skip navigation

More signal. Less noise.

Get your copy of the definitive guide to threat intelligence.

We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.

Daily briefing.

CYBERSEC DC

The inaugural meetings of CYBERSEC DC yesterday focused on the linkage between economic development and cybersecurity, particularly as that linkage is evolving along NATO's eastern flank. Sponsored by the Center for European Policy Analysis (CEPA) and the Kościuszko Institute and held at CEPA's headquarters in Washington, DC, the conference's announced goal was discussion of the "transatlantic quest for cyber trust."

The conference also sought to develop some high-level, yet actionable, recommendations for furthering such transatlantic cooperation. The conference took it as given that cyberspace had become a field of great power competition, and that the Western allies faced an immediate threat from Russia ("our friends to the East," as they were frequently called) in the form of hybrid war and its attendant information operations, and a more patient threat from China in the form of long-term economic entanglement.

The perspective was clearly informed by the experiences of the Three Seas countries, the Central and Eastern European nations that stretch from the Baltic to the Black and Adriatic Seas. It was also informed by the way in which cyber conflict has evolved: while it does now fall under NATO's Article 5 collective defense provisions, cyber warfare remains for the most part confined to actions that fall below the threshold of armed conflict, and thus not susceptible to the sort of responses and deterrence that have long been in place for conventional war.

Among the recommendations the conference developed with respect to "advancing secure digital transformation" were, first, auditing the assets in place that could serve both resilience and deterrence in the Three Seas region, second, arriving at a consensus among governments of the form 5G implementation will take; third, development of a "stronger narrative" concerning the value proposition of investment in digital transformation; fourth, auditing talent in the Three Seas region; and fifth, cooperating to develop truly international as opposed to merely regional standards. With respect to building cyber deterrence along NATO's eastern flank, the recommendations divided into achieving clarity about costs and advancing cooperation within the Atlantic Alliance.

The cost piece was particularly interesting, with an emphasis on identifying what the adversary (and in this context the adversary was principally the "friends to the East," Russia) valued, and determining how those values could be held at risk. The consensus of the panelists was that Moscow was likely to remain largely indifferent to naming-and-shaming, and so that other means of imposing costs would have to be pursued. The participants recommended full use of the NATO toolbox, including diplomatic and economic tools, and they argued that imposition of costs need not, and probably should not, be symmetric. That is, threatened retaliation for cyber attacks need not confine itself to cyber counterattacks.

We'll have further reflections on the conference available later.

Norsk Hydro has made significant strides toward recovering from yesterday's LockerGoga infestation. Computing reports that the company said this morning that it had recovered many of its affected systems, and is on its way toward restoring normal, "stable" operations. Early assessments, as summarized by the Washington Post, hold that this was low-level, commodity criminal activity with far-reaching effects.

DFRLab reports that Venezuela's disputed Chavista regime has used phishing to expose the identities of regime opponents, apparently with threatening intent.

Physician heal thyself. Security firm Cookiebot has looked into EU official government services sites and determined that a surprisingly large fraction of them leak personal information of EU citizens to various third-parties in ways that contravene the EU's GDPR regime. ZDNet calls it an infestation of "third-party adtech scripts."

The Wall Street Journal reports that the EU has fined Google's parent Alphabet €1.49 billion ($1.7 billion) for anti-competitive restriction of other companies' ads. This is last of three formal EU anti-trust actions against the company.

Facebook has settled a lawsuit by agreeing to change its advertising platform to reduce the possibility of discrimination in housing and employment, according to the New York Law Journal.

The number and volume of DDoS attacks dropped significantly after the FBI took down fifteen DDoS-for-hire sites in December, Threatpost reports. Researchers from NexusGuard found that, in the fourth quarter of 2018, the number of DDoS attacks sank by 11%, and average size of these attacks fell by 85%, so bravo FBI, but don't get cocky, kids.

Notes.

Today's issue includes events affecting Austria, Bulgaria, China, Croatia, Czech Republic, Estonia, European Union, Hungary, Latvia, Lithuania, Poland, Romania, Russia, Slovakia, Slovenia, South Africa, United Kingdom, United States, Venezuela, Vietnam, and Zimbabwe.

