Are you using threat intelligence to its full potential?

Are you using threat intelligence to its full potential? Download this free report via Recorded Future to learn 12 common threat intelligence use cases.

The daily briefing.

Mexico's central bank now says that it appears there may have indeed been unauthorized transfers through the country's interbank SPEI system.

In a surprising development over the weekend, US President Trump seems willing to toss ZTE some sort of unspecified lifeline to keep them in business. ZTE has been subject to US sanctions that effectively barred it from using US software and components in its products. The company last week announced it had stopped its major operations. The US beef with ZTE centered on the company's flouting of sanctions imposed on Iran.

CrowdStrike says it's already discerned an increase in Iranian cyber operations against US targets. The company's researchers say they saw the uptick begin within twenty-four hours of the US announcement that it would withdraw from the Iran nuclear deal.

Among Facebook and Instagram ads purchased by the Russian troll-farm Internet Research Agency were several promoting a problematic Chrome extension, FaceMusic. FaceMusic catered to several demographics but was most successful among American girls ages 14 to 17. The extension collected Facebook and web-browsing information. It also messaged "Friends" of those who installed it.

Russia's blocking of Telegram prompted self-described Anonymous hackers to deface websites belonging to Rossotrudnichestvo, the Federal Agency for International Cooperation. Among remarks denouncing censorship, the defacements called media regulator Roskomnadzor "a handful of incompetent brainless worms." 

Facebook's on-going review of data-collecting apps has resulted in suspension of about two hundred. Apple, cleaning its Store in preparation for GDPR, is clearing out apps that inappropriately gather information.

Cylance is proud to be the CyberWire sustaining sponsor for 2018. Learn more about how Cylance prevents cyberattacks at cylance.com

A note to our readers: we'll be in New York tomorrow, covering the Third Annual Cyber Investing Summit. Watch for coverage, including some live-tweeting, of the proceedings.

Today's edition of the CyberWire reports events affecting Australia, China, Estonia, European Union, France, India, Indonesia, Ireland, Iran, Mexico, Russia, United Kingdom, United States.

Dragos unveils dashboard of ICS-focused threat groups.

The Dragos Intelligence Team tracks a number of industrial-focused activity groups aimed to exploit, disrupt, and potentially destroy industrial systems globally. Each week in May, Dragos will release new content discussing these adversary details that can be read here.

On the Podcast

In today's podcast we speak with our partners at Accenture, as Justin Harvey shares his thoughts on whether the the US withdrawal from the Iran nuclear deal will lead to more cyber attacks from Iran.

Sponsored Events

Cyber Security Summits: May 15 in Dallas & Boston on June 5 (Dallas, Texas, United States, May 15, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, CenturyLink, IBM Security and more. Register with promo code cyberwire95 for $95 VIP admission (Regular price $350) https://CyberSummitUSA.com

Third Annual Cyber Investing Summit 5/15/18 (Dallas, Texas, United States, May 15, 2018) Renowned cyber security executive David DeWalt will deliver the keynote address at the Third Annual Cyber Investing Summit. The Cyber Investing Summit is a unique all-day conference focused on the financial opportunities available in the rapidly growing cyber security industry. Panels will explore sector investment strategies, market growth forecasts, equity valuations, merger and acquisition activity, cryptocurrency protection, funding for startups, and more. Speakers include leading Chief Information Security Officers, VC founders, financial analysts, cyber security innovators from publicly traded and privately held companies, and government experts.

Startup CEO: Managing a Legal Team for Fun & Profit (Fulton, Maryland, United States, May 31, 2018) DataTribe's Al Clark will share his expertise in providing legal counsel to local tech startups. He'll answer questions on how to gain the most out of and what to look for in legal counsel that will lead to a relationship of lowering risk and saving money. Food and beverages are provided.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

Sponsored: 2017 Cylance Threat Report (Cylance) Which side of the knowledge gap will your organization be on? Let our knowledge of the past prepare you for the future. Download the report today.

NGA official: Artificial intelligence is changing everything, ‘We need a different mentality’ (SpaceNews.com) NGA is modernizing its cloud architecture “to allow our analysts to live in the data."

