The Week that Was
Every Saturday, the CyberWire takes a look back in the Week that Was, a narrative summary of the past seven days' significant cyber security news. Designed for busy professionals who need a week-to-week perspective on developments and trends, the Week that Was provides context for the breaking stories of the day. Every issue is organized topically, with inline links to sources the reader can follow for amplified detail. Like the Daily News Briefing, the Week that Was is delivered to subscribers by email, free and spam-free.
Ukraine stops VPNFilter attack. Ticketmaster tip of the iceberg. Timehop and GDPR. Sons of Spectre. Fortunes of Commerce.
EU copyright law suffers setback. Phishing for agents. Autophishbait. Quiz leaks. Data abuse. Agency equities and commerce.
Data exposure. Cyber battlespace prep? Protection racket phishing. BEC up; cities and ransomware. Info ops. Industry notes.
Cyberespionage, cybercrime, and inadvertently leaky apps. Cyber authorities. Courtroom notes and industry news.
Summitry and sanctions. Speculative execution bug. Baba Yaga malware. Wiper misdirection. DoJ IG reports. Industry notes.
Zip Slip. VPNFilter comeback. Chinese espionage. Russian influence operations. Industry notes. BEC group found.
Hybrid warfare: states and gangs. Cobalt gang is back. Content moderation woes. Courts, crimes, patches, and industry notes.
Speculative Store Bypass in chipsets. VPNFilter as battlespace prep. GDPR is here. Courts, crime, and industry notes.
Botnets, spyware, and phishing for Ether. Policy updates, crime and punishment, and industry notes.
Iranian & US tension rises. Winnti umbrella. Malware notes. Influence operations. GDPR prep. Patches, Industry notes.
Fancy Bear's backdoors? Yahoo boys' BEC. Router vulnerabilities. Domain fronting. States of nature. Policy. Industry notes.
Orangeworm. Spoofing hotel keys. Cyber conflict and information ops. Tendencies toward delusion. Legal, industry notes.
Deterrence, cyber conflict, and current tensions. BEC and bad apps. Patching news. Industry notes.
Router rooters. Cyber espionage. Sinkholing a criminal service. Cyber conflict. Facebook testifies. Legal & industry notes.
Retail and utility breaches. Cyber battlespace prep. Facebook's troubles mount. Litigation and prosecution. Industry notes.
Municipal ransomware. Fitness app compromised. WannaCry's return. Tensions with Russia. Data scandal notes.
Guccifer 2.0 is GRU. Iranian hackers indicted. Grid threats, diplomacy, rising tension. Facebook troubles. Industry notes.
Assassination attempts as cyber casus belli? South China Sea hacking. Disclosure. SEC's teeth. Industry notes.
Memcrash extortion. Aggressive cryptojacking. ComboJack described. Influence operations and espionage. Industry notes.
Bears (or snakes) go to Berlin? A breach that wasn't. Memcrash and other DDoS matters. Getting forgotten. Industry notes.
OilRig, again. Lazarus Group has a kid brother. Regulatory risk. Cybercrime and state protection. Industry notes.
Russians, Americans, swap cyber conspiracy charges. The Americans' are more believable (full disclosure: we're Americans).
Infraud takedown. Olympic hacking. Cryptojacking, cryptofraud, legitimate cryptocoin. Content moderation. Industry notes.
CPU exploits under development? Grand Theft botnet. Phishing, espionage, and coin fraud. Social media vs. social good?
Espionage, cybercrime, and influence operations: nothing else holds fashion. (Except jackpots.)
Dark Caracal and other espionage efforts. Deterrence, defense, and resilience. Patch notes and industry news.
Turla's back. Spectre & Meltdown. Aadhaar news. Anti-botnet notes. Info ops & content moderation. Cryto coins, crypto wars.
Meltdown and Spectre. Iran's Internet crackdown. Content moderation. Aadhaar. Legal, patching, and industry notes.
Triton/Trisis malware hits industrial plant. Catphishing as spycraft. Mirai guilty pleas. Software fixes, industry notes.
Satori botnet up. State surveillance notes. Apparent ISIS fizzle. Bitcoin crimes and bubbles. Patches and industry news.
Mole hunters get their mole. AWS bucket slosh. Carelessness or misdirection? Card fraud down Black Friday? Industry notes.
The Uber hack: its history and probable consequences. Info ops, education, patch notes, scams, and industry news.
More transparency, accountability for US Vulnerabilities Equities Process? Mole hunting. Influence ops. Patches, malware, and excuses. Industry notes.
WikiLeaks opens Vault 8 (worse than Vault 7). More pseudoransomware. Amazon nudges better security onto AWS users. Paradise Papers, cyber conflict, and industry notes.
If it looks like ransomware, but isn't collecting much, odds are it's misdirection. Fancy Bear's wish list. Influence ops updates. Crypto wars. Industry notes.