Getting your head in the cloud is down-to-earth.

"Cloud computing” is fast becoming simply “computing.” Enterprises need cloud-style quality of service across their hybrid information and technology environments. Visit Coalfire and download the latest Gartner Report, “Predicts 2019: Increasing Reliance on Cloud Computing Transforms IT and Business Practices,” for insight into how cloud computing has grown from a delivery option to an all-encompassing strategy. Learn how businesses leverage the cloud for efficiency and innovation. Visit www.coalfire.com and download your copy today.

In today's podcast, out later this afternoon, we speak with our partners at Virginia Tech's Hume Center, as Dr. Charles Clancy talks through the implications of updates to the GPS system. Our guest, Landon Lewis from Pondurance, talks about balancing AI and human intelligence.

And you'll also find Recorded Future's latest podcast, produced in cooperation with the CyberWire, interesting. In this episode, "Chinese Charm Attempts to Alter American Political Opinion," Priscilla Moriuchi discusses Insikt Group's recently published findings from their research into Chinese efforts to sway public opinion via social media.

Cyber Security Summits: April 2nd in Denver and in Philadelphia on April 25th (Denver, Colorado, United States, April 2 - 25, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, U.S. Secret Service, Dell, Oracle, Darktrace, Verizon and more. Passes are limited, secure yours today: www.CyberSummitUSA.com

Global Cyber Innovation Summit (Baltimore, Maryland, United States, May 1 - 2, 2019) This unique, invitation-only forum brings together a preeminent group of leading Global 2000 CISO executives, cyber technology innovators, policy thought leaders, and members of the cyber investment community to catalyze the industry into creating more effective cyber defenses. Request an invitation today.

Cyber Attacks, Threats, and Vulnerabilities

Venezuelan Pro-Regime Accounts Publish Personal Data of Phishing Victims (Medium) Phishing attack on website run by Venezuelan opposition exposed data of hundreds of sympathizers of Juan Guaidó, jeopardizing the victims’…

Vietnam ‘State-Aligned’ Hackers Are Targeting Auto Firms, FireEye Says (Bloomberg) FireEye, which designated the group as APT32 and dates its activities to 2014, said the attacks accelerated in early February.

SoftNAS® Vulnerability Disclosed by Digital Defense, Inc. Researchers (Digital Defense) Digital Defense, Inc., a leading security technology and services provider, today announced that its Vulnerability Research Team (VRT) discovered a previously undisclosed vulnerability in SoftNAS Cloud® data storage platform.​

Norsk Hydro recovers some systems following Lockergoga ransomware security breach (Computing) Norsk has recovered priority business systems after falling victim to Lockergoga ransomware attack

Analysis | The Cybersecurity 202: Hydro hack shows even low-level criminals can cause major disruptions (Washington Post) The ransomware attack crippled operations and caused a dip in stock prices.

Norsk Hydro production affected by cyber attack on US and European operations (Computing) Industrial systems of Norwegian aluminium producer targeted in cyber attack

Norway's Norsk Hydro Hit by 'Extensive' Cyberattack (SecurityWeek) One of the world's biggest aluminium producers, Norway's Norsk Hydro, has been hit by an "extensive cyberattack" that impacted operations.

EU government websites infested with third-party adtech scripts (ZDNet) Ironic as it may be, EU websites might not be compliant with the EU's own data protection rules.

Now-Patched Google Photos Vulnerability Let Hackers Track Your Friends and Location History (Imperva) A now-patched vulnerability in the web version of Google Photos allowed  malicious websites to expose where, when, and with whom your photos were taken. Background One trillion photos were taken in 2018. With image quality and file size increasing, it’s obvious why more and more people choose to host their photos on services like iCloud, …

Kaspersky Lab uncovers Windows zero-day exploited by recently-discovered threat actor (Business Standard News) Global cybersecurity major Kaspersky Lab said on Wednesday that its automated technologies have detected a new exploited vulnerability in Microsoft Windows, which is believed to have been used in targeted attacks by at least two threat actors,

Denial of service in Facebook Fizz due to integer overflow (CVE-2019-3560) (lgtm blog) An unauthenticated remote attacker could trigger an infinite loop in Fizz, Facebook's open source TLS library.