Security Patches, Mitigations, and Software Updates

NGA official: Artificial intelligence is changing everything, ‘We need a different mentality’ (SpaceNews.com) NGA is modernizing its cloud architecture “to allow our analysts to live in the data."

Cyber Trends

NGA official: Artificial intelligence is changing everything, ‘We need a different mentality’ (SpaceNews.com) NGA is modernizing its cloud architecture “to allow our analysts to live in the data."

Marketplace

NGA official: Artificial intelligence is changing everything, ‘We need a different mentality’ (SpaceNews.com) NGA is modernizing its cloud architecture “to allow our analysts to live in the data."

Products, Services, and Solutions

NGA official: Artificial intelligence is changing everything, ‘We need a different mentality’ (SpaceNews.com) NGA is modernizing its cloud architecture “to allow our analysts to live in the data."

Technologies, Techniques, and Standards

NGA official: Artificial intelligence is changing everything, ‘We need a different mentality’ (SpaceNews.com) NGA is modernizing its cloud architecture “to allow our analysts to live in the data."

Design and Innovation

NGA official: Artificial intelligence is changing everything, ‘We need a different mentality’ (SpaceNews.com) NGA is modernizing its cloud architecture “to allow our analysts to live in the data."

Academia

NGA official: Artificial intelligence is changing everything, ‘We need a different mentality’ (SpaceNews.com) NGA is modernizing its cloud architecture “to allow our analysts to live in the data."

Legislation, Policy, and Regulation

Trump Extends Lifeline to Sanctioned Tech Company ZTE (Wall Street Journal) President Trump said he was working with Chinese President Xi Jinping to keep ZTE in business, throwing an extraordinary lifeline to the Chinese telecommunication giant that has been laid low by U.S. moves to cut off its suppliers.

President Trump says he’s working to give ZTE a reprieve (TechCrunch) In a remarkable development, President Trump has thrown an olive branch to controversial Chinese telecom firm ZTE . The company, which sells telcom network equipment and consumer devices including smartphones, said on Wednesday that it would cease its main business operations after the U.S. Departm…

Here's how the US has paralyzed Chinese phone maker ZTE (CNET) The company, despite shutting down operations, is still fighting for its life.

ZTE woes loom as US-China trade tensions rise (ABS-CBN News) With a major Chinese smartphone maker on the rocks following US sanctions, the trade spat between Washington and Beijing appears to be taking a turn for the worse for tech firms in the 2 global economic powerhouses. 

Schiff warns of cybersecurity threat from ZTE (CNN) After President Donald Trump vowed to help Chinese tech giant ZTE, Rep. Adam Schiff (D-CA) warns that the firm poses a "major cybersecurity threat."

UK Regulator Issues Advice on 'Consent' Within GDPR (SecurityWeek) Once the UK leaves the EU, GDPR within the UK will be replaced by the new Data Protection Bill, which is designed to ensure the UK's data protection adequacy.

The UK and USA need to extend their “special relationship” to technology development (TechCrunch) Matt Hancock Contributor Share on Twitter Matt Hancock is the Secretary of State for Digital, Culture, Media and Sport and a Member of Parliament for West Suffolk. The UK and the USA have always had an enduring bond, with diplomatic, cultural and economic ties that have remained firm for centuries.…

Here's How a National Cybersecurity Agency Could Work (Nextgov.com) A central authority could reduce the complexity that exists today.

After the San Bernardino iPhone fiasco, lawmakers introduce the Secure Data Act (Digital Trends) Lawmakers introduced the Secure Data Act on Friday: a new bill that prevents law enforcement and surveillance agencies from forcing companies to insert backdoor entrances into their products and services. The bill was presented by U.S. Representatives Zoe Lofgren (D-Calif.) and Thomas Massie (R-Ky.) along with four co-sponsors.

Senator freezes DHS cyber nominee over Stingray info (FCW) Sen. Ron Wyden wants info on use of rogue cell-tracking Stingray devices in the nation's capital before he'll confirm a new cybersecurity leader at the Department of Homeland Security.