CyCon's not good phishing. Kaspersky explains. BadRabbit back in the hat. Don't fear the Reaper (botnet). Breach updates. Industry notes.
Important proofs-of-concept: KRACK shakes up wi-fi, ROCA afflicts keys. NotPetya costs. Backdoors, surveillance debates.
Breaches at Accenture and Deloitte. More trouble for Experian (and TransUnion). Cyber espionage and Kaspersky. Influence and inspiration. Patch notes, and industry news.
Russian intelligence hacked NSA in 2015 (Kaspersky software may be implicated). Yahoo!'s epic breach got even more epic. Rumor and disinformation.
Deloitte's bad week. Equifax atonement (and continuing risk). SEC's big CAT. Truth and lies, and AI's religious vision.
SEC breached. More on Equifax. WikiLeaks leaks по-русски. Information ops. NIST on resiliency. Attribution. Industry notes.
More Equifax breach fallout. BlueBorne hits Bluetooth. Info ops and trust. Data supply chain. Industry notes.
The Equifax breach: origins, effects, and lessons. WikiLeaks and the ShadowBrokers are back (on schedule). Notes from the US Intelligence Community.
Kenya's Supreme Court invalidates presidential election over hacking concerns. Android DDoS botnet taken down. Ransomware updates. Current phishbait. Maritime jitters. Vault7 and other leaks. Cyber espionage in South Asia. Policy notes and industry news.
Vault7 leaks liaisonware. Crooks, cheats, cryptocurrencies, and clouds. USS McCain collision apparently not cyber-related. Persistent extremist inspiration. Spy vs. Spy. Industry notes.
Extremism online: public and private responses. The continuing effects of Equation Group leaks. Assessing costs of hacking at HBO, Maersk, and FireEye. US Cyber Command becomes a UCC. Hybrid war, cyber espionage, and influence ops investigations.
WikiLeaks releases "CouchPotato" documents. NotPetya's lingering business effects. Fancy Bear is in hotel Wi-Fi. Hybrid warfare updates. Rumors of DNC insider threat. HBO hack updates. GDPR notes. Password guidelines recanted. NIST's workforce framework. Crime and punishment. Patches. Industry notes.
Operation #LeakTheAnalyst. HBO hacked. NotPetya continues to hit bottom lines. Cryptocurrency tech and crime. A white hat may have been a black hat. Election hacking, leaks, and hybrid warfare. Patch notes and industry news.
Sweden's big data breach. More from WikiLeaks and the ShadowBrokers. Iranian and North Koreas cyber operations. NotPetya fallout. Cyberespionage. Android threats and vulnerabilities. Industry notes.
More sloshing from AWS S3 buckets. Cryptocurrency heists. Costs and effects of cyberattacks. Costs of censorship and Internet controls. A look at the dark web criminal markets. International conflict and cyber diplomacy. Industry notes. And congratulations Dr. Whitfield Diffie, FRS.
G20 and the cooperation that wasn't. Clausewitz comes to the cyber domain. Assessing NotPetya's cost. The Great Fire Wall and the Crypto Wars. GSA and Kaspersky. More from Vault7. Lawful intercept gets lawless? Leaky S3 buckets. Crime and punishment. Industry notes.
M.E. Doc and its role as NotPetya's patient zero. Enterprises continue NotPetya recovery. Warnings to US power plants. WikiLeaks dumps more Vault7 documents. Data toxicity? Notes on criminal markets.
Petya/Nyetya/NotPetya's rampage. WikiLeaks and the ShadowBrokers are back (as expected). Brute-force bears. ISIS vs. states and counties. The Five Eyes and the Crypto Wars. Regulation as carrot and stick. Cyber insurance and cyber warranties.
Westminster email credentials brute-forced. WikiLeaks dumps "Brutal Kangaroo" from Vault7. Insider threats. Energy sector responds to CrashOverride. WannaCry continues to infest the IoT. Election influence operations. Adware in Google's Play Store. Other exploits. Industry notes.
Leaks and patches. Hidden Cobra and Lazarus Group. Hybrid warfare and influence operations. Crimeware updates. CrashOverride and how ICS operators responded. Moderating extremism (harder than it looks). GDPR approaches.
NSA report leaked. Comey testifies. Hacks with diplomatic consequences. Really well-known wolves. Attribution, deterrence, retaliation. Counter-messaging. Cybercrime, patches and marketplace news.
Howling for jihad. Hybrid warfare. The murky arts of attribution. Patching. Ransomware rising. Anonymous says they're back. Tech trends in security software.
Lone wolves, known wolves, and packs. Counterterror law and policy. Leaky intelligence services? Doxing turns to disinformation. Ransomware's commodification. Backdoors, bugs, RATS, and stolen exploits.