AVEVA InduSoft Web Studio and InTouch Edge HMI (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 6.5ATTENTION: Low skill level to exploitVendor: AVEVAEquipment: InduSoft Web Studio, InTouch Edge HMIVulnerability: Uncontrolled Search Path Element2. RISK EVALUATIONSuccessful exploitation of this vulnerability could allow execution of unauthorized code or commands.

Columbia Weather Systems MicroServer (ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 9.8ATTENTION: Exploitable remotely/low skill level to exploitVendor: Columbia Weather Systems, Inc.Equipment: Weather MicroServerVulnerabilities: Cross-site Scripting, Path Traversal, Improper Authentication, Improper Input Validation, Code Injection2.

Hacked tornado warning systems leave Texans in the dark (Naked Security) Add this latest public warning system sabotage to a growing list of fear-and-panic-spreading hacking incidents.

Widespread Office 365 and Gmail Misconfiguration Allows Hackers to Bypass Email Gateways (Avanan) If you’re using a gateway, and your mail flow accepts emails not from the gateway, then hackers can send mail directly to your users.

Beware of rise of formjacking, says Symantec (IT World Canada) Email remains among the biggest threats enterprises faced in 2018, according to a vendor report, but the increase in formjacking

Old devices are filled with personal data, Rapid7 research finds (CyberScoop) Despite warnings that people should erase personal data from old devices, a researcher found computers with SSNs, dates of birth, and credit data.

Assessing Internal Network with JavaScript, Despite Same-Origin Policy (BleepingComputer) Researchers are warning about a hacking technique that enables attacks on the local network using JavaScript on a public website. Using the victim's browser as a proxy, the code can reach internal hosts and do reconnaissance activity or even compromise vulnerable services.

Ransomware Fighter Lives in Fear for his Life (Security Boulevard) Ransomware cracker Fabian Wosar lives in hiding because of the threats and abuse he receives from those whose code he cracks.

Gearbest Database Leaks 1.5 Million Customer Records (BankInfoSecurity) An unprotected database belonging to Chinese e-commerce site Gearbest exposed 1.5 million customer records, including payment information, email addresses and other

Technical issue exposes customer data via Sprint website (SiliconANGLE) Sprint Corp. customers are reporting that they can see information from other customers via their online accounts, a technical issue that’s exposing private personally identifiable information.

Boeing 737 Max: Software patches can only do so much (ZDNet) Systems architects, engineers, and management can all learn from the history of the development of this complex aircraft.

Gargantuan Gnosticplayers breach swells to 863 million records (Naked Security) Another 26m records stolen from another six online companies brings this hacker’s total number of records to 863m from 38 websites.

These are the top ten security vulnerabilities most exploited by hackers (ZDNet) But one simple thing could help stop the vast majority of these attacks, say researchers.

This updated trojan malware campaign targets fintech and cryptocurrency trading companies (ZDNet) Cyber attacks attempts to deploy the keylogging, screenshot-taking, password-stealing Cardinal RAT malware.

Education and Science Giant Elsevier Left Users’ Passwords Exposed Online (Motherboard) Due a to a misconfigured server, a researcher found a constant stream of Elsevier users’ passwords.

BEC Goes Mobile as Cybercriminals Turn to SMS (Agari) As employees become more aware of phishing scams, cybercriminals are changing tactics, using SMS instead of email to encourage victims to send gift cards.

Sorry, Linux. We know you want to be popular, but cyber-crooks are all about Microsoft for now (Register) Oh, and Flash! Arrrrrggghhh

Microsoft Dominates 2018's Most Exploited Vulnerabilities (SecurityWeek) Eight of the top ten most exploited security vulnerabilities in 2018 affected Microsoft products, according Recorded Future's Cyber Threat Analysis.

Researcher Finds Novel Bug Class in Windows Kernel (SecurityWeek) James Forshaw, a security researcher working with Google Project Zero, has discovered a novel bug class that impacts Windows and some of its drivers.

Epic in hot water over Steam-scraping code (Naked Security) Players noticed that Epic Games was gathering and storing data from Steam accounts without their permission.

Fewer than 28% of gov.uk using DMARC effectively in line with guidelines (Help Net Security) Egress reveals a lack of preparation from several government email administrators, which in effect leaves domain users open to phishing attacks.