Cops Can Find the Location of Any Phone in the Country in Seconds, and a Senator Wants to Know Why (Motherboard) Here are the letters Senator Ron Wyden sent to mobile carriers and the FCC demanding answers and action on the recently highlighted law enforcement service to easily track phones across the country.

Litigation, Investigation, and Law Enforcement

Oracle claims Google exfiltrates 1GB of data from Android phones every month | Computing (http://www.computing.co.uk) Oracle gives evidence to Australian Competition and Consumer Commission investigation into Google,Security,Hardware,Communications ,Security,Privacy,Data,Google,Australia,GDPR

NCA: UK Cybercrime Continues to Rise (Infosecurity Magazine) Attribution and under-reporting challenges compound problems for crime-fighters, says agency

Anonymous Member Arrested in Ohio (BleepingComputer) The Federal Bureau of Investigation has arrested an Ohio man on accusations of launching DDoS attacks on websites belonging to the city of Akron.

Barclays CEO’s Penalties Over Whistleblower Saga Top $1.5 Million (Wall Street Journal) Barclays Chief Executive Jes Staley has been hit with penalties equal to roughly a quarter of his 2016 pay over his efforts to unmask a whistleblower.

Cyber Events

For a complete running list of events, please visit the event tracker on the CyberWire website.

Cyber Security Summit - CYBERWIRE95
Third Annual Cyber Investing Summit 5/15/18

Upcoming Events

Cyber Ready 2018 Cybersecurity/Intel Conference (MacDill Air Force Base, Florida, USA, May 14, 2018) Major General Mike Ennis (USMC, ret), CIA National Clandestine Service's first Deputy Director for Community Human Intelligence (HUMINT), will deliver the keynote. The conference will also feature an all-audience tabletop simulation exercise by Professor of Law Amos N. Guiora, SJ Quinney School of Law, University of Utah, and a presentation on "Challenges in Cyber Education" by Daniel Stein, DHS Branch Chief for Cybersecurity Education and Awareness.

Cyber Investing Summit (New York, New York, USA, May 15, 2018) Now in its third year, the Cyber Investing Summit is an all-day conference focusing on investing in the cyber security industry, which is predicted to exceed $1 trillion in cumulative spending on products and services over the next five years from 2017 to 2021. Panels will explore the financial opportunities, trends, challenges, and investment strategies available in the high growth cyber security sector. Speakers include leading cyber professionals, technology analysts, venture capitalists, fund managers, investment advisors, government experts, and more. Attendees will have the opportunity to network with key influencers in the investment and cyber security industries. A cocktail reception will be held following the presentations.

Third Annual Cyber Investing Summit (New York, New York, USA, May 15, 2018) Renowned cyber security executive David DeWalt will deliver the keynote address at the Third Annual Cyber Investing Summit. The Cyber Investing Summit is a unique all-day conference focused on the financial opportunities available in the rapidly growing cyber security industry. Panels will explore sector investment strategies, market growth forecasts, equity valuations, merger and acquisition activity, cryptocurrency protection, funding for startups, and more. Speakers include leading Chief Information Security Officers, VC founders, financial analysts, cyber security innovators from publicly traded and privately held companies, and government experts.

The Cyber Security Summit: Dallas (Dallas, Texas, USA, May 15, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts. Learn from cyber security thought leaders and Engage in panel discussions focusing on trending cyber topics such as Sr. Leadership’s Best Approach to Cyber Defense, What’s Your Strategic Incident Response Plan?, Protecting your Enterprise from the Human Element and more. Your registration includes a catered breakfast, lunch, and cocktail reception. Receive half off your admission with promo code cyberwire50 at CyberSummitUSA.com and view details including the full agenda, participating solution providers & confirmed speakers. Tickets are normally $350, but only $175 with promo code.

Digital Utilitites Europe (Amserdam, the Netherlands, May 16 - 17, 2018) The conference will bring together key industry stakeholders to address the current challenges of the digitisation in the utilities sector. Join us in Amsterdam to hear latest business case studies and gain insight into technological advancements within the industry, as well as unique strategies utilised by to meet demands of rapidly changing energy consumer/prosumer market.

