infosecurity Magazine) 85% of orgs have at least some kind of resource focusing on CTI

Almost three-quarters of all phishing sites now use SSL protection (Help Net Security) Almost three-quarters of all phishing sites now use SSL protection, so users can’t rely on SSL alone to evaluate whether a site is safe or not.

IT Security Leaders Engage in Risky Security, Password Habits (HealthITSecurity) IT security professionals are engaging in risky password and authentication practices, with 50 percent admitting to reusing passwords across workplace account, according to a Yubico report.

27M people affected by health data breaches in 2019 (Health Exec) More than 27 million people were affected by breaches of private health information (PHI) in 2019, according to a new report from Bitglass.

What Criminals Do with Your Data on the Dark Web (Advisor Perspectives) If you want to scare the heck out of yourself, read this report from VPNoverview on typical “dark web” data theft sites, including the cost for compromised data such as PayPal transfers, bank cards, and full identities.

What hinders cybersecurity in the public sector? (Fifth Domain) Budgetary constraints and complex IT environments hurt public-sector organizations' cybersecurity efforts.

Marketplace

Huawei's offer to license 5G tech to US firm to create an American rival is still 'on the table' (CNBC) Last year, Huawei's founder and CEO Ren Zhengfei said the company would be willing to license its 5G technology exclusively to an American firm so that the U.S. could create a rival. No company has taken up the offer yet.

cPacket Networks Secures $15 Million Investment from Morgan Stanley Expansion Capital (Globe Newswire) New Funding to Accelerate Product Innovation and Customer Growth

Why VMware Bought the Network Monitoring Startup Nyansa (Data Center Knowledge) The deal bolsters VMware’s position in the growing SD-WAN market and helps its push into AIOps.

Seven hackers have now made a million dollars each from bug bounties, says HackerOne (ZDNet) The bug bounty platform doubled in size in just a year. Its new report shows that ethical hacking is becoming a lucrative pastime.

ForgeRock Joins Identity Defined Security Alliance (Globe Newswire) ForgeRock®, the leading provider in digital identity, today announced that it has joined the Identity Defined Security Alliance (IDSA). The IDSA is a non-profit that facilitates community collaboration to help organizations reduce risk by providing education, best practices and resources.

IntSights Enhances All-Star Executive Team With Veteran Chief Compliance Officer (Yahoo) Global Threat Intelligence Leader is First Provider in the Market to Join Payment Card Industry Security Standards Council

Products, Services, and Solutions

Keysight’s New Security Operations Platform Enables Organizations to Measure and Improve Effectiveness of Operational Security (Ixia) Keysight’s Threat Simulator delivers actionable recommendations for addressing vulnerabilities and real-time threat intelligence

Valimail Declares: DMARC Visibility Should Be Free (BusinessWire) Valimail DMARC Monitor is being offered for free to help end domain impersonation, phishing and business email compromise (BEC) attacks.

NSS Labs Announces New Ratings System Along with Advanced Endpoint Protection Results (NSS Labs, Inc.) Product Rating Reports align with cyber risk management and insurance needs. AUSTIN, Texas – February 25, 2020 – NSS Labs, Inc., a global leader and trusted source for independent cybersecurity product testing, today announced the launch of a new product ratings system. Product ratings inform consumers about a product’s capacity to meet its obligations—enhancing transparency, and enabling …

NTT Ltd and Palo Alto Networks expand strategic partnership (NTT) NTT Ltd. today announced an expanded strategic partnership to offer a portfolio of intelligence-driven security products that will help clients minimize risk by reducing time to predict, detect and respond to attacks.

Oculeus Wins Cybersecurity Excellence Award for Third Consecutive Year in Category for Communications Fraud Protection Company Recognized for Protecting Enterprise Telephony Systems Against Telecoms Fraud With its AI-driven Oculeus-Protect Service (PR Newswire) Oculeus, a leading provider of innovative telecommunications solutions, today announced that the company has won the Cybersecurity Excellence...

Skybox Security Delivers Enhanced Vulnerability Management Powered by Microsoft Defender Advanced Threat Protection (Yahoo) Skybox® Security, a global leader in cybersecurity management, today announced it's integrated with Microsoft Defender Advanced Threat Protection (ATP) to expand vulnerability management for enterprises that deploy workloads across hybrid and cloud network environments. In addition, Skybox announces

Fortinet Introduces Self-Learning Artificial Intelligence Appliance for Sub-Second Threat Detection (Yahoo) John Maddison, EVP of products and CMO at Fortinet“Fortinet has invested heavily in FortiGuard Labs cloud-based, AI-driven threat.

TNS Joins Verifone Managed Network Service Provider Program (Yahoo) Transaction Network Services (TNS) has completed certification in the Verifone Managed Network Service Provider (MNSP) Program.