Spear Phishing: Top Threats and Trends (Barracuda Networks) Barracuda Networks is the worldwide leader in Security, Application Delivery and Data Protection Solutions.

Security Patches, Mitigations, and Software Updates

Microsoft won’t patch Windows registry warning problem (Naked Security) A security researcher has found a way to tinker with Windows’ core settings while persuading users to accept the changes.

PuTTY in your hands: SSH client gets patched after RSA key exchange memory vuln spotted (Register) Bunch of bugs stomped with version 0.71

Cyber Trends

DDoS Threats Report 2018 Q4 (Nexusguard) A new development: CSP (Communication Service Provider) networks — especially those at the ASN level — were hit by a stealthy, new volumetric attack whereby attackers contaminate legitimate traffic across hundreds of IP prefixes (some 159 ASNs, spanning 527 Class C networks, based on our findings) with small-sized, junk in order to bypass detection resulting in both maximum and average attack sizes decreased measurably YoY.

These Are the Worst Corporate Hacks of All Time (Bloomberg) As business processes and personal information move online, the number of data hacks is growing. Some are minor and go undetected, while others are so major that they can put an entire company at risk.

Post-Quantum Cryptography Becoming Relevant in Pre-Quantum World (eWEEK) Now is the time for enterprises to start preparing for Quantum computing-powered security breaches. They will start happening.

Nearly half of organizations lack the necessary talent to maintain security measures (Help Net Security) Regardless of their size, organizations share a common challenge: IT security teams are understaffed and overextended, but there’s a fix for it.

Marketplace

Unsurprisingly, only 14% of companies are compliant with CCPA (Help Net Security) The CCPA compliance deadline is January 1, 2020, but only 14% of companies are compliant with CCPA and 44% have not yet started the implementation process.

An internet pioneer is doubtful Mark Zuckerberg can refocus Facebook on privacy. Here's why. (Business Insider) Paul Vixie has spent decades working on privacy and security. He's skeptical Facebook can balance those with social networking.

Trump Blockade of Huawei Fizzles in European 5G Rollout (Bloomberg) ‘If the Americans have evidence, please put it out’: Vodafone

Tenable CEO Amit Yoran blasts 'smoke and mirrors' of cybersecurity industry (CyberScoop) “It’s an industry that has fed and continues to feed, to a large extent, off of fearmongering,” Tenable CEO Amit Yoran told CyberScoop.

How To Begin A Career In Cyber-Security (Forbes) What are some good tips for people who want to begin a career in cybersecurity?

What’s a Security Pro Worth in 2019? (Bricata) The national average salary for a cybersecurity position in the U.S. is $96,185. Here's a look at six studies examining cybersecurity compensation across positions of all levels.

Akamai Opens New Facility in Costa Rica (Costa Rica Star News) The digital technology company, Akamai, inaugurated this Monday, Match 18 its new facility in Costa Rica, located in Roble Corporate Center.

Swedish Cybersecurity Startup Detectify Heads to Boston (BostInno) First the French, now the Swedish — looks like European startups are making a beeline for Boston.

Blue Cedar Closes $17 Million Series B Financing to Accelerate Growth for No-Code Mobile App Security Integration (PR Newswire) Blue Cedar today announced a $17 million Series B financing round anchored by new investor C5 Capital, a...

Industrial Cybersecurity Firm Nozomi Launches Research Department (SecurityWeek) Industrial cybersecurity company Nozomi announces formal launch of its research department, Nozomi Networks Labs.

Varonis Announces “Partners in Excellence” Channel Award Winners (Nasdaq) Annual awards program celebrates channel partners for their commitment to helping organizations protect data, boost threat detection and achieve compliance with evolving regulations

Plixer Expands Operations in EMEA Market (Plixer) Plixer, the company that solves real-world security and network operations challenges, today announced their expansion of operations to support the rapid growth of customers and partners in EMEA.

CIS Taps GreyCastle Security Founder Reg Harnish for New Executive Vice President of Security Services Position (PR Newswire) CIS® (Center for Internet Security, Inc.) announced today that GreyCastle Security Founder Reg Harnish has ...