SecureWorld Houston (Houston, Texas, USA, May 17, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

Ignite18 (Anaheim, California, USA, May 21 - 24, 2018) Palo Alto Networks' sixth annual conference features highly technical insights based on firsthand experiences with next-generation security technologies, groundbreaking new threat research, or innovative technical best practices. Don’t miss this outstanding opportunity to share your expertise with our Ignite community of distinguished security professionals and researchers.

AFCEA/GMU Critical Issues in C4I Symposium (Fairfax, Virginia, USA, May 22 - 23, 2018) The AFCEA/GMU Critical Issues in C4I Symposium brings academia, industry and government together annually to address important issues in technology and systems research and development. The agenda for 2018 focuses on: innovations in software engineering, advances in data security, blockchain impact on C4I, exploiting machine learning, collaborative community resilience, IoT impact on national security, understanding information warfare, innovations in IT acquisition, and disruptive mobility technology.

3rd Annual Nuclear Industrial Control Cybersecurity and Resilience Overview (Warrington, England, UK, May 22 - 23, 2018) Now in its 3rd year, the Cyber Senate Nuclear Industrial Control Cyber Security and Resilience Conference will take place on May 22/23rd in Warrington United Kingdom. This two day executive forum will include presentations, roundtable working groups and panel sessions. Together we will address the escalating cyber risk and resilience challenges associated with the adoption and convergence of operational technologies in enterprise facing architecture. Practitioners will gain further insight into how to best respond to evolving cyber threats, the importance of effective risk management throughout the nuclear supply chain, innovations in detection and mitigation, configuration management and how can we incorporate resilience into critical control system components and business process.

PCI Security Standards Council’s Asia-Pacific Community Meeting (Tokyo, Japan, May 23 - 24, 2018) Join us for: networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes and industry expert speakers. The PCI Security Standards Council’s 2018 Asia-Pacific Community Meeting is the place to be. We provide you the information and tools to help secure payment data. We lead a global, cross industry effort to increase payment security by providing industry-driven, flexible and effective data security standards and programs that help businesses detect, mitigate and prevent criminal attacks and breaches.

North American Financial Information Summit (New York, New York, USA, May 23, 2018) Data is the most vital asset of any financial services firm. With volumes increasing exponentially, and the complexity and structure continuously changing, it is more vital than ever to keep on top of EDM strategy and analytical capabilities, while of course remaining compliant. Join us for the only conference around to challenge your current data strategy and evaluate your technology investments. Have your voice heard at interactive workshop tables, learn from peers facing the same challenges at their respective firms, listen to the experts, hear their success stories, and meet 350+ senior decision makers over 5 networking breaks - all this for only one day out of the office!

SecureWorld Atlanta (Atlanta, Georgia, USA, May 30 - 31, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

RISKSEC (New York, New York, USA, May 31, 2018) Welcome to the 2018 New York City RiskSec Conference. As SC Media approaches our 30th anniversary, we fully understand the avalanche of cybersecurity-related problems, responsibilities and aspirations you face. Like no other time before, data security is crucial to you and your corporate executives. With an avalanche of massive data breaches that compromised millions of users’ data and cost senior-level executives their jobs and the endless other types of attacks that leveraged both new and traditional techniques, 2017 seemed yet another banner year for the infosec industry. We expect this year will be just as active as our attendees will face the challenge of both the criminal element and nation states stepping up their aggressive activities. On top of these, insider threats, supply chain vulnerabilities, regulatory demands and increasing dependence on IoT, AI, cloud apps, mobile devices and still other technologies will continue to convolute your tactical and strategic cybersecurity aims.

Cyber:Secured Forum (Denver, Colorado, USA, June 4 - 6, 2018) Cyber:Secured Forum will feature in-depth content on cybersecurity trends and best practices as related to the delivery of physical security systems and other integrated systems. Content is being collaboratively developed by SIA and PSA Security Network’s education teams and will feature top cybersecurity leaders. Additionally, sponsor exhibits will help showcase solutions related to cybersecurity, integrated systems and physical security solutions.