Zscaler launches cloud security-focused partner program (ARN) Zscaler has launched a new partner program based on its cloud security platform.

Introducing the Morphisec Unified Threat Prevention Platform -- Version 4 (Morphisec) Version 4.0 of the Morphisec Unified Threat Prevention Platform, built on moving target defense technology, is architected to protect your critical infrastructure from fileless attacks, evasive malware, zero days, and in-memory exploits. Now available for the Linux OS.

Digital Guardian Launches Managed Detection & Response (MDR) Service (Yahoo) Securing data, systems and users by combining industry leading cloud-delivered EDR technology, backed by Digital Guardian's Advanced Threat & Analysis Center (ATAC)

Wind River Labs Unveiled to Drive Developer Innovation at the Intelligent Edge (Wind River Labs) Developer-focused site provides access to software projects, proofs-of-concept, open source integrations, experimental software, and first-ever freely available VxWorks® SDK.

Karamba Security XGuard System Protects Against Vehicle Cyber Attack (DBusiness Magazine) Karamba Security, which has an office in Bloomfield Hills offered a roadshow-like event to show potential customers its vehicle cyber protection.

ReliaQuest Introduces Integrated Attack Simulations to Protect Environments Against Real-World Cyber Threats (PR Newswire) ReliaQuest, a leader in enterprise cybersecurity, today announced Verify, a new core capability of the GreyMatter platform that offers...

Technologies, Techniques, and Standards

5 Major Trends that Are Fueling the Machine Identity Crisis (Venafi) Venafi reveals the five trends behind the machine identity crisis. Find out what the research reveals, and how to be part of the solution in 2020.

How I learned to stop worrying and love ‘grey hat’ tools (Sophos) A comprehensive security solution needs a sense of subtlety: not all machine code lends itself to be classified easily as malicious. As with most things in life, there’s a grey area in malware detection that includes hacking tools, poorly designed or easily exploitable applications, or borderline adware that provides little benefit to the unfortunate user of the machine running it.

Comprehensive Network Protection (Bricata) Learn more about why comprehensive network protection requires unparalleled network visibility, full-spectrum threat detection, threat hunting, and post-detection actions.

Threat Intelligence is Crucial in the Combat Against Cybercrime (EC-Council Official Blog) Threat Intelligence (TI) is a concept that works on evidence-based knowledge, which fits all sizes of organizations.

Why Minimizing Human Error is the Only Viable Defense Against Spear Phishing (The Hacker News) If defending against spear phishing attacks is your top cybersecurity priority, minimizing human error is the only viable defense.

Government-Run Energy Company Keeps Reeling in the Same Employees in Phishing Training (Nextgov.com) The Tennessee Valley Authority has a good initial phishing training program in place but lacks real consequences for those that fail.

Getting Started With Wireshark (Black Hills Information Security) Hello and welcome, my name is John Strand and in this video, we’re going to be getting started with Wireshark. Now, Wireshark is very similar to TCPDump, in fact, a lot of people actually prefer Wireshark to TCPDump, but I look at them as two completely different utilities. TCPDump is fantastic for creating scripts, going …

Design and Innovation

Gmail Is Catching More Malicious Attachments With Deep Learning (WIRED) Users of Gmail get 300 billion attachments each week. To separate legitimate documents from harmful ones, Google turned to AI—and it’s working.

AI Deception: When Your Artificial Intelligence Learns to Lie (IEEE Spectrum) We need to understand the kinds of deception an AI agent may learn on its own before we can start proposing technological defenses

Academia

CyberPatriot XII National Finalists Announced (Yahoo) CyberPatriot XII National Finalists AnnouncedPR NewswireARLINGTON, Va. 25, 2020 /PRNewswire/ -- The Air Force Association (AFA) announced recently the 28 National Finalist teams that will compete at the CyberPatriot XII National Finals Competition in Bethesda, MD.

NTT Research to Collaborate with UCLA and Georgetown on Cryptography and Blockchain (Yahoo) Cryptography and blockchain are the focus of two new joint research agreements for NTT Research, working in partnership with UCLA and Georgetown.

Mercyhurst to house intelligence community hall of fame (GoErie.com) The U.S. intelligence community will soon have its own hall of fame.

Legislation, Policy and Regulation

Cyberspace needs to be regulated (The New Times) One of the most challenging questions of the contemporary world is whether existing international norms apply in cyberspace.

Internet Shutdowns Become a Favorite Tool of Governments: ‘It’s Like We Suddenly Went Blind’ (Wall Street Journal) Governments are increasingly ordering telecoms to turn off web access in neighborhoods, regions or whole countries, sometimes for months, blocking the flow of news and information.