Daniel Papes Joins High-growth sndr, llc. as President and Chief Commercial Officer (PR Newswire) sndr, the information technology industry's leading provider of total enterprise data protection, announced today the...

CyFlare Adds Industry Veteran David Tran as VP International Channel Sales To Accelerate Growth Overseas (Digital Journal) CyFlare looks to leverage its momentum within the North American market and expand into international markets by adding industry veteran David Tran as VP International Channel Sales.

Security Industry Association Names Mark McCourt as 2018 Sandy Jones Volunteer of the Year (Security Industry Association) McCourt, who leads SIA’s Autonomous Robotics Working Group, will be honored at The Advance at ISC West 2019 on Tuesday, April 9.

Products, Services, and Solutions

Votiro Announces Strategic Alliance and Distribution Agreement with Ingram Micro Inc. (BusinessWire) Votiro announces a strategic alliance and distribution agreement with Ingram Micro, Inc., to help expand Votiro's market reach across North America.

Bromium Endpoint Protection and Threat Intelligence Sharing Strengthen HP Device as a Service Proactive Security Offering (Globe Newswire) Real-time threat isolation protects against malware introduced through email, browsers and files, providing enterprise-grade defense against threats

Cyber Notify Receives DHS S&T Global Award for Alerting Businesses of Spoofed Domains Before Fraud Damages (AP NEWS) Based on advanced algorithms and specialized expertise, the Cyber Notify pilot project developed by Dissect Cyber received a Department of Homeland Security Science and Technology global innovation award today for its proven ability to help defend against spoofed domains used for phishing and Business Email Compromise (BEC) exploitations.

WhiteHat Sentinel Source Standard and Essential Editions Receive Highest OWASP Benchmark Accuracy Ratings of All Submitted SAST Solutions (BusinessWire) WhiteHat Security, the leading application security provider committed to securing digital business, today announced that both WhiteHat Sentinel Sourc

SIA, NCS4 and ISC West Partner to Deliver Education on the Stadium of the Future (Security Industry Association) SIA Education@ISC will host The Stadium of the Future, a presentation highlighting current technology and capabilities gaps in security for the sports and entertainment industry.

Forcepoint to Expand Cybersecurity and Cross Domain Technology Support with the FBI (PR Newswire) Global cybersecurity leader Forcepoint today announced the award of a 5-year Blanket Purchase Agreement (BPA)...

DOSarrest Launches New Cloud Based Network Traffic Analyzer Service (PR Newswire) DOSarrest Internet Security announced today that they have released a new service offering called DOSarrest Traffic Analyzer (DTA).

Thales on facilitating safe drone traffic, fighting drones at airports (Runway Girl) Thales, a world leader in military drones, commercial avionics and air traffic management, has been tapped to lead a SESAR Joint Undertaking public/private project aimed at readying Europe for future increases in drone traffic. But Thales is also pursuing other initiatives aimed at stopping drones from causing disruptions at airports, and imperiling flight safety. Runway Girl Network recently reached out to Thales to learn more about its stated efforts on this front. Our Q&A with Thales executives is below.

WISeKey's WISePrint Solution Protects 3D Printing Industry Against Counterfeiting (Nasdaq) WISeKey International Holding Ltd ("WISeKey" or the "Company") (SIX: WIHN), a leading Swiss cybersecurity and IoT company announced that its WISePrint offers a complete solution to protect the 3D printing industry against counterfeiting.

KnowBe4 turns cybersecurity training into a spy thriller (St Pete Catalyst) KnowBe4, a Clearwater-based cybersecurity training firm, is launching a 12-episode video series that brings the pitfalls in office IT security to life. The series, titled The Inside Man, focuses on an IT security analyst starting a new job where no one suspects he’s already inside their most secure systems, or that sinister forces are pulling [...]

LI firm's cybersecurity software showcased in Washington (Newsday) Code Dx Inc.'s enterprise software is being displayed at the three-day DHS Science & Technology Cybersecurity and Innovation Showcase.

