Cloudflare’s outage is rooted in an internal configuration error. The Trump administration is preparing a new national cyber strategy. CISA gives federal agencies a week to secure a new Fortinet flaw. MI5 warns that China is using LinkedIn headhunters and covert operatives to target lawmakers. Experts question the national security risks of TP-Link routers. The China-aligned PlushDaemon threat group hijacks software updates. Researchers discover WhatsApp’s entire global member directory accessible online without protection. LG Energy Solution confirms a ransomware attack. ShinySp1d3r makes its debut. Rotem Tsadok, Director of Security Operations and Forensics at Varonis, is sharing lessons learned from thousands of forensics investigations. A judge says Google’s claims to water use secrecy are all wet. 

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

On our Industry Voices segment, we are joined by Rotem Tsadok, Director of Security Operations and Forensics at Varonis, sharing lessons learned from thousands of forensics investigations. Listen to Rotem's full conversation here.

Selected Reading

Cloudflare blames this week's massive outage on database issues (Bleeping Computer)

National cyber strategy will include focus on ‘shaping adversary behavior,’ White House official says (The Record)

CISA gives govt agencies 7 days to patch new Fortinet flaw (Bleeping Computer)

Chinese Spies Are Using LinkedIn to Target U.K. Lawmakers, MI5 Warns (The New York Times)

No evidence that TP-Link routers are a Chinese security threat (CSO Online)

PlushDaemon compromises network devices for adversary-in-the-middle attacks (welivesecurity)

3.5 Billion Accounts: Complete WhatsApp Directory Retrieved and Evaluated (heise online)

LG Energy Solution reports ransomware attack, hackers claim theft of 1.7 terabytes of data (beyondmachines)

Meet ShinySp1d3r: New Ransomware-as-a-Service created by ShinyHunters (Bleeping Computer)

Google Strives To Keep Data Center Water Use Secret After Judge Orders Records Released (Roanoke Rambler)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.

Learn more about your ad choices. Visit megaphone.fm/adchoices