Campaign Cyber Defense Workshop (Boston, Massachussetts, USA, June 4, 2018) The Campaign Cyber Defense Workshop brings together experts from the region’s industry, university, and government organizations to address campaign security and effective practices for maintaining campaign integrity -- covering everything from data security to countering reputation attacks.

Gartner Security and Risk Management Summit 2018 (National Harbor, Maryland, USA, June 4 - 7, 2018) Prepare to meet the pace and scale of today’s digital business at Gartner Security & Risk Management Summit 2018. Transform your cybersecurity, risk management and compliance strategies and build resilience across the enterprise through leading-edge research and thinking on key topics such as agile architectures, BCM, cloud security, privacy and securing Internet of Things (IoT).

New York State Cybersecurity Conference (Albany, New York, USA, June 5 - 7, 2018) June 2018 marks the 21st annual New York State Cyber Security Conference and 13th Annual Symposium on Information Assurance (ASIA). Hosted by the New York State Office of Information Technology Services, in partnership with the University at Albany's School of Business, and The New York State Forum, Inc., the conference is part of a statewide effort to boost cyber security awareness and empower state and local governments, academia, organizations and citizens to take better control of their digital security.

The Cyber Security Summit: Boston (Boston, Massachusetts, USA, June 5, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts. Learn from cyber security thought leaders and Engage in panel discussions focusing on trending cyber topics such as Sr. Leadership’s Best Approach to Cyber Defense, What’s Your Strategic Incident Response Plan?, Protecting your Enterprise from the Human Element and more. Your registration includes a catered breakfast, lunch, and cocktail reception. Receive half off your admission with promo code cyberwire50 at CyberSummitUSA.com and view details including the full agenda, participating solution providers & confirmed speakers. Tickets are normally $350, but only $175 with promo code.

SecureWorld Chicago (Chicago, Illinois, USA, June 5, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

NSA 2018 Enterprise Discovery Conference (Ft. Meade, Maryland, USA, June 5 - 6, 2018) Hosted by the National Security Agency and the Federal Business Council (FBC). The EDC is the largest event held at NSA with over 1500 attendees from around the world. EDC provides a collaborative learning experience for professionals in the SIGINT Development field across the U.S. Intelligence Community and the other 5-Eyes partner nations: Australian Signals Directorate (ASD), Communications Security Establishment, Canada (CSE), Government Communications Headquarters, Great Britain (GCHQ), and Government Communications Security Bureau, New Zealand (GCSB).

Cyber//2018 (Columbia, Maryland, USA, June 6, 2018) Cyber touches all aspects of our life from the myriad of devices we have brought into our homes to those we employ on the job to increase and improve our productivity. Please join us for our 9th annual cyber conference, where we tackle some of the most relevant topics surrounding operating within the cyber landscape.

TU-Automotive Cybersecurity (Novi, MIchigan, USA, June 6 - 7, 2018) Co-located with the world's largest automotive technology conference & exhibition. The conference unites players from research labs, automakers, tier 1’s, security researchers, and the complete supply chain to plan for the imminent future.

SINET Innovation Summit 2018 (New York, New York, USA, June 7, 2018) Connecting Wall Street, Silicon Valley and the Beltway. SINET New York connects the United States’ three most powerful institutions and evangelizes the importance of industry, government and academic collaboration on security initiatives.

Transport Security and Safety Expo (Washington, DC, USA, June 11 - 12, 2018) Security incidents are expected to cost the world $6 trillion annually by 2021, making now the time to find out more at the 2018 Transport Security and Safety Expo. The transportation industry is rapidly digitizing, leading to greater risks and potential impacts from cyber and physical events. Understanding how to better safeguard operations and protect critical networks and infrastructure from damage is paramount, and opportunities like TSSX18 that bring the industry together for training and solutions are welcomed by SANS.

Transport Security & Safety Expo (Washington, DC, USA, June 11 - 12, 2018) The conference is devoted to the challenges and opportunities surrounding ensuring the safety and security of passengers and cargo in the digital age.

THE CYBERWIRE
Compiled and published by the CyberWire editorial staff. Views and assertions in source articles are those of the authors, not the CyberWire, Inc.