A connected approach to compromised mailbox security (Sophos News) Your mailbox is more valuable than ever to attackers, with 93% of company breaches in security now starting with a phishing email. Whether users are targeted to receive phishing emails, or they hav…

Guardsquare now Protects JavaScript Hybrid Mobile Apps (AP NEWS) Guardsquare, the global reference in mobile protection, announces that DexGuard now protects JavaScript hybrid mobile applications for Android.

Help AG to highlight benefits of zero trust cybersecurity approach (Intelligent CIO Middle East) While IT security spending in the Middle East, Turkey and Africa is expected to surpass US$2.7 billion this year, Help AG has warned that investments in security products alone will prove insufficient in protecting businesses.

Checkmarx to Secure Software Development at DOE National Laboratory (Business Wire) Checkmarx, the Software Exposure Platform for the enterprise, today announced that the U.S. Department of Energy’s Pacific Northwest National Laborato

New cyber security service helps protect Australian democracy (Microsoft News Centre Australia) With the Federal election on the horizon and NSW poll just days away it’s timely to reflect on the importance of democracy to all Australians and to take stock of how well we are able to protect our democratic rights and ...

Juniper Networks unveils ‘connected’ security architecture (Networks Asia) Partners with vendors such as Nutanix and Aruba to roll out new framework  

Google Open Sources Sandboxed API (SecurityWeek) Google has released its Sandboxed API as open source to make it easier for software developers to create secure products.

Cloudflare Launches New HTTPS Interception Detection Tools (SecurityWeek) Security services provider Cloudflare released MITMEngine and MALCOLM, two new tools that can be used for HTTPS interception detection.

DOSarrest Launches New Cloud Based Network Traffic Analyzer Service (PR Newswire) DOSarrest Internet Security announced today that they have released a new service offering called...

Technologies, Techniques, and Standards

How the Google and Facebook outages could impact application security (Help Net Security) With major outages impacting Gmail, YouTube, Facebook and Instagram this week, consumers are right to be concerned over the security of their private data.

DevOps at 10: Adoption across the enterprise would be the icing on the cake (Computing) As it passes the 10-year milestone DevOps no longer needs to explain itself, but it's still painful for some.

Silos and poor communication still hamper DevOps, warns XebiaLabs' Rob Vanstone (Computing) Focus on your ultimate goals, rather than on DevOps, advises Vantstone

The Future of Passwords Isn’t Looking Bright – But We Still Have to Secure Them (Security Boulevard) Many security and IT professionals consider passwords to be the weakest link in their company’s defenses – and that’s for a good reason. The lack of strong passwords, a failure to change (or rotate) passwords... The post The Future of Passwords Isn’t Looking Bright – But We Still Have to Secure Them appeared first on CyberArk.

Cyber risk management challenges are impacting the business (CSO Online) Organizations struggle with continuous monitoring, tracking the threat landscape, identifying sensitive data flows, and communication between cybersecurity and business executives.

A network is only as strong as its weakest shard (Help Net Security) It's becoming clear that sharding isn’t the ideal solution for enterprise-grade blockchains that demand speed and scale, according to Solana.

Raytheon CEO On Creating A Cyber-Safe Workplace (ChiefExecutive.net) Raytheon CEO Thomas Kennedy on what the CEO’s role is in creating a cyber-safe workspace and the role culture plays in creating a secure organization.

The Cognitive Science Behind Cybersecurity (American Security Today) Guest Editorial by Margaret Cunningham, Principal Research Scientist, Forcepoint Artificial intelligence, cognitive computing, and machine learning are among the most discussed technologies in the cybersecurity realm, but what do these solutions really mean to security professionals? Are they just buzzwords, or can they truly help commercial and public sector organizations achieve stronger and more intelligent …

RSA 2019: The Industry Grapples With Cybersecurity As A Business Strategy (Forbes) Analyst Chris Wilder provides his takeaway from the RSA 2019 cybersecurity conference.

Not All Context in Threat Intelligence is Created Equal (SecurityWeek) Threat intelligence on even the most groundbreaking, incisive findings is essentially pointless unless its intended consumers can truly understand it and how to action it.

There’s no malware on my PC, so why does Google redirect me to dodgy websites? (Security Boulevard) Ever clicked on a Google search result only to be directed to a dodgy website? Find out how malicious redirects work and what you can do about them. The post There’s no malware on my PC, so why does Google redirect me to dodgy websites?