The evolution of the internet and geopolitics (Atlantic Council) Cyber Statecraft Initiative experts answer five questions on how the changing internet is shaping the conduct of statecraft.

NATO Has ‘Growing Realization’ About Risks of Using Huawei Gear, Top General Says (Defense One) But USAF’s Wolters offered no evidence that U.S. officials are persuading allies to shun Chinese 5G networking products.

Trump official compares Huawei to 'the Mafia' as White House works on 5G battle plan (CNBC) A senior Trump administration official denounced the company as "the Mafia" and suggested it could spy on the British Parliament.

Huawei ban: Full timeline on how and why its phones are under fire (CNET) Here's a breakdown of the controversial Chinese telecom and phone maker's saga so far.

Internal Docs Show Why the US Military Publishes North Korean, Russian Malware (Vice) A previously secret document obtained by Motherboard shows how, and why, CYBERCOM is publicly releasing malware from adversaries.

N.S.A. Phone Program Cost $100 Million, but Produced Only Two Unique Leads (New York Times) A disputed program that allowed the National Security Agency to gain access to logs of Americans’ domestic calls and texts yielded only one significant investigation, according to a newly declassified study.

The Pentagon promises to use artificial intelligence for good, not evil (Military Times) The Defense Department announced five ethical principles it plans to live by as it develops and uses artificial intelligence.

Industry Offers Quick Fixes For Major Pain Points In Security Clearance Process (Nextgov.com) The background investigations backlog and wait times are down, but contractors still see hurdles in getting people cleared for sensitive work.

Dueling Narratives Emerge From Muddied Account of Russia’s 2020 Interference (New York Times) President Trump’s national security adviser intimated that the Russians were backing Bernie Sanders, as Joe Biden blamed Mr. Trump and other Republicans for the continued interference.

The Cybersecurity 202: Democrats punch at Putin, Trump and each other over Russian hacking (Washington Post) Rivals of Sen. Bernie Sanders (I-Vt.) are seizing on news that Russia is trying to help his campaign as a way to take down the Democratic front-runner.

The 'accidental director' on the front line of the fight for election security (TheHill) Christopher Krebs, the first director of the Cybersecurity and Infrastructure Security Agency (CISA), is zeroing in on elections ahead of November.

Cyber is the most ‘consequential’ issue for Transportation Command (Fifth Domain) Cybersecurity vulnerabilities still pose one of the greatest challenges to Transportation Command.

John Ratcliffe back under consideration by Trump for top intel job (TheHill) Rep. John Ratcliffe (R-Texas) is back under consideration as a potential pick to serve as President Trump's next Director of National Intelligence (DNI), sources confirmed to The Hill on Tuesday.

Litigation, Investigation, and Enforcement

UK court told Assange tried to call White House, Hillary Clinton over data dump (Reuters) Julian Assange tried to contact Hillary Clinton and the White House when he real...

Case Dropped Against Coalfire Pen Testers Accused of Burglary (Infosecurity Magazine) Charges have been dismissed against Coalfire employees accused of burgling their courthouse client

A former Boeing manager suspected of spying for China says that he, like Carter Page, was the victim of a flawed national security investigation (Washington Post) The California man wants the Justice Department’s inspector general to review a secret government search warrant that he claims was riddled with errors.

Former Franklin Regional student to serve probation for cyber attack that crippled school, county computers (TribLIVE.com) The lawyer for a former Franklin Regional High School student convicted of a cyberattack that disrupted more than a dozen computer systems throughout Westmoreland County in late 2016 told a judge it was all just a prank. Defense attorney Lyle Dresbold said Michaela G. King uploaded a computer program she

Cybersecurity expert surprised by Homeland Security tip to Elizabeth police (KUSA) The federal department shared school shooting threat information which led to the closure of Elizabeth High School on Friday.

Court Order Lets Terpin’s Claims Against AT&T Mobility Proceed to Trial; Terpin Will File Additional Allegations to Preserve Punitive Damages Relief for up to $200 Million (Yahoo) Otis Wright II ruled yesterday that plaintiff Michael Terpin can proceed with statutory, contract, and tort damages claims against AT&T Mobility for $24 million resulting from the theft of cryptocurrency that he contends was directly caused by an AT&T agent bribed by a criminal gang. The Court ruled

What to do if someone hijacks your company's trade mark (Computing) Cripps Pemberton Greenish partner Kathryn Rogers explores the options in trade mark disputes following from the BT-Technology Will Save Us trade mark spat

RSAC 2020. Google patches Chrome 0-day. Ransomware versus infrastructure. Retailer exposes ElasticSearch database.

Bring your own context.

Coming soon: CyberWire Pro.