From Traffic Cop to Fleet Manager, DLP Evolves Beyond the Perimeter (SecurityWeek) DLP has always been tricky to deploy and enforce, and most CISOs can freely regale stories of DLP promises and their subsequent failures.

Design and Innovation

Child-friendly search engines: How safe is Kiddle? (Naked Security) Kiddle and Kidrex are meant to deliver age-appropriate search results, filtering out internet nastiness. But how do they really stack up?

Academia

National security agencies renew Missouri S&T cybersecurity accreditation (The Rolla Daily News) Missouri University of Science and Technology has once again received accreditation as a National Center of Academic Excellence in Information Assurance

Murray State University obtains Palo Alto Networks Cybersecurity Academy certification (Murray Ledger and Times) Murray State University has obtained Palo Alto Networks Cybersecurity Academy certification, providing new opportunities for students in the university’s telecommunications systems management (TSM) program.

Legislation, Policy, and Regulation

As the Cyber War Grows: Is It Time to Strike Back? (Venafi) According to Venafi Survey, 87% of Security Professionals Say World is at Cyberwar

Pentagon to utilities: Uncle Sam wants you – but who do they really need (Control Global) Cyber Command is recruiting U.S. energy companies as partners in developing and a new strategy. However, the utility personnel Cyber Command wants are the engineers that know how to operate power plants and substations. However, they generally have no cyber security training or responsibility. Unfortunately, the bulk of the utility people associated with cyber security are compliance-focused without an understanding of the equipment used in power plants and the grid.

Five Eyes align zero day vulnerability procedures (Intelligence Online) Canada's Communications Security Establishment (CSE) and its Australian counterpart, the Australian Signals Directorate (ASD), published their procedures for handling zero-day

Law enforcement agencies across the EU prepare for major cross-border cyber-attacks (Europol) The possibility of a large-scale cyber-attack having serious repercussions in the physical world and crippling an entire sector or society, is no longer unthinkable. To prepare for major cross-border cyber-attacks, an EU Law Enforcement Emergency Response Protocol has been adopted by the Council of the European Union. The Protocol gives a central role to Europol’s European Cybercrime Centre (EC3) and is part of the EU Blueprint for Coordinated Response to Large-Scale Cross-Border Cybersecurity Incidents and Crises1.

DHS officials plan Europe trip to brief allies on election security, gather intel for 2020 - CyberScoop (CyberScoop) Department of Homeland Security officials plan to visit European allies to share lessons learned from defending the 2018 U.S. midterm elections, a top DHS official said Tuesday.

New DoD personnel system hires cyber workers faster but numbers small (Federal News Network) U.S. Cyber Command said the new Cyber Excepted Service has cut its time-to-hire by 60 percent. But so far, DoD has only used the new personnel system for a few hundred positions.

China wants to divide and rule in Europe (Times) President Xi Jinping can expect a hero’s welcome in Rome tomorrow since he ticks all of the populist government’s criteria for a strongman leader. How do we know this? Well, here’s a clue: the...

For Africa, Chinese-Built Internet Is Better Than No Internet at All (Foreign Policy) The need for web access has driven African countries to Huawei despite U.S. concerns.

Trump: UK's 5G plans put national security at risk (City A.M.) The UK’s plans for building a 5G mobile network are putting national security at risk, Trump officials have warned, as the US urges its allies not to

Chinese Rail Cars Spark Concern Over Cybersecurity (Government Technology) A bipartisan group of U.S. senators has introduced legislation that would prevent transit agencies from using federal funding for rail-car contracts with companies that are owned, controlled or subsidized by China.

U.S. Firms Are Helping Build China's Orwellian State (Foreign Policy) Tech partnerships are empowering new methods of control.

CYBERCOM wants money for its anti-ISIS efforts (Fifth Domain) Cyber Command has requested funds for supporting ongoing operations overseas in fiscal 2020.

CIA replaces outgoing tech lead with IBM official (Federal Times) The Central Intelligence Agency is tapping one of its former officers to serve as the new chief information officer.

Litigation, Investigation, and Law Enforcement

Google Offers Concessions on Eve of New EU Antitrust Rebuke (Wall Street Journal) Google plans to ask all Android smartphone users in Europe whether they want to switch to competing search engines or web browsers, one of two new concessions the search giant is offering to stave off complaints—and potential fines—from European Union antitrust regulators.

Google Fined $1.7 Billion in EU for Restricting Rivals’ Ads (Wall Street Journal) Alphabet’s Google was fined €1.49 billion ($1.7 billion) by the European Union for limiting how some websites could display ads sold by its rivals, the tech giant’s third antitrust penalty from the block since 2017.

Court: Embarrassing leaks of internal Facebook emails are fishy (Naked Security) The leaks point to a plot, a Calif. court said, ordering pikini app maker Six4Three to hand over its lawyers’ chats with the ICO.

Facebook Agrees to Change Ad Platform to Settle Discrimination Claims (New York Law Journal) As a result of the settlement, anyone seeking to place housing, employment or credit ads on Facebook will no longer be allowed to target consumers based on their age, gender or ZIP code.

Facebook Axes Age, Gender and Other Targeting for Some Sensitive Ads (Wall Street Journal) The social media giant is removing age, gender and ZIP Code targeting for housing, employment and credit-related ads as part of a settlement with advocacy groups and other plaintiffs.

In a humiliating climbdown, Facebook agrees to follow US laws (Register) Ad targeting system overhaul to stop landlords from discriminating based on race

Silence of the WANs: FBI DDoS-for-hire greaseball takedowns slash web flood attacks 'by 11%' (Register) Fed bust of massive attack network caused traffic loads to plummet in Q4

ThreatList: FBI Crackdown Led to 85 Percent Drop in DDoS Attack Size (Threatpost) The FBI's crackdown on 15 DDoS-for-hire sites appears to have had an impact on DDoS attacks, the average size for which dropped 85 percent in the fourth quarter of 2018, a new report found.

Largest DDoS-for-hire Websites Responsible for 11 Percent of Attacks Worldwide, According to Nexusguard Threat Report (BusinessWire) Nexusguard's Threat Report showed the FBI’s shutdown of the largest DDoS for hire vendors (“booters”) reduced the overall number of attacks worldwide.

Congressmen urge FBI to investigate bots targeting veterans with fake news (Stars and Stripes) A study from Oxford University in 2017 found Russian operatives used Twitter and Facebook to disseminate “junk news” to veterans and servicemembers.

Mueller sought Michael Cohen’s emails months before FBI raid, warrants show (Washington Post) Documents from the investigation of President Trump’s former attorney offer new insight into the early days of the Russia probe.

Kaspersky files antitrust complaint against Apple in Russia (ZDNet) After Spotify complained about Apple's unfair App Store policies to EU authorities, Kaspersky does the same in Russia.

Goths in China are posting selfies to protest discrimination (Quartzy) It all started when a Guangzhou woman was asked to remove her goth makeup at the entrance of a subway station.

Home DNA kit company now lets users opt out of FBI data sharing (Naked Security) FamilyTreeDNA has disclosed that it’s opened up DNA profiles to the FBI to help find suspects of violent crime.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

National Cyber League Spring Season (Various, February 25 - March 24, 2019) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...

2019 S&T Cybersecurity and Innovation Showcase (Washington, DC, USA, March 18 - 20, 2019) The 2019 S&T Cybersecurity and Innovation Showcase is a unique event for the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) to introduce its funded research projects to...

The Future of Quantum Computing, Quantum Cryptography and Quantum Sensors (Boston, Massachussetts, USA, March 19 - 21, 2019) This must-attend summit offers comprehensive insights into the commercial future of all areas of quantum technology presenting the opportunities available today and future applications in business and...

OSSEC Open Source Security Conference (Herndon, Virginia, USA, March 20 - 21, 2019) With tens of thousands of global users, OSSEC is the world’s most widely used open source host-based intrusion detection system. Join this exclusive event on March 20-21, 2019 at the Dulles Hilton in Herndon,...

KNOW 2019 (Las Vegas, Nevada, USA, March 24 - 27, 2019) The Future of Trust starts at KNOW 2019, the definitive event focused on the data economy. From Facebook and Equifax to GDPR, identity data is at the forefront of cybersecurity and regulation. KNOW is...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.